ProcessHacker.pdb
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
2024-10-14_5854b7c834be8cd43e9bd354024b4638_avoslocker.exe
Resource
win7-20240729-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
2024-10-14_5854b7c834be8cd43e9bd354024b4638_avoslocker.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
2024-10-14_5854b7c834be8cd43e9bd354024b4638_avoslocker
-
Size
2.0MB
-
MD5
5854b7c834be8cd43e9bd354024b4638
-
SHA1
9707b05d9247e11dd9bae6fed4b3624aef19d8d4
-
SHA256
04155cdfe18fd3eea14e5de852be2398b313238309325ca08954ec59bd2d5133
-
SHA512
e8fa02b9de430c55205fb95a9ada856631bba64f8e1eb5e75280d6da2a883e588717490d748c6a43154cc4c125d401b45767213705dbf3e7028489694759eec2
-
SSDEEP
49152:cS21ewyrUC77dbm1cUWuPcuGaON9RlwUkB3+:cS219y7C1cUW8cuzG9RlwL3
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2024-10-14_5854b7c834be8cd43e9bd354024b4638_avoslocker
Files
-
2024-10-14_5854b7c834be8cd43e9bd354024b4638_avoslocker.exe windows:6 windows x86 arch:x86
05afd4c490975bf4b008089578ae7d3e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
ntdll
NtTestAlert
NtPowerInformation
NtSetInformationToken
RtlSubAuthorityCountSid
RtlFreeSid
RtlTimeToSecondsSince1980
RtlSecondsSince1980ToTime
NtIsProcessInJob
RtlCreateSecurityDescriptor
RtlCreateAcl
RtlAddAccessAllowedAce
NtAcceptConnectPort
NtReplyWaitReceivePort
NtCompleteConnectPort
RtlSetDaclSecurityDescriptor
RtlSubAuthoritySid
NtCreatePort
RtlInitializeSid
RtlLengthRequiredSid
RtlValidRelativeSecurityDescriptor
RtlSelfRelativeToAbsoluteSD2
RtlValidSid
NtConnectPort
NtRequestWaitReplyPort
RtlAbsoluteToSelfRelativeSD
RtlLengthSid
NtCreateSection
RtlQueryElevationFlags
NtDeleteKey
NtReleaseSemaphore
NtSetHighEventPair
NtQueryEvent
NtQuerySemaphore
NtCancelTimer
NtPulseEvent
NtSetLowEventPair
NtOpenThreadToken
RtlGetFullPathName_U
NtCreateDirectoryObject
RtlGUIDFromString
NtDuplicateToken
RtlRandomEx
RtlTimeToTimeFields
RtlDosPathNameToNtPathName_U_WithStatus
RtlFreeUnicodeString
LdrUnloadDll
LdrFindResource_U
LdrLoadDll
RtlDestroyProcessParameters
RtlFindMessage
RtlStringFromGUID
NtQueryTimer
RtlNtStatusToDosError
RtlCreateUserProcess
RtlGetDaclSecurityDescriptor
RtlExpandEnvironmentStrings_U
LdrAccessResource
RtlUnicodeToMultiByteN
RtlUpcaseUnicodeChar
NtAllocateVirtualMemory
RtlReAllocateHeap
NtDelayExecution
RtlMultiByteToUnicodeN
RtlMultiByteToUnicodeSize
RtlCreateUserThread
RtlUnicodeToMultiByteSize
RtlInterlockedPopEntrySList
RtlGetVersion
RtlCreateTimerQueue
NtUnlockFile
NtSetInformationFile
NtLockFile
NtFlushBuffersFile
NtQueryInformationFile
NtGetContextThread
NtQueryKey
NtOpenProcessToken
NtOpenThread
RtlAppendUnicodeStringToString
NtOpenSymbolicLinkObject
NtEnumerateKey
NtUnloadDriver
NtEnumerateValueKey
NtQueueApcThread
RtlAppendUnicodeToString
RtlDestroyQueryDebugBuffer
NtOpenKey
RtlConvertSidToUnicodeString
NtQuerySymbolicLinkObject
RtlQueryProcessDebugInformation
NtOpenProcess
NtCreateNamedPipeFile
NtQueryInformationJobObject
NtSetSecurityObject
RtlQueryEnvironmentVariable_U
NtDeleteValueKey
NtQueryAttributesFile
NtOpenDirectoryObject
RtlGetUnloadEventTraceEx
NtFsControlFile
NtQueryDirectoryObject
NtAdjustGroupsToken
RtlCreateQueryDebugBuffer
NtLoadKeyEx
NtCreateKey
NtCreateFile
NtQueryDirectoryFile
NtOpenSection
NtQuerySecurityObject
NtSetValueKey
NtTerminateProcess
NtOpenFile
NtQueryValueKey
NtQueryFullAttributesFile
NtSetInformationObject
NtDeviceIoControlFile
NtReleaseKeyedEvent
NtWaitForKeyedEvent
NtCreateKeyedEvent
NtClearEvent
NtQueryObject
NtCreateSemaphore
RtlLengthSecurityDescriptor
RtlSetOwnerSecurityDescriptor
RtlGetControlSecurityDescriptor
RtlMapGenericMask
RtlGetSaclSecurityDescriptor
RtlGetOwnerSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlValidSecurityDescriptor
RtlSetControlSecurityDescriptor
RtlSetGroupSecurityDescriptor
NtSetTimer
NtCreateTimer
RtlNtStatusToDosErrorNoTeb
RtlUnwind
NtResetEvent
RtlIpv6AddressToStringW
RtlIpv4AddressToStringW
RtlFirstEntrySList
NtQueryInformationToken
RtlInterlockedFlushSList
RtlInitializeSListHead
RtlInterlockedPushEntrySList
RtlSecondsSince1970ToTime
RtlCreateHeap
RtlFreeHeap
RtlAllocateHeap
RtlDestroyHeap
NtProtectVirtualMemory
NtSetSystemInformation
NtWriteVirtualMemory
RtlEqualSid
NtCreateMutant
RtlSetCurrentDirectory_U
RtlSetUnhandledExceptionFilter
RtlExitUserProcess
NtAdjustPrivilegesToken
NtOpenMutant
NtSystemDebugControl
NtTerminateJobObject
NtAssignProcessToJobObject
NtQueryMutant
NtQueryVolumeInformationFile
NtMapViewOfSection
NtQuerySection
NtGetNextProcess
NtQueryVirtualMemory
RtlDeleteTimer
RtlCreateTimer
RtlUpdateTimer
RtlSetHeapInformation
RtlInitializeCriticalSection
NtQueryPerformanceCounter
RtlDeleteCriticalSection
RtlLeaveCriticalSection
RtlEnterCriticalSection
RtlDetermineDosPathNameType_U
NtWaitForMultipleObjects
NtSetEvent
NtCreateEvent
NtAlpcQueryInformation
NtReadVirtualMemory
NtReadFile
NtWriteFile
NtQueryInformationThread
NtQuerySystemInformation
NtSuspendProcess
NtResumeThread
NtWaitForSingleObject
NtSetInformationDebugObject
NtUnmapViewOfSection
RtlRaiseStatus
NtSetInformationProcess
NtShutdownSystem
NtDuplicateObject
NtInitiatePowerAction
NtClose
NtSetInformationThread
NtResumeProcess
NtTerminateThread
NtRemoveProcessDebug
NtQueryInformationProcess
NtSuspendThread
RtlCreateProcessParameters
NtFreeVirtualMemory
kernel32
DecodePointer
WriteConsoleW
CreateFileW
CloseHandle
FlushFileBuffers
GetProcessHeap
GetCommandLineW
GetCommandLineA
FindNextFileW
FindFirstFileExW
FindClose
WideCharToMultiByte
SetStdHandle
HeapReAlloc
GetOEMCP
GetACP
IsValidCodePage
MultiByteToWideChar
GetCPInfo
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
LCMapStringW
GetFileType
SetFilePointerEx
GetFileSizeEx
HeapAlloc
HeapFree
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
GetConsoleOutputCP
WriteFile
ReadConsoleW
GetConsoleMode
ReadFile
TlsFree
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryExA
GetProcAddress
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
HeapSize
GlobalSize
LocalAlloc
GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
LoadLibraryExW
GetDateFormatW
CreateProcessW
GetTimeFormatW
GetNumberFormatW
GetLocaleInfoW
SearchPathW
SetLastError
GetComputerNameW
TlsGetValue
TlsAlloc
TlsSetValue
FreeLibrary
SetProcessShutdownParameters
AllocConsole
GetConsoleWindow
FreeConsole
SetConsoleCtrlHandler
LocalFree
DeleteProcThreadAttributeList
UpdateProcThreadAttribute
GetLastError
InitializeProcThreadAttributeList
SetEndOfFile
Exports
Exports
PhAddComboBoxStrings
PhAddElementAvlTree
PhAddEntryHashtable
PhAddEntryHashtableEx
PhAddItemArray
PhAddItemList
PhAddItemPointerList
PhAddItemSimpleHashtable
PhAddItemsArray
PhAddItemsList
PhAddJsonArrayObject
PhAddJsonObject
PhAddLayoutItem
PhAddLayoutItemEx
PhAddListViewColumn
PhAddListViewGroup
PhAddListViewGroupItem
PhAddListViewItem
PhAddSetting
PhAddSettings
PhAddTabControlTab
PhAdjustRectangleToBounds
PhAdjustRectangleToWorkingArea
PhAllocate
PhAllocateExSafe
PhAllocateFromFreeList
PhAllocatePage
PhAllocateSafe
PhAppResolverGetAppIdForWindow
PhAppendBytesBuilder
PhAppendBytesBuilder2
PhAppendBytesBuilderEx
PhAppendCharStringBuilder
PhAppendCharStringBuilder2
PhAppendFormatStringBuilder
PhAppendFormatStringBuilder_V
PhAppendStringBuilder
PhAppendStringBuilder2
PhAppendStringBuilderEx
PhApplicationFont
PhAutoDereferenceObject
PhBoostProvider
PhBufferToHexString
PhBufferToHexStringEx
PhCenterRectangle
PhCenterWindow
PhClearArray
PhClearCacheDirectory
PhClearCircularBuffer_FLOAT
PhClearCircularBuffer_PVOID
PhClearCircularBuffer_ULONG
PhClearCircularBuffer_ULONG64
PhClearHashtable
PhClearIgnoredSettings
PhClearList
PhCompareStringRef
PhCompareStringZNatural
PhCompareUnicodeStringZIgnoreMenuPrefix
PhConcatStringRef2
PhConcatStringRef3
PhConcatStrings
PhConcatStrings2
PhConcatStrings_V
PhConnectPipe
PhConvertIgnoredSettings
PhConvertMultiByteToUtf16
PhConvertMultiByteToUtf16Ex
PhConvertUtf16ToAsciiEx
PhConvertUtf16ToMultiByte
PhConvertUtf16ToMultiByteEx
PhConvertUtf16ToUtf8
PhConvertUtf16ToUtf8Buffer
PhConvertUtf16ToUtf8Ex
PhConvertUtf16ToUtf8Size
PhConvertUtf8ToUtf16
PhConvertUtf8ToUtf16Buffer
PhConvertUtf8ToUtf16Ex
PhConvertUtf8ToUtf16Size
PhCopyBytesZ
PhCopyCircularBuffer_FLOAT
PhCopyCircularBuffer_PVOID
PhCopyCircularBuffer_ULONG
PhCopyCircularBuffer_ULONG64
PhCopyStringZ
PhCopyStringZFromBytes
PhCopyStringZFromMultiByte
PhCountStringZ
PhCreateAlloc
PhCreateBytes
PhCreateBytesEx
PhCreateCacheFile
PhCreateDialog
PhCreateDirectory
PhCreateEMenu
PhCreateEMenuItem
PhCreateFile
PhCreateFileStream
PhCreateFileStream2
PhCreateFileWin32
PhCreateFileWin32Ex
PhCreateHashtable
PhCreateJsonArray
PhCreateJsonObject
PhCreateJsonParser
PhCreateKey
PhCreateList
PhCreateNamedPipe
PhCreateObject
PhCreateObjectType
PhCreateObjectTypeEx
PhCreateOpenFileDialog
PhCreatePipe
PhCreatePointerList
PhCreateProcess
PhCreateProcessAsUser
PhCreateProcessWin32
PhCreateProcessWin32Ex
PhCreateSaveFileDialog
PhCreateSecurityPage
PhCreateSimpleHashtable
PhCreateString
PhCreateStringEx
PhCreateSymbolProvider
PhCreateThread
PhCreateThread2
PhCreateThreadEx
PhCreateXmlNode
PhCreateXmlOpaqueNode
PhDecodeUnicodeDecoder
PhDelayExecution
PhDeleteArray
PhDeleteAutoPool
PhDeleteBytesBuilder
PhDeleteCacheFile
PhDeleteCallback
PhDeleteCircularBuffer_FLOAT
PhDeleteCircularBuffer_PVOID
PhDeleteCircularBuffer_ULONG
PhDeleteCircularBuffer_ULONG64
PhDeleteDirectory
PhDeleteFastLock
PhDeleteFileWin32
PhDeleteFreeList
PhDeleteGraphState
PhDeleteImageVersionInfo
PhDeleteLayoutManager
PhDeleteProviderThread
PhDeleteStringBuilder
PhDeleteValueKey
PhDeleteWorkQueue
PhDereferenceObject
PhDereferenceObjectDeferDelete
PhDereferenceObjectEx
PhDereferenceObjects
PhDestroyEMenu
PhDestroyEMenuItem
PhDetermineDosPathNameType
PhDisconnectNamedPipe
PhDivideSinglesBySingle
PhDnsFree
PhDnsQuery
PhDnsQuery2
PhDoesFileExists
PhDoesFileExistsWin32
PhDosErrorToNtStatus
PhDrainAutoPool
PhDrawGraphDirect
PhDrawTrayIconText
PhDuplicateBytesZ
PhDuplicateBytesZSafe
PhDuplicateStringZ
PhEditSecurity
PhEllipsisString
PhEllipsisStringPath
PhEncodeUnicode
PhEnumAvlTree
PhEnumChildWindows
PhEnumDirectoryFile
PhEnumDirectoryObjects
PhEnumFileStreams
PhEnumGenericModules
PhEnumHandles
PhEnumHandlesEx
PhEnumHandlesEx2
PhEnumHashtable
PhEnumKernelModules
PhEnumObjectTypes
PhEnumPagefiles
PhEnumPointerListEx
PhEnumProcessEnvironmentVariables
PhEnumProcessModules
PhEnumProcessModules32
PhEnumProcessModules32Ex
PhEnumProcessModulesEx
PhEnumProcesses
PhEnumProcessesEx
PhEnumProcessesForSession
PhEnumServices
PhEnumWindows
PhEnumerateKey
PhEnumerateValueKey
PhEqualStringRef
PhEscapeCommandLinePart
PhEscapeStringForMenuPrefix
PhExpandEnvironmentStrings
PhExponentiate
PhExponentiate64
PhExtractIcon
PhExtractIconEx
PhFillMemoryUlong
PhFinalArrayItems
PhFinalBytesBuilderBytes
PhFinalHash
PhFinalStringBuilderString
PhFindCharInStringRef
PhFindEMenuItem
PhFindElementAvlTree
PhFindEntryHashtable
PhFindIntegerSiKeyValuePairs
PhFindItemList
PhFindItemPointerList
PhFindItemSimpleHashtable
PhFindLastCharInStringRef
PhFindListViewItemByFlags
PhFindListViewItemByParam
PhFindLoaderEntry
PhFindProcessInformation
PhFindProcessInformationByImageName
PhFindStringInStringRef
PhFindStringSiKeyValuePairs
PhFlushFileStream
PhFormat
PhFormatBytes
PhFormatBytes_V
PhFormatDate
PhFormatDateTime
PhFormatDecimal
PhFormatGuid
PhFormatImageVersionInfo
PhFormatNativeKeyName
PhFormatSize
PhFormatString
PhFormatString_V
PhFormatTime
PhFormatTimeSpan
PhFormatTimeSpanRelative
PhFormatToBuffer
PhFormatUInt64
PhFree
PhFreeFileDialog
PhFreeJsonParser
PhFreePage
PhFreeToFreeList
PhFreeXmlObject
PhGenerateGuid
PhGenerateGuidFromName
PhGenerateRandomAlphaString
PhGetAccessEntries
PhGetAccessString
PhGetApplicationDirectory
PhGetApplicationFileName
PhGetBaseDirectory
PhGetBaseName
PhGetClassObject
PhGetComboBoxString
PhGetDialogItemValue
PhGetDllFileName
PhGetDllHandle
PhGetDrawInfoGraphBuffers
PhGetEnabledProvider
PhGetEtwPublisherName
PhGetFileDialogFileName
PhGetFileDialogFilterIndex
PhGetFileDialogOptions
PhGetFileName
PhGetFilePosition
PhGetFileShellIcon
PhGetFileSize
PhGetFileVersionFixedInfo
PhGetFileVersionInfo
PhGetFileVersionInfoLangCodePage
PhGetFileVersionInfoString
PhGetFileVersionInfoString2
PhGetFullPath
PhGetGenericTreeNewLines
PhGetGlobalTimerQueue
PhGetGlobalWorkQueue
PhGetHandleInformation
PhGetHandleInformationEx
PhGetIntegerPairSetting
PhGetIntegerSetting
PhGetJobProcessIdList
PhGetJsonArrayIndexObject
PhGetJsonArrayLength
PhGetJsonArrayLong64
PhGetJsonArrayString
PhGetJsonObject
PhGetJsonObjectAsArrayList
PhGetJsonObjectBool
PhGetJsonObjectLength
PhGetJsonObjectType
PhGetJsonValueAsLong64
PhGetJsonValueAsString
PhGetKernelFileName
PhGetKnownLocation
PhGetLineFromAddress
PhGetListBoxString
PhGetListViewItemImageIndex
PhGetListViewItemParam
PhGetListViewItemText
PhGetMappedImageCfg
PhGetMappedImageCfgEntry
PhGetMappedImageExportFunction
PhGetMappedImageExports
PhGetMappedImageLoadConfig32
PhGetMappedImageLoadConfig64
PhGetMessage
PhGetModuleFromAddress
PhGetModuleProcAddress
PhGetNamedPipeClientComputerName
PhGetNamedPipeClientProcessId
PhGetNamedPipeServerProcessId
PhGetNtMessage
PhGetObjectSecurity
PhGetObjectType
PhGetObjectTypeInformation
PhGetOpaqueXmlNodeText
PhGetOwnTokenAttributes
PhGetPositionFileStream
PhGetPrimeNumber
PhGetProcedureAddress
PhGetProcedureAddressRemote
PhGetProcessCommandLine
PhGetProcessDepStatus
PhGetProcessDeviceMap
PhGetProcessEnvironment
PhGetProcessImageFileName
PhGetProcessImageFileNameByProcessId
PhGetProcessImageFileNameWin32
PhGetProcessIsDotNet
PhGetProcessIsDotNetEx
PhGetProcessMappedFileName
PhGetProcessPebString
PhGetProcessUnloadedDlls
PhGetProcessWindowTitle
PhGetProcessWorkingSetInformation
PhGetProcessWsCounters
PhGetScalableIntegerPairSetting
PhGetSeObjectSecurity
PhGetSelectedListViewItemParam
PhGetSelectedListViewItemParams
PhGetServiceConfig
PhGetServiceDelayedAutoStart
PhGetServiceDescription
PhGetServiceDllParameter
PhGetServiceErrorControlInteger
PhGetServiceErrorControlString
PhGetServiceNameFromTag
PhGetServiceStartTypeInteger
PhGetServiceStartTypeString
PhGetServiceStateString
PhGetServiceTypeInteger
PhGetServiceTypeString
PhGetSidFullName
PhGetStatusMessage
PhGetStockApplicationIcon
PhGetStringSetting
PhGetSymbolFromAddress
PhGetSymbolFromName
PhGetSystemDirectory
PhGetSystemRoot
PhGetThreadServiceTag
PhGetTokenGroups
PhGetTokenIntegrityLevel
PhGetTokenIntegrityLevelRID
PhGetTokenOwner
PhGetTokenPrimaryGroup
PhGetTokenPrivileges
PhGetTokenUser
PhGetTreeNewText
PhGetWin32Message
PhGetWindowContext
PhGetWindowText
PhGetWindowTextEx
PhGetXmlNodeAttributeByIndex
PhGetXmlNodeAttributeCount
PhGetXmlNodeAttributeText
PhGetXmlNodeElementText
PhGetXmlNodeFirstChild
PhGetXmlNodeNextChild
PhGlobalDpi
PhGraphStateGetDrawInfo
PhHashBytes
PhHashStringRef
PhHexStringToBuffer
PhHexStringToBufferEx
PhHttpDnsQuery
PhHttpSocketAddRequestHeaders
PhHttpSocketBeginRequest
PhHttpSocketConnect
PhHttpSocketCreate
PhHttpSocketDestroy
PhHttpSocketDownloadString
PhHttpSocketEndRequest
PhHttpSocketGetErrorMessage
PhHttpSocketParseUrl
PhHttpSocketQueryHeaderString
PhHttpSocketQueryHeaderUlong
PhHttpSocketQueryHeaders
PhHttpSocketQueryOptionString
PhHttpSocketReadData
PhHttpSocketReadDataToBuffer
PhHttpSocketSendRequest
PhHttpSocketSetCredentials
PhHttpSocketSetFeature
PhHttpSocketSetSecurity
PhHttpSocketWriteData
PhHungWindowFromGhostWindow
PhIconToBitmap
PhImpersonateClientOfNamedPipe
PhIndexOfEMenuItem
PhInitializeArray
PhInitializeAutoPool
PhInitializeAvlTree
PhInitializeBytesBuilder
PhInitializeCallback
PhInitializeCircularBuffer_FLOAT
PhInitializeCircularBuffer_PVOID
PhInitializeCircularBuffer_ULONG
PhInitializeCircularBuffer_ULONG64
PhInitializeFastLock
PhInitializeFreeList
PhInitializeGraphState
PhInitializeHash
PhInitializeImageVersionInfo
PhInitializeLayoutManager
PhInitializeMappedImage
PhInitializeProviderThread
PhInitializeStringBuilder
PhInitializeThemeWindowHeader
PhInitializeWindowTheme
PhInitializeWindowThemeRebar
PhInitializeWindowThemeStatusBar
PhInitializeWorkQueue
PhInitializeWorkQueueEnvironment
PhInsertEMenuItem
PhInsertItemList
PhInsertItemsList
PhInsertStringBuilder
PhInsertStringBuilder2
PhInsertStringBuilderEx
PhIntegerToString64
PhInvokeCallback
PhIsExecutablePacked
PhIsExecutingInWow64
PhLargeIntegerToLocalSystemTime
PhLargeIntegerToSystemTime
PhLayoutManagerLayout
PhListenNamedPipe
PhLoadAppKey
PhLoadIcon
PhLoadIndirectString
PhLoadLibrarySafe
PhLoadListViewColumnSettings
PhLoadListViewColumnsFromSetting
PhLoadListViewGroupStatesFromSetting
PhLoadListViewSortColumnsFromSetting
PhLoadMappedImage
PhLoadMappedImageEx
PhLoadModuleSymbolProvider
PhLoadModulesForProcessSymbolProvider
PhLoadResource
PhLoadResourceEMenuItem
PhLoadSettings
PhLoadWindowPlacementFromSetting
PhLoadXmlObjectFromFile
PhLocalTimeToSystemTime
PhLockFileStream
PhLookupName
PhLookupPrivilegeDisplayName
PhLookupPrivilegeName
PhLookupPrivilegeValue
PhLookupSid
PhLowerBoundElementAvlTree
PhLowerDualBoundElementAvlTree
PhMainWndHandle
PhMapFlags1
PhMapFlags2
PhMappedImageRvaToVa
PhMatchWildcards
PhMaximumElementAvlTree
PhMinimumElementAvlTree
PhModalPropertySheet
PhModifyEMenuItem
PhNtStatusFileNotFound
PhNtStatusToDosError
PhOpenKey
PhOpenLsaPolicy
PhOpenProcess
PhOpenProcessToken
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 435KB - Virtual size: 435KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 20KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.didat Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 210KB - Virtual size: 210KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 74KB - Virtual size: 73KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ