MalScore
100/100
MalFamily
Buzus

PathwayBuilderTool.exe

Is DLL Packer Anti Debug Anti VM Signed XOR
File details Download PDF Report
File type: PE32 executable (GUI) Intel 80386, for MS Windows
File size: 5506.64 KB (5638797 bytes)
Compile time: 2004-12-15 14:37:15
MD5: 2f63ecb9a538e8ce421a777c8cc26283
SHA1: 2c175d136dbcbf59127b7348e9d1976206ecdd73
SHA256: 244e34b652cab4ebd6d5d311cbdf1f720b89f75f47c95e8c064a9170bd9bdea9
Import hash: 46084168b412e051097ae39c055c9320
Sections 2 .text .res
Directories 2 import resource
First submission: 2022-01-06 08:00:10
Last submission: 2022-01-06 08:00:10
Filename detected: - PathwayBuilderTool.exe (1)
URL file hosting
hXXp://360down7.miiyun.cn/2019/06/12/PathwayBuilderTool.exeVirusTotal
Antivirus Report
Report Date Detection Ratio Permalink Update
No report available
PE Sections 0 suspicious
Name VAddress VSize Size MD5 SHA1
.text 0x1000 0x6000 24576 4a3277e374b1e953aa32bd78d6822652 c6129f421208c673d26758f4749569860c1e073f
.res 0x7000 0x495000 8192 4193674fda0510fde3889556211d5319 8d0fdc9c26a04426ba95905bbdc2940ec1238a74
Meta Info
No Meta found in this file
XOR
No XOR informations found in this file.
Signature
This file isn't digitally signed
Packer(s)
No packers found for this file
File found
FIle type: Data
unins000.dat
index.dat
hh.dat
FIle type: Linker File
&Uninstall Pathway Builder Tool 2.0.lnk
Uninstall Pathway Publisher 1.0.lnk
#Uninstall Pathway Publisher 1.0.lnk
PA~FVVQ1.LNK
UN~9BVZH.LNK
Pathway Publisher 1.0.lnk
Uninstall Pathway Builder Tool 2.0.lnk
UN~139KH.LNK
Pathway Builder Tool 2.0.lnk
PA~73839.LNK
FIle type: Adobe Flash
splash.swf
FIle type: Library
Wadvapi32.dll
USER32.dll
KERNEL32.dll
IP Found
No IP detected
URL(s)
http://www.proteinlounge.com
http://www.proteinlounge.com#00
Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven05_64 Seven05_64 VirtualBox 2022-01-06 07:51:04 2022-01-06 07:54:06 182

4 Behaviors detected by system signatures

Behavior analysis details
Machine name Machine label Machine manager Started Ended Duration
Seven05_64 Seven05_64 VirtualBox 2022-01-06 07:51:04 2022-01-06 07:54:06 182

8 Summary items with data

Files

C:\Users\Seven01\AppData\Local\Temp\PathwayBuilderTool.exe
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Users\Seven01\AppData\Local\Temp\Thinstall.lic
C:\Users\Seven01\AppData\Local\Temp\os_debug.dll
C:\Users\Seven01\AppData\Local\Temp\PathwayBuilderTool.*
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
C:\Users\Seven01\AppData\Roaming\Microsoft
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Start Menu
C:\Users\Seven01\Documents
C:\Users\Seven01\Favorites
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Recent
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\SendTo
C:\Users\Seven01\Desktop
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Network Shortcuts
C:\Windows\Fonts
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Templates
C:\ProgramData\Microsoft\Windows\Start Menu
C:\ProgramData
C:\ProgramData\Microsoft
C:\ProgramData\Microsoft\Windows\Start Menu\Programs
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
C:\Users\Public\Desktop
C:\Users\Seven01\AppData\Roaming
C:\Users\Seven01\AppData\Local
C:\Users\Seven01\AppData\Local\Temp\C?\Users\Seven01\AppData\Local
C:\Windows\System32
C:\Program Files (x86)
C:\Users\Seven01
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Printer Shortcuts
C:\Users\Seven01\AppData\Local\Microsoft\Windows\Temporary Internet Files
C:\Users\Seven01\AppData\Local\Microsoft
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Cookies
C:\Users\Seven01\AppData\Local\Microsoft\Windows\History
C:\Program Files (x86)\Common Files
C:\ProgramData\Microsoft\Windows\Templates
C:\Users\Public\Documents
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
C:\Users\Seven01\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
C:\Windows\resources
C:\Users\Seven01\AppData\Local\Microsoft\Windows\Burn\Burn
C:\Windows
C:\Users\Seven01\AppData\Local\Temp
C:\Users
C:\Users\Seven01\AppData
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP
C:\Users\Seven01\AppData\Local\Temp\Pathway.SEVEN05-PC
C:\Users\Seven01\AppData\Local\Temp\Pathway
C:\Users\Seven01\AppData\Local\Temp\Thinstall
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway.SEVEN05-PC
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.lck
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.lck.SEVEN05-PC.ffffffffafc
C:\Windows\Fonts\staticcache.dat
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.transact
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.tlog
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.tlog.cache
C:\
C:\Windows\winsxs\Manifests
C:\Windows\winsxs\Policies
C:\Windows\winsxs
C:\Program Files (x86)\ThinstallPlugins
C:\Users\Seven01\AppData\Local\Temp\WINMM.dll
C:\Windows\System32\winmm.dll
C:\Users\Seven01\AppData\Local\Temp\WSOCK32.dll
C:\Windows\System32\wsock32.dll
C:\Users\Seven01\AppData\Local\Temp\VERSION.dll
C:\Windows\System32\version.dll
C:\Users\Seven01\AppData\Local\Temp\KERNEL32.dll
C:\Windows\System32\kernel32.dll
C:\Windows\SysWOW64\kernel32.dll
C:\Users\Seven01\AppData\Local\Temp\USER32.dll
C:\Windows\System32\user32.dll
C:\Windows\SysWOW64\user32.dll
C:\Users\Seven01\AppData\Local\Temp\GDI32.dll
C:\Windows\System32\gdi32.dll
C:\Windows\SysWOW64\gdi32.dll
C:\Users\Seven01\AppData\Local\Temp\comdlg32.dll
C:\Windows\System32\comdlg32.dll
C:\Users\Seven01\AppData\Local\Temp\imm32.dll
C:\Windows\System32\imm32.dll

Read Files

C:\Users\Seven01\AppData\Local\Temp\PathwayBuilderTool.exe
C:\Windows\Globalization\Sorting\sortdefault.nls
C:\Users\Seven01\AppData\Local\Temp\Thinstall.lic
C:\Windows\Fonts\staticcache.dat
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.lck
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.transact
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.tlog
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.tlog.cache

Write Files

C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.lck.SEVEN05-PC.ffffffffafc
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.lck
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.transact
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.tlog
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.tlog.cache

Delete Files

C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.lck
C:\Users\Seven01\AppData\Local\Temp\Pathway_by_PP\Pathway\Registry.rw.tvr.lck.SEVEN05-PC.ffffffffafc

Keys

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\CustomLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it-IT
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\ExtendedLocale
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it-IT
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Programs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Personal
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Favorites
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Startup
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Recent
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\SendTo
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Start Menu
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Desktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\NetHood
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Fonts
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Programs
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Startup
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Desktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Favorites
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders\Common Favorites
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common AppData
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000\ProfileImagePath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\PrintHood
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cookies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Templates
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Documents
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Administrative Tools
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Administrative Tools
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\CD Burning
HKEY_CLASSES_ROOT\CLSID
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Locale\Alternate Sorts
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Nls\Language Groups
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000410
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Arial
HKEY_LOCAL_MACHINE\Software\Classes\CLSID
HKEY_LOCAL_MACHINE\Software
HKEY_LOCAL_MACHINE\Software\Thinstall
HKEY_LOCAL_MACHINE\Software\Thinstall\ProcessList
HKEY_LOCAL_MACHINE\Software\Thinstall\VirtualObjectNamespace
HKEY_LOCAL_MACHINE\Software\Thinstall\SxS
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\App Paths\pbtoolv2.exe

Read Keys

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\CustomLocale\it-IT
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\ExtendedLocale\it-IT
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Programs
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Personal
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Favorites
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Startup
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Recent
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\SendTo
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Start Menu
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Desktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\NetHood
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Fonts
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Templates
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Start Menu
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Programs
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Startup
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Desktop
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\AppData
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Local AppData
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Favorites
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\User Shell Folders\Common Favorites
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common AppData
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\ProgramFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-21-1822907384-1282624486-319450072-1000\ProfileImagePath
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\PrintHood
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cache
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Cookies
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\History
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\CommonFilesDir
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Templates
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Documents
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Shell Folders\Common Administrative Tools
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\Administrative Tools
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders\CD Burning
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Locale\00000410
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Nls\Language Groups\1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\Disable
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\DataStore_V1.0\DataFilePath
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane2
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane3
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane4
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane5
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane6
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane7
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane8
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane9
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane10
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane11
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane12
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane13
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane14
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane15
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\LanguagePack\SurrogateFallback\Plane16

Write Keys

Nothing to display

Delete Keys

Nothing to display

Mutexes

{B13025AA-896C-4CF7-B7BF-870C8AA5661C}_tlog_lock
{B13025AA-896C-4CF7-B7BF-870C8AA5661C}_tqmap_lock

Resolved APIs

kernel32.dll.SortGetHandle
kernel32.dll.SortCloseHandle
ntdll.dll.RtlUnicodeStringToAnsiString
ntdll.dll.RtlTryEnterCriticalSection
ntdll.dll.RtlSetCurrentDirectory_U
ntdll.dll.RtlNtStatusToDosError
ntdll.dll.RtlLeaveCriticalSection
ntdll.dll.RtlInitUnicodeString
ntdll.dll.RtlInitializeCriticalSection
ntdll.dll.RtlImageNtHeader
ntdll.dll.RtlFreeUnicodeString
ntdll.dll.RtlFreeAnsiString
ntdll.dll.RtlEqualUnicodeString
ntdll.dll.RtlEnterCriticalSection
ntdll.dll.RtlDosPathNameToNtPathName_U
ntdll.dll.RtlDestroyProcessParameters
ntdll.dll.RtlCreateProcessParameters
ntdll.dll.NtWriteVirtualMemory
ntdll.dll.NtUnmapViewOfSection
ntdll.dll.NtTerminateProcess
ntdll.dll.NtSetValueKey
ntdll.dll.NtSetInformationThread
ntdll.dll.NtSetInformationFile
ntdll.dll.NtSetEvent
ntdll.dll.NtSetDefaultLocale
ntdll.dll.NtResumeThread
ntdll.dll.NtReadFile
ntdll.dll.NtRaiseHardError
ntdll.dll.NtQueryVolumeInformationFile
ntdll.dll.NtQueryVirtualMemory
ntdll.dll.NtQueryValueKey
ntdll.dll.NtQuerySymbolicLinkObject
ntdll.dll.NtQuerySecurityObject
ntdll.dll.NtQuerySection
ntdll.dll.NtQueryKey
ntdll.dll.NtQueryInformationThread
ntdll.dll.NtQueryInformationProcess
ntdll.dll.NtQueryInformationFile
ntdll.dll.NtQueryFullAttributesFile
ntdll.dll.NtQueryDirectoryFile
ntdll.dll.NtQueryDefaultLocale
ntdll.dll.NtQueryAttributesFile
ntdll.dll.NtProtectVirtualMemory
ntdll.dll.NtOpenThread
ntdll.dll.NtOpenSymbolicLinkObject
ntdll.dll.NtOpenKey
ntdll.dll.NtOpenFile
ntdll.dll.NtMapViewOfSection
ntdll.dll.NtFlushKey
ntdll.dll.NtEnumerateValueKey
ntdll.dll.NtEnumerateKey
ntdll.dll.NtDeleteValueKey
ntdll.dll.NtDeleteKey
ntdll.dll.NtCreateThread
ntdll.dll.NtCreateSection
ntdll.dll.NtCreateProcess
ntdll.dll.NtCreateKey
ntdll.dll.NtCreateFile
ntdll.dll.NtClose
ntdll.dll.NtAllocateVirtualMemory
ntdll.dll.CsrFreeCaptureBuffer
ntdll.dll.CsrClientCallServer
ntdll.dll.CsrAllocateMessagePointer
oleaut32.dll.SafeArrayAccessData
oleaut32.dll.SafeArrayGetLBound
oleaut32.dll.SafeArrayGetUBound
oleaut32.dll.SafeArrayUnaccessData
oleaut32.dll.SysAllocString
oleaut32.dll.SysAllocStringLen
oleaut32.dll.SysFreeString
oleaut32.dll.SysStringLen
oleaut32.dll.VariantClear
gdi32.dll.AddFontResourceW
gdi32.dll.CombineRgn
gdi32.dll.CreateCompatibleDC
gdi32.dll.CreateDCA
gdi32.dll.CreateDIBitmap
gdi32.dll.CreateDIBSection
gdi32.dll.CreateFontIndirectW
gdi32.dll.CreateFontW
gdi32.dll.CreateRectRgn
gdi32.dll.CreateSolidBrush
gdi32.dll.DeleteDC
gdi32.dll.DeleteObject
gdi32.dll.ExtCreateRegion
gdi32.dll.GetObjectW
gdi32.dll.GetStockObject
gdi32.dll.GetTextCharset
gdi32.dll.LineTo
gdi32.dll.MoveToEx
gdi32.dll.RemoveFontResourceW
gdi32.dll.SelectObject
gdi32.dll.SetBkMode
gdi32.dll.SetDIBits
gdi32.dll.SetTextColor
gdi32.dll.BitBlt
kernel32.dll.FindFirstChangeNotificationW
kernel32.dll.FindFirstFileA
kernel32.dll.FindFirstFileExW
kernel32.dll.FindFirstFileW
kernel32.dll.FindNextFileA
kernel32.dll.FindNextFileW
kernel32.dll.FindResourceA
kernel32.dll.FindResourceW
kernel32.dll.FlushFileBuffers
kernel32.dll.FormatMessageA
kernel32.dll.FormatMessageW
kernel32.dll.FreeEnvironmentStringsA
kernel32.dll.FreeEnvironmentStringsW
kernel32.dll.FreeLibrary
kernel32.dll.GetACP
kernel32.dll.GetCommandLineA
kernel32.dll.GetCommandLineW
kernel32.dll.GetComputerNameW
kernel32.dll.GetConsoleCP
kernel32.dll.GetConsoleMode
kernel32.dll.GetConsoleOutputCP
kernel32.dll.GetCPInfo
kernel32.dll.GetCurrencyFormatA
kernel32.dll.GetCurrencyFormatW
kernel32.dll.GetCurrentDirectoryA
kernel32.dll.GetCurrentDirectoryW
kernel32.dll.GetCurrentProcess
kernel32.dll.GetCurrentProcessId
kernel32.dll.GetCurrentThread
kernel32.dll.GetCurrentThreadId
kernel32.dll.GetDateFormatA
kernel32.dll.GetDateFormatW
kernel32.dll.GetDiskFreeSpaceExW
kernel32.dll.GetDiskFreeSpaceW
kernel32.dll.GetDriveTypeW
kernel32.dll.GetEnvironmentStrings
kernel32.dll.GetEnvironmentStringsW
kernel32.dll.GetEnvironmentVariableA
kernel32.dll.GetEnvironmentVariableW
kernel32.dll.GetExitCodeProcess
kernel32.dll.GetExitCodeThread
kernel32.dll.GetFileAttributesExW
kernel32.dll.GetFileAttributesW
kernel32.dll.GetFileInformationByHandle
kernel32.dll.GetFileSize
kernel32.dll.GetFileTime
kernel32.dll.GetFileType
kernel32.dll.GetFullPathNameA
kernel32.dll.GetFullPathNameW
kernel32.dll.GetHandleInformation
kernel32.dll.GetLastError
kernel32.dll.GetLocaleInfoA
kernel32.dll.GetLocaleInfoW
kernel32.dll.GetLogicalDrives
kernel32.dll.GetLogicalDriveStringsA
kernel32.dll.GetLogicalDriveStringsW
kernel32.dll.GetModuleFileNameA
kernel32.dll.GetModuleFileNameW
kernel32.dll.GetModuleHandleA
kernel32.dll.GetModuleHandleW
kernel32.dll.GetNumberFormatA
kernel32.dll.GetNumberFormatW
kernel32.dll.GetOEMCP
kernel32.dll.GetPrivateProfileIntA
kernel32.dll.GetPrivateProfileIntW
kernel32.dll.GetPrivateProfileSectionA
kernel32.dll.GetPrivateProfileSectionNamesA
kernel32.dll.GetPrivateProfileSectionNamesW
kernel32.dll.GetPrivateProfileSectionW
kernel32.dll.GetPrivateProfileStringA
kernel32.dll.GetPrivateProfileStringW
kernel32.dll.GetPrivateProfileStructA
kernel32.dll.CreateFileA
kernel32.dll.GetProcAddress
kernel32.dll.GetProcessHeap
kernel32.dll.GetProfileIntA
kernel32.dll.GetProfileIntW
kernel32.dll.GetProfileSectionA
kernel32.dll.GetProfileSectionW
kernel32.dll.GetProfileStringA
kernel32.dll.GetProfileStringW
kernel32.dll.GetShortPathNameW
kernel32.dll.GetStartupInfoA
kernel32.dll.GetStartupInfoW
kernel32.dll.GetStdHandle
kernel32.dll.GetStringTypeA
kernel32.dll.GetStringTypeW
kernel32.dll.GetSystemDefaultLangID
kernel32.dll.GetSystemDefaultLCID
kernel32.dll.GetSystemDirectoryW
kernel32.dll.GetSystemInfo
kernel32.dll.GetSystemTime
kernel32.dll.GetSystemTimeAsFileTime
kernel32.dll.GetTempPathW
kernel32.dll.GetThreadContext
kernel32.dll.GetThreadLocale
kernel32.dll.GetTickCount
kernel32.dll.GetTimeFormatA
kernel32.dll.GetTimeFormatW
kernel32.dll.GetTimeZoneInformation
kernel32.dll.GetUserDefaultLangID
kernel32.dll.GetUserDefaultLCID
kernel32.dll.GetVersion
kernel32.dll.GetVersionExA
kernel32.dll.GetVersionExW
kernel32.dll.GetVolumeInformationW
kernel32.dll.GetWindowsDirectoryW
kernel32.dll.GlobalAlloc
kernel32.dll.GlobalFree
kernel32.dll.GlobalLock
kernel32.dll.GlobalUnlock
kernel32.dll.HeapAlloc
kernel32.dll.HeapCreate
kernel32.dll.HeapDestroy
kernel32.dll.HeapFree
kernel32.dll.HeapReAlloc
kernel32.dll.HeapSize
kernel32.dll.HeapValidate
kernel32.dll.InitializeCriticalSection
kernel32.dll.InitializeCriticalSectionAndSpinCount
kernel32.dll.IsDBCSLeadByteEx
kernel32.dll.IsDebuggerPresent
kernel32.dll.IsProcessorFeaturePresent
kernel32.dll.IsValidCodePage
kernel32.dll.IsValidLocale
kernel32.dll.LCMapStringA
kernel32.dll.LCMapStringW
kernel32.dll.FindFirstChangeNotificationA
kernel32.dll.LoadLibraryExA
kernel32.dll.LoadLibraryExW
kernel32.dll.LoadResource
kernel32.dll.LocalAlloc
kernel32.dll.LocalFree
kernel32.dll.LockResource
kernel32.dll.lstrcmpiW
kernel32.dll.lstrcpynA
kernel32.dll.lstrlenA
kernel32.dll.lstrlenW
kernel32.dll.MapViewOfFile
kernel32.dll.MapViewOfFileEx
kernel32.dll.MoveFileA
kernel32.dll.MoveFileExA
kernel32.dll.MoveFileExW
kernel32.dll.MoveFileW
kernel32.dll.MultiByteToWideChar
kernel32.dll.OpenEventA
kernel32.dll.OpenEventW
kernel32.dll.OpenFile
kernel32.dll.OpenFileMappingW
kernel32.dll.OpenMutexW
kernel32.dll.OpenProcess
kernel32.dll.OpenSemaphoreW
kernel32.dll.OutputDebugStringA
kernel32.dll.QueryDosDeviceW
kernel32.dll.QueryPerformanceCounter
kernel32.dll.QueryPerformanceFrequency
kernel32.dll.QueueUserAPC
kernel32.dll.RaiseException
kernel32.dll.ReadConsoleW
kernel32.dll.CreateEventW
kernel32.dll.ReadFileEx
kernel32.dll.ReadProcessMemory
kernel32.dll.ReleaseMutex
kernel32.dll.ReleaseSemaphore
kernel32.dll.RemoveDirectoryA
kernel32.dll.RemoveDirectoryW
kernel32.dll.ResumeThread
kernel32.dll.RtlUnwind
kernel32.dll.SearchPathA
kernel32.dll.SearchPathW
kernel32.dll.SetConsoleCtrlHandler
kernel32.dll.SetCurrentDirectoryA
kernel32.dll.SetCurrentDirectoryW
kernel32.dll.SetEndOfFile
kernel32.dll.SetEnvironmentVariableA
kernel32.dll.SetEnvironmentVariableW
kernel32.dll.SetEvent
kernel32.dll.SetFileAttributesA
kernel32.dll.SetFileAttributesW
kernel32.dll.SetFilePointer
kernel32.dll.SetFileTime
kernel32.dll.SetHandleCount
kernel32.dll.SetLastError
kernel32.dll.SetLocaleInfoA
kernel32.dll.SetLocaleInfoW
kernel32.dll.SetPriorityClass
kernel32.dll.SetProcessAffinityMask
kernel32.dll.SetProcessPriorityBoost
kernel32.dll.SetProcessWorkingSetSize
kernel32.dll.SetStdHandle
kernel32.dll.SetThreadAffinityMask
kernel32.dll.SetThreadContext
kernel32.dll.SetThreadIdealProcessor
kernel32.dll.SetThreadLocale
kernel32.dll.SetThreadPriority
kernel32.dll.SetThreadPriorityBoost
kernel32.dll.SetUnhandledExceptionFilter
kernel32.dll.SizeofResource
kernel32.dll.Sleep
kernel32.dll.SuspendThread
kernel32.dll.SystemTimeToFileTime
kernel32.dll.TerminateProcess
kernel32.dll.TerminateThread
kernel32.dll.TlsAlloc
kernel32.dll.TlsFree
kernel32.dll.TlsGetValue
kernel32.dll.TlsSetValue
kernel32.dll.UnhandledExceptionFilter
kernel32.dll.UnmapViewOfFile
kernel32.dll.VirtualAlloc
kernel32.dll.VirtualAllocEx
kernel32.dll.VirtualFree
kernel32.dll.VirtualFreeEx
kernel32.dll.VirtualProtect
kernel32.dll.VirtualProtectEx
kernel32.dll.VirtualQuery
kernel32.dll.VirtualQueryEx
kernel32.dll.WaitForDebugEvent
kernel32.dll.WaitForMultipleObjects
kernel32.dll.WaitForSingleObject
kernel32.dll.WideCharToMultiByte
kernel32.dll.WriteConsoleA
kernel32.dll.WriteConsoleW
kernel32.dll.WriteFile
kernel32.dll.WritePrivateProfileSectionA
kernel32.dll.WritePrivateProfileSectionW
kernel32.dll.WritePrivateProfileStringA
kernel32.dll.WritePrivateProfileStringW
kernel32.dll.WritePrivateProfileStructA
kernel32.dll.WritePrivateProfileStructW
kernel32.dll.WriteProcessMemory
kernel32.dll.WriteProfileStringA
kernel32.dll.WriteProfileStringW
kernel32.dll.CopyFileExW
kernel32.dll.EnumResourceNamesW
kernel32.dll.EnumSystemLocalesA
kernel32.dll.CreateEventA
kernel32.dll.CreateDirectoryW
kernel32.dll.CreateDirectoryExW
kernel32.dll.CreateDirectoryExA
kernel32.dll.CreateDirectoryA
kernel32.dll.CreateConsoleScreenBuffer
kernel32.dll.CopyFileW
kernel32.dll.CopyFileA
kernel32.dll.ContinueDebugEvent
kernel32.dll.CompareStringW
kernel32.dll.CompareStringA
kernel32.dll.CompareFileTime
kernel32.dll.CloseHandle
kernel32.dll.AddAtomW
kernel32.dll._lopen
kernel32.dll._lcreat
kernel32.dll.FindClose
kernel32.dll.FileTimeToSystemTime
kernel32.dll.FatalAppExitA
kernel32.dll.ExpandEnvironmentStringsW
kernel32.dll.ExitThread
kernel32.dll.ExitProcess
kernel32.dll.EnterCriticalSection
kernel32.dll.DuplicateHandle
kernel32.dll.DeleteFileW
kernel32.dll.DeleteFiber
kernel32.dll.DeleteCriticalSection
kernel32.dll.DebugBreak
kernel32.dll.DebugActiveProcess
kernel32.dll.CreateThread
kernel32.dll.CreateSemaphoreW
kernel32.dll.CreateRemoteThread
kernel32.dll.CreateProcessW
kernel32.dll.CreateProcessA
kernel32.dll.CreateNamedPipeW
kernel32.dll.CreateNamedPipeA
kernel32.dll.CreateMutexW
kernel32.dll.CreateFileW
kernel32.dll.CreateFileMappingW
kernel32.dll.LeaveCriticalSection
kernel32.dll.CreateFileMappingA
kernel32.dll.GetPrivateProfileStructW
kernel32.dll.ReadFile
advapi32.dll.SetServiceBits
advapi32.dll.SetSecurityDescriptorSacl
advapi32.dll.SetSecurityDescriptorOwner
advapi32.dll.SetSecurityDescriptorGroup
advapi32.dll.SetSecurityDescriptorDacl
advapi32.dll.SetNamedSecurityInfoW
advapi32.dll.SetFileSecurityW
advapi32.dll.SetFileSecurityA
advapi32.dll.SetEntriesInAclW
advapi32.dll.RegSetValueW
advapi32.dll.RegSetValueExW
advapi32.dll.RegSetValueExA
advapi32.dll.RegSetValueA
advapi32.dll.RegQueryValueW
advapi32.dll.RegQueryValueExW
advapi32.dll.RegQueryValueExA
advapi32.dll.RegQueryValueA
advapi32.dll.RegQueryInfoKeyW
advapi32.dll.RegOpenKeyW
advapi32.dll.RegOpenKeyExW
advapi32.dll.RegisterServiceCtrlHandlerW
advapi32.dll.RegisterServiceCtrlHandlerA
advapi32.dll.RegEnumValueW
advapi32.dll.RegEnumKeyExW
advapi32.dll.RegEnumKeyExA
advapi32.dll.RegDeleteValueW
advapi32.dll.RegDeleteValueA
advapi32.dll.RegDeleteKeyW
advapi32.dll.RegDeleteKeyA
advapi32.dll.RegCreateKeyExW
advapi32.dll.RegCloseKey
advapi32.dll.QueryServiceStatusEx
advapi32.dll.QueryServiceStatus
advapi32.dll.QueryServiceObjectSecurity
advapi32.dll.QueryServiceLockStatusW
advapi32.dll.QueryServiceLockStatusA
advapi32.dll.QueryServiceConfigW
advapi32.dll.QueryServiceConfigA
advapi32.dll.OpenThreadToken
advapi32.dll.OpenServiceW
advapi32.dll.OpenServiceA
advapi32.dll.OpenSCManagerW
advapi32.dll.OpenSCManagerA
advapi32.dll.OpenProcessToken
advapi32.dll.MapGenericMask
advapi32.dll.MakeSelfRelativeSD
advapi32.dll.MakeAbsoluteSD
advapi32.dll.LookupAccountNameW
advapi32.dll.LogonUserW
advapi32.dll.LogonUserA
advapi32.dll.LockServiceDatabase
advapi32.dll.IsValidSid
advapi32.dll.IsValidSecurityDescriptor
advapi32.dll.InitializeSecurityDescriptor
advapi32.dll.GetUserNameW
advapi32.dll.GetTokenInformation
advapi32.dll.GetSidSubAuthorityCount
advapi32.dll.GetSidSubAuthority
advapi32.dll.GetSidIdentifierAuthority
advapi32.dll.GetServiceKeyNameW
advapi32.dll.GetServiceKeyNameA
advapi32.dll.UnlockServiceDatabase
advapi32.dll.StartServiceW
advapi32.dll.StartServiceCtrlDispatcherW
advapi32.dll.StartServiceCtrlDispatcherA
advapi32.dll.StartServiceA
advapi32.dll.SetTokenInformation
advapi32.dll.SetServiceStatus
advapi32.dll.SetServiceObjectSecurity
advapi32.dll.GetSecurityInfo
advapi32.dll.GetSecurityDescriptorSacl
advapi32.dll.GetSecurityDescriptorOwner
advapi32.dll.GetSecurityDescriptorLength
advapi32.dll.GetSecurityDescriptorGroup
advapi32.dll.GetSecurityDescriptorDacl
advapi32.dll.GetSecurityDescriptorControl
advapi32.dll.GetNamedSecurityInfoW
advapi32.dll.GetLengthSid
advapi32.dll.GetFileSecurityW
advapi32.dll.FreeSid
advapi32.dll.EqualSid
advapi32.dll.EnumServicesStatusW
advapi32.dll.EnumServicesStatusExW
advapi32.dll.EnumServicesStatusExA
advapi32.dll.EnumServicesStatusA
advapi32.dll.EnumDependentServicesW
advapi32.dll.EnumDependentServicesA
advapi32.dll.DuplicateTokenEx
advapi32.dll.DuplicateToken
advapi32.dll.DeleteService
advapi32.dll.CryptVerifySignatureW
advapi32.dll.CryptSignHashW
advapi32.dll.CryptReleaseContext
advapi32.dll.CryptImportKey
advapi32.dll.CryptHashData
advapi32.dll.CryptGetHashParam
advapi32.dll.CryptDestroyKey
advapi32.dll.CryptDestroyHash
advapi32.dll.CryptCreateHash
advapi32.dll.CryptAcquireContextW
advapi32.dll.CreateServiceW
advapi32.dll.CreateServiceA
advapi32.dll.CreateProcessAsUserW
advapi32.dll.CreateProcessAsUserA
advapi32.dll.CopySid
advapi32.dll.ControlService
advapi32.dll.CloseServiceHandle
advapi32.dll.ChangeServiceConfigW
advapi32.dll.ChangeServiceConfigA
advapi32.dll.AllocateAndInitializeSid
advapi32.dll.GetServiceDisplayNameW
advapi32.dll.GetServiceDisplayNameA
ole32.dll.CoRegisterClassObject
ole32.dll.WriteClassStg
ole32.dll.StringFromGUID2
ole32.dll.StringFromCLSID
ole32.dll.StgOpenStorage
ole32.dll.OleUninitialize
ole32.dll.OleLoad
ole32.dll.OleGetAutoConvert
ole32.dll.OleDoAutoConvert
ole32.dll.OleCreate
ole32.dll.CLSIDFromString
ole32.dll.CoCreateGuid
ole32.dll.CoCreateInstance
ole32.dll.CoGetClassObject
ole32.dll.CoGetMalloc
ole32.dll.CoInitialize
ole32.dll.CoRevokeClassObject
ole32.dll.CoTaskMemAlloc
ole32.dll.CoTaskMemFree
ole32.dll.CoUninitialize
ole32.dll.CreateBindCtx
user32.dll.BeginPaint
user32.dll.CharLowerW
user32.dll.CharNextExA
user32.dll.CharUpperW
user32.dll.CloseClipboard
user32.dll.CloseDesktop
user32.dll.CloseWindowStation
user32.dll.CreateDialogParamW
user32.dll.CreateIconFromResource
user32.dll.CreateIconFromResourceEx
user32.dll.CreateWindowExW
user32.dll.DefWindowProcA
user32.dll.DefWindowProcW
user32.dll.DestroyMenu
user32.dll.DestroyWindow
user32.dll.DispatchMessageW
user32.dll.DrawIconEx
user32.dll.DrawTextW
user32.dll.EnableWindow
user32.dll.EndPaint
user32.dll.FillRect
user32.dll.FindWindowA
user32.dll.FindWindowW
user32.dll.GetClassInfoA
user32.dll.GetClassInfoW
user32.dll.GetClientRect
user32.dll.GetDC
user32.dll.GetDesktopWindow
user32.dll.GetDlgItem
user32.dll.GetMessageA
user32.dll.GetMessageW
user32.dll.GetParent
user32.dll.GetProcessWindowStation
user32.dll.GetSysColor
user32.dll.GetSysColorBrush
user32.dll.GetSystemMetrics
user32.dll.GetUserObjectInformationW
user32.dll.GetWindowLongW
user32.dll.GetWindowRect
user32.dll.GetWindowThreadProcessId
user32.dll.IsDialogMessageW
user32.dll.IsWindow
user32.dll.IsWindowVisible
user32.dll.KillTimer
user32.dll.LoadCursorFromFileA
user32.dll.LoadCursorFromFileW
user32.dll.LoadCursorW
user32.dll.LoadIconW
user32.dll.LoadImageA
user32.dll.LoadImageW
user32.dll.LoadMenuA
user32.dll.LoadMenuW
user32.dll.LoadStringW
user32.dll.LookupIconIdFromDirectoryEx
user32.dll.MessageBoxA
user32.dll.MessageBoxW
user32.dll.OpenClipboard
user32.dll.OpenDesktopW
user32.dll.OpenInputDesktop
user32.dll.OpenWindowStationW
user32.dll.PeekMessageA
user32.dll.PeekMessageW
user32.dll.PostQuitMessage
user32.dll.RedrawWindow
user32.dll.RegisterClassExW
user32.dll.RegisterClassW
user32.dll.ReleaseCapture
user32.dll.ReleaseDC
user32.dll.SendMessageA
user32.dll.SendMessageW
user32.dll.SetCapture
user32.dll.SetClipboardData
user32.dll.SetCursor
user32.dll.SetProcessWindowStation
user32.dll.SetRect
user32.dll.SetTimer
user32.dll.SetUserObjectSecurity
user32.dll.SetWindowLongW
user32.dll.SetWindowPos
user32.dll.SetWindowRgn
user32.dll.SetWindowsHookExA
user32.dll.SetWindowsHookExW
user32.dll.ShowWindow
user32.dll.SystemParametersInfoW
user32.dll.TranslateMessage
user32.dll.UnregisterClassW
user32.dll.WaitForInputIdle
user32.dll.WinHelpA
user32.dll.WinHelpW
user32.dll.wvsprintfW
kernel32.dll.FlsAlloc
kernel32.dll.FlsGetValue
kernel32.dll.FlsSetValue
kernel32.dll.FlsFree
kernelbase.dll.OpenThread
uxtheme.dll.ThemeInitApiHook
user32.dll.IsProcessDPIAware
dwmapi.dll.DwmIsCompositionEnabled
ntdll.dll.LdrLockLoaderLock
ntdll.dll.LdrUnlockLoaderLock
kernel32.dll.ActivateActCtx
kernel32.dll.AddRefActCtx
kernel32.dll.CreateActCtxW
kernelbase.dll.CreateMutexExW
kernel32.dll.DeactivateActCtx
kernel32.dll.FindActCtxSectionStringW
kernelbase.dll.GetComputerNameExW
kernel32.dll.GetDllDirectoryW
kernelbase.dll.GetFileMUIInfo
kernelbase.dll.GetLongPathNameW
kernelbase.dll.GetModuleHandleExW
kernelbase.dll.GetSystemDefaultUILanguage
kernelbase.dll.GetSystemWindowsDirectoryW
kernelbase.dll.GetThreadPreferredUILanguages
kernelbase.dll.GetUserDefaultUILanguage
kernelbase.dll.IsWow64Process
kernelbase.dll.LocaleNameToLCID
kernelbase.dll.LockFileEx
kernel32.dll.QueryActCtxW
kernel32.dll.ReleaseActCtx
kernel32.dll.SetDllDirectoryW
kernelbase.dll.SetFilePointerEx
kernelbase.dll.UnlockFileEx
cryptsp.dll.CryptAcquireContextA
cryptsp.dll.CryptImportKey
cryptsp.dll.CryptCreateHash
cryptsp.dll.CryptHashData
cryptsp.dll.CryptDestroyHash
cryptsp.dll.CryptDestroyKey
cryptsp.dll.CryptReleaseContext
kernel32.dll.InitializeSListHead
kernel32.dll.InterlockedPushEntrySList
kernel32.dll.InterlockedPopEntrySList
kernelbase.dll.FindFirstChangeNotificationW
kernelbase.dll.FindFirstFileA
kernelbase.dll.FindFirstFileExW
kernelbase.dll.FindFirstFileW
kernelbase.dll.FindNextFileA
kernelbase.dll.FindNextFileW
kernelbase.dll.FlushFileBuffers
kernelbase.dll.FormatMessageA
kernelbase.dll.FormatMessageW
kernelbase.dll.FreeEnvironmentStringsA
kernelbase.dll.FreeEnvironmentStringsW
kernelbase.dll.FreeLibrary
kernelbase.dll.GetACP
kernelbase.dll.GetCommandLineA
kernelbase.dll.GetCommandLineW
kernelbase.dll.GetCPInfo
kernelbase.dll.GetCurrencyFormatW
kernelbase.dll.GetCurrentDirectoryA
kernelbase.dll.GetCurrentDirectoryW
kernelbase.dll.GetCurrentProcess
kernelbase.dll.GetCurrentProcessId
kernelbase.dll.GetCurrentThread
kernelbase.dll.GetCurrentThreadId
kernelbase.dll.GetDiskFreeSpaceExW
kernelbase.dll.GetDiskFreeSpaceW
kernelbase.dll.GetDriveTypeW
kernelbase.dll.GetEnvironmentStrings
kernelbase.dll.GetEnvironmentStringsW
kernelbase.dll.GetEnvironmentVariableA
kernelbase.dll.GetEnvironmentVariableW
kernelbase.dll.GetExitCodeProcess
kernelbase.dll.GetExitCodeThread
kernelbase.dll.GetFileAttributesExW
kernelbase.dll.GetFileAttributesW
kernelbase.dll.GetFileInformationByHandle
kernelbase.dll.GetFileSize
kernelbase.dll.GetFileTime
kernelbase.dll.GetFileType
kernelbase.dll.GetFullPathNameA
kernelbase.dll.GetFullPathNameW
kernelbase.dll.GetHandleInformation
kernelbase.dll.GetLastError
kernelbase.dll.GetLocaleInfoA
kernelbase.dll.GetLocaleInfoW
kernelbase.dll.GetLogicalDrives
kernelbase.dll.GetLogicalDriveStringsW
kernelbase.dll.GetModuleFileNameA
kernelbase.dll.GetModuleFileNameW
kernelbase.dll.GetModuleHandleA
kernelbase.dll.GetModuleHandleW
kernelbase.dll.GetNumberFormatW
kernelbase.dll.GetOEMCP
kernelbase.dll.CreateFileA
kernelbase.dll.GetProcAddress
kernelbase.dll.GetProcessHeap
kernelbase.dll.GetShortPathNameW
kernelbase.dll.GetStartupInfoW
kernelbase.dll.GetStdHandle
kernelbase.dll.GetStringTypeA
kernelbase.dll.GetStringTypeW
kernelbase.dll.GetSystemDefaultLangID
kernelbase.dll.GetSystemDefaultLCID
kernelbase.dll.GetSystemDirectoryW
kernelbase.dll.GetSystemInfo
kernelbase.dll.GetSystemTime
kernelbase.dll.GetSystemTimeAsFileTime
kernelbase.dll.GetThreadLocale
kernelbase.dll.GetTickCount
kernelbase.dll.GetTimeZoneInformation
kernelbase.dll.GetUserDefaultLangID
kernelbase.dll.GetUserDefaultLCID
kernelbase.dll.GetVersion
kernelbase.dll.GetVersionExA
kernelbase.dll.GetVersionExW
kernelbase.dll.GetVolumeInformationW
kernelbase.dll.GetWindowsDirectoryW
kernelbase.dll.GlobalAlloc
kernelbase.dll.GlobalFree
kernelbase.dll.HeapAlloc
ntdll.dll.RtlAllocateHeap
kernelbase.dll.HeapCreate
kernelbase.dll.HeapDestroy
kernelbase.dll.HeapFree
ntdll.dll.RtlFreeHeap
kernelbase.dll.HeapReAlloc
ntdll.dll.RtlReAllocateHeap
kernelbase.dll.HeapSize
ntdll.dll.RtlSizeHeap
kernelbase.dll.HeapValidate
kernelbase.dll.InitializeCriticalSection
kernelbase.dll.InitializeCriticalSectionAndSpinCount
kernelbase.dll.IsDBCSLeadByteEx
kernelbase.dll.IsDebuggerPresent
kernelbase.dll.IsValidCodePage
kernelbase.dll.IsValidLocale
kernelbase.dll.LCMapStringA
kernelbase.dll.LCMapStringW
kernelbase.dll.FindFirstChangeNotificationA
kernelbase.dll.LoadLibraryExA
kernelbase.dll.LoadLibraryExW
kernelbase.dll.LoadResource
kernelbase.dll.LocalAlloc
kernelbase.dll.LocalFree
kernelbase.dll.LockResource
kernelbase.dll.lstrcmpiW
kernelbase.dll.lstrcpynA
kernelbase.dll.lstrlenA
kernelbase.dll.lstrlenW
kernelbase.dll.MapViewOfFile
kernelbase.dll.MapViewOfFileEx
kernelbase.dll.MultiByteToWideChar
kernelbase.dll.OpenEventA
kernelbase.dll.OpenEventW
kernelbase.dll.OpenFileMappingW
kernelbase.dll.OpenMutexW
kernelbase.dll.OpenProcess
kernelbase.dll.OpenSemaphoreW
kernelbase.dll.OutputDebugStringA
kernelbase.dll.QueryDosDeviceW
kernelbase.dll.QueryPerformanceCounter
ntdll.dll.RtlQueryPerformanceCounter
kernelbase.dll.QueryPerformanceFrequency
ntdll.dll.RtlQueryPerformanceFrequency
kernelbase.dll.QueueUserAPC
kernelbase.dll.RaiseException
kernelbase.dll.CreateEventW
kernelbase.dll.ReadFileEx
kernelbase.dll.ReadProcessMemory
kernelbase.dll.ReleaseMutex
kernelbase.dll.ReleaseSemaphore
kernelbase.dll.RemoveDirectoryA
kernelbase.dll.RemoveDirectoryW
kernelbase.dll.ResumeThread
ntdll.dll.RtlUnwind
kernelbase.dll.SearchPathW
kernelbase.dll.SetCurrentDirectoryA
kernelbase.dll.SetCurrentDirectoryW
kernelbase.dll.SetEndOfFile
kernelbase.dll.SetEnvironmentVariableA
kernelbase.dll.SetEnvironmentVariableW
kernelbase.dll.SetEvent
kernelbase.dll.SetFileAttributesA
kernelbase.dll.SetFileAttributesW
kernelbase.dll.SetFilePointer
kernelbase.dll.SetFileTime
kernelbase.dll.SetHandleCount
kernelbase.dll.SetLastError
ntdll.dll.RtlSetLastWin32Error
kernelbase.dll.SetLocaleInfoW
kernelbase.dll.SetPriorityClass
kernelbase.dll.SetStdHandle
kernelbase.dll.SetThreadLocale
kernelbase.dll.SetThreadPriority
kernelbase.dll.SetThreadPriorityBoost
kernelbase.dll.SizeofResource
kernelbase.dll.Sleep
kernelbase.dll.SuspendThread
kernelbase.dll.SystemTimeToFileTime
kernelbase.dll.TerminateProcess
kernelbase.dll.TerminateThread
kernelbase.dll.TlsAlloc
kernelbase.dll.TlsFree
kernelbase.dll.TlsGetValue
kernelbase.dll.TlsSetValue
kernelbase.dll.UnmapViewOfFile
kernelbase.dll.VirtualAlloc
kernelbase.dll.VirtualAllocEx
kernelbase.dll.VirtualFree
kernelbase.dll.VirtualFreeEx
kernelbase.dll.VirtualProtect
kernelbase.dll.VirtualProtectEx
kernelbase.dll.VirtualQuery
kernelbase.dll.VirtualQueryEx
kernelbase.dll.WaitForSingleObject
kernelbase.dll.WideCharToMultiByte
kernelbase.dll.WriteFile
kernelbase.dll.WriteProcessMemory
kernelbase.dll.EnumSystemLocalesA
kernelbase.dll.CreateEventA
kernelbase.dll.CreateDirectoryW
kernelbase.dll.CreateDirectoryA
kernelbase.dll.CompareStringW
kernelbase.dll.CompareStringA
kernelbase.dll.CompareFileTime
kernelbase.dll.CloseHandle
kernelbase.dll.FindClose
kernelbase.dll.FileTimeToSystemTime
kernelbase.dll.FatalAppExitA
kernelbase.dll.ExpandEnvironmentStringsW
kernelbase.dll.ExitThread
ntdll.dll.RtlExitUserThread
kernelbase.dll.ExitProcess
kernelbase.dll.EnterCriticalSection
kernelbase.dll.DuplicateHandle
kernelbase.dll.DeleteFileW
kernelbase.dll.DeleteCriticalSection
ntdll.dll.RtlDeleteCriticalSection
kernelbase.dll.DebugBreak
kernelbase.dll.CreateThread
kernelbase.dll.CreateRemoteThread
kernelbase.dll.CreateNamedPipeW
kernelbase.dll.CreateMutexW
kernelbase.dll.CreateFileW
kernelbase.dll.CreateFileMappingW
kernelbase.dll.LeaveCriticalSection
kernelbase.dll.ReadFile
kernelbase.dll.SetSecurityDescriptorSacl
kernelbase.dll.SetSecurityDescriptorOwner
kernelbase.dll.SetSecurityDescriptorGroup
kernelbase.dll.SetSecurityDescriptorDacl
kernelbase.dll.SetFileSecurityW
kernel32.dll.RegSetValueExW
kernel32.dll.RegSetValueExA
kernel32.dll.RegQueryValueExW
kernel32.dll.RegQueryValueExA
kernel32.dll.RegQueryInfoKeyW
kernel32.dll.RegOpenKeyExW
sechost.dll.RegisterServiceCtrlHandlerW
sechost.dll.RegisterServiceCtrlHandlerA
kernel32.dll.RegEnumValueW
kernel32.dll.RegEnumKeyExW
kernel32.dll.RegEnumKeyExA
kernel32.dll.RegDeleteValueW
kernel32.dll.RegDeleteValueA
kernel32.dll.RegCreateKeyExW
kernel32.dll.RegCloseKey
sechost.dll.QueryServiceStatusEx
sechost.dll.QueryServiceStatus
sechost.dll.QueryServiceObjectSecurity
sechost.dll.QueryServiceConfigW
sechost.dll.QueryServiceConfigA
kernelbase.dll.OpenThreadToken
sechost.dll.OpenServiceW
sechost.dll.OpenServiceA
sechost.dll.OpenSCManagerW
sechost.dll.OpenSCManagerA
kernelbase.dll.OpenProcessToken
kernelbase.dll.MapGenericMask
kernelbase.dll.MakeSelfRelativeSD
kernelbase.dll.MakeAbsoluteSD
kernelbase.dll.IsValidSid
kernelbase.dll.IsValidSecurityDescriptor
kernelbase.dll.InitializeSecurityDescriptor
kernelbase.dll.GetTokenInformation
kernelbase.dll.GetSidSubAuthorityCount
kernelbase.dll.GetSidSubAuthority
kernelbase.dll.GetSidIdentifierAuthority
sechost.dll.StartServiceW
sechost.dll.StartServiceCtrlDispatcherW
sechost.dll.StartServiceCtrlDispatcherA
sechost.dll.StartServiceA
kernelbase.dll.SetTokenInformation
sechost.dll.SetServiceStatus
sechost.dll.SetServiceObjectSecurity
kernelbase.dll.GetSecurityDescriptorSacl
kernelbase.dll.GetSecurityDescriptorOwner
kernelbase.dll.GetSecurityDescriptorLength
kernelbase.dll.GetSecurityDescriptorGroup
kernelbase.dll.GetSecurityDescriptorDacl
kernelbase.dll.GetSecurityDescriptorControl
kernelbase.dll.GetLengthSid
kernelbase.dll.GetFileSecurityW
kernelbase.dll.FreeSid
kernelbase.dll.EqualSid
kernelbase.dll.DuplicateTokenEx
kernelbase.dll.DuplicateToken
sechost.dll.DeleteService
sechost.dll.CreateServiceW
sechost.dll.CreateServiceA
kernel32.dll.CreateProcessAsUserW
kernelbase.dll.CopySid
sechost.dll.ControlService
sechost.dll.CloseServiceHandle
sechost.dll.ChangeServiceConfigW
sechost.dll.ChangeServiceConfigA
kernelbase.dll.AllocateAndInitializeSid
kernel32.dll.GetLongPathNameW
kernel32.dll.GetLongPathNameA
kernel32.dll.GetSystemWindowsDirectoryW
sechost.dll.LookupAccountNameLocalW
cryptbase.dll.SystemFunction036
oleaut32.dll.#500
gdi32.dll.GetLayout
gdi32.dll.GdiRealizationInfo
gdi32.dll.FontIsLinked
gdi32.dll.GetFontAssocStatus
gdi32.dll.GetTextFaceAliasW
gdi32.dll.GdiIsMetaPrintDC
kernel32.dll.RegOpenUserClassesRoot
kernel32.dll.RegOpenCurrentUser
kernel32.dll.RegCreateKeyExA
kernel32.dll.RegOpenKeyExA
kernel32.dll.RegDeleteKeyExA
kernel32.dll.RegDeleteKeyExW
kernel32.dll.RegQueryInfoKeyA
kernel32.dll.RegEnumValueA
kernel32.dll.RegSetKeySecurity
kernel32.dll.RegNotifyChangeKeyValue
kernel32.dll.RegGetValueA
kernel32.dll.RegGetValueW
kernel32.dll.GetTempFileNameA
kernelbase.dll.GetTempFileNameW
kernelbase.dll.DeleteFileA
kernel32.dll._lread
kernel32.dll._hread
kernel32.dll._llseek
kernelbase.dll.GetFileSizeEx
kernel32.dll.MoveFileWithProgressA
kernel32.dll.MoveFileWithProgressW
kernel32.dll.CopyFileExA
kernel32.dll.ReplaceFileA
kernel32.dll.ReplaceFileW
kernel32.dll.ReplaceFile
kernelbase.dll.FindFirstFileExA
kernelbase.dll.GetDiskFreeSpaceExA
kernelbase.dll.GetFileAttributesA
kernelbase.dll.GetFileAttributesExA
kernelbase.dll.GetLongPathNameA
kernel32.dll.GetShortPathNameA
sechost.dll.RegisterServiceCtrlHandlerExA
sechost.dll.RegisterServiceCtrlHandlerExW
sechost.dll.ChangeServiceConfig2A
sechost.dll.ChangeServiceConfig2W
sechost.dll.QueryServiceConfig2A
sechost.dll.QueryServiceConfig2W
kernelbase.dll.GetDriveTypeA
kernel32.dll.GetVolumeInformationA
kernelbase.dll.GetModuleHandleExA
kernel32.dll.LoadLibraryA
kernel32.dll.LoadLibraryW
kernelbase.dll.FreeLibraryAndExitThread
kernelbase.dll.DisableThreadLibraryCalls
kernel32.dll.GetDllDirectoryA
kernel32.dll.SetDllDirectoryA
kernel32.dll.GetComputerNameA
kernelbase.dll.GetComputerNameExA
ntdll.dll.TpAllocWork
ntdll.dll.TpPostWork
ntdll.dll.TpCallbackUnloadDllOnCompletion
ntdll.dll.TpReleaseWork
kernel32.dll.CreateActCtxA
kernel32.dll.FindActCtxSectionGuid
kernelbase.dll.OutputDebugStringW
kernel32.dll.OpenFileMappingA
kernel32.dll.OpenMutexA
kernelbase.dll.CreateMutexA
kernelbase.dll.CreateMutexExA
kernel32.dll.OpenSemaphoreA
kernel32.dll.CreateSemaphoreA
kernelbase.dll.VirtualAllocExNuma
kernel32.dll.AllocateUserPhysicalPages
kernel32.dll.AllocateUserPhysicalPagesNuma
kernel32.dll.FreeUserPhysicalPages
kernel32.dll.DebugBreakProcess
kernel32.dll.SetProcessWorkingSetSizeEx
kernelbase.dll.CreateRemoteThreadEx
gdi32.dll.AddFontResourceExW
gdi32.dll.RemoveFontResourceExW
kernel32.dll.CreateToolhelp32Snapshot
kernel32.dll.Module32FirstW
kernel32.dll.Module32NextW
kernel32.dll.Module32First
kernel32.dll.Module32Next
kernel32.dll.WinExec
kernel32.dll.CreateJobObjectW
kernel32.dll.CreateJobObjectA
kernel32.dll.OpenJobObjectA
kernel32.dll.OpenJobObjectW
advapi32.dll.CreateProcessWithTokenW
kernel32.dll.GetNextVDMCommand
kernel32.dll.GetCPInfoExA
kernelbase.dll.GetCPInfoExW
kernelbase.dll.IsDBCSLeadByte
kernelbase.dll.GetSystemDefaultLocaleName
kernelbase.dll.GetUserDefaultLocaleName
kernelbase.dll.GetLocaleInfoEx
kernelbase.dll.GetNumberFormatEx
kernelbase.dll.GetCurrencyFormatEx
kernel32.dll.GetTimeFormatEx
kernel32.dll.GetDateFormatEx
kernel32.dll.EnumResourceLanguagesA
kernel32.dll.EnumResourceLanguagesW
kernel32.dll.EnumResourceNamesA
kernel32.dll.EnumResourceTypesA
kernel32.dll.EnumResourceTypesW
kernel32.dll.FindResourceExA
kernelbase.dll.FindResourceExW
kernel32.dll.AddVectoredExceptionHandler
secur32.dll.AcquireCredentialsHandleW
secur32.dll.AcquireCredentialsHandleA
secur32.dll.InitSecurityInterfaceW
secur32.dll.InitSecurityInterfaceA
msvcrt.dll._acmdln
psapi.dll.EnumProcessModules
winmm.dll.timeGetTime
winmm.dll.mixerClose
winmm.dll.mixerGetDevCapsA
winmm.dll.mciSendStringA
winmm.dll.mciGetErrorStringA
winmm.dll.mciSendCommandA
winmm.dll.mixerGetNumDevs
winmm.dll.mixerOpen
winmm.dll.mixerGetLineInfoA
winmm.dll.mixerGetLineControlsA
winmm.dll.mixerGetControlDetailsA
winmm.dll.mixerSetControlDetails
ws2_32.dll.getaddrinfo
ws2_32.dll.GetAddrInfoW
ws2_32.dll.WSAStartup
ws2_32.dll.gethostname
ws2_32.dll.gethostbyname
ws2_32.dll.socket
ws2_32.dll.connect
ws2_32.dll.send
ws2_32.dll.sendto
ws2_32.dll.recv
ws2_32.dll.recvfrom
ws2_32.dll.accept
ws2_32.dll.bind
ws2_32.dll.listen
ws2_32.dll.select
ws2_32.dll.setsockopt
ws2_32.dll.ioctlsocket
ws2_32.dll.closesocket
ws2_32.dll.shutdown
ws2_32.dll.WSAAccept
ws2_32.dll.WSAConnect
ws2_32.dll.WSAConnectByNameW
ws2_32.dll.WSAConnectByList
ws2_32.dll.WSARecv
ws2_32.dll.WSARecvFrom
ws2_32.dll.WSASend
ws2_32.dll.WSASendTo
ws2_32.dll.WSASendMsg
ws2_32.dll.WSASocketA
ws2_32.dll.WSASocketW
wsock32.dll.#115
wsock32.dll.#11
wsock32.dll.#3
wsock32.dll.#21
wsock32.dll.#7
wsock32.dll.#111
wsock32.dll.#12
wsock32.dll.#13
wsock32.dll.#22
wsock32.dll.#15
wsock32.dll.#14
wsock32.dll.#1
wsock32.dll.#18
wsock32.dll.#2
wsock32.dll.#6
wsock32.dll.#5
wsock32.dll.#112
wsock32.dll.#101
wsock32.dll.#53
wsock32.dll.#17
wsock32.dll.#20
wsock32.dll.#57
wsock32.dll.#16
wsock32.dll.#19
wsock32.dll.#23
wsock32.dll.#52
wsock32.dll.#10
wsock32.dll.#4
wsock32.dll.#8
wsock32.dll.#9
wsock32.dll.#116
version.dll.GetFileVersionInfoW
version.dll.GetFileVersionInfoSizeW
version.dll.GetFileVersionInfoSizeA
version.dll.GetFileVersionInfoA
version.dll.VerQueryValueA
kernel32.dll.LockFile
kernel32.dll.UnlockFile
kernel32.dll.lstrcmpW
kernel32.dll.lstrcatA
kernel32.dll.GlobalDeleteAtom
kernel32.dll.GlobalFindAtomA
kernel32.dll.GlobalAddAtomA
kernel32.dll.GlobalGetAtomNameA
kernel32.dll.FreeResource
kernel32.dll.FileTimeToLocalFileTime
kernel32.dll.ConvertDefaultLocale
kernel32.dll.InterlockedIncrement
kernel32.dll.GlobalReAlloc
kernel32.dll.GlobalHandle
kernel32.dll.LocalReAlloc
kernel32.dll.SetErrorMode
kernel32.dll.IsBadWritePtr
kernel32.dll.IsBadReadPtr
kernel32.dll.IsBadCodePtr
kernel32.dll.InterlockedExchange
kernel32.dll.InterlockedDecrement
kernel32.dll.GlobalSize
kernel32.dll.SetComputerNameA
kernel32.dll.GetPriorityClass
kernel32.dll.GetThreadPriority
kernel32.dll.ExpandEnvironmentStringsA
kernel32.dll.lstrcmpA
kernel32.dll.GetDiskFreeSpaceA
kernel32.dll.GetDriveTypeA
kernel32.dll.SetVolumeLabelA
kernel32.dll.GlobalMemoryStatus
kernel32.dll.GetSystemDirectoryA
kernel32.dll.GlobalFlags
kernel32.dll.LocalHandle
kernel32.dll.GetWindowsDirectoryA
kernel32.dll.DeviceIoControl
kernel32.dll.DeleteFileA
kernel32.dll.GetFileAttributesA
kernel32.dll.MulDiv
kernel32.dll.lstrcpyA
kernel32.dll.GetStringTypeExA
kernel32.dll.GetProcessVersion
kernel32.dll.lstrcmpiA
user32.dll.EnumThreadWindows
user32.dll.ExitWindowsEx
user32.dll.EnumDisplaySettingsA
user32.dll.ChangeDisplaySettingsA
user32.dll.PostThreadMessageA
user32.dll.GetWindowTextLengthA
user32.dll.EnumWindows
user32.dll.EnumChildWindows
user32.dll.SendNotifyMessageA
user32.dll.SetParent
user32.dll.CheckMenuItem
user32.dll.GetUpdateRect
user32.dll.wvsprintfA
user32.dll.GetWindowDC
user32.dll.ValidateRect
user32.dll.SendDlgItemMessageA
user32.dll.SetDlgItemTextA
user32.dll.IsDialogMessageA
user32.dll.GetLastActivePopup
user32.dll.GetWindowPlacement
user32.dll.UnregisterClassA
user32.dll.SetScrollInfo
user32.dll.GetScrollInfo
user32.dll.DeferWindowPos
user32.dll.AdjustWindowRectEx
user32.dll.ShowScrollBar
user32.dll.GetScrollPos
user32.dll.SetScrollPos
user32.dll.GetScrollRange
user32.dll.SetScrollRange
user32.dll.ScrollWindow
user32.dll.MapWindowPoints
user32.dll.GetMessagePos
user32.dll.GetMessageTime
user32.dll.GetTopWindow
user32.dll.EndDeferWindowPos
user32.dll.BeginDeferWindowPos
user32.dll.IsChild
user32.dll.GetClassInfoExA
user32.dll.RegisterWindowMessageA
user32.dll.EndDialog
user32.dll.GetNextDlgTabItem
user32.dll.CreateDialogIndirectParamA
user32.dll.GetMenuCheckMarkDimensions
user32.dll.SetMenuItemBitmaps
user32.dll.BringWindowToTop
user32.dll.InsertMenuItemA
user32.dll.LoadAcceleratorsA
user32.dll.ReuseDDElParam
user32.dll.UnpackDDElParam
user32.dll.DefFrameProcA
user32.dll.DefMDIChildProcA
user32.dll.DrawMenuBar
user32.dll.TranslateMDISysAccel
user32.dll.ShowOwnedPopups
user32.dll.MapDialogRect
user32.dll.SetWindowContextHelpId
user32.dll.CharNextA
user32.dll.IsClipboardFormatAvailable
user32.dll.DrawIcon
user32.dll.MessageBeep
user32.dll.CopyAcceleratorTableA
user32.dll.InvalidateRgn
user32.dll.GetNextDlgGroupItem
user32.dll.GetDCEx
user32.dll.LockWindowUpdate
user32.dll.RegisterClipboardFormatA
user32.dll.LoadStringA
user32.dll.SetActiveWindow
user32.dll.MapVirtualKeyA
user32.dll.GetKeyNameTextA
user32.dll.wsprintfA
user32.dll.RemoveMenu
user32.dll.SetMenu
user32.dll.CreateMenu
user32.dll.CreateAcceleratorTableA
user32.dll.GetMenuItemID
user32.dll.GetMenuStringA
user32.dll.DestroyAcceleratorTable
user32.dll.TranslateAcceleratorA
user32.dll.InsertMenuA
user32.dll.RegisterClassA
user32.dll.GetWindow
user32.dll.GetClipboardData
user32.dll.DestroyCursor
user32.dll.GetFocus
user32.dll.SetFocus
user32.dll.EmptyClipboard
user32.dll.GetClassLongA
user32.dll.SetClassLongA
user32.dll.IntersectRect
user32.dll.RegisterClassExA
user32.dll.GetWindowTextA
user32.dll.SetWindowTextA
user32.dll.MoveWindow
user32.dll.GetKeyState
user32.dll.OpenIcon
user32.dll.SetForegroundWindow
user32.dll.IsIconic
user32.dll.GetSubMenu
user32.dll.SetMenuDefaultItem
user32.dll.DeleteMenu
user32.dll.DestroyIcon
user32.dll.AppendMenuA
user32.dll.CreatePopupMenu
user32.dll.ShowCursor
user32.dll.IsWindowEnabled
user32.dll.CreateWindowExA
user32.dll.LoadIconA
user32.dll.UpdateWindow
user32.dll.GetTabbedTextExtentA
user32.dll.IsMenu
user32.dll.SetMenuItemInfoA
user32.dll.GetMenuItemRect
user32.dll.LoadBitmapA
user32.dll.GetClassNameA
user32.dll.GetWindowLongA
user32.dll.CallNextHookEx
user32.dll.CallWindowProcA
user32.dll.UnhookWindowsHookEx
user32.dll.SetWindowLongA
user32.dll.GetPropA
user32.dll.SetPropA
user32.dll.GetForegroundWindow
user32.dll.GetMenu
user32.dll.EqualRect
user32.dll.OffsetRect
user32.dll.InflateRect
user32.dll.SetRectEmpty
user32.dll.GetMenuItemInfoA
user32.dll.DrawStateA
user32.dll.GetActiveWindow
user32.dll.IsZoomed
user32.dll.GetSystemMenu
user32.dll.ModifyMenuA
user32.dll.GetMenuState
user32.dll.GetMenuItemCount
user32.dll.EnableMenuItem
user32.dll.GetCursorPos
user32.dll.WindowFromPoint
user32.dll.ScreenToClient
user32.dll.PostMessageA
user32.dll.DispatchMessageA
user32.dll.GrayStringA
user32.dll.DrawTextExA
user32.dll.DrawTextA
user32.dll.TabbedTextOutA
user32.dll.GetCapture
user32.dll.InvalidateRect
user32.dll.ClientToScreen
user32.dll.DrawFrameControl
user32.dll.PtInRect
user32.dll.IsRectEmpty
user32.dll.GetDlgCtrlID
user32.dll.CopyRect
user32.dll.LoadCursorA
user32.dll.SystemParametersInfoA
user32.dll.CharUpperA
user32.dll.RemovePropA
user32.dll.TrackPopupMenu
gdi32.dll.GetTextColor
gdi32.dll.DPtoLP
gdi32.dll.LPtoDP
gdi32.dll.Rectangle
gdi32.dll.GetTextMetricsA
gdi32.dll.ResetDCA
gdi32.dll.GetMapMode
gdi32.dll.StretchDIBits
gdi32.dll.CreatePen
gdi32.dll.CreateFontIndirectA
gdi32.dll.SetBkColor
gdi32.dll.GetPixel
gdi32.dll.StretchBlt
gdi32.dll.CreateCompatibleBitmap
gdi32.dll.CreateBitmap
gdi32.dll.GetObjectA
gdi32.dll.GetCurrentObject
gdi32.dll.SetPixel
gdi32.dll.GetClipBox
gdi32.dll.PtVisible
gdi32.dll.RectVisible
gdi32.dll.TextOutA
gdi32.dll.ExtTextOutA
gdi32.dll.Escape
gdi32.dll.GetTextExtentPoint32A
gdi32.dll.PtInRegion
gdi32.dll.IntersectClipRect
gdi32.dll.SelectClipRgn
gdi32.dll.GetDIBits
gdi32.dll.EnumFontFamiliesExA
gdi32.dll.Ellipse
gdi32.dll.RoundRect
gdi32.dll.StartDocA
gdi32.dll.StartPage
gdi32.dll.EndPage
gdi32.dll.SetAbortProc
gdi32.dll.AbortDoc
gdi32.dll.EndDoc
gdi32.dll.CreatePenIndirect
gdi32.dll.CreateBrushIndirect
gdi32.dll.GetCharWidthA
gdi32.dll.SetROP2
gdi32.dll.SetWinMetaFileBits
gdi32.dll.DeleteEnhMetaFile
gdi32.dll.GetEnhMetaFileHeader
gdi32.dll.SetEnhMetaFileBits
gdi32.dll.PlayEnhMetaFile
gdi32.dll.RealizePalette
gdi32.dll.SelectPalette
gdi32.dll.CreatePalette
gdi32.dll.GetEnhMetaFilePaletteEntries
gdi32.dll.CopyMetaFileA
gdi32.dll.SaveDC
gdi32.dll.RestoreDC
gdi32.dll.SetPolyFillMode
gdi32.dll.SetStretchBltMode
gdi32.dll.SetMapMode
gdi32.dll.ExcludeClipRect
gdi32.dll.SetTextAlign
gdi32.dll.GetViewportExtEx
gdi32.dll.GetWindowExtEx
gdi32.dll.SetViewportOrgEx
gdi32.dll.OffsetViewportOrgEx
gdi32.dll.SetViewportExtEx
gdi32.dll.ScaleViewportExtEx
gdi32.dll.SetWindowOrgEx
gdi32.dll.SetWindowExtEx
gdi32.dll.ScaleWindowExtEx
gdi32.dll.GetCurrentPositionEx
gdi32.dll.ExtSelectClipRgn
gdi32.dll.CreatePatternBrush
gdi32.dll.CreateRectRgnIndirect
gdi32.dll.SetRectRgn
gdi32.dll.PatBlt
gdi32.dll.GetBkColor
gdi32.dll.GetViewportOrgEx
gdi32.dll.CreateEllipticRgn
gdi32.dll.GetRgnBox
gdi32.dll.GetNearestColor
gdi32.dll.GetBkMode
gdi32.dll.GetPolyFillMode
gdi32.dll.GetROP2
gdi32.dll.GetStretchBltMode
gdi32.dll.GetTextAlign
gdi32.dll.GetTextFaceA
gdi32.dll.GetWindowOrgEx
gdi32.dll.GetDeviceCaps

Execute Commands

Nothing to display

Started Services

Nothing to display

Created Services

Nothing to display

#infosec #automation

TheSystem Itself @ 2022-01-06 08:00:11

Detected family: #Buzus

TheSystem Itself @ 2022-01-06 08:06:04