Architecture |
IMAGE_FILE_MACHINE_I386
|
---|---|
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
Compilation Date | 1970-Dec-10 21:00:48 |
Detected languages |
English - United States
|
Debug artifacts |
E:\workspace\MetaTrader4\Build\Client\MetaTrader4Terminal\Release\terminal.pdb
|
Comments | https://www.metaquotes.net |
CompanyName | MetaQuotes Ltd. |
FileDescription | MetaTrader |
FileVersion | 4.0.0.1421 |
InternalName | MetaTrader |
LegalCopyright | © 2000-2024, MetaQuotes Ltd. |
LegalTrademarks | MetaTrader® |
ProductName | MetaTrader |
ProductVersion | 4.0.0.1421 |
Info | Matching compiler(s): |
Microsoft Visual C++ v6.0 DLL
Microsoft Visual C++ 6.0 - 8.0 Microsoft Visual C++ Microsoft Visual C++ v6.0 |
Suspicious | PEiD Signature: |
UPolyX V0.1 -> Delikon
HQR data file |
Suspicious | Strings found in the binary may indicate undesirable behavior: |
Tries to detect virtualized environments:
|
Info | Cryptographic algorithms detected in the binary: |
Uses constants related to CRC32
Uses constants related to MD5 Uses constants related to SHA1 Uses constants related to SHA256 Microsoft's Cryptography API |
Suspicious | The PE is possibly packed. |
Unusual section name found: .fptable
Unusual section name found: .cod0 Unusual section name found: .cod1 Unusual section name found: .cod2 |
Malicious | The PE contains functions mostly used by malware. |
[!] The program may be hiding some of its imports:
|
Info | The PE's resources present abnormal characteristics. |
Resource 5666 is possibly compressed or encrypted.
Resource 6492 is possibly compressed or encrypted. |
Suspicious | No VirusTotal score. | This file has never been scanned on VirusTotal. |
e_magic | MZ |
---|---|
e_cblp | 0x90 |
e_cp | 0x3 |
e_crlc | 0 |
e_cparhdr | 0x4 |
e_minalloc | 0 |
e_maxalloc | 0xffff |
e_ss | 0 |
e_sp | 0xb8 |
e_csum | 0 |
e_ip | 0 |
e_cs | 0 |
e_ovno | 0 |
e_oemid | 0 |
e_oeminfo | 0 |
e_lfanew | 0x130 |
Signature | PE |
---|---|
Machine |
IMAGE_FILE_MACHINE_I386
|
NumberofSections | 9 |
TimeDateStamp | 1970-Dec-10 21:00:48 |
PointerToSymbolTable | 0 |
NumberOfSymbols | 0 |
SizeOfOptionalHeader | 0xe0 |
Characteristics |
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
|
Magic | PE32 |
---|---|
LinkerVersion | 14.0 |
SizeOfCode | 0x882200 |
SizeOfInitializedData | 0xc1c600 |
SizeOfUninitializedData | 0 |
AddressOfEntryPoint | 0x0112FC2A (Section: .cod2) |
BaseOfCode | 0x1000 |
BaseOfData | 0x884000 |
ImageBase | 0x400000 |
SectionAlignment | 0x1000 |
FileAlignment | 0x200 |
OperatingSystemVersion | 6.0 |
ImageVersion | 0.0 |
SubsystemVersion | 6.0 |
Win32VersionValue | 0 |
SizeOfImage | 0x1ce4000 |
SizeOfHeaders | 0x400 |
Checksum | 0x1c82333 |
Subsystem |
IMAGE_SUBSYSTEM_WINDOWS_GUI
|
DllCharacteristics |
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
|
SizeofStackReserve | 0x100000 |
SizeofStackCommit | 0x1000 |
SizeofHeapReserve | 0x100000 |
SizeofHeapCommit | 0x1000 |
LoaderFlags | 0 |
NumberOfRvaAndSizes | 16 |
WS2_32.dll |
getpeername
InetPtonW FreeAddrInfoW GetAddrInfoW WSACleanup WSAStartup WSASocketW bind WSAConnect WSARecv accept ntohs getsockname listen inet_ntoa WSASend recv select WSAGetLastError connect ioctlsocket setsockopt socket htons gethostbyname inet_addr gethostname shutdown send htonl WSAEventSelect WSAIoctl closesocket |
---|---|
dbghelp.dll |
SymFunctionTableAccess64
MiniDumpWriteDump SymLoadModule64 StackWalk64 SymGetModuleBase64 SymInitialize SymSetOptions SymGetOptions SymCleanup |
WINHTTP.dll |
WinHttpConnect
WinHttpCloseHandle WinHttpSetCredentials WinHttpSetOption WinHttpOpenRequest WinHttpSetTimeouts WinHttpAddRequestHeaders WinHttpSendRequest WinHttpOpen WinHttpReceiveResponse WinHttpQueryHeaders WinHttpReadData |
gdiplus.dll |
GdipDeleteFontFamily
GdipGetGenericFontFamilySansSerif GdipCreateFont GdipDeleteFont GdipMeasureString GdipSetLineColors GdipFillPie GdipCreateFontFamilyFromName GdipCreateSolidFill GdipFillRectangle GdipSetSolidFillColor GdipCreateCachedBitmap GdipDeleteCachedBitmap GdipDrawCachedBitmap GdipFillRectangleI GdipDrawRectangleI GdipDrawLine GdipDrawImageRectI GdipDrawImageI GdipDrawEllipse GdipDrawPie GdipDrawString GdipDrawLineI GdipSetPenColor GdipFillPath GdipClosePathFigure GdipStartPathFigure GdipBitmapUnlockBits GdipGetFontHeight GdipAddPathLineI GdipFillPolygon GdipCloneBrush GdipDeleteBrush GdipCreateLineBrushI GdipSetPenLineJoin GdipSetSmoothingMode GdipDeletePen GdipCreatePen1 GdipDeletePath GdipCreatePath GdipCreateFromHDC GdiplusShutdown GdiplusStartup GdipCreateBitmapFromHBITMAP GdipGetImageEncodersSize GdipGetImageEncoders GdipSaveImageToFile GdipCreateHBITMAPFromBitmap GdipGetImageWidth GdipGetImageHeight GdipDrawImageRectRectI GdipSetInterpolationMode GdipDeleteGraphics GdipGetImageGraphicsContext GdipDisposeImage GdipCloneImage GdipAlloc GdipFree GdipCreateBitmapFromScan0 GdipBitmapLockBits GdipCreateBitmapFromStream GdipGetImagePaletteSize GdipGetImagePalette GdipGetImagePixelFormat GdipStringFormatGetGenericTypographic GdipCreateRegionRect GdipDeleteRegion GdipSetPenMode GdipSetClipRegion GdipDrawPath |
CRYPT32.dll |
CertAddCertificateContextToStore
CertFreeCertificateContext CertCloseStore CertOpenStore CertCreateCertificateContext CertGetNameStringW CryptHashCertificate CertCreateCertificateChainEngine CertGetCertificateChain CertFreeCertificateChainEngine CertFreeCertificateChain CertVerifyCertificateChainPolicy CertNameToStrW CryptProtectData CryptUnprotectData |
KERNEL32.dll |
HeapAlloc
HeapFree HeapDestroy GetComputerNameA GetTempPathA CreateDirectoryA GetACP DeleteFileA GetTempFileNameA PostQueuedCompletionStatus CreateIoCompletionPort GlobalLock GlobalUnlock FindFirstFileA FindNextFileA GetCurrentProcessId CreateProcessW DuplicateHandle VirtualFree VirtualAlloc VirtualProtect HeapCreate CreateDirectoryW RemoveDirectoryW GetFileInformationByHandle CompareStringW CreateEventW TerminateProcess GetExitCodeProcess CreateFileMappingW MapViewOfFile UnmapViewOfFile LoadLibraryA OpenThread SuspendThread ResumeThread GetThreadContext SetThreadContext SetThreadPriority FlushInstructionCache GlobalFree GetDiskFreeSpaceExA TryEnterCriticalSection FlushFileBuffers FileTimeToLocalFileTime MoveFileExW CreateProcessA MoveFileA CreateFileA GetModuleFileNameA GetLongPathNameA AddVectoredExceptionHandler SetUnhandledExceptionFilter CreateMutexA GetDriveTypeA GetLongPathNameW SetFileAttributesW OpenProcess LocalLock LocalUnlock OpenEventA CompareFileTime GetWindowsDirectoryW FreeResource CopyFileA InitializeCriticalSectionEx HeapSize HeapReAlloc DecodePointer GetProcessHeap GlobalAlloc MoveFileExA GetLocalTime FormatMessageA lstrlenA lstrcpynA GetLocaleInfoA FindResourceA GetVolumeInformationA GetSystemDirectoryA SetFileAttributesA EnumResourceNamesA IsValidCodePage RemoveDirectoryA WritePrivateProfileStringA GetPrivateProfileIntA GetPrivateProfileStringA GetStringTypeA GetSystemDefaultLangID GlobalReAlloc GlobalSize GetEnvironmentVariableW GetProcessHandleCount GetDiskFreeSpaceExW GetCurrentThread CreateToolhelp32Snapshot Module32First Module32Next Thread32First Thread32Next ReadProcessMemory VirtualQuery GetVersionExW GetComputerNameExW Process32NextW Process32FirstW GetQueuedCompletionStatus ExpandEnvironmentStringsA LoadLibraryExA OutputDebugStringA EncodePointer SetLastError LoadLibraryW GlobalDeleteAtom lstrcmpW GlobalAddAtomA GlobalFindAtomA GlobalGetAtomNameA CompareStringA lstrcmpA GetProfileIntA GetDiskFreeSpaceA GetFullPathNameA SetFileTime ReplaceFileA GetThreadLocale LockFile UnlockFile GetShortPathNameA lstrcmpiA GetStringTypeExA InitializeCriticalSectionAndSpinCount TlsAlloc TlsGetValue TlsSetValue TlsFree GlobalHandle LocalAlloc LocalReAlloc GetSystemDefaultUILanguage GlobalFlags GetOEMCP GetCPInfo GetCurrentDirectoryA lstrcpyA FindResourceExW LocalFileTimeToFileTime SetErrorMode GetWindowsDirectoryA VerSetConditionMask VerifyVersionInfoA SearchPathA WakeAllConditionVariable SleepConditionVariableSRW UnhandledExceptionFilter IsProcessorFeaturePresent IsDebuggerPresent GetStartupInfoW InitializeSListHead GetTempFileNameW GetTempPathW GetFileTime CreateMutexW ReleaseMutex CopyFileW MoveFileW WakeConditionVariable WaitForMultipleObjects TerminateThread ResetEvent SetEndOfFile GetFileSize LocalFree ReleaseSRWLockShared AcquireSRWLockShared SetEvent ReleaseSemaphore CreateSemaphoreA CreateEventA FileTimeToDosDateTime SystemTimeToTzSpecificLocalTime GetFileAttributesA GetFileAttributesExA FindNextFileW FindClose FindFirstFileW GetFileAttributesW GetSystemTime DosDateTimeToFileTime GetModuleHandleW GetCurrentProcess GetNativeSystemInfo SetFilePointer DeviceIoControl GetSystemDirectoryW GetVolumeInformationW GetFileAttributesExW HeapSetInformation GetCurrentThreadId QueryPerformanceFrequency QueryPerformanceCounter ReleaseSRWLockExclusive GetActiveProcessorCount GetTickCount64 AcquireSRWLockExclusive GetTimeZoneInformation GetSystemTimeAsFileTime GetTickCount SetThreadStackGuarantee MultiByteToWideChar Sleep LeaveCriticalSection GetExitCodeThread EnterCriticalSection GetSystemInfo GetUserDefaultUILanguage GlobalMemoryStatusEx GetModuleFileNameW WaitForSingleObject DeleteCriticalSection InitializeCriticalSection GetVersionExA GetModuleHandleA MulDiv FreeLibrary GetProcAddress LoadLibraryExW FindResourceW LoadResource LockResource SizeofResource WideCharToMultiByte GetUserGeoID GetGeoInfoW GetLocaleInfoW GetUserDefaultLCID FileTimeToSystemTime SystemTimeToFileTime DeleteFileW WriteFile GetLastError ReadFile CloseHandle GetFileSizeEx CreateFileW OutputDebugStringW RaiseException RtlUnwind CreateThread ExitThread FreeLibraryAndExitThread GetModuleHandleExW HeapCompact GetCommandLineA GetCommandLineW FindFirstFileExW ExitProcess GetFullPathNameW HeapQueryInformation SetStdHandle GetFileType GetStdHandle FlsAlloc FlsGetValue FlsSetValue FlsFree GetDateFormatW GetTimeFormatW LCMapStringW GetConsoleMode ReadConsoleW GetConsoleOutputCP GetDriveTypeW GetStringTypeW GetEnvironmentStringsW FreeEnvironmentStringsW SetEnvironmentVariableW GetCurrentDirectoryW WriteConsoleW SetFilePointerEx |
USER32.dll |
GetKeyNameTextA
MapVirtualKeyA SetParent CreateDialogIndirectParamA EndDialog GetNextDlgTabItem DefFrameProcA DefMDIChildProcA TranslateMDISysAccel WaitMessage GetAsyncKeyState MonitorFromPoint LoadAcceleratorsW SetWindowContextHelpId ShowOwnedPopups CopyAcceleratorTableA InvalidateRgn CharNextA CharUpperA RealChildWindowFromPoint PostThreadMessageA GetNextDlgGroupItem DrawIcon SetWindowRgn GetTabbedTextExtentW CreateMenu GetMenuDefaultItem DrawIconEx GetIconInfo EnableScrollBar HideCaret InvertRect NotifyWinEvent SetLayeredWindowAttributes DrawStateA SetClassLongA SetCursorPos CopyIcon UpdateLayeredWindow IsCharLowerA MapVirtualKeyExA ToAsciiEx CreateAcceleratorTableA DestroyAcceleratorTable SetMenuDefaultItem GetDoubleClickTime CharUpperBuffA GetUpdateRect SubtractRect GetWindowRgn WinHelpA GetScrollInfo SetScrollInfo GetLastActivePopup GetClassLongA AdjustWindowRectEx GetWindowTextLengthA ShowScrollBar GetScrollRange SetScrollRange GetScrollPos SetScrollPos ScrollWindow ValidateRect EndPaint BeginPaint TrackPopupMenu SetMenu GetMenu DeferWindowPos SetWindowPlacement IsMenu GetClassInfoExA GetClassInfoA GetMessageTime DdeUninitialize DdeFreeStringHandle DdeNameService DdeCreateStringHandleA DdeInitializeA DdeCreateDataHandle DdeQueryStringA DdePostAdvise CallWindowProcA GetMenuItemRect SetMenuItemInfoA GetPropA RemovePropA SetPropA GetPriorityClipboardFormat GetMenuItemID GrayStringA DrawTextExA TabbedTextOutA FrameRect DrawTextW TranslateAcceleratorA LoadAcceleratorsA RegisterClipboardFormatA GetSystemMenu DestroyWindow GetMenuStringA RemoveMenu InsertMenuA IsChild EndDeferWindowPos BeginDeferWindowPos GetWindowTextA FillRect VkKeyScanA UnregisterHotKey RegisterHotKey OemToCharBuffA GetClipboardData DrawTextA GetDlgItem SetRect PostQuitMessage RedrawWindow DrawFrameControl CloseClipboard SetClipboardData EmptyClipboard OpenClipboard UnregisterClassA MoveWindow LoadImageW MapWindowPoints MonitorFromWindow IsZoomed WindowFromPoint RegisterWindowMessageA SetFocus IsClipboardFormatAvailable SendInput SetWindowPos FindWindowExA AppendMenuA DrawMenuBar GetClassNameA ShowWindow IsIconic EnumWindows WaitForInputIdle CharLowerBuffW CharUpperBuffW GetKeyboardState GetWindowThreadProcessId GetKeyboardLayout SendMessageTimeoutA GetForegroundWindow ToUnicodeEx CreateIconFromResourceEx GetSysColorBrush MessageBeep SetWindowTextW MapDialogRect GetWindow CheckMenuItem LoadIconW DestroyIcon SetForegroundWindow LoadIconA SetActiveWindow GetWindowTextW SendMessageW SendNotifyMessageA CreateWindowExA RegisterClassA DefWindowProcA GetWindowPlacement GetTopWindow GetAncestor BringWindowToTop EndMenu IsWindowVisible GetKeyState EnableMenuItem GetMenuItemCount ModifyMenuA GetMenuItemInfoA DeleteMenu GetCursorPos CallNextHookEx UpdateWindow GetWindowLongA UnhookWindowsHookEx SetWindowsHookExA MessageBoxA LoadCursorA TrackMouseEvent PostMessageA GetComboBoxInfo DrawEdge IsWindow SetCursor PtInRect ScreenToClient SetTimer SetWindowLongA KillTimer DestroyCursor LoadCursorW GetClientRect LoadImageA GetSubMenu LoadMenuW DrawFocusRect GetFocus GetSysColor InvalidateRect GetDC UnionRect IsRectEmpty GetMessageA SetCapture GetCapture EqualRect GetMonitorInfoA MonitorFromRect ReleaseCapture CopyImage ReleaseDC EnumDisplayMonitors GetDCEx LockWindowUpdate GetDesktopWindow SetRectEmpty PeekMessageA CopyRect ClientToScreen IntersectRect GetSystemMetrics GetDlgCtrlID OffsetRect InflateRect GetWindowRect DispatchMessageA TranslateMessage GetParent SendMessageA EnableWindow ReuseDDElParam UnpackDDElParam InsertMenuItemA DestroyMenu CreatePopupMenu LoadMenuA GetActiveWindow GetMenuState GetWindowDC LoadBitmapW GetMenuCheckMarkDimensions SetMenuItemBitmaps IsDialogMessageA SetWindowTextA IsWindowEnabled SendDlgItemMessageA IsDlgButtonChecked CheckRadioButton CheckDlgButton SetDlgItemTextA SystemParametersInfoA GetMessagePos |
GDI32.dll |
EnumFontFamiliesA
ExtTextOutA GetBkColor Polygon Ellipse FillRgn GetViewportOrgEx SetGraphicsMode GetClipRgn GetTextAlign GetTextMetricsA LineTo MoveToEx GetTextExtentPointA GetTextColor CreatePen RealizePalette SetPixel RoundRect GdiTransparentBlt PaintRgn CreatePolygonRgn GdiFlush TextOutW SetTextColor CreatePalette GetSystemPaletteEntries GetWorldTransform SetWorldTransform CreateEllipticRgnIndirect CreateDIBSection GetTextExtentPointW CreateFontW DPtoLP GetCurrentObject SetBkMode CreateFontA CreateSolidBrush Rectangle GdiAlphaBlend DeleteObject CreateDCA GetDeviceCaps DeleteDC GetTextExtentPoint32A CreateFontIndirectA GetObjectA SelectObject PatBlt GetRgnBox CombineRgn SetRectRgn CreateRectRgn GetStockObject SetTextAlign SetStretchBltMode SetROP2 SetPolyFillMode GetLayout SetLayout SetMapMode SelectClipRgn SetViewportExtEx SetViewportOrgEx SetWindowExtEx SetWindowOrgEx OffsetViewportOrgEx OffsetWindowOrgEx ScaleViewportExtEx ScaleWindowExtEx CopyMetaFileA GetMapMode SetAbortProc GetCharWidthA StretchDIBits CreateEllipticRgn LPtoDP GetROP2 GetBkMode GetNearestColor GetPolyFillMode GetStretchBltMode GetWindowOrgEx GetTextFaceA CreateDIBitmap GetTextCharsetInfo StretchBlt SetDIBColorTable Polyline CreateRoundRectRgn OffsetRgn StartPage FrameRgn GetBoundsRect PtInRegion ExtFloodFill SetPaletteEntries SetPixelV StartDocA SetDIBits GetTextExtentPoint32W EnumFontFamiliesExA CreateRectRgnIndirect ExtSelectClipRgn SaveDC RestoreDC OffsetClipRgn IntersectClipRect GetWindowExtEx GetViewportExtEx GetPixel GetObjectType GetCurrentPositionEx CreatePatternBrush CreateHatchBrush CreateBitmap SetBkColor ExcludeClipRect Escape RectVisible PtVisible GetClipBox GetPaletteEntries GetNearestPaletteIndex GetDIBits SelectPalette EndDoc EndPage TextOutA BitBlt CreateCompatibleDC CreateCompatibleBitmap Arc AbortDoc |
WINSPOOL.DRV |
GetJobA
ClosePrinter DocumentPropertiesA OpenPrinterA |
ADVAPI32.dll |
AccessCheck
AllocateAndInitializeSid SetEntriesInAclA SetNamedSecurityInfoW FreeSid OpenProcessToken GetTokenInformation GetFileSecurityA GetSecurityDescriptorDacl GetAclInformation GetAce EqualSid RegSetValueExA GetUserNameA RegOpenKeyExA RegQueryValueExA RegSetValueExW RegCreateKeyExW RegOpenKeyExW RegQueryValueExW RegCloseKey CryptAcquireContextA CryptDestroyHash CryptHashData CryptCreateHash CryptGenRandom CryptDestroyKey CryptReleaseContext SetFileSecurityA RegDeleteValueA RegCreateKeyExA RegQueryValueA RegEnumKeyA RegSetValueA CryptGetHashParam CryptEncrypt CryptImportKey RegDeleteKeyA RegEnumValueA RegEnumKeyExA DuplicateToken MapGenericMask |
SHELL32.dll |
SHGetFileInfoA
ExtractIconA SHBrowseForFolderA SHAppBarMessage ShellExecuteExA ShellExecuteW SHGetFolderPathW SHGetKnownFolderPath ShellExecuteExW ShellExecuteA SHGetFolderPathA SHChangeNotify DragQueryFileA SHGetPathFromIDListA SHGetSpecialFolderLocation DragFinish SHGetDesktopFolder |
COMCTL32.dll |
ImageList_SetBkColor
ImageList_AddMasked |
SHLWAPI.dll |
PathRemoveFileSpecW
PathRenameExtensionA PathRemoveExtensionW PathFindExtensionW PathFindFileNameA PathFindFileNameW UrlUnescapeW UrlCanonicalizeW #12 StrFormatKBSizeA PathStripToRootA PathIsUNCA PathRemoveExtensionA PathFindExtensionA |
UxTheme.dll |
GetCurrentThemeName
GetThemeColor DrawThemeText GetWindowTheme GetThemeSysColor DrawThemeParentBackground IsThemeBackgroundPartiallyTransparent GetThemePartSize IsAppThemed CloseThemeData DrawThemeEdge DrawThemeBackground OpenThemeData |
ole32.dll |
OleFlushClipboard
CreateILockBytesOnHGlobal StgOpenStorageOnILockBytes StgCreateDocfileOnILockBytes CoGetClassObject CoInitialize CLSIDFromProgID CLSIDFromString OleUninitialize CoFreeUnusedLibraries CoCreateInstance CoInitializeEx OleGetClipboard RevokeDragDrop RegisterDragDrop CoLockObjectExternal ReleaseStgMedium OleDuplicateData DoDragDrop OleIsCurrentClipboard OleCreateMenuDescriptor OleDestroyMenuDescriptor OleTranslateAccelerator CoDisconnectObject CoRevokeClassObject CoRegisterMessageFilter IsAccelerator OleLockRunning StringFromCLSID CoTaskMemAlloc CreateStreamOnHGlobal OleInitialize CoUninitialize CoTaskMemFree CoCreateGuid |
OLEAUT32.dll |
LoadTypeLib
OleCreateFontIndirect SysAllocString SysFreeString VariantClear SysAllocStringByteLen SysStringByteLen VariantInit SafeArrayCreateVector SafeArrayAccessData SafeArrayDestroy SafeArrayUnaccessData SysAllocStringLen VariantChangeType SafeArrayCreate SafeArrayPutElement SystemTimeToVariantTime VariantTimeToSystemTime SysStringLen VariantCopy VarBstrFromDate |
oledlg.dll |
#8
|
urlmon.dll |
UrlMkSetSessionOption
|
WSOCK32.dll |
WSASetLastError
|
VERSION.dll |
VerQueryValueW
GetFileVersionInfoW GetFileVersionInfoSizeW VerQueryValueA GetFileVersionInfoSizeA GetFileVersionInfoA |
WINTRUST.dll |
WinVerifyTrust
WTHelperGetProvCertFromChain WTHelperGetProvSignerFromChain WTHelperProvDataFromStateData |
Secur32.dll |
DeleteSecurityContext
FreeCredentialsHandle DecryptMessage EncryptMessage InitializeSecurityContextW FreeContextBuffer QueryContextAttributesA AcquireCredentialsHandleA AcquireCredentialsHandleW |
KERNEL32.dll (#2) |
HeapAlloc
HeapFree HeapDestroy GetComputerNameA GetTempPathA CreateDirectoryA GetACP DeleteFileA GetTempFileNameA PostQueuedCompletionStatus CreateIoCompletionPort GlobalLock GlobalUnlock FindFirstFileA FindNextFileA GetCurrentProcessId CreateProcessW DuplicateHandle VirtualFree VirtualAlloc VirtualProtect HeapCreate CreateDirectoryW RemoveDirectoryW GetFileInformationByHandle CompareStringW CreateEventW TerminateProcess GetExitCodeProcess CreateFileMappingW MapViewOfFile UnmapViewOfFile LoadLibraryA OpenThread SuspendThread ResumeThread GetThreadContext SetThreadContext SetThreadPriority FlushInstructionCache GlobalFree GetDiskFreeSpaceExA TryEnterCriticalSection FlushFileBuffers FileTimeToLocalFileTime MoveFileExW CreateProcessA MoveFileA CreateFileA GetModuleFileNameA GetLongPathNameA AddVectoredExceptionHandler SetUnhandledExceptionFilter CreateMutexA GetDriveTypeA GetLongPathNameW SetFileAttributesW OpenProcess LocalLock LocalUnlock OpenEventA CompareFileTime GetWindowsDirectoryW FreeResource CopyFileA InitializeCriticalSectionEx HeapSize HeapReAlloc DecodePointer GetProcessHeap GlobalAlloc MoveFileExA GetLocalTime FormatMessageA lstrlenA lstrcpynA GetLocaleInfoA FindResourceA GetVolumeInformationA GetSystemDirectoryA SetFileAttributesA EnumResourceNamesA IsValidCodePage RemoveDirectoryA WritePrivateProfileStringA GetPrivateProfileIntA GetPrivateProfileStringA GetStringTypeA GetSystemDefaultLangID GlobalReAlloc GlobalSize GetEnvironmentVariableW GetProcessHandleCount GetDiskFreeSpaceExW GetCurrentThread CreateToolhelp32Snapshot Module32First Module32Next Thread32First Thread32Next ReadProcessMemory VirtualQuery GetVersionExW GetComputerNameExW Process32NextW Process32FirstW GetQueuedCompletionStatus ExpandEnvironmentStringsA LoadLibraryExA OutputDebugStringA EncodePointer SetLastError LoadLibraryW GlobalDeleteAtom lstrcmpW GlobalAddAtomA GlobalFindAtomA GlobalGetAtomNameA CompareStringA lstrcmpA GetProfileIntA GetDiskFreeSpaceA GetFullPathNameA SetFileTime ReplaceFileA GetThreadLocale LockFile UnlockFile GetShortPathNameA lstrcmpiA GetStringTypeExA InitializeCriticalSectionAndSpinCount TlsAlloc TlsGetValue TlsSetValue TlsFree GlobalHandle LocalAlloc LocalReAlloc GetSystemDefaultUILanguage GlobalFlags GetOEMCP GetCPInfo GetCurrentDirectoryA lstrcpyA FindResourceExW LocalFileTimeToFileTime SetErrorMode GetWindowsDirectoryA VerSetConditionMask VerifyVersionInfoA SearchPathA WakeAllConditionVariable SleepConditionVariableSRW UnhandledExceptionFilter IsProcessorFeaturePresent IsDebuggerPresent GetStartupInfoW InitializeSListHead GetTempFileNameW GetTempPathW GetFileTime CreateMutexW ReleaseMutex CopyFileW MoveFileW WakeConditionVariable WaitForMultipleObjects TerminateThread ResetEvent SetEndOfFile GetFileSize LocalFree ReleaseSRWLockShared AcquireSRWLockShared SetEvent ReleaseSemaphore CreateSemaphoreA CreateEventA FileTimeToDosDateTime SystemTimeToTzSpecificLocalTime GetFileAttributesA GetFileAttributesExA FindNextFileW FindClose FindFirstFileW GetFileAttributesW GetSystemTime DosDateTimeToFileTime GetModuleHandleW GetCurrentProcess GetNativeSystemInfo SetFilePointer DeviceIoControl GetSystemDirectoryW GetVolumeInformationW GetFileAttributesExW HeapSetInformation GetCurrentThreadId QueryPerformanceFrequency QueryPerformanceCounter ReleaseSRWLockExclusive GetActiveProcessorCount GetTickCount64 AcquireSRWLockExclusive GetTimeZoneInformation GetSystemTimeAsFileTime GetTickCount SetThreadStackGuarantee MultiByteToWideChar Sleep LeaveCriticalSection GetExitCodeThread EnterCriticalSection GetSystemInfo GetUserDefaultUILanguage GlobalMemoryStatusEx GetModuleFileNameW WaitForSingleObject DeleteCriticalSection InitializeCriticalSection GetVersionExA GetModuleHandleA MulDiv FreeLibrary GetProcAddress LoadLibraryExW FindResourceW LoadResource LockResource SizeofResource WideCharToMultiByte GetUserGeoID GetGeoInfoW GetLocaleInfoW GetUserDefaultLCID FileTimeToSystemTime SystemTimeToFileTime DeleteFileW WriteFile GetLastError ReadFile CloseHandle GetFileSizeEx CreateFileW OutputDebugStringW RaiseException RtlUnwind CreateThread ExitThread FreeLibraryAndExitThread GetModuleHandleExW HeapCompact GetCommandLineA GetCommandLineW FindFirstFileExW ExitProcess GetFullPathNameW HeapQueryInformation SetStdHandle GetFileType GetStdHandle FlsAlloc FlsGetValue FlsSetValue FlsFree GetDateFormatW GetTimeFormatW LCMapStringW GetConsoleMode ReadConsoleW GetConsoleOutputCP GetDriveTypeW GetStringTypeW GetEnvironmentStringsW FreeEnvironmentStringsW SetEnvironmentVariableW GetCurrentDirectoryW WriteConsoleW SetFilePointerEx |