Mapping mode: OFF (Export Table)
Enumeration More information Injection More information Evasion More information Spying More information Internet More information Anti-Debugging More information Ransomware More information Helper More information
CreateToolhelp32Snapshot
EnumDeviceDrivers
EnumProcesses
EnumProcessModules
EnumProcessModulesEx
FindFirstFileA
FindNextFileA
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetModuleBaseNameA
GetSystemDefaultLangId
GetVersionExA
GetWindowsDirectoryA
IsWoW64Process
Module32First
Module32Next
Process32First
Process32Next
ReadProcessMemory
Thread32First
Thread32Next
GetSystemDirectoryA
GetSystemTime
ReadFile
GetComputerNameA
VirtualQueryEx
GetProcessIdOfThread
GetProcessId
GetCurrentThread
GetCurrentThreadId
GetThreadId
GetThreadInformation
GetCurrentProcess
GetCurrentProcessId
SearchPathA
GetFileTime
GetFileAttributesA
LookupPrivilegeValueA
LookupAccountNameA
GetCurrentHwProfileA
GetUserNameA
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegQueryMultipleValuesA
RegQueryValueExA
NtQueryDirectoryFile
NtQueryInformationProcess
NtQuerySystemEnvironmentValueEx
EnumDesktopWindows
EnumWindows
NetShareEnum
NetShareGetInfo
NetShareCheck
GetAdaptersInfo
PathFileExistsA
GetNativeSystemInfo
RtlGetVersion
GetIpNetTable
GetLogicalDrives
GetDriveTypeA
RegEnumKeyA
WNetEnumResourceA
WNetCloseEnum
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
WNetAddConnection2A
WNetAddConnectionA
EnumResourceTypesA
EnumResourceTypesExA
CreateFileMappingA
CreateProcessA
CreateRemoteThread
CreateRemoteThreadEx
GetModuleHandleA
GetProcAddress
GetThreadContext
HeapCreate
LoadLibraryA
LoadLibraryExA
LocalAlloc
MapViewOfFile
MapViewOfFile2
MapViewOfFile3
MapViewOfFileEx
OpenThread
Process32First
Process32Next
QueueUserAPC
ReadProcessMemory
ResumeThread
SetProcessDEPPolicy
SetThreadContext
SuspendThread
Thread32First
Thread32Next
Toolhelp32ReadProcessMemory
VirtualAlloc
VirtualAllocEx
VirtualProtect
VirtualProtectEx
WriteProcessMemory
VirtualAllocExNuma
VirtualAlloc2
VirtualAlloc2FromApp
VirtualAllocFromApp
VirtualProtectFromApp
CreateThread
WaitForSingleObject
OpenProcess
OpenFileMappingA
GetProcessHeap
GetProcessHeaps
HeapAlloc
HeapReAlloc
GlobalAlloc
AdjustTokenPrivileges
CreateProcessAsUserA
OpenProcessToken
CreateProcessWithTokenW
NtAdjustPrivilegesToken
NtAllocateVirtualMemory
NtContinue
NtCreateProcess
NtCreateProcessEx
NtCreateSection
NtCreateThread
NtCreateThreadEx
NtCreateUserProcess
NtDuplicateObject
NtMapViewOfSection
NtOpenProcess
NtOpenThread
NtProtectVirtualMemory
NtQueueApcThread
NtQueueApcThreadEx
NtQueueApcThreadEx2
NtReadVirtualMemory
NtResumeThread
NtUnmapViewOfSection
NtWaitForMultipleObjects
NtWaitForSingleObject
NtWriteVirtualMemory
RtlCreateHeap
LdrLoadDll
RtlMoveMemory
RtlCopyMemory
SetPropA
WaitForSingleObjectEx
WaitForMultipleObjects
WaitForMultipleObjectsEx
KeInsertQueueApc
Wow64SetThreadContext
NtSuspendProcess
NtResumeProcess
DuplicateToken
CreateFileMappingA
DeleteFileA
GetModuleHandleA
GetProcAddress
LoadLibraryA
LoadLibraryExA
LoadResource
SetEnvironmentVariableA
SetFileTime
Sleep
WaitForSingleObject
SetFileAttributesA
SleepEx
NtDelayExecution
NtWaitForMultipleObjects
NtWaitForSingleObject
CreateWindowExA
RegisterHotKey
timeSetEvent
IcmpSendEcho
WaitForSingleObjectEx
WaitForMultipleObjects
WaitForMultipleObjectsEx
SetWaitableTimer
CreateTimerQueueTimer
CreateWaitableTimer
SetWaitableTimer
SetTimer
Select
ImpersonateLoggedOnUser
SetThreadToken
DuplicateToken
AttachThreadInput
CallNextHookEx
GetAsyncKeyState
GetClipboardData
GetDC
GetDCEx
GetForegroundWindow
GetKeyboardState
GetKeyState
GetMessageA
GetRawInputData
GetWindowDC
MapVirtualKeyA
MapVirtualKeyExA
PeekMessageA
PostMessageA
PostThreadMessageA
RegisterHotKey
RegisterRawInputDevices
SendMessageA
SendMessageCallbackA
SendMessageTimeoutA
SendNotifyMessageA
SetWindowsHookExA
SetWinEventHook
UnhookWindowsHookEx
BitBlt
StretchBlt
GetKeynameTextA
WinExec
FtpPutFileA
HttpOpenRequestA
HttpSendRequestA
HttpSendRequestExA
InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetReadFileExA
InternetWriteFile
URLDownloadToFile
URLDownloadToCacheFile
URLOpenBlockingStream
URLOpenStream
Accept
Bind
Connect
Gethostbyname
Inet_addr
Recv
Send
WSAStartup
Gethostname
Socket
WSACleanup
Listen
ShellExecuteA
ShellExecuteExA
DnsQuery_A
DnsQueryEx
WNetOpenEnumA
FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
InternetConnectA
InternetSetOptionA
WSASocketA
Closesocket
CreateToolhelp32Snapshot
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetTickCount
OutputDebugStringA
CheckRemoteDebuggerPresent
Sleep
GetSystemTime
GetComputerNameA
SleepEx
IsDebuggerPresent
GetUserNameA
NtQueryInformationProcess
ExitWindowsEx
FindWindowA
FindWindowExA
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetNativeSystemInfo
RtlGetVersion
CryptAcquireContextA
EncryptFileA
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptHashData
CryptDeriveKey
CryptSetKeyParam
CryptGetHashParam
CryptSetKeyParam
CryptDestroyKey
CryptGenRandom
DecryptFileA
FlushEfsCache
GetLogicalDrives
GetDriveTypeA
ConnectNamedPipe
CopyFileA
CreateFileA
CreateMutexA
CreateMutexExA
DeviceIoControl
FindResourceA
FindResourceExA
GetModuleBaseNameA
GetModuleFileNameA
GetModuleFileNameExA
GetTempPathA
IsWoW64Process
MoveFileA
MoveFileExA
PeekNamedPipe
WriteFile
TerminateThread
CopyFile2
CopyFileExA
CreateFile2
GetTempFileNameA
TerminateProcess
SetCurrentDirectory
FindClose
SetThreadPriority
UnmapViewOfFile
ControlService
ControlServiceExA
CreateServiceA
DeleteService
OpenSCManagerA
OpenServiceA
RegOpenKeyA
RegOpenKeyExA
StartServiceA
StartServiceCtrlDispatcherA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegSetKeyValueA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegGetValueA
RegFlushKey
RegGetKeySecurity
RegLoadKeyA
RegLoadMUIStringA
RegOpenCurrentUser
RegOpenKeyTransactedA
RegOpenUserClassesRoot
RegOverridePredefKey
RegReplaceKeyA
RegRestoreKeyA
RegSaveKeyA
RegSaveKeyExA
RegSetKeySecurity
RegUnLoadKeyA
RegConnectRegistryA
RegCopyTreeA
RegCreateKeyTransactedA
RegDeleteKeyA
RegDeleteKeyExA
RegDeleteKeyTransactedA
RegDeleteKeyValueA
RegDeleteTreeA
RegDeleteValueA
RegCloseKey
NtClose
NtCreateFile
NtDeleteKey
NtDeleteValueKey
NtMakeTemporaryObject
NtSetContextThread
NtSetInformationProcess
NtSetInformationThread
NtSetSystemEnvironmentValueEx
NtSetValueKey
NtShutdownSystem
NtTerminateProcess
NtTerminateThread
RtlSetProcessIsCritical
DrawTextExA
GetDesktopWindow
SetClipboardData
SetWindowLongA
SetWindowLongPtrA
OpenClipboard
SetForegroundWindow
BringWindowToTop
SetFocus
ShowWindow
NetShareSetInfo
NetShareAdd
NtQueryTimer
GetIpNetTable
GetLogicalDrives
GetDriveTypeA
CreatePipe
RegEnumKeyA
WNetOpenEnumA
WNetEnumResourceA
WNetAddConnection2A
CallWindowProcA
NtResumeProcess
lstrcatA
ImpersonateLoggedOnUser
SetThreadToken