Windows
Analysis Report
cr0wdik.exe
Overview
General Information
Sample name: | cr0wdik.exe |
Analysis ID: | 1431502 |
MD5: | 5524a506c0c49d3df2570808a38c3895 |
SHA1: | 576011c0810f286b8945aaae9cd8656b75268bf6 |
SHA256: | 7f51b7de954a8b4c25429c584ea282b9b6d7321a9032e4524f7c7ac38776dfcc |
Errors
|
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Binary string: |
Source: | Classification label: |
Source: | Static PE information: |
Source: | String found in binary or memory: |
Source: | Static file information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 2 Command and Scripting Interpreter | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | HEUR/AGEN.1320513 |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
false |
| unknown | ||
false | high | |||
false |
| unknown |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1431502 |
Start date and time: | 2024-04-25 10:54:42 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 11m 49s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 0 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Sample name: | cr0wdik.exe |
Detection: | MAL |
Classification: | mal48.winEXE@0/0@0/0 |
Cookbook Comments: |
|
- No process behavior to analyse as no analysis process or sample was found
- Max analysis timeout: 600s exceeded, the analysis took too long
File type: | |
Entropy (8bit): | 0.025967928040329075 |
TrID: |
|
File name: | cr0wdik.exe |
File size: | 800'000'000 bytes |
MD5: | 5524a506c0c49d3df2570808a38c3895 |
SHA1: | 576011c0810f286b8945aaae9cd8656b75268bf6 |
SHA256: | 7f51b7de954a8b4c25429c584ea282b9b6d7321a9032e4524f7c7ac38776dfcc |
SHA512: | 845cf6700361e9a579f01afa4fc085f8b4c6ca6005549117e5a3830448dbfdb0f2385efcc762eaf568fcd2520f39c700582a58bd06c1e9eb49176e402885ea66 |
SSDEEP: | |
TLSH: | |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$..........W.............A..................................y............A.......A..........8...........................Rich........... |
Entrypoint: | 0x484599 |
Entrypoint Section: | .text |
Digitally signed: | true |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x61CBE252 [Wed Dec 29 04:21:38 2021 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 0 |
File Version Major: | 5 |
File Version Minor: | 0 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 0 |
Import Hash: | 589d5431ef7b1cc3537e4bce607e5a48 |
Signature Valid: | |
Signature Issuer: | |
Signature Validation Error: | |
Error Number: | |
Not Before, Not After | |
Subject Chain | |
Version: | |
Thumbprint MD5: | |
Thumbprint SHA-1: | |
Thumbprint SHA-256: | |
Serial: |
Instruction |
---|
call 00007FEDC91BDD6Ah |
jmp 00007FEDC91ADCFEh |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
int3 |
mov edx, dword ptr [esp+0Ch] |
mov ecx, dword ptr [esp+04h] |
test edx, edx |
je 00007FEDC91ADEEBh |
xor eax, eax |
mov al, byte ptr [esp+08h] |
test al, al |
jne 00007FEDC91ADE98h |
cmp edx, 00000100h |
jc 00007FEDC91ADE90h |
cmp dword ptr [004D29ECh], 00000000h |
je 00007FEDC91ADE87h |
jmp 00007FEDC91BDE19h |
push edi |
mov edi, ecx |
cmp edx, 04h |
jc 00007FEDC91ADEB3h |
neg ecx |
and ecx, 03h |
je 00007FEDC91ADE8Eh |
sub edx, ecx |
mov byte ptr [edi], al |
add edi, 01h |
sub ecx, 01h |
jne 00007FEDC91ADE78h |
mov ecx, eax |
shl eax, 08h |
add eax, ecx |
mov ecx, eax |
shl eax, 10h |
add eax, ecx |
mov ecx, edx |
and edx, 03h |
shr ecx, 02h |
je 00007FEDC91ADE88h |
rep stosd |
test edx, edx |
je 00007FEDC91ADE8Ch |
mov byte ptr [edi], al |
add edi, 01h |
sub edx, 01h |
jne 00007FEDC91ADE78h |
mov eax, dword ptr [esp+08h] |
pop edi |
ret |
mov eax, dword ptr [esp+04h] |
ret |
int3 |
int3 |
push 00484690h |
push dword ptr fs:[00000000h] |
mov eax, dword ptr [esp+10h] |
mov dword ptr [esp+10h], ebp |
lea ebp, dword ptr [esp+10h] |
sub esp, eax |
push ebx |
push esi |
push edi |
mov eax, dword ptr [004C9614h] |
xor dword ptr [ebp-04h], eax |
xor eax, ebp |
push eax |
mov dword ptr [ebp-18h], esp |
push dword ptr [ebp-08h] |
mov eax, dword ptr [ebp-04h] |
mov dword ptr [ebp-04h], 000000FEh |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc5b3c | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x718dc | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x13de00 | 0x2c30 | .rsrc |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xdf000 | 0x8390 | .rsrc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xa7b80 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb7ff0 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0xa7000 | 0x7f0 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0xa6000 | 0xa5c00 | cfa501fcee61a4f54cd2bd96af7caeb4 | False | 0.5107407145550528 | data | 6.725976260581619 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0xa7000 | 0x22000 | 0x21800 | 62a03995eb91942b1ce36066c931dab6 | False | 0.3590616254664179 | data | 5.060022858539004 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xc9000 | 0xb000 | 0x4c00 | 6164a2ab25e1d08b6fe7876af9635b55 | False | 0.2515933388157895 | data | 4.46748708080796 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x718dc | 0x71a00 | 510d68410186ff585e0b84769cf4b3a7 | False | 0.5334738551980198 | data | 6.900584843089922 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_BITMAP | 0xd44bc | 0xbe36 | PC bitmap, Windows 3.x format, 6244 x 2 x 41, image size 49121, cbSize 48694, bits offset 54 | 0.704542654125765 | ||
RT_ICON | 0xe02f4 | 0xacb8 | PC bitmap, Windows 3.x format, 5810 x 2 x 53, image size 44297, cbSize 44216, bits offset 54 | 0.5052695856703455 | ||
RT_ICON | 0xeafac | 0x78b5 | PC bitmap, Windows 3.x format, 4675 x 2 x 39, image size 31020, cbSize 30901, bits offset 54 | 0.46985534448723343 | ||
RT_ICON | 0xf2864 | 0x7ae2 | PC bitmap, Windows 3.x format, 4330 x 2 x 42, image size 31607, cbSize 31458, bits offset 54 | 0.538177887977621 | ||
RT_ICON | 0xfa348 | 0x40fa6 | PC bitmap, Windows 3.x format, 33791 x 2 x 45, image size 266630, cbSize 266150, bits offset 54 | 0.5021491640052602 | ||
RT_ICON | 0x13b2f0 | 0x4aab | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | English | United States | 0.9882291394193042 |
RT_ICON | 0x13fd9c | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9600 | English | United States | 0.27188796680497923 |
RT_ICON | 0x142344 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4224 | English | United States | 0.3395872420262664 |
RT_ICON | 0x1433ec | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1088 | English | United States | 0.3395390070921986 |
RT_ICON | 0x143854 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | United States | 0.3599290780141844 |
RT_ICON | 0x143cbc | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | United States | 0.4842057761732852 |
RT_ACCELERATOR | 0x144564 | 0x8 | data | English | United States | 2.0 |
RT_RCDATA | 0x14456c | 0x80 | data | English | United States | 1.0859375 |
RT_GROUP_ICON | 0x1445ec | 0x3e | data | English | United States | 0.8064516129032258 |
RT_GROUP_ICON | 0x14462c | 0x14 | data | English | United States | 1.25 |
RT_GROUP_ICON | 0x144640 | 0x14 | data | English | United States | 1.25 |
RT_VERSION | 0x144654 | 0x338 | data | Chinese | Taiwan | 0.45145631067961167 |
RT_VERSION | 0x14498c | 0x338 | data | English | United States | 0.45145631067961167 |
RT_VERSION | 0x144cc4 | 0x338 | data | Portuguese | Brazil | 0.45145631067961167 |
RT_VERSION | 0x144ffc | 0x338 | data | Turkish | Turkey | 0.4526699029126214 |
RT_VERSION | 0x145334 | 0x338 | data | Chinese | China | 0.45145631067961167 |
RT_MANIFEST | 0x14566c | 0x26e | ASCII text, with CRLF line terminators | English | United States | 0.5176848874598071 |
DLL | Import |
---|---|
KERNEL32.dll | FindNextVolumeW, FindVolumeClose, GetFileAttributesW, CreateThread, ExitProcess, GetProcessTimes, CompareFileTime, GetLongPathNameW, GetDiskFreeSpaceExW, GetTempFileNameW, SetFilePointer, HeapAlloc, HeapFree, GetProcessHeap, WriteFile, TerminateProcess, OpenMutexW, LoadLibraryA, DeviceIoControl, ReleaseMutex, SystemTimeToFileTime, FileTimeToSystemTime, GetModuleHandleA, HeapWalk, HeapLock, OpenThread, HeapUnlock, OutputDebugStringW, GetFileSizeEx, SetFilePointerEx, LocalFileTimeToFileTime, lstrcmpiA, GetTimeZoneInformation, SetEnvironmentVariableA, CompareStringW, QueryDosDeviceW, CreateFileA, SetStdHandle, WriteConsoleW, GetConsoleOutputCP, WriteConsoleA, GetLocaleInfoW, InitializeCriticalSectionAndSpinCount, QueryPerformanceCounter, GetEnvironmentStringsW, FreeEnvironmentStringsW, IsValidLocale, EnumSystemLocalesA, GetLocaleInfoA, GetUserDefaultLCID, GetStringTypeA, FlushFileBuffers, GetConsoleMode, FreeResource, FindFirstVolumeW, GetFileType, SetHandleCount, GetDateFormatA, GetTimeFormatA, HeapCreate, GetModuleFileNameA, GetStdHandle, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, IsValidCodePage, GetOEMCP, GetACP, GetStringTypeW, LCMapStringW, LCMapStringA, RtlUnwind, GetStartupInfoW, GetCPInfo, GetSystemTimeAsFileTime, ExitThread, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, lstrlenA, VirtualAlloc, VirtualFree, IsProcessorFeaturePresent, HeapSize, HeapReAlloc, HeapDestroy, FindNextFileW, FindClose, FindFirstFileW, GetShortPathNameW, CompareStringA, GetVolumePathNamesForVolumeNameW, GetSystemWindowsDirectoryW, SetLastError, CreateProcessW, SizeofResource, GlobalFree, CreateMutexW, GetLastError, GetTickCount, InitializeCriticalSection, DeleteCriticalSection, GetSystemInfo, FreeConsole, GetCurrentProcessId, LoadLibraryExW, Sleep, InterlockedCompareExchange, InterlockedExchange, GetTempPathW, ReadFile, CreateFileW, GetDriveTypeW, GetModuleFileNameW, GetWindowsDirectoryW, GetFileAttributesExW, MultiByteToWideChar, GetUserDefaultUILanguage, SetCurrentDirectoryW, MulDiv, GetPrivateProfileStringW, lstrcpyW, GetCurrentThreadId, FlushInstructionCache, GetModuleHandleW, GetVersion, GetVersionExW, InterlockedDecrement, TerminateThread, lstrcmpW, GlobalAlloc, GlobalLock, GlobalUnlock, SetErrorMode, lstrcmpiW, lstrlenW, OpenProcess, CreateEventW, SetEnvironmentVariableW, GetSystemDirectoryW, GetCommandLineW, ExpandEnvironmentStringsW, DeleteFileW, GetFileSize, InterlockedIncrement, RaiseException, GetStartupInfoA, ProcessIdToSessionId, GetConsoleCP, EnterCriticalSection, FreeLibrary, LeaveCriticalSection, GetProcAddress, LoadLibraryW, CloseHandle, WaitForSingleObject, GetCurrentProcess, WideCharToMultiByte, FindResourceExW, FindResourceW, LoadResource, LockResource, lstrcmpA |
USER32.dll | PostMessageW, FindWindowW, SetFocus, SetWindowPos, SendMessageW, UnregisterClassA, GetParent, EnableWindow, IsWindow, ClientToScreen, CreateAcceleratorTableW, RedrawWindow, GetSysColor, GetClassNameW, GetDlgItem, GetFocus, IsChild, EndPaint, BeginPaint, GetWindowTextW, GetWindowTextLengthW, TranslateAcceleratorW, LoadAcceleratorsW, RegisterClipboardFormatW, OpenClipboard, EmptyClipboard, SetClipboardData, CloseClipboard, InflateRect, InternalGetWindowText, OpenDesktopW, GetThreadDesktop, EnumWindows, CloseDesktop, OpenWindowStationW, MoveWindow, SetCapture, RegisterWindowMessageW, SetWindowLongW, FindWindowExW, CallWindowProcW, GetWindowLongW, GetProcessWindowStation, SetProcessWindowStation, CloseWindowStation, EnumDesktopsW, GetDC, ReleaseDC, GetMonitorInfoW, AllowSetForegroundWindow, GetForegroundWindow, GetWindowThreadProcessId, AttachThreadInput, SetForegroundWindow, SetActiveWindow, GetKeyboardState, keybd_event, GetWindowRect, GetDesktopWindow, LoadIconW, InvalidateRect, GetActiveWindow, WaitForInputIdle, DestroyIcon, CopyRect, DrawIconEx, SetTimer, KillTimer, ShowWindow, GetClientRect, IsDialogMessageW, IsRectEmpty, OffsetRect, IsWindowVisible, MapWindowPoints, MonitorFromWindow, GetWindow, SetWindowTextW, LoadCursorW, RegisterClassExW, GetClassInfoExW, DefWindowProcW, DestroyWindow, GetMessageW, TranslateMessage, DispatchMessageW, CreateWindowExW, DrawTextW, PtInRect, GetMessagePos, ScreenToClient, SetRectEmpty, SetRect, SetCursor, GetWindowDC, GetClassLongW, SetClassLongW, EnumWindowStationsW, CharNextW, PeekMessageW, DestroyAcceleratorTable, InvalidateRgn, LoadImageW, GetSystemMetrics, SystemParametersInfoW, LoadStringW, SendMessageTimeoutW, FillRect, ReleaseCapture |
GDI32.dll | GetStockObject, GetPixel, CreateCompatibleBitmap, CreateCompatibleDC, DeleteDC, CreateFontW, GetTextExtentPoint32W, SetViewportOrgEx, GetTextMetricsW, SelectObject, GetObjectW, GetObjectA, GetDeviceCaps, BitBlt, CreateSolidBrush, DeleteObject |
COMDLG32.dll | GetOpenFileNameW, GetSaveFileNameW |
ADVAPI32.dll | RegCreateKeyExW, GetTokenInformation, OpenProcessToken, RegSetValueExW, RegCloseKey, RegQueryValueExW, RegOpenKeyExW, RegDeleteKeyW, RegQueryInfoKeyW, RegEnumKeyExW, RegDeleteValueW, RegQueryValueExA, RegEnumKeyExA, RegOpenKeyExA |
SHELL32.dll | SHGetSpecialFolderPathW, ExtractIconExW, SHGetPathFromIDListW, ShellExecuteW, SHGetFileInfoW, SHGetDesktopFolder, SHGetFolderPathW, SHFileOperationW, SHGetSpecialFolderLocation |
ole32.dll | CLSIDFromString, CLSIDFromProgID, CoGetClassObject, CreateStreamOnHGlobal, OleLockRunning, StringFromGUID2, OleUninitialize, OleInitialize, CoCreateInstance, CoTaskMemRealloc, CoTaskMemFree, CoTaskMemAlloc, CoInitialize, CoUninitialize |
OLEAUT32.dll | SysFreeString, SysAllocString, VariantClear, SafeArrayGetVartype, SafeArrayCopy, VariantCopy, VariantInit, SafeArrayGetLBound, SafeArrayGetUBound, SysAllocStringLen, LoadTypeLib, LoadRegTypeLib, SysStringLen, OleCreateFontIndirect, VarUI4FromStr, VarBstrCmp, SafeArrayUnlock, SafeArrayLock, SafeArrayDestroy, SafeArrayCreate, DispCallFunc |
SHLWAPI.dll | PathCompactPathW, StrCmpNIW, PathIsDirectoryW, StrStrIW, PathRemoveFileSpecW, PathFileExistsW, PathAppendW, SHGetValueW, PathCombineW, StrCmpIW, PathFindExtensionW, StrCmpNW, StrChrW, PathMatchSpecW, PathIsFileSpecW, PathIsRootW, wnsprintfW, SHGetValueA, PathIsRelativeW, SHSetValueW, ColorHLSToRGB, ColorRGBToHLS, PathFindFileNameW, SHSetValueA |
COMCTL32.dll | InitCommonControlsEx |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
gdiplus.dll | GdipSetPathGradientCenterColor, GdipCreatePathGradientFromPath, GdipSetPathGradientSurroundColorsWithCount, GdipGetPathGradientPointCount, GdipAddPathEllipseI, GdipDrawLine, GdipDrawImageRectRectI, GdipNewPrivateFontCollection, GdipDeletePrivateFontCollection, GdipCreateFromHWND, GdipGetFontHeight, GdipResetClip, GdipPrivateAddMemoryFont, GdipTranslateWorldTransform, GdipAddPathPie, GdipSetPathGradientCenterPoint, GdipSetInterpolationMode, GdipSaveImageToFile, GdipGetImageEncoders, GdipAddPathLine, GdipSetClipRectI, GdipSetTextRenderingHint, GdipCreateBitmapFromFile, GdipGetImageEncodersSize, GdipSetPathGradientGammaCorrection, GdipGetPathWorldBoundsI, GdipAddPathLine2, GdipCreateBitmapFromStream, GdipAddPathArc, GdipGetFontCollectionFamilyList, GdipCloneFontFamily, GdipDeleteFontFamily, GdipSetLinePresetBlend, GdipCreatePen2, GdipDrawRectangleI, GdipCreateLineBrushFromRect, GdipAddPathRectangleI, GdipGetPixelOffsetMode, GdipSetPenWidth, GdipDrawEllipseI, GdipSetPenDashOffset, GdipAddPathLineI, GdipSetPixelOffsetMode, GdipDrawImageRectI, GdipGetImageGraphicsContext, GdipGetImagePixelFormat, GdipDisposeImage, GdipCloneImage, GdipCreateBitmapFromScan0, GdipBitmapSetPixel, GdipBitmapGetPixel, GdipGetImageHeight, GdipGetImageWidth, GdipDrawPath, GdipFillPath, GdipGetSmoothingMode, GdipDeletePath, GdipCreatePath, GdipFillRectangleI, GdipCreateLineBrushFromRectI, GdipClosePathFigure, GdipAddPathArcI, GdipResetPath, GdipDrawString, GdipCloneBrush, GdipAlloc, GdipFree, GdipDeleteBrush, GdipCreateSolidFill, GdipFillRectangle, GdipMeasureString, GdipSetStringFormatAlign, GdipSetStringFormatLineAlign, GdipDeleteStringFormat, GdipCreateStringFormat, GdipDeleteFont, GdipCreateFontFromLogfontA, GdipCreateFontFromDC, GdipDrawRectangle, GdipDrawLineI, GdipSetPenDashStyle, GdipDeletePen, GdipCreatePen1, GdipDeleteGraphics, GdipCreateFromHDC, GdipDrawImagePointRectI, GdipResetWorldTransform, GdipCreateFont, GdipRotateWorldTransform, GdipSetSmoothingMode |
IMM32.dll | ImmDisableIME |
RPCRT4.dll | RpcStringFreeW, RpcAsyncCompleteCall, RpcBindingFromStringBindingW, RpcStringBindingComposeW, RpcAsyncInitializeHandle, RpcBindingFree, NdrAsyncClientCall |
WINTRUST.dll | WTHelperProvDataFromStateData, WinVerifyTrust |
CRYPT32.dll | CertGetNameStringW |
WTSAPI32.dll | WTSQuerySessionInformationW |
USERENV.dll | GetUserProfileDirectoryW |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States | |
Chinese | Taiwan | |
Portuguese | Brazil | |
Turkish | Turkey | |
Chinese | China |