ScreenShot
| Created | 2021.04.07 09:26 | Machine | s1_win7_x6402 |
| Filename | countryyelow.php | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 15 detected (Malicious, score, Artemis, Save, confidence, Undefined, CLOUD, Generic PUA BA, Emotet, kcloud) | ||
| md5 | 7df0611cd75fa4c02b29070728c37247 | ||
| sha256 | ac17e1f54b9f800d874e1d012e541fc037bd1a31ee3e8f631a454f2d1de6ada1 | ||
| ssdeep | 12288:9SeIHklNAPLJNfQPJt7TQJK7FvEVxw0xxteW:AklUjfQHDezxxtx | ||
| imphash | 2a7c1d4e219ead32f5cb5e583004dd0b | ||
| impfuzzy | 192:ehHjsJdzF3WhUp4LMMkZwgUMVs6GxoPcRcvc7jLH:QiJ3WU4LXkb5PEy0 | ||
Network IP location
Signature (18cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| watch | Communicates with host for which no DNS query was performed |
| watch | File has been identified by 15 AntiVirus engines on VirusTotal as malicious |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates hidden or system file |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (15cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check Signature Zero | binaries (upload) |
| info | PE_Header_Zero | PE File Signature Zero | binaries (upload) |
| info | HasDebugData | DebugData Check | binaries (upload) |
| info | HasOverlay | Overlay Check | binaries (upload) |
| info | HasRichSignature | Rich Signature Check | binaries (upload) |
| info | IsPacked | Entropy Check | binaries (upload) |
| info | IsWindowsGUI | (no description) | binaries (upload) |
| info | keylogger | Run a keylogger | binaries (upload) |
| info | screenshot | Take screenshot | binaries (upload) |
| info | win_files_operation | Affect private profile | binaries (upload) |
| info | win_private_profile | Affect private profile | binaries (upload) |
| info | win_registry | Affect system registries | binaries (upload) |
Network (6cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x10060aac TerminateProcess
0x10060ab0 CreateThread
0x10060ab4 ExitThread
0x10060ab8 GetTimeZoneInformation
0x10060abc GetSystemTime
0x10060ac0 GetLocalTime
0x10060ac4 HeapSize
0x10060ac8 HeapReAlloc
0x10060acc GetACP
0x10060ad0 SetHandleCount
0x10060ad4 GetStdHandle
0x10060ad8 GetFileType
0x10060adc GetStartupInfoA
0x10060ae0 FreeEnvironmentStringsA
0x10060ae4 FreeEnvironmentStringsW
0x10060ae8 GetEnvironmentStrings
0x10060aec GetEnvironmentStringsW
0x10060af0 HeapDestroy
0x10060af4 HeapCreate
0x10060af8 VirtualFree
0x10060afc FatalAppExitA
0x10060b00 LCMapStringA
0x10060b04 LCMapStringW
0x10060b08 HeapFree
0x10060b0c VirtualAlloc
0x10060b10 IsBadWritePtr
0x10060b14 GetStringTypeA
0x10060b18 GetStringTypeW
0x10060b1c UnhandledExceptionFilter
0x10060b20 Sleep
0x10060b24 IsBadReadPtr
0x10060b28 IsBadCodePtr
0x10060b2c IsValidLocale
0x10060b30 IsValidCodePage
0x10060b34 GetLocaleInfoA
0x10060b38 EnumSystemLocalesA
0x10060b3c GetUserDefaultLCID
0x10060b40 GetVersionExA
0x10060b44 SetConsoleCtrlHandler
0x10060b48 SetStdHandle
0x10060b4c CompareStringA
0x10060b50 CompareStringW
0x10060b54 SetEnvironmentVariableA
0x10060b58 GetLocaleInfoW
0x10060b5c HeapAlloc
0x10060b60 GetProfileStringA
0x10060b64 InterlockedExchange
0x10060b68 RaiseException
0x10060b6c GetCommandLineA
0x10060b70 RtlUnwind
0x10060b74 SetFileAttributesA
0x10060b78 SetFileTime
0x10060b7c SystemTimeToFileTime
0x10060b80 LocalFileTimeToFileTime
0x10060b84 GetFileTime
0x10060b88 GetFileSize
0x10060b8c GetFileAttributesA
0x10060b90 GetShortPathNameA
0x10060b94 GetStringTypeExA
0x10060b98 GetFullPathNameA
0x10060b9c GetVolumeInformationA
0x10060ba0 FindFirstFileA
0x10060ba4 FindClose
0x10060ba8 DeleteFileA
0x10060bac MoveFileA
0x10060bb0 SetEndOfFile
0x10060bb4 UnlockFile
0x10060bb8 LockFile
0x10060bbc FlushFileBuffers
0x10060bc0 SetFilePointer
0x10060bc4 ReadFile
0x10060bc8 GetCurrentProcess
0x10060bcc DuplicateHandle
0x10060bd0 SetErrorMode
0x10060bd4 GetTickCount
0x10060bd8 SizeofResource
0x10060bdc GetCurrentDirectoryA
0x10060be0 WritePrivateProfileStringA
0x10060be4 GetPrivateProfileStringA
0x10060be8 GetPrivateProfileIntA
0x10060bec GetOEMCP
0x10060bf0 GetCPInfo
0x10060bf4 GetProcessVersion
0x10060bf8 GlobalFlags
0x10060bfc TlsGetValue
0x10060c00 LocalReAlloc
0x10060c04 TlsSetValue
0x10060c08 GlobalReAlloc
0x10060c0c TlsFree
0x10060c10 GlobalHandle
0x10060c14 TlsAlloc
0x10060c18 GetLastError
0x10060c1c FileTimeToLocalFileTime
0x10060c20 FileTimeToSystemTime
0x10060c24 CopyFileA
0x10060c28 GlobalSize
0x10060c2c FormatMessageA
0x10060c30 LocalFree
0x10060c34 lstrlenW
0x10060c38 EnterCriticalSection
0x10060c3c LeaveCriticalSection
0x10060c40 DeleteCriticalSection
0x10060c44 InitializeCriticalSection
0x10060c48 lstrcpynA
0x10060c4c MulDiv
0x10060c50 SetLastError
0x10060c54 GlobalUnlock
0x10060c58 CreateEventA
0x10060c5c SuspendThread
0x10060c60 SetThreadPriority
0x10060c64 ResumeThread
0x10060c68 SetEvent
0x10060c6c WaitForSingleObject
0x10060c70 GetModuleFileNameA
0x10060c74 GlobalLock
0x10060c78 lstrcmpA
0x10060c7c GetCurrentThread
0x10060c80 GetThreadLocale
0x10060c84 LoadLibraryA
0x10060c88 FreeLibrary
0x10060c8c FindResourceA
0x10060c90 LoadResource
0x10060c94 LockResource
0x10060c98 GetVersion
0x10060c9c lstrcatA
0x10060ca0 GetCurrentThreadId
0x10060ca4 GlobalGetAtomNameA
0x10060ca8 lstrcmpiA
0x10060cac GlobalAddAtomA
0x10060cb0 GlobalFindAtomA
0x10060cb4 GlobalDeleteAtom
0x10060cb8 lstrcpyA
0x10060cbc GetModuleHandleA
0x10060cc0 MultiByteToWideChar
0x10060cc4 WideCharToMultiByte
0x10060cc8 lstrlenA
0x10060ccc InterlockedDecrement
0x10060cd0 InterlockedIncrement
0x10060cd4 LocalAlloc
0x10060cd8 GlobalAlloc
0x10060cdc CreateFileA
0x10060ce0 WriteFile
0x10060ce4 CloseHandle
0x10060ce8 GlobalFree
0x10060cec ExitProcess
0x10060cf0 LoadLibraryW
0x10060cf4 SetUnhandledExceptionFilter
0x10060cf8 GetProcAddress
USER32.dll
0x10060db0 SetCapture
0x10060db4 ReleaseCapture
0x10060db8 WaitMessage
0x10060dbc GetWindowThreadProcessId
0x10060dc0 WindowFromPoint
0x10060dc4 DeleteMenu
0x10060dc8 GetDialogBaseUnits
0x10060dcc GetNextDlgGroupItem
0x10060dd0 MessageBeep
0x10060dd4 InflateRect
0x10060dd8 RegisterClipboardFormatA
0x10060ddc SetRectEmpty
0x10060de0 LoadAcceleratorsA
0x10060de4 TranslateAcceleratorA
0x10060de8 LoadMenuA
0x10060dec SetMenu
0x10060df0 ReuseDDElParam
0x10060df4 UnpackDDElParam
0x10060df8 InvalidateRect
0x10060dfc BringWindowToTop
0x10060e00 CharUpperA
0x10060e04 PostThreadMessageA
0x10060e08 DestroyIcon
0x10060e0c SetWindowTextA
0x10060e10 IsDialogMessageA
0x10060e14 ScrollWindowEx
0x10060e18 IsDlgButtonChecked
0x10060e1c SetDlgItemTextA
0x10060e20 SetDlgItemInt
0x10060e24 GetDlgItemTextA
0x10060e28 GetDlgItemInt
0x10060e2c CheckRadioButton
0x10060e30 CheckDlgButton
0x10060e34 PostMessageA
0x10060e38 UpdateWindow
0x10060e3c SendDlgItemMessageA
0x10060e40 MapWindowPoints
0x10060e44 GetSysColor
0x10060e48 PeekMessageA
0x10060e4c DispatchMessageA
0x10060e50 GetFocus
0x10060e54 SetActiveWindow
0x10060e58 IsWindow
0x10060e5c SetFocus
0x10060e60 AdjustWindowRectEx
0x10060e64 ScreenToClient
0x10060e68 EqualRect
0x10060e6c DeferWindowPos
0x10060e70 BeginDeferWindowPos
0x10060e74 CopyRect
0x10060e78 EndDeferWindowPos
0x10060e7c IsWindowVisible
0x10060e80 ScrollWindow
0x10060e84 GetScrollInfo
0x10060e88 SetScrollInfo
0x10060e8c ShowScrollBar
0x10060e90 GetScrollRange
0x10060e94 SetScrollRange
0x10060e98 GetScrollPos
0x10060e9c SetScrollPos
0x10060ea0 GetTopWindow
0x10060ea4 MessageBoxA
0x10060ea8 IsChild
0x10060eac SetRect
0x10060eb0 GetCapture
0x10060eb4 GetMenuStringA
0x10060eb8 wsprintfA
0x10060ebc GetClassInfoA
0x10060ec0 RegisterClassA
0x10060ec4 GetMenu
0x10060ec8 GetMenuItemCount
0x10060ecc GetSubMenu
0x10060ed0 GetMenuItemID
0x10060ed4 TrackPopupMenu
0x10060ed8 SetWindowPlacement
0x10060edc GetDlgItem
0x10060ee0 GetWindowTextLengthA
0x10060ee4 GetWindowTextA
0x10060ee8 GetDlgCtrlID
0x10060eec GetKeyState
0x10060ef0 DefWindowProcA
0x10060ef4 DestroyWindow
0x10060ef8 GetClassNameA
0x10060efc SetWindowsHookExA
0x10060f00 CallNextHookEx
0x10060f04 GetClassLongA
0x10060f08 SetPropA
0x10060f0c UnhookWindowsHookEx
0x10060f10 GetPropA
0x10060f14 CallWindowProcA
0x10060f18 RemovePropA
0x10060f1c GetMessageTime
0x10060f20 GetMessagePos
0x10060f24 GetLastActivePopup
0x10060f28 GetForegroundWindow
0x10060f2c SetForegroundWindow
0x10060f30 GetWindow
0x10060f34 GetWindowLongA
0x10060f38 SetWindowLongA
0x10060f3c SetWindowPos
0x10060f40 RegisterWindowMessageA
0x10060f44 OffsetRect
0x10060f48 IntersectRect
0x10060f4c SystemParametersInfoA
0x10060f50 GetWindowPlacement
0x10060f54 GetWindowRect
0x10060f58 OemToCharA
0x10060f5c CharToOemA
0x10060f60 EnableWindow
0x10060f64 HideCaret
0x10060f68 ShowCaret
0x10060f6c ExcludeUpdateRgn
0x10060f70 DrawFocusRect
0x10060f74 DefDlgProcA
0x10060f78 IsWindowUnicode
0x10060f7c LoadIconA
0x10060f80 KillTimer
0x10060f84 SetTimer
0x10060f88 IsClipboardFormatAvailable
0x10060f8c GetClipboardData
0x10060f90 GetDC
0x10060f94 OpenClipboard
0x10060f98 EmptyClipboard
0x10060f9c SetClipboardData
0x10060fa0 CloseClipboard
0x10060fa4 IsIconic
0x10060fa8 GetSystemMetrics
0x10060fac GetClientRect
0x10060fb0 DrawIcon
0x10060fb4 CopyAcceleratorTableA
0x10060fb8 GetSysColorBrush
0x10060fbc LoadCursorA
0x10060fc0 GetDesktopWindow
0x10060fc4 GetParent
0x10060fc8 PtInRect
0x10060fcc GetSystemMenu
0x10060fd0 AppendMenuA
0x10060fd4 SendMessageA
0x10060fd8 InsertMenuA
0x10060fdc GrayStringA
0x10060fe0 DrawTextA
0x10060fe4 TabbedTextOutA
0x10060fe8 EndPaint
0x10060fec BeginPaint
0x10060ff0 GetWindowDC
0x10060ff4 ReleaseDC
0x10060ff8 ClientToScreen
0x10060ffc DestroyMenu
0x10061000 LoadStringA
0x10061004 wvsprintfA
0x10061008 MapDialogRect
0x1006100c SetWindowContextHelpId
0x10061010 EndDialog
0x10061014 CreateDialogIndirectParamA
0x10061018 GetMessageA
0x1006101c TranslateMessage
0x10061020 GetActiveWindow
0x10061024 ValidateRect
0x10061028 GetCursorPos
0x1006102c SetCursor
0x10061030 ShowOwnedPopups
0x10061034 PostQuitMessage
0x10061038 CharNextA
0x1006103c GetMenuCheckMarkDimensions
0x10061040 LoadBitmapA
0x10061044 MoveWindow
0x10061048 ModifyMenuA
0x1006104c SetMenuItemBitmaps
0x10061050 CheckMenuItem
0x10061054 EnableMenuItem
0x10061058 GetNextDlgTabItem
0x1006105c IsWindowEnabled
0x10061060 CreateWindowExA
0x10061064 RemoveMenu
0x10061068 WinHelpA
0x1006106c ShowWindow
0x10061070 GetMenuState
GDI32.dll
0x10060950 DeleteDC
0x10060954 StartDocA
0x10060958 SaveDC
0x1006095c RestoreDC
0x10060960 SelectPalette
0x10060964 SetBkMode
0x10060968 SetPolyFillMode
0x1006096c SetROP2
0x10060970 SetStretchBltMode
0x10060974 SetMapMode
0x10060978 SetViewportOrgEx
0x1006097c OffsetViewportOrgEx
0x10060980 SetViewportExtEx
0x10060984 ScaleViewportExtEx
0x10060988 SetWindowOrgEx
0x1006098c OffsetWindowOrgEx
0x10060990 SetWindowExtEx
0x10060994 ScaleWindowExtEx
0x10060998 SelectClipRgn
0x1006099c ExcludeClipRect
0x100609a0 IntersectClipRect
0x100609a4 OffsetClipRgn
0x100609a8 MoveToEx
0x100609ac LineTo
0x100609b0 SetTextAlign
0x100609b4 SetTextJustification
0x100609b8 SetTextCharacterExtra
0x100609bc SetMapperFlags
0x100609c0 GetCurrentPositionEx
0x100609c4 ArcTo
0x100609c8 SetArcDirection
0x100609cc PolyDraw
0x100609d0 PolylineTo
0x100609d4 SetColorAdjustment
0x100609d8 GetStockObject
0x100609dc DeleteObject
0x100609e0 GetClipRgn
0x100609e4 CreateRectRgn
0x100609e8 SelectClipPath
0x100609ec ExtSelectClipRgn
0x100609f0 PlayMetaFileRecord
0x100609f4 GetObjectType
0x100609f8 EnumMetaFile
0x100609fc PlayMetaFile
0x10060a00 GetViewportExtEx
0x10060a04 GetWindowExtEx
0x10060a08 CreatePen
0x10060a0c ExtCreatePen
0x10060a10 CreateSolidBrush
0x10060a14 CreateHatchBrush
0x10060a18 CreatePatternBrush
0x10060a1c CreateDIBPatternBrushPt
0x10060a20 PtVisible
0x10060a24 RectVisible
0x10060a28 TextOutA
0x10060a2c ExtTextOutA
0x10060a30 Escape
0x10060a34 CopyMetaFileA
0x10060a38 CreateDCA
0x10060a3c DPtoLP
0x10060a40 LPtoDP
0x10060a44 GetTextExtentPoint32A
0x10060a48 GetTextMetricsA
0x10060a4c CreateFontIndirectA
0x10060a50 GetMapMode
0x10060a54 PatBlt
0x10060a58 SetRectRgn
0x10060a5c CombineRgn
0x10060a60 CreateRectRgnIndirect
0x10060a64 GetDeviceCaps
0x10060a68 GetBkColor
0x10060a6c GetTextColor
0x10060a70 CreateBitmap
0x10060a74 SetBkColor
0x10060a78 SetTextColor
0x10060a7c GetClipBox
0x10060a80 GetDCOrgEx
0x10060a84 GetDIBits
0x10060a88 CreateCompatibleBitmap
0x10060a8c CreateCompatibleDC
0x10060a90 SelectObject
0x10060a94 BitBlt
0x10060a98 PolyBezierTo
0x10060a9c CreateDIBitmap
0x10060aa0 GetTextExtentPointA
0x10060aa4 GetObjectA
comdlg32.dll
0x10061088 GetOpenFileNameA
0x1006108c GetSaveFileNameA
0x10061090 GetFileTitleA
WINSPOOL.DRV
0x10061078 ClosePrinter
0x1006107c DocumentPropertiesA
0x10061080 OpenPrinterA
ADVAPI32.dll
0x10060914 RegSetValueExA
0x10060918 RegCreateKeyA
0x1006091c RegEnumKeyA
0x10060920 RegQueryValueA
0x10060924 RegDeleteKeyA
0x10060928 RegDeleteValueA
0x1006092c RegCloseKey
0x10060930 RegQueryValueExA
0x10060934 RegOpenKeyExA
0x10060938 RegCreateKeyExA
0x1006093c RegOpenKeyA
0x10060940 RegSetValueA
SHELL32.dll
0x10060d98 SHGetFileInfoA
0x10060d9c DragQueryFileA
0x10060da0 DragFinish
0x10060da4 DragAcceptFiles
0x10060da8 ExtractIconA
COMCTL32.dll
0x10060948 None
EAT(Export Address Table) Library
0x10002209 StartW
KERNEL32.dll
0x10060aac TerminateProcess
0x10060ab0 CreateThread
0x10060ab4 ExitThread
0x10060ab8 GetTimeZoneInformation
0x10060abc GetSystemTime
0x10060ac0 GetLocalTime
0x10060ac4 HeapSize
0x10060ac8 HeapReAlloc
0x10060acc GetACP
0x10060ad0 SetHandleCount
0x10060ad4 GetStdHandle
0x10060ad8 GetFileType
0x10060adc GetStartupInfoA
0x10060ae0 FreeEnvironmentStringsA
0x10060ae4 FreeEnvironmentStringsW
0x10060ae8 GetEnvironmentStrings
0x10060aec GetEnvironmentStringsW
0x10060af0 HeapDestroy
0x10060af4 HeapCreate
0x10060af8 VirtualFree
0x10060afc FatalAppExitA
0x10060b00 LCMapStringA
0x10060b04 LCMapStringW
0x10060b08 HeapFree
0x10060b0c VirtualAlloc
0x10060b10 IsBadWritePtr
0x10060b14 GetStringTypeA
0x10060b18 GetStringTypeW
0x10060b1c UnhandledExceptionFilter
0x10060b20 Sleep
0x10060b24 IsBadReadPtr
0x10060b28 IsBadCodePtr
0x10060b2c IsValidLocale
0x10060b30 IsValidCodePage
0x10060b34 GetLocaleInfoA
0x10060b38 EnumSystemLocalesA
0x10060b3c GetUserDefaultLCID
0x10060b40 GetVersionExA
0x10060b44 SetConsoleCtrlHandler
0x10060b48 SetStdHandle
0x10060b4c CompareStringA
0x10060b50 CompareStringW
0x10060b54 SetEnvironmentVariableA
0x10060b58 GetLocaleInfoW
0x10060b5c HeapAlloc
0x10060b60 GetProfileStringA
0x10060b64 InterlockedExchange
0x10060b68 RaiseException
0x10060b6c GetCommandLineA
0x10060b70 RtlUnwind
0x10060b74 SetFileAttributesA
0x10060b78 SetFileTime
0x10060b7c SystemTimeToFileTime
0x10060b80 LocalFileTimeToFileTime
0x10060b84 GetFileTime
0x10060b88 GetFileSize
0x10060b8c GetFileAttributesA
0x10060b90 GetShortPathNameA
0x10060b94 GetStringTypeExA
0x10060b98 GetFullPathNameA
0x10060b9c GetVolumeInformationA
0x10060ba0 FindFirstFileA
0x10060ba4 FindClose
0x10060ba8 DeleteFileA
0x10060bac MoveFileA
0x10060bb0 SetEndOfFile
0x10060bb4 UnlockFile
0x10060bb8 LockFile
0x10060bbc FlushFileBuffers
0x10060bc0 SetFilePointer
0x10060bc4 ReadFile
0x10060bc8 GetCurrentProcess
0x10060bcc DuplicateHandle
0x10060bd0 SetErrorMode
0x10060bd4 GetTickCount
0x10060bd8 SizeofResource
0x10060bdc GetCurrentDirectoryA
0x10060be0 WritePrivateProfileStringA
0x10060be4 GetPrivateProfileStringA
0x10060be8 GetPrivateProfileIntA
0x10060bec GetOEMCP
0x10060bf0 GetCPInfo
0x10060bf4 GetProcessVersion
0x10060bf8 GlobalFlags
0x10060bfc TlsGetValue
0x10060c00 LocalReAlloc
0x10060c04 TlsSetValue
0x10060c08 GlobalReAlloc
0x10060c0c TlsFree
0x10060c10 GlobalHandle
0x10060c14 TlsAlloc
0x10060c18 GetLastError
0x10060c1c FileTimeToLocalFileTime
0x10060c20 FileTimeToSystemTime
0x10060c24 CopyFileA
0x10060c28 GlobalSize
0x10060c2c FormatMessageA
0x10060c30 LocalFree
0x10060c34 lstrlenW
0x10060c38 EnterCriticalSection
0x10060c3c LeaveCriticalSection
0x10060c40 DeleteCriticalSection
0x10060c44 InitializeCriticalSection
0x10060c48 lstrcpynA
0x10060c4c MulDiv
0x10060c50 SetLastError
0x10060c54 GlobalUnlock
0x10060c58 CreateEventA
0x10060c5c SuspendThread
0x10060c60 SetThreadPriority
0x10060c64 ResumeThread
0x10060c68 SetEvent
0x10060c6c WaitForSingleObject
0x10060c70 GetModuleFileNameA
0x10060c74 GlobalLock
0x10060c78 lstrcmpA
0x10060c7c GetCurrentThread
0x10060c80 GetThreadLocale
0x10060c84 LoadLibraryA
0x10060c88 FreeLibrary
0x10060c8c FindResourceA
0x10060c90 LoadResource
0x10060c94 LockResource
0x10060c98 GetVersion
0x10060c9c lstrcatA
0x10060ca0 GetCurrentThreadId
0x10060ca4 GlobalGetAtomNameA
0x10060ca8 lstrcmpiA
0x10060cac GlobalAddAtomA
0x10060cb0 GlobalFindAtomA
0x10060cb4 GlobalDeleteAtom
0x10060cb8 lstrcpyA
0x10060cbc GetModuleHandleA
0x10060cc0 MultiByteToWideChar
0x10060cc4 WideCharToMultiByte
0x10060cc8 lstrlenA
0x10060ccc InterlockedDecrement
0x10060cd0 InterlockedIncrement
0x10060cd4 LocalAlloc
0x10060cd8 GlobalAlloc
0x10060cdc CreateFileA
0x10060ce0 WriteFile
0x10060ce4 CloseHandle
0x10060ce8 GlobalFree
0x10060cec ExitProcess
0x10060cf0 LoadLibraryW
0x10060cf4 SetUnhandledExceptionFilter
0x10060cf8 GetProcAddress
USER32.dll
0x10060db0 SetCapture
0x10060db4 ReleaseCapture
0x10060db8 WaitMessage
0x10060dbc GetWindowThreadProcessId
0x10060dc0 WindowFromPoint
0x10060dc4 DeleteMenu
0x10060dc8 GetDialogBaseUnits
0x10060dcc GetNextDlgGroupItem
0x10060dd0 MessageBeep
0x10060dd4 InflateRect
0x10060dd8 RegisterClipboardFormatA
0x10060ddc SetRectEmpty
0x10060de0 LoadAcceleratorsA
0x10060de4 TranslateAcceleratorA
0x10060de8 LoadMenuA
0x10060dec SetMenu
0x10060df0 ReuseDDElParam
0x10060df4 UnpackDDElParam
0x10060df8 InvalidateRect
0x10060dfc BringWindowToTop
0x10060e00 CharUpperA
0x10060e04 PostThreadMessageA
0x10060e08 DestroyIcon
0x10060e0c SetWindowTextA
0x10060e10 IsDialogMessageA
0x10060e14 ScrollWindowEx
0x10060e18 IsDlgButtonChecked
0x10060e1c SetDlgItemTextA
0x10060e20 SetDlgItemInt
0x10060e24 GetDlgItemTextA
0x10060e28 GetDlgItemInt
0x10060e2c CheckRadioButton
0x10060e30 CheckDlgButton
0x10060e34 PostMessageA
0x10060e38 UpdateWindow
0x10060e3c SendDlgItemMessageA
0x10060e40 MapWindowPoints
0x10060e44 GetSysColor
0x10060e48 PeekMessageA
0x10060e4c DispatchMessageA
0x10060e50 GetFocus
0x10060e54 SetActiveWindow
0x10060e58 IsWindow
0x10060e5c SetFocus
0x10060e60 AdjustWindowRectEx
0x10060e64 ScreenToClient
0x10060e68 EqualRect
0x10060e6c DeferWindowPos
0x10060e70 BeginDeferWindowPos
0x10060e74 CopyRect
0x10060e78 EndDeferWindowPos
0x10060e7c IsWindowVisible
0x10060e80 ScrollWindow
0x10060e84 GetScrollInfo
0x10060e88 SetScrollInfo
0x10060e8c ShowScrollBar
0x10060e90 GetScrollRange
0x10060e94 SetScrollRange
0x10060e98 GetScrollPos
0x10060e9c SetScrollPos
0x10060ea0 GetTopWindow
0x10060ea4 MessageBoxA
0x10060ea8 IsChild
0x10060eac SetRect
0x10060eb0 GetCapture
0x10060eb4 GetMenuStringA
0x10060eb8 wsprintfA
0x10060ebc GetClassInfoA
0x10060ec0 RegisterClassA
0x10060ec4 GetMenu
0x10060ec8 GetMenuItemCount
0x10060ecc GetSubMenu
0x10060ed0 GetMenuItemID
0x10060ed4 TrackPopupMenu
0x10060ed8 SetWindowPlacement
0x10060edc GetDlgItem
0x10060ee0 GetWindowTextLengthA
0x10060ee4 GetWindowTextA
0x10060ee8 GetDlgCtrlID
0x10060eec GetKeyState
0x10060ef0 DefWindowProcA
0x10060ef4 DestroyWindow
0x10060ef8 GetClassNameA
0x10060efc SetWindowsHookExA
0x10060f00 CallNextHookEx
0x10060f04 GetClassLongA
0x10060f08 SetPropA
0x10060f0c UnhookWindowsHookEx
0x10060f10 GetPropA
0x10060f14 CallWindowProcA
0x10060f18 RemovePropA
0x10060f1c GetMessageTime
0x10060f20 GetMessagePos
0x10060f24 GetLastActivePopup
0x10060f28 GetForegroundWindow
0x10060f2c SetForegroundWindow
0x10060f30 GetWindow
0x10060f34 GetWindowLongA
0x10060f38 SetWindowLongA
0x10060f3c SetWindowPos
0x10060f40 RegisterWindowMessageA
0x10060f44 OffsetRect
0x10060f48 IntersectRect
0x10060f4c SystemParametersInfoA
0x10060f50 GetWindowPlacement
0x10060f54 GetWindowRect
0x10060f58 OemToCharA
0x10060f5c CharToOemA
0x10060f60 EnableWindow
0x10060f64 HideCaret
0x10060f68 ShowCaret
0x10060f6c ExcludeUpdateRgn
0x10060f70 DrawFocusRect
0x10060f74 DefDlgProcA
0x10060f78 IsWindowUnicode
0x10060f7c LoadIconA
0x10060f80 KillTimer
0x10060f84 SetTimer
0x10060f88 IsClipboardFormatAvailable
0x10060f8c GetClipboardData
0x10060f90 GetDC
0x10060f94 OpenClipboard
0x10060f98 EmptyClipboard
0x10060f9c SetClipboardData
0x10060fa0 CloseClipboard
0x10060fa4 IsIconic
0x10060fa8 GetSystemMetrics
0x10060fac GetClientRect
0x10060fb0 DrawIcon
0x10060fb4 CopyAcceleratorTableA
0x10060fb8 GetSysColorBrush
0x10060fbc LoadCursorA
0x10060fc0 GetDesktopWindow
0x10060fc4 GetParent
0x10060fc8 PtInRect
0x10060fcc GetSystemMenu
0x10060fd0 AppendMenuA
0x10060fd4 SendMessageA
0x10060fd8 InsertMenuA
0x10060fdc GrayStringA
0x10060fe0 DrawTextA
0x10060fe4 TabbedTextOutA
0x10060fe8 EndPaint
0x10060fec BeginPaint
0x10060ff0 GetWindowDC
0x10060ff4 ReleaseDC
0x10060ff8 ClientToScreen
0x10060ffc DestroyMenu
0x10061000 LoadStringA
0x10061004 wvsprintfA
0x10061008 MapDialogRect
0x1006100c SetWindowContextHelpId
0x10061010 EndDialog
0x10061014 CreateDialogIndirectParamA
0x10061018 GetMessageA
0x1006101c TranslateMessage
0x10061020 GetActiveWindow
0x10061024 ValidateRect
0x10061028 GetCursorPos
0x1006102c SetCursor
0x10061030 ShowOwnedPopups
0x10061034 PostQuitMessage
0x10061038 CharNextA
0x1006103c GetMenuCheckMarkDimensions
0x10061040 LoadBitmapA
0x10061044 MoveWindow
0x10061048 ModifyMenuA
0x1006104c SetMenuItemBitmaps
0x10061050 CheckMenuItem
0x10061054 EnableMenuItem
0x10061058 GetNextDlgTabItem
0x1006105c IsWindowEnabled
0x10061060 CreateWindowExA
0x10061064 RemoveMenu
0x10061068 WinHelpA
0x1006106c ShowWindow
0x10061070 GetMenuState
GDI32.dll
0x10060950 DeleteDC
0x10060954 StartDocA
0x10060958 SaveDC
0x1006095c RestoreDC
0x10060960 SelectPalette
0x10060964 SetBkMode
0x10060968 SetPolyFillMode
0x1006096c SetROP2
0x10060970 SetStretchBltMode
0x10060974 SetMapMode
0x10060978 SetViewportOrgEx
0x1006097c OffsetViewportOrgEx
0x10060980 SetViewportExtEx
0x10060984 ScaleViewportExtEx
0x10060988 SetWindowOrgEx
0x1006098c OffsetWindowOrgEx
0x10060990 SetWindowExtEx
0x10060994 ScaleWindowExtEx
0x10060998 SelectClipRgn
0x1006099c ExcludeClipRect
0x100609a0 IntersectClipRect
0x100609a4 OffsetClipRgn
0x100609a8 MoveToEx
0x100609ac LineTo
0x100609b0 SetTextAlign
0x100609b4 SetTextJustification
0x100609b8 SetTextCharacterExtra
0x100609bc SetMapperFlags
0x100609c0 GetCurrentPositionEx
0x100609c4 ArcTo
0x100609c8 SetArcDirection
0x100609cc PolyDraw
0x100609d0 PolylineTo
0x100609d4 SetColorAdjustment
0x100609d8 GetStockObject
0x100609dc DeleteObject
0x100609e0 GetClipRgn
0x100609e4 CreateRectRgn
0x100609e8 SelectClipPath
0x100609ec ExtSelectClipRgn
0x100609f0 PlayMetaFileRecord
0x100609f4 GetObjectType
0x100609f8 EnumMetaFile
0x100609fc PlayMetaFile
0x10060a00 GetViewportExtEx
0x10060a04 GetWindowExtEx
0x10060a08 CreatePen
0x10060a0c ExtCreatePen
0x10060a10 CreateSolidBrush
0x10060a14 CreateHatchBrush
0x10060a18 CreatePatternBrush
0x10060a1c CreateDIBPatternBrushPt
0x10060a20 PtVisible
0x10060a24 RectVisible
0x10060a28 TextOutA
0x10060a2c ExtTextOutA
0x10060a30 Escape
0x10060a34 CopyMetaFileA
0x10060a38 CreateDCA
0x10060a3c DPtoLP
0x10060a40 LPtoDP
0x10060a44 GetTextExtentPoint32A
0x10060a48 GetTextMetricsA
0x10060a4c CreateFontIndirectA
0x10060a50 GetMapMode
0x10060a54 PatBlt
0x10060a58 SetRectRgn
0x10060a5c CombineRgn
0x10060a60 CreateRectRgnIndirect
0x10060a64 GetDeviceCaps
0x10060a68 GetBkColor
0x10060a6c GetTextColor
0x10060a70 CreateBitmap
0x10060a74 SetBkColor
0x10060a78 SetTextColor
0x10060a7c GetClipBox
0x10060a80 GetDCOrgEx
0x10060a84 GetDIBits
0x10060a88 CreateCompatibleBitmap
0x10060a8c CreateCompatibleDC
0x10060a90 SelectObject
0x10060a94 BitBlt
0x10060a98 PolyBezierTo
0x10060a9c CreateDIBitmap
0x10060aa0 GetTextExtentPointA
0x10060aa4 GetObjectA
comdlg32.dll
0x10061088 GetOpenFileNameA
0x1006108c GetSaveFileNameA
0x10061090 GetFileTitleA
WINSPOOL.DRV
0x10061078 ClosePrinter
0x1006107c DocumentPropertiesA
0x10061080 OpenPrinterA
ADVAPI32.dll
0x10060914 RegSetValueExA
0x10060918 RegCreateKeyA
0x1006091c RegEnumKeyA
0x10060920 RegQueryValueA
0x10060924 RegDeleteKeyA
0x10060928 RegDeleteValueA
0x1006092c RegCloseKey
0x10060930 RegQueryValueExA
0x10060934 RegOpenKeyExA
0x10060938 RegCreateKeyExA
0x1006093c RegOpenKeyA
0x10060940 RegSetValueA
SHELL32.dll
0x10060d98 SHGetFileInfoA
0x10060d9c DragQueryFileA
0x10060da0 DragFinish
0x10060da4 DragAcceptFiles
0x10060da8 ExtractIconA
COMCTL32.dll
0x10060948 None
EAT(Export Address Table) Library
0x10002209 StartW