ScreenShot
| Created | 2021.04.08 09:40 | Machine | s1_win7_x6401 |
| Filename | fter.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 12 detected (malicious, high confidence, score, Artemis, FileRepMetagen, Emotet, Tiny, dGZlOgbwDZnp4Q4xJQ) | ||
| md5 | cfb0292715c8260295e34dfd0080879b | ||
| sha256 | 372ebaa851f0b7a74f33413085602a574c019a23ab91ad0e3153aadc07f935c4 | ||
| ssdeep | 12288:JR4FAH21p7mMau/V7S0ZBoic+4iqO3Q7:Julp7mJQV7Sso/Og7 | ||
| imphash | 0d24691241e6e04bb7a66ac9674ef252 | ||
| impfuzzy | 192:fSywB2Ndd3xUKgLrxC2dSrdvTKrcRcncmkyPOq5NPc:w2N/JI5rEa9Oq5NPc | ||
Network IP location
Signature (12cnts)
| Level | Description |
|---|---|
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Attempts to identify installed AV products by registry key |
| watch | File has been identified by 12 AntiVirus engines on VirusTotal as malicious |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Creates hidden or system file |
| notice | One or more potentially interesting buffers were extracted |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Yara rule detected in process memory |
| info | One or more processes crashed |
Rules (32cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| info | anti_dbg | Checks if being debugged | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature Zero | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
| info | win_hook | Affect hook table | memory |
| info | HasRichSignature | Rich Signature Check | binaries (upload) |
| info | IsWindowsGUI | (no description) | binaries (upload) |
| info | keylogger | Run a keylogger | binaries (upload) |
| info | keylogger | Run a keylogger | memory |
| info | network_tcp_listen | Listen for incoming communication | memory |
| info | network_tcp_socket | Communications over RAW socket | binaries (upload) |
| info | network_tcp_socket | Communications over RAW socket | memory |
| info | network_udp_sock | Communications over UDP network | binaries (upload) |
| info | network_udp_sock | Communications over UDP network | memory |
| info | screenshot | Take screenshot | binaries (upload) |
| info | screenshot | Take screenshot | memory |
| info | Str_Win32_Winsock2_Library | Match Winsock 2 API library declaration | binaries (upload) |
| info | Str_Win32_Winsock2_Library | Match Winsock 2 API library declaration | memory |
| info | win_files_operation | Affect private profile | binaries (upload) |
| info | win_files_operation | Affect private profile | memory |
| info | win_private_profile | Affect private profile | binaries (upload) |
| info | win_private_profile | Affect private profile | memory |
| info | win_registry | Affect system registries | binaries (upload) |
| info | win_registry | Affect system registries | memory |
| info | win_token | Affect system token | memory |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x44a180 GetFileAttributesA
0x44a188 GetFileTime
0x44a190 SetErrorMode
0x44a198 RtlLookupFunctionEntry
0x44a1a0 RtlUnwindEx
0x44a1a8 ExitThread
0x44a1b0 CreateThread
0x44a1b8 HeapAlloc
0x44a1c0 HeapFree
0x44a1c8 HeapReAlloc
0x44a1d0 VirtualProtect
0x44a1d8 VirtualAlloc
0x44a1e0 GetSystemInfo
0x44a1e8 VirtualQuery
0x44a1f0 GetCommandLineA
0x44a1f8 GetProcessHeap
0x44a200 GetStartupInfoA
0x44a208 RaiseException
0x44a210 RtlPcToFileHeader
0x44a218 HeapSize
0x44a220 FlsGetValue
0x44a228 FlsSetValue
0x44a230 FlsFree
0x44a238 FlsAlloc
0x44a240 TerminateProcess
0x44a248 UnhandledExceptionFilter
0x44a250 SetUnhandledExceptionFilter
0x44a258 IsDebuggerPresent
0x44a260 RtlCaptureContext
0x44a268 RtlVirtualUnwind
0x44a270 GetStdHandle
0x44a278 HeapSetInformation
0x44a280 FreeEnvironmentStringsA
0x44a288 GetEnvironmentStrings
0x44a290 FreeEnvironmentStringsW
0x44a298 GetEnvironmentStringsW
0x44a2a0 SetHandleCount
0x44a2a8 GetFileType
0x44a2b0 QueryPerformanceCounter
0x44a2b8 GetSystemTimeAsFileTime
0x44a2c0 GetACP
0x44a2c8 GetStringTypeA
0x44a2d0 GetStringTypeW
0x44a2d8 GetTimeZoneInformation
0x44a2e0 GetConsoleCP
0x44a2e8 GetConsoleMode
0x44a2f0 LCMapStringA
0x44a2f8 LCMapStringW
0x44a300 SetStdHandle
0x44a308 WriteConsoleA
0x44a310 GetConsoleOutputCP
0x44a318 WriteConsoleW
0x44a320 SetEnvironmentVariableA
0x44a328 FileTimeToLocalFileTime
0x44a330 CreateFileA
0x44a338 GetFullPathNameA
0x44a340 GetVolumeInformationA
0x44a348 FindFirstFileA
0x44a350 FindClose
0x44a358 GetCurrentProcess
0x44a360 DuplicateHandle
0x44a368 GetFileSize
0x44a370 SetEndOfFile
0x44a378 UnlockFile
0x44a380 LockFile
0x44a388 FlushFileBuffers
0x44a390 SetFilePointer
0x44a398 WriteFile
0x44a3a0 ReadFile
0x44a3a8 FileTimeToSystemTime
0x44a3b0 GetThreadLocale
0x44a3b8 GetOEMCP
0x44a3c0 GetCPInfo
0x44a3c8 TlsFree
0x44a3d0 LocalReAlloc
0x44a3d8 TlsSetValue
0x44a3e0 GlobalHandle
0x44a3e8 GlobalReAlloc
0x44a3f0 TlsAlloc
0x44a3f8 TlsGetValue
0x44a400 LocalAlloc
0x44a408 GlobalFlags
0x44a410 EnterCriticalSection
0x44a418 LeaveCriticalSection
0x44a420 DeleteCriticalSection
0x44a428 InitializeCriticalSection
0x44a430 GetModuleFileNameW
0x44a438 GetPrivateProfileStringA
0x44a440 WritePrivateProfileStringA
0x44a448 GetPrivateProfileIntA
0x44a450 GetCurrentProcessId
0x44a458 CloseHandle
0x44a460 GetCurrentThread
0x44a468 ConvertDefaultLocale
0x44a470 EnumResourceLanguagesA
0x44a478 GetModuleFileNameA
0x44a480 GetLocaleInfoA
0x44a488 lstrcmpA
0x44a490 GlobalFree
0x44a498 GlobalAlloc
0x44a4a0 GlobalLock
0x44a4a8 GlobalUnlock
0x44a4b0 FormatMessageA
0x44a4b8 LocalFree
0x44a4c0 MulDiv
0x44a4c8 FreeResource
0x44a4d0 GetCurrentThreadId
0x44a4d8 GlobalGetAtomNameA
0x44a4e0 GlobalAddAtomA
0x44a4e8 GlobalFindAtomA
0x44a4f0 GlobalDeleteAtom
0x44a4f8 FreeLibrary
0x44a500 LoadLibraryA
0x44a508 SetLastError
0x44a510 lstrcmpW
0x44a518 GetModuleHandleA
0x44a520 GetVersionExA
0x44a528 ExitProcess
0x44a530 LoadLibraryW
0x44a538 GetProcAddress
0x44a540 FindResourceA
0x44a548 LoadResource
0x44a550 LockResource
0x44a558 SizeofResource
0x44a560 lstrlenA
0x44a568 CompareStringW
0x44a570 CompareStringA
0x44a578 GetVersion
0x44a580 GetLastError
0x44a588 WideCharToMultiByte
0x44a590 MultiByteToWideChar
0x44a598 SetEvent
0x44a5a0 WaitForSingleObject
0x44a5a8 CreateEventA
0x44a5b0 WaitForMultipleObjects
0x44a5b8 Sleep
0x44a5c0 HeapCreate
0x44a5c8 GetTickCount
USER32.dll
0x44a670 CharNextA
0x44a678 CopyAcceleratorTableA
0x44a680 IsRectEmpty
0x44a688 SetRect
0x44a690 InvalidateRgn
0x44a698 GetNextDlgGroupItem
0x44a6a0 MessageBeep
0x44a6a8 UnregisterClassA
0x44a6b0 RegisterClipboardFormatA
0x44a6b8 PostThreadMessageA
0x44a6c0 GetWindowDC
0x44a6c8 ClientToScreen
0x44a6d0 GrayStringA
0x44a6d8 DrawTextExA
0x44a6e0 DrawTextA
0x44a6e8 TabbedTextOutA
0x44a6f0 SetWindowContextHelpId
0x44a6f8 MapDialogRect
0x44a700 ReleaseDC
0x44a708 GetDC
0x44a710 GetDesktopWindow
0x44a718 CreateDialogIndirectParamA
0x44a720 GetNextDlgTabItem
0x44a728 EndDialog
0x44a730 GetWindowThreadProcessId
0x44a738 SetCursor
0x44a740 GetMessageA
0x44a748 TranslateMessage
0x44a750 GetActiveWindow
0x44a758 GetCursorPos
0x44a760 ValidateRect
0x44a768 PostQuitMessage
0x44a770 IsWindowEnabled
0x44a778 ShowWindow
0x44a780 MoveWindow
0x44a788 SetWindowTextA
0x44a790 IsDialogMessageA
0x44a798 RegisterWindowMessageA
0x44a7a0 SendDlgItemMessageA
0x44a7a8 WinHelpA
0x44a7b0 IsChild
0x44a7b8 GetCapture
0x44a7c0 SetWindowsHookExA
0x44a7c8 CallNextHookEx
0x44a7d0 GetClassLongA
0x44a7d8 GetClassNameA
0x44a7e0 GetClassLongPtrA
0x44a7e8 SetPropA
0x44a7f0 GetPropA
0x44a7f8 RemovePropA
0x44a800 IsWindow
0x44a808 SetFocus
0x44a810 GetWindowTextLengthA
0x44a818 GetWindowTextA
0x44a820 GetLastActivePopup
0x44a828 SetActiveWindow
0x44a830 DispatchMessageA
0x44a838 GetDlgItem
0x44a840 GetTopWindow
0x44a848 DestroyWindow
0x44a850 GetWindowLongPtrA
0x44a858 SetWindowLongPtrA
0x44a860 UnhookWindowsHookEx
0x44a868 GetMessageTime
0x44a870 GetMessagePos
0x44a878 PeekMessageA
0x44a880 MapWindowPoints
0x44a888 GetKeyState
0x44a890 SetForegroundWindow
0x44a898 IsWindowVisible
0x44a8a0 UpdateWindow
0x44a8a8 GetMenu
0x44a8b0 GetSubMenu
0x44a8b8 GetMenuItemID
0x44a8c0 GetMenuItemCount
0x44a8c8 MessageBoxA
0x44a8d0 CreateWindowExA
0x44a8d8 GetClassInfoExA
0x44a8e0 GetClassInfoA
0x44a8e8 RegisterClassA
0x44a8f0 GetSysColor
0x44a8f8 AdjustWindowRectEx
0x44a900 ScreenToClient
0x44a908 EqualRect
0x44a910 CopyRect
0x44a918 PtInRect
0x44a920 GetDlgCtrlID
0x44a928 DefWindowProcA
0x44a930 CallWindowProcA
0x44a938 GetWindowLongA
0x44a940 SetWindowLongA
0x44a948 ReleaseCapture
0x44a950 SetCapture
0x44a958 LoadCursorA
0x44a960 GetSysColorBrush
0x44a968 DestroyMenu
0x44a970 EndPaint
0x44a978 BeginPaint
0x44a980 SetWindowPos
0x44a988 OffsetRect
0x44a990 IntersectRect
0x44a998 SystemParametersInfoA
0x44a9a0 GetWindowPlacement
0x44a9a8 GetWindow
0x44a9b0 SetMenuItemBitmaps
0x44a9b8 GetMenuCheckMarkDimensions
0x44a9c0 LoadBitmapA
0x44a9c8 GetFocus
0x44a9d0 GetParent
0x44a9d8 ModifyMenuA
0x44a9e0 GetMenuState
0x44a9e8 EnableMenuItem
0x44a9f0 CheckMenuItem
0x44a9f8 GetSystemMetrics
0x44aa00 LoadIconA
0x44aa08 KillTimer
0x44aa10 SetTimer
0x44aa18 InvalidateRect
0x44aa20 GetClientRect
0x44aa28 GetWindowRect
0x44aa30 IsIconic
0x44aa38 GetSystemMenu
0x44aa40 AppendMenuA
0x44aa48 DrawIcon
0x44aa50 InflateRect
0x44aa58 CharUpperA
0x44aa60 PostMessageA
0x44aa68 SendMessageA
0x44aa70 EnableWindow
0x44aa78 GetForegroundWindow
GDI32.dll
0x44a058 SetWindowExtEx
0x44a060 ScaleWindowExtEx
0x44a068 ExtSelectClipRgn
0x44a070 DeleteDC
0x44a078 GetStockObject
0x44a080 GetMapMode
0x44a088 GetBkColor
0x44a090 GetTextColor
0x44a098 GetRgnBox
0x44a0a0 GetWindowExtEx
0x44a0a8 GetViewportExtEx
0x44a0b0 ScaleViewportExtEx
0x44a0b8 SetViewportExtEx
0x44a0c0 OffsetViewportOrgEx
0x44a0c8 SetViewportOrgEx
0x44a0d0 SelectObject
0x44a0d8 Escape
0x44a0e0 ExtTextOutA
0x44a0e8 TextOutA
0x44a0f0 RectVisible
0x44a0f8 PtVisible
0x44a100 CreateSolidBrush
0x44a108 Rectangle
0x44a110 DeleteObject
0x44a118 MoveToEx
0x44a120 LineTo
0x44a128 SetMapMode
0x44a130 RestoreDC
0x44a138 SaveDC
0x44a140 CreateRectRgnIndirect
0x44a148 GetDeviceCaps
0x44a150 GetObjectA
0x44a158 SetBkColor
0x44a160 SetTextColor
0x44a168 GetClipBox
0x44a170 CreateBitmap
comdlg32.dll
0x44ab00 GetFileTitleA
WINSPOOL.DRV
0x44aa88 DocumentPropertiesA
0x44aa90 ClosePrinter
0x44aa98 OpenPrinterA
ADVAPI32.dll
0x44a000 RegDeleteValueA
0x44a008 RegSetValueExA
0x44a010 RegCreateKeyExA
0x44a018 RegQueryValueA
0x44a020 RegEnumKeyA
0x44a028 RegDeleteKeyA
0x44a030 RegOpenKeyExA
0x44a038 RegQueryValueExA
0x44a040 RegOpenKeyA
0x44a048 RegCloseKey
SHLWAPI.dll
0x44a648 PathFindFileNameA
0x44a650 PathStripToRootA
0x44a658 PathFindExtensionA
0x44a660 PathIsUNCA
oledlg.dll
0x44ab90 None
ole32.dll
0x44ab10 CoTaskMemFree
0x44ab18 CoTaskMemAlloc
0x44ab20 CLSIDFromProgID
0x44ab28 CLSIDFromString
0x44ab30 CoGetClassObject
0x44ab38 StgOpenStorageOnILockBytes
0x44ab40 StgCreateDocfileOnILockBytes
0x44ab48 CreateILockBytesOnHGlobal
0x44ab50 OleUninitialize
0x44ab58 CoFreeUnusedLibraries
0x44ab60 OleInitialize
0x44ab68 CoRevokeClassObject
0x44ab70 OleIsCurrentClipboard
0x44ab78 OleFlushClipboard
0x44ab80 CoRegisterMessageFilter
OLEAUT32.dll
0x44a5d8 SysAllocString
0x44a5e0 OleCreateFontIndirect
0x44a5e8 SystemTimeToVariantTime
0x44a5f0 VariantTimeToSystemTime
0x44a5f8 SafeArrayDestroy
0x44a600 VariantCopy
0x44a608 SysAllocStringByteLen
0x44a610 SysFreeString
0x44a618 SysStringLen
0x44a620 SysAllocStringLen
0x44a628 VariantInit
0x44a630 VariantChangeType
0x44a638 VariantClear
WS2_32.dll
0x44aaa8 socket
0x44aab0 gethostbyname
0x44aab8 inet_ntoa
0x44aac0 closesocket
0x44aac8 recvfrom
0x44aad0 sendto
0x44aad8 WSAGetLastError
0x44aae0 select
0x44aae8 WSAStartup
0x44aaf0 WSACleanup
EAT(Export Address Table) Library
0x402e80 DF1
KERNEL32.dll
0x44a180 GetFileAttributesA
0x44a188 GetFileTime
0x44a190 SetErrorMode
0x44a198 RtlLookupFunctionEntry
0x44a1a0 RtlUnwindEx
0x44a1a8 ExitThread
0x44a1b0 CreateThread
0x44a1b8 HeapAlloc
0x44a1c0 HeapFree
0x44a1c8 HeapReAlloc
0x44a1d0 VirtualProtect
0x44a1d8 VirtualAlloc
0x44a1e0 GetSystemInfo
0x44a1e8 VirtualQuery
0x44a1f0 GetCommandLineA
0x44a1f8 GetProcessHeap
0x44a200 GetStartupInfoA
0x44a208 RaiseException
0x44a210 RtlPcToFileHeader
0x44a218 HeapSize
0x44a220 FlsGetValue
0x44a228 FlsSetValue
0x44a230 FlsFree
0x44a238 FlsAlloc
0x44a240 TerminateProcess
0x44a248 UnhandledExceptionFilter
0x44a250 SetUnhandledExceptionFilter
0x44a258 IsDebuggerPresent
0x44a260 RtlCaptureContext
0x44a268 RtlVirtualUnwind
0x44a270 GetStdHandle
0x44a278 HeapSetInformation
0x44a280 FreeEnvironmentStringsA
0x44a288 GetEnvironmentStrings
0x44a290 FreeEnvironmentStringsW
0x44a298 GetEnvironmentStringsW
0x44a2a0 SetHandleCount
0x44a2a8 GetFileType
0x44a2b0 QueryPerformanceCounter
0x44a2b8 GetSystemTimeAsFileTime
0x44a2c0 GetACP
0x44a2c8 GetStringTypeA
0x44a2d0 GetStringTypeW
0x44a2d8 GetTimeZoneInformation
0x44a2e0 GetConsoleCP
0x44a2e8 GetConsoleMode
0x44a2f0 LCMapStringA
0x44a2f8 LCMapStringW
0x44a300 SetStdHandle
0x44a308 WriteConsoleA
0x44a310 GetConsoleOutputCP
0x44a318 WriteConsoleW
0x44a320 SetEnvironmentVariableA
0x44a328 FileTimeToLocalFileTime
0x44a330 CreateFileA
0x44a338 GetFullPathNameA
0x44a340 GetVolumeInformationA
0x44a348 FindFirstFileA
0x44a350 FindClose
0x44a358 GetCurrentProcess
0x44a360 DuplicateHandle
0x44a368 GetFileSize
0x44a370 SetEndOfFile
0x44a378 UnlockFile
0x44a380 LockFile
0x44a388 FlushFileBuffers
0x44a390 SetFilePointer
0x44a398 WriteFile
0x44a3a0 ReadFile
0x44a3a8 FileTimeToSystemTime
0x44a3b0 GetThreadLocale
0x44a3b8 GetOEMCP
0x44a3c0 GetCPInfo
0x44a3c8 TlsFree
0x44a3d0 LocalReAlloc
0x44a3d8 TlsSetValue
0x44a3e0 GlobalHandle
0x44a3e8 GlobalReAlloc
0x44a3f0 TlsAlloc
0x44a3f8 TlsGetValue
0x44a400 LocalAlloc
0x44a408 GlobalFlags
0x44a410 EnterCriticalSection
0x44a418 LeaveCriticalSection
0x44a420 DeleteCriticalSection
0x44a428 InitializeCriticalSection
0x44a430 GetModuleFileNameW
0x44a438 GetPrivateProfileStringA
0x44a440 WritePrivateProfileStringA
0x44a448 GetPrivateProfileIntA
0x44a450 GetCurrentProcessId
0x44a458 CloseHandle
0x44a460 GetCurrentThread
0x44a468 ConvertDefaultLocale
0x44a470 EnumResourceLanguagesA
0x44a478 GetModuleFileNameA
0x44a480 GetLocaleInfoA
0x44a488 lstrcmpA
0x44a490 GlobalFree
0x44a498 GlobalAlloc
0x44a4a0 GlobalLock
0x44a4a8 GlobalUnlock
0x44a4b0 FormatMessageA
0x44a4b8 LocalFree
0x44a4c0 MulDiv
0x44a4c8 FreeResource
0x44a4d0 GetCurrentThreadId
0x44a4d8 GlobalGetAtomNameA
0x44a4e0 GlobalAddAtomA
0x44a4e8 GlobalFindAtomA
0x44a4f0 GlobalDeleteAtom
0x44a4f8 FreeLibrary
0x44a500 LoadLibraryA
0x44a508 SetLastError
0x44a510 lstrcmpW
0x44a518 GetModuleHandleA
0x44a520 GetVersionExA
0x44a528 ExitProcess
0x44a530 LoadLibraryW
0x44a538 GetProcAddress
0x44a540 FindResourceA
0x44a548 LoadResource
0x44a550 LockResource
0x44a558 SizeofResource
0x44a560 lstrlenA
0x44a568 CompareStringW
0x44a570 CompareStringA
0x44a578 GetVersion
0x44a580 GetLastError
0x44a588 WideCharToMultiByte
0x44a590 MultiByteToWideChar
0x44a598 SetEvent
0x44a5a0 WaitForSingleObject
0x44a5a8 CreateEventA
0x44a5b0 WaitForMultipleObjects
0x44a5b8 Sleep
0x44a5c0 HeapCreate
0x44a5c8 GetTickCount
USER32.dll
0x44a670 CharNextA
0x44a678 CopyAcceleratorTableA
0x44a680 IsRectEmpty
0x44a688 SetRect
0x44a690 InvalidateRgn
0x44a698 GetNextDlgGroupItem
0x44a6a0 MessageBeep
0x44a6a8 UnregisterClassA
0x44a6b0 RegisterClipboardFormatA
0x44a6b8 PostThreadMessageA
0x44a6c0 GetWindowDC
0x44a6c8 ClientToScreen
0x44a6d0 GrayStringA
0x44a6d8 DrawTextExA
0x44a6e0 DrawTextA
0x44a6e8 TabbedTextOutA
0x44a6f0 SetWindowContextHelpId
0x44a6f8 MapDialogRect
0x44a700 ReleaseDC
0x44a708 GetDC
0x44a710 GetDesktopWindow
0x44a718 CreateDialogIndirectParamA
0x44a720 GetNextDlgTabItem
0x44a728 EndDialog
0x44a730 GetWindowThreadProcessId
0x44a738 SetCursor
0x44a740 GetMessageA
0x44a748 TranslateMessage
0x44a750 GetActiveWindow
0x44a758 GetCursorPos
0x44a760 ValidateRect
0x44a768 PostQuitMessage
0x44a770 IsWindowEnabled
0x44a778 ShowWindow
0x44a780 MoveWindow
0x44a788 SetWindowTextA
0x44a790 IsDialogMessageA
0x44a798 RegisterWindowMessageA
0x44a7a0 SendDlgItemMessageA
0x44a7a8 WinHelpA
0x44a7b0 IsChild
0x44a7b8 GetCapture
0x44a7c0 SetWindowsHookExA
0x44a7c8 CallNextHookEx
0x44a7d0 GetClassLongA
0x44a7d8 GetClassNameA
0x44a7e0 GetClassLongPtrA
0x44a7e8 SetPropA
0x44a7f0 GetPropA
0x44a7f8 RemovePropA
0x44a800 IsWindow
0x44a808 SetFocus
0x44a810 GetWindowTextLengthA
0x44a818 GetWindowTextA
0x44a820 GetLastActivePopup
0x44a828 SetActiveWindow
0x44a830 DispatchMessageA
0x44a838 GetDlgItem
0x44a840 GetTopWindow
0x44a848 DestroyWindow
0x44a850 GetWindowLongPtrA
0x44a858 SetWindowLongPtrA
0x44a860 UnhookWindowsHookEx
0x44a868 GetMessageTime
0x44a870 GetMessagePos
0x44a878 PeekMessageA
0x44a880 MapWindowPoints
0x44a888 GetKeyState
0x44a890 SetForegroundWindow
0x44a898 IsWindowVisible
0x44a8a0 UpdateWindow
0x44a8a8 GetMenu
0x44a8b0 GetSubMenu
0x44a8b8 GetMenuItemID
0x44a8c0 GetMenuItemCount
0x44a8c8 MessageBoxA
0x44a8d0 CreateWindowExA
0x44a8d8 GetClassInfoExA
0x44a8e0 GetClassInfoA
0x44a8e8 RegisterClassA
0x44a8f0 GetSysColor
0x44a8f8 AdjustWindowRectEx
0x44a900 ScreenToClient
0x44a908 EqualRect
0x44a910 CopyRect
0x44a918 PtInRect
0x44a920 GetDlgCtrlID
0x44a928 DefWindowProcA
0x44a930 CallWindowProcA
0x44a938 GetWindowLongA
0x44a940 SetWindowLongA
0x44a948 ReleaseCapture
0x44a950 SetCapture
0x44a958 LoadCursorA
0x44a960 GetSysColorBrush
0x44a968 DestroyMenu
0x44a970 EndPaint
0x44a978 BeginPaint
0x44a980 SetWindowPos
0x44a988 OffsetRect
0x44a990 IntersectRect
0x44a998 SystemParametersInfoA
0x44a9a0 GetWindowPlacement
0x44a9a8 GetWindow
0x44a9b0 SetMenuItemBitmaps
0x44a9b8 GetMenuCheckMarkDimensions
0x44a9c0 LoadBitmapA
0x44a9c8 GetFocus
0x44a9d0 GetParent
0x44a9d8 ModifyMenuA
0x44a9e0 GetMenuState
0x44a9e8 EnableMenuItem
0x44a9f0 CheckMenuItem
0x44a9f8 GetSystemMetrics
0x44aa00 LoadIconA
0x44aa08 KillTimer
0x44aa10 SetTimer
0x44aa18 InvalidateRect
0x44aa20 GetClientRect
0x44aa28 GetWindowRect
0x44aa30 IsIconic
0x44aa38 GetSystemMenu
0x44aa40 AppendMenuA
0x44aa48 DrawIcon
0x44aa50 InflateRect
0x44aa58 CharUpperA
0x44aa60 PostMessageA
0x44aa68 SendMessageA
0x44aa70 EnableWindow
0x44aa78 GetForegroundWindow
GDI32.dll
0x44a058 SetWindowExtEx
0x44a060 ScaleWindowExtEx
0x44a068 ExtSelectClipRgn
0x44a070 DeleteDC
0x44a078 GetStockObject
0x44a080 GetMapMode
0x44a088 GetBkColor
0x44a090 GetTextColor
0x44a098 GetRgnBox
0x44a0a0 GetWindowExtEx
0x44a0a8 GetViewportExtEx
0x44a0b0 ScaleViewportExtEx
0x44a0b8 SetViewportExtEx
0x44a0c0 OffsetViewportOrgEx
0x44a0c8 SetViewportOrgEx
0x44a0d0 SelectObject
0x44a0d8 Escape
0x44a0e0 ExtTextOutA
0x44a0e8 TextOutA
0x44a0f0 RectVisible
0x44a0f8 PtVisible
0x44a100 CreateSolidBrush
0x44a108 Rectangle
0x44a110 DeleteObject
0x44a118 MoveToEx
0x44a120 LineTo
0x44a128 SetMapMode
0x44a130 RestoreDC
0x44a138 SaveDC
0x44a140 CreateRectRgnIndirect
0x44a148 GetDeviceCaps
0x44a150 GetObjectA
0x44a158 SetBkColor
0x44a160 SetTextColor
0x44a168 GetClipBox
0x44a170 CreateBitmap
comdlg32.dll
0x44ab00 GetFileTitleA
WINSPOOL.DRV
0x44aa88 DocumentPropertiesA
0x44aa90 ClosePrinter
0x44aa98 OpenPrinterA
ADVAPI32.dll
0x44a000 RegDeleteValueA
0x44a008 RegSetValueExA
0x44a010 RegCreateKeyExA
0x44a018 RegQueryValueA
0x44a020 RegEnumKeyA
0x44a028 RegDeleteKeyA
0x44a030 RegOpenKeyExA
0x44a038 RegQueryValueExA
0x44a040 RegOpenKeyA
0x44a048 RegCloseKey
SHLWAPI.dll
0x44a648 PathFindFileNameA
0x44a650 PathStripToRootA
0x44a658 PathFindExtensionA
0x44a660 PathIsUNCA
oledlg.dll
0x44ab90 None
ole32.dll
0x44ab10 CoTaskMemFree
0x44ab18 CoTaskMemAlloc
0x44ab20 CLSIDFromProgID
0x44ab28 CLSIDFromString
0x44ab30 CoGetClassObject
0x44ab38 StgOpenStorageOnILockBytes
0x44ab40 StgCreateDocfileOnILockBytes
0x44ab48 CreateILockBytesOnHGlobal
0x44ab50 OleUninitialize
0x44ab58 CoFreeUnusedLibraries
0x44ab60 OleInitialize
0x44ab68 CoRevokeClassObject
0x44ab70 OleIsCurrentClipboard
0x44ab78 OleFlushClipboard
0x44ab80 CoRegisterMessageFilter
OLEAUT32.dll
0x44a5d8 SysAllocString
0x44a5e0 OleCreateFontIndirect
0x44a5e8 SystemTimeToVariantTime
0x44a5f0 VariantTimeToSystemTime
0x44a5f8 SafeArrayDestroy
0x44a600 VariantCopy
0x44a608 SysAllocStringByteLen
0x44a610 SysFreeString
0x44a618 SysStringLen
0x44a620 SysAllocStringLen
0x44a628 VariantInit
0x44a630 VariantChangeType
0x44a638 VariantClear
WS2_32.dll
0x44aaa8 socket
0x44aab0 gethostbyname
0x44aab8 inet_ntoa
0x44aac0 closesocket
0x44aac8 recvfrom
0x44aad0 sendto
0x44aad8 WSAGetLastError
0x44aae0 select
0x44aae8 WSAStartup
0x44aaf0 WSACleanup
EAT(Export Address Table) Library
0x402e80 DF1