ScreenShot
| Created | 2021.04.13 10:22 | Machine | s1_win7_x6401 |
| Filename | prun.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 52 detected (malicious, high confidence, DownLoad4, GenericKD, Unsafe, Save, Coroxy, RDRU, Attribute, HighConfidence, GenCBL, FileRepMalware, anpnz, MalCert, rynyu@0, Xaparo, Artemis, Static AI, Suspicious PE, bszw, zalkl, kcloud, score, ai score=100, Solmyr, USASHDA21, CLOUD, Androm, ZSnkgg2c8HQ, susgen, confidence, 100%, HgIASR0A) | ||
| md5 | 78859832e79c6d7aedad2de7612b375c | ||
| sha256 | 41d1addb382678e81ab59cb80613f2c2ee746b2615233674cc8c323a9a0eff4c | ||
| ssdeep | 49152:ug8rPO37fzH4A6hanqNmmH0NUF9wZdmD:P8rPO37fzH4A6h0Xiad | ||
| imphash | ba4cc0afb12afe0a3f885ae6696404ed | ||
| impfuzzy | 192:vmebFwHavbvxM1i+ybuuzRSl92YR2Ern7X3v:vmebIqm1iHzg97 | ||
Network IP location
Signature (16cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 52 AntiVirus engines on VirusTotal as malicious |
| danger | Executed a process and injected code into it |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Detects the presence of Wine emulator |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | One or more potentially interesting buffers were extracted |
| notice | Potentially malicious URLs were found in the process memory dump |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | Starts servers listening |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Yara rule detected in process memory |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (34cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| notice | network_smtp_raw | Communications smtp | memory |
| info | anti_dbg | Checks if being debugged | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check Signature Zero | binaries (upload) |
| info | PE_Header_Zero | PE File Signature Zero | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
| info | borland_delphi | Borland Delphi 2.0 - 7.0 / 2005 - 2007 | binaries (upload) |
| info | escalate_priv | Escalade priviledges | binaries (upload) |
| info | HasDigitalSignature | DigitalSignature Check | binaries (upload) |
| info | HasOverlay | Overlay Check | binaries (upload) |
| info | IsWindowsGUI | (no description) | binaries (upload) |
| info | keylogger | Run a keylogger | binaries (upload) |
| info | network_dns | Communications use DNS | memory |
| info | network_tcp_listen | Listen for incoming communication | memory |
| info | network_tcp_socket | Communications over RAW socket | memory |
| info | screenshot | Take screenshot | binaries (upload) |
| info | spreading_file | Malware can spread east-west file | binaries (upload) |
| info | Str_Win32_Winsock2_Library | Match Winsock 2 API library declaration | memory |
| info | Win_Backdoor_AsyncRAT_Zero | Win Backdoor AsyncRAT | binaries (upload) |
| info | win_files_operation | Affect private profile | binaries (upload) |
| info | win_files_operation | Affect private profile | memory |
| info | win_mutex | Create or check mutex | binaries (upload) |
| info | win_private_profile | Affect private profile | binaries (upload) |
| info | win_registry | Affect system registries | binaries (upload) |
| info | win_registry | Affect system registries | memory |
| info | win_token | Affect system token | binaries (upload) |
| info | win_token | Affect system token | memory |
PE API
IAT(Import Address Table) Library
kernel32.dll
0x4a0190 DeleteCriticalSection
0x4a0194 LeaveCriticalSection
0x4a0198 EnterCriticalSection
0x4a019c InitializeCriticalSection
0x4a01a0 VirtualFree
0x4a01a4 VirtualAlloc
0x4a01a8 LocalFree
0x4a01ac LocalAlloc
0x4a01b0 WideCharToMultiByte
0x4a01b4 TlsSetValue
0x4a01b8 TlsGetValue
0x4a01bc MultiByteToWideChar
0x4a01c0 GetModuleHandleA
0x4a01c4 GetLastError
0x4a01c8 GetCommandLineA
0x4a01cc WriteFile
0x4a01d0 SetFilePointer
0x4a01d4 SetEndOfFile
0x4a01d8 RtlUnwind
0x4a01dc ReadFile
0x4a01e0 RaiseException
0x4a01e4 GetStdHandle
0x4a01e8 GetFileSize
0x4a01ec GetSystemTime
0x4a01f0 GetFileType
0x4a01f4 ExitProcess
0x4a01f8 CreateFileA
0x4a01fc CloseHandle
user32.dll
0x4a0204 MessageBoxA
oleaut32.dll
0x4a020c SafeArrayPutElement
0x4a0210 SafeArrayCreate
0x4a0214 VariantChangeTypeEx
0x4a0218 VariantCopyInd
0x4a021c VariantClear
0x4a0220 SysStringLen
0x4a0224 SysAllocStringLen
advapi32.dll
0x4a022c SetSecurityDescriptorDacl
0x4a0230 RegSetValueExA
0x4a0234 RegQueryValueExA
0x4a0238 RegQueryInfoKeyA
0x4a023c RegOpenKeyExA
0x4a0240 RegEnumValueA
0x4a0244 RegEnumKeyExA
0x4a0248 RegDeleteValueA
0x4a024c RegDeleteKeyA
0x4a0250 RegCreateKeyExA
0x4a0254 RegCloseKey
0x4a0258 OpenThreadToken
0x4a025c OpenProcessToken
0x4a0260 LookupPrivilegeValueA
0x4a0264 InitializeSecurityDescriptor
0x4a0268 GetUserNameA
0x4a026c GetTokenInformation
0x4a0270 FreeSid
0x4a0274 EqualSid
0x4a0278 AllocateAndInitializeSid
kernel32.dll
0x4a0280 lstrcmpA
0x4a0284 WriteProfileStringA
0x4a0288 WritePrivateProfileStringA
0x4a028c WriteFile
0x4a0290 WaitForSingleObject
0x4a0294 VirtualFree
0x4a0298 VirtualAlloc
0x4a029c TransactNamedPipe
0x4a02a0 TerminateThread
0x4a02a4 TerminateProcess
0x4a02a8 Sleep
0x4a02ac SizeofResource
0x4a02b0 SetNamedPipeHandleState
0x4a02b4 SetLastError
0x4a02b8 SetFileTime
0x4a02bc SetFilePointer
0x4a02c0 SetFileAttributesA
0x4a02c4 SetErrorMode
0x4a02c8 SetEndOfFile
0x4a02cc SetCurrentDirectoryA
0x4a02d0 RemoveDirectoryA
0x4a02d4 ReleaseMutex
0x4a02d8 ReadFile
0x4a02dc QueryPerformanceCounter
0x4a02e0 OpenProcess
0x4a02e4 OpenMutexA
0x4a02e8 MultiByteToWideChar
0x4a02ec MulDiv
0x4a02f0 MoveFileExA
0x4a02f4 MoveFileA
0x4a02f8 LockResource
0x4a02fc LocalFree
0x4a0300 LocalFileTimeToFileTime
0x4a0304 LoadResource
0x4a0308 LoadLibraryExA
0x4a030c LoadLibraryA
0x4a0310 IsDBCSLeadByte
0x4a0314 IsBadWritePtr
0x4a0318 GlobalUnlock
0x4a031c GlobalReAlloc
0x4a0320 GlobalHandle
0x4a0324 GlobalLock
0x4a0328 GlobalFree
0x4a032c GlobalDeleteAtom
0x4a0330 GlobalAlloc
0x4a0334 GlobalAddAtomA
0x4a0338 GetWindowsDirectoryA
0x4a033c GetVersionExA
0x4a0340 GetVersion
0x4a0344 GetUserDefaultLangID
0x4a0348 GetTickCount
0x4a034c GetSystemTimeAsFileTime
0x4a0350 GetSystemInfo
0x4a0354 GetSystemDirectoryA
0x4a0358 GetSystemDefaultLCID
0x4a035c GetShortPathNameA
0x4a0360 GetProfileStringA
0x4a0364 GetProcAddress
0x4a0368 GetPrivateProfileStringA
0x4a036c GetOverlappedResult
0x4a0370 GetModuleHandleA
0x4a0374 GetModuleFileNameA
0x4a0378 GetLogicalDrives
0x4a037c GetLocaleInfoA
0x4a0380 GetLocalTime
0x4a0384 GetLastError
0x4a0388 GetFullPathNameA
0x4a038c GetFileSize
0x4a0390 GetFileAttributesA
0x4a0394 GetExitCodeProcess
0x4a0398 GetEnvironmentVariableA
0x4a039c GetDriveTypeA
0x4a03a0 GetDiskFreeSpaceA
0x4a03a4 GetCurrentThreadId
0x4a03a8 GetCurrentThread
0x4a03ac GetCurrentProcessId
0x4a03b0 GetCurrentProcess
0x4a03b4 GetCurrentDirectoryA
0x4a03b8 GetComputerNameA
0x4a03bc GetCommandLineA
0x4a03c0 GetACP
0x4a03c4 FreeResource
0x4a03c8 InterlockedExchange
0x4a03cc FreeLibrary
0x4a03d0 FormatMessageA
0x4a03d4 FlushFileBuffers
0x4a03d8 FindResourceA
0x4a03dc FindNextFileA
0x4a03e0 FindFirstFileA
0x4a03e4 FindClose
0x4a03e8 FileTimeToSystemTime
0x4a03ec FileTimeToLocalFileTime
0x4a03f0 DeviceIoControl
0x4a03f4 DeleteFileA
0x4a03f8 CreateThread
0x4a03fc CreateProcessA
0x4a0400 CreateNamedPipeA
0x4a0404 CreateMutexA
0x4a0408 CreateFileA
0x4a040c CreateEventA
0x4a0410 CreateDirectoryA
0x4a0414 CopyFileA
0x4a0418 CompareStringA
0x4a041c CompareFileTime
0x4a0420 CloseHandle
version.dll
0x4a0440 VerQueryValueA
0x4a0444 GetFileVersionInfoSizeA
0x4a0448 GetFileVersionInfoA
gdi32.dll
0x4a0450 UnrealizeObject
0x4a0454 TextOutA
0x4a0458 StretchDIBits
0x4a045c StretchBlt
0x4a0460 SetWindowOrgEx
0x4a0464 SetViewportOrgEx
0x4a0468 SetTextColor
0x4a046c SetStretchBltMode
0x4a0470 SetROP2
0x4a0474 SetPixel
0x4a0478 SetBkMode
0x4a047c SetBkColor
0x4a0480 SelectPalette
0x4a0484 SelectObject
0x4a0488 SaveDC
0x4a048c RoundRect
0x4a0490 RestoreDC
0x4a0494 RemoveFontResourceA
0x4a0498 Rectangle
0x4a049c RectVisible
0x4a04a0 RealizePalette
0x4a04a4 Polyline
0x4a04a8 Pie
0x4a04ac PatBlt
0x4a04b0 MoveToEx
0x4a04b4 LineTo
0x4a04b8 LineDDA
0x4a04bc IntersectClipRect
0x4a04c0 GetWindowOrgEx
0x4a04c4 GetTextMetricsA
0x4a04c8 GetTextExtentPointA
0x4a04cc GetTextExtentPoint32A
0x4a04d0 GetSystemPaletteEntries
0x4a04d4 GetStockObject
0x4a04d8 GetPixel
0x4a04dc GetPaletteEntries
0x4a04e0 GetObjectA
0x4a04e4 GetDeviceCaps
0x4a04e8 GetDIBits
0x4a04ec GetCurrentPositionEx
0x4a04f0 GetClipBox
0x4a04f4 GetBitmapBits
0x4a04f8 ExtFloodFill
0x4a04fc ExcludeClipRect
0x4a0500 EnumFontsA
0x4a0504 Ellipse
0x4a0508 DeleteObject
0x4a050c DeleteDC
0x4a0510 CreateSolidBrush
0x4a0514 CreateRectRgn
0x4a0518 CreatePenIndirect
0x4a051c CreatePalette
0x4a0520 CreateFontIndirectA
0x4a0524 CreateDIBitmap
0x4a0528 CreateDIBSection
0x4a052c CreateCompatibleDC
0x4a0530 CreateCompatibleBitmap
0x4a0534 CreateBrushIndirect
0x4a0538 CreateBitmap
0x4a053c Chord
0x4a0540 BitBlt
0x4a0544 Arc
0x4a0548 AddFontResourceA
user32.dll
0x4a0550 WindowFromPoint
0x4a0554 WinHelpA
0x4a0558 WaitMessage
0x4a055c WaitForInputIdle
0x4a0560 UpdateWindow
0x4a0564 UnregisterClassA
0x4a0568 UnhookWindowsHookEx
0x4a056c TranslateMessage
0x4a0570 TranslateMDISysAccel
0x4a0574 TrackPopupMenu
0x4a0578 SystemParametersInfoA
0x4a057c ShowWindow
0x4a0580 ShowOwnedPopups
0x4a0584 ShowCursor
0x4a0588 SetWindowRgn
0x4a058c SetWindowsHookExA
0x4a0590 SetWindowTextA
0x4a0594 SetWindowPos
0x4a0598 SetWindowPlacement
0x4a059c SetWindowLongW
0x4a05a0 SetWindowLongA
0x4a05a4 SetTimer
0x4a05a8 SetScrollPos
0x4a05ac SetScrollInfo
0x4a05b0 SetRectEmpty
0x4a05b4 SetRect
0x4a05b8 SetPropA
0x4a05bc SetMenu
0x4a05c0 SetForegroundWindow
0x4a05c4 SetFocus
0x4a05c8 SetCursor
0x4a05cc SetCapture
0x4a05d0 SetActiveWindow
0x4a05d4 SendNotifyMessageA
0x4a05d8 SendMessageTimeoutA
0x4a05dc SendMessageW
0x4a05e0 SendMessageA
0x4a05e4 ScrollWindowEx
0x4a05e8 ScrollWindow
0x4a05ec ScreenToClient
0x4a05f0 ReplyMessage
0x4a05f4 RemovePropA
0x4a05f8 RemoveMenu
0x4a05fc ReleaseDC
0x4a0600 ReleaseCapture
0x4a0604 RegisterWindowMessageA
0x4a0608 RegisterClassA
0x4a060c PtInRect
0x4a0610 PostQuitMessage
0x4a0614 PostMessageA
0x4a0618 PeekMessageA
0x4a061c OffsetRect
0x4a0620 OemToCharBuffA
0x4a0624 OemToCharA
0x4a0628 MsgWaitForMultipleObjects
0x4a062c MessageBoxA
0x4a0630 MessageBeep
0x4a0634 MapWindowPoints
0x4a0638 MapVirtualKeyA
0x4a063c LoadStringA
0x4a0640 LoadIconA
0x4a0644 LoadCursorA
0x4a0648 LoadBitmapA
0x4a064c KillTimer
0x4a0650 IsZoomed
0x4a0654 IsWindowVisible
0x4a0658 IsWindowEnabled
0x4a065c IsWindow
0x4a0660 IsRectEmpty
0x4a0664 IsIconic
0x4a0668 IsDialogMessageA
0x4a066c InvalidateRect
0x4a0670 IntersectRect
0x4a0674 InsertMenuItemA
0x4a0678 InsertMenuA
0x4a067c InflateRect
0x4a0680 GetWindowThreadProcessId
0x4a0684 GetWindowTextA
0x4a0688 GetWindowRgn
0x4a068c GetWindowRect
0x4a0690 GetWindowPlacement
0x4a0694 GetWindowLongA
0x4a0698 GetSystemMetrics
0x4a069c GetSystemMenu
0x4a06a0 GetSysColor
0x4a06a4 GetSubMenu
0x4a06a8 GetScrollPos
0x4a06ac GetPropA
0x4a06b0 GetParent
0x4a06b4 GetWindow
0x4a06b8 GetMessagePos
0x4a06bc GetMessageA
0x4a06c0 GetMenuStringA
0x4a06c4 GetMenuState
0x4a06c8 GetMenuItemCount
0x4a06cc GetMenu
0x4a06d0 GetLastActivePopup
0x4a06d4 GetKeyState
0x4a06d8 GetKeyNameTextA
0x4a06dc GetIconInfo
0x4a06e0 GetForegroundWindow
0x4a06e4 GetFocus
0x4a06e8 GetDesktopWindow
0x4a06ec GetDCEx
0x4a06f0 GetDC
0x4a06f4 GetCursorPos
0x4a06f8 GetCursor
0x4a06fc GetClientRect
0x4a0700 GetClassInfoW
0x4a0704 GetClassInfoA
0x4a0708 GetCapture
0x4a070c GetActiveWindow
0x4a0710 FrameRect
0x4a0714 FindWindowA
0x4a0718 FillRect
0x4a071c ExitWindowsEx
0x4a0720 EqualRect
0x4a0724 EnumWindows
0x4a0728 EnumThreadWindows
0x4a072c EndPaint
0x4a0730 EnableWindow
0x4a0734 EnableMenuItem
0x4a0738 DrawTextW
0x4a073c DrawTextA
0x4a0740 DrawMenuBar
0x4a0744 DrawIconEx
0x4a0748 DrawIcon
0x4a074c DrawFrameControl
0x4a0750 DrawFocusRect
0x4a0754 DispatchMessageA
0x4a0758 DestroyWindow
0x4a075c DestroyMenu
0x4a0760 DestroyIcon
0x4a0764 DestroyCursor
0x4a0768 DeleteMenu
0x4a076c DefWindowProcA
0x4a0770 DefMDIChildProcA
0x4a0774 DefFrameProcA
0x4a0778 CreateWindowExA
0x4a077c CreatePopupMenu
0x4a0780 CreateMenu
0x4a0784 CreateIcon
0x4a0788 ClientToScreen
0x4a078c CheckMenuItem
0x4a0790 CallWindowProcW
0x4a0794 CallWindowProcA
0x4a0798 CallNextHookEx
0x4a079c BringWindowToTop
0x4a07a0 BeginPaint
0x4a07a4 AppendMenuA
0x4a07a8 CharPrevA
0x4a07ac CharNextA
0x4a07b0 CharLowerBuffA
0x4a07b4 CharLowerA
0x4a07b8 CharUpperBuffA
0x4a07bc CharToOemBuffA
0x4a07c0 AdjustWindowRectEx
ole32.dll
0x4a0808 CoTaskMemFree
0x4a080c CLSIDFromProgID
0x4a0810 CoCreateInstance
0x4a0814 CoFreeUnusedLibraries
0x4a0818 CoUninitialize
0x4a081c CoInitialize
0x4a0820 IsEqualGUID
oleaut32.dll
0x4a0828 GetActiveObject
0x4a082c RegisterTypeLib
0x4a0830 LoadTypeLib
0x4a0834 SysFreeString
shell32.dll
0x4a083c ShellExecuteExA
0x4a0840 ShellExecuteA
0x4a0844 SHGetFileInfoA
0x4a0848 ExtractIconA
shell32.dll
0x4a0850 SHChangeNotify
0x4a0854 SHBrowseForFolder
0x4a0858 SHGetPathFromIDList
0x4a085c SHGetMalloc
ole32.dll
0x4a0870 CoDisconnectObject
advapi32.dll
0x4a0878 AdjustTokenPrivileges
EAT(Export Address Table) is none
kernel32.dll
0x4a0190 DeleteCriticalSection
0x4a0194 LeaveCriticalSection
0x4a0198 EnterCriticalSection
0x4a019c InitializeCriticalSection
0x4a01a0 VirtualFree
0x4a01a4 VirtualAlloc
0x4a01a8 LocalFree
0x4a01ac LocalAlloc
0x4a01b0 WideCharToMultiByte
0x4a01b4 TlsSetValue
0x4a01b8 TlsGetValue
0x4a01bc MultiByteToWideChar
0x4a01c0 GetModuleHandleA
0x4a01c4 GetLastError
0x4a01c8 GetCommandLineA
0x4a01cc WriteFile
0x4a01d0 SetFilePointer
0x4a01d4 SetEndOfFile
0x4a01d8 RtlUnwind
0x4a01dc ReadFile
0x4a01e0 RaiseException
0x4a01e4 GetStdHandle
0x4a01e8 GetFileSize
0x4a01ec GetSystemTime
0x4a01f0 GetFileType
0x4a01f4 ExitProcess
0x4a01f8 CreateFileA
0x4a01fc CloseHandle
user32.dll
0x4a0204 MessageBoxA
oleaut32.dll
0x4a020c SafeArrayPutElement
0x4a0210 SafeArrayCreate
0x4a0214 VariantChangeTypeEx
0x4a0218 VariantCopyInd
0x4a021c VariantClear
0x4a0220 SysStringLen
0x4a0224 SysAllocStringLen
advapi32.dll
0x4a022c SetSecurityDescriptorDacl
0x4a0230 RegSetValueExA
0x4a0234 RegQueryValueExA
0x4a0238 RegQueryInfoKeyA
0x4a023c RegOpenKeyExA
0x4a0240 RegEnumValueA
0x4a0244 RegEnumKeyExA
0x4a0248 RegDeleteValueA
0x4a024c RegDeleteKeyA
0x4a0250 RegCreateKeyExA
0x4a0254 RegCloseKey
0x4a0258 OpenThreadToken
0x4a025c OpenProcessToken
0x4a0260 LookupPrivilegeValueA
0x4a0264 InitializeSecurityDescriptor
0x4a0268 GetUserNameA
0x4a026c GetTokenInformation
0x4a0270 FreeSid
0x4a0274 EqualSid
0x4a0278 AllocateAndInitializeSid
kernel32.dll
0x4a0280 lstrcmpA
0x4a0284 WriteProfileStringA
0x4a0288 WritePrivateProfileStringA
0x4a028c WriteFile
0x4a0290 WaitForSingleObject
0x4a0294 VirtualFree
0x4a0298 VirtualAlloc
0x4a029c TransactNamedPipe
0x4a02a0 TerminateThread
0x4a02a4 TerminateProcess
0x4a02a8 Sleep
0x4a02ac SizeofResource
0x4a02b0 SetNamedPipeHandleState
0x4a02b4 SetLastError
0x4a02b8 SetFileTime
0x4a02bc SetFilePointer
0x4a02c0 SetFileAttributesA
0x4a02c4 SetErrorMode
0x4a02c8 SetEndOfFile
0x4a02cc SetCurrentDirectoryA
0x4a02d0 RemoveDirectoryA
0x4a02d4 ReleaseMutex
0x4a02d8 ReadFile
0x4a02dc QueryPerformanceCounter
0x4a02e0 OpenProcess
0x4a02e4 OpenMutexA
0x4a02e8 MultiByteToWideChar
0x4a02ec MulDiv
0x4a02f0 MoveFileExA
0x4a02f4 MoveFileA
0x4a02f8 LockResource
0x4a02fc LocalFree
0x4a0300 LocalFileTimeToFileTime
0x4a0304 LoadResource
0x4a0308 LoadLibraryExA
0x4a030c LoadLibraryA
0x4a0310 IsDBCSLeadByte
0x4a0314 IsBadWritePtr
0x4a0318 GlobalUnlock
0x4a031c GlobalReAlloc
0x4a0320 GlobalHandle
0x4a0324 GlobalLock
0x4a0328 GlobalFree
0x4a032c GlobalDeleteAtom
0x4a0330 GlobalAlloc
0x4a0334 GlobalAddAtomA
0x4a0338 GetWindowsDirectoryA
0x4a033c GetVersionExA
0x4a0340 GetVersion
0x4a0344 GetUserDefaultLangID
0x4a0348 GetTickCount
0x4a034c GetSystemTimeAsFileTime
0x4a0350 GetSystemInfo
0x4a0354 GetSystemDirectoryA
0x4a0358 GetSystemDefaultLCID
0x4a035c GetShortPathNameA
0x4a0360 GetProfileStringA
0x4a0364 GetProcAddress
0x4a0368 GetPrivateProfileStringA
0x4a036c GetOverlappedResult
0x4a0370 GetModuleHandleA
0x4a0374 GetModuleFileNameA
0x4a0378 GetLogicalDrives
0x4a037c GetLocaleInfoA
0x4a0380 GetLocalTime
0x4a0384 GetLastError
0x4a0388 GetFullPathNameA
0x4a038c GetFileSize
0x4a0390 GetFileAttributesA
0x4a0394 GetExitCodeProcess
0x4a0398 GetEnvironmentVariableA
0x4a039c GetDriveTypeA
0x4a03a0 GetDiskFreeSpaceA
0x4a03a4 GetCurrentThreadId
0x4a03a8 GetCurrentThread
0x4a03ac GetCurrentProcessId
0x4a03b0 GetCurrentProcess
0x4a03b4 GetCurrentDirectoryA
0x4a03b8 GetComputerNameA
0x4a03bc GetCommandLineA
0x4a03c0 GetACP
0x4a03c4 FreeResource
0x4a03c8 InterlockedExchange
0x4a03cc FreeLibrary
0x4a03d0 FormatMessageA
0x4a03d4 FlushFileBuffers
0x4a03d8 FindResourceA
0x4a03dc FindNextFileA
0x4a03e0 FindFirstFileA
0x4a03e4 FindClose
0x4a03e8 FileTimeToSystemTime
0x4a03ec FileTimeToLocalFileTime
0x4a03f0 DeviceIoControl
0x4a03f4 DeleteFileA
0x4a03f8 CreateThread
0x4a03fc CreateProcessA
0x4a0400 CreateNamedPipeA
0x4a0404 CreateMutexA
0x4a0408 CreateFileA
0x4a040c CreateEventA
0x4a0410 CreateDirectoryA
0x4a0414 CopyFileA
0x4a0418 CompareStringA
0x4a041c CompareFileTime
0x4a0420 CloseHandle
version.dll
0x4a0440 VerQueryValueA
0x4a0444 GetFileVersionInfoSizeA
0x4a0448 GetFileVersionInfoA
gdi32.dll
0x4a0450 UnrealizeObject
0x4a0454 TextOutA
0x4a0458 StretchDIBits
0x4a045c StretchBlt
0x4a0460 SetWindowOrgEx
0x4a0464 SetViewportOrgEx
0x4a0468 SetTextColor
0x4a046c SetStretchBltMode
0x4a0470 SetROP2
0x4a0474 SetPixel
0x4a0478 SetBkMode
0x4a047c SetBkColor
0x4a0480 SelectPalette
0x4a0484 SelectObject
0x4a0488 SaveDC
0x4a048c RoundRect
0x4a0490 RestoreDC
0x4a0494 RemoveFontResourceA
0x4a0498 Rectangle
0x4a049c RectVisible
0x4a04a0 RealizePalette
0x4a04a4 Polyline
0x4a04a8 Pie
0x4a04ac PatBlt
0x4a04b0 MoveToEx
0x4a04b4 LineTo
0x4a04b8 LineDDA
0x4a04bc IntersectClipRect
0x4a04c0 GetWindowOrgEx
0x4a04c4 GetTextMetricsA
0x4a04c8 GetTextExtentPointA
0x4a04cc GetTextExtentPoint32A
0x4a04d0 GetSystemPaletteEntries
0x4a04d4 GetStockObject
0x4a04d8 GetPixel
0x4a04dc GetPaletteEntries
0x4a04e0 GetObjectA
0x4a04e4 GetDeviceCaps
0x4a04e8 GetDIBits
0x4a04ec GetCurrentPositionEx
0x4a04f0 GetClipBox
0x4a04f4 GetBitmapBits
0x4a04f8 ExtFloodFill
0x4a04fc ExcludeClipRect
0x4a0500 EnumFontsA
0x4a0504 Ellipse
0x4a0508 DeleteObject
0x4a050c DeleteDC
0x4a0510 CreateSolidBrush
0x4a0514 CreateRectRgn
0x4a0518 CreatePenIndirect
0x4a051c CreatePalette
0x4a0520 CreateFontIndirectA
0x4a0524 CreateDIBitmap
0x4a0528 CreateDIBSection
0x4a052c CreateCompatibleDC
0x4a0530 CreateCompatibleBitmap
0x4a0534 CreateBrushIndirect
0x4a0538 CreateBitmap
0x4a053c Chord
0x4a0540 BitBlt
0x4a0544 Arc
0x4a0548 AddFontResourceA
user32.dll
0x4a0550 WindowFromPoint
0x4a0554 WinHelpA
0x4a0558 WaitMessage
0x4a055c WaitForInputIdle
0x4a0560 UpdateWindow
0x4a0564 UnregisterClassA
0x4a0568 UnhookWindowsHookEx
0x4a056c TranslateMessage
0x4a0570 TranslateMDISysAccel
0x4a0574 TrackPopupMenu
0x4a0578 SystemParametersInfoA
0x4a057c ShowWindow
0x4a0580 ShowOwnedPopups
0x4a0584 ShowCursor
0x4a0588 SetWindowRgn
0x4a058c SetWindowsHookExA
0x4a0590 SetWindowTextA
0x4a0594 SetWindowPos
0x4a0598 SetWindowPlacement
0x4a059c SetWindowLongW
0x4a05a0 SetWindowLongA
0x4a05a4 SetTimer
0x4a05a8 SetScrollPos
0x4a05ac SetScrollInfo
0x4a05b0 SetRectEmpty
0x4a05b4 SetRect
0x4a05b8 SetPropA
0x4a05bc SetMenu
0x4a05c0 SetForegroundWindow
0x4a05c4 SetFocus
0x4a05c8 SetCursor
0x4a05cc SetCapture
0x4a05d0 SetActiveWindow
0x4a05d4 SendNotifyMessageA
0x4a05d8 SendMessageTimeoutA
0x4a05dc SendMessageW
0x4a05e0 SendMessageA
0x4a05e4 ScrollWindowEx
0x4a05e8 ScrollWindow
0x4a05ec ScreenToClient
0x4a05f0 ReplyMessage
0x4a05f4 RemovePropA
0x4a05f8 RemoveMenu
0x4a05fc ReleaseDC
0x4a0600 ReleaseCapture
0x4a0604 RegisterWindowMessageA
0x4a0608 RegisterClassA
0x4a060c PtInRect
0x4a0610 PostQuitMessage
0x4a0614 PostMessageA
0x4a0618 PeekMessageA
0x4a061c OffsetRect
0x4a0620 OemToCharBuffA
0x4a0624 OemToCharA
0x4a0628 MsgWaitForMultipleObjects
0x4a062c MessageBoxA
0x4a0630 MessageBeep
0x4a0634 MapWindowPoints
0x4a0638 MapVirtualKeyA
0x4a063c LoadStringA
0x4a0640 LoadIconA
0x4a0644 LoadCursorA
0x4a0648 LoadBitmapA
0x4a064c KillTimer
0x4a0650 IsZoomed
0x4a0654 IsWindowVisible
0x4a0658 IsWindowEnabled
0x4a065c IsWindow
0x4a0660 IsRectEmpty
0x4a0664 IsIconic
0x4a0668 IsDialogMessageA
0x4a066c InvalidateRect
0x4a0670 IntersectRect
0x4a0674 InsertMenuItemA
0x4a0678 InsertMenuA
0x4a067c InflateRect
0x4a0680 GetWindowThreadProcessId
0x4a0684 GetWindowTextA
0x4a0688 GetWindowRgn
0x4a068c GetWindowRect
0x4a0690 GetWindowPlacement
0x4a0694 GetWindowLongA
0x4a0698 GetSystemMetrics
0x4a069c GetSystemMenu
0x4a06a0 GetSysColor
0x4a06a4 GetSubMenu
0x4a06a8 GetScrollPos
0x4a06ac GetPropA
0x4a06b0 GetParent
0x4a06b4 GetWindow
0x4a06b8 GetMessagePos
0x4a06bc GetMessageA
0x4a06c0 GetMenuStringA
0x4a06c4 GetMenuState
0x4a06c8 GetMenuItemCount
0x4a06cc GetMenu
0x4a06d0 GetLastActivePopup
0x4a06d4 GetKeyState
0x4a06d8 GetKeyNameTextA
0x4a06dc GetIconInfo
0x4a06e0 GetForegroundWindow
0x4a06e4 GetFocus
0x4a06e8 GetDesktopWindow
0x4a06ec GetDCEx
0x4a06f0 GetDC
0x4a06f4 GetCursorPos
0x4a06f8 GetCursor
0x4a06fc GetClientRect
0x4a0700 GetClassInfoW
0x4a0704 GetClassInfoA
0x4a0708 GetCapture
0x4a070c GetActiveWindow
0x4a0710 FrameRect
0x4a0714 FindWindowA
0x4a0718 FillRect
0x4a071c ExitWindowsEx
0x4a0720 EqualRect
0x4a0724 EnumWindows
0x4a0728 EnumThreadWindows
0x4a072c EndPaint
0x4a0730 EnableWindow
0x4a0734 EnableMenuItem
0x4a0738 DrawTextW
0x4a073c DrawTextA
0x4a0740 DrawMenuBar
0x4a0744 DrawIconEx
0x4a0748 DrawIcon
0x4a074c DrawFrameControl
0x4a0750 DrawFocusRect
0x4a0754 DispatchMessageA
0x4a0758 DestroyWindow
0x4a075c DestroyMenu
0x4a0760 DestroyIcon
0x4a0764 DestroyCursor
0x4a0768 DeleteMenu
0x4a076c DefWindowProcA
0x4a0770 DefMDIChildProcA
0x4a0774 DefFrameProcA
0x4a0778 CreateWindowExA
0x4a077c CreatePopupMenu
0x4a0780 CreateMenu
0x4a0784 CreateIcon
0x4a0788 ClientToScreen
0x4a078c CheckMenuItem
0x4a0790 CallWindowProcW
0x4a0794 CallWindowProcA
0x4a0798 CallNextHookEx
0x4a079c BringWindowToTop
0x4a07a0 BeginPaint
0x4a07a4 AppendMenuA
0x4a07a8 CharPrevA
0x4a07ac CharNextA
0x4a07b0 CharLowerBuffA
0x4a07b4 CharLowerA
0x4a07b8 CharUpperBuffA
0x4a07bc CharToOemBuffA
0x4a07c0 AdjustWindowRectEx
ole32.dll
0x4a0808 CoTaskMemFree
0x4a080c CLSIDFromProgID
0x4a0810 CoCreateInstance
0x4a0814 CoFreeUnusedLibraries
0x4a0818 CoUninitialize
0x4a081c CoInitialize
0x4a0820 IsEqualGUID
oleaut32.dll
0x4a0828 GetActiveObject
0x4a082c RegisterTypeLib
0x4a0830 LoadTypeLib
0x4a0834 SysFreeString
shell32.dll
0x4a083c ShellExecuteExA
0x4a0840 ShellExecuteA
0x4a0844 SHGetFileInfoA
0x4a0848 ExtractIconA
shell32.dll
0x4a0850 SHChangeNotify
0x4a0854 SHBrowseForFolder
0x4a0858 SHGetPathFromIDList
0x4a085c SHGetMalloc
ole32.dll
0x4a0870 CoDisconnectObject
advapi32.dll
0x4a0878 AdjustTokenPrivileges
EAT(Export Address Table) is none