ScreenShot
| Created | 2021.04.28 10:01 | Machine | s1_win7_x6402 |
| Filename | uDUxwumDrV.dll | ||
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 31 detected (malicious, high confidence, FGHR, Unsafe, confidence, 100%, Mekotio, CLOUD, Softcnapp, Outbreak, ai score=83, kcloud, Wacatac, Artemis, VSNTDR21) | ||
| md5 | ee03a7aafeaa2e4b937066e5efe8016f | ||
| sha256 | 071726ffe3567442cc251bb3bf1b72db413081cbe1a41483c8cc230c31834816 | ||
| ssdeep | 196608:TtPW0qJXS7S/PzVjqjKj4U1tc18OXVmJXSMKAQPJjDqPXDKw9AHurr6:Tt6Jjvj1tc1XVmJXvKAykPXOwuHh | ||
| imphash | ff750281199fd75b463a9612c10a02fe | ||
| impfuzzy | 384:YcGok6y556PDRQLOWv5xTDx3VdqaCwYyJ+icg:YCkv56PDKTx3VewH | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 31 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (22cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| notice | Str_Win32_Http_API | Match Windows Http API call | binaries (upload) |
| notice | Str_Win32_Internet_API | Match Windows Inet API call | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check Signature Zero | binaries (upload) |
| info | PE_Header_Zero | PE File Signature Zero | binaries (upload) |
| info | escalate_priv | Escalade priviledges | binaries (upload) |
| info | IsPacked | Entropy Check | binaries (upload) |
| info | IsWindowsGUI | (no description) | binaries (upload) |
| info | keylogger | Run a keylogger | binaries (upload) |
| info | network_dns | Communications use DNS | binaries (upload) |
| info | network_ssl | Communications over SSL | binaries (upload) |
| info | network_tcp_listen | Listen for incoming communication | binaries (upload) |
| info | network_tcp_socket | Communications over RAW socket | binaries (upload) |
| info | network_tor | Communications over TOR network | binaries (upload) |
| info | screenshot | Take screenshot | binaries (upload) |
| info | Str_Win32_Wininet_Library | Match Windows Inet API library declaration | binaries (upload) |
| info | Str_Win32_Winsock2_Library | Match Winsock 2 API library declaration | binaries (upload) |
| info | win_files_operation | Affect private profile | binaries (upload) |
| info | win_mutex | Create or check mutex | binaries (upload) |
| info | win_registry | Affect system registries | binaries (upload) |
| info | win_token | Affect system token | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
winmm.dll
0x113b000 PlaySoundW
wininet.dll
0x113b010 InternetCloseHandle
0x113b018 InternetReadFile
0x113b020 InternetOpenW
0x113b028 InternetOpenUrlW
winspool.drv
0x113b038 DocumentPropertiesW
0x113b040 ClosePrinter
0x113b048 OpenPrinterW
0x113b050 GetDefaultPrinterW
0x113b058 EnumPrintersW
comctl32.dll
0x113b068 ImageList_GetImageInfo
0x113b070 FlatSB_SetScrollInfo
0x113b078 InitCommonControls
0x113b080 ImageList_DragMove
0x113b088 ImageList_Destroy
0x113b090 _TrackMouseEvent
0x113b098 ImageList_DragShowNolock
0x113b0a0 ImageList_Add
0x113b0a8 FlatSB_SetScrollProp
0x113b0b0 ImageList_GetDragImage
0x113b0b8 ImageList_Create
0x113b0c0 ImageList_EndDrag
0x113b0c8 ImageList_DrawEx
0x113b0d0 ImageList_SetImageCount
0x113b0d8 FlatSB_GetScrollPos
0x113b0e0 FlatSB_SetScrollPos
0x113b0e8 InitializeFlatSB
0x113b0f0 ImageList_Copy
0x113b0f8 FlatSB_GetScrollInfo
0x113b100 ImageList_Write
0x113b108 ImageList_SetBkColor
0x113b110 ImageList_GetBkColor
0x113b118 ImageList_BeginDrag
0x113b120 ImageList_GetIcon
0x113b128 ImageList_Replace
0x113b130 ImageList_GetImageCount
0x113b138 ImageList_DragEnter
0x113b140 ImageList_GetIconSize
0x113b148 ImageList_SetIconSize
0x113b150 ImageList_Read
0x113b158 ImageList_DragLeave
0x113b160 ImageList_LoadImageW
0x113b168 ImageList_Draw
0x113b170 ImageList_Remove
0x113b178 ImageList_ReplaceIcon
0x113b180 ImageList_SetOverlayImage
shell32.dll
0x113b190 SHGetSpecialFolderLocation
0x113b198 Shell_NotifyIconW
0x113b1a0 ShellExecuteW
0x113b1a8 SHGetPathFromIDListW
user32.dll
0x113b1b8 DdeSetUserHandle
0x113b1c0 CopyImage
0x113b1c8 SetMenuItemInfoW
0x113b1d0 GetMenuItemInfoW
0x113b1d8 DefFrameProcW
0x113b1e0 GetDlgCtrlID
0x113b1e8 FrameRect
0x113b1f0 RegisterWindowMessageW
0x113b1f8 GetMenuStringW
0x113b200 FillRect
0x113b208 DdeCmpStringHandles
0x113b210 SendMessageA
0x113b218 IsClipboardFormatAvailable
0x113b220 EnumWindows
0x113b228 ShowOwnedPopups
0x113b230 GetClassInfoW
0x113b238 GetScrollRange
0x113b240 SetActiveWindow
0x113b248 GetActiveWindow
0x113b250 DrawEdge
0x113b258 GetKeyboardLayoutList
0x113b260 LoadBitmapW
0x113b268 EnumChildWindows
0x113b270 GetScrollBarInfo
0x113b278 UnhookWindowsHookEx
0x113b280 SetCapture
0x113b288 GetCapture
0x113b290 ShowCaret
0x113b298 CreatePopupMenu
0x113b2a0 GetMenuItemID
0x113b2a8 CharLowerBuffW
0x113b2b0 PostMessageW
0x113b2b8 IsZoomed
0x113b2c0 SetParent
0x113b2c8 DrawMenuBar
0x113b2d0 SetSystemCursor
0x113b2d8 GetClientRect
0x113b2e0 IsChild
0x113b2e8 IsIconic
0x113b2f0 CallNextHookEx
0x113b2f8 DdeDisconnect
0x113b300 ShowWindow
0x113b308 GetWindowTextW
0x113b310 SetForegroundWindow
0x113b318 GetAsyncKeyState
0x113b320 IsDialogMessageW
0x113b328 DestroyWindow
0x113b330 RegisterClassW
0x113b338 EndMenu
0x113b340 CharNextW
0x113b348 GetFocus
0x113b350 GetDC
0x113b358 SetFocus
0x113b360 ReleaseDC
0x113b368 mouse_event
0x113b370 ExitWindowsEx
0x113b378 SetScrollRange
0x113b380 DrawTextW
0x113b388 PeekMessageA
0x113b390 MessageBeep
0x113b398 RemovePropW
0x113b3a0 GetSubMenu
0x113b3a8 DestroyIcon
0x113b3b0 IsWindowVisible
0x113b3b8 DispatchMessageA
0x113b3c0 UnregisterClassW
0x113b3c8 GetTopWindow
0x113b3d0 SendMessageW
0x113b3d8 GetMessageTime
0x113b3e0 GetWindowLongPtrW
0x113b3e8 SetWindowLongPtrW
0x113b3f0 DdeNameService
0x113b3f8 DdeAccessData
0x113b400 LoadStringW
0x113b408 CreateMenu
0x113b410 CharLowerW
0x113b418 SetWindowRgn
0x113b420 SetWindowPos
0x113b428 GetMenuItemCount
0x113b430 GetSysColorBrush
0x113b438 GetWindowDC
0x113b440 DdeQueryConvInfo
0x113b448 DrawTextExW
0x113b450 EnumClipboardFormats
0x113b458 GetScrollInfo
0x113b460 SetWindowTextW
0x113b468 GetMessageExtraInfo
0x113b470 GetSysColor
0x113b478 EnableScrollBar
0x113b480 TrackPopupMenu
0x113b488 DrawIconEx
0x113b490 DdePostAdvise
0x113b498 GetClassNameW
0x113b4a0 DdeCreateDataHandle
0x113b4a8 GetMessagePos
0x113b4b0 GetIconInfo
0x113b4b8 SetScrollInfo
0x113b4c0 GetKeyNameTextW
0x113b4c8 GetDesktopWindow
0x113b4d0 SetCursorPos
0x113b4d8 GetCursorPos
0x113b4e0 SetMenu
0x113b4e8 GetMenuState
0x113b4f0 GetMenu
0x113b4f8 SetRect
0x113b500 GetKeyState
0x113b508 GetCursor
0x113b510 KillTimer
0x113b518 WaitMessage
0x113b520 TranslateMDISysAccel
0x113b528 GetWindowPlacement
0x113b530 CreateWindowExW
0x113b538 GetMessageW
0x113b540 GetDCEx
0x113b548 PeekMessageW
0x113b550 MonitorFromWindow
0x113b558 SetTimer
0x113b560 WindowFromPoint
0x113b568 BeginPaint
0x113b570 RegisterClipboardFormatW
0x113b578 DdeUnaccessData
0x113b580 MapVirtualKeyW
0x113b588 IsWindowUnicode
0x113b590 DispatchMessageW
0x113b598 CreateAcceleratorTableW
0x113b5a0 DefMDIChildProcW
0x113b5a8 GetSystemMenu
0x113b5b0 SetScrollPos
0x113b5b8 GetScrollPos
0x113b5c0 DdeClientTransaction
0x113b5c8 DrawFocusRect
0x113b5d0 SendInput
0x113b5d8 ReleaseCapture
0x113b5e0 LoadCursorW
0x113b5e8 DdeConnect
0x113b5f0 ScrollWindow
0x113b5f8 GetLastActivePopup
0x113b600 DdeUninitialize
0x113b608 GetSystemMetrics
0x113b610 CharUpperBuffW
0x113b618 SetClassLongPtrW
0x113b620 GetClassLongPtrW
0x113b628 SetClipboardData
0x113b630 GetClipboardData
0x113b638 ClientToScreen
0x113b640 SetWindowPlacement
0x113b648 DdeFreeStringHandle
0x113b650 GetMonitorInfoW
0x113b658 CheckMenuItem
0x113b660 CharUpperW
0x113b668 DefWindowProcW
0x113b670 GetForegroundWindow
0x113b678 EnableWindow
0x113b680 GetWindowThreadProcessId
0x113b688 RedrawWindow
0x113b690 EndPaint
0x113b698 MsgWaitForMultipleObjectsEx
0x113b6a0 LoadKeyboardLayoutW
0x113b6a8 ActivateKeyboardLayout
0x113b6b0 GetParent
0x113b6b8 MonitorFromRect
0x113b6c0 InsertMenuItemW
0x113b6c8 DdeQueryStringA
0x113b6d0 GetPropW
0x113b6d8 MessageBoxW
0x113b6e0 SetPropW
0x113b6e8 UpdateWindow
0x113b6f0 MsgWaitForMultipleObjects
0x113b6f8 VkKeyScanW
0x113b700 DestroyMenu
0x113b708 SetWindowsHookExW
0x113b710 EmptyClipboard
0x113b718 AdjustWindowRectEx
0x113b720 IsWindow
0x113b728 DrawIcon
0x113b730 EnumThreadWindows
0x113b738 InvalidateRect
0x113b740 GetKeyboardState
0x113b748 ScreenToClient
0x113b750 DrawFrameControl
0x113b758 DdeFreeDataHandle
0x113b760 SetCursor
0x113b768 CreateIcon
0x113b770 DdeInitializeA
0x113b778 RemoveMenu
0x113b780 DdeCreateStringHandleA
0x113b788 GetKeyboardLayoutNameW
0x113b790 OpenClipboard
0x113b798 TranslateMessage
0x113b7a0 MapWindowPoints
0x113b7a8 EnumDisplayMonitors
0x113b7b0 CountClipboardFormats
0x113b7b8 CallWindowProcW
0x113b7c0 CloseClipboard
0x113b7c8 DestroyCursor
0x113b7d0 PostMessageA
0x113b7d8 CopyIcon
0x113b7e0 PostQuitMessage
0x113b7e8 DdeGetLastError
0x113b7f0 ShowScrollBar
0x113b7f8 EnableMenuItem
0x113b800 HideCaret
0x113b808 FindWindowExW
0x113b810 MonitorFromPoint
0x113b818 LoadIconW
0x113b820 SystemParametersInfoW
0x113b828 GetWindow
0x113b830 GetWindowRect
0x113b838 InsertMenuW
0x113b840 PostThreadMessageW
0x113b848 IsWindowEnabled
0x113b850 IsDialogMessageA
0x113b858 FindWindowW
0x113b860 GetKeyboardLayout
0x113b868 DeleteMenu
version.dll
0x113b878 GetFileVersionInfoSizeW
0x113b880 VerQueryValueW
0x113b888 GetFileVersionInfoW
oleaut32.dll
0x113b898 GetErrorInfo
0x113b8a0 SysFreeString
0x113b8a8 VariantClear
0x113b8b0 VariantInit
0x113b8b8 SysReAllocStringLen
0x113b8c0 SafeArrayCreate
0x113b8c8 SafeArrayGetElement
0x113b8d0 GetActiveObject
0x113b8d8 SysAllocStringLen
0x113b8e0 SafeArrayPtrOfIndex
0x113b8e8 SafeArrayGetUBound
0x113b8f0 SafeArrayGetLBound
0x113b8f8 VariantCopy
0x113b900 VariantChangeType
advapi32.dll
0x113b910 RegSetValueExW
0x113b918 RegConnectRegistryW
0x113b920 GetUserNameW
0x113b928 RegQueryInfoKeyW
0x113b930 RegUnLoadKeyW
0x113b938 IsValidAcl
0x113b940 RegSaveKeyW
0x113b948 RegReplaceKeyW
0x113b950 RegCreateKeyExW
0x113b958 InitializeAcl
0x113b960 RegLoadKeyW
0x113b968 RegEnumKeyExW
0x113b970 AdjustTokenPrivileges
0x113b978 RegDeleteKeyW
0x113b980 SetSecurityInfo
0x113b988 LookupPrivilegeValueW
0x113b990 RegOpenKeyExW
0x113b998 OpenProcessToken
0x113b9a0 RegDeleteValueW
0x113b9a8 RegFlushKey
0x113b9b0 RegEnumValueW
0x113b9b8 RegQueryValueExW
0x113b9c0 RegCloseKey
0x113b9c8 RegRestoreKeyW
netapi32.dll
0x113b9d8 NetWkstaGetInfo
0x113b9e0 NetApiBufferFree
msvcrt.dll
0x113b9f0 memcpy
0x113b9f8 memset
winhttp.dll
0x113ba08 WinHttpGetIEProxyConfigForCurrentUser
0x113ba10 WinHttpSetTimeouts
0x113ba18 WinHttpSetStatusCallback
0x113ba20 WinHttpConnect
0x113ba28 WinHttpReceiveResponse
0x113ba30 WinHttpQueryAuthSchemes
0x113ba38 WinHttpGetProxyForUrl
0x113ba40 WinHttpReadData
0x113ba48 WinHttpCloseHandle
0x113ba50 WinHttpQueryHeaders
0x113ba58 WinHttpOpenRequest
0x113ba60 WinHttpAddRequestHeaders
0x113ba68 WinHttpOpen
0x113ba70 WinHttpWriteData
0x113ba78 WinHttpSetCredentials
0x113ba80 WinHttpQueryDataAvailable
0x113ba88 WinHttpSetOption
0x113ba90 WinHttpSendRequest
0x113ba98 WinHttpQueryOption
kernel32.dll
0x113baa8 SetFileAttributesW
0x113bab0 GetFileType
0x113bab8 SetFileTime
0x113bac0 RtlUnwindEx
0x113bac8 QueryDosDeviceW
0x113bad0 GetACP
0x113bad8 CloseHandle
0x113bae0 LocalFree
0x113bae8 GetCurrentProcessId
0x113baf0 SizeofResource
0x113baf8 VirtualProtect
0x113bb00 TlsAlloc
0x113bb08 TerminateThread
0x113bb10 QueryPerformanceFrequency
0x113bb18 SetProcessWorkingSetSize
0x113bb20 IsDebuggerPresent
0x113bb28 FindNextFileW
0x113bb30 GetFullPathNameW
0x113bb38 VirtualFree
0x113bb40 HeapAlloc
0x113bb48 ExitProcess
0x113bb50 GetCPInfoExW
0x113bb58 GlobalSize
0x113bb60 RtlUnwind
0x113bb68 GetCPInfo
0x113bb70 EnumSystemLocalesW
0x113bb78 GetStdHandle
0x113bb80 GetTimeZoneInformation
0x113bb88 FileTimeToLocalFileTime
0x113bb90 SystemTimeToTzSpecificLocalTime
0x113bb98 GetModuleHandleW
0x113bba0 FreeLibrary
0x113bba8 TryEnterCriticalSection
0x113bbb0 HeapDestroy
0x113bbb8 FileTimeToDosDateTime
0x113bbc0 ReadFile
0x113bbc8 GetUserDefaultLCID
0x113bbd0 CreateProcessW
0x113bbd8 HeapSize
0x113bbe0 GetLastError
0x113bbe8 GetModuleFileNameW
0x113bbf0 SetLastError
0x113bbf8 GlobalAlloc
0x113bc00 GlobalUnlock
0x113bc08 FindResourceW
0x113bc10 CreateThread
0x113bc18 CompareStringW
0x113bc20 CopyFileW
0x113bc28 MapViewOfFile
0x113bc30 CreateMutexW
0x113bc38 LoadLibraryA
0x113bc40 GetVolumeInformationW
0x113bc48 ResetEvent
0x113bc50 MulDiv
0x113bc58 FreeResource
0x113bc60 GetDriveTypeW
0x113bc68 GetVersion
0x113bc70 RaiseException
0x113bc78 GlobalAddAtomW
0x113bc80 FormatMessageW
0x113bc88 OpenProcess
0x113bc90 SwitchToThread
0x113bc98 GetExitCodeThread
0x113bca0 OutputDebugStringW
0x113bca8 GetCurrentThread
0x113bcb0 GetLogicalDrives
0x113bcb8 GetFileAttributesExW
0x113bcc0 LoadLibraryExW
0x113bcc8 TerminateProcess
0x113bcd0 LockResource
0x113bcd8 FileTimeToSystemTime
0x113bce0 GetCurrentThreadId
0x113bce8 UnhandledExceptionFilter
0x113bcf0 GlobalFindAtomW
0x113bcf8 VirtualQuery
0x113bd00 GlobalFree
0x113bd08 VirtualQueryEx
0x113bd10 Sleep
0x113bd18 EnterCriticalSection
0x113bd20 SetFilePointer
0x113bd28 LoadResource
0x113bd30 SuspendThread
0x113bd38 GetTickCount
0x113bd40 GetFileSize
0x113bd48 GlobalDeleteAtom
0x113bd50 GetStartupInfoW
0x113bd58 GetFileAttributesW
0x113bd60 InitializeCriticalSection
0x113bd68 GetThreadPriority
0x113bd70 GetCurrentProcess
0x113bd78 GlobalLock
0x113bd80 SetThreadPriority
0x113bd88 VirtualAlloc
0x113bd90 GetTempPathW
0x113bd98 GetCommandLineW
0x113bda0 GetSystemInfo
0x113bda8 LeaveCriticalSection
0x113bdb0 GetProcAddress
0x113bdb8 ResumeThread
0x113bdc0 GetLogicalDriveStringsW
0x113bdc8 WinExec
0x113bdd0 GetVersionExW
0x113bdd8 VerifyVersionInfoW
0x113bde0 HeapCreate
0x113bde8 LCMapStringW
0x113bdf0 GetDiskFreeSpaceW
0x113bdf8 VerSetConditionMask
0x113be00 FindFirstFileW
0x113be08 GetUserDefaultUILanguage
0x113be10 TlsFree
0x113be18 GetConsoleOutputCP
0x113be20 UnmapViewOfFile
0x113be28 GetConsoleCP
0x113be30 lstrlenW
0x113be38 SetEndOfFile
0x113be40 QueryPerformanceCounter
0x113be48 HeapFree
0x113be50 WideCharToMultiByte
0x113be58 FindClose
0x113be60 MultiByteToWideChar
0x113be68 LoadLibraryW
0x113be70 SetEvent
0x113be78 GetLocaleInfoW
0x113be80 CreateFileW
0x113be88 SystemTimeToFileTime
0x113be90 EnumResourceNamesW
0x113be98 DeleteFileW
0x113bea0 IsDBCSLeadByteEx
0x113bea8 GetEnvironmentVariableW
0x113beb0 GetLocalTime
0x113beb8 WaitForSingleObject
0x113bec0 WriteFile
0x113bec8 CreateFileMappingW
0x113bed0 ExitThread
0x113bed8 DeleteCriticalSection
0x113bee0 GetDateFormatW
0x113bee8 TlsGetValue
0x113bef0 SetErrorMode
0x113bef8 GetComputerNameW
0x113bf00 TzSpecificLocalTimeToSystemTime
0x113bf08 IsValidLocale
0x113bf10 TlsSetValue
0x113bf18 CreateDirectoryW
0x113bf20 GetSystemDefaultUILanguage
0x113bf28 EnumCalendarInfoW
0x113bf30 LocalAlloc
0x113bf38 RemoveDirectoryW
0x113bf40 CreateEventW
0x113bf48 WaitForMultipleObjectsEx
0x113bf50 GetThreadLocale
0x113bf58 SetThreadLocale
wsock32.dll
0x113bf68 gethostbyaddr
0x113bf70 WSACleanup
0x113bf78 gethostbyname
0x113bf80 ind
0x113bf88 gethostname
0x113bf90 closesocket
0x113bf98 WSAGetLastError
0x113bfa0 connect
0x113bfa8 inet_addr
0x113bfb0 getpeername
0x113bfb8 WSAAsyncSelect
0x113bfc0 WSAAsyncGetServByName
0x113bfc8 WSACancelAsyncRequest
0x113bfd0 send
0x113bfd8 ntohs
0x113bfe0 htons
0x113bfe8 WSAStartup
0x113bff0 getservbyname
0x113bff8 getsockname
0x113c000 listen
0x113c008 socket
0x113c010 recv
0x113c018 inet_ntoa
0x113c020 ioctlsocket
0x113c028 WSAAsyncGetHostByName
ole32.dll
0x113c038 OleRegEnumVerbs
0x113c040 IsAccelerator
0x113c048 CreateBindCtx
0x113c050 MkParseDisplayName
0x113c058 CoCreateInstance
0x113c060 CoUninitialize
0x113c068 IsEqualGUID
0x113c070 ProgIDFromCLSID
0x113c078 CreateStreamOnHGlobal
0x113c080 OleInitialize
0x113c088 CLSIDFromProgID
0x113c090 OleUninitialize
0x113c098 CoGetClassObject
0x113c0a0 CoInitialize
0x113c0a8 CoTaskMemFree
0x113c0b0 OleDraw
0x113c0b8 CoTaskMemAlloc
0x113c0c0 StringFromCLSID
0x113c0c8 OleSetMenuDescriptor
gdi32.dll
0x113c0d8 Pie
0x113c0e0 SetBkMode
0x113c0e8 CreateCompatibleBitmap
0x113c0f0 GetEnhMetaFileHeader
0x113c0f8 CloseEnhMetaFile
0x113c100 RectVisible
0x113c108 AngleArc
0x113c110 ResizePalette
0x113c118 SetAbortProc
0x113c120 SetTextColor
0x113c128 StretchBlt
0x113c130 RoundRect
0x113c138 RestoreDC
0x113c140 SetRectRgn
0x113c148 GetTextMetricsW
0x113c150 GetWindowOrgEx
0x113c158 CreatePalette
0x113c160 PolyBezierTo
0x113c168 CreateICW
0x113c170 CreateDCW
0x113c178 GetStockObject
0x113c180 CreateSolidBrush
0x113c188 Polygon
0x113c190 MoveToEx
0x113c198 PlayEnhMetaFile
0x113c1a0 Ellipse
0x113c1a8 StartPage
0x113c1b0 GetBitmapBits
0x113c1b8 StartDocW
0x113c1c0 AbortDoc
0x113c1c8 GetSystemPaletteEntries
0x113c1d0 GetEnhMetaFileBits
0x113c1d8 GetEnhMetaFilePaletteEntries
0x113c1e0 CreatePenIndirect
0x113c1e8 SetMapMode
0x113c1f0 CreateFontIndirectW
0x113c1f8 PolyBezier
0x113c200 LPtoDP
0x113c208 EndDoc
0x113c210 GetObjectW
0x113c218 GetWinMetaFileBits
0x113c220 SetROP2
0x113c228 GetEnhMetaFileDescriptionW
0x113c230 ArcTo
0x113c238 CreateEnhMetaFileW
0x113c240 Arc
0x113c248 SelectPalette
0x113c250 ExcludeClipRect
0x113c258 MaskBlt
0x113c260 SetWindowOrgEx
0x113c268 EndPage
0x113c270 DeleteEnhMetaFile
0x113c278 Chord
0x113c280 SetDIBits
0x113c288 SetViewportOrgEx
0x113c290 CreateRectRgn
0x113c298 RealizePalette
0x113c2a0 SetDIBColorTable
0x113c2a8 GetDIBColorTable
0x113c2b0 CreateBrushIndirect
0x113c2b8 PatBlt
0x113c2c0 SetEnhMetaFileBits
0x113c2c8 CreateEllipticRgn
0x113c2d0 Rectangle
0x113c2d8 SaveDC
0x113c2e0 DeleteDC
0x113c2e8 BitBlt
0x113c2f0 FrameRgn
0x113c2f8 GetDeviceCaps
0x113c300 GetTextExtentPoint32W
0x113c308 GetClipBox
0x113c310 IntersectClipRect
0x113c318 Polyline
0x113c320 CreateBitmap
0x113c328 CombineRgn
0x113c330 SetWinMetaFileBits
0x113c338 GetStretchBltMode
0x113c340 CreateDIBitmap
0x113c348 SetStretchBltMode
0x113c350 GetDIBits
0x113c358 CreateDIBSection
0x113c360 LineTo
0x113c368 GetRgnBox
0x113c370 EnumFontsW
0x113c378 CreateHalftonePalette
0x113c380 SelectObject
0x113c388 DeleteObject
0x113c390 ExtFloodFill
0x113c398 UnrealizeObject
0x113c3a0 CopyEnhMetaFileW
0x113c3a8 SetBkColor
0x113c3b0 CreateCompatibleDC
0x113c3b8 GetBrushOrgEx
0x113c3c0 GetCurrentPositionEx
0x113c3c8 GetNearestPaletteIndex
0x113c3d0 GetTextExtentPointW
0x113c3d8 ExtTextOutW
0x113c3e0 SetBrushOrgEx
0x113c3e8 GetPixel
0x113c3f0 GdiFlush
0x113c3f8 SetPixel
0x113c400 EnumFontFamiliesExW
0x113c408 StretchDIBits
0x113c410 GetPaletteEntries
WTSAPI32.dll
0x113c420 WTSSendMessageW
kernel32.dll
0x113c430 GetSystemTimeAsFileTime
0x113c438 GetModuleHandleA
0x113c440 CreateEventA
0x113c448 GetModuleFileNameW
0x113c450 LoadLibraryA
0x113c458 TerminateProcess
0x113c460 GetCurrentProcess
0x113c468 CreateToolhelp32Snapshot
0x113c470 Thread32First
0x113c478 GetCurrentProcessId
0x113c480 GetCurrentThreadId
0x113c488 OpenThread
0x113c490 Thread32Next
0x113c498 CloseHandle
0x113c4a0 SuspendThread
0x113c4a8 ResumeThread
0x113c4b0 WriteProcessMemory
0x113c4b8 GetSystemInfo
0x113c4c0 VirtualAlloc
0x113c4c8 VirtualProtect
0x113c4d0 VirtualFree
0x113c4d8 GetProcessAffinityMask
0x113c4e0 SetProcessAffinityMask
0x113c4e8 GetCurrentThread
0x113c4f0 SetThreadAffinityMask
0x113c4f8 Sleep
0x113c500 FreeLibrary
0x113c508 GetTickCount
0x113c510 SystemTimeToFileTime
0x113c518 FileTimeToSystemTime
0x113c520 GlobalFree
0x113c528 LocalAlloc
0x113c530 LocalFree
0x113c538 GetProcAddress
0x113c540 ExitProcess
0x113c548 EnterCriticalSection
0x113c550 LeaveCriticalSection
0x113c558 InitializeCriticalSection
0x113c560 DeleteCriticalSection
0x113c568 GetModuleHandleW
0x113c570 LoadResource
0x113c578 MultiByteToWideChar
0x113c580 FindResourceExW
0x113c588 FindResourceExA
0x113c590 WideCharToMultiByte
0x113c598 GetThreadLocale
0x113c5a0 GetUserDefaultLCID
0x113c5a8 GetSystemDefaultLCID
0x113c5b0 EnumResourceNamesA
0x113c5b8 EnumResourceNamesW
0x113c5c0 EnumResourceLanguagesA
0x113c5c8 EnumResourceLanguagesW
0x113c5d0 EnumResourceTypesA
0x113c5d8 EnumResourceTypesW
0x113c5e0 CreateFileW
0x113c5e8 LoadLibraryW
0x113c5f0 GetLastError
0x113c5f8 FlushFileBuffers
0x113c600 CreateFileA
0x113c608 WriteConsoleW
0x113c610 GetConsoleOutputCP
0x113c618 WriteConsoleA
0x113c620 SetStdHandle
0x113c628 FlsSetValue
0x113c630 GetCommandLineA
0x113c638 RaiseException
0x113c640 RtlPcToFileHeader
0x113c648 RtlLookupFunctionEntry
0x113c650 RtlUnwindEx
0x113c658 HeapFree
0x113c660 GetCPInfo
0x113c668 GetACP
0x113c670 GetOEMCP
0x113c678 IsValidCodePage
0x113c680 EncodePointer
0x113c688 DecodePointer
0x113c690 FlsGetValue
0x113c698 FlsFree
0x113c6a0 SetLastError
0x113c6a8 FlsAlloc
0x113c6b0 UnhandledExceptionFilter
0x113c6b8 SetUnhandledExceptionFilter
0x113c6c0 IsDebuggerPresent
0x113c6c8 RtlVirtualUnwind
0x113c6d0 RtlCaptureContext
0x113c6d8 HeapAlloc
0x113c6e0 LCMapStringA
0x113c6e8 LCMapStringW
0x113c6f0 SetHandleCount
0x113c6f8 GetStdHandle
0x113c700 GetFileType
0x113c708 GetStartupInfoA
0x113c710 GetModuleFileNameA
0x113c718 FreeEnvironmentStringsA
0x113c720 GetEnvironmentStrings
0x113c728 FreeEnvironmentStringsW
0x113c730 GetEnvironmentStringsW
0x113c738 HeapSetInformation
0x113c740 HeapCreate
0x113c748 HeapDestroy
0x113c750 QueryPerformanceCounter
0x113c758 GetStringTypeA
0x113c760 GetStringTypeW
0x113c768 GetLocaleInfoA
0x113c770 HeapSize
0x113c778 WriteFile
0x113c780 SetFilePointer
0x113c788 GetConsoleCP
0x113c790 GetConsoleMode
0x113c798 HeapReAlloc
0x113c7a0 InitializeCriticalSectionAndSpinCount
user32.dll
0x113c7b0 GetUserObjectInformationW
0x113c7b8 CharUpperBuffW
0x113c7c0 MessageBoxW
0x113c7c8 GetProcessWindowStation
kernel32.dll
0x113c7d8 LocalAlloc
0x113c7e0 GetModuleFileNameW
0x113c7e8 LocalFree
0x113c7f0 GetProcessAffinityMask
0x113c7f8 SetProcessAffinityMask
0x113c800 SetThreadAffinityMask
0x113c808 Sleep
0x113c810 ExitProcess
0x113c818 FreeLibrary
0x113c820 LoadLibraryA
0x113c828 GetModuleHandleA
0x113c830 GetProcAddress
user32.dll
0x113c840 GetProcessWindowStation
0x113c848 GetUserObjectInformationW
EAT(Export Address Table) Library
0x9f3580 PHAEbowsFCQddE9m
0x49e670 TMethodImplementationIntercept
0x41cef0 __dbk_fcall_wrapper
0xa9f298 dbkFCallWrapperAddr
winmm.dll
0x113b000 PlaySoundW
wininet.dll
0x113b010 InternetCloseHandle
0x113b018 InternetReadFile
0x113b020 InternetOpenW
0x113b028 InternetOpenUrlW
winspool.drv
0x113b038 DocumentPropertiesW
0x113b040 ClosePrinter
0x113b048 OpenPrinterW
0x113b050 GetDefaultPrinterW
0x113b058 EnumPrintersW
comctl32.dll
0x113b068 ImageList_GetImageInfo
0x113b070 FlatSB_SetScrollInfo
0x113b078 InitCommonControls
0x113b080 ImageList_DragMove
0x113b088 ImageList_Destroy
0x113b090 _TrackMouseEvent
0x113b098 ImageList_DragShowNolock
0x113b0a0 ImageList_Add
0x113b0a8 FlatSB_SetScrollProp
0x113b0b0 ImageList_GetDragImage
0x113b0b8 ImageList_Create
0x113b0c0 ImageList_EndDrag
0x113b0c8 ImageList_DrawEx
0x113b0d0 ImageList_SetImageCount
0x113b0d8 FlatSB_GetScrollPos
0x113b0e0 FlatSB_SetScrollPos
0x113b0e8 InitializeFlatSB
0x113b0f0 ImageList_Copy
0x113b0f8 FlatSB_GetScrollInfo
0x113b100 ImageList_Write
0x113b108 ImageList_SetBkColor
0x113b110 ImageList_GetBkColor
0x113b118 ImageList_BeginDrag
0x113b120 ImageList_GetIcon
0x113b128 ImageList_Replace
0x113b130 ImageList_GetImageCount
0x113b138 ImageList_DragEnter
0x113b140 ImageList_GetIconSize
0x113b148 ImageList_SetIconSize
0x113b150 ImageList_Read
0x113b158 ImageList_DragLeave
0x113b160 ImageList_LoadImageW
0x113b168 ImageList_Draw
0x113b170 ImageList_Remove
0x113b178 ImageList_ReplaceIcon
0x113b180 ImageList_SetOverlayImage
shell32.dll
0x113b190 SHGetSpecialFolderLocation
0x113b198 Shell_NotifyIconW
0x113b1a0 ShellExecuteW
0x113b1a8 SHGetPathFromIDListW
user32.dll
0x113b1b8 DdeSetUserHandle
0x113b1c0 CopyImage
0x113b1c8 SetMenuItemInfoW
0x113b1d0 GetMenuItemInfoW
0x113b1d8 DefFrameProcW
0x113b1e0 GetDlgCtrlID
0x113b1e8 FrameRect
0x113b1f0 RegisterWindowMessageW
0x113b1f8 GetMenuStringW
0x113b200 FillRect
0x113b208 DdeCmpStringHandles
0x113b210 SendMessageA
0x113b218 IsClipboardFormatAvailable
0x113b220 EnumWindows
0x113b228 ShowOwnedPopups
0x113b230 GetClassInfoW
0x113b238 GetScrollRange
0x113b240 SetActiveWindow
0x113b248 GetActiveWindow
0x113b250 DrawEdge
0x113b258 GetKeyboardLayoutList
0x113b260 LoadBitmapW
0x113b268 EnumChildWindows
0x113b270 GetScrollBarInfo
0x113b278 UnhookWindowsHookEx
0x113b280 SetCapture
0x113b288 GetCapture
0x113b290 ShowCaret
0x113b298 CreatePopupMenu
0x113b2a0 GetMenuItemID
0x113b2a8 CharLowerBuffW
0x113b2b0 PostMessageW
0x113b2b8 IsZoomed
0x113b2c0 SetParent
0x113b2c8 DrawMenuBar
0x113b2d0 SetSystemCursor
0x113b2d8 GetClientRect
0x113b2e0 IsChild
0x113b2e8 IsIconic
0x113b2f0 CallNextHookEx
0x113b2f8 DdeDisconnect
0x113b300 ShowWindow
0x113b308 GetWindowTextW
0x113b310 SetForegroundWindow
0x113b318 GetAsyncKeyState
0x113b320 IsDialogMessageW
0x113b328 DestroyWindow
0x113b330 RegisterClassW
0x113b338 EndMenu
0x113b340 CharNextW
0x113b348 GetFocus
0x113b350 GetDC
0x113b358 SetFocus
0x113b360 ReleaseDC
0x113b368 mouse_event
0x113b370 ExitWindowsEx
0x113b378 SetScrollRange
0x113b380 DrawTextW
0x113b388 PeekMessageA
0x113b390 MessageBeep
0x113b398 RemovePropW
0x113b3a0 GetSubMenu
0x113b3a8 DestroyIcon
0x113b3b0 IsWindowVisible
0x113b3b8 DispatchMessageA
0x113b3c0 UnregisterClassW
0x113b3c8 GetTopWindow
0x113b3d0 SendMessageW
0x113b3d8 GetMessageTime
0x113b3e0 GetWindowLongPtrW
0x113b3e8 SetWindowLongPtrW
0x113b3f0 DdeNameService
0x113b3f8 DdeAccessData
0x113b400 LoadStringW
0x113b408 CreateMenu
0x113b410 CharLowerW
0x113b418 SetWindowRgn
0x113b420 SetWindowPos
0x113b428 GetMenuItemCount
0x113b430 GetSysColorBrush
0x113b438 GetWindowDC
0x113b440 DdeQueryConvInfo
0x113b448 DrawTextExW
0x113b450 EnumClipboardFormats
0x113b458 GetScrollInfo
0x113b460 SetWindowTextW
0x113b468 GetMessageExtraInfo
0x113b470 GetSysColor
0x113b478 EnableScrollBar
0x113b480 TrackPopupMenu
0x113b488 DrawIconEx
0x113b490 DdePostAdvise
0x113b498 GetClassNameW
0x113b4a0 DdeCreateDataHandle
0x113b4a8 GetMessagePos
0x113b4b0 GetIconInfo
0x113b4b8 SetScrollInfo
0x113b4c0 GetKeyNameTextW
0x113b4c8 GetDesktopWindow
0x113b4d0 SetCursorPos
0x113b4d8 GetCursorPos
0x113b4e0 SetMenu
0x113b4e8 GetMenuState
0x113b4f0 GetMenu
0x113b4f8 SetRect
0x113b500 GetKeyState
0x113b508 GetCursor
0x113b510 KillTimer
0x113b518 WaitMessage
0x113b520 TranslateMDISysAccel
0x113b528 GetWindowPlacement
0x113b530 CreateWindowExW
0x113b538 GetMessageW
0x113b540 GetDCEx
0x113b548 PeekMessageW
0x113b550 MonitorFromWindow
0x113b558 SetTimer
0x113b560 WindowFromPoint
0x113b568 BeginPaint
0x113b570 RegisterClipboardFormatW
0x113b578 DdeUnaccessData
0x113b580 MapVirtualKeyW
0x113b588 IsWindowUnicode
0x113b590 DispatchMessageW
0x113b598 CreateAcceleratorTableW
0x113b5a0 DefMDIChildProcW
0x113b5a8 GetSystemMenu
0x113b5b0 SetScrollPos
0x113b5b8 GetScrollPos
0x113b5c0 DdeClientTransaction
0x113b5c8 DrawFocusRect
0x113b5d0 SendInput
0x113b5d8 ReleaseCapture
0x113b5e0 LoadCursorW
0x113b5e8 DdeConnect
0x113b5f0 ScrollWindow
0x113b5f8 GetLastActivePopup
0x113b600 DdeUninitialize
0x113b608 GetSystemMetrics
0x113b610 CharUpperBuffW
0x113b618 SetClassLongPtrW
0x113b620 GetClassLongPtrW
0x113b628 SetClipboardData
0x113b630 GetClipboardData
0x113b638 ClientToScreen
0x113b640 SetWindowPlacement
0x113b648 DdeFreeStringHandle
0x113b650 GetMonitorInfoW
0x113b658 CheckMenuItem
0x113b660 CharUpperW
0x113b668 DefWindowProcW
0x113b670 GetForegroundWindow
0x113b678 EnableWindow
0x113b680 GetWindowThreadProcessId
0x113b688 RedrawWindow
0x113b690 EndPaint
0x113b698 MsgWaitForMultipleObjectsEx
0x113b6a0 LoadKeyboardLayoutW
0x113b6a8 ActivateKeyboardLayout
0x113b6b0 GetParent
0x113b6b8 MonitorFromRect
0x113b6c0 InsertMenuItemW
0x113b6c8 DdeQueryStringA
0x113b6d0 GetPropW
0x113b6d8 MessageBoxW
0x113b6e0 SetPropW
0x113b6e8 UpdateWindow
0x113b6f0 MsgWaitForMultipleObjects
0x113b6f8 VkKeyScanW
0x113b700 DestroyMenu
0x113b708 SetWindowsHookExW
0x113b710 EmptyClipboard
0x113b718 AdjustWindowRectEx
0x113b720 IsWindow
0x113b728 DrawIcon
0x113b730 EnumThreadWindows
0x113b738 InvalidateRect
0x113b740 GetKeyboardState
0x113b748 ScreenToClient
0x113b750 DrawFrameControl
0x113b758 DdeFreeDataHandle
0x113b760 SetCursor
0x113b768 CreateIcon
0x113b770 DdeInitializeA
0x113b778 RemoveMenu
0x113b780 DdeCreateStringHandleA
0x113b788 GetKeyboardLayoutNameW
0x113b790 OpenClipboard
0x113b798 TranslateMessage
0x113b7a0 MapWindowPoints
0x113b7a8 EnumDisplayMonitors
0x113b7b0 CountClipboardFormats
0x113b7b8 CallWindowProcW
0x113b7c0 CloseClipboard
0x113b7c8 DestroyCursor
0x113b7d0 PostMessageA
0x113b7d8 CopyIcon
0x113b7e0 PostQuitMessage
0x113b7e8 DdeGetLastError
0x113b7f0 ShowScrollBar
0x113b7f8 EnableMenuItem
0x113b800 HideCaret
0x113b808 FindWindowExW
0x113b810 MonitorFromPoint
0x113b818 LoadIconW
0x113b820 SystemParametersInfoW
0x113b828 GetWindow
0x113b830 GetWindowRect
0x113b838 InsertMenuW
0x113b840 PostThreadMessageW
0x113b848 IsWindowEnabled
0x113b850 IsDialogMessageA
0x113b858 FindWindowW
0x113b860 GetKeyboardLayout
0x113b868 DeleteMenu
version.dll
0x113b878 GetFileVersionInfoSizeW
0x113b880 VerQueryValueW
0x113b888 GetFileVersionInfoW
oleaut32.dll
0x113b898 GetErrorInfo
0x113b8a0 SysFreeString
0x113b8a8 VariantClear
0x113b8b0 VariantInit
0x113b8b8 SysReAllocStringLen
0x113b8c0 SafeArrayCreate
0x113b8c8 SafeArrayGetElement
0x113b8d0 GetActiveObject
0x113b8d8 SysAllocStringLen
0x113b8e0 SafeArrayPtrOfIndex
0x113b8e8 SafeArrayGetUBound
0x113b8f0 SafeArrayGetLBound
0x113b8f8 VariantCopy
0x113b900 VariantChangeType
advapi32.dll
0x113b910 RegSetValueExW
0x113b918 RegConnectRegistryW
0x113b920 GetUserNameW
0x113b928 RegQueryInfoKeyW
0x113b930 RegUnLoadKeyW
0x113b938 IsValidAcl
0x113b940 RegSaveKeyW
0x113b948 RegReplaceKeyW
0x113b950 RegCreateKeyExW
0x113b958 InitializeAcl
0x113b960 RegLoadKeyW
0x113b968 RegEnumKeyExW
0x113b970 AdjustTokenPrivileges
0x113b978 RegDeleteKeyW
0x113b980 SetSecurityInfo
0x113b988 LookupPrivilegeValueW
0x113b990 RegOpenKeyExW
0x113b998 OpenProcessToken
0x113b9a0 RegDeleteValueW
0x113b9a8 RegFlushKey
0x113b9b0 RegEnumValueW
0x113b9b8 RegQueryValueExW
0x113b9c0 RegCloseKey
0x113b9c8 RegRestoreKeyW
netapi32.dll
0x113b9d8 NetWkstaGetInfo
0x113b9e0 NetApiBufferFree
msvcrt.dll
0x113b9f0 memcpy
0x113b9f8 memset
winhttp.dll
0x113ba08 WinHttpGetIEProxyConfigForCurrentUser
0x113ba10 WinHttpSetTimeouts
0x113ba18 WinHttpSetStatusCallback
0x113ba20 WinHttpConnect
0x113ba28 WinHttpReceiveResponse
0x113ba30 WinHttpQueryAuthSchemes
0x113ba38 WinHttpGetProxyForUrl
0x113ba40 WinHttpReadData
0x113ba48 WinHttpCloseHandle
0x113ba50 WinHttpQueryHeaders
0x113ba58 WinHttpOpenRequest
0x113ba60 WinHttpAddRequestHeaders
0x113ba68 WinHttpOpen
0x113ba70 WinHttpWriteData
0x113ba78 WinHttpSetCredentials
0x113ba80 WinHttpQueryDataAvailable
0x113ba88 WinHttpSetOption
0x113ba90 WinHttpSendRequest
0x113ba98 WinHttpQueryOption
kernel32.dll
0x113baa8 SetFileAttributesW
0x113bab0 GetFileType
0x113bab8 SetFileTime
0x113bac0 RtlUnwindEx
0x113bac8 QueryDosDeviceW
0x113bad0 GetACP
0x113bad8 CloseHandle
0x113bae0 LocalFree
0x113bae8 GetCurrentProcessId
0x113baf0 SizeofResource
0x113baf8 VirtualProtect
0x113bb00 TlsAlloc
0x113bb08 TerminateThread
0x113bb10 QueryPerformanceFrequency
0x113bb18 SetProcessWorkingSetSize
0x113bb20 IsDebuggerPresent
0x113bb28 FindNextFileW
0x113bb30 GetFullPathNameW
0x113bb38 VirtualFree
0x113bb40 HeapAlloc
0x113bb48 ExitProcess
0x113bb50 GetCPInfoExW
0x113bb58 GlobalSize
0x113bb60 RtlUnwind
0x113bb68 GetCPInfo
0x113bb70 EnumSystemLocalesW
0x113bb78 GetStdHandle
0x113bb80 GetTimeZoneInformation
0x113bb88 FileTimeToLocalFileTime
0x113bb90 SystemTimeToTzSpecificLocalTime
0x113bb98 GetModuleHandleW
0x113bba0 FreeLibrary
0x113bba8 TryEnterCriticalSection
0x113bbb0 HeapDestroy
0x113bbb8 FileTimeToDosDateTime
0x113bbc0 ReadFile
0x113bbc8 GetUserDefaultLCID
0x113bbd0 CreateProcessW
0x113bbd8 HeapSize
0x113bbe0 GetLastError
0x113bbe8 GetModuleFileNameW
0x113bbf0 SetLastError
0x113bbf8 GlobalAlloc
0x113bc00 GlobalUnlock
0x113bc08 FindResourceW
0x113bc10 CreateThread
0x113bc18 CompareStringW
0x113bc20 CopyFileW
0x113bc28 MapViewOfFile
0x113bc30 CreateMutexW
0x113bc38 LoadLibraryA
0x113bc40 GetVolumeInformationW
0x113bc48 ResetEvent
0x113bc50 MulDiv
0x113bc58 FreeResource
0x113bc60 GetDriveTypeW
0x113bc68 GetVersion
0x113bc70 RaiseException
0x113bc78 GlobalAddAtomW
0x113bc80 FormatMessageW
0x113bc88 OpenProcess
0x113bc90 SwitchToThread
0x113bc98 GetExitCodeThread
0x113bca0 OutputDebugStringW
0x113bca8 GetCurrentThread
0x113bcb0 GetLogicalDrives
0x113bcb8 GetFileAttributesExW
0x113bcc0 LoadLibraryExW
0x113bcc8 TerminateProcess
0x113bcd0 LockResource
0x113bcd8 FileTimeToSystemTime
0x113bce0 GetCurrentThreadId
0x113bce8 UnhandledExceptionFilter
0x113bcf0 GlobalFindAtomW
0x113bcf8 VirtualQuery
0x113bd00 GlobalFree
0x113bd08 VirtualQueryEx
0x113bd10 Sleep
0x113bd18 EnterCriticalSection
0x113bd20 SetFilePointer
0x113bd28 LoadResource
0x113bd30 SuspendThread
0x113bd38 GetTickCount
0x113bd40 GetFileSize
0x113bd48 GlobalDeleteAtom
0x113bd50 GetStartupInfoW
0x113bd58 GetFileAttributesW
0x113bd60 InitializeCriticalSection
0x113bd68 GetThreadPriority
0x113bd70 GetCurrentProcess
0x113bd78 GlobalLock
0x113bd80 SetThreadPriority
0x113bd88 VirtualAlloc
0x113bd90 GetTempPathW
0x113bd98 GetCommandLineW
0x113bda0 GetSystemInfo
0x113bda8 LeaveCriticalSection
0x113bdb0 GetProcAddress
0x113bdb8 ResumeThread
0x113bdc0 GetLogicalDriveStringsW
0x113bdc8 WinExec
0x113bdd0 GetVersionExW
0x113bdd8 VerifyVersionInfoW
0x113bde0 HeapCreate
0x113bde8 LCMapStringW
0x113bdf0 GetDiskFreeSpaceW
0x113bdf8 VerSetConditionMask
0x113be00 FindFirstFileW
0x113be08 GetUserDefaultUILanguage
0x113be10 TlsFree
0x113be18 GetConsoleOutputCP
0x113be20 UnmapViewOfFile
0x113be28 GetConsoleCP
0x113be30 lstrlenW
0x113be38 SetEndOfFile
0x113be40 QueryPerformanceCounter
0x113be48 HeapFree
0x113be50 WideCharToMultiByte
0x113be58 FindClose
0x113be60 MultiByteToWideChar
0x113be68 LoadLibraryW
0x113be70 SetEvent
0x113be78 GetLocaleInfoW
0x113be80 CreateFileW
0x113be88 SystemTimeToFileTime
0x113be90 EnumResourceNamesW
0x113be98 DeleteFileW
0x113bea0 IsDBCSLeadByteEx
0x113bea8 GetEnvironmentVariableW
0x113beb0 GetLocalTime
0x113beb8 WaitForSingleObject
0x113bec0 WriteFile
0x113bec8 CreateFileMappingW
0x113bed0 ExitThread
0x113bed8 DeleteCriticalSection
0x113bee0 GetDateFormatW
0x113bee8 TlsGetValue
0x113bef0 SetErrorMode
0x113bef8 GetComputerNameW
0x113bf00 TzSpecificLocalTimeToSystemTime
0x113bf08 IsValidLocale
0x113bf10 TlsSetValue
0x113bf18 CreateDirectoryW
0x113bf20 GetSystemDefaultUILanguage
0x113bf28 EnumCalendarInfoW
0x113bf30 LocalAlloc
0x113bf38 RemoveDirectoryW
0x113bf40 CreateEventW
0x113bf48 WaitForMultipleObjectsEx
0x113bf50 GetThreadLocale
0x113bf58 SetThreadLocale
wsock32.dll
0x113bf68 gethostbyaddr
0x113bf70 WSACleanup
0x113bf78 gethostbyname
0x113bf80 ind
0x113bf88 gethostname
0x113bf90 closesocket
0x113bf98 WSAGetLastError
0x113bfa0 connect
0x113bfa8 inet_addr
0x113bfb0 getpeername
0x113bfb8 WSAAsyncSelect
0x113bfc0 WSAAsyncGetServByName
0x113bfc8 WSACancelAsyncRequest
0x113bfd0 send
0x113bfd8 ntohs
0x113bfe0 htons
0x113bfe8 WSAStartup
0x113bff0 getservbyname
0x113bff8 getsockname
0x113c000 listen
0x113c008 socket
0x113c010 recv
0x113c018 inet_ntoa
0x113c020 ioctlsocket
0x113c028 WSAAsyncGetHostByName
ole32.dll
0x113c038 OleRegEnumVerbs
0x113c040 IsAccelerator
0x113c048 CreateBindCtx
0x113c050 MkParseDisplayName
0x113c058 CoCreateInstance
0x113c060 CoUninitialize
0x113c068 IsEqualGUID
0x113c070 ProgIDFromCLSID
0x113c078 CreateStreamOnHGlobal
0x113c080 OleInitialize
0x113c088 CLSIDFromProgID
0x113c090 OleUninitialize
0x113c098 CoGetClassObject
0x113c0a0 CoInitialize
0x113c0a8 CoTaskMemFree
0x113c0b0 OleDraw
0x113c0b8 CoTaskMemAlloc
0x113c0c0 StringFromCLSID
0x113c0c8 OleSetMenuDescriptor
gdi32.dll
0x113c0d8 Pie
0x113c0e0 SetBkMode
0x113c0e8 CreateCompatibleBitmap
0x113c0f0 GetEnhMetaFileHeader
0x113c0f8 CloseEnhMetaFile
0x113c100 RectVisible
0x113c108 AngleArc
0x113c110 ResizePalette
0x113c118 SetAbortProc
0x113c120 SetTextColor
0x113c128 StretchBlt
0x113c130 RoundRect
0x113c138 RestoreDC
0x113c140 SetRectRgn
0x113c148 GetTextMetricsW
0x113c150 GetWindowOrgEx
0x113c158 CreatePalette
0x113c160 PolyBezierTo
0x113c168 CreateICW
0x113c170 CreateDCW
0x113c178 GetStockObject
0x113c180 CreateSolidBrush
0x113c188 Polygon
0x113c190 MoveToEx
0x113c198 PlayEnhMetaFile
0x113c1a0 Ellipse
0x113c1a8 StartPage
0x113c1b0 GetBitmapBits
0x113c1b8 StartDocW
0x113c1c0 AbortDoc
0x113c1c8 GetSystemPaletteEntries
0x113c1d0 GetEnhMetaFileBits
0x113c1d8 GetEnhMetaFilePaletteEntries
0x113c1e0 CreatePenIndirect
0x113c1e8 SetMapMode
0x113c1f0 CreateFontIndirectW
0x113c1f8 PolyBezier
0x113c200 LPtoDP
0x113c208 EndDoc
0x113c210 GetObjectW
0x113c218 GetWinMetaFileBits
0x113c220 SetROP2
0x113c228 GetEnhMetaFileDescriptionW
0x113c230 ArcTo
0x113c238 CreateEnhMetaFileW
0x113c240 Arc
0x113c248 SelectPalette
0x113c250 ExcludeClipRect
0x113c258 MaskBlt
0x113c260 SetWindowOrgEx
0x113c268 EndPage
0x113c270 DeleteEnhMetaFile
0x113c278 Chord
0x113c280 SetDIBits
0x113c288 SetViewportOrgEx
0x113c290 CreateRectRgn
0x113c298 RealizePalette
0x113c2a0 SetDIBColorTable
0x113c2a8 GetDIBColorTable
0x113c2b0 CreateBrushIndirect
0x113c2b8 PatBlt
0x113c2c0 SetEnhMetaFileBits
0x113c2c8 CreateEllipticRgn
0x113c2d0 Rectangle
0x113c2d8 SaveDC
0x113c2e0 DeleteDC
0x113c2e8 BitBlt
0x113c2f0 FrameRgn
0x113c2f8 GetDeviceCaps
0x113c300 GetTextExtentPoint32W
0x113c308 GetClipBox
0x113c310 IntersectClipRect
0x113c318 Polyline
0x113c320 CreateBitmap
0x113c328 CombineRgn
0x113c330 SetWinMetaFileBits
0x113c338 GetStretchBltMode
0x113c340 CreateDIBitmap
0x113c348 SetStretchBltMode
0x113c350 GetDIBits
0x113c358 CreateDIBSection
0x113c360 LineTo
0x113c368 GetRgnBox
0x113c370 EnumFontsW
0x113c378 CreateHalftonePalette
0x113c380 SelectObject
0x113c388 DeleteObject
0x113c390 ExtFloodFill
0x113c398 UnrealizeObject
0x113c3a0 CopyEnhMetaFileW
0x113c3a8 SetBkColor
0x113c3b0 CreateCompatibleDC
0x113c3b8 GetBrushOrgEx
0x113c3c0 GetCurrentPositionEx
0x113c3c8 GetNearestPaletteIndex
0x113c3d0 GetTextExtentPointW
0x113c3d8 ExtTextOutW
0x113c3e0 SetBrushOrgEx
0x113c3e8 GetPixel
0x113c3f0 GdiFlush
0x113c3f8 SetPixel
0x113c400 EnumFontFamiliesExW
0x113c408 StretchDIBits
0x113c410 GetPaletteEntries
WTSAPI32.dll
0x113c420 WTSSendMessageW
kernel32.dll
0x113c430 GetSystemTimeAsFileTime
0x113c438 GetModuleHandleA
0x113c440 CreateEventA
0x113c448 GetModuleFileNameW
0x113c450 LoadLibraryA
0x113c458 TerminateProcess
0x113c460 GetCurrentProcess
0x113c468 CreateToolhelp32Snapshot
0x113c470 Thread32First
0x113c478 GetCurrentProcessId
0x113c480 GetCurrentThreadId
0x113c488 OpenThread
0x113c490 Thread32Next
0x113c498 CloseHandle
0x113c4a0 SuspendThread
0x113c4a8 ResumeThread
0x113c4b0 WriteProcessMemory
0x113c4b8 GetSystemInfo
0x113c4c0 VirtualAlloc
0x113c4c8 VirtualProtect
0x113c4d0 VirtualFree
0x113c4d8 GetProcessAffinityMask
0x113c4e0 SetProcessAffinityMask
0x113c4e8 GetCurrentThread
0x113c4f0 SetThreadAffinityMask
0x113c4f8 Sleep
0x113c500 FreeLibrary
0x113c508 GetTickCount
0x113c510 SystemTimeToFileTime
0x113c518 FileTimeToSystemTime
0x113c520 GlobalFree
0x113c528 LocalAlloc
0x113c530 LocalFree
0x113c538 GetProcAddress
0x113c540 ExitProcess
0x113c548 EnterCriticalSection
0x113c550 LeaveCriticalSection
0x113c558 InitializeCriticalSection
0x113c560 DeleteCriticalSection
0x113c568 GetModuleHandleW
0x113c570 LoadResource
0x113c578 MultiByteToWideChar
0x113c580 FindResourceExW
0x113c588 FindResourceExA
0x113c590 WideCharToMultiByte
0x113c598 GetThreadLocale
0x113c5a0 GetUserDefaultLCID
0x113c5a8 GetSystemDefaultLCID
0x113c5b0 EnumResourceNamesA
0x113c5b8 EnumResourceNamesW
0x113c5c0 EnumResourceLanguagesA
0x113c5c8 EnumResourceLanguagesW
0x113c5d0 EnumResourceTypesA
0x113c5d8 EnumResourceTypesW
0x113c5e0 CreateFileW
0x113c5e8 LoadLibraryW
0x113c5f0 GetLastError
0x113c5f8 FlushFileBuffers
0x113c600 CreateFileA
0x113c608 WriteConsoleW
0x113c610 GetConsoleOutputCP
0x113c618 WriteConsoleA
0x113c620 SetStdHandle
0x113c628 FlsSetValue
0x113c630 GetCommandLineA
0x113c638 RaiseException
0x113c640 RtlPcToFileHeader
0x113c648 RtlLookupFunctionEntry
0x113c650 RtlUnwindEx
0x113c658 HeapFree
0x113c660 GetCPInfo
0x113c668 GetACP
0x113c670 GetOEMCP
0x113c678 IsValidCodePage
0x113c680 EncodePointer
0x113c688 DecodePointer
0x113c690 FlsGetValue
0x113c698 FlsFree
0x113c6a0 SetLastError
0x113c6a8 FlsAlloc
0x113c6b0 UnhandledExceptionFilter
0x113c6b8 SetUnhandledExceptionFilter
0x113c6c0 IsDebuggerPresent
0x113c6c8 RtlVirtualUnwind
0x113c6d0 RtlCaptureContext
0x113c6d8 HeapAlloc
0x113c6e0 LCMapStringA
0x113c6e8 LCMapStringW
0x113c6f0 SetHandleCount
0x113c6f8 GetStdHandle
0x113c700 GetFileType
0x113c708 GetStartupInfoA
0x113c710 GetModuleFileNameA
0x113c718 FreeEnvironmentStringsA
0x113c720 GetEnvironmentStrings
0x113c728 FreeEnvironmentStringsW
0x113c730 GetEnvironmentStringsW
0x113c738 HeapSetInformation
0x113c740 HeapCreate
0x113c748 HeapDestroy
0x113c750 QueryPerformanceCounter
0x113c758 GetStringTypeA
0x113c760 GetStringTypeW
0x113c768 GetLocaleInfoA
0x113c770 HeapSize
0x113c778 WriteFile
0x113c780 SetFilePointer
0x113c788 GetConsoleCP
0x113c790 GetConsoleMode
0x113c798 HeapReAlloc
0x113c7a0 InitializeCriticalSectionAndSpinCount
user32.dll
0x113c7b0 GetUserObjectInformationW
0x113c7b8 CharUpperBuffW
0x113c7c0 MessageBoxW
0x113c7c8 GetProcessWindowStation
kernel32.dll
0x113c7d8 LocalAlloc
0x113c7e0 GetModuleFileNameW
0x113c7e8 LocalFree
0x113c7f0 GetProcessAffinityMask
0x113c7f8 SetProcessAffinityMask
0x113c800 SetThreadAffinityMask
0x113c808 Sleep
0x113c810 ExitProcess
0x113c818 FreeLibrary
0x113c820 LoadLibraryA
0x113c828 GetModuleHandleA
0x113c830 GetProcAddress
user32.dll
0x113c840 GetProcessWindowStation
0x113c848 GetUserObjectInformationW
EAT(Export Address Table) Library
0x9f3580 PHAEbowsFCQddE9m
0x49e670 TMethodImplementationIntercept
0x41cef0 __dbk_fcall_wrapper
0xa9f298 dbkFCallWrapperAddr