ScreenShot
| Created | 2021.04.29 09:03 | Machine | s1_win7_x6402 |
| Filename | AnnualReport.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 27 detected (GenericKD, Unsafe, Trickbot, Maltrec, GenCBL, DangerousSig, BadCert, DownLoad4, Artemis, MalCert, ai score=89, Cert, R002C0DDS21, CLOUD, malicious, confidence, 100%) | ||
| md5 | 7908cc9996b7423c766157d8119df254 | ||
| sha256 | 6b665a866997d39ba17c6b687693c71b4d4a622d016ad7e0c37bc735524858be | ||
| ssdeep | 98304:Rlyd4AKZck65BJzLseFBCTdLgqzL88OgsYeMm2hAj093OfhHWlfBGwQjzvEWIc:aWC3M6gstMAYVYhHWlfBGw4JIc | ||
| imphash | 13e73e6f78baffcbdd5760fa3de75bf2 | ||
| impfuzzy | 384:t5FJ9hcVEmfgQPRa/CSfJtLctPONwrOEw7:t5/PcVEmfja/JGFg | ||
Network IP location
Signature (19cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 27 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| watch | The process powershell.exe wrote an executable file to disk |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a shortcut to an executable file |
| notice | Creates a suspicious process |
| notice | Foreign language identified in PE resource |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
| info | Uses Windows APIs to generate a cryptographic key |
Rules (4cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Antivirus | Contains references to security software | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x5f92d0 SetEnvironmentVariableA
0x5f92d4 WriteConsoleW
0x5f92d8 IsValidLocale
0x5f92dc EnumSystemLocalesA
0x5f92e0 GetLocaleInfoA
0x5f92e4 GetConsoleMode
0x5f92e8 GetConsoleCP
0x5f92ec GetTimeZoneInformation
0x5f92f0 GetStringTypeW
0x5f92f4 SetConsoleCtrlHandler
0x5f92f8 FatalAppExitA
0x5f92fc IsProcessorFeaturePresent
0x5f9300 LCMapStringW
0x5f9304 IsValidCodePage
0x5f9308 GetOEMCP
0x5f930c GetACP
0x5f9310 GetCPInfo
0x5f9314 IsDebuggerPresent
0x5f9318 UnhandledExceptionFilter
0x5f931c TerminateProcess
0x5f9320 QueryPerformanceCounter
0x5f9324 HeapDestroy
0x5f9328 HeapCreate
0x5f932c FindResourceW
0x5f9330 SetHandleCount
0x5f9334 GetEnvironmentStringsW
0x5f9338 FreeEnvironmentStringsW
0x5f933c GetStdHandle
0x5f9340 SetUnhandledExceptionFilter
0x5f9344 GetFileType
0x5f9348 SetStdHandle
0x5f934c VirtualQuery
0x5f9350 GetSystemInfo
0x5f9354 GetSystemTimeAsFileTime
0x5f9358 HeapSize
0x5f935c HeapQueryInformation
0x5f9360 CreateThread
0x5f9364 ExitThread
0x5f9368 RaiseException
0x5f936c RtlUnwind
0x5f9370 HeapReAlloc
0x5f9374 HeapFree
0x5f9378 HeapAlloc
0x5f937c DecodePointer
0x5f9380 EncodePointer
0x5f9384 GetStartupInfoW
0x5f9388 HeapSetInformation
0x5f938c GetCommandLineW
0x5f9390 LocalLock
0x5f9394 LocalUnlock
0x5f9398 FindResourceExW
0x5f939c GetDiskFreeSpaceW
0x5f93a0 ReplaceFileW
0x5f93a4 GetUserDefaultLCID
0x5f93a8 VirtualProtect
0x5f93ac GetProfileIntW
0x5f93b0 SearchPathW
0x5f93b4 GetTempPathW
0x5f93b8 GetTempFileNameW
0x5f93bc GetFileTime
0x5f93c0 GetFileSizeEx
0x5f93c4 SetFileTime
0x5f93c8 LocalFileTimeToFileTime
0x5f93cc FileTimeToLocalFileTime
0x5f93d0 SetFileAttributesW
0x5f93d4 GetFileAttributesExW
0x5f93d8 SetErrorMode
0x5f93dc GetNumberFormatW
0x5f93e0 GetWindowsDirectoryW
0x5f93e4 GetFileAttributesW
0x5f93e8 InitializeCriticalSectionAndSpinCount
0x5f93ec GetShortPathNameW
0x5f93f0 GetFullPathNameW
0x5f93f4 GetVolumeInformationW
0x5f93f8 FindFirstFileW
0x5f93fc FindClose
0x5f9400 GetCurrentProcess
0x5f9404 DuplicateHandle
0x5f9408 GetFileSize
0x5f940c SetEndOfFile
0x5f9410 UnlockFile
0x5f9414 LockFile
0x5f9418 FlushFileBuffers
0x5f941c SetFilePointer
0x5f9420 WriteFile
0x5f9424 MoveFileW
0x5f9428 CreateFileW
0x5f942c lstrcmpiW
0x5f9430 GetStringTypeExW
0x5f9434 DeleteFileW
0x5f9438 GetCurrentDirectoryW
0x5f943c InterlockedIncrement
0x5f9440 TlsFree
0x5f9444 LocalReAlloc
0x5f9448 TlsSetValue
0x5f944c TlsAlloc
0x5f9450 GlobalHandle
0x5f9454 GlobalReAlloc
0x5f9458 TlsGetValue
0x5f945c SystemTimeToFileTime
0x5f9460 FileTimeToSystemTime
0x5f9464 GetThreadLocale
0x5f9468 lstrlenA
0x5f946c GetAtomNameW
0x5f9470 GlobalGetAtomNameW
0x5f9474 GlobalFlags
0x5f9478 EnterCriticalSection
0x5f947c LeaveCriticalSection
0x5f9480 DeleteCriticalSection
0x5f9484 InitializeCriticalSection
0x5f9488 ReleaseActCtx
0x5f948c CreateActCtxW
0x5f9490 CreateEventW
0x5f9494 SuspendThread
0x5f9498 SetEvent
0x5f949c ResumeThread
0x5f94a0 SetThreadPriority
0x5f94a4 CloseHandle
0x5f94a8 GetCurrentProcessId
0x5f94ac GetPrivateProfileStringW
0x5f94b0 WritePrivateProfileStringW
0x5f94b4 GetPrivateProfileIntW
0x5f94b8 lstrcmpA
0x5f94bc GetCurrentThread
0x5f94c0 GetUserDefaultUILanguage
0x5f94c4 ConvertDefaultLocale
0x5f94c8 GetSystemDefaultUILanguage
0x5f94cc GetLocaleInfoW
0x5f94d0 CompareStringA
0x5f94d4 InterlockedExchange
0x5f94d8 FreeResource
0x5f94dc GetCurrentThreadId
0x5f94e0 GlobalAddAtomW
0x5f94e4 GlobalFindAtomW
0x5f94e8 GlobalDeleteAtom
0x5f94ec GetVersionExW
0x5f94f0 FreeLibrary
0x5f94f4 CompareStringW
0x5f94f8 lstrcmpW
0x5f94fc GlobalFree
0x5f9500 CopyFileW
0x5f9504 GlobalSize
0x5f9508 GlobalAlloc
0x5f950c GlobalLock
0x5f9510 GlobalUnlock
0x5f9514 MulDiv
0x5f9518 ActivateActCtx
0x5f951c DeactivateActCtx
0x5f9520 SetLastError
0x5f9524 GetModuleHandleW
0x5f9528 LoadLibraryW
0x5f952c MultiByteToWideChar
0x5f9530 WideCharToMultiByte
0x5f9534 lstrcpyW
0x5f9538 LocalFree
0x5f953c LocalAlloc
0x5f9540 VirtualAlloc
0x5f9544 GetProcAddress
0x5f9548 GetLastError
0x5f954c lstrlenW
0x5f9550 GetModuleFileNameW
0x5f9554 FormatMessageW
0x5f9558 Sleep
0x5f955c GetTickCount
0x5f9560 CreateDirectoryW
0x5f9564 InterlockedDecrement
0x5f9568 ExitProcess
0x5f956c WaitForSingleObject
0x5f9570 CreateMutexW
0x5f9574 LockResource
0x5f9578 SizeofResource
0x5f957c LoadResource
0x5f9580 ReadFile
USER32.dll
0x5f96b4 SetMenuDefaultItem
0x5f96b8 UpdateLayeredWindow
0x5f96bc UnionRect
0x5f96c0 SetCursorPos
0x5f96c4 DrawFrameControl
0x5f96c8 DrawEdge
0x5f96cc DrawIconEx
0x5f96d0 GetIconInfo
0x5f96d4 EnableScrollBar
0x5f96d8 HideCaret
0x5f96dc DrawFocusRect
0x5f96e0 InvertRect
0x5f96e4 GetMenuDefaultItem
0x5f96e8 UnregisterClassW
0x5f96ec EmptyClipboard
0x5f96f0 CloseClipboard
0x5f96f4 SetClipboardData
0x5f96f8 CopyImage
0x5f96fc OpenClipboard
0x5f9700 DrawStateW
0x5f9704 RegisterClipboardFormatW
0x5f9708 EnumChildWindows
0x5f970c LockWindowUpdate
0x5f9710 IsMenu
0x5f9714 GetSystemMenu
0x5f9718 MonitorFromPoint
0x5f971c UnpackDDElParam
0x5f9720 ReuseDDElParam
0x5f9724 GetMenuBarInfo
0x5f9728 LoadImageW
0x5f972c InsertMenuItemW
0x5f9730 BringWindowToTop
0x5f9734 TranslateAcceleratorW
0x5f9738 SetClassLongW
0x5f973c WindowFromPoint
0x5f9740 SetParent
0x5f9744 CreatePopupMenu
0x5f9748 NotifyWinEvent
0x5f974c SetWindowRgn
0x5f9750 CreateAcceleratorTableW
0x5f9754 LoadAcceleratorsW
0x5f9758 DestroyAcceleratorTable
0x5f975c GetAsyncKeyState
0x5f9760 GetKeyboardState
0x5f9764 GetKeyboardLayout
0x5f9768 ToUnicodeEx
0x5f976c WaitMessage
0x5f9770 PostThreadMessageW
0x5f9774 GetDialogBaseUnits
0x5f9778 GetNextDlgGroupItem
0x5f977c ReleaseCapture
0x5f9780 SetCapture
0x5f9784 InvalidateRgn
0x5f9788 SetRect
0x5f978c IsRectEmpty
0x5f9790 CopyAcceleratorTableW
0x5f9794 CharNextW
0x5f9798 CharUpperW
0x5f979c DestroyIcon
0x5f97a0 SetLayeredWindowAttributes
0x5f97a4 EnumDisplayMonitors
0x5f97a8 SetRectEmpty
0x5f97ac KillTimer
0x5f97b0 InvalidateRect
0x5f97b4 DeleteMenu
0x5f97b8 IntersectRect
0x5f97bc EndPaint
0x5f97c0 BeginPaint
0x5f97c4 GetWindowDC
0x5f97c8 GrayStringW
0x5f97cc DrawTextExW
0x5f97d0 DrawTextW
0x5f97d4 TabbedTextOutW
0x5f97d8 FillRect
0x5f97dc LoadCursorW
0x5f97e0 GetSysColorBrush
0x5f97e4 RealChildWindowFromPoint
0x5f97e8 ClientToScreen
0x5f97ec GetSystemMetrics
0x5f97f0 DestroyMenu
0x5f97f4 GetMenuItemInfoW
0x5f97f8 InflateRect
0x5f97fc SystemParametersInfoW
0x5f9800 OffsetRect
0x5f9804 MapVirtualKeyExW
0x5f9808 IsZoomed
0x5f980c GetDesktopWindow
0x5f9810 CreateDialogIndirectParamW
0x5f9814 GetNextDlgTabItem
0x5f9818 EndDialog
0x5f981c GetMessageW
0x5f9820 TranslateMessage
0x5f9824 GetActiveWindow
0x5f9828 ValidateRect
0x5f982c SetWindowContextHelpId
0x5f9830 MapDialogRect
0x5f9834 GetWindowThreadProcessId
0x5f9838 ShowOwnedPopups
0x5f983c SetCursor
0x5f9840 ScrollWindowEx
0x5f9844 IsWindowEnabled
0x5f9848 MoveWindow
0x5f984c SetWindowTextW
0x5f9850 IsDialogMessageW
0x5f9854 IsDlgButtonChecked
0x5f9858 SetDlgItemTextW
0x5f985c SetDlgItemInt
0x5f9860 GetDlgItemTextW
0x5f9864 GetDlgItemInt
0x5f9868 CheckRadioButton
0x5f986c CheckDlgButton
0x5f9870 RegisterWindowMessageW
0x5f9874 SendDlgItemMessageW
0x5f9878 SendDlgItemMessageA
0x5f987c WinHelpW
0x5f9880 IsChild
0x5f9884 GetCapture
0x5f9888 SetWindowsHookExW
0x5f988c CallNextHookEx
0x5f9890 GetClassLongW
0x5f9894 GetClassNameW
0x5f9898 SetPropW
0x5f989c GetPropW
0x5f98a0 RemovePropW
0x5f98a4 SetFocus
0x5f98a8 GetWindowTextLengthW
0x5f98ac GetWindowTextW
0x5f98b0 GetForegroundWindow
0x5f98b4 GetLastActivePopup
0x5f98b8 SetActiveWindow
0x5f98bc EnableWindow
0x5f98c0 ShowWindow
0x5f98c4 FindWindowW
0x5f98c8 SetForegroundWindow
0x5f98cc IsIconic
0x5f98d0 DispatchMessageW
0x5f98d4 BeginDeferWindowPos
0x5f98d8 EndDeferWindowPos
0x5f98dc GetDlgItem
0x5f98e0 GetTopWindow
0x5f98e4 DestroyWindow
0x5f98e8 UnhookWindowsHookEx
0x5f98ec GetMessageTime
0x5f98f0 GetMessagePos
0x5f98f4 PeekMessageW
0x5f98f8 MonitorFromWindow
0x5f98fc GetMonitorInfoW
0x5f9900 MapWindowPoints
0x5f9904 ScrollWindow
0x5f9908 TrackPopupMenuEx
0x5f990c TrackPopupMenu
0x5f9910 GetKeyState
0x5f9914 SetMenu
0x5f9918 SetScrollRange
0x5f991c GetScrollRange
0x5f9920 SetScrollPos
0x5f9924 GetScrollPos
0x5f9928 ShowScrollBar
0x5f992c IsClipboardFormatAvailable
0x5f9930 SendNotifyMessageW
0x5f9934 InSendMessage
0x5f9938 DefFrameProcW
0x5f993c DefMDIChildProcW
0x5f9940 DrawMenuBar
0x5f9944 TranslateMDISysAccel
0x5f9948 GetWindowRgn
0x5f994c FrameRect
0x5f9950 GetUpdateRect
0x5f9954 CharUpperBuffW
0x5f9958 CopyIcon
0x5f995c SubtractRect
0x5f9960 CreateMenu
0x5f9964 GetDoubleClickTime
0x5f9968 UpdateWindow
0x5f996c PostMessageW
0x5f9970 MessageBoxW
0x5f9974 CreateWindowExW
0x5f9978 GetClassInfoExW
0x5f997c GetClassInfoW
0x5f9980 RegisterClassW
0x5f9984 GetSysColor
0x5f9988 AdjustWindowRectEx
0x5f998c GetWindowRect
0x5f9990 DrawIcon
0x5f9994 GetTabbedTextExtentW
0x5f9998 WindowFromDC
0x5f999c GetDCEx
0x5f99a0 DestroyCursor
0x5f99a4 MessageBeep
0x5f99a8 SendMessageW
0x5f99ac IsWindowVisible
0x5f99b0 GetMenuItemCount
0x5f99b4 GetCursorPos
0x5f99b8 RedrawWindow
0x5f99bc LoadMenuW
0x5f99c0 MessageBoxA
0x5f99c4 LoadIconW
0x5f99c8 GetMenu
0x5f99cc GetClientRect
0x5f99d0 GetSubMenu
0x5f99d4 GetMenuItemID
0x5f99d8 PostQuitMessage
0x5f99dc SetTimer
0x5f99e0 CheckMenuItem
0x5f99e4 EnableMenuItem
0x5f99e8 GetMenuState
0x5f99ec ModifyMenuW
0x5f99f0 GetParent
0x5f99f4 GetFocus
0x5f99f8 LoadBitmapW
0x5f99fc GetMenuCheckMarkDimensions
0x5f9a00 SetMenuItemBitmaps
0x5f9a04 IsWindow
0x5f9a08 CopyRect
0x5f9a0c GetDC
0x5f9a10 ReleaseDC
0x5f9a14 GetKeyNameTextW
0x5f9a18 MapVirtualKeyW
0x5f9a1c RemoveMenu
0x5f9a20 InsertMenuW
0x5f9a24 AppendMenuW
0x5f9a28 GetMenuStringW
0x5f9a2c GetWindow
0x5f9a30 SetWindowPos
0x5f9a34 SetWindowLongW
0x5f9a38 GetWindowLongW
0x5f9a3c CallWindowProcW
0x5f9a40 DefWindowProcW
0x5f9a44 GetDlgCtrlID
0x5f9a48 GetWindowPlacement
0x5f9a4c SetWindowPlacement
0x5f9a50 PtInRect
0x5f9a54 SetScrollInfo
0x5f9a58 GetScrollInfo
0x5f9a5c DeferWindowPos
0x5f9a60 EqualRect
0x5f9a64 ScreenToClient
0x5f9a68 IsCharLowerW
GDI32.dll
0x5f908c GetTextCharsetInfo
0x5f9090 GetBkColor
0x5f9094 GetTextColor
0x5f9098 GetRgnBox
0x5f909c OffsetRgn
0x5f90a0 CreateRoundRectRgn
0x5f90a4 SetDIBColorTable
0x5f90a8 GetDIBits
0x5f90ac RealizePalette
0x5f90b0 StretchBlt
0x5f90b4 SetPixel
0x5f90b8 CreateDIBSection
0x5f90bc GetCharWidthW
0x5f90c0 CreateFontW
0x5f90c4 StretchDIBits
0x5f90c8 CreatePalette
0x5f90cc GetPaletteEntries
0x5f90d0 GetNearestPaletteIndex
0x5f90d4 GetSystemPaletteEntries
0x5f90d8 GetCurrentObject
0x5f90dc CreatePolygonRgn
0x5f90e0 CreateEllipticRgn
0x5f90e4 Polyline
0x5f90e8 Ellipse
0x5f90ec Polygon
0x5f90f0 Rectangle
0x5f90f4 EnumFontFamiliesExW
0x5f90f8 RoundRect
0x5f90fc EnumFontFamiliesW
0x5f9100 LPtoDP
0x5f9104 PtInRegion
0x5f9108 FillRgn
0x5f910c FrameRgn
0x5f9110 GetBoundsRect
0x5f9114 GetViewportOrgEx
0x5f9118 ExtFloodFill
0x5f911c SetPaletteEntries
0x5f9120 StartPage
0x5f9124 EndPage
0x5f9128 SetAbortProc
0x5f912c AbortDoc
0x5f9130 EndDoc
0x5f9134 GetNearestColor
0x5f9138 GetBkMode
0x5f913c GetPolyFillMode
0x5f9140 GetROP2
0x5f9144 GetStretchBltMode
0x5f9148 GetTextAlign
0x5f914c GetTextFaceW
0x5f9150 SetPixelV
0x5f9154 CreateMetaFileW
0x5f9158 CloseMetaFile
0x5f915c DeleteMetaFile
0x5f9160 SelectObject
0x5f9164 Escape
0x5f9168 TextOutW
0x5f916c CreateCompatibleBitmap
0x5f9170 GetTextMetricsW
0x5f9174 CreateDIBitmap
0x5f9178 DPtoLP
0x5f917c GetMapMode
0x5f9180 CombineRgn
0x5f9184 SetRectRgn
0x5f9188 CreateHatchBrush
0x5f918c CreateSolidBrush
0x5f9190 ExtCreatePen
0x5f9194 CreatePen
0x5f9198 PlayMetaFile
0x5f919c EnumMetaFile
0x5f91a0 GetObjectType
0x5f91a4 PlayMetaFileRecord
0x5f91a8 SelectPalette
0x5f91ac GetStockObject
0x5f91b0 CreatePatternBrush
0x5f91b4 CreateDIBPatternBrushPt
0x5f91b8 DeleteDC
0x5f91bc ExtSelectClipRgn
0x5f91c0 PolyBezierTo
0x5f91c4 PolylineTo
0x5f91c8 PolyDraw
0x5f91cc ArcTo
0x5f91d0 GetCurrentPositionEx
0x5f91d4 ScaleWindowExtEx
0x5f91d8 SetWindowExtEx
0x5f91dc OffsetWindowOrgEx
0x5f91e0 SetWindowOrgEx
0x5f91e4 ScaleViewportExtEx
0x5f91e8 SetViewportExtEx
0x5f91ec OffsetViewportOrgEx
0x5f91f0 GetWindowOrgEx
0x5f91f4 CreateBitmap
0x5f91f8 RectVisible
0x5f91fc PtVisible
0x5f9200 StartDocW
0x5f9204 GetPixel
0x5f9208 GetWindowExtEx
0x5f920c GetViewportExtEx
0x5f9210 SelectClipPath
0x5f9214 CreateRectRgn
0x5f9218 GetClipRgn
0x5f921c SelectClipRgn
0x5f9220 SetColorAdjustment
0x5f9224 SetArcDirection
0x5f9228 SetLayout
0x5f922c GetLayout
0x5f9230 SetMapperFlags
0x5f9234 SetTextCharacterExtra
0x5f9238 SetTextJustification
0x5f923c SetTextAlign
0x5f9240 MoveToEx
0x5f9244 LineTo
0x5f9248 OffsetClipRgn
0x5f924c IntersectClipRect
0x5f9250 ExcludeClipRect
0x5f9254 GetClipBox
0x5f9258 SetMapMode
0x5f925c ModifyWorldTransform
0x5f9260 SetWorldTransform
0x5f9264 SetGraphicsMode
0x5f9268 SetStretchBltMode
0x5f926c SetROP2
0x5f9270 SetPolyFillMode
0x5f9274 SetBkMode
0x5f9278 RestoreDC
0x5f927c SaveDC
0x5f9280 DeleteObject
0x5f9284 GetTextExtentPoint32W
0x5f9288 ExtTextOutW
0x5f928c BitBlt
0x5f9290 CreateCompatibleDC
0x5f9294 CreateFontIndirectW
0x5f9298 GetObjectW
0x5f929c SetBkColor
0x5f92a0 SetTextColor
0x5f92a4 CreateDCW
0x5f92a8 CopyMetaFileW
0x5f92ac GetDeviceCaps
0x5f92b0 SetViewportOrgEx
0x5f92b4 CreateRectRgnIndirect
0x5f92b8 PatBlt
MSIMG32.dll
0x5f9588 TransparentBlt
0x5f958c AlphaBlend
COMDLG32.dll
0x5f9084 GetFileTitleW
WINSPOOL.DRV
0x5f9a78 OpenPrinterW
0x5f9a7c DocumentPropertiesW
0x5f9a80 ClosePrinter
0x5f9a84 GetJobW
ADVAPI32.dll
0x5f9000 RegDeleteKeyW
0x5f9004 OpenSCManagerW
0x5f9008 OpenServiceW
0x5f900c RegQueryValueExW
0x5f9010 RegOpenKeyW
0x5f9014 CryptAcquireContextA
0x5f9018 StartServiceW
0x5f901c RegDeleteValueW
0x5f9020 QueryServiceStatusEx
0x5f9024 GetFileSecurityW
0x5f9028 SetFileSecurityW
0x5f902c RegEnumKeyExW
0x5f9030 RegEnumValueW
0x5f9034 RegQueryValueW
0x5f9038 RegEnumKeyW
0x5f903c CloseServiceHandle
0x5f9040 RegCreateKeyExW
0x5f9044 RegOpenKeyExW
0x5f9048 RegSetValueW
0x5f904c RegSetValueExW
0x5f9050 RegCloseKey
0x5f9054 ControlService
SHELL32.dll
0x5f965c SHGetPathFromIDListW
0x5f9660 SHAddToRecentDocs
0x5f9664 ExtractIconW
0x5f9668 SHGetFileInfoW
0x5f966c SHGetDesktopFolder
0x5f9670 SHGetSpecialFolderLocation
0x5f9674 SHGetMalloc
0x5f9678 ShellExecuteExW
0x5f967c ShellExecuteW
0x5f9680 SHAppBarMessage
0x5f9684 DragQueryFileW
0x5f9688 DragFinish
0x5f968c SHBrowseForFolderW
0x5f9690 Shell_NotifyIconW
COMCTL32.dll
0x5f905c ImageList_GetIconSize
0x5f9060 ImageList_ReplaceIcon
0x5f9064 ImageList_GetIcon
0x5f9068 ImageList_Create
0x5f906c ImageList_GetImageCount
0x5f9070 ImageList_Destroy
0x5f9074 ImageList_AddMasked
0x5f9078 ImageList_Remove
0x5f907c ImageList_DrawEx
SHLWAPI.dll
0x5f9698 PathFindFileNameW
0x5f969c PathStripToRootW
0x5f96a0 PathIsUNCW
0x5f96a4 PathRemoveFileSpecW
0x5f96a8 PathRemoveExtensionW
0x5f96ac PathFindExtensionW
ole32.dll
0x5f9af4 OleDestroyMenuDescriptor
0x5f9af8 OleCreateMenuDescriptor
0x5f9afc OleGetClipboard
0x5f9b00 DoDragDrop
0x5f9b04 OleFlushClipboard
0x5f9b08 OleIsCurrentClipboard
0x5f9b0c OleSetClipboard
0x5f9b10 StgIsStorageFile
0x5f9b14 StgOpenStorage
0x5f9b18 CreateFileMoniker
0x5f9b1c StgCreateDocfile
0x5f9b20 OleSetMenuDescriptor
0x5f9b24 OleLockRunning
0x5f9b28 OleInitialize
0x5f9b2c CoFreeUnusedLibraries
0x5f9b30 OleUninitialize
0x5f9b34 CoInitializeEx
0x5f9b38 CreateStreamOnHGlobal
0x5f9b3c CreateILockBytesOnHGlobal
0x5f9b40 StgCreateDocfileOnILockBytes
0x5f9b44 OleTranslateAccelerator
0x5f9b48 OleCreate
0x5f9b4c CoUninitialize
0x5f9b50 CoDisconnectObject
0x5f9b54 StringFromGUID2
0x5f9b58 CLSIDFromString
0x5f9b5c CLSIDFromProgID
0x5f9b60 CoCreateGuid
0x5f9b64 OleDuplicateData
0x5f9b68 CoTreatAsClass
0x5f9b6c StringFromCLSID
0x5f9b70 CoTaskMemAlloc
0x5f9b74 ReleaseStgMedium
0x5f9b78 CreateBindCtx
0x5f9b7c ReadClassStg
0x5f9b80 ReadFmtUserTypeStg
0x5f9b84 OleRegGetUserType
0x5f9b88 WriteClassStg
0x5f9b8c WriteFmtUserTypeStg
0x5f9b90 OleCreateStaticFromData
0x5f9b94 OleCreateLinkFromData
0x5f9b98 IsAccelerator
0x5f9b9c CoRegisterClassObject
0x5f9ba0 CoRevokeClassObject
0x5f9ba4 CreateDataAdviseHolder
0x5f9ba8 CreateOleAdviseHolder
0x5f9bac GetRunningObjectTable
0x5f9bb0 CoGetMalloc
0x5f9bb4 OleIsRunning
0x5f9bb8 OleQueryLinkFromData
0x5f9bbc OleQueryCreateFromData
0x5f9bc0 OleRegGetMiscStatus
0x5f9bc4 OleRegEnumVerbs
0x5f9bc8 RevokeDragDrop
0x5f9bcc CoLockObjectExternal
0x5f9bd0 RegisterDragDrop
0x5f9bd4 PropVariantCopy
0x5f9bd8 CreateGenericComposite
0x5f9bdc CreateItemMoniker
0x5f9be0 OleGetIconOfClass
0x5f9be4 OleCreateLinkToFile
0x5f9be8 OleCreateFromFile
0x5f9bec OleSetContainedObject
0x5f9bf0 GetHGlobalFromILockBytes
0x5f9bf4 StgOpenStorageOnILockBytes
0x5f9bf8 OleLoad
0x5f9bfc SetConvertStg
0x5f9c00 CoTaskMemFree
0x5f9c04 OleRun
0x5f9c08 CoInitialize
0x5f9c0c CoCreateInstance
0x5f9c10 OleCreateFromData
0x5f9c14 WriteClassStm
0x5f9c18 OleSaveToStream
0x5f9c1c OleSave
0x5f9c20 CoGetClassObject
0x5f9c24 CoRegisterMessageFilter
OLEAUT32.dll
0x5f95a4 VariantInit
0x5f95a8 VariantChangeType
0x5f95ac SysStringByteLen
0x5f95b0 SysFreeString
0x5f95b4 SysAllocStringLen
0x5f95b8 SafeArrayUnaccessData
0x5f95bc SafeArrayAccessData
0x5f95c0 SafeArrayGetUBound
0x5f95c4 SafeArrayGetLBound
0x5f95c8 SafeArrayGetElemsize
0x5f95cc SafeArrayGetDim
0x5f95d0 SafeArrayCreate
0x5f95d4 SafeArrayRedim
0x5f95d8 SafeArrayAllocData
0x5f95dc SafeArrayAllocDescriptor
0x5f95e0 SafeArrayCopy
0x5f95e4 SafeArrayGetElement
0x5f95e8 SafeArrayPtrOfIndex
0x5f95ec SysAllocStringByteLen
0x5f95f0 SafeArrayUnlock
0x5f95f4 SafeArrayDestroy
0x5f95f8 SafeArrayDestroyData
0x5f95fc SafeArrayDestroyDescriptor
0x5f9600 VariantTimeToSystemTime
0x5f9604 SystemTimeToVariantTime
0x5f9608 SysStringLen
0x5f960c VarDateFromStr
0x5f9610 SysReAllocStringLen
0x5f9614 VarCyFromStr
0x5f9618 CreateErrorInfo
0x5f961c VarBstrFromCy
0x5f9620 VarBstrFromDec
0x5f9624 VarDecFromStr
0x5f9628 VarBstrFromDate
0x5f962c RegisterTypeLib
0x5f9630 LoadTypeLib
0x5f9634 LoadRegTypeLib
0x5f9638 OleCreateFontIndirect
0x5f963c VariantCopy
0x5f9640 VariantClear
0x5f9644 SysAllocString
0x5f9648 SafeArrayPutElement
0x5f964c GetErrorInfo
0x5f9650 SetErrorInfo
0x5f9654 SafeArrayLock
oledlg.dll
0x5f9c2c OleUIBusyW
gdiplus.dll
0x5f9a8c GdipSetInterpolationMode
0x5f9a90 GdipCreateFromHDC
0x5f9a94 GdipCreateBitmapFromHBITMAP
0x5f9a98 GdipCloneImage
0x5f9a9c GdipDrawImageI
0x5f9aa0 GdipGetImageGraphicsContext
0x5f9aa4 GdiplusShutdown
0x5f9aa8 GdiplusStartup
0x5f9aac GdipBitmapUnlockBits
0x5f9ab0 GdipBitmapLockBits
0x5f9ab4 GdipCreateBitmapFromScan0
0x5f9ab8 GdipCreateBitmapFromStreamICM
0x5f9abc GdipCreateBitmapFromStream
0x5f9ac0 GdipCreateBitmapFromFileICM
0x5f9ac4 GdipCreateBitmapFromFile
0x5f9ac8 GdipGetImagePalette
0x5f9acc GdipGetImagePaletteSize
0x5f9ad0 GdipGetImagePixelFormat
0x5f9ad4 GdipGetImageHeight
0x5f9ad8 GdipGetImageWidth
0x5f9adc GdipDisposeImage
0x5f9ae0 GdipDeleteGraphics
0x5f9ae4 GdipAlloc
0x5f9ae8 GdipFree
0x5f9aec GdipDrawImageRectI
OLEACC.dll
0x5f9594 LresultFromObject
0x5f9598 AccessibleObjectFromWindow
0x5f959c CreateStdAccessibleObject
IMM32.dll
0x5f92c0 ImmGetContext
0x5f92c4 ImmGetOpenStatus
0x5f92c8 ImmReleaseContext
WINMM.dll
0x5f9a70 PlaySoundW
EAT(Export Address Table) Library
0x405570 fyewghGFDWDFGHfgehfDSDWFWGFhg
KERNEL32.dll
0x5f92d0 SetEnvironmentVariableA
0x5f92d4 WriteConsoleW
0x5f92d8 IsValidLocale
0x5f92dc EnumSystemLocalesA
0x5f92e0 GetLocaleInfoA
0x5f92e4 GetConsoleMode
0x5f92e8 GetConsoleCP
0x5f92ec GetTimeZoneInformation
0x5f92f0 GetStringTypeW
0x5f92f4 SetConsoleCtrlHandler
0x5f92f8 FatalAppExitA
0x5f92fc IsProcessorFeaturePresent
0x5f9300 LCMapStringW
0x5f9304 IsValidCodePage
0x5f9308 GetOEMCP
0x5f930c GetACP
0x5f9310 GetCPInfo
0x5f9314 IsDebuggerPresent
0x5f9318 UnhandledExceptionFilter
0x5f931c TerminateProcess
0x5f9320 QueryPerformanceCounter
0x5f9324 HeapDestroy
0x5f9328 HeapCreate
0x5f932c FindResourceW
0x5f9330 SetHandleCount
0x5f9334 GetEnvironmentStringsW
0x5f9338 FreeEnvironmentStringsW
0x5f933c GetStdHandle
0x5f9340 SetUnhandledExceptionFilter
0x5f9344 GetFileType
0x5f9348 SetStdHandle
0x5f934c VirtualQuery
0x5f9350 GetSystemInfo
0x5f9354 GetSystemTimeAsFileTime
0x5f9358 HeapSize
0x5f935c HeapQueryInformation
0x5f9360 CreateThread
0x5f9364 ExitThread
0x5f9368 RaiseException
0x5f936c RtlUnwind
0x5f9370 HeapReAlloc
0x5f9374 HeapFree
0x5f9378 HeapAlloc
0x5f937c DecodePointer
0x5f9380 EncodePointer
0x5f9384 GetStartupInfoW
0x5f9388 HeapSetInformation
0x5f938c GetCommandLineW
0x5f9390 LocalLock
0x5f9394 LocalUnlock
0x5f9398 FindResourceExW
0x5f939c GetDiskFreeSpaceW
0x5f93a0 ReplaceFileW
0x5f93a4 GetUserDefaultLCID
0x5f93a8 VirtualProtect
0x5f93ac GetProfileIntW
0x5f93b0 SearchPathW
0x5f93b4 GetTempPathW
0x5f93b8 GetTempFileNameW
0x5f93bc GetFileTime
0x5f93c0 GetFileSizeEx
0x5f93c4 SetFileTime
0x5f93c8 LocalFileTimeToFileTime
0x5f93cc FileTimeToLocalFileTime
0x5f93d0 SetFileAttributesW
0x5f93d4 GetFileAttributesExW
0x5f93d8 SetErrorMode
0x5f93dc GetNumberFormatW
0x5f93e0 GetWindowsDirectoryW
0x5f93e4 GetFileAttributesW
0x5f93e8 InitializeCriticalSectionAndSpinCount
0x5f93ec GetShortPathNameW
0x5f93f0 GetFullPathNameW
0x5f93f4 GetVolumeInformationW
0x5f93f8 FindFirstFileW
0x5f93fc FindClose
0x5f9400 GetCurrentProcess
0x5f9404 DuplicateHandle
0x5f9408 GetFileSize
0x5f940c SetEndOfFile
0x5f9410 UnlockFile
0x5f9414 LockFile
0x5f9418 FlushFileBuffers
0x5f941c SetFilePointer
0x5f9420 WriteFile
0x5f9424 MoveFileW
0x5f9428 CreateFileW
0x5f942c lstrcmpiW
0x5f9430 GetStringTypeExW
0x5f9434 DeleteFileW
0x5f9438 GetCurrentDirectoryW
0x5f943c InterlockedIncrement
0x5f9440 TlsFree
0x5f9444 LocalReAlloc
0x5f9448 TlsSetValue
0x5f944c TlsAlloc
0x5f9450 GlobalHandle
0x5f9454 GlobalReAlloc
0x5f9458 TlsGetValue
0x5f945c SystemTimeToFileTime
0x5f9460 FileTimeToSystemTime
0x5f9464 GetThreadLocale
0x5f9468 lstrlenA
0x5f946c GetAtomNameW
0x5f9470 GlobalGetAtomNameW
0x5f9474 GlobalFlags
0x5f9478 EnterCriticalSection
0x5f947c LeaveCriticalSection
0x5f9480 DeleteCriticalSection
0x5f9484 InitializeCriticalSection
0x5f9488 ReleaseActCtx
0x5f948c CreateActCtxW
0x5f9490 CreateEventW
0x5f9494 SuspendThread
0x5f9498 SetEvent
0x5f949c ResumeThread
0x5f94a0 SetThreadPriority
0x5f94a4 CloseHandle
0x5f94a8 GetCurrentProcessId
0x5f94ac GetPrivateProfileStringW
0x5f94b0 WritePrivateProfileStringW
0x5f94b4 GetPrivateProfileIntW
0x5f94b8 lstrcmpA
0x5f94bc GetCurrentThread
0x5f94c0 GetUserDefaultUILanguage
0x5f94c4 ConvertDefaultLocale
0x5f94c8 GetSystemDefaultUILanguage
0x5f94cc GetLocaleInfoW
0x5f94d0 CompareStringA
0x5f94d4 InterlockedExchange
0x5f94d8 FreeResource
0x5f94dc GetCurrentThreadId
0x5f94e0 GlobalAddAtomW
0x5f94e4 GlobalFindAtomW
0x5f94e8 GlobalDeleteAtom
0x5f94ec GetVersionExW
0x5f94f0 FreeLibrary
0x5f94f4 CompareStringW
0x5f94f8 lstrcmpW
0x5f94fc GlobalFree
0x5f9500 CopyFileW
0x5f9504 GlobalSize
0x5f9508 GlobalAlloc
0x5f950c GlobalLock
0x5f9510 GlobalUnlock
0x5f9514 MulDiv
0x5f9518 ActivateActCtx
0x5f951c DeactivateActCtx
0x5f9520 SetLastError
0x5f9524 GetModuleHandleW
0x5f9528 LoadLibraryW
0x5f952c MultiByteToWideChar
0x5f9530 WideCharToMultiByte
0x5f9534 lstrcpyW
0x5f9538 LocalFree
0x5f953c LocalAlloc
0x5f9540 VirtualAlloc
0x5f9544 GetProcAddress
0x5f9548 GetLastError
0x5f954c lstrlenW
0x5f9550 GetModuleFileNameW
0x5f9554 FormatMessageW
0x5f9558 Sleep
0x5f955c GetTickCount
0x5f9560 CreateDirectoryW
0x5f9564 InterlockedDecrement
0x5f9568 ExitProcess
0x5f956c WaitForSingleObject
0x5f9570 CreateMutexW
0x5f9574 LockResource
0x5f9578 SizeofResource
0x5f957c LoadResource
0x5f9580 ReadFile
USER32.dll
0x5f96b4 SetMenuDefaultItem
0x5f96b8 UpdateLayeredWindow
0x5f96bc UnionRect
0x5f96c0 SetCursorPos
0x5f96c4 DrawFrameControl
0x5f96c8 DrawEdge
0x5f96cc DrawIconEx
0x5f96d0 GetIconInfo
0x5f96d4 EnableScrollBar
0x5f96d8 HideCaret
0x5f96dc DrawFocusRect
0x5f96e0 InvertRect
0x5f96e4 GetMenuDefaultItem
0x5f96e8 UnregisterClassW
0x5f96ec EmptyClipboard
0x5f96f0 CloseClipboard
0x5f96f4 SetClipboardData
0x5f96f8 CopyImage
0x5f96fc OpenClipboard
0x5f9700 DrawStateW
0x5f9704 RegisterClipboardFormatW
0x5f9708 EnumChildWindows
0x5f970c LockWindowUpdate
0x5f9710 IsMenu
0x5f9714 GetSystemMenu
0x5f9718 MonitorFromPoint
0x5f971c UnpackDDElParam
0x5f9720 ReuseDDElParam
0x5f9724 GetMenuBarInfo
0x5f9728 LoadImageW
0x5f972c InsertMenuItemW
0x5f9730 BringWindowToTop
0x5f9734 TranslateAcceleratorW
0x5f9738 SetClassLongW
0x5f973c WindowFromPoint
0x5f9740 SetParent
0x5f9744 CreatePopupMenu
0x5f9748 NotifyWinEvent
0x5f974c SetWindowRgn
0x5f9750 CreateAcceleratorTableW
0x5f9754 LoadAcceleratorsW
0x5f9758 DestroyAcceleratorTable
0x5f975c GetAsyncKeyState
0x5f9760 GetKeyboardState
0x5f9764 GetKeyboardLayout
0x5f9768 ToUnicodeEx
0x5f976c WaitMessage
0x5f9770 PostThreadMessageW
0x5f9774 GetDialogBaseUnits
0x5f9778 GetNextDlgGroupItem
0x5f977c ReleaseCapture
0x5f9780 SetCapture
0x5f9784 InvalidateRgn
0x5f9788 SetRect
0x5f978c IsRectEmpty
0x5f9790 CopyAcceleratorTableW
0x5f9794 CharNextW
0x5f9798 CharUpperW
0x5f979c DestroyIcon
0x5f97a0 SetLayeredWindowAttributes
0x5f97a4 EnumDisplayMonitors
0x5f97a8 SetRectEmpty
0x5f97ac KillTimer
0x5f97b0 InvalidateRect
0x5f97b4 DeleteMenu
0x5f97b8 IntersectRect
0x5f97bc EndPaint
0x5f97c0 BeginPaint
0x5f97c4 GetWindowDC
0x5f97c8 GrayStringW
0x5f97cc DrawTextExW
0x5f97d0 DrawTextW
0x5f97d4 TabbedTextOutW
0x5f97d8 FillRect
0x5f97dc LoadCursorW
0x5f97e0 GetSysColorBrush
0x5f97e4 RealChildWindowFromPoint
0x5f97e8 ClientToScreen
0x5f97ec GetSystemMetrics
0x5f97f0 DestroyMenu
0x5f97f4 GetMenuItemInfoW
0x5f97f8 InflateRect
0x5f97fc SystemParametersInfoW
0x5f9800 OffsetRect
0x5f9804 MapVirtualKeyExW
0x5f9808 IsZoomed
0x5f980c GetDesktopWindow
0x5f9810 CreateDialogIndirectParamW
0x5f9814 GetNextDlgTabItem
0x5f9818 EndDialog
0x5f981c GetMessageW
0x5f9820 TranslateMessage
0x5f9824 GetActiveWindow
0x5f9828 ValidateRect
0x5f982c SetWindowContextHelpId
0x5f9830 MapDialogRect
0x5f9834 GetWindowThreadProcessId
0x5f9838 ShowOwnedPopups
0x5f983c SetCursor
0x5f9840 ScrollWindowEx
0x5f9844 IsWindowEnabled
0x5f9848 MoveWindow
0x5f984c SetWindowTextW
0x5f9850 IsDialogMessageW
0x5f9854 IsDlgButtonChecked
0x5f9858 SetDlgItemTextW
0x5f985c SetDlgItemInt
0x5f9860 GetDlgItemTextW
0x5f9864 GetDlgItemInt
0x5f9868 CheckRadioButton
0x5f986c CheckDlgButton
0x5f9870 RegisterWindowMessageW
0x5f9874 SendDlgItemMessageW
0x5f9878 SendDlgItemMessageA
0x5f987c WinHelpW
0x5f9880 IsChild
0x5f9884 GetCapture
0x5f9888 SetWindowsHookExW
0x5f988c CallNextHookEx
0x5f9890 GetClassLongW
0x5f9894 GetClassNameW
0x5f9898 SetPropW
0x5f989c GetPropW
0x5f98a0 RemovePropW
0x5f98a4 SetFocus
0x5f98a8 GetWindowTextLengthW
0x5f98ac GetWindowTextW
0x5f98b0 GetForegroundWindow
0x5f98b4 GetLastActivePopup
0x5f98b8 SetActiveWindow
0x5f98bc EnableWindow
0x5f98c0 ShowWindow
0x5f98c4 FindWindowW
0x5f98c8 SetForegroundWindow
0x5f98cc IsIconic
0x5f98d0 DispatchMessageW
0x5f98d4 BeginDeferWindowPos
0x5f98d8 EndDeferWindowPos
0x5f98dc GetDlgItem
0x5f98e0 GetTopWindow
0x5f98e4 DestroyWindow
0x5f98e8 UnhookWindowsHookEx
0x5f98ec GetMessageTime
0x5f98f0 GetMessagePos
0x5f98f4 PeekMessageW
0x5f98f8 MonitorFromWindow
0x5f98fc GetMonitorInfoW
0x5f9900 MapWindowPoints
0x5f9904 ScrollWindow
0x5f9908 TrackPopupMenuEx
0x5f990c TrackPopupMenu
0x5f9910 GetKeyState
0x5f9914 SetMenu
0x5f9918 SetScrollRange
0x5f991c GetScrollRange
0x5f9920 SetScrollPos
0x5f9924 GetScrollPos
0x5f9928 ShowScrollBar
0x5f992c IsClipboardFormatAvailable
0x5f9930 SendNotifyMessageW
0x5f9934 InSendMessage
0x5f9938 DefFrameProcW
0x5f993c DefMDIChildProcW
0x5f9940 DrawMenuBar
0x5f9944 TranslateMDISysAccel
0x5f9948 GetWindowRgn
0x5f994c FrameRect
0x5f9950 GetUpdateRect
0x5f9954 CharUpperBuffW
0x5f9958 CopyIcon
0x5f995c SubtractRect
0x5f9960 CreateMenu
0x5f9964 GetDoubleClickTime
0x5f9968 UpdateWindow
0x5f996c PostMessageW
0x5f9970 MessageBoxW
0x5f9974 CreateWindowExW
0x5f9978 GetClassInfoExW
0x5f997c GetClassInfoW
0x5f9980 RegisterClassW
0x5f9984 GetSysColor
0x5f9988 AdjustWindowRectEx
0x5f998c GetWindowRect
0x5f9990 DrawIcon
0x5f9994 GetTabbedTextExtentW
0x5f9998 WindowFromDC
0x5f999c GetDCEx
0x5f99a0 DestroyCursor
0x5f99a4 MessageBeep
0x5f99a8 SendMessageW
0x5f99ac IsWindowVisible
0x5f99b0 GetMenuItemCount
0x5f99b4 GetCursorPos
0x5f99b8 RedrawWindow
0x5f99bc LoadMenuW
0x5f99c0 MessageBoxA
0x5f99c4 LoadIconW
0x5f99c8 GetMenu
0x5f99cc GetClientRect
0x5f99d0 GetSubMenu
0x5f99d4 GetMenuItemID
0x5f99d8 PostQuitMessage
0x5f99dc SetTimer
0x5f99e0 CheckMenuItem
0x5f99e4 EnableMenuItem
0x5f99e8 GetMenuState
0x5f99ec ModifyMenuW
0x5f99f0 GetParent
0x5f99f4 GetFocus
0x5f99f8 LoadBitmapW
0x5f99fc GetMenuCheckMarkDimensions
0x5f9a00 SetMenuItemBitmaps
0x5f9a04 IsWindow
0x5f9a08 CopyRect
0x5f9a0c GetDC
0x5f9a10 ReleaseDC
0x5f9a14 GetKeyNameTextW
0x5f9a18 MapVirtualKeyW
0x5f9a1c RemoveMenu
0x5f9a20 InsertMenuW
0x5f9a24 AppendMenuW
0x5f9a28 GetMenuStringW
0x5f9a2c GetWindow
0x5f9a30 SetWindowPos
0x5f9a34 SetWindowLongW
0x5f9a38 GetWindowLongW
0x5f9a3c CallWindowProcW
0x5f9a40 DefWindowProcW
0x5f9a44 GetDlgCtrlID
0x5f9a48 GetWindowPlacement
0x5f9a4c SetWindowPlacement
0x5f9a50 PtInRect
0x5f9a54 SetScrollInfo
0x5f9a58 GetScrollInfo
0x5f9a5c DeferWindowPos
0x5f9a60 EqualRect
0x5f9a64 ScreenToClient
0x5f9a68 IsCharLowerW
GDI32.dll
0x5f908c GetTextCharsetInfo
0x5f9090 GetBkColor
0x5f9094 GetTextColor
0x5f9098 GetRgnBox
0x5f909c OffsetRgn
0x5f90a0 CreateRoundRectRgn
0x5f90a4 SetDIBColorTable
0x5f90a8 GetDIBits
0x5f90ac RealizePalette
0x5f90b0 StretchBlt
0x5f90b4 SetPixel
0x5f90b8 CreateDIBSection
0x5f90bc GetCharWidthW
0x5f90c0 CreateFontW
0x5f90c4 StretchDIBits
0x5f90c8 CreatePalette
0x5f90cc GetPaletteEntries
0x5f90d0 GetNearestPaletteIndex
0x5f90d4 GetSystemPaletteEntries
0x5f90d8 GetCurrentObject
0x5f90dc CreatePolygonRgn
0x5f90e0 CreateEllipticRgn
0x5f90e4 Polyline
0x5f90e8 Ellipse
0x5f90ec Polygon
0x5f90f0 Rectangle
0x5f90f4 EnumFontFamiliesExW
0x5f90f8 RoundRect
0x5f90fc EnumFontFamiliesW
0x5f9100 LPtoDP
0x5f9104 PtInRegion
0x5f9108 FillRgn
0x5f910c FrameRgn
0x5f9110 GetBoundsRect
0x5f9114 GetViewportOrgEx
0x5f9118 ExtFloodFill
0x5f911c SetPaletteEntries
0x5f9120 StartPage
0x5f9124 EndPage
0x5f9128 SetAbortProc
0x5f912c AbortDoc
0x5f9130 EndDoc
0x5f9134 GetNearestColor
0x5f9138 GetBkMode
0x5f913c GetPolyFillMode
0x5f9140 GetROP2
0x5f9144 GetStretchBltMode
0x5f9148 GetTextAlign
0x5f914c GetTextFaceW
0x5f9150 SetPixelV
0x5f9154 CreateMetaFileW
0x5f9158 CloseMetaFile
0x5f915c DeleteMetaFile
0x5f9160 SelectObject
0x5f9164 Escape
0x5f9168 TextOutW
0x5f916c CreateCompatibleBitmap
0x5f9170 GetTextMetricsW
0x5f9174 CreateDIBitmap
0x5f9178 DPtoLP
0x5f917c GetMapMode
0x5f9180 CombineRgn
0x5f9184 SetRectRgn
0x5f9188 CreateHatchBrush
0x5f918c CreateSolidBrush
0x5f9190 ExtCreatePen
0x5f9194 CreatePen
0x5f9198 PlayMetaFile
0x5f919c EnumMetaFile
0x5f91a0 GetObjectType
0x5f91a4 PlayMetaFileRecord
0x5f91a8 SelectPalette
0x5f91ac GetStockObject
0x5f91b0 CreatePatternBrush
0x5f91b4 CreateDIBPatternBrushPt
0x5f91b8 DeleteDC
0x5f91bc ExtSelectClipRgn
0x5f91c0 PolyBezierTo
0x5f91c4 PolylineTo
0x5f91c8 PolyDraw
0x5f91cc ArcTo
0x5f91d0 GetCurrentPositionEx
0x5f91d4 ScaleWindowExtEx
0x5f91d8 SetWindowExtEx
0x5f91dc OffsetWindowOrgEx
0x5f91e0 SetWindowOrgEx
0x5f91e4 ScaleViewportExtEx
0x5f91e8 SetViewportExtEx
0x5f91ec OffsetViewportOrgEx
0x5f91f0 GetWindowOrgEx
0x5f91f4 CreateBitmap
0x5f91f8 RectVisible
0x5f91fc PtVisible
0x5f9200 StartDocW
0x5f9204 GetPixel
0x5f9208 GetWindowExtEx
0x5f920c GetViewportExtEx
0x5f9210 SelectClipPath
0x5f9214 CreateRectRgn
0x5f9218 GetClipRgn
0x5f921c SelectClipRgn
0x5f9220 SetColorAdjustment
0x5f9224 SetArcDirection
0x5f9228 SetLayout
0x5f922c GetLayout
0x5f9230 SetMapperFlags
0x5f9234 SetTextCharacterExtra
0x5f9238 SetTextJustification
0x5f923c SetTextAlign
0x5f9240 MoveToEx
0x5f9244 LineTo
0x5f9248 OffsetClipRgn
0x5f924c IntersectClipRect
0x5f9250 ExcludeClipRect
0x5f9254 GetClipBox
0x5f9258 SetMapMode
0x5f925c ModifyWorldTransform
0x5f9260 SetWorldTransform
0x5f9264 SetGraphicsMode
0x5f9268 SetStretchBltMode
0x5f926c SetROP2
0x5f9270 SetPolyFillMode
0x5f9274 SetBkMode
0x5f9278 RestoreDC
0x5f927c SaveDC
0x5f9280 DeleteObject
0x5f9284 GetTextExtentPoint32W
0x5f9288 ExtTextOutW
0x5f928c BitBlt
0x5f9290 CreateCompatibleDC
0x5f9294 CreateFontIndirectW
0x5f9298 GetObjectW
0x5f929c SetBkColor
0x5f92a0 SetTextColor
0x5f92a4 CreateDCW
0x5f92a8 CopyMetaFileW
0x5f92ac GetDeviceCaps
0x5f92b0 SetViewportOrgEx
0x5f92b4 CreateRectRgnIndirect
0x5f92b8 PatBlt
MSIMG32.dll
0x5f9588 TransparentBlt
0x5f958c AlphaBlend
COMDLG32.dll
0x5f9084 GetFileTitleW
WINSPOOL.DRV
0x5f9a78 OpenPrinterW
0x5f9a7c DocumentPropertiesW
0x5f9a80 ClosePrinter
0x5f9a84 GetJobW
ADVAPI32.dll
0x5f9000 RegDeleteKeyW
0x5f9004 OpenSCManagerW
0x5f9008 OpenServiceW
0x5f900c RegQueryValueExW
0x5f9010 RegOpenKeyW
0x5f9014 CryptAcquireContextA
0x5f9018 StartServiceW
0x5f901c RegDeleteValueW
0x5f9020 QueryServiceStatusEx
0x5f9024 GetFileSecurityW
0x5f9028 SetFileSecurityW
0x5f902c RegEnumKeyExW
0x5f9030 RegEnumValueW
0x5f9034 RegQueryValueW
0x5f9038 RegEnumKeyW
0x5f903c CloseServiceHandle
0x5f9040 RegCreateKeyExW
0x5f9044 RegOpenKeyExW
0x5f9048 RegSetValueW
0x5f904c RegSetValueExW
0x5f9050 RegCloseKey
0x5f9054 ControlService
SHELL32.dll
0x5f965c SHGetPathFromIDListW
0x5f9660 SHAddToRecentDocs
0x5f9664 ExtractIconW
0x5f9668 SHGetFileInfoW
0x5f966c SHGetDesktopFolder
0x5f9670 SHGetSpecialFolderLocation
0x5f9674 SHGetMalloc
0x5f9678 ShellExecuteExW
0x5f967c ShellExecuteW
0x5f9680 SHAppBarMessage
0x5f9684 DragQueryFileW
0x5f9688 DragFinish
0x5f968c SHBrowseForFolderW
0x5f9690 Shell_NotifyIconW
COMCTL32.dll
0x5f905c ImageList_GetIconSize
0x5f9060 ImageList_ReplaceIcon
0x5f9064 ImageList_GetIcon
0x5f9068 ImageList_Create
0x5f906c ImageList_GetImageCount
0x5f9070 ImageList_Destroy
0x5f9074 ImageList_AddMasked
0x5f9078 ImageList_Remove
0x5f907c ImageList_DrawEx
SHLWAPI.dll
0x5f9698 PathFindFileNameW
0x5f969c PathStripToRootW
0x5f96a0 PathIsUNCW
0x5f96a4 PathRemoveFileSpecW
0x5f96a8 PathRemoveExtensionW
0x5f96ac PathFindExtensionW
ole32.dll
0x5f9af4 OleDestroyMenuDescriptor
0x5f9af8 OleCreateMenuDescriptor
0x5f9afc OleGetClipboard
0x5f9b00 DoDragDrop
0x5f9b04 OleFlushClipboard
0x5f9b08 OleIsCurrentClipboard
0x5f9b0c OleSetClipboard
0x5f9b10 StgIsStorageFile
0x5f9b14 StgOpenStorage
0x5f9b18 CreateFileMoniker
0x5f9b1c StgCreateDocfile
0x5f9b20 OleSetMenuDescriptor
0x5f9b24 OleLockRunning
0x5f9b28 OleInitialize
0x5f9b2c CoFreeUnusedLibraries
0x5f9b30 OleUninitialize
0x5f9b34 CoInitializeEx
0x5f9b38 CreateStreamOnHGlobal
0x5f9b3c CreateILockBytesOnHGlobal
0x5f9b40 StgCreateDocfileOnILockBytes
0x5f9b44 OleTranslateAccelerator
0x5f9b48 OleCreate
0x5f9b4c CoUninitialize
0x5f9b50 CoDisconnectObject
0x5f9b54 StringFromGUID2
0x5f9b58 CLSIDFromString
0x5f9b5c CLSIDFromProgID
0x5f9b60 CoCreateGuid
0x5f9b64 OleDuplicateData
0x5f9b68 CoTreatAsClass
0x5f9b6c StringFromCLSID
0x5f9b70 CoTaskMemAlloc
0x5f9b74 ReleaseStgMedium
0x5f9b78 CreateBindCtx
0x5f9b7c ReadClassStg
0x5f9b80 ReadFmtUserTypeStg
0x5f9b84 OleRegGetUserType
0x5f9b88 WriteClassStg
0x5f9b8c WriteFmtUserTypeStg
0x5f9b90 OleCreateStaticFromData
0x5f9b94 OleCreateLinkFromData
0x5f9b98 IsAccelerator
0x5f9b9c CoRegisterClassObject
0x5f9ba0 CoRevokeClassObject
0x5f9ba4 CreateDataAdviseHolder
0x5f9ba8 CreateOleAdviseHolder
0x5f9bac GetRunningObjectTable
0x5f9bb0 CoGetMalloc
0x5f9bb4 OleIsRunning
0x5f9bb8 OleQueryLinkFromData
0x5f9bbc OleQueryCreateFromData
0x5f9bc0 OleRegGetMiscStatus
0x5f9bc4 OleRegEnumVerbs
0x5f9bc8 RevokeDragDrop
0x5f9bcc CoLockObjectExternal
0x5f9bd0 RegisterDragDrop
0x5f9bd4 PropVariantCopy
0x5f9bd8 CreateGenericComposite
0x5f9bdc CreateItemMoniker
0x5f9be0 OleGetIconOfClass
0x5f9be4 OleCreateLinkToFile
0x5f9be8 OleCreateFromFile
0x5f9bec OleSetContainedObject
0x5f9bf0 GetHGlobalFromILockBytes
0x5f9bf4 StgOpenStorageOnILockBytes
0x5f9bf8 OleLoad
0x5f9bfc SetConvertStg
0x5f9c00 CoTaskMemFree
0x5f9c04 OleRun
0x5f9c08 CoInitialize
0x5f9c0c CoCreateInstance
0x5f9c10 OleCreateFromData
0x5f9c14 WriteClassStm
0x5f9c18 OleSaveToStream
0x5f9c1c OleSave
0x5f9c20 CoGetClassObject
0x5f9c24 CoRegisterMessageFilter
OLEAUT32.dll
0x5f95a4 VariantInit
0x5f95a8 VariantChangeType
0x5f95ac SysStringByteLen
0x5f95b0 SysFreeString
0x5f95b4 SysAllocStringLen
0x5f95b8 SafeArrayUnaccessData
0x5f95bc SafeArrayAccessData
0x5f95c0 SafeArrayGetUBound
0x5f95c4 SafeArrayGetLBound
0x5f95c8 SafeArrayGetElemsize
0x5f95cc SafeArrayGetDim
0x5f95d0 SafeArrayCreate
0x5f95d4 SafeArrayRedim
0x5f95d8 SafeArrayAllocData
0x5f95dc SafeArrayAllocDescriptor
0x5f95e0 SafeArrayCopy
0x5f95e4 SafeArrayGetElement
0x5f95e8 SafeArrayPtrOfIndex
0x5f95ec SysAllocStringByteLen
0x5f95f0 SafeArrayUnlock
0x5f95f4 SafeArrayDestroy
0x5f95f8 SafeArrayDestroyData
0x5f95fc SafeArrayDestroyDescriptor
0x5f9600 VariantTimeToSystemTime
0x5f9604 SystemTimeToVariantTime
0x5f9608 SysStringLen
0x5f960c VarDateFromStr
0x5f9610 SysReAllocStringLen
0x5f9614 VarCyFromStr
0x5f9618 CreateErrorInfo
0x5f961c VarBstrFromCy
0x5f9620 VarBstrFromDec
0x5f9624 VarDecFromStr
0x5f9628 VarBstrFromDate
0x5f962c RegisterTypeLib
0x5f9630 LoadTypeLib
0x5f9634 LoadRegTypeLib
0x5f9638 OleCreateFontIndirect
0x5f963c VariantCopy
0x5f9640 VariantClear
0x5f9644 SysAllocString
0x5f9648 SafeArrayPutElement
0x5f964c GetErrorInfo
0x5f9650 SetErrorInfo
0x5f9654 SafeArrayLock
oledlg.dll
0x5f9c2c OleUIBusyW
gdiplus.dll
0x5f9a8c GdipSetInterpolationMode
0x5f9a90 GdipCreateFromHDC
0x5f9a94 GdipCreateBitmapFromHBITMAP
0x5f9a98 GdipCloneImage
0x5f9a9c GdipDrawImageI
0x5f9aa0 GdipGetImageGraphicsContext
0x5f9aa4 GdiplusShutdown
0x5f9aa8 GdiplusStartup
0x5f9aac GdipBitmapUnlockBits
0x5f9ab0 GdipBitmapLockBits
0x5f9ab4 GdipCreateBitmapFromScan0
0x5f9ab8 GdipCreateBitmapFromStreamICM
0x5f9abc GdipCreateBitmapFromStream
0x5f9ac0 GdipCreateBitmapFromFileICM
0x5f9ac4 GdipCreateBitmapFromFile
0x5f9ac8 GdipGetImagePalette
0x5f9acc GdipGetImagePaletteSize
0x5f9ad0 GdipGetImagePixelFormat
0x5f9ad4 GdipGetImageHeight
0x5f9ad8 GdipGetImageWidth
0x5f9adc GdipDisposeImage
0x5f9ae0 GdipDeleteGraphics
0x5f9ae4 GdipAlloc
0x5f9ae8 GdipFree
0x5f9aec GdipDrawImageRectI
OLEACC.dll
0x5f9594 LresultFromObject
0x5f9598 AccessibleObjectFromWindow
0x5f959c CreateStdAccessibleObject
IMM32.dll
0x5f92c0 ImmGetContext
0x5f92c4 ImmGetOpenStatus
0x5f92c8 ImmReleaseContext
WINMM.dll
0x5f9a70 PlaySoundW
EAT(Export Address Table) Library
0x405570 fyewghGFDWDFGHfgehfDSDWFWGFhg