ScreenShot
| Created | 2021.05.01 09:44 | Machine | s1_win7_x6401 |
| Filename | AazrkIaOnf.dll | ||
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 24 detected (malicious, high confidence, Mekotio, FGHR, confidence, Eldorado, CLOUD, Softcnapp, ai score=85, R418241, Artemis) | ||
| md5 | 4ea2c49920dfc1dbcc1ffb5a7300c441 | ||
| sha256 | 6ef0e93b9e0ddd5e3bbe36c5fdefa2dfd7a8d985fe36af2af5670b3671a1bd26 | ||
| ssdeep | 196608:hJ7In8fJaw8k9pDGOVSNatSyk8uwBtNf7lGGlswN27OZO5pBn:h+8fampDdshyk8hLG0gsOp | ||
| imphash | ff750281199fd75b463a9612c10a02fe | ||
| impfuzzy | 384:YcGok6y556PDRQLOWv5xTDx3VdqaCwYyJ+icg:YCkv56PDKTx3VewH | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 24 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (4cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
winmm.dll
0x11f9000 PlaySoundW
wininet.dll
0x11f9010 InternetCloseHandle
0x11f9018 InternetReadFile
0x11f9020 InternetOpenW
0x11f9028 InternetOpenUrlW
winspool.drv
0x11f9038 DocumentPropertiesW
0x11f9040 ClosePrinter
0x11f9048 OpenPrinterW
0x11f9050 GetDefaultPrinterW
0x11f9058 EnumPrintersW
comctl32.dll
0x11f9068 ImageList_GetImageInfo
0x11f9070 FlatSB_SetScrollInfo
0x11f9078 InitCommonControls
0x11f9080 ImageList_DragMove
0x11f9088 ImageList_Destroy
0x11f9090 _TrackMouseEvent
0x11f9098 ImageList_DragShowNolock
0x11f90a0 ImageList_Add
0x11f90a8 FlatSB_SetScrollProp
0x11f90b0 ImageList_GetDragImage
0x11f90b8 ImageList_Create
0x11f90c0 ImageList_EndDrag
0x11f90c8 ImageList_DrawEx
0x11f90d0 ImageList_SetImageCount
0x11f90d8 FlatSB_GetScrollPos
0x11f90e0 FlatSB_SetScrollPos
0x11f90e8 InitializeFlatSB
0x11f90f0 ImageList_Copy
0x11f90f8 FlatSB_GetScrollInfo
0x11f9100 ImageList_Write
0x11f9108 ImageList_SetBkColor
0x11f9110 ImageList_GetBkColor
0x11f9118 ImageList_BeginDrag
0x11f9120 ImageList_GetIcon
0x11f9128 ImageList_Replace
0x11f9130 ImageList_GetImageCount
0x11f9138 ImageList_DragEnter
0x11f9140 ImageList_GetIconSize
0x11f9148 ImageList_SetIconSize
0x11f9150 ImageList_Read
0x11f9158 ImageList_DragLeave
0x11f9160 ImageList_LoadImageW
0x11f9168 ImageList_Draw
0x11f9170 ImageList_Remove
0x11f9178 ImageList_ReplaceIcon
0x11f9180 ImageList_SetOverlayImage
shell32.dll
0x11f9190 SHGetSpecialFolderLocation
0x11f9198 Shell_NotifyIconW
0x11f91a0 ShellExecuteW
0x11f91a8 SHGetPathFromIDListW
user32.dll
0x11f91b8 DdeSetUserHandle
0x11f91c0 CopyImage
0x11f91c8 SetMenuItemInfoW
0x11f91d0 GetMenuItemInfoW
0x11f91d8 DefFrameProcW
0x11f91e0 GetDlgCtrlID
0x11f91e8 FrameRect
0x11f91f0 RegisterWindowMessageW
0x11f91f8 GetMenuStringW
0x11f9200 FillRect
0x11f9208 DdeCmpStringHandles
0x11f9210 SendMessageA
0x11f9218 IsClipboardFormatAvailable
0x11f9220 EnumWindows
0x11f9228 ShowOwnedPopups
0x11f9230 GetClassInfoW
0x11f9238 GetScrollRange
0x11f9240 SetActiveWindow
0x11f9248 GetActiveWindow
0x11f9250 DrawEdge
0x11f9258 GetKeyboardLayoutList
0x11f9260 LoadBitmapW
0x11f9268 EnumChildWindows
0x11f9270 GetScrollBarInfo
0x11f9278 UnhookWindowsHookEx
0x11f9280 SetCapture
0x11f9288 GetCapture
0x11f9290 ShowCaret
0x11f9298 CreatePopupMenu
0x11f92a0 GetMenuItemID
0x11f92a8 CharLowerBuffW
0x11f92b0 PostMessageW
0x11f92b8 IsZoomed
0x11f92c0 SetParent
0x11f92c8 DrawMenuBar
0x11f92d0 SetSystemCursor
0x11f92d8 GetClientRect
0x11f92e0 IsChild
0x11f92e8 IsIconic
0x11f92f0 CallNextHookEx
0x11f92f8 DdeDisconnect
0x11f9300 ShowWindow
0x11f9308 GetWindowTextW
0x11f9310 SetForegroundWindow
0x11f9318 GetAsyncKeyState
0x11f9320 IsDialogMessageW
0x11f9328 DestroyWindow
0x11f9330 RegisterClassW
0x11f9338 EndMenu
0x11f9340 CharNextW
0x11f9348 GetFocus
0x11f9350 GetDC
0x11f9358 SetFocus
0x11f9360 ReleaseDC
0x11f9368 mouse_event
0x11f9370 ExitWindowsEx
0x11f9378 SetScrollRange
0x11f9380 DrawTextW
0x11f9388 PeekMessageA
0x11f9390 MessageBeep
0x11f9398 RemovePropW
0x11f93a0 GetSubMenu
0x11f93a8 DestroyIcon
0x11f93b0 IsWindowVisible
0x11f93b8 DispatchMessageA
0x11f93c0 UnregisterClassW
0x11f93c8 GetTopWindow
0x11f93d0 SendMessageW
0x11f93d8 GetMessageTime
0x11f93e0 GetWindowLongPtrW
0x11f93e8 SetWindowLongPtrW
0x11f93f0 DdeNameService
0x11f93f8 DdeAccessData
0x11f9400 LoadStringW
0x11f9408 CreateMenu
0x11f9410 CharLowerW
0x11f9418 SetWindowRgn
0x11f9420 SetWindowPos
0x11f9428 GetMenuItemCount
0x11f9430 GetSysColorBrush
0x11f9438 GetWindowDC
0x11f9440 DdeQueryConvInfo
0x11f9448 DrawTextExW
0x11f9450 EnumClipboardFormats
0x11f9458 GetScrollInfo
0x11f9460 SetWindowTextW
0x11f9468 GetMessageExtraInfo
0x11f9470 GetSysColor
0x11f9478 EnableScrollBar
0x11f9480 TrackPopupMenu
0x11f9488 DrawIconEx
0x11f9490 DdePostAdvise
0x11f9498 GetClassNameW
0x11f94a0 DdeCreateDataHandle
0x11f94a8 GetMessagePos
0x11f94b0 GetIconInfo
0x11f94b8 SetScrollInfo
0x11f94c0 GetKeyNameTextW
0x11f94c8 GetDesktopWindow
0x11f94d0 SetCursorPos
0x11f94d8 GetCursorPos
0x11f94e0 SetMenu
0x11f94e8 GetMenuState
0x11f94f0 GetMenu
0x11f94f8 SetRect
0x11f9500 GetKeyState
0x11f9508 GetCursor
0x11f9510 KillTimer
0x11f9518 WaitMessage
0x11f9520 TranslateMDISysAccel
0x11f9528 GetWindowPlacement
0x11f9530 CreateWindowExW
0x11f9538 GetMessageW
0x11f9540 GetDCEx
0x11f9548 PeekMessageW
0x11f9550 MonitorFromWindow
0x11f9558 SetTimer
0x11f9560 WindowFromPoint
0x11f9568 BeginPaint
0x11f9570 RegisterClipboardFormatW
0x11f9578 DdeUnaccessData
0x11f9580 MapVirtualKeyW
0x11f9588 IsWindowUnicode
0x11f9590 DispatchMessageW
0x11f9598 CreateAcceleratorTableW
0x11f95a0 DefMDIChildProcW
0x11f95a8 GetSystemMenu
0x11f95b0 SetScrollPos
0x11f95b8 GetScrollPos
0x11f95c0 DdeClientTransaction
0x11f95c8 DrawFocusRect
0x11f95d0 SendInput
0x11f95d8 ReleaseCapture
0x11f95e0 LoadCursorW
0x11f95e8 DdeConnect
0x11f95f0 ScrollWindow
0x11f95f8 GetLastActivePopup
0x11f9600 DdeUninitialize
0x11f9608 GetSystemMetrics
0x11f9610 CharUpperBuffW
0x11f9618 SetClassLongPtrW
0x11f9620 GetClassLongPtrW
0x11f9628 SetClipboardData
0x11f9630 GetClipboardData
0x11f9638 ClientToScreen
0x11f9640 SetWindowPlacement
0x11f9648 DdeFreeStringHandle
0x11f9650 GetMonitorInfoW
0x11f9658 CheckMenuItem
0x11f9660 CharUpperW
0x11f9668 DefWindowProcW
0x11f9670 GetForegroundWindow
0x11f9678 EnableWindow
0x11f9680 GetWindowThreadProcessId
0x11f9688 RedrawWindow
0x11f9690 EndPaint
0x11f9698 MsgWaitForMultipleObjectsEx
0x11f96a0 LoadKeyboardLayoutW
0x11f96a8 ActivateKeyboardLayout
0x11f96b0 GetParent
0x11f96b8 MonitorFromRect
0x11f96c0 InsertMenuItemW
0x11f96c8 DdeQueryStringA
0x11f96d0 GetPropW
0x11f96d8 MessageBoxW
0x11f96e0 SetPropW
0x11f96e8 UpdateWindow
0x11f96f0 MsgWaitForMultipleObjects
0x11f96f8 VkKeyScanW
0x11f9700 DestroyMenu
0x11f9708 SetWindowsHookExW
0x11f9710 EmptyClipboard
0x11f9718 AdjustWindowRectEx
0x11f9720 IsWindow
0x11f9728 DrawIcon
0x11f9730 EnumThreadWindows
0x11f9738 InvalidateRect
0x11f9740 GetKeyboardState
0x11f9748 ScreenToClient
0x11f9750 DrawFrameControl
0x11f9758 DdeFreeDataHandle
0x11f9760 SetCursor
0x11f9768 CreateIcon
0x11f9770 DdeInitializeA
0x11f9778 RemoveMenu
0x11f9780 DdeCreateStringHandleA
0x11f9788 GetKeyboardLayoutNameW
0x11f9790 OpenClipboard
0x11f9798 TranslateMessage
0x11f97a0 MapWindowPoints
0x11f97a8 EnumDisplayMonitors
0x11f97b0 CountClipboardFormats
0x11f97b8 CallWindowProcW
0x11f97c0 CloseClipboard
0x11f97c8 DestroyCursor
0x11f97d0 PostMessageA
0x11f97d8 CopyIcon
0x11f97e0 PostQuitMessage
0x11f97e8 DdeGetLastError
0x11f97f0 ShowScrollBar
0x11f97f8 EnableMenuItem
0x11f9800 HideCaret
0x11f9808 FindWindowExW
0x11f9810 MonitorFromPoint
0x11f9818 LoadIconW
0x11f9820 SystemParametersInfoW
0x11f9828 GetWindow
0x11f9830 GetWindowRect
0x11f9838 InsertMenuW
0x11f9840 PostThreadMessageW
0x11f9848 IsWindowEnabled
0x11f9850 IsDialogMessageA
0x11f9858 FindWindowW
0x11f9860 GetKeyboardLayout
0x11f9868 DeleteMenu
version.dll
0x11f9878 GetFileVersionInfoSizeW
0x11f9880 VerQueryValueW
0x11f9888 GetFileVersionInfoW
oleaut32.dll
0x11f9898 GetErrorInfo
0x11f98a0 SysFreeString
0x11f98a8 VariantClear
0x11f98b0 VariantInit
0x11f98b8 SysReAllocStringLen
0x11f98c0 SafeArrayCreate
0x11f98c8 SafeArrayGetElement
0x11f98d0 GetActiveObject
0x11f98d8 SysAllocStringLen
0x11f98e0 SafeArrayPtrOfIndex
0x11f98e8 SafeArrayGetUBound
0x11f98f0 SafeArrayGetLBound
0x11f98f8 VariantCopy
0x11f9900 VariantChangeType
advapi32.dll
0x11f9910 RegSetValueExW
0x11f9918 RegConnectRegistryW
0x11f9920 GetUserNameW
0x11f9928 RegQueryInfoKeyW
0x11f9930 RegUnLoadKeyW
0x11f9938 IsValidAcl
0x11f9940 RegSaveKeyW
0x11f9948 RegReplaceKeyW
0x11f9950 RegCreateKeyExW
0x11f9958 InitializeAcl
0x11f9960 RegLoadKeyW
0x11f9968 RegEnumKeyExW
0x11f9970 AdjustTokenPrivileges
0x11f9978 RegDeleteKeyW
0x11f9980 SetSecurityInfo
0x11f9988 LookupPrivilegeValueW
0x11f9990 RegOpenKeyExW
0x11f9998 OpenProcessToken
0x11f99a0 RegDeleteValueW
0x11f99a8 RegFlushKey
0x11f99b0 RegEnumValueW
0x11f99b8 RegQueryValueExW
0x11f99c0 RegCloseKey
0x11f99c8 RegRestoreKeyW
netapi32.dll
0x11f99d8 NetWkstaGetInfo
0x11f99e0 NetApiBufferFree
msvcrt.dll
0x11f99f0 memcpy
0x11f99f8 memset
winhttp.dll
0x11f9a08 WinHttpGetIEProxyConfigForCurrentUser
0x11f9a10 WinHttpSetTimeouts
0x11f9a18 WinHttpSetStatusCallback
0x11f9a20 WinHttpConnect
0x11f9a28 WinHttpReceiveResponse
0x11f9a30 WinHttpQueryAuthSchemes
0x11f9a38 WinHttpGetProxyForUrl
0x11f9a40 WinHttpReadData
0x11f9a48 WinHttpCloseHandle
0x11f9a50 WinHttpQueryHeaders
0x11f9a58 WinHttpOpenRequest
0x11f9a60 WinHttpAddRequestHeaders
0x11f9a68 WinHttpOpen
0x11f9a70 WinHttpWriteData
0x11f9a78 WinHttpSetCredentials
0x11f9a80 WinHttpQueryDataAvailable
0x11f9a88 WinHttpSetOption
0x11f9a90 WinHttpSendRequest
0x11f9a98 WinHttpQueryOption
kernel32.dll
0x11f9aa8 SetFileAttributesW
0x11f9ab0 GetFileType
0x11f9ab8 SetFileTime
0x11f9ac0 RtlUnwindEx
0x11f9ac8 QueryDosDeviceW
0x11f9ad0 GetACP
0x11f9ad8 CloseHandle
0x11f9ae0 LocalFree
0x11f9ae8 GetCurrentProcessId
0x11f9af0 SizeofResource
0x11f9af8 VirtualProtect
0x11f9b00 TlsAlloc
0x11f9b08 TerminateThread
0x11f9b10 QueryPerformanceFrequency
0x11f9b18 SetProcessWorkingSetSize
0x11f9b20 IsDebuggerPresent
0x11f9b28 FindNextFileW
0x11f9b30 GetFullPathNameW
0x11f9b38 VirtualFree
0x11f9b40 HeapAlloc
0x11f9b48 ExitProcess
0x11f9b50 GetCPInfoExW
0x11f9b58 GlobalSize
0x11f9b60 RtlUnwind
0x11f9b68 GetCPInfo
0x11f9b70 EnumSystemLocalesW
0x11f9b78 GetStdHandle
0x11f9b80 GetTimeZoneInformation
0x11f9b88 FileTimeToLocalFileTime
0x11f9b90 SystemTimeToTzSpecificLocalTime
0x11f9b98 GetModuleHandleW
0x11f9ba0 FreeLibrary
0x11f9ba8 TryEnterCriticalSection
0x11f9bb0 HeapDestroy
0x11f9bb8 FileTimeToDosDateTime
0x11f9bc0 ReadFile
0x11f9bc8 GetUserDefaultLCID
0x11f9bd0 CreateProcessW
0x11f9bd8 HeapSize
0x11f9be0 GetLastError
0x11f9be8 GetModuleFileNameW
0x11f9bf0 SetLastError
0x11f9bf8 GlobalAlloc
0x11f9c00 GlobalUnlock
0x11f9c08 FindResourceW
0x11f9c10 CreateThread
0x11f9c18 CompareStringW
0x11f9c20 CopyFileW
0x11f9c28 MapViewOfFile
0x11f9c30 CreateMutexW
0x11f9c38 LoadLibraryA
0x11f9c40 GetVolumeInformationW
0x11f9c48 ResetEvent
0x11f9c50 MulDiv
0x11f9c58 FreeResource
0x11f9c60 GetDriveTypeW
0x11f9c68 GetVersion
0x11f9c70 RaiseException
0x11f9c78 GlobalAddAtomW
0x11f9c80 FormatMessageW
0x11f9c88 OpenProcess
0x11f9c90 SwitchToThread
0x11f9c98 GetExitCodeThread
0x11f9ca0 OutputDebugStringW
0x11f9ca8 GetCurrentThread
0x11f9cb0 GetLogicalDrives
0x11f9cb8 GetFileAttributesExW
0x11f9cc0 LoadLibraryExW
0x11f9cc8 TerminateProcess
0x11f9cd0 LockResource
0x11f9cd8 FileTimeToSystemTime
0x11f9ce0 GetCurrentThreadId
0x11f9ce8 UnhandledExceptionFilter
0x11f9cf0 GlobalFindAtomW
0x11f9cf8 VirtualQuery
0x11f9d00 GlobalFree
0x11f9d08 VirtualQueryEx
0x11f9d10 Sleep
0x11f9d18 EnterCriticalSection
0x11f9d20 SetFilePointer
0x11f9d28 LoadResource
0x11f9d30 SuspendThread
0x11f9d38 GetTickCount
0x11f9d40 GetFileSize
0x11f9d48 GlobalDeleteAtom
0x11f9d50 GetStartupInfoW
0x11f9d58 GetFileAttributesW
0x11f9d60 InitializeCriticalSection
0x11f9d68 GetThreadPriority
0x11f9d70 GetCurrentProcess
0x11f9d78 GlobalLock
0x11f9d80 SetThreadPriority
0x11f9d88 VirtualAlloc
0x11f9d90 GetTempPathW
0x11f9d98 GetCommandLineW
0x11f9da0 GetSystemInfo
0x11f9da8 LeaveCriticalSection
0x11f9db0 GetProcAddress
0x11f9db8 ResumeThread
0x11f9dc0 GetLogicalDriveStringsW
0x11f9dc8 WinExec
0x11f9dd0 GetVersionExW
0x11f9dd8 VerifyVersionInfoW
0x11f9de0 HeapCreate
0x11f9de8 LCMapStringW
0x11f9df0 GetDiskFreeSpaceW
0x11f9df8 VerSetConditionMask
0x11f9e00 FindFirstFileW
0x11f9e08 GetUserDefaultUILanguage
0x11f9e10 TlsFree
0x11f9e18 GetConsoleOutputCP
0x11f9e20 UnmapViewOfFile
0x11f9e28 GetConsoleCP
0x11f9e30 lstrlenW
0x11f9e38 SetEndOfFile
0x11f9e40 QueryPerformanceCounter
0x11f9e48 HeapFree
0x11f9e50 WideCharToMultiByte
0x11f9e58 FindClose
0x11f9e60 MultiByteToWideChar
0x11f9e68 LoadLibraryW
0x11f9e70 SetEvent
0x11f9e78 GetLocaleInfoW
0x11f9e80 CreateFileW
0x11f9e88 SystemTimeToFileTime
0x11f9e90 EnumResourceNamesW
0x11f9e98 DeleteFileW
0x11f9ea0 IsDBCSLeadByteEx
0x11f9ea8 GetEnvironmentVariableW
0x11f9eb0 GetLocalTime
0x11f9eb8 WaitForSingleObject
0x11f9ec0 WriteFile
0x11f9ec8 CreateFileMappingW
0x11f9ed0 ExitThread
0x11f9ed8 DeleteCriticalSection
0x11f9ee0 GetDateFormatW
0x11f9ee8 TlsGetValue
0x11f9ef0 SetErrorMode
0x11f9ef8 GetComputerNameW
0x11f9f00 TzSpecificLocalTimeToSystemTime
0x11f9f08 IsValidLocale
0x11f9f10 TlsSetValue
0x11f9f18 CreateDirectoryW
0x11f9f20 GetSystemDefaultUILanguage
0x11f9f28 EnumCalendarInfoW
0x11f9f30 LocalAlloc
0x11f9f38 RemoveDirectoryW
0x11f9f40 CreateEventW
0x11f9f48 WaitForMultipleObjectsEx
0x11f9f50 GetThreadLocale
0x11f9f58 SetThreadLocale
wsock32.dll
0x11f9f68 gethostbyaddr
0x11f9f70 WSACleanup
0x11f9f78 gethostbyname
0x11f9f80 ind
0x11f9f88 gethostname
0x11f9f90 closesocket
0x11f9f98 WSAGetLastError
0x11f9fa0 connect
0x11f9fa8 inet_addr
0x11f9fb0 getpeername
0x11f9fb8 WSAAsyncSelect
0x11f9fc0 WSAAsyncGetServByName
0x11f9fc8 WSACancelAsyncRequest
0x11f9fd0 send
0x11f9fd8 ntohs
0x11f9fe0 htons
0x11f9fe8 WSAStartup
0x11f9ff0 getservbyname
0x11f9ff8 getsockname
0x11fa000 listen
0x11fa008 socket
0x11fa010 recv
0x11fa018 inet_ntoa
0x11fa020 ioctlsocket
0x11fa028 WSAAsyncGetHostByName
ole32.dll
0x11fa038 OleRegEnumVerbs
0x11fa040 IsAccelerator
0x11fa048 CreateBindCtx
0x11fa050 MkParseDisplayName
0x11fa058 CoCreateInstance
0x11fa060 CoUninitialize
0x11fa068 IsEqualGUID
0x11fa070 ProgIDFromCLSID
0x11fa078 CreateStreamOnHGlobal
0x11fa080 OleInitialize
0x11fa088 CLSIDFromProgID
0x11fa090 OleUninitialize
0x11fa098 CoGetClassObject
0x11fa0a0 CoInitialize
0x11fa0a8 CoTaskMemFree
0x11fa0b0 OleDraw
0x11fa0b8 CoTaskMemAlloc
0x11fa0c0 StringFromCLSID
0x11fa0c8 OleSetMenuDescriptor
gdi32.dll
0x11fa0d8 Pie
0x11fa0e0 SetBkMode
0x11fa0e8 CreateCompatibleBitmap
0x11fa0f0 GetEnhMetaFileHeader
0x11fa0f8 CloseEnhMetaFile
0x11fa100 RectVisible
0x11fa108 AngleArc
0x11fa110 ResizePalette
0x11fa118 SetAbortProc
0x11fa120 SetTextColor
0x11fa128 StretchBlt
0x11fa130 RoundRect
0x11fa138 RestoreDC
0x11fa140 SetRectRgn
0x11fa148 GetTextMetricsW
0x11fa150 GetWindowOrgEx
0x11fa158 CreatePalette
0x11fa160 PolyBezierTo
0x11fa168 CreateICW
0x11fa170 CreateDCW
0x11fa178 GetStockObject
0x11fa180 CreateSolidBrush
0x11fa188 Polygon
0x11fa190 MoveToEx
0x11fa198 PlayEnhMetaFile
0x11fa1a0 Ellipse
0x11fa1a8 StartPage
0x11fa1b0 GetBitmapBits
0x11fa1b8 StartDocW
0x11fa1c0 AbortDoc
0x11fa1c8 GetSystemPaletteEntries
0x11fa1d0 GetEnhMetaFileBits
0x11fa1d8 GetEnhMetaFilePaletteEntries
0x11fa1e0 CreatePenIndirect
0x11fa1e8 SetMapMode
0x11fa1f0 CreateFontIndirectW
0x11fa1f8 PolyBezier
0x11fa200 LPtoDP
0x11fa208 EndDoc
0x11fa210 GetObjectW
0x11fa218 GetWinMetaFileBits
0x11fa220 SetROP2
0x11fa228 GetEnhMetaFileDescriptionW
0x11fa230 ArcTo
0x11fa238 CreateEnhMetaFileW
0x11fa240 Arc
0x11fa248 SelectPalette
0x11fa250 ExcludeClipRect
0x11fa258 MaskBlt
0x11fa260 SetWindowOrgEx
0x11fa268 EndPage
0x11fa270 DeleteEnhMetaFile
0x11fa278 Chord
0x11fa280 SetDIBits
0x11fa288 SetViewportOrgEx
0x11fa290 CreateRectRgn
0x11fa298 RealizePalette
0x11fa2a0 SetDIBColorTable
0x11fa2a8 GetDIBColorTable
0x11fa2b0 CreateBrushIndirect
0x11fa2b8 PatBlt
0x11fa2c0 SetEnhMetaFileBits
0x11fa2c8 CreateEllipticRgn
0x11fa2d0 Rectangle
0x11fa2d8 SaveDC
0x11fa2e0 DeleteDC
0x11fa2e8 BitBlt
0x11fa2f0 FrameRgn
0x11fa2f8 GetDeviceCaps
0x11fa300 GetTextExtentPoint32W
0x11fa308 GetClipBox
0x11fa310 IntersectClipRect
0x11fa318 Polyline
0x11fa320 CreateBitmap
0x11fa328 CombineRgn
0x11fa330 SetWinMetaFileBits
0x11fa338 GetStretchBltMode
0x11fa340 CreateDIBitmap
0x11fa348 SetStretchBltMode
0x11fa350 GetDIBits
0x11fa358 CreateDIBSection
0x11fa360 LineTo
0x11fa368 GetRgnBox
0x11fa370 EnumFontsW
0x11fa378 CreateHalftonePalette
0x11fa380 SelectObject
0x11fa388 DeleteObject
0x11fa390 ExtFloodFill
0x11fa398 UnrealizeObject
0x11fa3a0 CopyEnhMetaFileW
0x11fa3a8 SetBkColor
0x11fa3b0 CreateCompatibleDC
0x11fa3b8 GetBrushOrgEx
0x11fa3c0 GetCurrentPositionEx
0x11fa3c8 GetNearestPaletteIndex
0x11fa3d0 GetTextExtentPointW
0x11fa3d8 ExtTextOutW
0x11fa3e0 SetBrushOrgEx
0x11fa3e8 GetPixel
0x11fa3f0 GdiFlush
0x11fa3f8 SetPixel
0x11fa400 EnumFontFamiliesExW
0x11fa408 StretchDIBits
0x11fa410 GetPaletteEntries
WTSAPI32.dll
0x11fa420 WTSSendMessageW
kernel32.dll
0x11fa430 GetSystemTimeAsFileTime
0x11fa438 GetModuleHandleA
0x11fa440 CreateEventA
0x11fa448 GetModuleFileNameW
0x11fa450 LoadLibraryA
0x11fa458 TerminateProcess
0x11fa460 GetCurrentProcess
0x11fa468 CreateToolhelp32Snapshot
0x11fa470 Thread32First
0x11fa478 GetCurrentProcessId
0x11fa480 GetCurrentThreadId
0x11fa488 OpenThread
0x11fa490 Thread32Next
0x11fa498 CloseHandle
0x11fa4a0 SuspendThread
0x11fa4a8 ResumeThread
0x11fa4b0 WriteProcessMemory
0x11fa4b8 GetSystemInfo
0x11fa4c0 VirtualAlloc
0x11fa4c8 VirtualProtect
0x11fa4d0 VirtualFree
0x11fa4d8 GetProcessAffinityMask
0x11fa4e0 SetProcessAffinityMask
0x11fa4e8 GetCurrentThread
0x11fa4f0 SetThreadAffinityMask
0x11fa4f8 Sleep
0x11fa500 FreeLibrary
0x11fa508 GetTickCount
0x11fa510 SystemTimeToFileTime
0x11fa518 FileTimeToSystemTime
0x11fa520 GlobalFree
0x11fa528 LocalAlloc
0x11fa530 LocalFree
0x11fa538 GetProcAddress
0x11fa540 ExitProcess
0x11fa548 EnterCriticalSection
0x11fa550 LeaveCriticalSection
0x11fa558 InitializeCriticalSection
0x11fa560 DeleteCriticalSection
0x11fa568 GetModuleHandleW
0x11fa570 LoadResource
0x11fa578 MultiByteToWideChar
0x11fa580 FindResourceExW
0x11fa588 FindResourceExA
0x11fa590 WideCharToMultiByte
0x11fa598 GetThreadLocale
0x11fa5a0 GetUserDefaultLCID
0x11fa5a8 GetSystemDefaultLCID
0x11fa5b0 EnumResourceNamesA
0x11fa5b8 EnumResourceNamesW
0x11fa5c0 EnumResourceLanguagesA
0x11fa5c8 EnumResourceLanguagesW
0x11fa5d0 EnumResourceTypesA
0x11fa5d8 EnumResourceTypesW
0x11fa5e0 CreateFileW
0x11fa5e8 LoadLibraryW
0x11fa5f0 GetLastError
0x11fa5f8 FlushFileBuffers
0x11fa600 CreateFileA
0x11fa608 WriteConsoleW
0x11fa610 GetConsoleOutputCP
0x11fa618 WriteConsoleA
0x11fa620 SetStdHandle
0x11fa628 FlsSetValue
0x11fa630 GetCommandLineA
0x11fa638 RaiseException
0x11fa640 RtlPcToFileHeader
0x11fa648 RtlLookupFunctionEntry
0x11fa650 RtlUnwindEx
0x11fa658 HeapFree
0x11fa660 GetCPInfo
0x11fa668 GetACP
0x11fa670 GetOEMCP
0x11fa678 IsValidCodePage
0x11fa680 EncodePointer
0x11fa688 DecodePointer
0x11fa690 FlsGetValue
0x11fa698 FlsFree
0x11fa6a0 SetLastError
0x11fa6a8 FlsAlloc
0x11fa6b0 UnhandledExceptionFilter
0x11fa6b8 SetUnhandledExceptionFilter
0x11fa6c0 IsDebuggerPresent
0x11fa6c8 RtlVirtualUnwind
0x11fa6d0 RtlCaptureContext
0x11fa6d8 HeapAlloc
0x11fa6e0 LCMapStringA
0x11fa6e8 LCMapStringW
0x11fa6f0 SetHandleCount
0x11fa6f8 GetStdHandle
0x11fa700 GetFileType
0x11fa708 GetStartupInfoA
0x11fa710 GetModuleFileNameA
0x11fa718 FreeEnvironmentStringsA
0x11fa720 GetEnvironmentStrings
0x11fa728 FreeEnvironmentStringsW
0x11fa730 GetEnvironmentStringsW
0x11fa738 HeapSetInformation
0x11fa740 HeapCreate
0x11fa748 HeapDestroy
0x11fa750 QueryPerformanceCounter
0x11fa758 GetStringTypeA
0x11fa760 GetStringTypeW
0x11fa768 GetLocaleInfoA
0x11fa770 HeapSize
0x11fa778 WriteFile
0x11fa780 SetFilePointer
0x11fa788 GetConsoleCP
0x11fa790 GetConsoleMode
0x11fa798 HeapReAlloc
0x11fa7a0 InitializeCriticalSectionAndSpinCount
user32.dll
0x11fa7b0 GetUserObjectInformationW
0x11fa7b8 CharUpperBuffW
0x11fa7c0 MessageBoxW
0x11fa7c8 GetProcessWindowStation
kernel32.dll
0x11fa7d8 LocalAlloc
0x11fa7e0 GetModuleFileNameW
0x11fa7e8 LocalFree
0x11fa7f0 GetProcessAffinityMask
0x11fa7f8 SetProcessAffinityMask
0x11fa800 SetThreadAffinityMask
0x11fa808 Sleep
0x11fa810 ExitProcess
0x11fa818 FreeLibrary
0x11fa820 LoadLibraryA
0x11fa828 GetModuleHandleA
0x11fa830 GetProcAddress
user32.dll
0x11fa840 GetProcessWindowStation
0x11fa848 GetUserObjectInformationW
EAT(Export Address Table) Library
0x9f53c0 Fi0KUsFNBsfDy53hFM5ulsq62
0x49e670 TMethodImplementationIntercept
0x41cef0 __dbk_fcall_wrapper
0xaa1298 dbkFCallWrapperAddr
winmm.dll
0x11f9000 PlaySoundW
wininet.dll
0x11f9010 InternetCloseHandle
0x11f9018 InternetReadFile
0x11f9020 InternetOpenW
0x11f9028 InternetOpenUrlW
winspool.drv
0x11f9038 DocumentPropertiesW
0x11f9040 ClosePrinter
0x11f9048 OpenPrinterW
0x11f9050 GetDefaultPrinterW
0x11f9058 EnumPrintersW
comctl32.dll
0x11f9068 ImageList_GetImageInfo
0x11f9070 FlatSB_SetScrollInfo
0x11f9078 InitCommonControls
0x11f9080 ImageList_DragMove
0x11f9088 ImageList_Destroy
0x11f9090 _TrackMouseEvent
0x11f9098 ImageList_DragShowNolock
0x11f90a0 ImageList_Add
0x11f90a8 FlatSB_SetScrollProp
0x11f90b0 ImageList_GetDragImage
0x11f90b8 ImageList_Create
0x11f90c0 ImageList_EndDrag
0x11f90c8 ImageList_DrawEx
0x11f90d0 ImageList_SetImageCount
0x11f90d8 FlatSB_GetScrollPos
0x11f90e0 FlatSB_SetScrollPos
0x11f90e8 InitializeFlatSB
0x11f90f0 ImageList_Copy
0x11f90f8 FlatSB_GetScrollInfo
0x11f9100 ImageList_Write
0x11f9108 ImageList_SetBkColor
0x11f9110 ImageList_GetBkColor
0x11f9118 ImageList_BeginDrag
0x11f9120 ImageList_GetIcon
0x11f9128 ImageList_Replace
0x11f9130 ImageList_GetImageCount
0x11f9138 ImageList_DragEnter
0x11f9140 ImageList_GetIconSize
0x11f9148 ImageList_SetIconSize
0x11f9150 ImageList_Read
0x11f9158 ImageList_DragLeave
0x11f9160 ImageList_LoadImageW
0x11f9168 ImageList_Draw
0x11f9170 ImageList_Remove
0x11f9178 ImageList_ReplaceIcon
0x11f9180 ImageList_SetOverlayImage
shell32.dll
0x11f9190 SHGetSpecialFolderLocation
0x11f9198 Shell_NotifyIconW
0x11f91a0 ShellExecuteW
0x11f91a8 SHGetPathFromIDListW
user32.dll
0x11f91b8 DdeSetUserHandle
0x11f91c0 CopyImage
0x11f91c8 SetMenuItemInfoW
0x11f91d0 GetMenuItemInfoW
0x11f91d8 DefFrameProcW
0x11f91e0 GetDlgCtrlID
0x11f91e8 FrameRect
0x11f91f0 RegisterWindowMessageW
0x11f91f8 GetMenuStringW
0x11f9200 FillRect
0x11f9208 DdeCmpStringHandles
0x11f9210 SendMessageA
0x11f9218 IsClipboardFormatAvailable
0x11f9220 EnumWindows
0x11f9228 ShowOwnedPopups
0x11f9230 GetClassInfoW
0x11f9238 GetScrollRange
0x11f9240 SetActiveWindow
0x11f9248 GetActiveWindow
0x11f9250 DrawEdge
0x11f9258 GetKeyboardLayoutList
0x11f9260 LoadBitmapW
0x11f9268 EnumChildWindows
0x11f9270 GetScrollBarInfo
0x11f9278 UnhookWindowsHookEx
0x11f9280 SetCapture
0x11f9288 GetCapture
0x11f9290 ShowCaret
0x11f9298 CreatePopupMenu
0x11f92a0 GetMenuItemID
0x11f92a8 CharLowerBuffW
0x11f92b0 PostMessageW
0x11f92b8 IsZoomed
0x11f92c0 SetParent
0x11f92c8 DrawMenuBar
0x11f92d0 SetSystemCursor
0x11f92d8 GetClientRect
0x11f92e0 IsChild
0x11f92e8 IsIconic
0x11f92f0 CallNextHookEx
0x11f92f8 DdeDisconnect
0x11f9300 ShowWindow
0x11f9308 GetWindowTextW
0x11f9310 SetForegroundWindow
0x11f9318 GetAsyncKeyState
0x11f9320 IsDialogMessageW
0x11f9328 DestroyWindow
0x11f9330 RegisterClassW
0x11f9338 EndMenu
0x11f9340 CharNextW
0x11f9348 GetFocus
0x11f9350 GetDC
0x11f9358 SetFocus
0x11f9360 ReleaseDC
0x11f9368 mouse_event
0x11f9370 ExitWindowsEx
0x11f9378 SetScrollRange
0x11f9380 DrawTextW
0x11f9388 PeekMessageA
0x11f9390 MessageBeep
0x11f9398 RemovePropW
0x11f93a0 GetSubMenu
0x11f93a8 DestroyIcon
0x11f93b0 IsWindowVisible
0x11f93b8 DispatchMessageA
0x11f93c0 UnregisterClassW
0x11f93c8 GetTopWindow
0x11f93d0 SendMessageW
0x11f93d8 GetMessageTime
0x11f93e0 GetWindowLongPtrW
0x11f93e8 SetWindowLongPtrW
0x11f93f0 DdeNameService
0x11f93f8 DdeAccessData
0x11f9400 LoadStringW
0x11f9408 CreateMenu
0x11f9410 CharLowerW
0x11f9418 SetWindowRgn
0x11f9420 SetWindowPos
0x11f9428 GetMenuItemCount
0x11f9430 GetSysColorBrush
0x11f9438 GetWindowDC
0x11f9440 DdeQueryConvInfo
0x11f9448 DrawTextExW
0x11f9450 EnumClipboardFormats
0x11f9458 GetScrollInfo
0x11f9460 SetWindowTextW
0x11f9468 GetMessageExtraInfo
0x11f9470 GetSysColor
0x11f9478 EnableScrollBar
0x11f9480 TrackPopupMenu
0x11f9488 DrawIconEx
0x11f9490 DdePostAdvise
0x11f9498 GetClassNameW
0x11f94a0 DdeCreateDataHandle
0x11f94a8 GetMessagePos
0x11f94b0 GetIconInfo
0x11f94b8 SetScrollInfo
0x11f94c0 GetKeyNameTextW
0x11f94c8 GetDesktopWindow
0x11f94d0 SetCursorPos
0x11f94d8 GetCursorPos
0x11f94e0 SetMenu
0x11f94e8 GetMenuState
0x11f94f0 GetMenu
0x11f94f8 SetRect
0x11f9500 GetKeyState
0x11f9508 GetCursor
0x11f9510 KillTimer
0x11f9518 WaitMessage
0x11f9520 TranslateMDISysAccel
0x11f9528 GetWindowPlacement
0x11f9530 CreateWindowExW
0x11f9538 GetMessageW
0x11f9540 GetDCEx
0x11f9548 PeekMessageW
0x11f9550 MonitorFromWindow
0x11f9558 SetTimer
0x11f9560 WindowFromPoint
0x11f9568 BeginPaint
0x11f9570 RegisterClipboardFormatW
0x11f9578 DdeUnaccessData
0x11f9580 MapVirtualKeyW
0x11f9588 IsWindowUnicode
0x11f9590 DispatchMessageW
0x11f9598 CreateAcceleratorTableW
0x11f95a0 DefMDIChildProcW
0x11f95a8 GetSystemMenu
0x11f95b0 SetScrollPos
0x11f95b8 GetScrollPos
0x11f95c0 DdeClientTransaction
0x11f95c8 DrawFocusRect
0x11f95d0 SendInput
0x11f95d8 ReleaseCapture
0x11f95e0 LoadCursorW
0x11f95e8 DdeConnect
0x11f95f0 ScrollWindow
0x11f95f8 GetLastActivePopup
0x11f9600 DdeUninitialize
0x11f9608 GetSystemMetrics
0x11f9610 CharUpperBuffW
0x11f9618 SetClassLongPtrW
0x11f9620 GetClassLongPtrW
0x11f9628 SetClipboardData
0x11f9630 GetClipboardData
0x11f9638 ClientToScreen
0x11f9640 SetWindowPlacement
0x11f9648 DdeFreeStringHandle
0x11f9650 GetMonitorInfoW
0x11f9658 CheckMenuItem
0x11f9660 CharUpperW
0x11f9668 DefWindowProcW
0x11f9670 GetForegroundWindow
0x11f9678 EnableWindow
0x11f9680 GetWindowThreadProcessId
0x11f9688 RedrawWindow
0x11f9690 EndPaint
0x11f9698 MsgWaitForMultipleObjectsEx
0x11f96a0 LoadKeyboardLayoutW
0x11f96a8 ActivateKeyboardLayout
0x11f96b0 GetParent
0x11f96b8 MonitorFromRect
0x11f96c0 InsertMenuItemW
0x11f96c8 DdeQueryStringA
0x11f96d0 GetPropW
0x11f96d8 MessageBoxW
0x11f96e0 SetPropW
0x11f96e8 UpdateWindow
0x11f96f0 MsgWaitForMultipleObjects
0x11f96f8 VkKeyScanW
0x11f9700 DestroyMenu
0x11f9708 SetWindowsHookExW
0x11f9710 EmptyClipboard
0x11f9718 AdjustWindowRectEx
0x11f9720 IsWindow
0x11f9728 DrawIcon
0x11f9730 EnumThreadWindows
0x11f9738 InvalidateRect
0x11f9740 GetKeyboardState
0x11f9748 ScreenToClient
0x11f9750 DrawFrameControl
0x11f9758 DdeFreeDataHandle
0x11f9760 SetCursor
0x11f9768 CreateIcon
0x11f9770 DdeInitializeA
0x11f9778 RemoveMenu
0x11f9780 DdeCreateStringHandleA
0x11f9788 GetKeyboardLayoutNameW
0x11f9790 OpenClipboard
0x11f9798 TranslateMessage
0x11f97a0 MapWindowPoints
0x11f97a8 EnumDisplayMonitors
0x11f97b0 CountClipboardFormats
0x11f97b8 CallWindowProcW
0x11f97c0 CloseClipboard
0x11f97c8 DestroyCursor
0x11f97d0 PostMessageA
0x11f97d8 CopyIcon
0x11f97e0 PostQuitMessage
0x11f97e8 DdeGetLastError
0x11f97f0 ShowScrollBar
0x11f97f8 EnableMenuItem
0x11f9800 HideCaret
0x11f9808 FindWindowExW
0x11f9810 MonitorFromPoint
0x11f9818 LoadIconW
0x11f9820 SystemParametersInfoW
0x11f9828 GetWindow
0x11f9830 GetWindowRect
0x11f9838 InsertMenuW
0x11f9840 PostThreadMessageW
0x11f9848 IsWindowEnabled
0x11f9850 IsDialogMessageA
0x11f9858 FindWindowW
0x11f9860 GetKeyboardLayout
0x11f9868 DeleteMenu
version.dll
0x11f9878 GetFileVersionInfoSizeW
0x11f9880 VerQueryValueW
0x11f9888 GetFileVersionInfoW
oleaut32.dll
0x11f9898 GetErrorInfo
0x11f98a0 SysFreeString
0x11f98a8 VariantClear
0x11f98b0 VariantInit
0x11f98b8 SysReAllocStringLen
0x11f98c0 SafeArrayCreate
0x11f98c8 SafeArrayGetElement
0x11f98d0 GetActiveObject
0x11f98d8 SysAllocStringLen
0x11f98e0 SafeArrayPtrOfIndex
0x11f98e8 SafeArrayGetUBound
0x11f98f0 SafeArrayGetLBound
0x11f98f8 VariantCopy
0x11f9900 VariantChangeType
advapi32.dll
0x11f9910 RegSetValueExW
0x11f9918 RegConnectRegistryW
0x11f9920 GetUserNameW
0x11f9928 RegQueryInfoKeyW
0x11f9930 RegUnLoadKeyW
0x11f9938 IsValidAcl
0x11f9940 RegSaveKeyW
0x11f9948 RegReplaceKeyW
0x11f9950 RegCreateKeyExW
0x11f9958 InitializeAcl
0x11f9960 RegLoadKeyW
0x11f9968 RegEnumKeyExW
0x11f9970 AdjustTokenPrivileges
0x11f9978 RegDeleteKeyW
0x11f9980 SetSecurityInfo
0x11f9988 LookupPrivilegeValueW
0x11f9990 RegOpenKeyExW
0x11f9998 OpenProcessToken
0x11f99a0 RegDeleteValueW
0x11f99a8 RegFlushKey
0x11f99b0 RegEnumValueW
0x11f99b8 RegQueryValueExW
0x11f99c0 RegCloseKey
0x11f99c8 RegRestoreKeyW
netapi32.dll
0x11f99d8 NetWkstaGetInfo
0x11f99e0 NetApiBufferFree
msvcrt.dll
0x11f99f0 memcpy
0x11f99f8 memset
winhttp.dll
0x11f9a08 WinHttpGetIEProxyConfigForCurrentUser
0x11f9a10 WinHttpSetTimeouts
0x11f9a18 WinHttpSetStatusCallback
0x11f9a20 WinHttpConnect
0x11f9a28 WinHttpReceiveResponse
0x11f9a30 WinHttpQueryAuthSchemes
0x11f9a38 WinHttpGetProxyForUrl
0x11f9a40 WinHttpReadData
0x11f9a48 WinHttpCloseHandle
0x11f9a50 WinHttpQueryHeaders
0x11f9a58 WinHttpOpenRequest
0x11f9a60 WinHttpAddRequestHeaders
0x11f9a68 WinHttpOpen
0x11f9a70 WinHttpWriteData
0x11f9a78 WinHttpSetCredentials
0x11f9a80 WinHttpQueryDataAvailable
0x11f9a88 WinHttpSetOption
0x11f9a90 WinHttpSendRequest
0x11f9a98 WinHttpQueryOption
kernel32.dll
0x11f9aa8 SetFileAttributesW
0x11f9ab0 GetFileType
0x11f9ab8 SetFileTime
0x11f9ac0 RtlUnwindEx
0x11f9ac8 QueryDosDeviceW
0x11f9ad0 GetACP
0x11f9ad8 CloseHandle
0x11f9ae0 LocalFree
0x11f9ae8 GetCurrentProcessId
0x11f9af0 SizeofResource
0x11f9af8 VirtualProtect
0x11f9b00 TlsAlloc
0x11f9b08 TerminateThread
0x11f9b10 QueryPerformanceFrequency
0x11f9b18 SetProcessWorkingSetSize
0x11f9b20 IsDebuggerPresent
0x11f9b28 FindNextFileW
0x11f9b30 GetFullPathNameW
0x11f9b38 VirtualFree
0x11f9b40 HeapAlloc
0x11f9b48 ExitProcess
0x11f9b50 GetCPInfoExW
0x11f9b58 GlobalSize
0x11f9b60 RtlUnwind
0x11f9b68 GetCPInfo
0x11f9b70 EnumSystemLocalesW
0x11f9b78 GetStdHandle
0x11f9b80 GetTimeZoneInformation
0x11f9b88 FileTimeToLocalFileTime
0x11f9b90 SystemTimeToTzSpecificLocalTime
0x11f9b98 GetModuleHandleW
0x11f9ba0 FreeLibrary
0x11f9ba8 TryEnterCriticalSection
0x11f9bb0 HeapDestroy
0x11f9bb8 FileTimeToDosDateTime
0x11f9bc0 ReadFile
0x11f9bc8 GetUserDefaultLCID
0x11f9bd0 CreateProcessW
0x11f9bd8 HeapSize
0x11f9be0 GetLastError
0x11f9be8 GetModuleFileNameW
0x11f9bf0 SetLastError
0x11f9bf8 GlobalAlloc
0x11f9c00 GlobalUnlock
0x11f9c08 FindResourceW
0x11f9c10 CreateThread
0x11f9c18 CompareStringW
0x11f9c20 CopyFileW
0x11f9c28 MapViewOfFile
0x11f9c30 CreateMutexW
0x11f9c38 LoadLibraryA
0x11f9c40 GetVolumeInformationW
0x11f9c48 ResetEvent
0x11f9c50 MulDiv
0x11f9c58 FreeResource
0x11f9c60 GetDriveTypeW
0x11f9c68 GetVersion
0x11f9c70 RaiseException
0x11f9c78 GlobalAddAtomW
0x11f9c80 FormatMessageW
0x11f9c88 OpenProcess
0x11f9c90 SwitchToThread
0x11f9c98 GetExitCodeThread
0x11f9ca0 OutputDebugStringW
0x11f9ca8 GetCurrentThread
0x11f9cb0 GetLogicalDrives
0x11f9cb8 GetFileAttributesExW
0x11f9cc0 LoadLibraryExW
0x11f9cc8 TerminateProcess
0x11f9cd0 LockResource
0x11f9cd8 FileTimeToSystemTime
0x11f9ce0 GetCurrentThreadId
0x11f9ce8 UnhandledExceptionFilter
0x11f9cf0 GlobalFindAtomW
0x11f9cf8 VirtualQuery
0x11f9d00 GlobalFree
0x11f9d08 VirtualQueryEx
0x11f9d10 Sleep
0x11f9d18 EnterCriticalSection
0x11f9d20 SetFilePointer
0x11f9d28 LoadResource
0x11f9d30 SuspendThread
0x11f9d38 GetTickCount
0x11f9d40 GetFileSize
0x11f9d48 GlobalDeleteAtom
0x11f9d50 GetStartupInfoW
0x11f9d58 GetFileAttributesW
0x11f9d60 InitializeCriticalSection
0x11f9d68 GetThreadPriority
0x11f9d70 GetCurrentProcess
0x11f9d78 GlobalLock
0x11f9d80 SetThreadPriority
0x11f9d88 VirtualAlloc
0x11f9d90 GetTempPathW
0x11f9d98 GetCommandLineW
0x11f9da0 GetSystemInfo
0x11f9da8 LeaveCriticalSection
0x11f9db0 GetProcAddress
0x11f9db8 ResumeThread
0x11f9dc0 GetLogicalDriveStringsW
0x11f9dc8 WinExec
0x11f9dd0 GetVersionExW
0x11f9dd8 VerifyVersionInfoW
0x11f9de0 HeapCreate
0x11f9de8 LCMapStringW
0x11f9df0 GetDiskFreeSpaceW
0x11f9df8 VerSetConditionMask
0x11f9e00 FindFirstFileW
0x11f9e08 GetUserDefaultUILanguage
0x11f9e10 TlsFree
0x11f9e18 GetConsoleOutputCP
0x11f9e20 UnmapViewOfFile
0x11f9e28 GetConsoleCP
0x11f9e30 lstrlenW
0x11f9e38 SetEndOfFile
0x11f9e40 QueryPerformanceCounter
0x11f9e48 HeapFree
0x11f9e50 WideCharToMultiByte
0x11f9e58 FindClose
0x11f9e60 MultiByteToWideChar
0x11f9e68 LoadLibraryW
0x11f9e70 SetEvent
0x11f9e78 GetLocaleInfoW
0x11f9e80 CreateFileW
0x11f9e88 SystemTimeToFileTime
0x11f9e90 EnumResourceNamesW
0x11f9e98 DeleteFileW
0x11f9ea0 IsDBCSLeadByteEx
0x11f9ea8 GetEnvironmentVariableW
0x11f9eb0 GetLocalTime
0x11f9eb8 WaitForSingleObject
0x11f9ec0 WriteFile
0x11f9ec8 CreateFileMappingW
0x11f9ed0 ExitThread
0x11f9ed8 DeleteCriticalSection
0x11f9ee0 GetDateFormatW
0x11f9ee8 TlsGetValue
0x11f9ef0 SetErrorMode
0x11f9ef8 GetComputerNameW
0x11f9f00 TzSpecificLocalTimeToSystemTime
0x11f9f08 IsValidLocale
0x11f9f10 TlsSetValue
0x11f9f18 CreateDirectoryW
0x11f9f20 GetSystemDefaultUILanguage
0x11f9f28 EnumCalendarInfoW
0x11f9f30 LocalAlloc
0x11f9f38 RemoveDirectoryW
0x11f9f40 CreateEventW
0x11f9f48 WaitForMultipleObjectsEx
0x11f9f50 GetThreadLocale
0x11f9f58 SetThreadLocale
wsock32.dll
0x11f9f68 gethostbyaddr
0x11f9f70 WSACleanup
0x11f9f78 gethostbyname
0x11f9f80 ind
0x11f9f88 gethostname
0x11f9f90 closesocket
0x11f9f98 WSAGetLastError
0x11f9fa0 connect
0x11f9fa8 inet_addr
0x11f9fb0 getpeername
0x11f9fb8 WSAAsyncSelect
0x11f9fc0 WSAAsyncGetServByName
0x11f9fc8 WSACancelAsyncRequest
0x11f9fd0 send
0x11f9fd8 ntohs
0x11f9fe0 htons
0x11f9fe8 WSAStartup
0x11f9ff0 getservbyname
0x11f9ff8 getsockname
0x11fa000 listen
0x11fa008 socket
0x11fa010 recv
0x11fa018 inet_ntoa
0x11fa020 ioctlsocket
0x11fa028 WSAAsyncGetHostByName
ole32.dll
0x11fa038 OleRegEnumVerbs
0x11fa040 IsAccelerator
0x11fa048 CreateBindCtx
0x11fa050 MkParseDisplayName
0x11fa058 CoCreateInstance
0x11fa060 CoUninitialize
0x11fa068 IsEqualGUID
0x11fa070 ProgIDFromCLSID
0x11fa078 CreateStreamOnHGlobal
0x11fa080 OleInitialize
0x11fa088 CLSIDFromProgID
0x11fa090 OleUninitialize
0x11fa098 CoGetClassObject
0x11fa0a0 CoInitialize
0x11fa0a8 CoTaskMemFree
0x11fa0b0 OleDraw
0x11fa0b8 CoTaskMemAlloc
0x11fa0c0 StringFromCLSID
0x11fa0c8 OleSetMenuDescriptor
gdi32.dll
0x11fa0d8 Pie
0x11fa0e0 SetBkMode
0x11fa0e8 CreateCompatibleBitmap
0x11fa0f0 GetEnhMetaFileHeader
0x11fa0f8 CloseEnhMetaFile
0x11fa100 RectVisible
0x11fa108 AngleArc
0x11fa110 ResizePalette
0x11fa118 SetAbortProc
0x11fa120 SetTextColor
0x11fa128 StretchBlt
0x11fa130 RoundRect
0x11fa138 RestoreDC
0x11fa140 SetRectRgn
0x11fa148 GetTextMetricsW
0x11fa150 GetWindowOrgEx
0x11fa158 CreatePalette
0x11fa160 PolyBezierTo
0x11fa168 CreateICW
0x11fa170 CreateDCW
0x11fa178 GetStockObject
0x11fa180 CreateSolidBrush
0x11fa188 Polygon
0x11fa190 MoveToEx
0x11fa198 PlayEnhMetaFile
0x11fa1a0 Ellipse
0x11fa1a8 StartPage
0x11fa1b0 GetBitmapBits
0x11fa1b8 StartDocW
0x11fa1c0 AbortDoc
0x11fa1c8 GetSystemPaletteEntries
0x11fa1d0 GetEnhMetaFileBits
0x11fa1d8 GetEnhMetaFilePaletteEntries
0x11fa1e0 CreatePenIndirect
0x11fa1e8 SetMapMode
0x11fa1f0 CreateFontIndirectW
0x11fa1f8 PolyBezier
0x11fa200 LPtoDP
0x11fa208 EndDoc
0x11fa210 GetObjectW
0x11fa218 GetWinMetaFileBits
0x11fa220 SetROP2
0x11fa228 GetEnhMetaFileDescriptionW
0x11fa230 ArcTo
0x11fa238 CreateEnhMetaFileW
0x11fa240 Arc
0x11fa248 SelectPalette
0x11fa250 ExcludeClipRect
0x11fa258 MaskBlt
0x11fa260 SetWindowOrgEx
0x11fa268 EndPage
0x11fa270 DeleteEnhMetaFile
0x11fa278 Chord
0x11fa280 SetDIBits
0x11fa288 SetViewportOrgEx
0x11fa290 CreateRectRgn
0x11fa298 RealizePalette
0x11fa2a0 SetDIBColorTable
0x11fa2a8 GetDIBColorTable
0x11fa2b0 CreateBrushIndirect
0x11fa2b8 PatBlt
0x11fa2c0 SetEnhMetaFileBits
0x11fa2c8 CreateEllipticRgn
0x11fa2d0 Rectangle
0x11fa2d8 SaveDC
0x11fa2e0 DeleteDC
0x11fa2e8 BitBlt
0x11fa2f0 FrameRgn
0x11fa2f8 GetDeviceCaps
0x11fa300 GetTextExtentPoint32W
0x11fa308 GetClipBox
0x11fa310 IntersectClipRect
0x11fa318 Polyline
0x11fa320 CreateBitmap
0x11fa328 CombineRgn
0x11fa330 SetWinMetaFileBits
0x11fa338 GetStretchBltMode
0x11fa340 CreateDIBitmap
0x11fa348 SetStretchBltMode
0x11fa350 GetDIBits
0x11fa358 CreateDIBSection
0x11fa360 LineTo
0x11fa368 GetRgnBox
0x11fa370 EnumFontsW
0x11fa378 CreateHalftonePalette
0x11fa380 SelectObject
0x11fa388 DeleteObject
0x11fa390 ExtFloodFill
0x11fa398 UnrealizeObject
0x11fa3a0 CopyEnhMetaFileW
0x11fa3a8 SetBkColor
0x11fa3b0 CreateCompatibleDC
0x11fa3b8 GetBrushOrgEx
0x11fa3c0 GetCurrentPositionEx
0x11fa3c8 GetNearestPaletteIndex
0x11fa3d0 GetTextExtentPointW
0x11fa3d8 ExtTextOutW
0x11fa3e0 SetBrushOrgEx
0x11fa3e8 GetPixel
0x11fa3f0 GdiFlush
0x11fa3f8 SetPixel
0x11fa400 EnumFontFamiliesExW
0x11fa408 StretchDIBits
0x11fa410 GetPaletteEntries
WTSAPI32.dll
0x11fa420 WTSSendMessageW
kernel32.dll
0x11fa430 GetSystemTimeAsFileTime
0x11fa438 GetModuleHandleA
0x11fa440 CreateEventA
0x11fa448 GetModuleFileNameW
0x11fa450 LoadLibraryA
0x11fa458 TerminateProcess
0x11fa460 GetCurrentProcess
0x11fa468 CreateToolhelp32Snapshot
0x11fa470 Thread32First
0x11fa478 GetCurrentProcessId
0x11fa480 GetCurrentThreadId
0x11fa488 OpenThread
0x11fa490 Thread32Next
0x11fa498 CloseHandle
0x11fa4a0 SuspendThread
0x11fa4a8 ResumeThread
0x11fa4b0 WriteProcessMemory
0x11fa4b8 GetSystemInfo
0x11fa4c0 VirtualAlloc
0x11fa4c8 VirtualProtect
0x11fa4d0 VirtualFree
0x11fa4d8 GetProcessAffinityMask
0x11fa4e0 SetProcessAffinityMask
0x11fa4e8 GetCurrentThread
0x11fa4f0 SetThreadAffinityMask
0x11fa4f8 Sleep
0x11fa500 FreeLibrary
0x11fa508 GetTickCount
0x11fa510 SystemTimeToFileTime
0x11fa518 FileTimeToSystemTime
0x11fa520 GlobalFree
0x11fa528 LocalAlloc
0x11fa530 LocalFree
0x11fa538 GetProcAddress
0x11fa540 ExitProcess
0x11fa548 EnterCriticalSection
0x11fa550 LeaveCriticalSection
0x11fa558 InitializeCriticalSection
0x11fa560 DeleteCriticalSection
0x11fa568 GetModuleHandleW
0x11fa570 LoadResource
0x11fa578 MultiByteToWideChar
0x11fa580 FindResourceExW
0x11fa588 FindResourceExA
0x11fa590 WideCharToMultiByte
0x11fa598 GetThreadLocale
0x11fa5a0 GetUserDefaultLCID
0x11fa5a8 GetSystemDefaultLCID
0x11fa5b0 EnumResourceNamesA
0x11fa5b8 EnumResourceNamesW
0x11fa5c0 EnumResourceLanguagesA
0x11fa5c8 EnumResourceLanguagesW
0x11fa5d0 EnumResourceTypesA
0x11fa5d8 EnumResourceTypesW
0x11fa5e0 CreateFileW
0x11fa5e8 LoadLibraryW
0x11fa5f0 GetLastError
0x11fa5f8 FlushFileBuffers
0x11fa600 CreateFileA
0x11fa608 WriteConsoleW
0x11fa610 GetConsoleOutputCP
0x11fa618 WriteConsoleA
0x11fa620 SetStdHandle
0x11fa628 FlsSetValue
0x11fa630 GetCommandLineA
0x11fa638 RaiseException
0x11fa640 RtlPcToFileHeader
0x11fa648 RtlLookupFunctionEntry
0x11fa650 RtlUnwindEx
0x11fa658 HeapFree
0x11fa660 GetCPInfo
0x11fa668 GetACP
0x11fa670 GetOEMCP
0x11fa678 IsValidCodePage
0x11fa680 EncodePointer
0x11fa688 DecodePointer
0x11fa690 FlsGetValue
0x11fa698 FlsFree
0x11fa6a0 SetLastError
0x11fa6a8 FlsAlloc
0x11fa6b0 UnhandledExceptionFilter
0x11fa6b8 SetUnhandledExceptionFilter
0x11fa6c0 IsDebuggerPresent
0x11fa6c8 RtlVirtualUnwind
0x11fa6d0 RtlCaptureContext
0x11fa6d8 HeapAlloc
0x11fa6e0 LCMapStringA
0x11fa6e8 LCMapStringW
0x11fa6f0 SetHandleCount
0x11fa6f8 GetStdHandle
0x11fa700 GetFileType
0x11fa708 GetStartupInfoA
0x11fa710 GetModuleFileNameA
0x11fa718 FreeEnvironmentStringsA
0x11fa720 GetEnvironmentStrings
0x11fa728 FreeEnvironmentStringsW
0x11fa730 GetEnvironmentStringsW
0x11fa738 HeapSetInformation
0x11fa740 HeapCreate
0x11fa748 HeapDestroy
0x11fa750 QueryPerformanceCounter
0x11fa758 GetStringTypeA
0x11fa760 GetStringTypeW
0x11fa768 GetLocaleInfoA
0x11fa770 HeapSize
0x11fa778 WriteFile
0x11fa780 SetFilePointer
0x11fa788 GetConsoleCP
0x11fa790 GetConsoleMode
0x11fa798 HeapReAlloc
0x11fa7a0 InitializeCriticalSectionAndSpinCount
user32.dll
0x11fa7b0 GetUserObjectInformationW
0x11fa7b8 CharUpperBuffW
0x11fa7c0 MessageBoxW
0x11fa7c8 GetProcessWindowStation
kernel32.dll
0x11fa7d8 LocalAlloc
0x11fa7e0 GetModuleFileNameW
0x11fa7e8 LocalFree
0x11fa7f0 GetProcessAffinityMask
0x11fa7f8 SetProcessAffinityMask
0x11fa800 SetThreadAffinityMask
0x11fa808 Sleep
0x11fa810 ExitProcess
0x11fa818 FreeLibrary
0x11fa820 LoadLibraryA
0x11fa828 GetModuleHandleA
0x11fa830 GetProcAddress
user32.dll
0x11fa840 GetProcessWindowStation
0x11fa848 GetUserObjectInformationW
EAT(Export Address Table) Library
0x9f53c0 Fi0KUsFNBsfDy53hFM5ulsq62
0x49e670 TMethodImplementationIntercept
0x41cef0 __dbk_fcall_wrapper
0xaa1298 dbkFCallWrapperAddr