ScreenShot
| Created | 2021.05.14 08:00 | Machine | s1_win7_x6402 |
| Filename | wp-netmon.dll | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 4 detected (malicious, confidence, 100%, Trickpak) | ||
| md5 | 0248aa78d8a4d231273d6589edb0a423 | ||
| sha256 | a8f0fe4419ee163d9230feca6a00693c5f61948159fe869ead51ec3398b7038d | ||
| ssdeep | 12288:Ap+1JQPldlr23jbH14nECojODgkT+4dk5OYh/u:91JQPflrOh4nEf5b4dGO1 | ||
| imphash | 8e582c210faeed0d4f7cfa9f24588236 | ||
| impfuzzy | 192:NMkYoJNFyT7pmYLM0kZ3gUSVsTcRctc7Ak:NIuyT7HL1kjEAC | ||
Network IP location
Signature (13cnts)
| Level | Description |
|---|---|
| danger | Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) |
| watch | Communicates with host for which no DNS query was performed |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | File has been identified by 4 AntiVirus engines on VirusTotal as malicious |
| notice | One or more potentially interesting buffers were extracted |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The executable uses a known packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
ET CNC Feodo Tracker Reported CnC Server group 5
ET INFO TLS Handshake Failure
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET CNC Feodo Tracker Reported CnC Server group 8
ET INFO TLS Handshake Failure
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET CNC Feodo Tracker Reported CnC Server group 8
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1002f818 GetShortPathNameA
0x1002f81c GetFileAttributesA
0x1002f820 GetFileSize
0x1002f824 GetFileTime
0x1002f828 LocalFileTimeToFileTime
0x1002f82c SystemTimeToFileTime
0x1002f830 SetFileTime
0x1002f834 SetFileAttributesA
0x1002f838 FileTimeToSystemTime
0x1002f83c FileTimeToLocalFileTime
0x1002f840 RtlUnwind
0x1002f844 HeapAlloc
0x1002f848 GetCommandLineA
0x1002f84c RaiseException
0x1002f850 HeapFree
0x1002f854 ExitProcess
0x1002f858 TerminateProcess
0x1002f85c CreateThread
0x1002f860 ExitThread
0x1002f864 HeapSize
0x1002f868 HeapReAlloc
0x1002f86c GetACP
0x1002f870 GetTimeZoneInformation
0x1002f874 GetSystemTime
0x1002f878 GetLocalTime
0x1002f87c FatalAppExitA
0x1002f880 LCMapStringA
0x1002f884 LCMapStringW
0x1002f888 HeapDestroy
0x1002f88c HeapCreate
0x1002f890 GetThreadLocale
0x1002f894 VirtualAlloc
0x1002f898 IsBadWritePtr
0x1002f89c SetHandleCount
0x1002f8a0 GetStdHandle
0x1002f8a4 GetFileType
0x1002f8a8 GetStartupInfoA
0x1002f8ac FreeEnvironmentStringsA
0x1002f8b0 FreeEnvironmentStringsW
0x1002f8b4 GetEnvironmentStrings
0x1002f8b8 GetEnvironmentStringsW
0x1002f8bc SetUnhandledExceptionFilter
0x1002f8c0 GetStringTypeA
0x1002f8c4 GetStringTypeW
0x1002f8c8 UnhandledExceptionFilter
0x1002f8cc Sleep
0x1002f8d0 IsBadReadPtr
0x1002f8d4 IsBadCodePtr
0x1002f8d8 IsValidLocale
0x1002f8dc IsValidCodePage
0x1002f8e0 GetLocaleInfoA
0x1002f8e4 EnumSystemLocalesA
0x1002f8e8 GetUserDefaultLCID
0x1002f8ec GetVersionExA
0x1002f8f0 SetConsoleCtrlHandler
0x1002f8f4 SetStdHandle
0x1002f8f8 CompareStringA
0x1002f8fc CompareStringW
0x1002f900 SetEnvironmentVariableA
0x1002f904 GetLocaleInfoW
0x1002f908 GetStringTypeExA
0x1002f90c GetFullPathNameA
0x1002f910 GetVolumeInformationA
0x1002f914 FindFirstFileA
0x1002f918 FindClose
0x1002f91c DeleteFileA
0x1002f920 MoveFileA
0x1002f924 SetEndOfFile
0x1002f928 UnlockFile
0x1002f92c LockFile
0x1002f930 FlushFileBuffers
0x1002f934 SetFilePointer
0x1002f938 WriteFile
0x1002f93c ReadFile
0x1002f940 CreateFileA
0x1002f944 GetCurrentProcess
0x1002f948 DuplicateHandle
0x1002f94c SetErrorMode
0x1002f950 SizeofResource
0x1002f954 GetCurrentDirectoryA
0x1002f958 WritePrivateProfileStringA
0x1002f95c GetPrivateProfileStringA
0x1002f960 GetPrivateProfileIntA
0x1002f964 GetOEMCP
0x1002f968 GetCPInfo
0x1002f96c GetProcessVersion
0x1002f970 GlobalFlags
0x1002f974 TlsGetValue
0x1002f978 LocalReAlloc
0x1002f97c TlsSetValue
0x1002f980 EnterCriticalSection
0x1002f984 GlobalReAlloc
0x1002f988 LeaveCriticalSection
0x1002f98c TlsFree
0x1002f990 GlobalHandle
0x1002f994 DeleteCriticalSection
0x1002f998 TlsAlloc
0x1002f99c InitializeCriticalSection
0x1002f9a0 LocalAlloc
0x1002f9a4 lstrcpynA
0x1002f9a8 GetLastError
0x1002f9ac MulDiv
0x1002f9b0 SetLastError
0x1002f9b4 GlobalUnlock
0x1002f9b8 GlobalFree
0x1002f9bc CreateEventA
0x1002f9c0 SuspendThread
0x1002f9c4 SetThreadPriority
0x1002f9c8 ResumeThread
0x1002f9cc SetEvent
0x1002f9d0 WaitForSingleObject
0x1002f9d4 CloseHandle
0x1002f9d8 GetModuleFileNameA
0x1002f9dc GlobalLock
0x1002f9e0 GlobalAlloc
0x1002f9e4 lstrcmpA
0x1002f9e8 GetCurrentThread
0x1002f9ec FormatMessageA
0x1002f9f0 LocalFree
0x1002f9f4 WideCharToMultiByte
0x1002f9f8 InterlockedDecrement
0x1002f9fc InterlockedIncrement
0x1002fa00 LoadLibraryA
0x1002fa04 FreeLibrary
0x1002fa08 FindResourceA
0x1002fa0c LoadResource
0x1002fa10 LockResource
0x1002fa14 GetVersion
0x1002fa18 lstrcatA
0x1002fa1c GetCurrentThreadId
0x1002fa20 GlobalGetAtomNameA
0x1002fa24 lstrcmpiA
0x1002fa28 GlobalAddAtomA
0x1002fa2c GlobalFindAtomA
0x1002fa30 GlobalDeleteAtom
0x1002fa34 lstrcpyA
0x1002fa38 GetModuleHandleA
0x1002fa3c GetProcAddress
0x1002fa40 lstrlenA
0x1002fa44 VirtualFree
0x1002fa48 MultiByteToWideChar
USER32.dll
0x1002fa70 IsDialogMessageA
0x1002fa74 SetWindowTextA
0x1002fa78 MoveWindow
0x1002fa7c ShowWindow
0x1002fa80 IsWindowEnabled
0x1002fa84 GetNextDlgTabItem
0x1002fa88 EnableMenuItem
0x1002fa8c CheckMenuItem
0x1002fa90 SetMenuItemBitmaps
0x1002fa94 ModifyMenuA
0x1002fa98 GetMenuState
0x1002fa9c LoadBitmapA
0x1002faa0 GetMenuCheckMarkDimensions
0x1002faa4 CharToOemA
0x1002faa8 OemToCharA
0x1002faac PostQuitMessage
0x1002fab0 ShowOwnedPopups
0x1002fab4 SetCursor
0x1002fab8 GetCursorPos
0x1002fabc ValidateRect
0x1002fac0 GetActiveWindow
0x1002fac4 TranslateMessage
0x1002fac8 GetMessageA
0x1002facc CreateDialogIndirectParamA
0x1002fad0 EndDialog
0x1002fad4 wvsprintfA
0x1002fad8 ClientToScreen
0x1002fadc GetDC
0x1002fae0 ReleaseDC
0x1002fae4 GetWindowDC
0x1002fae8 BeginPaint
0x1002faec EndPaint
0x1002faf0 TabbedTextOutA
0x1002faf4 DrawTextA
0x1002faf8 GrayStringA
0x1002fafc GetClassNameA
0x1002fb00 PtInRect
0x1002fb04 GetDesktopWindow
0x1002fb08 LoadCursorA
0x1002fb0c DestroyMenu
0x1002fb10 LoadStringA
0x1002fb14 SetCapture
0x1002fb18 ReleaseCapture
0x1002fb1c WaitMessage
0x1002fb20 GetWindowThreadProcessId
0x1002fb24 WindowFromPoint
0x1002fb28 InsertMenuA
0x1002fb2c DeleteMenu
0x1002fb30 GetMenuStringA
0x1002fb34 GetDialogBaseUnits
0x1002fb38 SetRectEmpty
0x1002fb3c LoadAcceleratorsA
0x1002fb40 TranslateAcceleratorA
0x1002fb44 LoadMenuA
0x1002fb48 SetMenu
0x1002fb4c ReuseDDElParam
0x1002fb50 UnpackDDElParam
0x1002fb54 InvalidateRect
0x1002fb58 BringWindowToTop
0x1002fb5c CharUpperA
0x1002fb60 GetDlgItemInt
0x1002fb64 CheckRadioButton
0x1002fb68 CheckDlgButton
0x1002fb6c PostMessageA
0x1002fb70 UpdateWindow
0x1002fb74 SendDlgItemMessageA
0x1002fb78 MapWindowPoints
0x1002fb7c PeekMessageA
0x1002fb80 DispatchMessageA
0x1002fb84 SetActiveWindow
0x1002fb88 ScrollWindowEx
0x1002fb8c SetFocus
0x1002fb90 AdjustWindowRectEx
0x1002fb94 ScreenToClient
0x1002fb98 EqualRect
0x1002fb9c DeferWindowPos
0x1002fba0 BeginDeferWindowPos
0x1002fba4 CopyRect
0x1002fba8 EndDeferWindowPos
0x1002fbac IsWindowVisible
0x1002fbb0 ScrollWindow
0x1002fbb4 GetScrollInfo
0x1002fbb8 SetScrollInfo
0x1002fbbc ShowScrollBar
0x1002fbc0 GetScrollRange
0x1002fbc4 SetScrollRange
0x1002fbc8 GetScrollPos
0x1002fbcc SetScrollPos
0x1002fbd0 GetTopWindow
0x1002fbd4 MessageBoxA
0x1002fbd8 IsChild
0x1002fbdc GetParent
0x1002fbe0 WinHelpA
0x1002fbe4 wsprintfA
0x1002fbe8 GetClassInfoA
0x1002fbec RegisterClassA
0x1002fbf0 GetMenu
0x1002fbf4 GetMenuItemCount
0x1002fbf8 GetSubMenu
0x1002fbfc GetMenuItemID
0x1002fc00 TrackPopupMenu
0x1002fc04 SetWindowPlacement
0x1002fc08 GetDlgItem
0x1002fc0c GetWindowTextLengthA
0x1002fc10 GetWindowTextA
0x1002fc14 GetDlgCtrlID
0x1002fc18 GetKeyState
0x1002fc1c DefWindowProcA
0x1002fc20 DestroyWindow
0x1002fc24 CreateWindowExA
0x1002fc28 SetWindowsHookExA
0x1002fc2c CallNextHookEx
0x1002fc30 GetClassLongA
0x1002fc34 SetPropA
0x1002fc38 UnhookWindowsHookEx
0x1002fc3c GetPropA
0x1002fc40 CallWindowProcA
0x1002fc44 RemovePropA
0x1002fc48 GetMessageTime
0x1002fc4c GetMessagePos
0x1002fc50 GetLastActivePopup
0x1002fc54 GetForegroundWindow
0x1002fc58 SetForegroundWindow
0x1002fc5c GetWindow
0x1002fc60 GetWindowLongA
0x1002fc64 SetWindowLongA
0x1002fc68 SetWindowPos
0x1002fc6c RegisterWindowMessageA
0x1002fc70 OffsetRect
0x1002fc74 IntersectRect
0x1002fc78 GetSysColor
0x1002fc7c GetSysColorBrush
0x1002fc80 GetFocus
0x1002fc84 EnableWindow
0x1002fc88 IsDlgButtonChecked
0x1002fc8c SetDlgItemTextA
0x1002fc90 SystemParametersInfoA
0x1002fc94 GetWindowPlacement
0x1002fc98 GetWindowRect
0x1002fc9c IsIconic
0x1002fca0 GetSystemMetrics
0x1002fca4 GetClientRect
0x1002fca8 DrawIcon
0x1002fcac SendMessageA
0x1002fcb0 LoadIconA
0x1002fcb4 SetDlgItemInt
0x1002fcb8 IsWindow
0x1002fcbc GetDlgItemTextA
0x1002fcc0 GetCapture
GDI32.dll
0x1002f700 SetROP2
0x1002f704 SetStretchBltMode
0x1002f708 SetMapMode
0x1002f70c SetViewportOrgEx
0x1002f710 OffsetViewportOrgEx
0x1002f714 SetViewportExtEx
0x1002f718 ScaleViewportExtEx
0x1002f71c SetWindowOrgEx
0x1002f720 OffsetWindowOrgEx
0x1002f724 SetWindowExtEx
0x1002f728 ScaleWindowExtEx
0x1002f72c SelectClipRgn
0x1002f730 ExcludeClipRect
0x1002f734 IntersectClipRect
0x1002f738 OffsetClipRgn
0x1002f73c MoveToEx
0x1002f740 LineTo
0x1002f744 SetBkColor
0x1002f748 SetTextAlign
0x1002f74c SetTextJustification
0x1002f750 SetTextCharacterExtra
0x1002f754 SetMapperFlags
0x1002f758 GetCurrentPositionEx
0x1002f75c ArcTo
0x1002f760 SetArcDirection
0x1002f764 PolyDraw
0x1002f768 PolylineTo
0x1002f76c SetPolyFillMode
0x1002f770 PolyBezierTo
0x1002f774 DeleteObject
0x1002f778 GetClipRgn
0x1002f77c CreateRectRgn
0x1002f780 SelectClipPath
0x1002f784 ExtSelectClipRgn
0x1002f788 PlayMetaFileRecord
0x1002f78c GetObjectType
0x1002f790 EnumMetaFile
0x1002f794 PlayMetaFile
0x1002f798 GetDeviceCaps
0x1002f79c GetViewportExtEx
0x1002f7a0 GetWindowExtEx
0x1002f7a4 CreatePen
0x1002f7a8 ExtCreatePen
0x1002f7ac CreateSolidBrush
0x1002f7b0 CreateHatchBrush
0x1002f7b4 CreatePatternBrush
0x1002f7b8 CreateDIBPatternBrushPt
0x1002f7bc PtVisible
0x1002f7c0 RectVisible
0x1002f7c4 TextOutA
0x1002f7c8 ExtTextOutA
0x1002f7cc Escape
0x1002f7d0 GetTextExtentPoint32A
0x1002f7d4 GetTextMetricsA
0x1002f7d8 CreateFontIndirectA
0x1002f7dc SetBkMode
0x1002f7e0 SelectPalette
0x1002f7e4 GetStockObject
0x1002f7e8 SelectObject
0x1002f7ec RestoreDC
0x1002f7f0 SaveDC
0x1002f7f4 StartDocA
0x1002f7f8 DeleteDC
0x1002f7fc CreateBitmap
0x1002f800 SetColorAdjustment
0x1002f804 GetDCOrgEx
0x1002f808 SetTextColor
0x1002f80c GetClipBox
0x1002f810 GetObjectA
comdlg32.dll
0x1002fcd8 GetFileTitleA
WINSPOOL.DRV
0x1002fcc8 DocumentPropertiesA
0x1002fccc ClosePrinter
0x1002fcd0 OpenPrinterA
ADVAPI32.dll
0x1002f6d4 RegSetValueExA
0x1002f6d8 RegOpenKeyA
0x1002f6dc RegDeleteKeyA
0x1002f6e0 RegDeleteValueA
0x1002f6e4 RegCloseKey
0x1002f6e8 RegQueryValueExA
0x1002f6ec RegOpenKeyExA
0x1002f6f0 RegCreateKeyExA
SHELL32.dll
0x1002fa5c DragQueryFileA
0x1002fa60 DragAcceptFiles
0x1002fa64 SHGetFileInfoA
0x1002fa68 DragFinish
COMCTL32.dll
0x1002f6f8 None
OLEAUT32.dll
0x1002fa50 SysAllocStringLen
0x1002fa54 SysFreeString
EAT(Export Address Table) Library
0x10001f90 StartW
KERNEL32.dll
0x1002f818 GetShortPathNameA
0x1002f81c GetFileAttributesA
0x1002f820 GetFileSize
0x1002f824 GetFileTime
0x1002f828 LocalFileTimeToFileTime
0x1002f82c SystemTimeToFileTime
0x1002f830 SetFileTime
0x1002f834 SetFileAttributesA
0x1002f838 FileTimeToSystemTime
0x1002f83c FileTimeToLocalFileTime
0x1002f840 RtlUnwind
0x1002f844 HeapAlloc
0x1002f848 GetCommandLineA
0x1002f84c RaiseException
0x1002f850 HeapFree
0x1002f854 ExitProcess
0x1002f858 TerminateProcess
0x1002f85c CreateThread
0x1002f860 ExitThread
0x1002f864 HeapSize
0x1002f868 HeapReAlloc
0x1002f86c GetACP
0x1002f870 GetTimeZoneInformation
0x1002f874 GetSystemTime
0x1002f878 GetLocalTime
0x1002f87c FatalAppExitA
0x1002f880 LCMapStringA
0x1002f884 LCMapStringW
0x1002f888 HeapDestroy
0x1002f88c HeapCreate
0x1002f890 GetThreadLocale
0x1002f894 VirtualAlloc
0x1002f898 IsBadWritePtr
0x1002f89c SetHandleCount
0x1002f8a0 GetStdHandle
0x1002f8a4 GetFileType
0x1002f8a8 GetStartupInfoA
0x1002f8ac FreeEnvironmentStringsA
0x1002f8b0 FreeEnvironmentStringsW
0x1002f8b4 GetEnvironmentStrings
0x1002f8b8 GetEnvironmentStringsW
0x1002f8bc SetUnhandledExceptionFilter
0x1002f8c0 GetStringTypeA
0x1002f8c4 GetStringTypeW
0x1002f8c8 UnhandledExceptionFilter
0x1002f8cc Sleep
0x1002f8d0 IsBadReadPtr
0x1002f8d4 IsBadCodePtr
0x1002f8d8 IsValidLocale
0x1002f8dc IsValidCodePage
0x1002f8e0 GetLocaleInfoA
0x1002f8e4 EnumSystemLocalesA
0x1002f8e8 GetUserDefaultLCID
0x1002f8ec GetVersionExA
0x1002f8f0 SetConsoleCtrlHandler
0x1002f8f4 SetStdHandle
0x1002f8f8 CompareStringA
0x1002f8fc CompareStringW
0x1002f900 SetEnvironmentVariableA
0x1002f904 GetLocaleInfoW
0x1002f908 GetStringTypeExA
0x1002f90c GetFullPathNameA
0x1002f910 GetVolumeInformationA
0x1002f914 FindFirstFileA
0x1002f918 FindClose
0x1002f91c DeleteFileA
0x1002f920 MoveFileA
0x1002f924 SetEndOfFile
0x1002f928 UnlockFile
0x1002f92c LockFile
0x1002f930 FlushFileBuffers
0x1002f934 SetFilePointer
0x1002f938 WriteFile
0x1002f93c ReadFile
0x1002f940 CreateFileA
0x1002f944 GetCurrentProcess
0x1002f948 DuplicateHandle
0x1002f94c SetErrorMode
0x1002f950 SizeofResource
0x1002f954 GetCurrentDirectoryA
0x1002f958 WritePrivateProfileStringA
0x1002f95c GetPrivateProfileStringA
0x1002f960 GetPrivateProfileIntA
0x1002f964 GetOEMCP
0x1002f968 GetCPInfo
0x1002f96c GetProcessVersion
0x1002f970 GlobalFlags
0x1002f974 TlsGetValue
0x1002f978 LocalReAlloc
0x1002f97c TlsSetValue
0x1002f980 EnterCriticalSection
0x1002f984 GlobalReAlloc
0x1002f988 LeaveCriticalSection
0x1002f98c TlsFree
0x1002f990 GlobalHandle
0x1002f994 DeleteCriticalSection
0x1002f998 TlsAlloc
0x1002f99c InitializeCriticalSection
0x1002f9a0 LocalAlloc
0x1002f9a4 lstrcpynA
0x1002f9a8 GetLastError
0x1002f9ac MulDiv
0x1002f9b0 SetLastError
0x1002f9b4 GlobalUnlock
0x1002f9b8 GlobalFree
0x1002f9bc CreateEventA
0x1002f9c0 SuspendThread
0x1002f9c4 SetThreadPriority
0x1002f9c8 ResumeThread
0x1002f9cc SetEvent
0x1002f9d0 WaitForSingleObject
0x1002f9d4 CloseHandle
0x1002f9d8 GetModuleFileNameA
0x1002f9dc GlobalLock
0x1002f9e0 GlobalAlloc
0x1002f9e4 lstrcmpA
0x1002f9e8 GetCurrentThread
0x1002f9ec FormatMessageA
0x1002f9f0 LocalFree
0x1002f9f4 WideCharToMultiByte
0x1002f9f8 InterlockedDecrement
0x1002f9fc InterlockedIncrement
0x1002fa00 LoadLibraryA
0x1002fa04 FreeLibrary
0x1002fa08 FindResourceA
0x1002fa0c LoadResource
0x1002fa10 LockResource
0x1002fa14 GetVersion
0x1002fa18 lstrcatA
0x1002fa1c GetCurrentThreadId
0x1002fa20 GlobalGetAtomNameA
0x1002fa24 lstrcmpiA
0x1002fa28 GlobalAddAtomA
0x1002fa2c GlobalFindAtomA
0x1002fa30 GlobalDeleteAtom
0x1002fa34 lstrcpyA
0x1002fa38 GetModuleHandleA
0x1002fa3c GetProcAddress
0x1002fa40 lstrlenA
0x1002fa44 VirtualFree
0x1002fa48 MultiByteToWideChar
USER32.dll
0x1002fa70 IsDialogMessageA
0x1002fa74 SetWindowTextA
0x1002fa78 MoveWindow
0x1002fa7c ShowWindow
0x1002fa80 IsWindowEnabled
0x1002fa84 GetNextDlgTabItem
0x1002fa88 EnableMenuItem
0x1002fa8c CheckMenuItem
0x1002fa90 SetMenuItemBitmaps
0x1002fa94 ModifyMenuA
0x1002fa98 GetMenuState
0x1002fa9c LoadBitmapA
0x1002faa0 GetMenuCheckMarkDimensions
0x1002faa4 CharToOemA
0x1002faa8 OemToCharA
0x1002faac PostQuitMessage
0x1002fab0 ShowOwnedPopups
0x1002fab4 SetCursor
0x1002fab8 GetCursorPos
0x1002fabc ValidateRect
0x1002fac0 GetActiveWindow
0x1002fac4 TranslateMessage
0x1002fac8 GetMessageA
0x1002facc CreateDialogIndirectParamA
0x1002fad0 EndDialog
0x1002fad4 wvsprintfA
0x1002fad8 ClientToScreen
0x1002fadc GetDC
0x1002fae0 ReleaseDC
0x1002fae4 GetWindowDC
0x1002fae8 BeginPaint
0x1002faec EndPaint
0x1002faf0 TabbedTextOutA
0x1002faf4 DrawTextA
0x1002faf8 GrayStringA
0x1002fafc GetClassNameA
0x1002fb00 PtInRect
0x1002fb04 GetDesktopWindow
0x1002fb08 LoadCursorA
0x1002fb0c DestroyMenu
0x1002fb10 LoadStringA
0x1002fb14 SetCapture
0x1002fb18 ReleaseCapture
0x1002fb1c WaitMessage
0x1002fb20 GetWindowThreadProcessId
0x1002fb24 WindowFromPoint
0x1002fb28 InsertMenuA
0x1002fb2c DeleteMenu
0x1002fb30 GetMenuStringA
0x1002fb34 GetDialogBaseUnits
0x1002fb38 SetRectEmpty
0x1002fb3c LoadAcceleratorsA
0x1002fb40 TranslateAcceleratorA
0x1002fb44 LoadMenuA
0x1002fb48 SetMenu
0x1002fb4c ReuseDDElParam
0x1002fb50 UnpackDDElParam
0x1002fb54 InvalidateRect
0x1002fb58 BringWindowToTop
0x1002fb5c CharUpperA
0x1002fb60 GetDlgItemInt
0x1002fb64 CheckRadioButton
0x1002fb68 CheckDlgButton
0x1002fb6c PostMessageA
0x1002fb70 UpdateWindow
0x1002fb74 SendDlgItemMessageA
0x1002fb78 MapWindowPoints
0x1002fb7c PeekMessageA
0x1002fb80 DispatchMessageA
0x1002fb84 SetActiveWindow
0x1002fb88 ScrollWindowEx
0x1002fb8c SetFocus
0x1002fb90 AdjustWindowRectEx
0x1002fb94 ScreenToClient
0x1002fb98 EqualRect
0x1002fb9c DeferWindowPos
0x1002fba0 BeginDeferWindowPos
0x1002fba4 CopyRect
0x1002fba8 EndDeferWindowPos
0x1002fbac IsWindowVisible
0x1002fbb0 ScrollWindow
0x1002fbb4 GetScrollInfo
0x1002fbb8 SetScrollInfo
0x1002fbbc ShowScrollBar
0x1002fbc0 GetScrollRange
0x1002fbc4 SetScrollRange
0x1002fbc8 GetScrollPos
0x1002fbcc SetScrollPos
0x1002fbd0 GetTopWindow
0x1002fbd4 MessageBoxA
0x1002fbd8 IsChild
0x1002fbdc GetParent
0x1002fbe0 WinHelpA
0x1002fbe4 wsprintfA
0x1002fbe8 GetClassInfoA
0x1002fbec RegisterClassA
0x1002fbf0 GetMenu
0x1002fbf4 GetMenuItemCount
0x1002fbf8 GetSubMenu
0x1002fbfc GetMenuItemID
0x1002fc00 TrackPopupMenu
0x1002fc04 SetWindowPlacement
0x1002fc08 GetDlgItem
0x1002fc0c GetWindowTextLengthA
0x1002fc10 GetWindowTextA
0x1002fc14 GetDlgCtrlID
0x1002fc18 GetKeyState
0x1002fc1c DefWindowProcA
0x1002fc20 DestroyWindow
0x1002fc24 CreateWindowExA
0x1002fc28 SetWindowsHookExA
0x1002fc2c CallNextHookEx
0x1002fc30 GetClassLongA
0x1002fc34 SetPropA
0x1002fc38 UnhookWindowsHookEx
0x1002fc3c GetPropA
0x1002fc40 CallWindowProcA
0x1002fc44 RemovePropA
0x1002fc48 GetMessageTime
0x1002fc4c GetMessagePos
0x1002fc50 GetLastActivePopup
0x1002fc54 GetForegroundWindow
0x1002fc58 SetForegroundWindow
0x1002fc5c GetWindow
0x1002fc60 GetWindowLongA
0x1002fc64 SetWindowLongA
0x1002fc68 SetWindowPos
0x1002fc6c RegisterWindowMessageA
0x1002fc70 OffsetRect
0x1002fc74 IntersectRect
0x1002fc78 GetSysColor
0x1002fc7c GetSysColorBrush
0x1002fc80 GetFocus
0x1002fc84 EnableWindow
0x1002fc88 IsDlgButtonChecked
0x1002fc8c SetDlgItemTextA
0x1002fc90 SystemParametersInfoA
0x1002fc94 GetWindowPlacement
0x1002fc98 GetWindowRect
0x1002fc9c IsIconic
0x1002fca0 GetSystemMetrics
0x1002fca4 GetClientRect
0x1002fca8 DrawIcon
0x1002fcac SendMessageA
0x1002fcb0 LoadIconA
0x1002fcb4 SetDlgItemInt
0x1002fcb8 IsWindow
0x1002fcbc GetDlgItemTextA
0x1002fcc0 GetCapture
GDI32.dll
0x1002f700 SetROP2
0x1002f704 SetStretchBltMode
0x1002f708 SetMapMode
0x1002f70c SetViewportOrgEx
0x1002f710 OffsetViewportOrgEx
0x1002f714 SetViewportExtEx
0x1002f718 ScaleViewportExtEx
0x1002f71c SetWindowOrgEx
0x1002f720 OffsetWindowOrgEx
0x1002f724 SetWindowExtEx
0x1002f728 ScaleWindowExtEx
0x1002f72c SelectClipRgn
0x1002f730 ExcludeClipRect
0x1002f734 IntersectClipRect
0x1002f738 OffsetClipRgn
0x1002f73c MoveToEx
0x1002f740 LineTo
0x1002f744 SetBkColor
0x1002f748 SetTextAlign
0x1002f74c SetTextJustification
0x1002f750 SetTextCharacterExtra
0x1002f754 SetMapperFlags
0x1002f758 GetCurrentPositionEx
0x1002f75c ArcTo
0x1002f760 SetArcDirection
0x1002f764 PolyDraw
0x1002f768 PolylineTo
0x1002f76c SetPolyFillMode
0x1002f770 PolyBezierTo
0x1002f774 DeleteObject
0x1002f778 GetClipRgn
0x1002f77c CreateRectRgn
0x1002f780 SelectClipPath
0x1002f784 ExtSelectClipRgn
0x1002f788 PlayMetaFileRecord
0x1002f78c GetObjectType
0x1002f790 EnumMetaFile
0x1002f794 PlayMetaFile
0x1002f798 GetDeviceCaps
0x1002f79c GetViewportExtEx
0x1002f7a0 GetWindowExtEx
0x1002f7a4 CreatePen
0x1002f7a8 ExtCreatePen
0x1002f7ac CreateSolidBrush
0x1002f7b0 CreateHatchBrush
0x1002f7b4 CreatePatternBrush
0x1002f7b8 CreateDIBPatternBrushPt
0x1002f7bc PtVisible
0x1002f7c0 RectVisible
0x1002f7c4 TextOutA
0x1002f7c8 ExtTextOutA
0x1002f7cc Escape
0x1002f7d0 GetTextExtentPoint32A
0x1002f7d4 GetTextMetricsA
0x1002f7d8 CreateFontIndirectA
0x1002f7dc SetBkMode
0x1002f7e0 SelectPalette
0x1002f7e4 GetStockObject
0x1002f7e8 SelectObject
0x1002f7ec RestoreDC
0x1002f7f0 SaveDC
0x1002f7f4 StartDocA
0x1002f7f8 DeleteDC
0x1002f7fc CreateBitmap
0x1002f800 SetColorAdjustment
0x1002f804 GetDCOrgEx
0x1002f808 SetTextColor
0x1002f80c GetClipBox
0x1002f810 GetObjectA
comdlg32.dll
0x1002fcd8 GetFileTitleA
WINSPOOL.DRV
0x1002fcc8 DocumentPropertiesA
0x1002fccc ClosePrinter
0x1002fcd0 OpenPrinterA
ADVAPI32.dll
0x1002f6d4 RegSetValueExA
0x1002f6d8 RegOpenKeyA
0x1002f6dc RegDeleteKeyA
0x1002f6e0 RegDeleteValueA
0x1002f6e4 RegCloseKey
0x1002f6e8 RegQueryValueExA
0x1002f6ec RegOpenKeyExA
0x1002f6f0 RegCreateKeyExA
SHELL32.dll
0x1002fa5c DragQueryFileA
0x1002fa60 DragAcceptFiles
0x1002fa64 SHGetFileInfoA
0x1002fa68 DragFinish
COMCTL32.dll
0x1002f6f8 None
OLEAUT32.dll
0x1002fa50 SysAllocStringLen
0x1002fa54 SysFreeString
EAT(Export Address Table) Library
0x10001f90 StartW