ScreenShot
| Created | 2021.05.21 11:03 | Machine | s1_win7_x6402 |
| Filename | 360diao.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 52 detected (AIDetect, malware1, malicious, high confidence, Mikey, GenericRXAA, Unsafe, confidence, ZexaF, @t0@aCrNS6cb, Eldorado, Attribute, HighConfidence, FlyStudio, MalwareX, WsGame, OSCF@5rs7jr, R002C0WDR21, Generic PUA KM, Binder, susgen, cjfbx, ai score=100, Tiggre, score, Black, R135897, BScope, CLOUD, Static AI, Malicious PE, 100%, CoinMiner, Kazy) | ||
| md5 | 1973e37ebcef7d29735098244afe84c7 | ||
| sha256 | 687c85aada37664caacfa6d2330edc7ebdbce56b06caf969b42b47764a9a7841 | ||
| ssdeep | 98304:XSU/vG+nw6AOXu57bC4RqlrjAe8VhhSEYEniZqgE2NFE6Wq+Pw1rhWixOU2tlOo/:LuuWO+57bC8CAe8TMjNHN+PI9xLoMPs7 | ||
| imphash | ebe8deec2dcdf122c2659b878c1e2051 | ||
| impfuzzy | 192:/KWAOnM0YbFvKOGilCTYYUB29z14EcHc7czZBa1:FMDEO+PoGH1 | ||
Network IP location
Signature (13cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 52 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Drops an executable to the user AppData folder |
| notice | Expresses interest in specific running processes |
| notice | Foreign language identified in PE resource |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (9cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (download) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (download) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
WINMM.dll
0x4a76a4 midiStreamOut
0x4a76a8 midiOutPrepareHeader
0x4a76ac midiStreamProperty
0x4a76b0 midiStreamOpen
0x4a76b4 midiOutUnprepareHeader
0x4a76b8 waveOutOpen
0x4a76bc waveOutUnprepareHeader
0x4a76c0 waveOutPrepareHeader
0x4a76c4 waveOutWrite
0x4a76c8 waveOutPause
0x4a76cc waveOutReset
0x4a76d0 waveOutClose
0x4a76d4 waveOutGetNumDevs
0x4a76d8 midiStreamStop
0x4a76dc midiOutReset
0x4a76e0 midiStreamClose
0x4a76e4 midiStreamRestart
WS2_32.dll
0x4a76fc WSAAsyncSelect
0x4a7700 closesocket
0x4a7704 send
0x4a7708 WSACleanup
0x4a770c WSAStartup
0x4a7710 inet_ntoa
0x4a7714 recvfrom
0x4a7718 ioctlsocket
0x4a771c recv
0x4a7720 getpeername
0x4a7724 accept
0x4a7728 select
RASAPI32.dll
0x4a73d4 RasGetConnectStatusA
0x4a73d8 RasHangUpA
KERNEL32.dll
0x4a719c MultiByteToWideChar
0x4a71a0 SetLastError
0x4a71a4 GetTimeZoneInformation
0x4a71a8 GetVersion
0x4a71ac GetStartupInfoA
0x4a71b0 GetOEMCP
0x4a71b4 GetCPInfo
0x4a71b8 GetProcessVersion
0x4a71bc SetErrorMode
0x4a71c0 GlobalFlags
0x4a71c4 GetCurrentThread
0x4a71c8 GetFileTime
0x4a71cc TlsGetValue
0x4a71d0 LocalReAlloc
0x4a71d4 TlsSetValue
0x4a71d8 TlsFree
0x4a71dc GlobalHandle
0x4a71e0 TlsAlloc
0x4a71e4 LocalAlloc
0x4a71e8 lstrcmpA
0x4a71ec GlobalGetAtomNameA
0x4a71f0 GlobalAddAtomA
0x4a71f4 GlobalFindAtomA
0x4a71f8 GlobalDeleteAtom
0x4a71fc lstrcmpiA
0x4a7200 SetEndOfFile
0x4a7204 UnlockFile
0x4a7208 LockFile
0x4a720c FlushFileBuffers
0x4a7210 DuplicateHandle
0x4a7214 lstrcpynA
0x4a7218 FileTimeToLocalFileTime
0x4a721c LocalFree
0x4a7220 WideCharToMultiByte
0x4a7224 InterlockedDecrement
0x4a7228 InterlockedIncrement
0x4a722c OpenProcess
0x4a7230 TerminateProcess
0x4a7234 GetCurrentProcess
0x4a7238 GetFileSize
0x4a723c SetFilePointer
0x4a7240 CreateToolhelp32Snapshot
0x4a7244 Process32First
0x4a7248 Process32Next
0x4a724c CreateSemaphoreA
0x4a7250 ResumeThread
0x4a7254 ReleaseSemaphore
0x4a7258 EnterCriticalSection
0x4a725c LeaveCriticalSection
0x4a7260 GetProfileStringA
0x4a7264 WriteFile
0x4a7268 WaitForMultipleObjects
0x4a726c CreateFileA
0x4a7270 SetEvent
0x4a7274 FindResourceA
0x4a7278 LoadResource
0x4a727c LockResource
0x4a7280 ReadFile
0x4a7284 GetModuleFileNameA
0x4a7288 GetCurrentThreadId
0x4a728c ExitProcess
0x4a7290 GlobalSize
0x4a7294 GlobalFree
0x4a7298 DeleteCriticalSection
0x4a729c InitializeCriticalSection
0x4a72a0 lstrcatA
0x4a72a4 lstrlenA
0x4a72a8 WinExec
0x4a72ac lstrcpyA
0x4a72b0 FindNextFileA
0x4a72b4 GlobalReAlloc
0x4a72b8 HeapFree
0x4a72bc HeapReAlloc
0x4a72c0 GetProcessHeap
0x4a72c4 HeapAlloc
0x4a72c8 GetFullPathNameA
0x4a72cc FreeLibrary
0x4a72d0 LoadLibraryA
0x4a72d4 GetLastError
0x4a72d8 GetVersionExA
0x4a72dc WritePrivateProfileStringA
0x4a72e0 CreateThread
0x4a72e4 CreateEventA
0x4a72e8 Sleep
0x4a72ec GlobalAlloc
0x4a72f0 GlobalLock
0x4a72f4 GlobalUnlock
0x4a72f8 GetTempPathA
0x4a72fc FindFirstFileA
0x4a7300 FindClose
0x4a7304 InterlockedExchange
0x4a7308 SetFileAttributesA
0x4a730c GetFileAttributesA
0x4a7310 MoveFileA
0x4a7314 DeleteFileA
0x4a7318 SetCurrentDirectoryA
0x4a731c GetVolumeInformationA
0x4a7320 GetModuleHandleA
0x4a7324 GetProcAddress
0x4a7328 MulDiv
0x4a732c GetCommandLineA
0x4a7330 GetTickCount
0x4a7334 CreateProcessA
0x4a7338 WaitForSingleObject
0x4a733c CloseHandle
0x4a7340 RtlUnwind
0x4a7344 GetSystemTime
0x4a7348 GetLocalTime
0x4a734c RaiseException
0x4a7350 HeapSize
0x4a7354 GetACP
0x4a7358 SetStdHandle
0x4a735c GetFileType
0x4a7360 UnhandledExceptionFilter
0x4a7364 FreeEnvironmentStringsA
0x4a7368 FreeEnvironmentStringsW
0x4a736c GetEnvironmentStrings
0x4a7370 GetEnvironmentStringsW
0x4a7374 SetHandleCount
0x4a7378 GetStdHandle
0x4a737c GetEnvironmentVariableA
0x4a7380 HeapDestroy
0x4a7384 HeapCreate
0x4a7388 VirtualFree
0x4a738c SetEnvironmentVariableA
0x4a7390 LCMapStringA
0x4a7394 LCMapStringW
0x4a7398 VirtualAlloc
0x4a739c IsBadWritePtr
0x4a73a0 SetUnhandledExceptionFilter
0x4a73a4 GetStringTypeA
0x4a73a8 GetStringTypeW
0x4a73ac CompareStringA
0x4a73b0 CompareStringW
0x4a73b4 IsBadReadPtr
0x4a73b8 IsBadCodePtr
0x4a73bc FileTimeToSystemTime
USER32.dll
0x4a73f8 SetFocus
0x4a73fc GetActiveWindow
0x4a7400 GetWindow
0x4a7404 DestroyAcceleratorTable
0x4a7408 SetWindowRgn
0x4a740c GetMessagePos
0x4a7410 ScreenToClient
0x4a7414 ChildWindowFromPointEx
0x4a7418 IsIconic
0x4a741c PeekMessageA
0x4a7420 SetMenu
0x4a7424 GetMenu
0x4a7428 DeleteMenu
0x4a742c GetSystemMenu
0x4a7430 DefWindowProcA
0x4a7434 GetClassInfoA
0x4a7438 IsZoomed
0x4a743c PostQuitMessage
0x4a7440 CopyAcceleratorTableA
0x4a7444 GetKeyState
0x4a7448 TranslateAcceleratorA
0x4a744c IsWindowEnabled
0x4a7450 ShowWindow
0x4a7454 SystemParametersInfoA
0x4a7458 LoadImageA
0x4a745c EnumDisplaySettingsA
0x4a7460 ClientToScreen
0x4a7464 EnableMenuItem
0x4a7468 GetSubMenu
0x4a746c GetDlgCtrlID
0x4a7470 CopyRect
0x4a7474 LoadBitmapA
0x4a7478 WinHelpA
0x4a747c KillTimer
0x4a7480 SetTimer
0x4a7484 ReleaseCapture
0x4a7488 GetCapture
0x4a748c SetCapture
0x4a7490 GetScrollRange
0x4a7494 SetScrollRange
0x4a7498 SetScrollPos
0x4a749c SetRect
0x4a74a0 InflateRect
0x4a74a4 IntersectRect
0x4a74a8 DestroyIcon
0x4a74ac PtInRect
0x4a74b0 OffsetRect
0x4a74b4 IsWindowVisible
0x4a74b8 EnableWindow
0x4a74bc RedrawWindow
0x4a74c0 GetWindowLongA
0x4a74c4 GetSysColorBrush
0x4a74c8 CreateAcceleratorTableA
0x4a74cc LoadStringA
0x4a74d0 GetMenuCheckMarkDimensions
0x4a74d4 GetMenuState
0x4a74d8 SetMenuItemBitmaps
0x4a74dc CheckMenuItem
0x4a74e0 MoveWindow
0x4a74e4 IsDialogMessageA
0x4a74e8 ScrollWindowEx
0x4a74ec SendDlgItemMessageA
0x4a74f0 MapWindowPoints
0x4a74f4 AdjustWindowRectEx
0x4a74f8 GetScrollPos
0x4a74fc RegisterClassA
0x4a7500 GetMenuItemCount
0x4a7504 GetMenuItemID
0x4a7508 SetWindowsHookExA
0x4a750c CallNextHookEx
0x4a7510 GetClassLongA
0x4a7514 SetPropA
0x4a7518 UnhookWindowsHookEx
0x4a751c GetPropA
0x4a7520 RemovePropA
0x4a7524 SetWindowLongA
0x4a7528 GetSysColor
0x4a752c SetActiveWindow
0x4a7530 SetCursorPos
0x4a7534 LoadCursorA
0x4a7538 SetCursor
0x4a753c GetDC
0x4a7540 FillRect
0x4a7544 IsRectEmpty
0x4a7548 ReleaseDC
0x4a754c IsChild
0x4a7550 DestroyMenu
0x4a7554 SetForegroundWindow
0x4a7558 GetWindowRect
0x4a755c EqualRect
0x4a7560 UpdateWindow
0x4a7564 ValidateRect
0x4a7568 InvalidateRect
0x4a756c GetClientRect
0x4a7570 GetFocus
0x4a7574 GetParent
0x4a7578 GetTopWindow
0x4a757c PostMessageA
0x4a7580 IsWindow
0x4a7584 SetParent
0x4a7588 DestroyCursor
0x4a758c SendMessageA
0x4a7590 SetWindowPos
0x4a7594 MessageBoxA
0x4a7598 GetCursorPos
0x4a759c GetSystemMetrics
0x4a75a0 EmptyClipboard
0x4a75a4 SetClipboardData
0x4a75a8 OpenClipboard
0x4a75ac GetClipboardData
0x4a75b0 CloseClipboard
0x4a75b4 wsprintfA
0x4a75b8 WaitForInputIdle
0x4a75bc CreateMenu
0x4a75c0 ModifyMenuA
0x4a75c4 AppendMenuA
0x4a75c8 CreatePopupMenu
0x4a75cc DrawIconEx
0x4a75d0 CreateIconFromResource
0x4a75d4 CreateIconFromResourceEx
0x4a75d8 RegisterClipboardFormatA
0x4a75dc SetRectEmpty
0x4a75e0 DispatchMessageA
0x4a75e4 GetMessageA
0x4a75e8 WindowFromPoint
0x4a75ec DrawFocusRect
0x4a75f0 DrawEdge
0x4a75f4 DrawFrameControl
0x4a75f8 TranslateMessage
0x4a75fc LoadIconA
0x4a7600 UnregisterClassA
0x4a7604 GetDesktopWindow
0x4a7608 GetClassNameA
0x4a760c GetWindowThreadProcessId
0x4a7610 FindWindowA
0x4a7614 GetDlgItem
0x4a7618 GetWindowTextA
0x4a761c SetWindowTextA
0x4a7620 CallWindowProcA
0x4a7624 CreateWindowExA
0x4a7628 RegisterHotKey
0x4a762c UnregisterHotKey
0x4a7630 GetWindowTextLengthA
0x4a7634 CharUpperA
0x4a7638 GetWindowDC
0x4a763c BeginPaint
0x4a7640 EndPaint
0x4a7644 TabbedTextOutA
0x4a7648 DrawTextA
0x4a764c GrayStringA
0x4a7650 DestroyWindow
0x4a7654 CreateDialogIndirectParamA
0x4a7658 EndDialog
0x4a765c GetNextDlgTabItem
0x4a7660 GetWindowPlacement
0x4a7664 RegisterWindowMessageA
0x4a7668 GetForegroundWindow
0x4a766c GetLastActivePopup
0x4a7670 GetMessageTime
GDI32.dll
0x4a7048 PtVisible
0x4a704c GetViewportExtEx
0x4a7050 ExtSelectClipRgn
0x4a7054 StartDocA
0x4a7058 StartPage
0x4a705c BitBlt
0x4a7060 CreateCompatibleDC
0x4a7064 Ellipse
0x4a7068 Rectangle
0x4a706c LPtoDP
0x4a7070 DPtoLP
0x4a7074 GetCurrentObject
0x4a7078 RoundRect
0x4a707c GetTextExtentPoint32A
0x4a7080 GetDeviceCaps
0x4a7084 RectVisible
0x4a7088 DeleteObject
0x4a708c SelectClipRgn
0x4a7090 CreatePolygonRgn
0x4a7094 GetClipRgn
0x4a7098 SetStretchBltMode
0x4a709c CreateRectRgnIndirect
0x4a70a0 SetBkColor
0x4a70a4 TranslateCharsetInfo
0x4a70a8 LineTo
0x4a70ac MoveToEx
0x4a70b0 ExcludeClipRect
0x4a70b4 GetClipBox
0x4a70b8 ScaleWindowExtEx
0x4a70bc SetWindowExtEx
0x4a70c0 SetWindowOrgEx
0x4a70c4 ScaleViewportExtEx
0x4a70c8 TextOutA
0x4a70cc ExtTextOutA
0x4a70d0 Escape
0x4a70d4 GetTextMetricsA
0x4a70d8 DeleteDC
0x4a70dc EndDoc
0x4a70e0 EndPage
0x4a70e4 CreateFontIndirectA
0x4a70e8 GetStockObject
0x4a70ec CreateSolidBrush
0x4a70f0 FillRgn
0x4a70f4 CreateRectRgn
0x4a70f8 CombineRgn
0x4a70fc PatBlt
0x4a7100 CreatePen
0x4a7104 GetObjectA
0x4a7108 SelectObject
0x4a710c CreateBitmap
0x4a7110 CreateDCA
0x4a7114 CreateCompatibleBitmap
0x4a7118 GetPolyFillMode
0x4a711c GetStretchBltMode
0x4a7120 SetViewportExtEx
0x4a7124 OffsetViewportOrgEx
0x4a7128 SetViewportOrgEx
0x4a712c SetMapMode
0x4a7130 SetTextColor
0x4a7134 SetROP2
0x4a7138 SetPolyFillMode
0x4a713c SetBkMode
0x4a7140 GetROP2
0x4a7144 GetBkColor
0x4a7148 GetBkMode
0x4a714c GetTextColor
0x4a7150 CreateRoundRectRgn
0x4a7154 CreateEllipticRgn
0x4a7158 PathToRegion
0x4a715c EndPath
0x4a7160 BeginPath
0x4a7164 GetWindowOrgEx
0x4a7168 GetViewportOrgEx
0x4a716c GetWindowExtEx
0x4a7170 GetDIBits
0x4a7174 RealizePalette
0x4a7178 SelectPalette
0x4a717c StretchBlt
0x4a7180 CreatePalette
0x4a7184 CreateDIBitmap
0x4a7188 CreateFontA
0x4a718c RestoreDC
0x4a7190 SaveDC
0x4a7194 GetSystemPaletteEntries
WINSPOOL.DRV
0x4a76ec OpenPrinterA
0x4a76f0 DocumentPropertiesA
0x4a76f4 ClosePrinter
ADVAPI32.dll
0x4a7000 RegOpenKeyExA
0x4a7004 RegSetValueExA
0x4a7008 RegCreateKeyA
0x4a700c RegQueryValueA
0x4a7010 RegCreateKeyExA
0x4a7014 RegCloseKey
SHELL32.dll
0x4a73e0 DragAcceptFiles
0x4a73e4 DragFinish
0x4a73e8 DragQueryFileA
0x4a73ec ShellExecuteA
0x4a73f0 Shell_NotifyIconA
ole32.dll
0x4a7744 CLSIDFromString
0x4a7748 OleUninitialize
0x4a774c OleInitialize
OLEAUT32.dll
0x4a73c4 LoadTypeLib
0x4a73c8 RegisterTypeLib
0x4a73cc UnRegisterTypeLib
COMCTL32.dll
0x4a701c ImageList_Add
0x4a7020 ImageList_BeginDrag
0x4a7024 ImageList_Create
0x4a7028 ImageList_Destroy
0x4a702c ImageList_DragEnter
0x4a7030 ImageList_DragLeave
0x4a7034 ImageList_DragMove
0x4a7038 ImageList_DragShowNolock
0x4a703c ImageList_EndDrag
0x4a7040 None
WININET.dll
0x4a7678 InternetCanonicalizeUrlA
0x4a767c InternetCrackUrlA
0x4a7680 HttpOpenRequestA
0x4a7684 HttpSendRequestA
0x4a7688 HttpQueryInfoA
0x4a768c InternetConnectA
0x4a7690 InternetSetOptionA
0x4a7694 InternetOpenA
0x4a7698 InternetCloseHandle
0x4a769c InternetReadFile
comdlg32.dll
0x4a7730 ChooseColorA
0x4a7734 GetOpenFileNameA
0x4a7738 GetFileTitleA
0x4a773c GetSaveFileNameA
EAT(Export Address Table) is none
WINMM.dll
0x4a76a4 midiStreamOut
0x4a76a8 midiOutPrepareHeader
0x4a76ac midiStreamProperty
0x4a76b0 midiStreamOpen
0x4a76b4 midiOutUnprepareHeader
0x4a76b8 waveOutOpen
0x4a76bc waveOutUnprepareHeader
0x4a76c0 waveOutPrepareHeader
0x4a76c4 waveOutWrite
0x4a76c8 waveOutPause
0x4a76cc waveOutReset
0x4a76d0 waveOutClose
0x4a76d4 waveOutGetNumDevs
0x4a76d8 midiStreamStop
0x4a76dc midiOutReset
0x4a76e0 midiStreamClose
0x4a76e4 midiStreamRestart
WS2_32.dll
0x4a76fc WSAAsyncSelect
0x4a7700 closesocket
0x4a7704 send
0x4a7708 WSACleanup
0x4a770c WSAStartup
0x4a7710 inet_ntoa
0x4a7714 recvfrom
0x4a7718 ioctlsocket
0x4a771c recv
0x4a7720 getpeername
0x4a7724 accept
0x4a7728 select
RASAPI32.dll
0x4a73d4 RasGetConnectStatusA
0x4a73d8 RasHangUpA
KERNEL32.dll
0x4a719c MultiByteToWideChar
0x4a71a0 SetLastError
0x4a71a4 GetTimeZoneInformation
0x4a71a8 GetVersion
0x4a71ac GetStartupInfoA
0x4a71b0 GetOEMCP
0x4a71b4 GetCPInfo
0x4a71b8 GetProcessVersion
0x4a71bc SetErrorMode
0x4a71c0 GlobalFlags
0x4a71c4 GetCurrentThread
0x4a71c8 GetFileTime
0x4a71cc TlsGetValue
0x4a71d0 LocalReAlloc
0x4a71d4 TlsSetValue
0x4a71d8 TlsFree
0x4a71dc GlobalHandle
0x4a71e0 TlsAlloc
0x4a71e4 LocalAlloc
0x4a71e8 lstrcmpA
0x4a71ec GlobalGetAtomNameA
0x4a71f0 GlobalAddAtomA
0x4a71f4 GlobalFindAtomA
0x4a71f8 GlobalDeleteAtom
0x4a71fc lstrcmpiA
0x4a7200 SetEndOfFile
0x4a7204 UnlockFile
0x4a7208 LockFile
0x4a720c FlushFileBuffers
0x4a7210 DuplicateHandle
0x4a7214 lstrcpynA
0x4a7218 FileTimeToLocalFileTime
0x4a721c LocalFree
0x4a7220 WideCharToMultiByte
0x4a7224 InterlockedDecrement
0x4a7228 InterlockedIncrement
0x4a722c OpenProcess
0x4a7230 TerminateProcess
0x4a7234 GetCurrentProcess
0x4a7238 GetFileSize
0x4a723c SetFilePointer
0x4a7240 CreateToolhelp32Snapshot
0x4a7244 Process32First
0x4a7248 Process32Next
0x4a724c CreateSemaphoreA
0x4a7250 ResumeThread
0x4a7254 ReleaseSemaphore
0x4a7258 EnterCriticalSection
0x4a725c LeaveCriticalSection
0x4a7260 GetProfileStringA
0x4a7264 WriteFile
0x4a7268 WaitForMultipleObjects
0x4a726c CreateFileA
0x4a7270 SetEvent
0x4a7274 FindResourceA
0x4a7278 LoadResource
0x4a727c LockResource
0x4a7280 ReadFile
0x4a7284 GetModuleFileNameA
0x4a7288 GetCurrentThreadId
0x4a728c ExitProcess
0x4a7290 GlobalSize
0x4a7294 GlobalFree
0x4a7298 DeleteCriticalSection
0x4a729c InitializeCriticalSection
0x4a72a0 lstrcatA
0x4a72a4 lstrlenA
0x4a72a8 WinExec
0x4a72ac lstrcpyA
0x4a72b0 FindNextFileA
0x4a72b4 GlobalReAlloc
0x4a72b8 HeapFree
0x4a72bc HeapReAlloc
0x4a72c0 GetProcessHeap
0x4a72c4 HeapAlloc
0x4a72c8 GetFullPathNameA
0x4a72cc FreeLibrary
0x4a72d0 LoadLibraryA
0x4a72d4 GetLastError
0x4a72d8 GetVersionExA
0x4a72dc WritePrivateProfileStringA
0x4a72e0 CreateThread
0x4a72e4 CreateEventA
0x4a72e8 Sleep
0x4a72ec GlobalAlloc
0x4a72f0 GlobalLock
0x4a72f4 GlobalUnlock
0x4a72f8 GetTempPathA
0x4a72fc FindFirstFileA
0x4a7300 FindClose
0x4a7304 InterlockedExchange
0x4a7308 SetFileAttributesA
0x4a730c GetFileAttributesA
0x4a7310 MoveFileA
0x4a7314 DeleteFileA
0x4a7318 SetCurrentDirectoryA
0x4a731c GetVolumeInformationA
0x4a7320 GetModuleHandleA
0x4a7324 GetProcAddress
0x4a7328 MulDiv
0x4a732c GetCommandLineA
0x4a7330 GetTickCount
0x4a7334 CreateProcessA
0x4a7338 WaitForSingleObject
0x4a733c CloseHandle
0x4a7340 RtlUnwind
0x4a7344 GetSystemTime
0x4a7348 GetLocalTime
0x4a734c RaiseException
0x4a7350 HeapSize
0x4a7354 GetACP
0x4a7358 SetStdHandle
0x4a735c GetFileType
0x4a7360 UnhandledExceptionFilter
0x4a7364 FreeEnvironmentStringsA
0x4a7368 FreeEnvironmentStringsW
0x4a736c GetEnvironmentStrings
0x4a7370 GetEnvironmentStringsW
0x4a7374 SetHandleCount
0x4a7378 GetStdHandle
0x4a737c GetEnvironmentVariableA
0x4a7380 HeapDestroy
0x4a7384 HeapCreate
0x4a7388 VirtualFree
0x4a738c SetEnvironmentVariableA
0x4a7390 LCMapStringA
0x4a7394 LCMapStringW
0x4a7398 VirtualAlloc
0x4a739c IsBadWritePtr
0x4a73a0 SetUnhandledExceptionFilter
0x4a73a4 GetStringTypeA
0x4a73a8 GetStringTypeW
0x4a73ac CompareStringA
0x4a73b0 CompareStringW
0x4a73b4 IsBadReadPtr
0x4a73b8 IsBadCodePtr
0x4a73bc FileTimeToSystemTime
USER32.dll
0x4a73f8 SetFocus
0x4a73fc GetActiveWindow
0x4a7400 GetWindow
0x4a7404 DestroyAcceleratorTable
0x4a7408 SetWindowRgn
0x4a740c GetMessagePos
0x4a7410 ScreenToClient
0x4a7414 ChildWindowFromPointEx
0x4a7418 IsIconic
0x4a741c PeekMessageA
0x4a7420 SetMenu
0x4a7424 GetMenu
0x4a7428 DeleteMenu
0x4a742c GetSystemMenu
0x4a7430 DefWindowProcA
0x4a7434 GetClassInfoA
0x4a7438 IsZoomed
0x4a743c PostQuitMessage
0x4a7440 CopyAcceleratorTableA
0x4a7444 GetKeyState
0x4a7448 TranslateAcceleratorA
0x4a744c IsWindowEnabled
0x4a7450 ShowWindow
0x4a7454 SystemParametersInfoA
0x4a7458 LoadImageA
0x4a745c EnumDisplaySettingsA
0x4a7460 ClientToScreen
0x4a7464 EnableMenuItem
0x4a7468 GetSubMenu
0x4a746c GetDlgCtrlID
0x4a7470 CopyRect
0x4a7474 LoadBitmapA
0x4a7478 WinHelpA
0x4a747c KillTimer
0x4a7480 SetTimer
0x4a7484 ReleaseCapture
0x4a7488 GetCapture
0x4a748c SetCapture
0x4a7490 GetScrollRange
0x4a7494 SetScrollRange
0x4a7498 SetScrollPos
0x4a749c SetRect
0x4a74a0 InflateRect
0x4a74a4 IntersectRect
0x4a74a8 DestroyIcon
0x4a74ac PtInRect
0x4a74b0 OffsetRect
0x4a74b4 IsWindowVisible
0x4a74b8 EnableWindow
0x4a74bc RedrawWindow
0x4a74c0 GetWindowLongA
0x4a74c4 GetSysColorBrush
0x4a74c8 CreateAcceleratorTableA
0x4a74cc LoadStringA
0x4a74d0 GetMenuCheckMarkDimensions
0x4a74d4 GetMenuState
0x4a74d8 SetMenuItemBitmaps
0x4a74dc CheckMenuItem
0x4a74e0 MoveWindow
0x4a74e4 IsDialogMessageA
0x4a74e8 ScrollWindowEx
0x4a74ec SendDlgItemMessageA
0x4a74f0 MapWindowPoints
0x4a74f4 AdjustWindowRectEx
0x4a74f8 GetScrollPos
0x4a74fc RegisterClassA
0x4a7500 GetMenuItemCount
0x4a7504 GetMenuItemID
0x4a7508 SetWindowsHookExA
0x4a750c CallNextHookEx
0x4a7510 GetClassLongA
0x4a7514 SetPropA
0x4a7518 UnhookWindowsHookEx
0x4a751c GetPropA
0x4a7520 RemovePropA
0x4a7524 SetWindowLongA
0x4a7528 GetSysColor
0x4a752c SetActiveWindow
0x4a7530 SetCursorPos
0x4a7534 LoadCursorA
0x4a7538 SetCursor
0x4a753c GetDC
0x4a7540 FillRect
0x4a7544 IsRectEmpty
0x4a7548 ReleaseDC
0x4a754c IsChild
0x4a7550 DestroyMenu
0x4a7554 SetForegroundWindow
0x4a7558 GetWindowRect
0x4a755c EqualRect
0x4a7560 UpdateWindow
0x4a7564 ValidateRect
0x4a7568 InvalidateRect
0x4a756c GetClientRect
0x4a7570 GetFocus
0x4a7574 GetParent
0x4a7578 GetTopWindow
0x4a757c PostMessageA
0x4a7580 IsWindow
0x4a7584 SetParent
0x4a7588 DestroyCursor
0x4a758c SendMessageA
0x4a7590 SetWindowPos
0x4a7594 MessageBoxA
0x4a7598 GetCursorPos
0x4a759c GetSystemMetrics
0x4a75a0 EmptyClipboard
0x4a75a4 SetClipboardData
0x4a75a8 OpenClipboard
0x4a75ac GetClipboardData
0x4a75b0 CloseClipboard
0x4a75b4 wsprintfA
0x4a75b8 WaitForInputIdle
0x4a75bc CreateMenu
0x4a75c0 ModifyMenuA
0x4a75c4 AppendMenuA
0x4a75c8 CreatePopupMenu
0x4a75cc DrawIconEx
0x4a75d0 CreateIconFromResource
0x4a75d4 CreateIconFromResourceEx
0x4a75d8 RegisterClipboardFormatA
0x4a75dc SetRectEmpty
0x4a75e0 DispatchMessageA
0x4a75e4 GetMessageA
0x4a75e8 WindowFromPoint
0x4a75ec DrawFocusRect
0x4a75f0 DrawEdge
0x4a75f4 DrawFrameControl
0x4a75f8 TranslateMessage
0x4a75fc LoadIconA
0x4a7600 UnregisterClassA
0x4a7604 GetDesktopWindow
0x4a7608 GetClassNameA
0x4a760c GetWindowThreadProcessId
0x4a7610 FindWindowA
0x4a7614 GetDlgItem
0x4a7618 GetWindowTextA
0x4a761c SetWindowTextA
0x4a7620 CallWindowProcA
0x4a7624 CreateWindowExA
0x4a7628 RegisterHotKey
0x4a762c UnregisterHotKey
0x4a7630 GetWindowTextLengthA
0x4a7634 CharUpperA
0x4a7638 GetWindowDC
0x4a763c BeginPaint
0x4a7640 EndPaint
0x4a7644 TabbedTextOutA
0x4a7648 DrawTextA
0x4a764c GrayStringA
0x4a7650 DestroyWindow
0x4a7654 CreateDialogIndirectParamA
0x4a7658 EndDialog
0x4a765c GetNextDlgTabItem
0x4a7660 GetWindowPlacement
0x4a7664 RegisterWindowMessageA
0x4a7668 GetForegroundWindow
0x4a766c GetLastActivePopup
0x4a7670 GetMessageTime
GDI32.dll
0x4a7048 PtVisible
0x4a704c GetViewportExtEx
0x4a7050 ExtSelectClipRgn
0x4a7054 StartDocA
0x4a7058 StartPage
0x4a705c BitBlt
0x4a7060 CreateCompatibleDC
0x4a7064 Ellipse
0x4a7068 Rectangle
0x4a706c LPtoDP
0x4a7070 DPtoLP
0x4a7074 GetCurrentObject
0x4a7078 RoundRect
0x4a707c GetTextExtentPoint32A
0x4a7080 GetDeviceCaps
0x4a7084 RectVisible
0x4a7088 DeleteObject
0x4a708c SelectClipRgn
0x4a7090 CreatePolygonRgn
0x4a7094 GetClipRgn
0x4a7098 SetStretchBltMode
0x4a709c CreateRectRgnIndirect
0x4a70a0 SetBkColor
0x4a70a4 TranslateCharsetInfo
0x4a70a8 LineTo
0x4a70ac MoveToEx
0x4a70b0 ExcludeClipRect
0x4a70b4 GetClipBox
0x4a70b8 ScaleWindowExtEx
0x4a70bc SetWindowExtEx
0x4a70c0 SetWindowOrgEx
0x4a70c4 ScaleViewportExtEx
0x4a70c8 TextOutA
0x4a70cc ExtTextOutA
0x4a70d0 Escape
0x4a70d4 GetTextMetricsA
0x4a70d8 DeleteDC
0x4a70dc EndDoc
0x4a70e0 EndPage
0x4a70e4 CreateFontIndirectA
0x4a70e8 GetStockObject
0x4a70ec CreateSolidBrush
0x4a70f0 FillRgn
0x4a70f4 CreateRectRgn
0x4a70f8 CombineRgn
0x4a70fc PatBlt
0x4a7100 CreatePen
0x4a7104 GetObjectA
0x4a7108 SelectObject
0x4a710c CreateBitmap
0x4a7110 CreateDCA
0x4a7114 CreateCompatibleBitmap
0x4a7118 GetPolyFillMode
0x4a711c GetStretchBltMode
0x4a7120 SetViewportExtEx
0x4a7124 OffsetViewportOrgEx
0x4a7128 SetViewportOrgEx
0x4a712c SetMapMode
0x4a7130 SetTextColor
0x4a7134 SetROP2
0x4a7138 SetPolyFillMode
0x4a713c SetBkMode
0x4a7140 GetROP2
0x4a7144 GetBkColor
0x4a7148 GetBkMode
0x4a714c GetTextColor
0x4a7150 CreateRoundRectRgn
0x4a7154 CreateEllipticRgn
0x4a7158 PathToRegion
0x4a715c EndPath
0x4a7160 BeginPath
0x4a7164 GetWindowOrgEx
0x4a7168 GetViewportOrgEx
0x4a716c GetWindowExtEx
0x4a7170 GetDIBits
0x4a7174 RealizePalette
0x4a7178 SelectPalette
0x4a717c StretchBlt
0x4a7180 CreatePalette
0x4a7184 CreateDIBitmap
0x4a7188 CreateFontA
0x4a718c RestoreDC
0x4a7190 SaveDC
0x4a7194 GetSystemPaletteEntries
WINSPOOL.DRV
0x4a76ec OpenPrinterA
0x4a76f0 DocumentPropertiesA
0x4a76f4 ClosePrinter
ADVAPI32.dll
0x4a7000 RegOpenKeyExA
0x4a7004 RegSetValueExA
0x4a7008 RegCreateKeyA
0x4a700c RegQueryValueA
0x4a7010 RegCreateKeyExA
0x4a7014 RegCloseKey
SHELL32.dll
0x4a73e0 DragAcceptFiles
0x4a73e4 DragFinish
0x4a73e8 DragQueryFileA
0x4a73ec ShellExecuteA
0x4a73f0 Shell_NotifyIconA
ole32.dll
0x4a7744 CLSIDFromString
0x4a7748 OleUninitialize
0x4a774c OleInitialize
OLEAUT32.dll
0x4a73c4 LoadTypeLib
0x4a73c8 RegisterTypeLib
0x4a73cc UnRegisterTypeLib
COMCTL32.dll
0x4a701c ImageList_Add
0x4a7020 ImageList_BeginDrag
0x4a7024 ImageList_Create
0x4a7028 ImageList_Destroy
0x4a702c ImageList_DragEnter
0x4a7030 ImageList_DragLeave
0x4a7034 ImageList_DragMove
0x4a7038 ImageList_DragShowNolock
0x4a703c ImageList_EndDrag
0x4a7040 None
WININET.dll
0x4a7678 InternetCanonicalizeUrlA
0x4a767c InternetCrackUrlA
0x4a7680 HttpOpenRequestA
0x4a7684 HttpSendRequestA
0x4a7688 HttpQueryInfoA
0x4a768c InternetConnectA
0x4a7690 InternetSetOptionA
0x4a7694 InternetOpenA
0x4a7698 InternetCloseHandle
0x4a769c InternetReadFile
comdlg32.dll
0x4a7730 ChooseColorA
0x4a7734 GetOpenFileNameA
0x4a7738 GetFileTitleA
0x4a773c GetSaveFileNameA
EAT(Export Address Table) is none