ScreenShot
| Created | 2021.05.26 09:36 | Machine | s1_win7_x6401 |
| Filename | %E5%88%9B%E8%BE%89%E4%BC%81%E4%B8%9A%E5%90%8D%E5%BD%95%E4%BF%A1%E6%81%AF%E6%90%9C%E7%B4%A2%E8%BD%AF%E4%BB%B6.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 62 detected (RammitNNA, malicious, high confidence, Ramnit, Unsafe, gen2, FileInfector, Nimnul, eslalb, RmnDrp, A@1xq65p, Rmnet, ai score=78, score, CLASSIC, Malicious PE, 100%, Cosmu, confidence) | ||
| md5 | b002b1aef58889242163dba60b7d6a47 | ||
| sha256 | 4e707c27c365409032b8081092276d83498149589fa42c52271febbc5682bc81 | ||
| ssdeep | 12288:jWqNvsYrbCee3HRPkD5tqrDGpwXBJMS3Fzwm3OOx4KF7VXLP:jWEnrOeGHRsD5tXpwIqzwOq+xXLP | ||
| imphash | 635d14289153447f212f63af5a46fbc8 | ||
| impfuzzy | 192:ZAHhs3KkIwmamKeUtsT1iPTTYuTzUcicRcoSagiN5PQO7:SkenZTYIhEJRBN5PQO7 | ||
Network IP location
Signature (12cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 62 AntiVirus engines on VirusTotal as malicious |
| watch | Ramnit malware indicators found |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | Performs some HTTP requests |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (upload) |
Network (6cnts) ?
Suricata ids
ET POLICY Unsupported/Fake Windows NT Version 5.0
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
WINMM.dll
0x48e67c waveOutUnprepareHeader
0x48e680 waveOutPrepareHeader
0x48e684 waveOutWrite
0x48e688 waveOutPause
0x48e68c waveOutReset
0x48e690 waveOutClose
0x48e694 waveOutGetNumDevs
0x48e698 waveOutOpen
0x48e69c midiOutUnprepareHeader
0x48e6a0 midiStreamOpen
0x48e6a4 midiStreamProperty
0x48e6a8 midiOutPrepareHeader
0x48e6ac midiStreamOut
0x48e6b0 midiStreamStop
0x48e6b4 midiOutReset
0x48e6b8 midiStreamClose
0x48e6bc midiStreamRestart
WS2_32.dll
0x48e6d4 accept
0x48e6d8 WSAAsyncSelect
0x48e6dc closesocket
0x48e6e0 getpeername
0x48e6e4 inet_ntoa
0x48e6e8 WSAStartup
0x48e6ec WSACleanup
0x48e6f0 recv
0x48e6f4 ioctlsocket
0x48e6f8 recvfrom
0x48e6fc send
0x48e700 select
RASAPI32.dll
0x48e3ec RasHangUpA
0x48e3f0 RasGetConnectStatusA
KERNEL32.dll
0x48e184 SetLastError
0x48e188 GetTimeZoneInformation
0x48e18c GetVersion
0x48e190 FileTimeToSystemTime
0x48e194 IsBadCodePtr
0x48e198 IsBadReadPtr
0x48e19c CompareStringW
0x48e1a0 CompareStringA
0x48e1a4 GetStringTypeW
0x48e1a8 GetStringTypeA
0x48e1ac SetUnhandledExceptionFilter
0x48e1b0 IsBadWritePtr
0x48e1b4 VirtualAlloc
0x48e1b8 LCMapStringW
0x48e1bc LCMapStringA
0x48e1c0 SetEnvironmentVariableA
0x48e1c4 VirtualFree
0x48e1c8 HeapCreate
0x48e1cc HeapDestroy
0x48e1d0 GetEnvironmentVariableA
0x48e1d4 GetStdHandle
0x48e1d8 SetHandleCount
0x48e1dc GetEnvironmentStringsW
0x48e1e0 GetEnvironmentStrings
0x48e1e4 FreeEnvironmentStringsW
0x48e1e8 FreeEnvironmentStringsA
0x48e1ec UnhandledExceptionFilter
0x48e1f0 GetFileType
0x48e1f4 SetStdHandle
0x48e1f8 GetACP
0x48e1fc HeapSize
0x48e200 RaiseException
0x48e204 GetLocalTime
0x48e208 GetSystemTime
0x48e20c RtlUnwind
0x48e210 GetStartupInfoA
0x48e214 GetOEMCP
0x48e218 GetCPInfo
0x48e21c GetProcessVersion
0x48e220 SetErrorMode
0x48e224 GlobalFlags
0x48e228 GetCurrentThread
0x48e22c GetFileTime
0x48e230 TlsGetValue
0x48e234 LocalReAlloc
0x48e238 TlsSetValue
0x48e23c TlsFree
0x48e240 GlobalHandle
0x48e244 TlsAlloc
0x48e248 LocalAlloc
0x48e24c lstrcmpA
0x48e250 GlobalGetAtomNameA
0x48e254 GlobalAddAtomA
0x48e258 GlobalFindAtomA
0x48e25c GlobalDeleteAtom
0x48e260 lstrcmpiA
0x48e264 SetEndOfFile
0x48e268 UnlockFile
0x48e26c LockFile
0x48e270 FlushFileBuffers
0x48e274 DuplicateHandle
0x48e278 lstrcpynA
0x48e27c FileTimeToLocalFileTime
0x48e280 FormatMessageA
0x48e284 LocalFree
0x48e288 InterlockedDecrement
0x48e28c InterlockedIncrement
0x48e290 CloseHandle
0x48e294 WaitForSingleObject
0x48e298 GetTickCount
0x48e29c GetCommandLineA
0x48e2a0 MulDiv
0x48e2a4 GetProcAddress
0x48e2a8 GetModuleHandleA
0x48e2ac GetVolumeInformationA
0x48e2b0 SetCurrentDirectoryA
0x48e2b4 DeleteFileA
0x48e2b8 GetFileAttributesA
0x48e2bc FindClose
0x48e2c0 FindFirstFileA
0x48e2c4 GlobalUnlock
0x48e2c8 GlobalLock
0x48e2cc GlobalAlloc
0x48e2d0 InterlockedExchange
0x48e2d4 Sleep
0x48e2d8 CreateEventA
0x48e2dc CreateThread
0x48e2e0 GetPrivateProfileStringA
0x48e2e4 WritePrivateProfileStringA
0x48e2e8 GetVersionExA
0x48e2ec lstrlenW
0x48e2f0 lstrlenA
0x48e2f4 LoadLibraryA
0x48e2f8 FreeLibrary
0x48e2fc GetFullPathNameA
0x48e300 GetUserDefaultLCID
0x48e304 TerminateProcess
0x48e308 GetFileSize
0x48e30c SetFilePointer
0x48e310 WideCharToMultiByte
0x48e314 MultiByteToWideChar
0x48e318 GetCurrentProcess
0x48e31c CreateSemaphoreA
0x48e320 ResumeThread
0x48e324 ReleaseSemaphore
0x48e328 EnterCriticalSection
0x48e32c LeaveCriticalSection
0x48e330 GetProfileStringA
0x48e334 WriteFile
0x48e338 ReadFile
0x48e33c GetLastError
0x48e340 WaitForMultipleObjects
0x48e344 CreateFileA
0x48e348 DeviceIoControl
0x48e34c SetEvent
0x48e350 FindResourceA
0x48e354 LoadResource
0x48e358 LockResource
0x48e35c GetModuleFileNameA
0x48e360 GetCurrentThreadId
0x48e364 ExitProcess
0x48e368 GlobalSize
0x48e36c GlobalFree
0x48e370 DeleteCriticalSection
0x48e374 InitializeCriticalSection
0x48e378 lstrcatA
0x48e37c WinExec
0x48e380 lstrcpyA
0x48e384 FindNextFileA
0x48e388 GlobalReAlloc
0x48e38c HeapFree
0x48e390 HeapReAlloc
0x48e394 GetProcessHeap
0x48e398 HeapAlloc
USER32.dll
0x48e404 UnregisterClassA
0x48e408 TranslateAcceleratorA
0x48e40c GetKeyState
0x48e410 EnableMenuItem
0x48e414 GetSubMenu
0x48e418 GetDlgCtrlID
0x48e41c CreateAcceleratorTableA
0x48e420 CreateMenu
0x48e424 ModifyMenuA
0x48e428 AppendMenuA
0x48e42c ClientToScreen
0x48e430 DrawIconEx
0x48e434 CreateIconFromResource
0x48e438 CreateIconFromResourceEx
0x48e43c RegisterClipboardFormatA
0x48e440 SetRectEmpty
0x48e444 DispatchMessageA
0x48e448 GetMessageA
0x48e44c WindowFromPoint
0x48e450 DrawFocusRect
0x48e454 DrawEdge
0x48e458 DrawFrameControl
0x48e45c LoadIconA
0x48e460 EnumDisplaySettingsA
0x48e464 LoadImageA
0x48e468 TranslateMessage
0x48e46c ShowWindow
0x48e470 CreatePopupMenu
0x48e474 SystemParametersInfoA
0x48e478 GetForegroundWindow
0x48e47c GetDesktopWindow
0x48e480 GetClassNameA
0x48e484 GetDlgItem
0x48e488 FindWindowExA
0x48e48c GetWindowTextA
0x48e490 SetWindowTextA
0x48e494 IsWindowEnabled
0x48e498 CopyAcceleratorTableA
0x48e49c PostQuitMessage
0x48e4a0 GetSysColorBrush
0x48e4a4 LoadStringA
0x48e4a8 GetMenuCheckMarkDimensions
0x48e4ac GetMenuState
0x48e4b0 SetMenuItemBitmaps
0x48e4b4 CheckMenuItem
0x48e4b8 MoveWindow
0x48e4bc IsDialogMessageA
0x48e4c0 ScrollWindowEx
0x48e4c4 SendDlgItemMessageA
0x48e4c8 MapWindowPoints
0x48e4cc AdjustWindowRectEx
0x48e4d0 GetScrollPos
0x48e4d4 RegisterClassA
0x48e4d8 GetMenuItemCount
0x48e4dc GetMenuItemID
0x48e4e0 CreateWindowExA
0x48e4e4 IsZoomed
0x48e4e8 GetSystemMenu
0x48e4ec DeleteMenu
0x48e4f0 GetClassInfoA
0x48e4f4 DefWindowProcA
0x48e4f8 GetMenu
0x48e4fc SetMenu
0x48e500 PeekMessageA
0x48e504 IsIconic
0x48e508 SetFocus
0x48e50c GetActiveWindow
0x48e510 GetWindow
0x48e514 DestroyAcceleratorTable
0x48e518 SetWindowRgn
0x48e51c GetMessagePos
0x48e520 ScreenToClient
0x48e524 ChildWindowFromPointEx
0x48e528 CopyRect
0x48e52c LoadBitmapA
0x48e530 WinHelpA
0x48e534 KillTimer
0x48e538 SetTimer
0x48e53c ReleaseCapture
0x48e540 GetCapture
0x48e544 SetCapture
0x48e548 GetScrollRange
0x48e54c SetScrollRange
0x48e550 SetScrollPos
0x48e554 InflateRect
0x48e558 SetRect
0x48e55c IntersectRect
0x48e560 DestroyIcon
0x48e564 PtInRect
0x48e568 OffsetRect
0x48e56c IsWindowVisible
0x48e570 EnableWindow
0x48e574 RedrawWindow
0x48e578 GetWindowLongA
0x48e57c SetWindowLongA
0x48e580 GetSysColor
0x48e584 SetActiveWindow
0x48e588 SetCursorPos
0x48e58c LoadCursorA
0x48e590 SetCursor
0x48e594 GetDC
0x48e598 FillRect
0x48e59c IsRectEmpty
0x48e5a0 ReleaseDC
0x48e5a4 IsChild
0x48e5a8 DestroyMenu
0x48e5ac SetForegroundWindow
0x48e5b0 GetWindowRect
0x48e5b4 EqualRect
0x48e5b8 UpdateWindow
0x48e5bc ValidateRect
0x48e5c0 InvalidateRect
0x48e5c4 GetClientRect
0x48e5c8 GetFocus
0x48e5cc GetParent
0x48e5d0 GetTopWindow
0x48e5d4 PostMessageA
0x48e5d8 IsWindow
0x48e5dc SetParent
0x48e5e0 DestroyCursor
0x48e5e4 SendMessageA
0x48e5e8 SetWindowPos
0x48e5ec MessageBoxA
0x48e5f0 GetCursorPos
0x48e5f4 GetSystemMetrics
0x48e5f8 EmptyClipboard
0x48e5fc SetClipboardData
0x48e600 OpenClipboard
0x48e604 GetClipboardData
0x48e608 CloseClipboard
0x48e60c wsprintfA
0x48e610 GetWindowTextLengthA
0x48e614 CharUpperA
0x48e618 GetWindowDC
0x48e61c BeginPaint
0x48e620 EndPaint
0x48e624 TabbedTextOutA
0x48e628 DrawTextA
0x48e62c GrayStringA
0x48e630 DestroyWindow
0x48e634 CreateDialogIndirectParamA
0x48e638 EndDialog
0x48e63c GetNextDlgTabItem
0x48e640 GetWindowPlacement
0x48e644 RegisterWindowMessageA
0x48e648 GetLastActivePopup
0x48e64c GetMessageTime
0x48e650 RemovePropA
0x48e654 CallWindowProcA
0x48e658 GetPropA
0x48e65c UnhookWindowsHookEx
0x48e660 SetPropA
0x48e664 GetClassLongA
0x48e668 CallNextHookEx
0x48e66c SetWindowsHookExA
GDI32.dll
0x48e038 TextOutA
0x48e03c RectVisible
0x48e040 PtVisible
0x48e044 GetViewportExtEx
0x48e048 SaveDC
0x48e04c RestoreDC
0x48e050 SetBkMode
0x48e054 SetPolyFillMode
0x48e058 SetROP2
0x48e05c SetTextColor
0x48e060 ExtTextOutA
0x48e064 Escape
0x48e068 GetTextMetricsA
0x48e06c SetMapMode
0x48e070 SetViewportOrgEx
0x48e074 OffsetViewportOrgEx
0x48e078 SetViewportExtEx
0x48e07c ScaleViewportExtEx
0x48e080 SetWindowOrgEx
0x48e084 SetWindowExtEx
0x48e088 ScaleWindowExtEx
0x48e08c GetClipBox
0x48e090 ExcludeClipRect
0x48e094 MoveToEx
0x48e098 LineTo
0x48e09c ExtSelectClipRgn
0x48e0a0 BeginPath
0x48e0a4 SetBkColor
0x48e0a8 CreateRectRgnIndirect
0x48e0ac SetStretchBltMode
0x48e0b0 GetClipRgn
0x48e0b4 CreatePolygonRgn
0x48e0b8 SelectClipRgn
0x48e0bc DeleteObject
0x48e0c0 CreateDIBitmap
0x48e0c4 GetSystemPaletteEntries
0x48e0c8 CreatePalette
0x48e0cc StretchBlt
0x48e0d0 SelectPalette
0x48e0d4 RealizePalette
0x48e0d8 GetDIBits
0x48e0dc GetWindowExtEx
0x48e0e0 GetViewportOrgEx
0x48e0e4 GetWindowOrgEx
0x48e0e8 EndPath
0x48e0ec PathToRegion
0x48e0f0 CreateEllipticRgn
0x48e0f4 CreateRoundRectRgn
0x48e0f8 GetTextColor
0x48e0fc GetBkMode
0x48e100 GetBkColor
0x48e104 GetROP2
0x48e108 GetStretchBltMode
0x48e10c GetPolyFillMode
0x48e110 CreateCompatibleBitmap
0x48e114 CreateDCA
0x48e118 CreateBitmap
0x48e11c SelectObject
0x48e120 CreatePen
0x48e124 PatBlt
0x48e128 FillRgn
0x48e12c CreateRectRgn
0x48e130 CombineRgn
0x48e134 CreateSolidBrush
0x48e138 CreateFontIndirectA
0x48e13c GetStockObject
0x48e140 GetObjectA
0x48e144 EndPage
0x48e148 EndDoc
0x48e14c DeleteDC
0x48e150 StartDocA
0x48e154 StartPage
0x48e158 BitBlt
0x48e15c CreateCompatibleDC
0x48e160 Ellipse
0x48e164 Rectangle
0x48e168 LPtoDP
0x48e16c DPtoLP
0x48e170 GetCurrentObject
0x48e174 RoundRect
0x48e178 GetTextExtentPoint32A
0x48e17c GetDeviceCaps
WINSPOOL.DRV
0x48e6c4 OpenPrinterA
0x48e6c8 DocumentPropertiesA
0x48e6cc ClosePrinter
ADVAPI32.dll
0x48e000 RegCloseKey
0x48e004 RegOpenKeyExA
0x48e008 RegSetValueExA
0x48e00c RegQueryValueA
0x48e010 RegCreateKeyExA
SHELL32.dll
0x48e3f8 ShellExecuteA
0x48e3fc Shell_NotifyIconA
ole32.dll
0x48e720 CLSIDFromProgID
0x48e724 OleRun
0x48e728 CoCreateInstance
0x48e72c CLSIDFromString
0x48e730 OleUninitialize
0x48e734 OleInitialize
OLEAUT32.dll
0x48e3a0 SysFreeString
0x48e3a4 UnRegisterTypeLib
0x48e3a8 SysStringLen
0x48e3ac LoadTypeLib
0x48e3b0 LHashValOfNameSys
0x48e3b4 RegisterTypeLib
0x48e3b8 SysAllocString
0x48e3bc VariantInit
0x48e3c0 VariantCopyInd
0x48e3c4 SafeArrayGetElement
0x48e3c8 SafeArrayAccessData
0x48e3cc SafeArrayUnaccessData
0x48e3d0 SafeArrayGetDim
0x48e3d4 SafeArrayGetLBound
0x48e3d8 SafeArrayGetUBound
0x48e3dc VariantChangeType
0x48e3e0 VariantClear
0x48e3e4 VariantCopy
COMCTL32.dll
0x48e018 ImageList_GetIcon
0x48e01c ImageList_GetImageCount
0x48e020 ImageList_SetBkColor
0x48e024 None
0x48e028 ImageList_Destroy
0x48e02c ImageList_Duplicate
0x48e030 ImageList_Read
WININET.dll
0x48e674 InternetCloseHandle
comdlg32.dll
0x48e708 ChooseColorA
0x48e70c ChooseFontA
0x48e710 GetOpenFileNameA
0x48e714 GetSaveFileNameA
0x48e718 GetFileTitleA
EAT(Export Address Table) is none
WINMM.dll
0x48e67c waveOutUnprepareHeader
0x48e680 waveOutPrepareHeader
0x48e684 waveOutWrite
0x48e688 waveOutPause
0x48e68c waveOutReset
0x48e690 waveOutClose
0x48e694 waveOutGetNumDevs
0x48e698 waveOutOpen
0x48e69c midiOutUnprepareHeader
0x48e6a0 midiStreamOpen
0x48e6a4 midiStreamProperty
0x48e6a8 midiOutPrepareHeader
0x48e6ac midiStreamOut
0x48e6b0 midiStreamStop
0x48e6b4 midiOutReset
0x48e6b8 midiStreamClose
0x48e6bc midiStreamRestart
WS2_32.dll
0x48e6d4 accept
0x48e6d8 WSAAsyncSelect
0x48e6dc closesocket
0x48e6e0 getpeername
0x48e6e4 inet_ntoa
0x48e6e8 WSAStartup
0x48e6ec WSACleanup
0x48e6f0 recv
0x48e6f4 ioctlsocket
0x48e6f8 recvfrom
0x48e6fc send
0x48e700 select
RASAPI32.dll
0x48e3ec RasHangUpA
0x48e3f0 RasGetConnectStatusA
KERNEL32.dll
0x48e184 SetLastError
0x48e188 GetTimeZoneInformation
0x48e18c GetVersion
0x48e190 FileTimeToSystemTime
0x48e194 IsBadCodePtr
0x48e198 IsBadReadPtr
0x48e19c CompareStringW
0x48e1a0 CompareStringA
0x48e1a4 GetStringTypeW
0x48e1a8 GetStringTypeA
0x48e1ac SetUnhandledExceptionFilter
0x48e1b0 IsBadWritePtr
0x48e1b4 VirtualAlloc
0x48e1b8 LCMapStringW
0x48e1bc LCMapStringA
0x48e1c0 SetEnvironmentVariableA
0x48e1c4 VirtualFree
0x48e1c8 HeapCreate
0x48e1cc HeapDestroy
0x48e1d0 GetEnvironmentVariableA
0x48e1d4 GetStdHandle
0x48e1d8 SetHandleCount
0x48e1dc GetEnvironmentStringsW
0x48e1e0 GetEnvironmentStrings
0x48e1e4 FreeEnvironmentStringsW
0x48e1e8 FreeEnvironmentStringsA
0x48e1ec UnhandledExceptionFilter
0x48e1f0 GetFileType
0x48e1f4 SetStdHandle
0x48e1f8 GetACP
0x48e1fc HeapSize
0x48e200 RaiseException
0x48e204 GetLocalTime
0x48e208 GetSystemTime
0x48e20c RtlUnwind
0x48e210 GetStartupInfoA
0x48e214 GetOEMCP
0x48e218 GetCPInfo
0x48e21c GetProcessVersion
0x48e220 SetErrorMode
0x48e224 GlobalFlags
0x48e228 GetCurrentThread
0x48e22c GetFileTime
0x48e230 TlsGetValue
0x48e234 LocalReAlloc
0x48e238 TlsSetValue
0x48e23c TlsFree
0x48e240 GlobalHandle
0x48e244 TlsAlloc
0x48e248 LocalAlloc
0x48e24c lstrcmpA
0x48e250 GlobalGetAtomNameA
0x48e254 GlobalAddAtomA
0x48e258 GlobalFindAtomA
0x48e25c GlobalDeleteAtom
0x48e260 lstrcmpiA
0x48e264 SetEndOfFile
0x48e268 UnlockFile
0x48e26c LockFile
0x48e270 FlushFileBuffers
0x48e274 DuplicateHandle
0x48e278 lstrcpynA
0x48e27c FileTimeToLocalFileTime
0x48e280 FormatMessageA
0x48e284 LocalFree
0x48e288 InterlockedDecrement
0x48e28c InterlockedIncrement
0x48e290 CloseHandle
0x48e294 WaitForSingleObject
0x48e298 GetTickCount
0x48e29c GetCommandLineA
0x48e2a0 MulDiv
0x48e2a4 GetProcAddress
0x48e2a8 GetModuleHandleA
0x48e2ac GetVolumeInformationA
0x48e2b0 SetCurrentDirectoryA
0x48e2b4 DeleteFileA
0x48e2b8 GetFileAttributesA
0x48e2bc FindClose
0x48e2c0 FindFirstFileA
0x48e2c4 GlobalUnlock
0x48e2c8 GlobalLock
0x48e2cc GlobalAlloc
0x48e2d0 InterlockedExchange
0x48e2d4 Sleep
0x48e2d8 CreateEventA
0x48e2dc CreateThread
0x48e2e0 GetPrivateProfileStringA
0x48e2e4 WritePrivateProfileStringA
0x48e2e8 GetVersionExA
0x48e2ec lstrlenW
0x48e2f0 lstrlenA
0x48e2f4 LoadLibraryA
0x48e2f8 FreeLibrary
0x48e2fc GetFullPathNameA
0x48e300 GetUserDefaultLCID
0x48e304 TerminateProcess
0x48e308 GetFileSize
0x48e30c SetFilePointer
0x48e310 WideCharToMultiByte
0x48e314 MultiByteToWideChar
0x48e318 GetCurrentProcess
0x48e31c CreateSemaphoreA
0x48e320 ResumeThread
0x48e324 ReleaseSemaphore
0x48e328 EnterCriticalSection
0x48e32c LeaveCriticalSection
0x48e330 GetProfileStringA
0x48e334 WriteFile
0x48e338 ReadFile
0x48e33c GetLastError
0x48e340 WaitForMultipleObjects
0x48e344 CreateFileA
0x48e348 DeviceIoControl
0x48e34c SetEvent
0x48e350 FindResourceA
0x48e354 LoadResource
0x48e358 LockResource
0x48e35c GetModuleFileNameA
0x48e360 GetCurrentThreadId
0x48e364 ExitProcess
0x48e368 GlobalSize
0x48e36c GlobalFree
0x48e370 DeleteCriticalSection
0x48e374 InitializeCriticalSection
0x48e378 lstrcatA
0x48e37c WinExec
0x48e380 lstrcpyA
0x48e384 FindNextFileA
0x48e388 GlobalReAlloc
0x48e38c HeapFree
0x48e390 HeapReAlloc
0x48e394 GetProcessHeap
0x48e398 HeapAlloc
USER32.dll
0x48e404 UnregisterClassA
0x48e408 TranslateAcceleratorA
0x48e40c GetKeyState
0x48e410 EnableMenuItem
0x48e414 GetSubMenu
0x48e418 GetDlgCtrlID
0x48e41c CreateAcceleratorTableA
0x48e420 CreateMenu
0x48e424 ModifyMenuA
0x48e428 AppendMenuA
0x48e42c ClientToScreen
0x48e430 DrawIconEx
0x48e434 CreateIconFromResource
0x48e438 CreateIconFromResourceEx
0x48e43c RegisterClipboardFormatA
0x48e440 SetRectEmpty
0x48e444 DispatchMessageA
0x48e448 GetMessageA
0x48e44c WindowFromPoint
0x48e450 DrawFocusRect
0x48e454 DrawEdge
0x48e458 DrawFrameControl
0x48e45c LoadIconA
0x48e460 EnumDisplaySettingsA
0x48e464 LoadImageA
0x48e468 TranslateMessage
0x48e46c ShowWindow
0x48e470 CreatePopupMenu
0x48e474 SystemParametersInfoA
0x48e478 GetForegroundWindow
0x48e47c GetDesktopWindow
0x48e480 GetClassNameA
0x48e484 GetDlgItem
0x48e488 FindWindowExA
0x48e48c GetWindowTextA
0x48e490 SetWindowTextA
0x48e494 IsWindowEnabled
0x48e498 CopyAcceleratorTableA
0x48e49c PostQuitMessage
0x48e4a0 GetSysColorBrush
0x48e4a4 LoadStringA
0x48e4a8 GetMenuCheckMarkDimensions
0x48e4ac GetMenuState
0x48e4b0 SetMenuItemBitmaps
0x48e4b4 CheckMenuItem
0x48e4b8 MoveWindow
0x48e4bc IsDialogMessageA
0x48e4c0 ScrollWindowEx
0x48e4c4 SendDlgItemMessageA
0x48e4c8 MapWindowPoints
0x48e4cc AdjustWindowRectEx
0x48e4d0 GetScrollPos
0x48e4d4 RegisterClassA
0x48e4d8 GetMenuItemCount
0x48e4dc GetMenuItemID
0x48e4e0 CreateWindowExA
0x48e4e4 IsZoomed
0x48e4e8 GetSystemMenu
0x48e4ec DeleteMenu
0x48e4f0 GetClassInfoA
0x48e4f4 DefWindowProcA
0x48e4f8 GetMenu
0x48e4fc SetMenu
0x48e500 PeekMessageA
0x48e504 IsIconic
0x48e508 SetFocus
0x48e50c GetActiveWindow
0x48e510 GetWindow
0x48e514 DestroyAcceleratorTable
0x48e518 SetWindowRgn
0x48e51c GetMessagePos
0x48e520 ScreenToClient
0x48e524 ChildWindowFromPointEx
0x48e528 CopyRect
0x48e52c LoadBitmapA
0x48e530 WinHelpA
0x48e534 KillTimer
0x48e538 SetTimer
0x48e53c ReleaseCapture
0x48e540 GetCapture
0x48e544 SetCapture
0x48e548 GetScrollRange
0x48e54c SetScrollRange
0x48e550 SetScrollPos
0x48e554 InflateRect
0x48e558 SetRect
0x48e55c IntersectRect
0x48e560 DestroyIcon
0x48e564 PtInRect
0x48e568 OffsetRect
0x48e56c IsWindowVisible
0x48e570 EnableWindow
0x48e574 RedrawWindow
0x48e578 GetWindowLongA
0x48e57c SetWindowLongA
0x48e580 GetSysColor
0x48e584 SetActiveWindow
0x48e588 SetCursorPos
0x48e58c LoadCursorA
0x48e590 SetCursor
0x48e594 GetDC
0x48e598 FillRect
0x48e59c IsRectEmpty
0x48e5a0 ReleaseDC
0x48e5a4 IsChild
0x48e5a8 DestroyMenu
0x48e5ac SetForegroundWindow
0x48e5b0 GetWindowRect
0x48e5b4 EqualRect
0x48e5b8 UpdateWindow
0x48e5bc ValidateRect
0x48e5c0 InvalidateRect
0x48e5c4 GetClientRect
0x48e5c8 GetFocus
0x48e5cc GetParent
0x48e5d0 GetTopWindow
0x48e5d4 PostMessageA
0x48e5d8 IsWindow
0x48e5dc SetParent
0x48e5e0 DestroyCursor
0x48e5e4 SendMessageA
0x48e5e8 SetWindowPos
0x48e5ec MessageBoxA
0x48e5f0 GetCursorPos
0x48e5f4 GetSystemMetrics
0x48e5f8 EmptyClipboard
0x48e5fc SetClipboardData
0x48e600 OpenClipboard
0x48e604 GetClipboardData
0x48e608 CloseClipboard
0x48e60c wsprintfA
0x48e610 GetWindowTextLengthA
0x48e614 CharUpperA
0x48e618 GetWindowDC
0x48e61c BeginPaint
0x48e620 EndPaint
0x48e624 TabbedTextOutA
0x48e628 DrawTextA
0x48e62c GrayStringA
0x48e630 DestroyWindow
0x48e634 CreateDialogIndirectParamA
0x48e638 EndDialog
0x48e63c GetNextDlgTabItem
0x48e640 GetWindowPlacement
0x48e644 RegisterWindowMessageA
0x48e648 GetLastActivePopup
0x48e64c GetMessageTime
0x48e650 RemovePropA
0x48e654 CallWindowProcA
0x48e658 GetPropA
0x48e65c UnhookWindowsHookEx
0x48e660 SetPropA
0x48e664 GetClassLongA
0x48e668 CallNextHookEx
0x48e66c SetWindowsHookExA
GDI32.dll
0x48e038 TextOutA
0x48e03c RectVisible
0x48e040 PtVisible
0x48e044 GetViewportExtEx
0x48e048 SaveDC
0x48e04c RestoreDC
0x48e050 SetBkMode
0x48e054 SetPolyFillMode
0x48e058 SetROP2
0x48e05c SetTextColor
0x48e060 ExtTextOutA
0x48e064 Escape
0x48e068 GetTextMetricsA
0x48e06c SetMapMode
0x48e070 SetViewportOrgEx
0x48e074 OffsetViewportOrgEx
0x48e078 SetViewportExtEx
0x48e07c ScaleViewportExtEx
0x48e080 SetWindowOrgEx
0x48e084 SetWindowExtEx
0x48e088 ScaleWindowExtEx
0x48e08c GetClipBox
0x48e090 ExcludeClipRect
0x48e094 MoveToEx
0x48e098 LineTo
0x48e09c ExtSelectClipRgn
0x48e0a0 BeginPath
0x48e0a4 SetBkColor
0x48e0a8 CreateRectRgnIndirect
0x48e0ac SetStretchBltMode
0x48e0b0 GetClipRgn
0x48e0b4 CreatePolygonRgn
0x48e0b8 SelectClipRgn
0x48e0bc DeleteObject
0x48e0c0 CreateDIBitmap
0x48e0c4 GetSystemPaletteEntries
0x48e0c8 CreatePalette
0x48e0cc StretchBlt
0x48e0d0 SelectPalette
0x48e0d4 RealizePalette
0x48e0d8 GetDIBits
0x48e0dc GetWindowExtEx
0x48e0e0 GetViewportOrgEx
0x48e0e4 GetWindowOrgEx
0x48e0e8 EndPath
0x48e0ec PathToRegion
0x48e0f0 CreateEllipticRgn
0x48e0f4 CreateRoundRectRgn
0x48e0f8 GetTextColor
0x48e0fc GetBkMode
0x48e100 GetBkColor
0x48e104 GetROP2
0x48e108 GetStretchBltMode
0x48e10c GetPolyFillMode
0x48e110 CreateCompatibleBitmap
0x48e114 CreateDCA
0x48e118 CreateBitmap
0x48e11c SelectObject
0x48e120 CreatePen
0x48e124 PatBlt
0x48e128 FillRgn
0x48e12c CreateRectRgn
0x48e130 CombineRgn
0x48e134 CreateSolidBrush
0x48e138 CreateFontIndirectA
0x48e13c GetStockObject
0x48e140 GetObjectA
0x48e144 EndPage
0x48e148 EndDoc
0x48e14c DeleteDC
0x48e150 StartDocA
0x48e154 StartPage
0x48e158 BitBlt
0x48e15c CreateCompatibleDC
0x48e160 Ellipse
0x48e164 Rectangle
0x48e168 LPtoDP
0x48e16c DPtoLP
0x48e170 GetCurrentObject
0x48e174 RoundRect
0x48e178 GetTextExtentPoint32A
0x48e17c GetDeviceCaps
WINSPOOL.DRV
0x48e6c4 OpenPrinterA
0x48e6c8 DocumentPropertiesA
0x48e6cc ClosePrinter
ADVAPI32.dll
0x48e000 RegCloseKey
0x48e004 RegOpenKeyExA
0x48e008 RegSetValueExA
0x48e00c RegQueryValueA
0x48e010 RegCreateKeyExA
SHELL32.dll
0x48e3f8 ShellExecuteA
0x48e3fc Shell_NotifyIconA
ole32.dll
0x48e720 CLSIDFromProgID
0x48e724 OleRun
0x48e728 CoCreateInstance
0x48e72c CLSIDFromString
0x48e730 OleUninitialize
0x48e734 OleInitialize
OLEAUT32.dll
0x48e3a0 SysFreeString
0x48e3a4 UnRegisterTypeLib
0x48e3a8 SysStringLen
0x48e3ac LoadTypeLib
0x48e3b0 LHashValOfNameSys
0x48e3b4 RegisterTypeLib
0x48e3b8 SysAllocString
0x48e3bc VariantInit
0x48e3c0 VariantCopyInd
0x48e3c4 SafeArrayGetElement
0x48e3c8 SafeArrayAccessData
0x48e3cc SafeArrayUnaccessData
0x48e3d0 SafeArrayGetDim
0x48e3d4 SafeArrayGetLBound
0x48e3d8 SafeArrayGetUBound
0x48e3dc VariantChangeType
0x48e3e0 VariantClear
0x48e3e4 VariantCopy
COMCTL32.dll
0x48e018 ImageList_GetIcon
0x48e01c ImageList_GetImageCount
0x48e020 ImageList_SetBkColor
0x48e024 None
0x48e028 ImageList_Destroy
0x48e02c ImageList_Duplicate
0x48e030 ImageList_Read
WININET.dll
0x48e674 InternetCloseHandle
comdlg32.dll
0x48e708 ChooseColorA
0x48e70c ChooseFontA
0x48e710 GetOpenFileNameA
0x48e714 GetSaveFileNameA
0x48e718 GetFileTitleA
EAT(Export Address Table) is none