ScreenShot
| Created | 2021.06.25 09:37 | Machine | s1_win7_x6401 |
| Filename | pcad1.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 38 detected (malicious, high confidence, Barys, Unsafe, KYFW, Attribute, HighConfidence, Doina, R002C0PFI21, ai score=100, ASMalwS, kcloud, Glupteba, BScope, Szvj, susgen, PossibleThreat, ZexaE, Hu0@ay0psgcO, GdSda) | ||
| md5 | c7af1f6747d5c61e97d556dec9aec85c | ||
| sha256 | 8b3a8268efe41220e294e6cad1055c46041d11c59ba37672709401aaefe5ae47 | ||
| ssdeep | 12288:S2vcfzbyNUJO5FNg6QQCnoZeHn12N2+/tr4Kn2Ghn4:SxXyNU4gACosHed/tdn2GR | ||
| imphash | b60386455aa2ccf1911ea96d6e3edcd6 | ||
| impfuzzy | 192:UJyFuRFWO5bsj4EuZkZk/JIW8jU8x6Mq5cncoc5LCOxkgD:zs8O9FkO/Ju7q5aJ2OOx7D | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 38 AntiVirus engines on VirusTotal as malicious |
| watch | Deletes executed files from disk |
| watch | Disables proxy possibly for traffic interception |
| notice | A process created a hidden window |
| notice | An executable file was downloaded by the process pcad1.exe |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | Performs some HTTP requests |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| info | Command line console output was observed |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Antivirus | Contains references to security software | binaries (download) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
ET MALWARE Possible Malicious Macro DL EXE Feb 2016
ET MALWARE Possible Malicious Macro EXE DL AlphaNumL
ET POLICY PE EXE or DLL Windows file download HTTP
ET MALWARE Possible Malicious Macro EXE DL AlphaNumL
ET POLICY PE EXE or DLL Windows file download HTTP
PE API
IAT(Import Address Table) Library
WININET.dll
0x4677e8 InternetCheckConnectionA
0x4677ec DeleteUrlCacheEntry
WTSAPI32.dll
0x467804 WTSEnumerateSessionsA
urlmon.dll
0x46785c URLDownloadToFileA
KERNEL32.dll
0x4671b4 CreateFileA
0x4671b8 GlobalAddAtomA
0x4671bc GlobalFlags
0x4671c0 SetThreadPriority
0x4671c4 ResumeThread
0x4671c8 GetCurrentThreadId
0x4671cc WaitForSingleObject
0x4671d0 SetEvent
0x4671d4 SuspendThread
0x4671d8 CreateEventA
0x4671dc SetErrorMode
0x4671e0 FileTimeToLocalFileTime
0x4671e4 GetFileAttributesExA
0x4671e8 LocalFileTimeToFileTime
0x4671ec SetFileTime
0x4671f0 SetFileAttributesA
0x4671f4 GetFileAttributesA
0x4671f8 GetFileSizeEx
0x4671fc GetFileTime
0x467200 InterlockedExchange
0x467204 GetLocaleInfoA
0x467208 EnumResourceLanguagesA
0x46720c ConvertDefaultLocale
0x467210 GetCurrentThread
0x467214 GlobalDeleteAtom
0x467218 GetVersionExA
0x46721c lstrcmpW
0x467220 GlobalFindAtomA
0x467224 FreeResource
0x467228 GetPrivateProfileIntA
0x46722c GetShortPathNameA
0x467230 GetPrivateProfileStringA
0x467234 GetCurrentDirectoryA
0x467238 GetCPInfo
0x46723c GetOEMCP
0x467240 GetSystemTimeAsFileTime
0x467244 ExitProcess
0x467248 RtlUnwind
0x46724c GetCommandLineA
0x467250 GetStartupInfoA
0x467254 HeapAlloc
0x467258 HeapFree
0x46725c RaiseException
0x467260 VirtualProtect
0x467264 VirtualAlloc
0x467268 VirtualQuery
0x46726c HeapReAlloc
0x467270 HeapSize
0x467274 ExitThread
0x467278 CreateThread
0x46727c UnhandledExceptionFilter
0x467280 SetUnhandledExceptionFilter
0x467284 IsDebuggerPresent
0x467288 GetConsoleCP
0x46728c GetConsoleMode
0x467290 GetStdHandle
0x467294 FatalAppExitA
0x467298 SetConsoleCtrlHandler
0x46729c InitializeCriticalSectionAndSpinCount
0x4672a0 FreeEnvironmentStringsA
0x4672a4 GetEnvironmentStrings
0x4672a8 FreeEnvironmentStringsW
0x4672ac GetEnvironmentStringsW
0x4672b0 SetHandleCount
0x4672b4 GetFileType
0x4672b8 HeapCreate
0x4672bc HeapDestroy
0x4672c0 VirtualFree
0x4672c4 QueryPerformanceCounter
0x4672c8 GetTickCount
0x4672cc GetACP
0x4672d0 IsValidCodePage
0x4672d4 GetTimeZoneInformation
0x4672d8 SetStdHandle
0x4672dc WriteConsoleA
0x4672e0 GetConsoleOutputCP
0x4672e4 WriteConsoleW
0x4672e8 GetLocaleInfoW
0x4672ec LCMapStringA
0x4672f0 LCMapStringW
0x4672f4 GetStringTypeA
0x4672f8 GetStringTypeW
0x4672fc GetTimeFormatA
0x467300 GetDateFormatA
0x467304 GetUserDefaultLCID
0x467308 EnumSystemLocalesA
0x46730c IsValidLocale
0x467310 GetProcessHeap
0x467314 CompareStringW
0x467318 SetEnvironmentVariableA
0x46731c GetFullPathNameA
0x467320 GetVolumeInformationA
0x467324 DuplicateHandle
0x467328 GetFileSize
0x46732c SetEndOfFile
0x467330 UnlockFile
0x467334 LockFile
0x467338 FlushFileBuffers
0x46733c SetFilePointer
0x467340 WriteFile
0x467344 ReadFile
0x467348 LoadLibraryA
0x46734c lstrcmpiA
0x467350 GetStringTypeExA
0x467354 DeleteFileA
0x467358 MoveFileA
0x46735c SystemTimeToFileTime
0x467360 FileTimeToSystemTime
0x467364 GetThreadLocale
0x467368 lstrcmpA
0x46736c GetAtomNameA
0x467370 GlobalGetAtomNameA
0x467374 TlsFree
0x467378 DeleteCriticalSection
0x46737c LocalReAlloc
0x467380 TlsSetValue
0x467384 TlsAlloc
0x467388 InitializeCriticalSection
0x46738c GlobalHandle
0x467390 GlobalReAlloc
0x467394 EnterCriticalSection
0x467398 TlsGetValue
0x46739c LeaveCriticalSection
0x4673a0 LocalAlloc
0x4673a4 GetCurrentProcessId
0x4673a8 FreeLibrary
0x4673ac InterlockedDecrement
0x4673b0 InterlockedIncrement
0x4673b4 GetModuleFileNameW
0x4673b8 GetModuleHandleW
0x4673bc CompareStringA
0x4673c0 SetLastError
0x4673c4 GlobalFree
0x4673c8 CopyFileA
0x4673cc GlobalSize
0x4673d0 GlobalAlloc
0x4673d4 GlobalLock
0x4673d8 GlobalUnlock
0x4673dc FormatMessageA
0x4673e0 LocalFree
0x4673e4 lstrlenW
0x4673e8 MultiByteToWideChar
0x4673ec MulDiv
0x4673f0 WideCharToMultiByte
0x4673f4 LoadResource
0x4673f8 LockResource
0x4673fc SizeofResource
0x467400 FindResourceA
0x467404 GetLastError
0x467408 GetCurrentProcess
0x46740c CreateProcessA
0x467410 GetExitCodeProcess
0x467414 GetModuleHandleA
0x467418 GetProcAddress
0x46741c GetSystemInfo
0x467420 CreateToolhelp32Snapshot
0x467424 Process32First
0x467428 OpenProcess
0x46742c TerminateProcess
0x467430 Process32Next
0x467434 CloseHandle
0x467438 FindFirstFileA
0x46743c lstrlenA
0x467440 FindNextFileA
0x467444 FindClose
0x467448 Sleep
0x46744c GetWindowsDirectoryA
0x467450 GetModuleFileNameA
0x467454 WritePrivateProfileStringA
USER32.dll
0x467544 GetMenuItemInfoA
0x467548 DestroyMenu
0x46754c GetDialogBaseUnits
0x467550 SetRectEmpty
0x467554 InvalidateRect
0x467558 TranslateAcceleratorA
0x46755c BringWindowToTop
0x467560 CreatePopupMenu
0x467564 InsertMenuItemA
0x467568 LoadAcceleratorsA
0x46756c ReleaseCapture
0x467570 GetMenuBarInfo
0x467574 LoadMenuA
0x467578 ReuseDDElParam
0x46757c UnpackDDElParam
0x467580 SetRect
0x467584 SetTimer
0x467588 KillTimer
0x46758c WindowFromPoint
0x467590 GetKeyNameTextA
0x467594 MapVirtualKeyA
0x467598 IsRectEmpty
0x46759c GetSystemMenu
0x4675a0 SetParent
0x4675a4 UnionRect
0x4675a8 GetDCEx
0x4675ac LockWindowUpdate
0x4675b0 SetCapture
0x4675b4 TabbedTextOutA
0x4675b8 FillRect
0x4675bc RegisterWindowMessageA
0x4675c0 LoadIconA
0x4675c4 WinHelpA
0x4675c8 IsChild
0x4675cc GetCapture
0x4675d0 GetClassLongA
0x4675d4 SetPropA
0x4675d8 GetPropA
0x4675dc RemovePropA
0x4675e0 GetForegroundWindow
0x4675e4 SetActiveWindow
0x4675e8 BeginDeferWindowPos
0x4675ec EndDeferWindowPos
0x4675f0 GetTopWindow
0x4675f4 DestroyWindow
0x4675f8 GetMessageTime
0x4675fc GetMessagePos
0x467600 MapWindowPoints
0x467604 ScrollWindow
0x467608 TrackPopupMenuEx
0x46760c TrackPopupMenu
0x467610 SetMenu
0x467614 SetScrollRange
0x467618 GetScrollRange
0x46761c ShowScrollBar
0x467620 UpdateWindow
0x467624 GetClientRect
0x467628 CreateWindowExA
0x46762c GetClassInfoExA
0x467630 GetClassInfoA
0x467634 RegisterClassA
0x467638 AdjustWindowRectEx
0x46763c ScreenToClient
0x467640 EqualRect
0x467644 DeferWindowPos
0x467648 GetScrollInfo
0x46764c SetScrollInfo
0x467650 SetWindowPlacement
0x467654 CopyRect
0x467658 DefWindowProcA
0x46765c CallWindowProcA
0x467660 GetMenu
0x467664 OffsetRect
0x467668 IntersectRect
0x46766c SystemParametersInfoA
0x467670 EndPaint
0x467674 SetMenuItemBitmaps
0x467678 InflateRect
0x46767c LoadBitmapA
0x467680 ModifyMenuA
0x467684 EnableMenuItem
0x467688 CheckMenuItem
0x46768c PostQuitMessage
0x467690 SetForegroundWindow
0x467694 IsIconic
0x467698 PostMessageA
0x46769c SetWindowPos
0x4676a0 ScrollWindowEx
0x4676a4 ShowWindow
0x4676a8 MoveWindow
0x4676ac SetWindowLongA
0x4676b0 IsWindow
0x4676b4 IsDialogMessageA
0x4676b8 IsDlgButtonChecked
0x4676bc SetDlgItemTextA
0x4676c0 SetDlgItemInt
0x4676c4 SendDlgItemMessageA
0x4676c8 GetDlgItemTextA
0x4676cc GetDlgItem
0x4676d0 CheckRadioButton
0x4676d4 CheckDlgButton
0x4676d8 GetScrollPos
0x4676dc SetScrollPos
0x4676e0 SetFocus
0x4676e4 SetWindowsHookExA
0x4676e8 CallNextHookEx
0x4676ec GetMessageA
0x4676f0 TranslateMessage
0x4676f4 DispatchMessageA
0x4676f8 GetActiveWindow
0x4676fc IsWindowVisible
0x467700 GetKeyState
0x467704 PeekMessageA
0x467708 GetCursorPos
0x46770c ValidateRect
0x467710 UnregisterClassA
0x467714 GetFocus
0x467718 GetDesktopWindow
0x46771c ClientToScreen
0x467720 GetWindow
0x467724 GetDlgCtrlID
0x467728 GetWindowRect
0x46772c GetClassNameA
0x467730 PtInRect
0x467734 SetWindowTextA
0x467738 CharUpperA
0x46773c DestroyIcon
0x467740 GetWindowTextLengthA
0x467744 GetWindowTextA
0x467748 GetWindowThreadProcessId
0x46774c SendMessageA
0x467750 GetParent
0x467754 GetWindowLongA
0x467758 GetLastActivePopup
0x46775c IsWindowEnabled
0x467760 BeginPaint
0x467764 GetWindowDC
0x467768 GrayStringA
0x46776c DrawTextExA
0x467770 EnableWindow
0x467774 MessageBoxA
0x467778 UnhookWindowsHookEx
0x46777c LoadCursorA
0x467780 GetSystemMetrics
0x467784 GetDC
0x467788 ReleaseDC
0x46778c GetSysColor
0x467790 GetSysColorBrush
0x467794 GetMenuState
0x467798 GetMenuStringA
0x46779c AppendMenuA
0x4677a0 GetMenuItemID
0x4677a4 InsertMenuA
0x4677a8 GetMenuItemCount
0x4677ac GetSubMenu
0x4677b0 RemoveMenu
0x4677b4 DeleteMenu
0x4677b8 ShowOwnedPopups
0x4677bc SetCursor
0x4677c0 CreateDialogIndirectParamA
0x4677c4 GetNextDlgTabItem
0x4677c8 GetMenuCheckMarkDimensions
0x4677cc EndDialog
0x4677d0 GetWindowPlacement
0x4677d4 DrawTextA
0x4677d8 wsprintfA
0x4677dc WaitForInputIdle
0x4677e0 GetDlgItemInt
ADVAPI32.dll
0x467000 RegQueryValueExA
0x467004 RegSetValueExA
0x467008 RegEnumKeyA
0x46700c RegDeleteKeyA
0x467010 RegQueryValueA
0x467014 RegOpenKeyExA
0x467018 RegOpenKeyA
0x46701c RegCreateKeyA
0x467020 RegCreateKeyExA
0x467024 RegSetValueA
0x467028 RegCloseKey
0x46702c RegDeleteValueA
0x467030 AllocateAndInitializeSid
0x467034 CheckTokenMembership
0x467038 FreeSid
0x46703c OpenProcessToken
0x467040 GetTokenInformation
SHELL32.dll
0x467510 ShellExecuteA
0x467514 DragQueryFileA
0x467518 DragFinish
0x46751c SHGetFileInfoA
0x467520 ExtractIconA
SHLWAPI.dll
0x467528 PathStripToRootA
0x46752c PathRemoveExtensionA
0x467530 PathFindFileNameA
0x467534 PathFindExtensionA
0x467538 PathRemoveFileSpecW
0x46753c PathIsUNCA
OLEACC.dll
0x46745c AccessibleObjectFromWindow
0x467460 LresultFromObject
0x467464 CreateStdAccessibleObject
GDI32.dll
0x467050 ExtSelectClipRgn
0x467054 DeleteDC
0x467058 CreateDIBPatternBrushPt
0x46705c CreatePatternBrush
0x467060 CreateCompatibleDC
0x467064 GetStockObject
0x467068 SelectPalette
0x46706c PlayMetaFileRecord
0x467070 GetObjectType
0x467074 EnumMetaFile
0x467078 PlayMetaFile
0x46707c Escape
0x467080 CreatePen
0x467084 SetTextColor
0x467088 SetBkColor
0x46708c GetObjectA
0x467090 PolyDraw
0x467094 ArcTo
0x467098 GetCurrentPositionEx
0x46709c ScaleWindowExtEx
0x4670a0 SetWindowExtEx
0x4670a4 OffsetWindowOrgEx
0x4670a8 SaveDC
0x4670ac RestoreDC
0x4670b0 SetBkMode
0x4670b4 SetWindowOrgEx
0x4670b8 SetROP2
0x4670bc SetStretchBltMode
0x4670c0 PolyBezierTo
0x4670c4 SetWorldTransform
0x4670c8 ModifyWorldTransform
0x4670cc SetMapMode
0x4670d0 ExcludeClipRect
0x4670d4 IntersectClipRect
0x4670d8 OffsetClipRgn
0x4670dc ExtCreatePen
0x4670e0 CreateSolidBrush
0x4670e4 CreateHatchBrush
0x4670e8 CreateFontIndirectA
0x4670ec GetTextExtentPoint32A
0x4670f0 CreateRectRgnIndirect
0x4670f4 SetRectRgn
0x4670f8 CombineRgn
0x4670fc GetMapMode
0x467100 PatBlt
0x467104 DPtoLP
0x467108 GetTextMetricsA
0x46710c GetCharWidthA
0x467110 CreateFontA
0x467114 StretchDIBits
0x467118 CreateCompatibleBitmap
0x46711c GetBkColor
0x467120 ExtTextOutA
0x467124 TextOutA
0x467128 RectVisible
0x46712c PtVisible
0x467130 SetGraphicsMode
0x467134 PolylineTo
0x467138 ScaleViewportExtEx
0x46713c SetViewportExtEx
0x467140 OffsetViewportOrgEx
0x467144 SetViewportOrgEx
0x467148 GetClipBox
0x46714c GetDCOrgEx
0x467150 CreateBitmap
0x467154 DeleteObject
0x467158 CreateDCA
0x46715c CopyMetaFileA
0x467160 SetPolyFillMode
0x467164 GetDeviceCaps
0x467168 StartDocA
0x46716c GetPixel
0x467170 BitBlt
0x467174 GetWindowExtEx
0x467178 GetViewportExtEx
0x46717c SelectClipPath
0x467180 CreateRectRgn
0x467184 GetClipRgn
0x467188 SelectClipRgn
0x46718c SetColorAdjustment
0x467190 SetArcDirection
0x467194 SetMapperFlags
0x467198 SetTextCharacterExtra
0x46719c SetTextJustification
0x4671a0 SetTextAlign
0x4671a4 MoveToEx
0x4671a8 LineTo
0x4671ac SelectObject
WINSPOOL.DRV
0x4677f4 ClosePrinter
0x4677f8 DocumentPropertiesA
0x4677fc OpenPrinterA
COMDLG32.dll
0x467048 GetFileTitleA
ole32.dll
0x46780c ReleaseStgMedium
0x467810 CreateBindCtx
0x467814 CoTreatAsClass
0x467818 StringFromCLSID
0x46781c ReadClassStg
0x467820 CoTaskMemAlloc
0x467824 OleRegGetUserType
0x467828 WriteClassStg
0x46782c WriteFmtUserTypeStg
0x467830 SetConvertStg
0x467834 CoTaskMemFree
0x467838 OleDuplicateData
0x46783c StringFromGUID2
0x467840 CoDisconnectObject
0x467844 CoCreateInstance
0x467848 CLSIDFromString
0x46784c CoUninitialize
0x467850 CoInitializeEx
0x467854 ReadFmtUserTypeStg
OLEAUT32.dll
0x46746c VariantTimeToSystemTime
0x467470 SysAllocStringLen
0x467474 SafeArrayDestroyDescriptor
0x467478 SafeArrayDestroyData
0x46747c SafeArrayDestroy
0x467480 SafeArrayUnlock
0x467484 SafeArrayLock
0x467488 SafeArrayPutElement
0x46748c SafeArrayPtrOfIndex
0x467490 SystemTimeToVariantTime
0x467494 SafeArrayCopy
0x467498 SafeArrayAllocDescriptor
0x46749c SafeArrayAllocData
0x4674a0 VariantCopy
0x4674a4 VariantChangeType
0x4674a8 SafeArrayRedim
0x4674ac VariantClear
0x4674b0 SafeArrayCreate
0x4674b4 SafeArrayGetUBound
0x4674b8 SysReAllocStringLen
0x4674bc VarDateFromStr
0x4674c0 SafeArrayGetElement
0x4674c4 SafeArrayGetDim
0x4674c8 SafeArrayGetElemsize
0x4674cc SafeArrayGetLBound
0x4674d0 SysStringLen
0x4674d4 SysFreeString
0x4674d8 SysAllocStringByteLen
0x4674dc SysStringByteLen
0x4674e0 RegisterTypeLib
0x4674e4 LoadTypeLib
0x4674e8 LoadRegTypeLib
0x4674ec SafeArrayUnaccessData
0x4674f0 SafeArrayAccessData
0x4674f4 VarBstrFromCy
0x4674f8 VarBstrFromDec
0x4674fc VarDecFromStr
0x467500 VarCyFromStr
0x467504 VarBstrFromDate
0x467508 VariantInit
EAT(Export Address Table) is none
WININET.dll
0x4677e8 InternetCheckConnectionA
0x4677ec DeleteUrlCacheEntry
WTSAPI32.dll
0x467804 WTSEnumerateSessionsA
urlmon.dll
0x46785c URLDownloadToFileA
KERNEL32.dll
0x4671b4 CreateFileA
0x4671b8 GlobalAddAtomA
0x4671bc GlobalFlags
0x4671c0 SetThreadPriority
0x4671c4 ResumeThread
0x4671c8 GetCurrentThreadId
0x4671cc WaitForSingleObject
0x4671d0 SetEvent
0x4671d4 SuspendThread
0x4671d8 CreateEventA
0x4671dc SetErrorMode
0x4671e0 FileTimeToLocalFileTime
0x4671e4 GetFileAttributesExA
0x4671e8 LocalFileTimeToFileTime
0x4671ec SetFileTime
0x4671f0 SetFileAttributesA
0x4671f4 GetFileAttributesA
0x4671f8 GetFileSizeEx
0x4671fc GetFileTime
0x467200 InterlockedExchange
0x467204 GetLocaleInfoA
0x467208 EnumResourceLanguagesA
0x46720c ConvertDefaultLocale
0x467210 GetCurrentThread
0x467214 GlobalDeleteAtom
0x467218 GetVersionExA
0x46721c lstrcmpW
0x467220 GlobalFindAtomA
0x467224 FreeResource
0x467228 GetPrivateProfileIntA
0x46722c GetShortPathNameA
0x467230 GetPrivateProfileStringA
0x467234 GetCurrentDirectoryA
0x467238 GetCPInfo
0x46723c GetOEMCP
0x467240 GetSystemTimeAsFileTime
0x467244 ExitProcess
0x467248 RtlUnwind
0x46724c GetCommandLineA
0x467250 GetStartupInfoA
0x467254 HeapAlloc
0x467258 HeapFree
0x46725c RaiseException
0x467260 VirtualProtect
0x467264 VirtualAlloc
0x467268 VirtualQuery
0x46726c HeapReAlloc
0x467270 HeapSize
0x467274 ExitThread
0x467278 CreateThread
0x46727c UnhandledExceptionFilter
0x467280 SetUnhandledExceptionFilter
0x467284 IsDebuggerPresent
0x467288 GetConsoleCP
0x46728c GetConsoleMode
0x467290 GetStdHandle
0x467294 FatalAppExitA
0x467298 SetConsoleCtrlHandler
0x46729c InitializeCriticalSectionAndSpinCount
0x4672a0 FreeEnvironmentStringsA
0x4672a4 GetEnvironmentStrings
0x4672a8 FreeEnvironmentStringsW
0x4672ac GetEnvironmentStringsW
0x4672b0 SetHandleCount
0x4672b4 GetFileType
0x4672b8 HeapCreate
0x4672bc HeapDestroy
0x4672c0 VirtualFree
0x4672c4 QueryPerformanceCounter
0x4672c8 GetTickCount
0x4672cc GetACP
0x4672d0 IsValidCodePage
0x4672d4 GetTimeZoneInformation
0x4672d8 SetStdHandle
0x4672dc WriteConsoleA
0x4672e0 GetConsoleOutputCP
0x4672e4 WriteConsoleW
0x4672e8 GetLocaleInfoW
0x4672ec LCMapStringA
0x4672f0 LCMapStringW
0x4672f4 GetStringTypeA
0x4672f8 GetStringTypeW
0x4672fc GetTimeFormatA
0x467300 GetDateFormatA
0x467304 GetUserDefaultLCID
0x467308 EnumSystemLocalesA
0x46730c IsValidLocale
0x467310 GetProcessHeap
0x467314 CompareStringW
0x467318 SetEnvironmentVariableA
0x46731c GetFullPathNameA
0x467320 GetVolumeInformationA
0x467324 DuplicateHandle
0x467328 GetFileSize
0x46732c SetEndOfFile
0x467330 UnlockFile
0x467334 LockFile
0x467338 FlushFileBuffers
0x46733c SetFilePointer
0x467340 WriteFile
0x467344 ReadFile
0x467348 LoadLibraryA
0x46734c lstrcmpiA
0x467350 GetStringTypeExA
0x467354 DeleteFileA
0x467358 MoveFileA
0x46735c SystemTimeToFileTime
0x467360 FileTimeToSystemTime
0x467364 GetThreadLocale
0x467368 lstrcmpA
0x46736c GetAtomNameA
0x467370 GlobalGetAtomNameA
0x467374 TlsFree
0x467378 DeleteCriticalSection
0x46737c LocalReAlloc
0x467380 TlsSetValue
0x467384 TlsAlloc
0x467388 InitializeCriticalSection
0x46738c GlobalHandle
0x467390 GlobalReAlloc
0x467394 EnterCriticalSection
0x467398 TlsGetValue
0x46739c LeaveCriticalSection
0x4673a0 LocalAlloc
0x4673a4 GetCurrentProcessId
0x4673a8 FreeLibrary
0x4673ac InterlockedDecrement
0x4673b0 InterlockedIncrement
0x4673b4 GetModuleFileNameW
0x4673b8 GetModuleHandleW
0x4673bc CompareStringA
0x4673c0 SetLastError
0x4673c4 GlobalFree
0x4673c8 CopyFileA
0x4673cc GlobalSize
0x4673d0 GlobalAlloc
0x4673d4 GlobalLock
0x4673d8 GlobalUnlock
0x4673dc FormatMessageA
0x4673e0 LocalFree
0x4673e4 lstrlenW
0x4673e8 MultiByteToWideChar
0x4673ec MulDiv
0x4673f0 WideCharToMultiByte
0x4673f4 LoadResource
0x4673f8 LockResource
0x4673fc SizeofResource
0x467400 FindResourceA
0x467404 GetLastError
0x467408 GetCurrentProcess
0x46740c CreateProcessA
0x467410 GetExitCodeProcess
0x467414 GetModuleHandleA
0x467418 GetProcAddress
0x46741c GetSystemInfo
0x467420 CreateToolhelp32Snapshot
0x467424 Process32First
0x467428 OpenProcess
0x46742c TerminateProcess
0x467430 Process32Next
0x467434 CloseHandle
0x467438 FindFirstFileA
0x46743c lstrlenA
0x467440 FindNextFileA
0x467444 FindClose
0x467448 Sleep
0x46744c GetWindowsDirectoryA
0x467450 GetModuleFileNameA
0x467454 WritePrivateProfileStringA
USER32.dll
0x467544 GetMenuItemInfoA
0x467548 DestroyMenu
0x46754c GetDialogBaseUnits
0x467550 SetRectEmpty
0x467554 InvalidateRect
0x467558 TranslateAcceleratorA
0x46755c BringWindowToTop
0x467560 CreatePopupMenu
0x467564 InsertMenuItemA
0x467568 LoadAcceleratorsA
0x46756c ReleaseCapture
0x467570 GetMenuBarInfo
0x467574 LoadMenuA
0x467578 ReuseDDElParam
0x46757c UnpackDDElParam
0x467580 SetRect
0x467584 SetTimer
0x467588 KillTimer
0x46758c WindowFromPoint
0x467590 GetKeyNameTextA
0x467594 MapVirtualKeyA
0x467598 IsRectEmpty
0x46759c GetSystemMenu
0x4675a0 SetParent
0x4675a4 UnionRect
0x4675a8 GetDCEx
0x4675ac LockWindowUpdate
0x4675b0 SetCapture
0x4675b4 TabbedTextOutA
0x4675b8 FillRect
0x4675bc RegisterWindowMessageA
0x4675c0 LoadIconA
0x4675c4 WinHelpA
0x4675c8 IsChild
0x4675cc GetCapture
0x4675d0 GetClassLongA
0x4675d4 SetPropA
0x4675d8 GetPropA
0x4675dc RemovePropA
0x4675e0 GetForegroundWindow
0x4675e4 SetActiveWindow
0x4675e8 BeginDeferWindowPos
0x4675ec EndDeferWindowPos
0x4675f0 GetTopWindow
0x4675f4 DestroyWindow
0x4675f8 GetMessageTime
0x4675fc GetMessagePos
0x467600 MapWindowPoints
0x467604 ScrollWindow
0x467608 TrackPopupMenuEx
0x46760c TrackPopupMenu
0x467610 SetMenu
0x467614 SetScrollRange
0x467618 GetScrollRange
0x46761c ShowScrollBar
0x467620 UpdateWindow
0x467624 GetClientRect
0x467628 CreateWindowExA
0x46762c GetClassInfoExA
0x467630 GetClassInfoA
0x467634 RegisterClassA
0x467638 AdjustWindowRectEx
0x46763c ScreenToClient
0x467640 EqualRect
0x467644 DeferWindowPos
0x467648 GetScrollInfo
0x46764c SetScrollInfo
0x467650 SetWindowPlacement
0x467654 CopyRect
0x467658 DefWindowProcA
0x46765c CallWindowProcA
0x467660 GetMenu
0x467664 OffsetRect
0x467668 IntersectRect
0x46766c SystemParametersInfoA
0x467670 EndPaint
0x467674 SetMenuItemBitmaps
0x467678 InflateRect
0x46767c LoadBitmapA
0x467680 ModifyMenuA
0x467684 EnableMenuItem
0x467688 CheckMenuItem
0x46768c PostQuitMessage
0x467690 SetForegroundWindow
0x467694 IsIconic
0x467698 PostMessageA
0x46769c SetWindowPos
0x4676a0 ScrollWindowEx
0x4676a4 ShowWindow
0x4676a8 MoveWindow
0x4676ac SetWindowLongA
0x4676b0 IsWindow
0x4676b4 IsDialogMessageA
0x4676b8 IsDlgButtonChecked
0x4676bc SetDlgItemTextA
0x4676c0 SetDlgItemInt
0x4676c4 SendDlgItemMessageA
0x4676c8 GetDlgItemTextA
0x4676cc GetDlgItem
0x4676d0 CheckRadioButton
0x4676d4 CheckDlgButton
0x4676d8 GetScrollPos
0x4676dc SetScrollPos
0x4676e0 SetFocus
0x4676e4 SetWindowsHookExA
0x4676e8 CallNextHookEx
0x4676ec GetMessageA
0x4676f0 TranslateMessage
0x4676f4 DispatchMessageA
0x4676f8 GetActiveWindow
0x4676fc IsWindowVisible
0x467700 GetKeyState
0x467704 PeekMessageA
0x467708 GetCursorPos
0x46770c ValidateRect
0x467710 UnregisterClassA
0x467714 GetFocus
0x467718 GetDesktopWindow
0x46771c ClientToScreen
0x467720 GetWindow
0x467724 GetDlgCtrlID
0x467728 GetWindowRect
0x46772c GetClassNameA
0x467730 PtInRect
0x467734 SetWindowTextA
0x467738 CharUpperA
0x46773c DestroyIcon
0x467740 GetWindowTextLengthA
0x467744 GetWindowTextA
0x467748 GetWindowThreadProcessId
0x46774c SendMessageA
0x467750 GetParent
0x467754 GetWindowLongA
0x467758 GetLastActivePopup
0x46775c IsWindowEnabled
0x467760 BeginPaint
0x467764 GetWindowDC
0x467768 GrayStringA
0x46776c DrawTextExA
0x467770 EnableWindow
0x467774 MessageBoxA
0x467778 UnhookWindowsHookEx
0x46777c LoadCursorA
0x467780 GetSystemMetrics
0x467784 GetDC
0x467788 ReleaseDC
0x46778c GetSysColor
0x467790 GetSysColorBrush
0x467794 GetMenuState
0x467798 GetMenuStringA
0x46779c AppendMenuA
0x4677a0 GetMenuItemID
0x4677a4 InsertMenuA
0x4677a8 GetMenuItemCount
0x4677ac GetSubMenu
0x4677b0 RemoveMenu
0x4677b4 DeleteMenu
0x4677b8 ShowOwnedPopups
0x4677bc SetCursor
0x4677c0 CreateDialogIndirectParamA
0x4677c4 GetNextDlgTabItem
0x4677c8 GetMenuCheckMarkDimensions
0x4677cc EndDialog
0x4677d0 GetWindowPlacement
0x4677d4 DrawTextA
0x4677d8 wsprintfA
0x4677dc WaitForInputIdle
0x4677e0 GetDlgItemInt
ADVAPI32.dll
0x467000 RegQueryValueExA
0x467004 RegSetValueExA
0x467008 RegEnumKeyA
0x46700c RegDeleteKeyA
0x467010 RegQueryValueA
0x467014 RegOpenKeyExA
0x467018 RegOpenKeyA
0x46701c RegCreateKeyA
0x467020 RegCreateKeyExA
0x467024 RegSetValueA
0x467028 RegCloseKey
0x46702c RegDeleteValueA
0x467030 AllocateAndInitializeSid
0x467034 CheckTokenMembership
0x467038 FreeSid
0x46703c OpenProcessToken
0x467040 GetTokenInformation
SHELL32.dll
0x467510 ShellExecuteA
0x467514 DragQueryFileA
0x467518 DragFinish
0x46751c SHGetFileInfoA
0x467520 ExtractIconA
SHLWAPI.dll
0x467528 PathStripToRootA
0x46752c PathRemoveExtensionA
0x467530 PathFindFileNameA
0x467534 PathFindExtensionA
0x467538 PathRemoveFileSpecW
0x46753c PathIsUNCA
OLEACC.dll
0x46745c AccessibleObjectFromWindow
0x467460 LresultFromObject
0x467464 CreateStdAccessibleObject
GDI32.dll
0x467050 ExtSelectClipRgn
0x467054 DeleteDC
0x467058 CreateDIBPatternBrushPt
0x46705c CreatePatternBrush
0x467060 CreateCompatibleDC
0x467064 GetStockObject
0x467068 SelectPalette
0x46706c PlayMetaFileRecord
0x467070 GetObjectType
0x467074 EnumMetaFile
0x467078 PlayMetaFile
0x46707c Escape
0x467080 CreatePen
0x467084 SetTextColor
0x467088 SetBkColor
0x46708c GetObjectA
0x467090 PolyDraw
0x467094 ArcTo
0x467098 GetCurrentPositionEx
0x46709c ScaleWindowExtEx
0x4670a0 SetWindowExtEx
0x4670a4 OffsetWindowOrgEx
0x4670a8 SaveDC
0x4670ac RestoreDC
0x4670b0 SetBkMode
0x4670b4 SetWindowOrgEx
0x4670b8 SetROP2
0x4670bc SetStretchBltMode
0x4670c0 PolyBezierTo
0x4670c4 SetWorldTransform
0x4670c8 ModifyWorldTransform
0x4670cc SetMapMode
0x4670d0 ExcludeClipRect
0x4670d4 IntersectClipRect
0x4670d8 OffsetClipRgn
0x4670dc ExtCreatePen
0x4670e0 CreateSolidBrush
0x4670e4 CreateHatchBrush
0x4670e8 CreateFontIndirectA
0x4670ec GetTextExtentPoint32A
0x4670f0 CreateRectRgnIndirect
0x4670f4 SetRectRgn
0x4670f8 CombineRgn
0x4670fc GetMapMode
0x467100 PatBlt
0x467104 DPtoLP
0x467108 GetTextMetricsA
0x46710c GetCharWidthA
0x467110 CreateFontA
0x467114 StretchDIBits
0x467118 CreateCompatibleBitmap
0x46711c GetBkColor
0x467120 ExtTextOutA
0x467124 TextOutA
0x467128 RectVisible
0x46712c PtVisible
0x467130 SetGraphicsMode
0x467134 PolylineTo
0x467138 ScaleViewportExtEx
0x46713c SetViewportExtEx
0x467140 OffsetViewportOrgEx
0x467144 SetViewportOrgEx
0x467148 GetClipBox
0x46714c GetDCOrgEx
0x467150 CreateBitmap
0x467154 DeleteObject
0x467158 CreateDCA
0x46715c CopyMetaFileA
0x467160 SetPolyFillMode
0x467164 GetDeviceCaps
0x467168 StartDocA
0x46716c GetPixel
0x467170 BitBlt
0x467174 GetWindowExtEx
0x467178 GetViewportExtEx
0x46717c SelectClipPath
0x467180 CreateRectRgn
0x467184 GetClipRgn
0x467188 SelectClipRgn
0x46718c SetColorAdjustment
0x467190 SetArcDirection
0x467194 SetMapperFlags
0x467198 SetTextCharacterExtra
0x46719c SetTextJustification
0x4671a0 SetTextAlign
0x4671a4 MoveToEx
0x4671a8 LineTo
0x4671ac SelectObject
WINSPOOL.DRV
0x4677f4 ClosePrinter
0x4677f8 DocumentPropertiesA
0x4677fc OpenPrinterA
COMDLG32.dll
0x467048 GetFileTitleA
ole32.dll
0x46780c ReleaseStgMedium
0x467810 CreateBindCtx
0x467814 CoTreatAsClass
0x467818 StringFromCLSID
0x46781c ReadClassStg
0x467820 CoTaskMemAlloc
0x467824 OleRegGetUserType
0x467828 WriteClassStg
0x46782c WriteFmtUserTypeStg
0x467830 SetConvertStg
0x467834 CoTaskMemFree
0x467838 OleDuplicateData
0x46783c StringFromGUID2
0x467840 CoDisconnectObject
0x467844 CoCreateInstance
0x467848 CLSIDFromString
0x46784c CoUninitialize
0x467850 CoInitializeEx
0x467854 ReadFmtUserTypeStg
OLEAUT32.dll
0x46746c VariantTimeToSystemTime
0x467470 SysAllocStringLen
0x467474 SafeArrayDestroyDescriptor
0x467478 SafeArrayDestroyData
0x46747c SafeArrayDestroy
0x467480 SafeArrayUnlock
0x467484 SafeArrayLock
0x467488 SafeArrayPutElement
0x46748c SafeArrayPtrOfIndex
0x467490 SystemTimeToVariantTime
0x467494 SafeArrayCopy
0x467498 SafeArrayAllocDescriptor
0x46749c SafeArrayAllocData
0x4674a0 VariantCopy
0x4674a4 VariantChangeType
0x4674a8 SafeArrayRedim
0x4674ac VariantClear
0x4674b0 SafeArrayCreate
0x4674b4 SafeArrayGetUBound
0x4674b8 SysReAllocStringLen
0x4674bc VarDateFromStr
0x4674c0 SafeArrayGetElement
0x4674c4 SafeArrayGetDim
0x4674c8 SafeArrayGetElemsize
0x4674cc SafeArrayGetLBound
0x4674d0 SysStringLen
0x4674d4 SysFreeString
0x4674d8 SysAllocStringByteLen
0x4674dc SysStringByteLen
0x4674e0 RegisterTypeLib
0x4674e4 LoadTypeLib
0x4674e8 LoadRegTypeLib
0x4674ec SafeArrayUnaccessData
0x4674f0 SafeArrayAccessData
0x4674f4 VarBstrFromCy
0x4674f8 VarBstrFromDec
0x4674fc VarDecFromStr
0x467500 VarCyFromStr
0x467504 VarBstrFromDate
0x467508 VariantInit
EAT(Export Address Table) is none