ScreenShot
| Created | 2021.06.25 09:55 | Machine | s1_win7_x6402 |
| Filename | setup.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 35 detected (GenericKD, Unsafe, malicious, NDHA, Attribute, HighConfidence, fopat@0, GenericRXOX, susgen, efkkz, Wacatac, ai score=86, PossibleThreat, ZexaCO, Hq0@aGi1TJjb, confidence) | ||
| md5 | 3f802f6b95addbe6d310b730bc6ff899 | ||
| sha256 | 2542e1ac4792217dad4759a34a95e74e4966b6006f378e1a1334f24cfd43012d | ||
| ssdeep | 6144:FCFWYEORRZjpRa6iVEVjzRUR38LUnMVjtd2qSJcKvAvs/ngCeGPbBzDxZiKmKR:FCFWYEgCL8LUnMVjGqScKB/k6FH | ||
| imphash | 05954e7a73db8f1e29d9d687d22ed5f7 | ||
| impfuzzy | 192:1Hrb/fj2XMY1gU7E4snaFZwacnckcDHzCkkP+QbP3:Bjj2XN+aaXb+QbP3 | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 35 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| watch | Installs itself for autorun at Windows startup |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Foreign language identified in PE resource |
| info | Checks amount of memory in system |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (9cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (download) |
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x42a0f8 GetCommandLineA
0x42a0fc HeapAlloc
0x42a100 GetTimeZoneInformation
0x42a104 GetSystemTime
0x42a108 GetLocalTime
0x42a10c HeapReAlloc
0x42a110 HeapSize
0x42a114 GetACP
0x42a118 SetUnhandledExceptionFilter
0x42a11c GetEnvironmentVariableA
0x42a120 GetVersionExA
0x42a124 HeapDestroy
0x42a128 HeapCreate
0x42a12c VirtualFree
0x42a130 VirtualAlloc
0x42a134 IsBadWritePtr
0x42a138 UnhandledExceptionFilter
0x42a13c FreeEnvironmentStringsA
0x42a140 FreeEnvironmentStringsW
0x42a144 GetEnvironmentStrings
0x42a148 GetStartupInfoA
0x42a14c SetHandleCount
0x42a150 GetStdHandle
0x42a154 GetFileType
0x42a158 LCMapStringA
0x42a15c LCMapStringW
0x42a160 GetStringTypeA
0x42a164 GetStringTypeW
0x42a168 IsBadReadPtr
0x42a16c IsBadCodePtr
0x42a170 SetStdHandle
0x42a174 CompareStringA
0x42a178 CompareStringW
0x42a17c SetEnvironmentVariableA
0x42a180 ExitProcess
0x42a184 HeapFree
0x42a188 RaiseException
0x42a18c GetProfileStringA
0x42a190 InterlockedExchange
0x42a194 RtlUnwind
0x42a198 GetTickCount
0x42a19c SetErrorMode
0x42a1a0 GetFileTime
0x42a1a4 GetFileSize
0x42a1a8 GetFileAttributesA
0x42a1ac WritePrivateProfileStringA
0x42a1b0 GetOEMCP
0x42a1b4 GetCPInfo
0x42a1b8 GetProcessVersion
0x42a1bc TlsGetValue
0x42a1c0 LocalReAlloc
0x42a1c4 TlsSetValue
0x42a1c8 EnterCriticalSection
0x42a1cc GlobalReAlloc
0x42a1d0 LeaveCriticalSection
0x42a1d4 TlsFree
0x42a1d8 GlobalHandle
0x42a1dc DeleteCriticalSection
0x42a1e0 TlsAlloc
0x42a1e4 InitializeCriticalSection
0x42a1e8 LocalAlloc
0x42a1ec GlobalFlags
0x42a1f0 FileTimeToLocalFileTime
0x42a1f4 FileTimeToSystemTime
0x42a1f8 GetThreadLocale
0x42a1fc GetFullPathNameA
0x42a200 lstrcpynA
0x42a204 GetVolumeInformationA
0x42a208 SetEndOfFile
0x42a20c UnlockFile
0x42a210 LockFile
0x42a214 FlushFileBuffers
0x42a218 SetFilePointer
0x42a21c WriteFile
0x42a220 ReadFile
0x42a224 DuplicateHandle
0x42a228 MulDiv
0x42a22c SetLastError
0x42a230 GlobalAlloc
0x42a234 lstrcmpA
0x42a238 GetCurrentThread
0x42a23c FormatMessageA
0x42a240 LocalFree
0x42a244 MultiByteToWideChar
0x42a248 WideCharToMultiByte
0x42a24c lstrlenA
0x42a250 InterlockedDecrement
0x42a254 InterlockedIncrement
0x42a258 LoadLibraryA
0x42a25c FreeLibrary
0x42a260 GetVersion
0x42a264 lstrcatA
0x42a268 GetCurrentThreadId
0x42a26c GlobalGetAtomNameA
0x42a270 lstrcmpiA
0x42a274 GlobalAddAtomA
0x42a278 GlobalFindAtomA
0x42a27c GlobalDeleteAtom
0x42a280 lstrcpyA
0x42a284 GetModuleHandleA
0x42a288 GetProcAddress
0x42a28c GlobalLock
0x42a290 GlobalUnlock
0x42a294 GlobalFree
0x42a298 GetLogicalDriveStringsA
0x42a29c FindFirstFileA
0x42a2a0 FindClose
0x42a2a4 CreateProcessA
0x42a2a8 FindResourceA
0x42a2ac LoadResource
0x42a2b0 SizeofResource
0x42a2b4 LockResource
0x42a2b8 CreateDirectoryA
0x42a2bc CopyFileA
0x42a2c0 WinExec
0x42a2c4 GetModuleFileNameA
0x42a2c8 CreateFileA
0x42a2cc Sleep
0x42a2d0 DeviceIoControl
0x42a2d4 CreateToolhelp32Snapshot
0x42a2d8 Process32First
0x42a2dc OpenProcess
0x42a2e0 TerminateProcess
0x42a2e4 CloseHandle
0x42a2e8 Process32Next
0x42a2ec GetLastError
0x42a2f0 GetCurrentProcess
0x42a2f4 GetEnvironmentStringsW
USER32.dll
0x42a344 PostThreadMessageA
0x42a348 SetCursor
0x42a34c GetMenuCheckMarkDimensions
0x42a350 LoadBitmapA
0x42a354 GetMenuState
0x42a358 ModifyMenuA
0x42a35c SetMenuItemBitmaps
0x42a360 CheckMenuItem
0x42a364 EnableMenuItem
0x42a368 ShowWindow
0x42a36c MoveWindow
0x42a370 SetWindowTextA
0x42a374 IsDialogMessageA
0x42a378 PostMessageA
0x42a37c UpdateWindow
0x42a380 SendDlgItemMessageA
0x42a384 MapWindowPoints
0x42a388 GetSysColor
0x42a38c GetFocus
0x42a390 SetFocus
0x42a394 AdjustWindowRectEx
0x42a398 ScreenToClient
0x42a39c CopyRect
0x42a3a0 IsWindowVisible
0x42a3a4 GetTopWindow
0x42a3a8 MessageBoxA
0x42a3ac IsChild
0x42a3b0 GetCapture
0x42a3b4 WinHelpA
0x42a3b8 wsprintfA
0x42a3bc GetClassInfoA
0x42a3c0 RegisterClipboardFormatA
0x42a3c4 GetMenu
0x42a3c8 GetMenuItemCount
0x42a3cc GetMenuItemID
0x42a3d0 GetWindowTextLengthA
0x42a3d4 GetWindowTextA
0x42a3d8 GetDlgCtrlID
0x42a3dc GetKeyState
0x42a3e0 CreateWindowExA
0x42a3e4 SetWindowsHookExA
0x42a3e8 CallNextHookEx
0x42a3ec GetClassLongA
0x42a3f0 SetPropA
0x42a3f4 UnhookWindowsHookEx
0x42a3f8 CallWindowProcA
0x42a3fc RemovePropA
0x42a400 DefWindowProcA
0x42a404 GetMessageTime
0x42a408 GetMessagePos
0x42a40c GetLastActivePopup
0x42a410 GetForegroundWindow
0x42a414 SetForegroundWindow
0x42a418 GetWindow
0x42a41c LoadIconA
0x42a420 SendMessageA
0x42a424 EnableWindow
0x42a428 UnregisterClassA
0x42a42c HideCaret
0x42a430 ShowCaret
0x42a434 ExcludeUpdateRgn
0x42a438 DrawFocusRect
0x42a43c SetWindowLongA
0x42a440 SetWindowPos
0x42a444 RegisterWindowMessageA
0x42a448 OffsetRect
0x42a44c IntersectRect
0x42a450 SystemParametersInfoA
0x42a454 GetWindowPlacement
0x42a458 GetWindowRect
0x42a45c GetNextDlgTabItem
0x42a460 EndDialog
0x42a464 GetActiveWindow
0x42a468 SetActiveWindow
0x42a46c IsWindow
0x42a470 CreateDialogIndirectParamA
0x42a474 DestroyWindow
0x42a478 GetParent
0x42a47c GetWindowLongA
0x42a480 GetDlgItem
0x42a484 IsWindowEnabled
0x42a488 KillTimer
0x42a48c IsIconic
0x42a490 GetSystemMetrics
0x42a494 GetClientRect
0x42a498 DrawIcon
0x42a49c InflateRect
0x42a4a0 InvalidateRect
0x42a4a4 RegisterClassA
0x42a4a8 SetTimer
0x42a4ac PeekMessageA
0x42a4b0 DefDlgProcA
0x42a4b4 IsWindowUnicode
0x42a4b8 DispatchMessageA
0x42a4bc TranslateMessage
0x42a4c0 MessageBeep
0x42a4c4 GetNextDlgGroupItem
0x42a4c8 SetRect
0x42a4cc CopyAcceleratorTableA
0x42a4d0 CharNextA
0x42a4d4 LoadStringA
0x42a4d8 DestroyMenu
0x42a4dc GetSysColorBrush
0x42a4e0 LoadCursorA
0x42a4e4 GetDesktopWindow
0x42a4e8 PtInRect
0x42a4ec GetClassNameA
0x42a4f0 CharUpperA
0x42a4f4 GrayStringA
0x42a4f8 DrawTextA
0x42a4fc TabbedTextOutA
0x42a500 EndPaint
0x42a504 BeginPaint
0x42a508 GetWindowDC
0x42a50c ReleaseDC
0x42a510 GetPropA
0x42a514 GetDC
0x42a518 ClientToScreen
0x42a51c MapDialogRect
0x42a520 SetWindowContextHelpId
0x42a524 GetMessageA
0x42a528 ValidateRect
0x42a52c GetSubMenu
0x42a530 GetCursorPos
0x42a534 PostQuitMessage
GDI32.dll
0x42a058 IntersectClipRect
0x42a05c DeleteObject
0x42a060 GetDeviceCaps
0x42a064 ScaleWindowExtEx
0x42a068 GetWindowExtEx
0x42a06c CreateSolidBrush
0x42a070 PtVisible
0x42a074 RectVisible
0x42a078 TextOutA
0x42a07c ExtTextOutA
0x42a080 Escape
0x42a084 GetTextColor
0x42a088 GetBkColor
0x42a08c DPtoLP
0x42a090 LPtoDP
0x42a094 GetMapMode
0x42a098 PatBlt
0x42a09c SetWindowExtEx
0x42a0a0 ScaleViewportExtEx
0x42a0a4 SetViewportExtEx
0x42a0a8 OffsetViewportOrgEx
0x42a0ac SetViewportOrgEx
0x42a0b0 SetMapMode
0x42a0b4 SetBkMode
0x42a0b8 GetStockObject
0x42a0bc SelectObject
0x42a0c0 RestoreDC
0x42a0c4 SaveDC
0x42a0c8 DeleteDC
0x42a0cc CreateBitmap
0x42a0d0 GetObjectA
0x42a0d4 SetBkColor
0x42a0d8 SetTextColor
0x42a0dc GetClipBox
0x42a0e0 GetViewportExtEx
0x42a0e4 CreateDIBitmap
0x42a0e8 GetTextExtentPointA
0x42a0ec BitBlt
0x42a0f0 CreateCompatibleDC
comdlg32.dll
0x42a54c GetFileTitleA
WINSPOOL.DRV
0x42a53c ClosePrinter
0x42a540 DocumentPropertiesA
0x42a544 OpenPrinterA
ADVAPI32.dll
0x42a000 CryptEncrypt
0x42a004 RegCreateKeyExA
0x42a008 CryptAcquireContextA
0x42a00c CryptCreateHash
0x42a010 CryptHashData
0x42a014 CryptDeriveKey
0x42a018 CryptDestroyHash
0x42a01c RegSetValueExA
0x42a020 OpenProcessToken
0x42a024 LookupPrivilegeValueA
0x42a028 AdjustTokenPrivileges
0x42a02c RegOpenKeyExA
0x42a030 RegEnumKeyA
0x42a034 RegOpenKeyA
0x42a038 RegEnumValueA
0x42a03c RegQueryValueExA
0x42a040 RegCreateKeyA
0x42a044 RegQueryInfoKeyA
0x42a048 RegCloseKey
SHELL32.dll
0x42a338 ShellExecuteA
0x42a33c SHGetSpecialFolderPathA
COMCTL32.dll
0x42a050 None
oledlg.dll
0x42a594 None
ole32.dll
0x42a554 OleUninitialize
0x42a558 OleInitialize
0x42a55c CoFreeUnusedLibraries
0x42a560 CoTaskMemAlloc
0x42a564 CoTaskMemFree
0x42a568 CreateILockBytesOnHGlobal
0x42a56c StgCreateDocfileOnILockBytes
0x42a570 StgOpenStorageOnILockBytes
0x42a574 CoGetClassObject
0x42a578 CLSIDFromString
0x42a57c CLSIDFromProgID
0x42a580 CoRegisterMessageFilter
0x42a584 CoRevokeClassObject
0x42a588 OleFlushClipboard
0x42a58c OleIsCurrentClipboard
OLEPRO32.DLL
0x42a324 None
OLEAUT32.dll
0x42a2fc SysAllocStringLen
0x42a300 SysFreeString
0x42a304 VariantClear
0x42a308 VariantCopy
0x42a30c SysAllocString
0x42a310 SysAllocStringByteLen
0x42a314 VariantChangeType
0x42a318 VariantTimeToSystemTime
0x42a31c SysStringLen
PSAPI.DLL
0x42a32c GetModuleFileNameExA
0x42a330 EnumProcessModules
EAT(Export Address Table) is none
KERNEL32.dll
0x42a0f8 GetCommandLineA
0x42a0fc HeapAlloc
0x42a100 GetTimeZoneInformation
0x42a104 GetSystemTime
0x42a108 GetLocalTime
0x42a10c HeapReAlloc
0x42a110 HeapSize
0x42a114 GetACP
0x42a118 SetUnhandledExceptionFilter
0x42a11c GetEnvironmentVariableA
0x42a120 GetVersionExA
0x42a124 HeapDestroy
0x42a128 HeapCreate
0x42a12c VirtualFree
0x42a130 VirtualAlloc
0x42a134 IsBadWritePtr
0x42a138 UnhandledExceptionFilter
0x42a13c FreeEnvironmentStringsA
0x42a140 FreeEnvironmentStringsW
0x42a144 GetEnvironmentStrings
0x42a148 GetStartupInfoA
0x42a14c SetHandleCount
0x42a150 GetStdHandle
0x42a154 GetFileType
0x42a158 LCMapStringA
0x42a15c LCMapStringW
0x42a160 GetStringTypeA
0x42a164 GetStringTypeW
0x42a168 IsBadReadPtr
0x42a16c IsBadCodePtr
0x42a170 SetStdHandle
0x42a174 CompareStringA
0x42a178 CompareStringW
0x42a17c SetEnvironmentVariableA
0x42a180 ExitProcess
0x42a184 HeapFree
0x42a188 RaiseException
0x42a18c GetProfileStringA
0x42a190 InterlockedExchange
0x42a194 RtlUnwind
0x42a198 GetTickCount
0x42a19c SetErrorMode
0x42a1a0 GetFileTime
0x42a1a4 GetFileSize
0x42a1a8 GetFileAttributesA
0x42a1ac WritePrivateProfileStringA
0x42a1b0 GetOEMCP
0x42a1b4 GetCPInfo
0x42a1b8 GetProcessVersion
0x42a1bc TlsGetValue
0x42a1c0 LocalReAlloc
0x42a1c4 TlsSetValue
0x42a1c8 EnterCriticalSection
0x42a1cc GlobalReAlloc
0x42a1d0 LeaveCriticalSection
0x42a1d4 TlsFree
0x42a1d8 GlobalHandle
0x42a1dc DeleteCriticalSection
0x42a1e0 TlsAlloc
0x42a1e4 InitializeCriticalSection
0x42a1e8 LocalAlloc
0x42a1ec GlobalFlags
0x42a1f0 FileTimeToLocalFileTime
0x42a1f4 FileTimeToSystemTime
0x42a1f8 GetThreadLocale
0x42a1fc GetFullPathNameA
0x42a200 lstrcpynA
0x42a204 GetVolumeInformationA
0x42a208 SetEndOfFile
0x42a20c UnlockFile
0x42a210 LockFile
0x42a214 FlushFileBuffers
0x42a218 SetFilePointer
0x42a21c WriteFile
0x42a220 ReadFile
0x42a224 DuplicateHandle
0x42a228 MulDiv
0x42a22c SetLastError
0x42a230 GlobalAlloc
0x42a234 lstrcmpA
0x42a238 GetCurrentThread
0x42a23c FormatMessageA
0x42a240 LocalFree
0x42a244 MultiByteToWideChar
0x42a248 WideCharToMultiByte
0x42a24c lstrlenA
0x42a250 InterlockedDecrement
0x42a254 InterlockedIncrement
0x42a258 LoadLibraryA
0x42a25c FreeLibrary
0x42a260 GetVersion
0x42a264 lstrcatA
0x42a268 GetCurrentThreadId
0x42a26c GlobalGetAtomNameA
0x42a270 lstrcmpiA
0x42a274 GlobalAddAtomA
0x42a278 GlobalFindAtomA
0x42a27c GlobalDeleteAtom
0x42a280 lstrcpyA
0x42a284 GetModuleHandleA
0x42a288 GetProcAddress
0x42a28c GlobalLock
0x42a290 GlobalUnlock
0x42a294 GlobalFree
0x42a298 GetLogicalDriveStringsA
0x42a29c FindFirstFileA
0x42a2a0 FindClose
0x42a2a4 CreateProcessA
0x42a2a8 FindResourceA
0x42a2ac LoadResource
0x42a2b0 SizeofResource
0x42a2b4 LockResource
0x42a2b8 CreateDirectoryA
0x42a2bc CopyFileA
0x42a2c0 WinExec
0x42a2c4 GetModuleFileNameA
0x42a2c8 CreateFileA
0x42a2cc Sleep
0x42a2d0 DeviceIoControl
0x42a2d4 CreateToolhelp32Snapshot
0x42a2d8 Process32First
0x42a2dc OpenProcess
0x42a2e0 TerminateProcess
0x42a2e4 CloseHandle
0x42a2e8 Process32Next
0x42a2ec GetLastError
0x42a2f0 GetCurrentProcess
0x42a2f4 GetEnvironmentStringsW
USER32.dll
0x42a344 PostThreadMessageA
0x42a348 SetCursor
0x42a34c GetMenuCheckMarkDimensions
0x42a350 LoadBitmapA
0x42a354 GetMenuState
0x42a358 ModifyMenuA
0x42a35c SetMenuItemBitmaps
0x42a360 CheckMenuItem
0x42a364 EnableMenuItem
0x42a368 ShowWindow
0x42a36c MoveWindow
0x42a370 SetWindowTextA
0x42a374 IsDialogMessageA
0x42a378 PostMessageA
0x42a37c UpdateWindow
0x42a380 SendDlgItemMessageA
0x42a384 MapWindowPoints
0x42a388 GetSysColor
0x42a38c GetFocus
0x42a390 SetFocus
0x42a394 AdjustWindowRectEx
0x42a398 ScreenToClient
0x42a39c CopyRect
0x42a3a0 IsWindowVisible
0x42a3a4 GetTopWindow
0x42a3a8 MessageBoxA
0x42a3ac IsChild
0x42a3b0 GetCapture
0x42a3b4 WinHelpA
0x42a3b8 wsprintfA
0x42a3bc GetClassInfoA
0x42a3c0 RegisterClipboardFormatA
0x42a3c4 GetMenu
0x42a3c8 GetMenuItemCount
0x42a3cc GetMenuItemID
0x42a3d0 GetWindowTextLengthA
0x42a3d4 GetWindowTextA
0x42a3d8 GetDlgCtrlID
0x42a3dc GetKeyState
0x42a3e0 CreateWindowExA
0x42a3e4 SetWindowsHookExA
0x42a3e8 CallNextHookEx
0x42a3ec GetClassLongA
0x42a3f0 SetPropA
0x42a3f4 UnhookWindowsHookEx
0x42a3f8 CallWindowProcA
0x42a3fc RemovePropA
0x42a400 DefWindowProcA
0x42a404 GetMessageTime
0x42a408 GetMessagePos
0x42a40c GetLastActivePopup
0x42a410 GetForegroundWindow
0x42a414 SetForegroundWindow
0x42a418 GetWindow
0x42a41c LoadIconA
0x42a420 SendMessageA
0x42a424 EnableWindow
0x42a428 UnregisterClassA
0x42a42c HideCaret
0x42a430 ShowCaret
0x42a434 ExcludeUpdateRgn
0x42a438 DrawFocusRect
0x42a43c SetWindowLongA
0x42a440 SetWindowPos
0x42a444 RegisterWindowMessageA
0x42a448 OffsetRect
0x42a44c IntersectRect
0x42a450 SystemParametersInfoA
0x42a454 GetWindowPlacement
0x42a458 GetWindowRect
0x42a45c GetNextDlgTabItem
0x42a460 EndDialog
0x42a464 GetActiveWindow
0x42a468 SetActiveWindow
0x42a46c IsWindow
0x42a470 CreateDialogIndirectParamA
0x42a474 DestroyWindow
0x42a478 GetParent
0x42a47c GetWindowLongA
0x42a480 GetDlgItem
0x42a484 IsWindowEnabled
0x42a488 KillTimer
0x42a48c IsIconic
0x42a490 GetSystemMetrics
0x42a494 GetClientRect
0x42a498 DrawIcon
0x42a49c InflateRect
0x42a4a0 InvalidateRect
0x42a4a4 RegisterClassA
0x42a4a8 SetTimer
0x42a4ac PeekMessageA
0x42a4b0 DefDlgProcA
0x42a4b4 IsWindowUnicode
0x42a4b8 DispatchMessageA
0x42a4bc TranslateMessage
0x42a4c0 MessageBeep
0x42a4c4 GetNextDlgGroupItem
0x42a4c8 SetRect
0x42a4cc CopyAcceleratorTableA
0x42a4d0 CharNextA
0x42a4d4 LoadStringA
0x42a4d8 DestroyMenu
0x42a4dc GetSysColorBrush
0x42a4e0 LoadCursorA
0x42a4e4 GetDesktopWindow
0x42a4e8 PtInRect
0x42a4ec GetClassNameA
0x42a4f0 CharUpperA
0x42a4f4 GrayStringA
0x42a4f8 DrawTextA
0x42a4fc TabbedTextOutA
0x42a500 EndPaint
0x42a504 BeginPaint
0x42a508 GetWindowDC
0x42a50c ReleaseDC
0x42a510 GetPropA
0x42a514 GetDC
0x42a518 ClientToScreen
0x42a51c MapDialogRect
0x42a520 SetWindowContextHelpId
0x42a524 GetMessageA
0x42a528 ValidateRect
0x42a52c GetSubMenu
0x42a530 GetCursorPos
0x42a534 PostQuitMessage
GDI32.dll
0x42a058 IntersectClipRect
0x42a05c DeleteObject
0x42a060 GetDeviceCaps
0x42a064 ScaleWindowExtEx
0x42a068 GetWindowExtEx
0x42a06c CreateSolidBrush
0x42a070 PtVisible
0x42a074 RectVisible
0x42a078 TextOutA
0x42a07c ExtTextOutA
0x42a080 Escape
0x42a084 GetTextColor
0x42a088 GetBkColor
0x42a08c DPtoLP
0x42a090 LPtoDP
0x42a094 GetMapMode
0x42a098 PatBlt
0x42a09c SetWindowExtEx
0x42a0a0 ScaleViewportExtEx
0x42a0a4 SetViewportExtEx
0x42a0a8 OffsetViewportOrgEx
0x42a0ac SetViewportOrgEx
0x42a0b0 SetMapMode
0x42a0b4 SetBkMode
0x42a0b8 GetStockObject
0x42a0bc SelectObject
0x42a0c0 RestoreDC
0x42a0c4 SaveDC
0x42a0c8 DeleteDC
0x42a0cc CreateBitmap
0x42a0d0 GetObjectA
0x42a0d4 SetBkColor
0x42a0d8 SetTextColor
0x42a0dc GetClipBox
0x42a0e0 GetViewportExtEx
0x42a0e4 CreateDIBitmap
0x42a0e8 GetTextExtentPointA
0x42a0ec BitBlt
0x42a0f0 CreateCompatibleDC
comdlg32.dll
0x42a54c GetFileTitleA
WINSPOOL.DRV
0x42a53c ClosePrinter
0x42a540 DocumentPropertiesA
0x42a544 OpenPrinterA
ADVAPI32.dll
0x42a000 CryptEncrypt
0x42a004 RegCreateKeyExA
0x42a008 CryptAcquireContextA
0x42a00c CryptCreateHash
0x42a010 CryptHashData
0x42a014 CryptDeriveKey
0x42a018 CryptDestroyHash
0x42a01c RegSetValueExA
0x42a020 OpenProcessToken
0x42a024 LookupPrivilegeValueA
0x42a028 AdjustTokenPrivileges
0x42a02c RegOpenKeyExA
0x42a030 RegEnumKeyA
0x42a034 RegOpenKeyA
0x42a038 RegEnumValueA
0x42a03c RegQueryValueExA
0x42a040 RegCreateKeyA
0x42a044 RegQueryInfoKeyA
0x42a048 RegCloseKey
SHELL32.dll
0x42a338 ShellExecuteA
0x42a33c SHGetSpecialFolderPathA
COMCTL32.dll
0x42a050 None
oledlg.dll
0x42a594 None
ole32.dll
0x42a554 OleUninitialize
0x42a558 OleInitialize
0x42a55c CoFreeUnusedLibraries
0x42a560 CoTaskMemAlloc
0x42a564 CoTaskMemFree
0x42a568 CreateILockBytesOnHGlobal
0x42a56c StgCreateDocfileOnILockBytes
0x42a570 StgOpenStorageOnILockBytes
0x42a574 CoGetClassObject
0x42a578 CLSIDFromString
0x42a57c CLSIDFromProgID
0x42a580 CoRegisterMessageFilter
0x42a584 CoRevokeClassObject
0x42a588 OleFlushClipboard
0x42a58c OleIsCurrentClipboard
OLEPRO32.DLL
0x42a324 None
OLEAUT32.dll
0x42a2fc SysAllocStringLen
0x42a300 SysFreeString
0x42a304 VariantClear
0x42a308 VariantCopy
0x42a30c SysAllocString
0x42a310 SysAllocStringByteLen
0x42a314 VariantChangeType
0x42a318 VariantTimeToSystemTime
0x42a31c SysStringLen
PSAPI.DLL
0x42a32c GetModuleFileNameExA
0x42a330 EnumProcessModules
EAT(Export Address Table) is none