popup

Report - longearthgrinch.png

Emotet PE File DLL PE32
  1. Resubmit analysis
  2. Detailed report
ScreenShot
Created 2021.07.03 18:33 Machine s1_win7_x6401
Filename longearthgrinch.png
Type PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
AI Score
8
 Behavior Score
7.2
ZERO API file : clean
VT API (file)
md5 3adbcd5aca263146322d0a21e54a1c47
sha256 46fee344195d41783092aed90740308f1b0559e8f753f68cc5c8103a157bca96
ssdeep 6144:F62tjX2w0x8GcDdbVRvCdEnjzOWy24Qm4:J1NvCUSW6
imphash a2293d617a2d42d810e0f0af44350ce7
impfuzzy 96:i6Sld9W2KS1LNSLBN2hHqQiqGJL1ILEq1q:Sld02RLNSLBN2hrx6L1QEq1q
  Network IP location

Signature (17cnts)

Level Description
danger Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually)
watch Communicates with host for which no DNS query was performed
notice Allocates read-write-execute memory (usually to unpack itself)
notice Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)
notice Checks adapter addresses which can be used to detect virtual network interfaces
notice Checks for the Locally Unique Identifier on the system for a suspicious privilege
notice Creates a suspicious process
notice HTTP traffic contains suspicious features which may be indicative of malware related traffic
notice One or more potentially interesting buffers were extracted
notice Performs some HTTP requests
notice Terminates another process
notice The binary likely contains encrypted or compressed data indicative of a packer
info Checks amount of memory in system
info Checks if process is being debugged by a debugger
info One or more processes crashed
info Queries for the computername
info The executable uses a known packer

Rules (4cnts)

Level Name Description Collection
danger Win32_Trojan_Emotet_2_Zero Win32 Trojan Emotet binaries (upload)
info IsDLL (no description) binaries (upload)
info IsPE32 (no description) binaries (upload)
info PE_Header_Zero PE File Signature binaries (upload)

Network (17cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?
https://185.56.76.108/cookiechecker?uri=/rob102/TEST22-PC_W617601.33715B34B330B01BAE9FB711D913F2BB/5/file/
whois
ES Albacete Sistemas y Servicios SL 185.56.76.108 2485 mailcious
https://80.15.2.105/rob102/TEST22-PC_W617601.33715B34B330B01BAE9FB711D913F2BB/5/file/
whois
FR Orange 80.15.2.105 clean
https://185.56.76.108/login.cgi?uri=/index.html
whois
ES Albacete Sistemas y Servicios SL 185.56.76.108 clean
https://185.56.76.108/index.html
whois
ES Albacete Sistemas y Servicios SL 185.56.76.108 2487 mailcious
https://185.56.76.28/login.cgi?uri=/rob102/TEST22-PC_W617601.33715B34B330B01BAE9FB711D913F2BB/5/file/
whois
ES Albacete Sistemas y Servicios SL 185.56.76.28 clean
185.56.76.28
whois
ES Albacete Sistemas y Servicios SL 185.56.76.28 clean
38.110.103.113
whois
CA BELAIR-TECHNOLOGIES 38.110.103.113 clean
60.51.47.65
whois
MY TM Net, Internet Service Provider 60.51.47.65 clean
154.58.23.192
whois
ES COGENT-174 154.58.23.192 mailcious
204.138.26.60
whois
Unknown 204.138.26.60 clean
45.36.99.184
whois
US TWC-11426-CAROLINAS 45.36.99.184 clean
68.69.26.182
whois
CA KOS-1193 68.69.26.182 clean
38.110.103.124
whois
CA BELAIR-TECHNOLOGIES 38.110.103.124 clean
185.56.76.108
whois
ES Albacete Sistemas y Servicios SL 185.56.76.108 mailcious
80.15.2.105
whois
FR Orange 80.15.2.105 clean
38.110.100.104
whois
CA BELAIR-TECHNOLOGIES 38.110.100.104 clean
24.162.214.166
whois
US TWC-11427-TEXAS 24.162.214.166 clean

Suricata ids

ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)

PE API

IAT(Import Address Table) Library

MFC42.DLL
 0x10010058 None
 0x1001005c None
 0x10010060 None
 0x10010064 None
 0x10010068 None
 0x1001006c None
 0x10010070 None
 0x10010074 None
 0x10010078 None
 0x1001007c None
 0x10010080 None
 0x10010084 None
 0x10010088 None
 0x1001008c None
 0x10010090 None
 0x10010094 None
 0x10010098 None
 0x1001009c None
 0x100100a0 None
 0x100100a4 None
 0x100100a8 None
 0x100100ac None
 0x100100b0 None
 0x100100b4 None
 0x100100b8 None
 0x100100bc None
 0x100100c0 None
 0x100100c4 None
 0x100100c8 None
 0x100100cc None
 0x100100d0 None
 0x100100d4 None
 0x100100d8 None
 0x100100dc None
 0x100100e0 None
 0x100100e4 None
 0x100100e8 None
 0x100100ec None
 0x100100f0 None
 0x100100f4 None
 0x100100f8 None
 0x100100fc None
 0x10010100 None
 0x10010104 None
 0x10010108 None
 0x1001010c None
 0x10010110 None
 0x10010114 None
 0x10010118 None
 0x1001011c None
 0x10010120 None
 0x10010124 None
 0x10010128 None
 0x1001012c None
 0x10010130 None
 0x10010134 None
 0x10010138 None
 0x1001013c None
 0x10010140 None
 0x10010144 None
 0x10010148 None
 0x1001014c None
 0x10010150 None
 0x10010154 None
 0x10010158 None
 0x1001015c None
 0x10010160 None
 0x10010164 None
 0x10010168 None
 0x1001016c None
 0x10010170 None
 0x10010174 None
 0x10010178 None
 0x1001017c None
 0x10010180 None
 0x10010184 None
 0x10010188 None
 0x1001018c None
 0x10010190 None
 0x10010194 None
 0x10010198 None
 0x1001019c None
 0x100101a0 None
 0x100101a4 None
 0x100101a8 None
 0x100101ac None
 0x100101b0 None
 0x100101b4 None
 0x100101b8 None
 0x100101bc None
 0x100101c0 None
 0x100101c4 None
 0x100101c8 None
 0x100101cc None
 0x100101d0 None
 0x100101d4 None
 0x100101d8 None
 0x100101dc None
 0x100101e0 None
 0x100101e4 None
 0x100101e8 None
 0x100101ec None
 0x100101f0 None
 0x100101f4 None
 0x100101f8 None
 0x100101fc None
 0x10010200 None
 0x10010204 None
 0x10010208 None
 0x1001020c None
 0x10010210 None
 0x10010214 None
 0x10010218 None
 0x1001021c None
 0x10010220 None
 0x10010224 None
 0x10010228 None
 0x1001022c None
 0x10010230 None
 0x10010234 None
 0x10010238 None
 0x1001023c None
 0x10010240 None
 0x10010244 None
 0x10010248 None
 0x1001024c None
 0x10010250 None
 0x10010254 None
 0x10010258 None
 0x1001025c None
 0x10010260 None
 0x10010264 None
 0x10010268 None
 0x1001026c None
 0x10010270 None
 0x10010274 None
 0x10010278 None
 0x1001027c None
 0x10010280 None
 0x10010284 None
 0x10010288 None
 0x1001028c None
 0x10010290 None
 0x10010294 None
 0x10010298 None
 0x1001029c None
 0x100102a0 None
 0x100102a4 None
 0x100102a8 None
 0x100102ac None
 0x100102b0 None
 0x100102b4 None
 0x100102b8 None
 0x100102bc None
 0x100102c0 None
 0x100102c4 None
 0x100102c8 None
 0x100102cc None
 0x100102d0 None
 0x100102d4 None
 0x100102d8 None
 0x100102dc None
 0x100102e0 None
 0x100102e4 None
 0x100102e8 None
 0x100102ec None
 0x100102f0 None
 0x100102f4 None
 0x100102f8 None
 0x100102fc None
 0x10010300 None
 0x10010304 None
 0x10010308 None
 0x1001030c None
 0x10010310 None
 0x10010314 None
 0x10010318 None
 0x1001031c None
 0x10010320 None
 0x10010324 None
 0x10010328 None
 0x1001032c None
 0x10010330 None
 0x10010334 None
 0x10010338 None
 0x1001033c None
 0x10010340 None
 0x10010344 None
 0x10010348 None
 0x1001034c None
 0x10010350 None
 0x10010354 None
 0x10010358 None
 0x1001035c None
 0x10010360 None
 0x10010364 None
 0x10010368 None
 0x1001036c None
 0x10010370 None
 0x10010374 None
 0x10010378 None
 0x1001037c None
 0x10010380 None
 0x10010384 None
 0x10010388 None
 0x1001038c None
 0x10010390 None
 0x10010394 None
 0x10010398 None
 0x1001039c None
 0x100103a0 None
 0x100103a4 None
 0x100103a8 None
 0x100103ac None
 0x100103b0 None
 0x100103b4 None
 0x100103b8 None
 0x100103bc None
 0x100103c0 None
 0x100103c4 None
 0x100103c8 None
 0x100103cc None
 0x100103d0 None
 0x100103d4 None
 0x100103d8 None
 0x100103dc None
 0x100103e0 None
 0x100103e4 None
 0x100103e8 None
 0x100103ec None
 0x100103f0 None
 0x100103f4 None
 0x100103f8 None
 0x100103fc None
 0x10010400 None
 0x10010404 None
 0x10010408 None
 0x1001040c None
 0x10010410 None
 0x10010414 None
 0x10010418 None
 0x1001041c None
 0x10010420 None
 0x10010424 None
 0x10010428 None
 0x1001042c None
 0x10010430 None
 0x10010434 None
 0x10010438 None
 0x1001043c None
 0x10010440 None
 0x10010444 None
 0x10010448 None
 0x1001044c None
 0x10010450 None
 0x10010454 None
 0x10010458 None
 0x1001045c None
 0x10010460 None
 0x10010464 None
 0x10010468 None
 0x1001046c None
 0x10010470 None
 0x10010474 None
 0x10010478 None
 0x1001047c None
 0x10010480 None
 0x10010484 None
 0x10010488 None
 0x1001048c None
 0x10010490 None
 0x10010494 None
 0x10010498 None
 0x1001049c None
 0x100104a0 None
 0x100104a4 None
 0x100104a8 None
 0x100104ac None
 0x100104b0 None
 0x100104b4 None
 0x100104b8 None
 0x100104bc None
 0x100104c0 None
 0x100104c4 None
 0x100104c8 None
 0x100104cc None
 0x100104d0 None
 0x100104d4 None
 0x100104d8 None
 0x100104dc None
 0x100104e0 None
 0x100104e4 None
 0x100104e8 None
 0x100104ec None
 0x100104f0 None
 0x100104f4 None
 0x100104f8 None
 0x100104fc None
 0x10010500 None
 0x10010504 None
 0x10010508 None
 0x1001050c None
 0x10010510 None
 0x10010514 None
 0x10010518 None
 0x1001051c None
 0x10010520 None
 0x10010524 None
 0x10010528 None
 0x1001052c None
 0x10010530 None
 0x10010534 None
 0x10010538 None
 0x1001053c None
 0x10010540 None
 0x10010544 None
 0x10010548 None
 0x1001054c None
 0x10010550 None
 0x10010554 None
 0x10010558 None
 0x1001055c None
 0x10010560 None
 0x10010564 None
 0x10010568 None
 0x1001056c None
 0x10010570 None
 0x10010574 None
 0x10010578 None
 0x1001057c None
 0x10010580 None
 0x10010584 None
 0x10010588 None
 0x1001058c None
 0x10010590 None
 0x10010594 None
 0x10010598 None
 0x1001059c None
 0x100105a0 None
 0x100105a4 None
 0x100105a8 None
 0x100105ac None
 0x100105b0 None
 0x100105b4 None
 0x100105b8 None
 0x100105bc None
 0x100105c0 None
 0x100105c4 None
 0x100105c8 None
 0x100105cc None
 0x100105d0 None
 0x100105d4 None
 0x100105d8 None
 0x100105dc None
 0x100105e0 None
 0x100105e4 None
 0x100105e8 None
 0x100105ec None
 0x100105f0 None
 0x100105f4 None
 0x100105f8 None
 0x100105fc None
 0x10010600 None
 0x10010604 None
 0x10010608 None
 0x1001060c None
 0x10010610 None
MSVCRT.dll
 0x10010618 _adjust_fdiv
 0x1001061c _initterm
 0x10010620 __CxxFrameHandler
 0x10010624 malloc
 0x10010628 atoi
 0x1001062c _purecall
 0x10010630 sscanf
 0x10010634 _mbsnbcpy
 0x10010638 _wcsicmp
 0x1001063c _stricmp
 0x10010640 _except_handler3
 0x10010644 ?terminate@@YAXXZ
 0x10010648 free
KERNEL32.dll
 0x10010030 lstrcmpA
 0x10010034 GetVersionExA
 0x10010038 GlobalFree
 0x1001003c LoadLibraryA
 0x10010040 FreeLibrary
 0x10010044 GetProcAddress
 0x10010048 GetCurrentProcess
 0x1001004c GlobalAlloc
 0x10010050 GetCurrentThreadId
USER32.dll
 0x10010658 SetMenu
 0x1001065c AppendMenuA
 0x10010660 RemoveMenu
 0x10010664 GetClassLongA
 0x10010668 GetMenuItemID
 0x1001066c GetMenuItemCount
 0x10010670 DeleteMenu
 0x10010674 GetSystemMenu
 0x10010678 GetSubMenu
 0x1001067c GetMenu
 0x10010680 PostMessageA
 0x10010684 PtInRect
 0x10010688 SetRectEmpty
 0x1001068c GetWindowLongA
 0x10010690 IsWindow
 0x10010694 IsIconic
 0x10010698 GetMenuStringA
 0x1001069c SetCapture
 0x100106a0 GetCapture
 0x100106a4 GetFocus
 0x100106a8 keybd_event
 0x100106ac InsertMenuItemA
 0x100106b0 GetMenuItemInfoA
 0x100106b4 CreatePopupMenu
 0x100106b8 CopyRect
 0x100106bc SetWindowsHookExA
 0x100106c0 ReleaseCapture
 0x100106c4 SetFocus
 0x100106c8 MapWindowPoints
 0x100106cc EnableWindow
 0x100106d0 ClientToScreen
 0x100106d4 GetKeyState
 0x100106d8 ScreenToClient
 0x100106dc RedrawWindow
 0x100106e0 DrawIconEx
 0x100106e4 CallNextHookEx
 0x100106e8 UpdateWindow
 0x100106ec LoadCursorA
 0x100106f0 SubtractRect
 0x100106f4 ShowWindow
 0x100106f8 GetClassNameA
 0x100106fc IntersectRect
 0x10010700 IsRectEmpty
 0x10010704 GetDesktopWindow
 0x10010708 GetMessageTime
 0x1001070c GetMessagePos
 0x10010710 ReleaseDC
 0x10010714 TrackPopupMenuEx
 0x10010718 SystemParametersInfoA
 0x1001071c LoadBitmapA
 0x10010720 DestroyIcon
 0x10010724 GetMenuState
 0x10010728 SetMenuItemInfoA
 0x1001072c GetSysColor
 0x10010730 InflateRect
 0x10010734 FrameRect
 0x10010738 GetSystemMetrics
 0x1001073c DrawFrameControl
 0x10010740 WindowFromPoint
 0x10010744 GetSysColorBrush
 0x10010748 OffsetRect
 0x1001074c GetClientRect
 0x10010750 GetWindowRect
 0x10010754 InvalidateRect
 0x10010758 GetParent
 0x1001075c SendMessageA
 0x10010760 UnhookWindowsHookEx
GDI32.dll
 0x1001001c BitBlt
 0x10010020 CreateFontIndirectA
 0x10010024 CreateCompatibleDC
 0x10010028 CreateCompatibleBitmap
SHELL32.dll
 0x10010650 SHGetFileInfoA
COMCTL32.dll
 0x10010000 ImageList_Remove
 0x10010004 ImageList_ReplaceIcon
 0x10010008 ImageList_AddMasked
 0x1001000c ImageList_LoadImageA
 0x10010010 ImageList_Draw
 0x10010014 ImageList_GetImageCount

EAT(Export Address Table) Library

0x10002170 ??0CDllLoader@@QAE@PBD_N@Z
0x10002390 ??0CFrameWndEx@@QAE@XZ
0x10002eb0 ??0CMDIChildWndEx@@QAE@XZ
0x100028b0 ??0CMDIFrameWndEx@@QAE@XZ
0x10004e80 ??0CMenuBar@@QAE@XZ
0x10007290 ??0CPreviewToolBar@@QAE@XZ
0x100074b0 ??0CPreviewViewEx@@QAE@XZ
0x100077c0 ??0CSizableReBar@@QAE@XZ
0x100093f0 ??0CToolBarEx@@QAE@XZ
0x1000c180 ??0CWinAppEx@@QAE@PBD@Z
0x10002190 ??1CDllLoader@@QAE@XZ
0x10002470 ??1CFrameWndEx@@UAE@XZ
0x10002f30 ??1CMDIChildWndEx@@UAE@XZ
0x100029b0 ??1CMDIFrameWndEx@@UAE@XZ
0x100050a0 ??1CMenuBar@@UAE@XZ
0x100072b0 ??1CPreviewToolBar@@UAE@XZ
0x10007320 ??1CPreviewViewEx@@UAE@XZ
0x100078e0 ??1CSizableReBar@@UAE@XZ
0x10009500 ??1CToolBarEx@@UAE@XZ
0x1000c360 ??1CWinAppEx@@UAE@XZ
0x10001000 ??4CDllLoader@@QAEAAV0@ABV0@@Z
0x10010e48 ??_7CFrameWndEx@@6B@
0x10011508 ??_7CMDIChildWndEx@@6B@
0x100111fc ??_7CMDIFrameWndEx@@6B@
0x10011990 ??_7CMenuBar@@6B@
0x10011b58 ??_7CPreviewToolBar@@6B@
0x10011c64 ??_7CPreviewViewEx@@6B@
0x10011ec0 ??_7CSizableReBar@@6B@
0x100122e8 ??_7CToolBarEx@@6B@
0x100125a0 ??_7CWinAppEx@@6B@
0x10002260 ??_FCWinAppEx@@QAEXXZ
0x10007ac0 ?AddBar@CSizableReBar@@QAE_NPAVCWnd@@KKPBDK1_N2@Z
0x10007a50 ?AddBar@CSizableReBar@@QAE_NPAVCWnd@@PBDPAVCBitmap@@K1_N3@Z
0x1000c6c0 ?AddMenuIcon@CWinAppEx@@QAEXAAV?$CMap@IIHH@@IK@Z
0x1000c870 ?AddMenuIcon@CWinAppEx@@QAEXIPAUHICON__@@@Z
0x1000c9b0 ?AddMenuIcon@CWinAppEx@@QAEXIPBD@Z
0x1000a400 ?CBTProc@CToolBarEx@@KGJHIJ@Z
0x10008420 ?CalcDynamicLayout@CSizableReBar@@UAE?AVCSize@@HK@Z
0x100082c0 ?CalcFixedLayout@CSizableReBar@@UAE?AVCSize@@HH@Z
0x100070b0 ?CloseTheme@CMenuBar@@IAEXXZ
0x10005c80 ?ContinueTracking@CMenuBar@@IAEX_N@Z
0x10007970 ?Create@CSizableReBar@@QAE_NPAVCWnd@@IK@Z
0x100095b0 ?Create@CToolBarEx@@QAEHPAVCWnd@@KI@Z
0x10002310 ?CreateObject@CFrameWndEx@@SGPAVCObject@@XZ
0x10002e30 ?CreateObject@CMDIChildWndEx@@SGPAVCObject@@XZ
0x10002830 ?CreateObject@CMDIFrameWndEx@@SGPAVCObject@@XZ
0x10007330 ?CreateObject@CPreviewToolBar@@SGPAVCObject@@XZ
0x10007430 ?CreateObject@CPreviewViewEx@@SGPAVCObject@@XZ
0x100024f0 ?DelayUpdateFrameMenu@CFrameWndEx@@MAEXPAUHMENU__@@@Z
0x10002a50 ?DelayUpdateFrameMenu@CMDIFrameWndEx@@MAEXPAUHMENU__@@@Z
0x100080b0 ?DoAddBar@CSizableReBar@@IAE_NPAVCWnd@@PAUtagREBARBANDINFOA@@PBD_N3@Z
0x10009ec0 ?DoCustomDraw@CToolBarEx@@MAEJPAUtagNMHDR@@PAVCWnd@@@Z
0x10007bb0 ?EnableContextMenu@CSizableReBar@@QAEX_N0@Z
0x100055f0 ?EnterTrackingMode@CMenuBar@@IAEXH@Z
0x10005cb0 ?ExitTrackingMode@CMenuBar@@IAEXXZ
0x10006ec0 ?FrameOnInitMenuPopup@CMenuBar@@IAEXPAVCMenu@@IH@Z
0x10006e00 ?FrameOnMenuChar@CMenuBar@@IAE_NIIPAVCMenu@@@Z
0x10006f10 ?FrameOnMenuSelect@CMenuBar@@IAEXIIPAUHMENU__@@@Z
0x10006e80 ?FrameOnNcActivate@CMenuBar@@IAEXH@Z
0x10006d90 ?FrameOnSysCommand@CMenuBar@@IAE_NIJ@Z
0x1000c6b0 ?GetBitmappedMenus@CWinAppEx@@QBE_NXZ
0x1000a170 ?GetButtonInfo@CToolBarEx@@IAE_NIAAU_TBBUTTON@@@Z
0x10009f30 ?GetButtonText@CToolBarEx@@MAEXIAAVCString@@@Z
0x10009fa0 ?GetButtonTip@CToolBarEx@@MAEXIAAVCString@@@Z
0x1000c680 ?GetFlatMenu@CWinAppEx@@QBE_NXZ
0x100052e0 ?GetIconOptions@CToolBarEx@@QBE?AW4EIconOptions@@XZ
0x10002270 ?GetInstance@CWinAppEx@@SAPAV1@XZ
0x100052e0 ?GetMenu@CMenuBar@@QBEPAUHMENU__@@XZ
0x1000c610 ?GetMenuAnimation@CWinAppEx@@QBE_NXZ
0x1000c660 ?GetMenuFade@CWinAppEx@@QBE_NXZ
0x1000d080 ?GetMenuImage@CWinAppEx@@QBEHI@Z
0x1000d040 ?GetMenuImageList@CWinAppEx@@QAEPAVCImageList@@XZ
0x1000c640 ?GetMenuUnderlines@CWinAppEx@@QBE_NXZ
0x10002590 ?GetMessageMap@CFrameWndEx@@MBEPBUAFX_MSGMAP@@XZ
0x10002f50 ?GetMessageMap@CMDIChildWndEx@@MBEPBUAFX_MSGMAP@@XZ
0x10002b90 ?GetMessageMap@CMDIFrameWndEx@@MBEPBUAFX_MSGMAP@@XZ
0x100060e0 ?GetMessageMap@CMenuBar@@MBEPBUAFX_MSGMAP@@XZ
0x10007570 ?GetMessageMap@CPreviewViewEx@@MBEPBUAFX_MSGMAP@@XZ
0x10008670 ?GetMessageMap@CSizableReBar@@MBEPBUAFX_MSGMAP@@XZ
0x1000a1d0 ?GetMessageMap@CToolBarEx@@MBEPBUAFX_MSGMAP@@XZ
0x10002300 ?GetNonClientMetrics@CWinAppEx@@QBEABUtagNONCLIENTMETRICSA@@XZ
0x10002280 ?GetOs@CWinAppEx@@QBE?AW4EOs@1@XZ
0x10009fd0 ?GetParentBandIndex@CMenuBar@@IBEHXZ
0x10009fd0 ?GetParentBandIndex@CToolBarEx@@IBEHXZ
0x100052f0 ?GetParentReBarCtrl@CMenuBar@@IBEAAVCReBarCtrl@@XZ
0x100052f0 ?GetParentReBarCtrl@CToolBarEx@@IBEAAVCReBarCtrl@@XZ
0x10002220 ?GetProcAddress@CDllLoader@@QAEP6GHXZPBD@Z
0x100080a0 ?GetReBarCtrl@CSizableReBar@@QAEAAVCReBarCtrl@@XZ
0x10002380 ?GetRuntimeClass@CFrameWndEx@@UBEPAUCRuntimeClass@@XZ
0x10002ea0 ?GetRuntimeClass@CMDIChildWndEx@@UBEPAUCRuntimeClass@@XZ
0x100028a0 ?GetRuntimeClass@CMDIFrameWndEx@@UBEPAUCRuntimeClass@@XZ
0x10004e70 ?GetRuntimeClass@CMenuBar@@UBEPAUCRuntimeClass@@XZ
0x100073a0 ?GetRuntimeClass@CPreviewToolBar@@UBEPAUCRuntimeClass@@XZ
0x100074a0 ?GetRuntimeClass@CPreviewViewEx@@UBEPAUCRuntimeClass@@XZ
0x100077b0 ?GetRuntimeClass@CSizableReBar@@UBEPAUCRuntimeClass@@XZ
0x10007390 ?GetRuntimeClass@CToolBarEx@@UBEPAUCRuntimeClass@@XZ
0x1000c170 ?GetRuntimeClass@CWinAppEx@@UBEPAUCRuntimeClass@@XZ
0x10008cd0 ?GetSizingEdgeHitCode@CSizableReBar@@IBEIXZ
0x10008d10 ?GetSizingEdgeRect@CSizableReBar@@IBE_NABVCRect@@AAV2@I@Z
0x100097f0 ?GetTextOptions@CToolBarEx@@QBE?AW4ETextOptions@@XZ
0x100021c0 ?GetVersion@CDllLoader@@QAE_NPAK@Z
0x10007410 ?HasButtonText@CPreviewToolBar@@MAE_NI@Z
0x10009ef0 ?HasButtonText@CToolBarEx@@MAE_NI@Z
0x10009f00 ?HasButtonTip@CToolBarEx@@MAE_NI@Z
0x10006c70 ?HookMessageProc@CMenuBar@@IAEXIIJ@Z
0x100073b0 ?Init@CPreviewToolBar@@UAEXXZ
0x10009fc0 ?Init@CToolBarEx@@UAEXXZ
0x10004820 ?InitGuiLibDLL@@YAXXZ
0x10007400 ?IsIconOptionAvailable@CPreviewToolBar@@UBE_NW4EIconOptions@@@Z
0x10009ef0 ?IsIconOptionAvailable@CToolBarEx@@UBE_NW4EIconOptions@@@Z
0x10005d80 ?IsItemClipped@CMenuBar@@IBE_NH@Z
0x100021b0 ?IsLoaded@CDllLoader@@QAE_NXZ
0x10007d10 ?IsLocked@CSizableReBar@@QAE_NXZ
0x10005dd0 ?IsOverChevron@CMenuBar@@IBE_NVCPoint@@@Z
0x100073e0 ?IsTextOptionAvailable@CPreviewToolBar@@UBE_NW4ETextOptions@@@Z
0x10009ef0 ?IsTextOptionAvailable@CToolBarEx@@UBE_NW4ETextOptions@@@Z
0x100022d0 ?IsWin2K@CWinAppEx@@QBE_NXZ
0x10002290 ?IsWin50@CWinAppEx@@QBE_NXZ
0x100022b0 ?IsWinNT@CWinAppEx@@QBE_NXZ
0x100022f0 ?IsWinXP@CWinAppEx@@QBE_NXZ
0x10007d20 ?LoadState@CSizableReBar@@QAEXPBD@Z
0x10009cf0 ?LoadState@CToolBarEx@@QAEXPBD@Z
0x1000c4e0 ?LoadStdProfileSettings@CWinAppEx@@QAEXI@Z
0x10007bd0 ?Lock@CSizableReBar@@QAE_N_N@Z
0x10006d50 ?MessageProc@CMenuBar@@KGJHIJ@Z
0x10007540 ?OnActivateView@CPreviewViewEx@@UAEXHPAVCView@@0@Z
0x1000a510 ?OnBeginAdjust@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x10006200 ?OnButtonDown@CMenuBar@@IAE_NIVCPoint@@_N@Z
0x100066a0 ?OnCaptureChanged@CMenuBar@@IAEXPAVCWnd@@@Z
0x100087a0 ?OnCaptureChanged@CSizableReBar@@IAEXPAVCWnd@@@Z
0x10008940 ?OnContextMenu@CSizableReBar@@IAEXPAVCWnd@@VCPoint@@@Z
0x10002ba0 ?OnCreate@CMDIFrameWndEx@@IAEHPAUtagCREATESTRUCTA@@@Z
0x100060f0 ?OnCreate@CMenuBar@@IAEHPAUtagCREATESTRUCTA@@@Z
0x10008680 ?OnCreate@CSizableReBar@@IAEHPAUtagCREATESTRUCTA@@@Z
0x10006a70 ?OnCustomDraw@CMenuBar@@IAEXPAUtagNMHDR@@PAJ@Z
0x1000a350 ?OnCustomDraw@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x1000a1e0 ?OnCustomize@CToolBarEx@@IAEXXZ
0x100061e0 ?OnDestroy@CMenuBar@@IAEXXZ
0x10006960 ?OnDropDown@CMenuBar@@IAEXPAUtagNMHDR@@PAJ@Z
0x1000a540 ?OnEndAdjust@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x1000a590 ?OnGetButtonInfo@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x100067b0 ?OnGetDlgCode@CMenuBar@@IAEIXZ
0x1000a370 ?OnGetInfoTip@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x100069d0 ?OnHotItemChange@CMenuBar@@IAEXPAUtagNMHDR@@PAJ@Z
0x1000a580 ?OnInitCustomize@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x10006720 ?OnKeyDown@CMenuBar@@IAEXIII@Z
0x10006790 ?OnKillFocus@CMenuBar@@IAEXPAVCWnd@@@Z
0x10006630 ?OnLButtonDblClk@CMenuBar@@IAEXIVCPoint@@@Z
0x10006340 ?OnLButtonDown@CMenuBar@@IAEXIVCPoint@@@Z
0x10006410 ?OnLButtonUp@CMenuBar@@IAEXIVCPoint@@@Z
0x10008780 ?OnLButtonUp@CSizableReBar@@IAEXIVCPoint@@@Z
0x100064d0 ?OnMouseMove@CMenuBar@@IAEXIVCPoint@@@Z
0x10008750 ?OnMouseMove@CSizableReBar@@IAEXIVCPoint@@@Z
0x100087d0 ?OnNcCalcSize@CSizableReBar@@IAEXHPAUtagNCCALCSIZE_PARAMS@@@Z
0x10008890 ?OnNcHitTest@CSizableReBar@@IAEIVCPoint@@@Z
0x10008720 ?OnNcLButtonDown@CSizableReBar@@IAEXIVCPoint@@@Z
0x10008880 ?OnNcPaint@CSizableReBar@@IAEXXZ
0x100084c0 ?OnNotify@CSizableReBar@@MAEHIJPAJ@Z
0x10009e50 ?OnNotify@CToolBarEx@@MAEHIJPAJ@Z
0x10007580 ?OnPreviewClose@CPreviewViewEx@@IAEXXZ
0x10007650 ?OnPreviewPrint@CPreviewViewEx@@IAEXXZ
0x1000a580 ?OnQueryDelete@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x1000a580 ?OnQueryInsert@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x10006310 ?OnRButtonDown@CMenuBar@@IAEXIVCPoint@@@Z
0x100068f0 ?OnReBarChevronPushed@CMenuBar@@IAEJIJ@Z
0x1000a290 ?OnReBarChevronPushed@CToolBarEx@@IAEJIJ@Z
0x10006890 ?OnReBarChildSize@CMenuBar@@IAEJIJ@Z
0x1000a200 ?OnReBarContextMenu@CToolBarEx@@IAEJIJ@Z
0x10008cb0 ?OnRecalcParent@CSizableReBar@@IAEXXZ
0x1000a660 ?OnReset@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x1000a7e0 ?OnRestore@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x1000a760 ?OnSave@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x100067d0 ?OnSettingChange@CMenuBar@@IAEXIPBD@Z
0x100067f0 ?OnShowPopupMenu@CMenuBar@@IAEJIJ@Z
0x100088f0 ?OnSize@CSizableReBar@@IAEXIHH@Z
0x10006780 ?OnSysKeyDown@CMenuBar@@IAEXIII@Z
0x10006930 ?OnThemeChanged@CMenuBar@@IAEJIJ@Z
0x1000a740 ?OnToolBarChange@CToolBarEx@@IAEXPAUtagNMHDR@@PAJ@Z
0x10005fd0 ?OnToolHitTest@CMenuBar@@UBEHVCPoint@@PAUtagTOOLINFOA@@@Z
0x10008e60 ?OnTrackUpdateSize@CSizableReBar@@IAEXVCPoint@@@Z
0x10005ea0 ?OnUpdateCmdUI@CMenuBar@@UAEXPAVCFrameWnd@@H@Z
0x10008640 ?OnUpdateCmdUI@CSizableReBar@@MAEXPAVCFrameWnd@@H@Z
0x10002530 ?OnUpdateFrameMenu@CFrameWndEx@@MAEXPAUHMENU__@@@Z
0x10002b50 ?OnUpdateFrameTitle@CMDIFrameWndEx@@MAEXH@Z
0x10006950 ?OnUpdateMenuButton@CMenuBar@@IAEXPAVCCmdUI@@@Z
0x10007680 ?OnUpdateNumPageChange@CPreviewViewEx@@IAEXPAVCCmdUI@@@Z
0x10002c60 ?OnWindowList@CMDIFrameWndEx@@IAEXXZ
0x10006f50 ?OpenTheme@CMenuBar@@IAEXXZ
0x1000a000 ?ReloadButtons@CToolBarEx@@IAEXXZ
0x1000cd20 ?RemoveMenuIcon@CWinAppEx@@QAEXI@Z
0x1000cba0 ?ReplaceMenuIcon@CWinAppEx@@QAEXIPAUHICON__@@@Z
0x10005540 ?RepositionSysButtons@CMenuBar@@IAEXVCRect@@@Z
0x10007f00 ?SaveState@CSizableReBar@@QAEXPBD@Z
0x10009d90 ?SaveState@CToolBarEx@@QAEXPBD@Z
0x1000c6a0 ?SetBitmappedMenus@CWinAppEx@@QAEX_N@Z
0x10009a20 ?SetBitmaps@CToolBarEx@@QAEXIIIIIIW4EIconOptions@@K@Z
0x10007b20 ?SetBkImage@CSizableReBar@@QAE_NPAVCBitmap@@@Z
0x10005310 ?SetButtonWidth@CMenuBar@@IAEXIH@Z
0x10009a80 ?SetButtons@CToolBarEx@@QAEXHPAUTBBUTTONEX@@W4ETextOptions@@@Z
0x10009800 ?SetIconOptions@CToolBarEx@@QAEXW4EIconOptions@@_N@Z
0x10005170 ?SetMenu@CMenuBar@@QAE_NPAUHMENU__@@@Z
0x1000cdf0 ?SetMenuIcons@CWinAppEx@@QAEXPAVCMenu@@_N@Z
0x10009620 ?SetTextOptions@CToolBarEx@@QAEXW4ETextOptions@@_N@Z
0x10005d30 ?ShowChevronMenu@CMenuBar@@IAEXH@Z
0x10008dc0 ?StartTracking@CSizableReBar@@IAEXIVCPoint@@@Z
0x10008e50 ?StopTracking@CSizableReBar@@IAEXXZ
0x10005680 ?TrackChevronMenu@CMenuBar@@IAEXAAVCRect@@H@Z
0x10005a90 ?TrackPopupMenu@CMenuBar@@IAEXXZ
0x1000c480 ?TrackPopupMenuEx@CWinAppEx@@SAHPAUHMENU__@@IHHPAVCWnd@@PAUtagTPMPARAMS@@@Z
0x10005350 ?UpdateMenuBar@CMenuBar@@IAEXXZ
0x1000a080 ?UpdateParentBandInfo@CToolBarEx@@IAEXXZ
0x1000c560 ?UpdateSystemParameters@CWinAppEx@@QAEXXZ
0x10008460 ?WindowProc@CSizableReBar@@MAEJIIJ@Z
0x10002370 ?_GetBaseClass@CFrameWndEx@@KGPAUCRuntimeClass@@XZ
0x10002e90 ?_GetBaseClass@CMDIChildWndEx@@KGPAUCRuntimeClass@@XZ
0x10002890 ?_GetBaseClass@CMDIFrameWndEx@@KGPAUCRuntimeClass@@XZ
0x10004e60 ?_GetBaseClass@CMenuBar@@KGPAUCRuntimeClass@@XZ
0x10007390 ?_GetBaseClass@CPreviewToolBar@@KGPAUCRuntimeClass@@XZ
0x10007490 ?_GetBaseClass@CPreviewViewEx@@KGPAUCRuntimeClass@@XZ
0x100077a0 ?_GetBaseClass@CSizableReBar@@KGPAUCRuntimeClass@@XZ
0x10004e60 ?_GetBaseClass@CToolBarEx@@KGPAUCRuntimeClass@@XZ
0x1000c160 ?_GetBaseClass@CWinAppEx@@KGPAUCRuntimeClass@@XZ
0x10002580 ?_GetBaseMessageMap@CFrameWndEx@@KGPBUAFX_MSGMAP@@XZ
0x10002f40 ?_GetBaseMessageMap@CMDIChildWndEx@@KGPBUAFX_MSGMAP@@XZ
0x10002b80 ?_GetBaseMessageMap@CMDIFrameWndEx@@KGPBUAFX_MSGMAP@@XZ
0x100060d0 ?_GetBaseMessageMap@CMenuBar@@KGPBUAFX_MSGMAP@@XZ
0x10007560 ?_GetBaseMessageMap@CPreviewViewEx@@KGPBUAFX_MSGMAP@@XZ
0x10008660 ?_GetBaseMessageMap@CSizableReBar@@KGPBUAFX_MSGMAP@@XZ
0x100060d0 ?_GetBaseMessageMap@CToolBarEx@@KGPBUAFX_MSGMAP@@XZ
0x10010b18 ?_messageEntries@CFrameWndEx@@0QBUAFX_MSGMAP_ENTRY@@B
0x10010de8 ?_messageEntries@CMDIChildWndEx@@0QBUAFX_MSGMAP_ENTRY@@B
0x10010ca8 ?_messageEntries@CMDIFrameWndEx@@0QBUAFX_MSGMAP_ENTRY@@B
0x10011730 ?_messageEntries@CMenuBar@@0QBUAFX_MSGMAP_ENTRY@@B
0x10011af8 ?_messageEntries@CPreviewViewEx@@0QBUAFX_MSGMAP_ENTRY@@B
0x10011da0 ?_messageEntries@CSizableReBar@@0QBUAFX_MSGMAP_ENTRY@@B
0x100120a0 ?_messageEntries@CToolBarEx@@0QBUAFX_MSGMAP_ENTRY@@B
0x10010af8 ?classCFrameWndEx@CFrameWndEx@@2UCRuntimeClass@@B
0x10010dc8 ?classCMDIChildWndEx@CMDIChildWndEx@@2UCRuntimeClass@@B
0x10010c88 ?classCMDIFrameWndEx@CMDIFrameWndEx@@2UCRuntimeClass@@B
0x10011710 ?classCMenuBar@CMenuBar@@2UCRuntimeClass@@B
0x10011ac0 ?classCPreviewToolBar@CPreviewToolBar@@2UCRuntimeClass@@B
0x10011ad8 ?classCPreviewViewEx@CPreviewViewEx@@2UCRuntimeClass@@B
0x10011d80 ?classCSizableReBar@CSizableReBar@@2UCRuntimeClass@@B
0x10012080 ?classCToolBarEx@CToolBarEx@@2UCRuntimeClass@@B
0x10012588 ?classCWinAppEx@CWinAppEx@@2UCRuntimeClass@@B
0x100184a8 ?m_hCBTHook@CToolBarEx@@1PAUHHOOK__@@A
0x10018440 ?m_hMsgHook@CMenuBar@@1PAUHHOOK__@@A
0x100182f4 ?m_lpszStateInfoBand@CSizableReBar@@1PBDB
0x10018354 ?m_lpszStateInfoEntry@CToolBarEx@@1PBDB
0x100182e8 ?m_lpszStateInfoFormat@CSizableReBar@@1PBDB
0x100182f0 ?m_lpszStateInfoLocked@CSizableReBar@@1PBDB
0x100182ec ?m_lpszStateInfoVersion@CSizableReBar@@1PBDB
0x100182e4 ?m_nStateInfoVersion@CSizableReBar@@1HA
0x100184a4 ?m_pCustomizeDlg@CToolBarEx@@1PAVCCustomizeDialog@@A
0x10018444 ?m_pMenuBar@CMenuBar@@1PAV1@A
0x100184a0 ?m_pToolBar@CToolBarEx@@1PAV1@A
0x10010b10 ?messageMap@CFrameWndEx@@1UAFX_MSGMAP@@B
0x10010de0 ?messageMap@CMDIChildWndEx@@1UAFX_MSGMAP@@B
0x10010ca0 ?messageMap@CMDIFrameWndEx@@1UAFX_MSGMAP@@B
0x10011728 ?messageMap@CMenuBar@@1UAFX_MSGMAP@@B
0x10011af0 ?messageMap@CPreviewViewEx@@1UAFX_MSGMAP@@B
0x10011d98 ?messageMap@CSizableReBar@@1UAFX_MSGMAP@@B
0x10012098 ?messageMap@CToolBarEx@@1UAFX_MSGMAP@@B
0x100046d0 DllRegisterServer

Similarity measure (PE file only) - Checking for service failure