ScreenShot
| Created | 2021.07.07 07:36 | Machine | s1_win7_x6402 |
| Filename | klinch.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 30 detected (AIDetect, malware1, malicious, high confidence, Artemis, Unsafe, Save, confidence, Kryptik, Eldorado, score, Yakes, FileRepMalware, Static AI, Suspicious PE, ASCommon, Wacatac, BScope, Virlock, Generic@ML, RDML, CRXILAujLGJJdVh+RBFcuw, ZexaF, uC1@aa, ReBei, QVM19) | ||
| md5 | 9a2e1bb9ad6f1ccfeaa4c2c55637ae3b | ||
| sha256 | b012145b80d5176d73ed67924be9b1290d7920f05bf436f37deca4799b6d88b6 | ||
| ssdeep | 6144:beMJwKolm23neuhb0VIe6j0bdRbCOfSHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHHK:beMS023eib6d6jSdkhUSeAeAe/ | ||
| imphash | 333a822de49d764043e0a411543a23bb | ||
| impfuzzy | 192:5knEZF76jU1I7z2id2ZRuUEwfm1OAV/qtK7:5knEjWg1I7VwTuwfhAAu | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 30 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (4cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x44bff0 Sleep
0x44bff4 GetModuleHandleA
0x44bff8 SetUnhandledExceptionFilter
0x44bffc UnhandledExceptionFilter
0x44c000 GetCurrentProcess
0x44c004 TerminateProcess
0x44c008 GetSystemTimeAsFileTime
0x44c00c GetCurrentThreadId
0x44c010 GetTickCount
0x44c014 QueryPerformanceCounter
0x44c018 CreateFileA
0x44c01c DosDateTimeToFileTime
0x44c020 LocalFileTimeToFileTime
0x44c024 SetFileTime
0x44c028 CloseHandle
0x44c02c SetFileAttributesA
0x44c030 GetFileAttributesExA
0x44c034 FileTimeToLocalFileTime
0x44c038 FileTimeToDosDateTime
0x44c03c GetCurrentProcessId
0x44c040 GetLastError
0x44c044 Module32FirstW
0x44c048 FindNextFileA
0x44c04c VirtualProtect
0x44c050 OpenEventW
0x44c054 SetCommMask
0x44c058 SetFileApisToOEM
0x44c05c EnumTimeFormatsW
0x44c060 GetModuleFileNameW
0x44c064 MoveFileA
0x44c068 WriteConsoleInputA
0x44c06c EnumDateFormatsW
0x44c070 WriteConsoleOutputAttribute
0x44c074 IsBadStringPtrA
0x44c078 ExitProcess
0x44c07c MoveFileW
0x44c080 GetStartupInfoW
0x44c084 CancelWaitableTimer
0x44c088 BuildCommDCBA
0x44c08c DeleteTimerQueueTimer
0x44c090 FindFirstVolumeMountPointW
0x44c094 GetConsoleTitleA
0x44c098 GlobalFix
0x44c09c GetPrivateProfileStructW
0x44c0a0 WaitForSingleObjectEx
0x44c0a4 CopyFileW
0x44c0a8 Heap32ListFirst
0x44c0ac GetFileType
0x44c0b0 ReadConsoleInputA
0x44c0b4 SetSystemTime
0x44c0b8 _lread
0x44c0bc OpenJobObjectA
0x44c0c0 QueryDosDeviceA
0x44c0c4 GlobalSize
0x44c0c8 CompareStringW
0x44c0cc EscapeCommFunction
0x44c0d0 VerSetConditionMask
0x44c0d4 MoveFileExA
0x44c0d8 GetProcessTimes
0x44c0dc GetDevicePowerState
0x44c0e0 GetPrivateProfileSectionNamesA
0x44c0e4 SetEndOfFile
0x44c0e8 GetProfileSectionA
0x44c0ec TlsSetValue
0x44c0f0 TlsGetValue
0x44c0f4 LocalAlloc
0x44c0f8 GetModuleHandleW
0x44c0fc lstrlenW
0x44c100 lstrcmpA
0x44c104 WritePrivateProfileStringW
0x44c108 WriteFile
0x44c10c WaitForSingleObject
0x44c110 VirtualQuery
0x44c114 VirtualFree
0x44c118 VirtualAlloc
0x44c11c UnmapViewOfFile
0x44c120 TerminateThread
0x44c124 SystemTimeToFileTime
0x44c128 SuspendThread
0x44c12c SizeofResource
0x44c130 SetThreadPriority
0x44c134 SetLastError
0x44c138 SetFilePointer
0x44c13c SetEvent
0x44c140 ResumeThread
0x44c144 ResetEvent
0x44c148 RemoveDirectoryA
0x44c14c ReleaseMutex
0x44c150 ReadProcessMemory
0x44c154 ReadFile
0x44c158 RaiseException
0x44c15c QueryPerformanceFrequency
0x44c160 OutputDebugStringW
0x44c164 OpenProcess
0x44c168 OpenFileMappingA
0x44c16c OpenFileMappingW
0x44c170 MapViewOfFile
0x44c174 LockResource
0x44c178 LocalSize
0x44c17c LocalFree
0x44c180 LoadResource
0x44c184 LoadLibraryExA
0x44c188 LoadLibraryW
0x44c18c LeaveCriticalSection
0x44c190 IsBadReadPtr
0x44c194 InitializeCriticalSection
0x44c198 GlobalUnlock
0x44c19c GlobalReAlloc
0x44c1a0 GlobalMemoryStatus
0x44c1a4 GlobalHandle
0x44c1a8 GlobalLock
0x44c1ac GlobalFree
0x44c1b0 GlobalAlloc
0x44c1b4 GetWindowsDirectoryA
0x44c1b8 GetWindowsDirectoryW
0x44c1bc GetVersionExA
0x44c1c0 GetVersionExW
0x44c1c4 GetVersion
0x44c1c8 GetTimeZoneInformation
0x44c1cc GetThreadPriority
0x44c1d0 GetThreadLocale
0x44c1d4 GetThreadContext
0x44c1d8 GetTempPathA
0x44c1dc GetTempPathW
0x44c1e0 GetSystemTime
0x44c1e4 GetSystemDirectoryW
0x44c1e8 GetProcAddress
0x44c1ec GetPrivateProfileStringW
0x44c1f0 GetPriorityClass
0x44c1f4 GetModuleFileNameA
0x44c1f8 GetLocaleInfoA
0x44c1fc GetLocalTime
0x44c200 GetFileTime
0x44c204 GetFileSize
0x44c208 GetFileAttributesA
0x44c20c GetFileAttributesW
0x44c210 GetDiskFreeSpaceA
0x44c214 GetCurrentThread
0x44c218 GetComputerNameA
0x44c21c GetComputerNameW
0x44c220 GetCommandLineA
0x44c224 GetCommandLineW
0x44c228 GetCPInfo
0x44c22c FreeResource
0x44c230 InterlockedIncrement
0x44c234 InterlockedExchange
0x44c238 InterlockedDecrement
0x44c23c FreeLibrary
0x44c240 FormatMessageA
0x44c244 FindResourceA
0x44c248 FindResourceW
0x44c24c FindFirstFileA
0x44c250 FindClose
0x44c254 FileTimeToSystemTime
0x44c258 ExpandEnvironmentStringsA
0x44c25c ExitThread
0x44c260 EnterCriticalSection
0x44c264 DuplicateHandle
0x44c268 DeleteFileA
0x44c26c DeleteFileW
0x44c270 DeleteCriticalSection
0x44c274 CreateThread
0x44c278 CreateRemoteThread
0x44c27c CreateProcessA
0x44c280 CreateProcessW
0x44c284 CreatePipe
0x44c288 CreateMutexA
0x44c28c CreateMutexW
0x44c290 CreateFileMappingA
0x44c294 CreateFileMappingW
0x44c298 CreateFileW
0x44c29c CreateEventW
0x44c2a0 CreateDirectoryA
0x44c2a4 CopyFileA
0x44c2a8 Beep
0x44c2ac RtlUnwind
0x44c2b0 LoadLibraryA
USER32.dll
0x44c2b8 CharNextExA
0x44c2bc UpdateWindow
0x44c2c0 GetWindowRgn
0x44c2c4 IsDlgButtonChecked
0x44c2c8 FindWindowA
0x44c2cc ChangeDisplaySettingsExA
0x44c2d0 PostThreadMessageW
0x44c2d4 DdeImpersonateClient
0x44c2d8 RemovePropA
0x44c2dc GetMonitorInfoW
0x44c2e0 PeekMessageW
0x44c2e4 ShowCursor
0x44c2e8 UpdateLayeredWindow
0x44c2ec DdeCreateDataHandle
0x44c2f0 GetUpdateRgn
0x44c2f4 BroadcastSystemMessage
0x44c2f8 ClipCursor
0x44c2fc GetWindowPlacement
0x44c300 GetDlgCtrlID
0x44c304 GetCursor
0x44c308 SetDlgItemTextA
0x44c30c GetKeyboardLayoutNameA
0x44c310 ToUnicodeEx
0x44c314 PostMessageW
0x44c318 DdeClientTransaction
0x44c31c LockWorkStation
0x44c320 GetMenuItemInfoW
0x44c324 RegisterWindowMessageA
0x44c328 CharNextA
0x44c32c CreateAcceleratorTableA
0x44c330 PostMessageA
0x44c334 DrawFocusRect
0x44c338 ValidateRect
0x44c33c DdeConnect
0x44c340 GetMenuStringW
0x44c344 UnpackDDElParam
0x44c348 DestroyCaret
0x44c34c SubtractRect
0x44c350 GetSystemMenu
0x44c354 SetSystemCursor
0x44c358 GetClipCursor
0x44c35c GetScrollInfo
0x44c360 CreateWindowExA
0x44c364 CreateWindowExW
0x44c368 WindowFromPoint
0x44c36c TranslateMessage
0x44c370 SystemParametersInfoW
0x44c374 ShowWindow
0x44c378 SetWindowTextA
0x44c37c SetWindowPos
0x44c380 SetWindowLongA
0x44c384 SetTimer
0x44c388 SetRect
0x44c38c SetForegroundWindow
0x44c390 SetFocus
0x44c394 SetCursor
0x44c398 SetClipboardData
0x44c39c SetCapture
0x44c3a0 SetActiveWindow
0x44c3a4 SendMessageTimeoutA
0x44c3a8 SendMessageA
0x44c3ac SendMessageW
0x44c3b0 ScreenToClient
0x44c3b4 RemoveMenu
0x44c3b8 ReleaseDC
0x44c3bc ReleaseCapture
0x44c3c0 RegisterWindowMessageW
0x44c3c4 RegisterClassA
0x44c3c8 PostThreadMessageA
0x44c3cc PostQuitMessage
0x44c3d0 PeekMessageA
0x44c3d4 OpenClipboard
0x44c3d8 OffsetRect
0x44c3dc MessageBoxA
0x44c3e0 MessageBeep
0x44c3e4 LoadImageA
0x44c3e8 LoadCursorW
0x44c3ec KillTimer
0x44c3f0 IsWindowVisible
0x44c3f4 IsWindowUnicode
0x44c3f8 IsWindowEnabled
0x44c3fc IsWindow
0x44c400 IsIconic
0x44c404 IsDialogMessageW
0x44c408 InvalidateRect
0x44c40c InflateRect
0x44c410 GetWindowThreadProcessId
0x44c414 GetWindowTextA
0x44c418 GetWindowRect
0x44c41c GetWindowLongW
0x44c420 GetWindowDC
0x44c424 GetSystemMetrics
0x44c428 GetSysColorBrush
0x44c42c GetSysColor
0x44c430 GetWindow
0x44c434 GetMessageA
0x44c438 GetMessageW
0x44c43c GetKeyState
0x44c440 GetIconInfo
0x44c444 GetFocus
0x44c448 GetDC
0x44c44c GetCursorPos
0x44c450 GetClientRect
0x44c454 GetClassNameA
0x44c458 GetCapture
0x44c45c FrameRect
0x44c460 FindWindowW
0x44c464 FillRect
0x44c468 EnumWindows
0x44c46c EndPaint
0x44c470 EnableWindow
0x44c474 EmptyClipboard
0x44c478 DrawTextA
0x44c47c DrawIconEx
0x44c480 DrawFrameControl
0x44c484 DispatchMessageW
0x44c488 DestroyWindow
0x44c48c DefWindowProcA
0x44c490 DefWindowProcW
0x44c494 CloseClipboard
0x44c498 CallWindowProcW
0x44c49c BringWindowToTop
0x44c4a0 BeginPaint
0x44c4a4 AttachThreadInput
0x44c4a8 GetClipboardData
GDI32.dll
0x44c4b0 SetMetaRgn
0x44c4b4 SetBkColor
0x44c4b8 GdiSwapBuffers
0x44c4bc EngAcquireSemaphore
0x44c4c0 RemoveFontResourceExW
0x44c4c4 CreateDCA
0x44c4c8 ExtSelectClipRgn
0x44c4cc GdiEntry4
0x44c4d0 SetTextColor
0x44c4d4 CreateFontA
0x44c4d8 StartDocA
0x44c4dc RealizePalette
0x44c4e0 EngCreateDeviceBitmap
0x44c4e4 ExtCreatePen
0x44c4e8 GdiConvertBrush
0x44c4ec CreateColorSpaceW
0x44c4f0 NamedEscape
0x44c4f4 CombineTransform
0x44c4f8 EngGetCurrentCodePage
0x44c4fc PolyBezierTo
0x44c500 TextOutA
0x44c504 StartPage
0x44c508 SetMapMode
0x44c50c SetBkMode
0x44c510 SelectObject
0x44c514 SelectClipRgn
0x44c518 MoveToEx
0x44c51c LineTo
0x44c520 GetTextMetricsW
0x44c524 GetTextFaceA
0x44c528 GetTextExtentPoint32A
0x44c52c GetStockObject
0x44c530 GetRgnBox
0x44c534 GetObjectW
0x44c538 GetDeviceCaps
0x44c53c GdiFlush
0x44c540 EndPage
0x44c544 EndDoc
0x44c548 DeleteObject
0x44c54c DeleteDC
0x44c550 CreateSolidBrush
0x44c554 CreateRectRgnIndirect
0x44c558 CreatePen
0x44c55c CreateFontW
0x44c560 CreateDIBSection
0x44c564 CreateDCW
0x44c568 CreateCompatibleDC
0x44c56c CombineRgn
0x44c570 BitBlt
0x44c574 GetStretchBltMode
COMDLG32.dll
0x44c57c PrintDlgW
0x44c580 GetSaveFileNameA
ADVAPI32.dll
0x44c588 SetSecurityDescriptorDacl
0x44c58c RegSetValueExA
0x44c590 RegQueryValueExA
0x44c594 RegQueryValueExW
0x44c598 RegQueryInfoKeyW
0x44c59c RegOpenKeyExA
0x44c5a0 RegOpenKeyExW
0x44c5a4 RegEnumKeyA
0x44c5a8 RegDeleteValueA
0x44c5ac RegCreateKeyExA
0x44c5b0 RegCloseKey
0x44c5b4 InitializeSecurityDescriptor
0x44c5b8 GetUserNameA
0x44c5bc GetUserNameW
0x44c5c0 FreeSid
0x44c5c4 AllocateAndInitializeSid
0x44c5c8 RegOpenKeyA
SHELL32.dll
0x44c5d0 SHAppBarMessage
0x44c5d4 CheckEscapesW
0x44c5d8 DragQueryFileAorW
0x44c5dc SHCreateDirectoryExA
0x44c5e0 ExtractIconExA
0x44c5e4 SHQueryRecycleBinA
0x44c5e8 ShellExecuteExW
0x44c5ec WOWShellExecute
0x44c5f0 Shell_NotifyIconW
0x44c5f4 SHGetSpecialFolderPathA
0x44c5f8 SHGetPathFromIDList
0x44c5fc ExtractAssociatedIconA
0x44c600 SHGetDiskFreeSpaceA
0x44c604 ExtractIconExW
0x44c608 SHAddToRecentDocs
0x44c60c SHGetSpecialFolderPathW
0x44c610 ShellExecuteExA
0x44c614 ShellExecuteA
0x44c618 SHGetPathFromIDListA
0x44c61c SHGetSpecialFolderLocation
0x44c620 SHGetMalloc
SHLWAPI.dll
0x44c628 StrChrW
COMCTL32.dll
0x44c630 ImageList_Destroy
0x44c634 ImageList_Create
0x44c638 None
EAT(Export Address Table) is none
KERNEL32.dll
0x44bff0 Sleep
0x44bff4 GetModuleHandleA
0x44bff8 SetUnhandledExceptionFilter
0x44bffc UnhandledExceptionFilter
0x44c000 GetCurrentProcess
0x44c004 TerminateProcess
0x44c008 GetSystemTimeAsFileTime
0x44c00c GetCurrentThreadId
0x44c010 GetTickCount
0x44c014 QueryPerformanceCounter
0x44c018 CreateFileA
0x44c01c DosDateTimeToFileTime
0x44c020 LocalFileTimeToFileTime
0x44c024 SetFileTime
0x44c028 CloseHandle
0x44c02c SetFileAttributesA
0x44c030 GetFileAttributesExA
0x44c034 FileTimeToLocalFileTime
0x44c038 FileTimeToDosDateTime
0x44c03c GetCurrentProcessId
0x44c040 GetLastError
0x44c044 Module32FirstW
0x44c048 FindNextFileA
0x44c04c VirtualProtect
0x44c050 OpenEventW
0x44c054 SetCommMask
0x44c058 SetFileApisToOEM
0x44c05c EnumTimeFormatsW
0x44c060 GetModuleFileNameW
0x44c064 MoveFileA
0x44c068 WriteConsoleInputA
0x44c06c EnumDateFormatsW
0x44c070 WriteConsoleOutputAttribute
0x44c074 IsBadStringPtrA
0x44c078 ExitProcess
0x44c07c MoveFileW
0x44c080 GetStartupInfoW
0x44c084 CancelWaitableTimer
0x44c088 BuildCommDCBA
0x44c08c DeleteTimerQueueTimer
0x44c090 FindFirstVolumeMountPointW
0x44c094 GetConsoleTitleA
0x44c098 GlobalFix
0x44c09c GetPrivateProfileStructW
0x44c0a0 WaitForSingleObjectEx
0x44c0a4 CopyFileW
0x44c0a8 Heap32ListFirst
0x44c0ac GetFileType
0x44c0b0 ReadConsoleInputA
0x44c0b4 SetSystemTime
0x44c0b8 _lread
0x44c0bc OpenJobObjectA
0x44c0c0 QueryDosDeviceA
0x44c0c4 GlobalSize
0x44c0c8 CompareStringW
0x44c0cc EscapeCommFunction
0x44c0d0 VerSetConditionMask
0x44c0d4 MoveFileExA
0x44c0d8 GetProcessTimes
0x44c0dc GetDevicePowerState
0x44c0e0 GetPrivateProfileSectionNamesA
0x44c0e4 SetEndOfFile
0x44c0e8 GetProfileSectionA
0x44c0ec TlsSetValue
0x44c0f0 TlsGetValue
0x44c0f4 LocalAlloc
0x44c0f8 GetModuleHandleW
0x44c0fc lstrlenW
0x44c100 lstrcmpA
0x44c104 WritePrivateProfileStringW
0x44c108 WriteFile
0x44c10c WaitForSingleObject
0x44c110 VirtualQuery
0x44c114 VirtualFree
0x44c118 VirtualAlloc
0x44c11c UnmapViewOfFile
0x44c120 TerminateThread
0x44c124 SystemTimeToFileTime
0x44c128 SuspendThread
0x44c12c SizeofResource
0x44c130 SetThreadPriority
0x44c134 SetLastError
0x44c138 SetFilePointer
0x44c13c SetEvent
0x44c140 ResumeThread
0x44c144 ResetEvent
0x44c148 RemoveDirectoryA
0x44c14c ReleaseMutex
0x44c150 ReadProcessMemory
0x44c154 ReadFile
0x44c158 RaiseException
0x44c15c QueryPerformanceFrequency
0x44c160 OutputDebugStringW
0x44c164 OpenProcess
0x44c168 OpenFileMappingA
0x44c16c OpenFileMappingW
0x44c170 MapViewOfFile
0x44c174 LockResource
0x44c178 LocalSize
0x44c17c LocalFree
0x44c180 LoadResource
0x44c184 LoadLibraryExA
0x44c188 LoadLibraryW
0x44c18c LeaveCriticalSection
0x44c190 IsBadReadPtr
0x44c194 InitializeCriticalSection
0x44c198 GlobalUnlock
0x44c19c GlobalReAlloc
0x44c1a0 GlobalMemoryStatus
0x44c1a4 GlobalHandle
0x44c1a8 GlobalLock
0x44c1ac GlobalFree
0x44c1b0 GlobalAlloc
0x44c1b4 GetWindowsDirectoryA
0x44c1b8 GetWindowsDirectoryW
0x44c1bc GetVersionExA
0x44c1c0 GetVersionExW
0x44c1c4 GetVersion
0x44c1c8 GetTimeZoneInformation
0x44c1cc GetThreadPriority
0x44c1d0 GetThreadLocale
0x44c1d4 GetThreadContext
0x44c1d8 GetTempPathA
0x44c1dc GetTempPathW
0x44c1e0 GetSystemTime
0x44c1e4 GetSystemDirectoryW
0x44c1e8 GetProcAddress
0x44c1ec GetPrivateProfileStringW
0x44c1f0 GetPriorityClass
0x44c1f4 GetModuleFileNameA
0x44c1f8 GetLocaleInfoA
0x44c1fc GetLocalTime
0x44c200 GetFileTime
0x44c204 GetFileSize
0x44c208 GetFileAttributesA
0x44c20c GetFileAttributesW
0x44c210 GetDiskFreeSpaceA
0x44c214 GetCurrentThread
0x44c218 GetComputerNameA
0x44c21c GetComputerNameW
0x44c220 GetCommandLineA
0x44c224 GetCommandLineW
0x44c228 GetCPInfo
0x44c22c FreeResource
0x44c230 InterlockedIncrement
0x44c234 InterlockedExchange
0x44c238 InterlockedDecrement
0x44c23c FreeLibrary
0x44c240 FormatMessageA
0x44c244 FindResourceA
0x44c248 FindResourceW
0x44c24c FindFirstFileA
0x44c250 FindClose
0x44c254 FileTimeToSystemTime
0x44c258 ExpandEnvironmentStringsA
0x44c25c ExitThread
0x44c260 EnterCriticalSection
0x44c264 DuplicateHandle
0x44c268 DeleteFileA
0x44c26c DeleteFileW
0x44c270 DeleteCriticalSection
0x44c274 CreateThread
0x44c278 CreateRemoteThread
0x44c27c CreateProcessA
0x44c280 CreateProcessW
0x44c284 CreatePipe
0x44c288 CreateMutexA
0x44c28c CreateMutexW
0x44c290 CreateFileMappingA
0x44c294 CreateFileMappingW
0x44c298 CreateFileW
0x44c29c CreateEventW
0x44c2a0 CreateDirectoryA
0x44c2a4 CopyFileA
0x44c2a8 Beep
0x44c2ac RtlUnwind
0x44c2b0 LoadLibraryA
USER32.dll
0x44c2b8 CharNextExA
0x44c2bc UpdateWindow
0x44c2c0 GetWindowRgn
0x44c2c4 IsDlgButtonChecked
0x44c2c8 FindWindowA
0x44c2cc ChangeDisplaySettingsExA
0x44c2d0 PostThreadMessageW
0x44c2d4 DdeImpersonateClient
0x44c2d8 RemovePropA
0x44c2dc GetMonitorInfoW
0x44c2e0 PeekMessageW
0x44c2e4 ShowCursor
0x44c2e8 UpdateLayeredWindow
0x44c2ec DdeCreateDataHandle
0x44c2f0 GetUpdateRgn
0x44c2f4 BroadcastSystemMessage
0x44c2f8 ClipCursor
0x44c2fc GetWindowPlacement
0x44c300 GetDlgCtrlID
0x44c304 GetCursor
0x44c308 SetDlgItemTextA
0x44c30c GetKeyboardLayoutNameA
0x44c310 ToUnicodeEx
0x44c314 PostMessageW
0x44c318 DdeClientTransaction
0x44c31c LockWorkStation
0x44c320 GetMenuItemInfoW
0x44c324 RegisterWindowMessageA
0x44c328 CharNextA
0x44c32c CreateAcceleratorTableA
0x44c330 PostMessageA
0x44c334 DrawFocusRect
0x44c338 ValidateRect
0x44c33c DdeConnect
0x44c340 GetMenuStringW
0x44c344 UnpackDDElParam
0x44c348 DestroyCaret
0x44c34c SubtractRect
0x44c350 GetSystemMenu
0x44c354 SetSystemCursor
0x44c358 GetClipCursor
0x44c35c GetScrollInfo
0x44c360 CreateWindowExA
0x44c364 CreateWindowExW
0x44c368 WindowFromPoint
0x44c36c TranslateMessage
0x44c370 SystemParametersInfoW
0x44c374 ShowWindow
0x44c378 SetWindowTextA
0x44c37c SetWindowPos
0x44c380 SetWindowLongA
0x44c384 SetTimer
0x44c388 SetRect
0x44c38c SetForegroundWindow
0x44c390 SetFocus
0x44c394 SetCursor
0x44c398 SetClipboardData
0x44c39c SetCapture
0x44c3a0 SetActiveWindow
0x44c3a4 SendMessageTimeoutA
0x44c3a8 SendMessageA
0x44c3ac SendMessageW
0x44c3b0 ScreenToClient
0x44c3b4 RemoveMenu
0x44c3b8 ReleaseDC
0x44c3bc ReleaseCapture
0x44c3c0 RegisterWindowMessageW
0x44c3c4 RegisterClassA
0x44c3c8 PostThreadMessageA
0x44c3cc PostQuitMessage
0x44c3d0 PeekMessageA
0x44c3d4 OpenClipboard
0x44c3d8 OffsetRect
0x44c3dc MessageBoxA
0x44c3e0 MessageBeep
0x44c3e4 LoadImageA
0x44c3e8 LoadCursorW
0x44c3ec KillTimer
0x44c3f0 IsWindowVisible
0x44c3f4 IsWindowUnicode
0x44c3f8 IsWindowEnabled
0x44c3fc IsWindow
0x44c400 IsIconic
0x44c404 IsDialogMessageW
0x44c408 InvalidateRect
0x44c40c InflateRect
0x44c410 GetWindowThreadProcessId
0x44c414 GetWindowTextA
0x44c418 GetWindowRect
0x44c41c GetWindowLongW
0x44c420 GetWindowDC
0x44c424 GetSystemMetrics
0x44c428 GetSysColorBrush
0x44c42c GetSysColor
0x44c430 GetWindow
0x44c434 GetMessageA
0x44c438 GetMessageW
0x44c43c GetKeyState
0x44c440 GetIconInfo
0x44c444 GetFocus
0x44c448 GetDC
0x44c44c GetCursorPos
0x44c450 GetClientRect
0x44c454 GetClassNameA
0x44c458 GetCapture
0x44c45c FrameRect
0x44c460 FindWindowW
0x44c464 FillRect
0x44c468 EnumWindows
0x44c46c EndPaint
0x44c470 EnableWindow
0x44c474 EmptyClipboard
0x44c478 DrawTextA
0x44c47c DrawIconEx
0x44c480 DrawFrameControl
0x44c484 DispatchMessageW
0x44c488 DestroyWindow
0x44c48c DefWindowProcA
0x44c490 DefWindowProcW
0x44c494 CloseClipboard
0x44c498 CallWindowProcW
0x44c49c BringWindowToTop
0x44c4a0 BeginPaint
0x44c4a4 AttachThreadInput
0x44c4a8 GetClipboardData
GDI32.dll
0x44c4b0 SetMetaRgn
0x44c4b4 SetBkColor
0x44c4b8 GdiSwapBuffers
0x44c4bc EngAcquireSemaphore
0x44c4c0 RemoveFontResourceExW
0x44c4c4 CreateDCA
0x44c4c8 ExtSelectClipRgn
0x44c4cc GdiEntry4
0x44c4d0 SetTextColor
0x44c4d4 CreateFontA
0x44c4d8 StartDocA
0x44c4dc RealizePalette
0x44c4e0 EngCreateDeviceBitmap
0x44c4e4 ExtCreatePen
0x44c4e8 GdiConvertBrush
0x44c4ec CreateColorSpaceW
0x44c4f0 NamedEscape
0x44c4f4 CombineTransform
0x44c4f8 EngGetCurrentCodePage
0x44c4fc PolyBezierTo
0x44c500 TextOutA
0x44c504 StartPage
0x44c508 SetMapMode
0x44c50c SetBkMode
0x44c510 SelectObject
0x44c514 SelectClipRgn
0x44c518 MoveToEx
0x44c51c LineTo
0x44c520 GetTextMetricsW
0x44c524 GetTextFaceA
0x44c528 GetTextExtentPoint32A
0x44c52c GetStockObject
0x44c530 GetRgnBox
0x44c534 GetObjectW
0x44c538 GetDeviceCaps
0x44c53c GdiFlush
0x44c540 EndPage
0x44c544 EndDoc
0x44c548 DeleteObject
0x44c54c DeleteDC
0x44c550 CreateSolidBrush
0x44c554 CreateRectRgnIndirect
0x44c558 CreatePen
0x44c55c CreateFontW
0x44c560 CreateDIBSection
0x44c564 CreateDCW
0x44c568 CreateCompatibleDC
0x44c56c CombineRgn
0x44c570 BitBlt
0x44c574 GetStretchBltMode
COMDLG32.dll
0x44c57c PrintDlgW
0x44c580 GetSaveFileNameA
ADVAPI32.dll
0x44c588 SetSecurityDescriptorDacl
0x44c58c RegSetValueExA
0x44c590 RegQueryValueExA
0x44c594 RegQueryValueExW
0x44c598 RegQueryInfoKeyW
0x44c59c RegOpenKeyExA
0x44c5a0 RegOpenKeyExW
0x44c5a4 RegEnumKeyA
0x44c5a8 RegDeleteValueA
0x44c5ac RegCreateKeyExA
0x44c5b0 RegCloseKey
0x44c5b4 InitializeSecurityDescriptor
0x44c5b8 GetUserNameA
0x44c5bc GetUserNameW
0x44c5c0 FreeSid
0x44c5c4 AllocateAndInitializeSid
0x44c5c8 RegOpenKeyA
SHELL32.dll
0x44c5d0 SHAppBarMessage
0x44c5d4 CheckEscapesW
0x44c5d8 DragQueryFileAorW
0x44c5dc SHCreateDirectoryExA
0x44c5e0 ExtractIconExA
0x44c5e4 SHQueryRecycleBinA
0x44c5e8 ShellExecuteExW
0x44c5ec WOWShellExecute
0x44c5f0 Shell_NotifyIconW
0x44c5f4 SHGetSpecialFolderPathA
0x44c5f8 SHGetPathFromIDList
0x44c5fc ExtractAssociatedIconA
0x44c600 SHGetDiskFreeSpaceA
0x44c604 ExtractIconExW
0x44c608 SHAddToRecentDocs
0x44c60c SHGetSpecialFolderPathW
0x44c610 ShellExecuteExA
0x44c614 ShellExecuteA
0x44c618 SHGetPathFromIDListA
0x44c61c SHGetSpecialFolderLocation
0x44c620 SHGetMalloc
SHLWAPI.dll
0x44c628 StrChrW
COMCTL32.dll
0x44c630 ImageList_Destroy
0x44c634 ImageList_Create
0x44c638 None
EAT(Export Address Table) is none