ScreenShot
| Created | 2021.07.13 09:30 | Machine | s1_win7_x6401 |
| Filename | shortearthget.png | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 13 detected (malicious, high confidence, confidence, kcloud, score, Artemis, susgen) | ||
| md5 | 05109b470054300ba8d5d60a5d4fe532 | ||
| sha256 | d215aa40c0e512b7562cad4de5b0790d88facafcdef3f80484b08a50d0c47859 | ||
| ssdeep | 12288:ZeNriJlv3ZbBwpGdTJPjUByzWNgIL01VQOYBzJPUDMVLsVdLAuCphl8FlqE:NlZjE+WNgIUQ3VVA7BCph2FlqE | ||
| imphash | d0e9553bc3f533d54a171f6db9ddfec3 | ||
| impfuzzy | 192:H7X2smpQ4CidGCj/UYXd9XcGcRcegPQ/QPOkM:HSXGi57XzTEa0QPOkM | ||
Network IP location
Signature (19cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| watch | Communicates with host for which no DNS query was performed |
| watch | File has been identified by 13 AntiVirus engines on VirusTotal as malicious |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Collects information to fingerprint the system (MachineGuid |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (4cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (16cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x10062134 Sleep
0x10062138 ExitProcess
0x1006213c HeapSize
0x10062140 GetStdHandle
0x10062144 HeapCreate
0x10062148 HeapDestroy
0x1006214c VirtualFree
0x10062150 GetACP
0x10062154 IsValidCodePage
0x10062158 GetTimeZoneInformation
0x1006215c SetHandleCount
0x10062160 GetFileType
0x10062164 GetStartupInfoA
0x10062168 FreeEnvironmentStringsA
0x1006216c GetEnvironmentStrings
0x10062170 FreeEnvironmentStringsW
0x10062174 HeapReAlloc
0x10062178 QueryPerformanceCounter
0x1006217c InitializeCriticalSectionAndSpinCount
0x10062180 GetStringTypeA
0x10062184 GetStringTypeW
0x10062188 GetLocaleInfoW
0x1006218c GetConsoleCP
0x10062190 GetConsoleMode
0x10062194 LCMapStringA
0x10062198 LCMapStringW
0x1006219c GetUserDefaultLCID
0x100621a0 EnumSystemLocalesA
0x100621a4 IsValidLocale
0x100621a8 SetStdHandle
0x100621ac WriteConsoleA
0x100621b0 GetConsoleOutputCP
0x100621b4 WriteConsoleW
0x100621b8 CompareStringW
0x100621bc SetEnvironmentVariableA
0x100621c0 GetCommandLineA
0x100621c4 GetSystemTimeAsFileTime
0x100621c8 VirtualQuery
0x100621cc GetSystemInfo
0x100621d0 VirtualAlloc
0x100621d4 VirtualProtect
0x100621d8 HeapAlloc
0x100621dc HeapFree
0x100621e0 RaiseException
0x100621e4 IsDebuggerPresent
0x100621e8 SetUnhandledExceptionFilter
0x100621ec UnhandledExceptionFilter
0x100621f0 TerminateProcess
0x100621f4 RtlUnwind
0x100621f8 GetTickCount
0x100621fc GetFileTime
0x10062200 GetFileSizeEx
0x10062204 GetFileAttributesA
0x10062208 FileTimeToLocalFileTime
0x1006220c WritePrivateProfileStringA
0x10062210 CreateFileA
0x10062214 GetFullPathNameA
0x10062218 GetVolumeInformationA
0x1006221c FindFirstFileA
0x10062220 FindClose
0x10062224 DuplicateHandle
0x10062228 GetFileSize
0x1006222c SetEndOfFile
0x10062230 UnlockFile
0x10062234 LockFile
0x10062238 FlushFileBuffers
0x1006223c SetFilePointer
0x10062240 WriteFile
0x10062244 ReadFile
0x10062248 GetOEMCP
0x1006224c GetCPInfo
0x10062250 TlsFree
0x10062254 LocalReAlloc
0x10062258 TlsSetValue
0x1006225c TlsAlloc
0x10062260 GlobalHandle
0x10062264 GlobalReAlloc
0x10062268 TlsGetValue
0x1006226c LocalAlloc
0x10062270 InterlockedIncrement
0x10062274 GetModuleHandleW
0x10062278 FileTimeToSystemTime
0x1006227c GetThreadLocale
0x10062280 DeleteCriticalSection
0x10062284 InitializeCriticalSection
0x10062288 GlobalFlags
0x1006228c CloseHandle
0x10062290 GetCurrentThread
0x10062294 ConvertDefaultLocale
0x10062298 EnumResourceLanguagesA
0x1006229c GetLocaleInfoA
0x100622a0 lstrcmpA
0x100622a4 InterlockedDecrement
0x100622a8 FreeResource
0x100622ac GetCurrentThreadId
0x100622b0 GlobalGetAtomNameA
0x100622b4 GlobalAddAtomA
0x100622b8 GlobalFindAtomA
0x100622bc GlobalDeleteAtom
0x100622c0 FreeLibrary
0x100622c4 CompareStringA
0x100622c8 LoadLibraryA
0x100622cc lstrcmpW
0x100622d0 GetVersionExA
0x100622d4 GlobalFree
0x100622d8 GlobalAlloc
0x100622dc FormatMessageA
0x100622e0 LocalFree
0x100622e4 GetCurrentProcessId
0x100622e8 GetModuleFileNameA
0x100622ec GlobalLock
0x100622f0 GlobalUnlock
0x100622f4 MulDiv
0x100622f8 GetModuleHandleA
0x100622fc GetProcAddress
0x10062300 SetLastError
0x10062304 LoadLibraryW
0x10062308 GetCurrentProcess
0x1006230c GetLastError
0x10062310 lstrlenA
0x10062314 MultiByteToWideChar
0x10062318 InterlockedExchange
0x1006231c EnterCriticalSection
0x10062320 LeaveCriticalSection
0x10062324 LoadResource
0x10062328 LockResource
0x1006232c SizeofResource
0x10062330 FindResourceA
0x10062334 GetEnvironmentStringsW
0x10062338 WideCharToMultiByte
USER32.dll
0x100623a0 GetForegroundWindow
0x100623a4 SetActiveWindow
0x100623a8 DispatchMessageA
0x100623ac GetTopWindow
0x100623b0 DestroyWindow
0x100623b4 UnhookWindowsHookEx
0x100623b8 GetMessageTime
0x100623bc PeekMessageA
0x100623c0 MapWindowPoints
0x100623c4 GetKeyState
0x100623c8 SetMenu
0x100623cc SetForegroundWindow
0x100623d0 IsWindowVisible
0x100623d4 PostMessageA
0x100623d8 CreateWindowExA
0x100623dc GetClassInfoExA
0x100623e0 AdjustWindowRectEx
0x100623e4 EqualRect
0x100623e8 SetScrollInfo
0x100623ec CallWindowProcA
0x100623f0 GetMenu
0x100623f4 GetWindowPlacement
0x100623f8 GetMenuState
0x100623fc GetMenuItemID
0x10062400 GetMenuItemCount
0x10062404 GetSubMenu
0x10062408 GetWindowThreadProcessId
0x1006240c GetLastActivePopup
0x10062410 MessageBoxA
0x10062414 GetWindowTextLengthA
0x10062418 GetWindowTextA
0x1006241c GetFocus
0x10062420 SetWindowPos
0x10062424 SetFocus
0x10062428 IsWindowEnabled
0x1006242c ShowWindow
0x10062430 MoveWindow
0x10062434 SetWindowLongA
0x10062438 GetDlgCtrlID
0x1006243c SetWindowTextA
0x10062440 GetWindowLongA
0x10062444 IsDialogMessageA
0x10062448 RemovePropA
0x1006244c GetWindow
0x10062450 IntersectRect
0x10062454 EndPaint
0x10062458 BeginPaint
0x1006245c GetWindowDC
0x10062460 GetDC
0x10062464 ClientToScreen
0x10062468 ScreenToClient
0x1006246c GrayStringA
0x10062470 DrawTextExA
0x10062474 DrawTextA
0x10062478 TabbedTextOutA
0x1006247c GetMessagePos
0x10062480 GetCapture
0x10062484 SystemParametersInfoA
0x10062488 IsWindow
0x1006248c RedrawWindow
0x10062490 DrawFrameControl
0x10062494 DrawFocusRect
0x10062498 GetParent
0x1006249c IsIconic
0x100624a0 GetSystemMetrics
0x100624a4 DrawIcon
0x100624a8 GetSystemMenu
0x100624ac AppendMenuA
0x100624b0 SendMessageA
0x100624b4 LoadIconA
0x100624b8 GetScrollPos
0x100624bc GetScrollRange
0x100624c0 SetScrollPos
0x100624c4 SetRectEmpty
0x100624c8 EnableWindow
0x100624cc IsRectEmpty
0x100624d0 CopyRect
0x100624d4 ReleaseDC
0x100624d8 ReleaseCapture
0x100624dc SetCapture
0x100624e0 UpdateWindow
0x100624e4 ChildWindowFromPoint
0x100624e8 LoadCursorA
0x100624ec DrawEdge
0x100624f0 GetClassInfoA
0x100624f4 DefWindowProcA
0x100624f8 RegisterClassA
0x100624fc SetCursor
0x10062500 GetClientRect
0x10062504 GetSysColor
0x10062508 InvalidateRect
0x1006250c SetRect
0x10062510 OffsetRect
0x10062514 FillRect
0x10062518 InflateRect
0x1006251c GetPropA
0x10062520 PostThreadMessageA
0x10062524 PtInRect
0x10062528 GetWindowRect
0x1006252c GetDlgItem
0x10062530 RegisterClipboardFormatA
0x10062534 MessageBeep
0x10062538 GetNextDlgGroupItem
0x1006253c InvalidateRgn
0x10062540 CopyAcceleratorTableA
0x10062544 CharNextA
0x10062548 CharUpperA
0x1006254c GetSysColorBrush
0x10062550 WindowFromPoint
0x10062554 DestroyMenu
0x10062558 SetWindowContextHelpId
0x1006255c MapDialogRect
0x10062560 GetMessageA
0x10062564 TranslateMessage
0x10062568 GetCursorPos
0x1006256c ValidateRect
0x10062570 PostQuitMessage
0x10062574 GetDesktopWindow
0x10062578 GetActiveWindow
0x1006257c CreateDialogIndirectParamA
0x10062580 GetNextDlgTabItem
0x10062584 EndDialog
0x10062588 SetMenuItemBitmaps
0x1006258c GetMenuCheckMarkDimensions
0x10062590 LoadBitmapA
0x10062594 SetPropA
0x10062598 EnableMenuItem
0x1006259c CheckMenuItem
0x100625a0 RegisterWindowMessageA
0x100625a4 WinHelpA
0x100625a8 IsChild
0x100625ac SetWindowsHookExA
0x100625b0 CallNextHookEx
0x100625b4 GetClassLongA
0x100625b8 SendDlgItemMessageA
0x100625bc GetClassNameA
0x100625c0 ModifyMenuA
GDI32.dll
0x10062038 SelectObject
0x1006203c DeleteDC
0x10062040 GetObjectA
0x10062044 Polyline
0x10062048 PolyBezier
0x1006204c ExtCreatePen
0x10062050 Polygon
0x10062054 Ellipse
0x10062058 CreateHatchBrush
0x1006205c CreatePalette
0x10062060 CreateFontIndirectA
0x10062064 RealizePalette
0x10062068 SaveDC
0x1006206c RestoreDC
0x10062070 SetBkColor
0x10062074 SetBkMode
0x10062078 SetTextColor
0x1006207c SetMapMode
0x10062080 GetClipBox
0x10062084 IntersectClipRect
0x10062088 LineTo
0x1006208c MoveToEx
0x10062090 SelectClipRgn
0x10062094 GetViewportExtEx
0x10062098 GetWindowExtEx
0x1006209c PtVisible
0x100620a0 RectVisible
0x100620a4 TextOutA
0x100620a8 Escape
0x100620ac SetViewportOrgEx
0x100620b0 OffsetViewportOrgEx
0x100620b4 SetViewportExtEx
0x100620b8 ScaleViewportExtEx
0x100620bc SetWindowOrgEx
0x100620c0 SetWindowExtEx
0x100620c4 ScaleWindowExtEx
0x100620c8 ExtSelectClipRgn
0x100620cc CreateBitmap
0x100620d0 SelectPalette
0x100620d4 CreateRectRgnIndirect
0x100620d8 GetMapMode
0x100620dc DPtoLP
0x100620e0 GetBkColor
0x100620e4 GetTextColor
0x100620e8 GetRgnBox
0x100620ec StartDocA
0x100620f0 CreateFontA
0x100620f4 GetDeviceCaps
0x100620f8 StartPage
0x100620fc EndPage
0x10062100 EndDoc
0x10062104 AbortDoc
0x10062108 CreateCompatibleDC
0x1006210c CreateCompatibleBitmap
0x10062110 GetStockObject
0x10062114 BitBlt
0x10062118 CreatePen
0x1006211c CreateSolidBrush
0x10062120 Rectangle
0x10062124 DeleteObject
0x10062128 ExtTextOutA
0x1006212c GetTextExtentPoint32A
MSIMG32.dll
0x10062340 GradientFill
COMDLG32.dll
0x10062030 GetFileTitleA
WINSPOOL.DRV
0x100625c8 DocumentPropertiesA
0x100625cc OpenPrinterA
0x100625d0 ClosePrinter
ADVAPI32.dll
0x10062000 RegOpenKeyA
0x10062004 RegSetValueExA
0x10062008 RegCreateKeyExA
0x1006200c RegQueryValueA
0x10062010 RegCloseKey
0x10062014 RegEnumKeyA
0x10062018 RegDeleteKeyA
0x1006201c RegOpenKeyExA
0x10062020 RegQueryValueExA
COMCTL32.dll
0x10062028 None
SHLWAPI.dll
0x1006238c PathFindExtensionA
0x10062390 PathFindFileNameA
0x10062394 PathStripToRootA
0x10062398 PathIsUNCA
oledlg.dll
0x10062620 None
ole32.dll
0x100625e0 CLSIDFromString
0x100625e4 CLSIDFromProgID
0x100625e8 CoTaskMemAlloc
0x100625ec CoTaskMemFree
0x100625f0 OleIsCurrentClipboard
0x100625f4 OleFlushClipboard
0x100625f8 CoRegisterMessageFilter
0x100625fc CoGetClassObject
0x10062600 StgOpenStorageOnILockBytes
0x10062604 StgCreateDocfileOnILockBytes
0x10062608 CreateILockBytesOnHGlobal
0x1006260c OleUninitialize
0x10062610 CoFreeUnusedLibraries
0x10062614 OleInitialize
0x10062618 CoRevokeClassObject
OLEAUT32.dll
0x10062354 VariantClear
0x10062358 VariantChangeType
0x1006235c VariantInit
0x10062360 SysAllocStringLen
0x10062364 VariantCopy
0x10062368 SafeArrayDestroy
0x1006236c OleCreateFontIndirect
0x10062370 SysAllocString
0x10062374 SysAllocStringByteLen
0x10062378 VariantTimeToSystemTime
0x1006237c SystemTimeToVariantTime
0x10062380 SysFreeString
0x10062384 SysStringLen
gdiplus.dll
0x100625d8 GdiplusShutdown
OLEACC.dll
0x10062348 CreateStdAccessibleObject
0x1006234c LresultFromObject
EAT(Export Address Table) Library
0x1001e280 StartW
KERNEL32.dll
0x10062134 Sleep
0x10062138 ExitProcess
0x1006213c HeapSize
0x10062140 GetStdHandle
0x10062144 HeapCreate
0x10062148 HeapDestroy
0x1006214c VirtualFree
0x10062150 GetACP
0x10062154 IsValidCodePage
0x10062158 GetTimeZoneInformation
0x1006215c SetHandleCount
0x10062160 GetFileType
0x10062164 GetStartupInfoA
0x10062168 FreeEnvironmentStringsA
0x1006216c GetEnvironmentStrings
0x10062170 FreeEnvironmentStringsW
0x10062174 HeapReAlloc
0x10062178 QueryPerformanceCounter
0x1006217c InitializeCriticalSectionAndSpinCount
0x10062180 GetStringTypeA
0x10062184 GetStringTypeW
0x10062188 GetLocaleInfoW
0x1006218c GetConsoleCP
0x10062190 GetConsoleMode
0x10062194 LCMapStringA
0x10062198 LCMapStringW
0x1006219c GetUserDefaultLCID
0x100621a0 EnumSystemLocalesA
0x100621a4 IsValidLocale
0x100621a8 SetStdHandle
0x100621ac WriteConsoleA
0x100621b0 GetConsoleOutputCP
0x100621b4 WriteConsoleW
0x100621b8 CompareStringW
0x100621bc SetEnvironmentVariableA
0x100621c0 GetCommandLineA
0x100621c4 GetSystemTimeAsFileTime
0x100621c8 VirtualQuery
0x100621cc GetSystemInfo
0x100621d0 VirtualAlloc
0x100621d4 VirtualProtect
0x100621d8 HeapAlloc
0x100621dc HeapFree
0x100621e0 RaiseException
0x100621e4 IsDebuggerPresent
0x100621e8 SetUnhandledExceptionFilter
0x100621ec UnhandledExceptionFilter
0x100621f0 TerminateProcess
0x100621f4 RtlUnwind
0x100621f8 GetTickCount
0x100621fc GetFileTime
0x10062200 GetFileSizeEx
0x10062204 GetFileAttributesA
0x10062208 FileTimeToLocalFileTime
0x1006220c WritePrivateProfileStringA
0x10062210 CreateFileA
0x10062214 GetFullPathNameA
0x10062218 GetVolumeInformationA
0x1006221c FindFirstFileA
0x10062220 FindClose
0x10062224 DuplicateHandle
0x10062228 GetFileSize
0x1006222c SetEndOfFile
0x10062230 UnlockFile
0x10062234 LockFile
0x10062238 FlushFileBuffers
0x1006223c SetFilePointer
0x10062240 WriteFile
0x10062244 ReadFile
0x10062248 GetOEMCP
0x1006224c GetCPInfo
0x10062250 TlsFree
0x10062254 LocalReAlloc
0x10062258 TlsSetValue
0x1006225c TlsAlloc
0x10062260 GlobalHandle
0x10062264 GlobalReAlloc
0x10062268 TlsGetValue
0x1006226c LocalAlloc
0x10062270 InterlockedIncrement
0x10062274 GetModuleHandleW
0x10062278 FileTimeToSystemTime
0x1006227c GetThreadLocale
0x10062280 DeleteCriticalSection
0x10062284 InitializeCriticalSection
0x10062288 GlobalFlags
0x1006228c CloseHandle
0x10062290 GetCurrentThread
0x10062294 ConvertDefaultLocale
0x10062298 EnumResourceLanguagesA
0x1006229c GetLocaleInfoA
0x100622a0 lstrcmpA
0x100622a4 InterlockedDecrement
0x100622a8 FreeResource
0x100622ac GetCurrentThreadId
0x100622b0 GlobalGetAtomNameA
0x100622b4 GlobalAddAtomA
0x100622b8 GlobalFindAtomA
0x100622bc GlobalDeleteAtom
0x100622c0 FreeLibrary
0x100622c4 CompareStringA
0x100622c8 LoadLibraryA
0x100622cc lstrcmpW
0x100622d0 GetVersionExA
0x100622d4 GlobalFree
0x100622d8 GlobalAlloc
0x100622dc FormatMessageA
0x100622e0 LocalFree
0x100622e4 GetCurrentProcessId
0x100622e8 GetModuleFileNameA
0x100622ec GlobalLock
0x100622f0 GlobalUnlock
0x100622f4 MulDiv
0x100622f8 GetModuleHandleA
0x100622fc GetProcAddress
0x10062300 SetLastError
0x10062304 LoadLibraryW
0x10062308 GetCurrentProcess
0x1006230c GetLastError
0x10062310 lstrlenA
0x10062314 MultiByteToWideChar
0x10062318 InterlockedExchange
0x1006231c EnterCriticalSection
0x10062320 LeaveCriticalSection
0x10062324 LoadResource
0x10062328 LockResource
0x1006232c SizeofResource
0x10062330 FindResourceA
0x10062334 GetEnvironmentStringsW
0x10062338 WideCharToMultiByte
USER32.dll
0x100623a0 GetForegroundWindow
0x100623a4 SetActiveWindow
0x100623a8 DispatchMessageA
0x100623ac GetTopWindow
0x100623b0 DestroyWindow
0x100623b4 UnhookWindowsHookEx
0x100623b8 GetMessageTime
0x100623bc PeekMessageA
0x100623c0 MapWindowPoints
0x100623c4 GetKeyState
0x100623c8 SetMenu
0x100623cc SetForegroundWindow
0x100623d0 IsWindowVisible
0x100623d4 PostMessageA
0x100623d8 CreateWindowExA
0x100623dc GetClassInfoExA
0x100623e0 AdjustWindowRectEx
0x100623e4 EqualRect
0x100623e8 SetScrollInfo
0x100623ec CallWindowProcA
0x100623f0 GetMenu
0x100623f4 GetWindowPlacement
0x100623f8 GetMenuState
0x100623fc GetMenuItemID
0x10062400 GetMenuItemCount
0x10062404 GetSubMenu
0x10062408 GetWindowThreadProcessId
0x1006240c GetLastActivePopup
0x10062410 MessageBoxA
0x10062414 GetWindowTextLengthA
0x10062418 GetWindowTextA
0x1006241c GetFocus
0x10062420 SetWindowPos
0x10062424 SetFocus
0x10062428 IsWindowEnabled
0x1006242c ShowWindow
0x10062430 MoveWindow
0x10062434 SetWindowLongA
0x10062438 GetDlgCtrlID
0x1006243c SetWindowTextA
0x10062440 GetWindowLongA
0x10062444 IsDialogMessageA
0x10062448 RemovePropA
0x1006244c GetWindow
0x10062450 IntersectRect
0x10062454 EndPaint
0x10062458 BeginPaint
0x1006245c GetWindowDC
0x10062460 GetDC
0x10062464 ClientToScreen
0x10062468 ScreenToClient
0x1006246c GrayStringA
0x10062470 DrawTextExA
0x10062474 DrawTextA
0x10062478 TabbedTextOutA
0x1006247c GetMessagePos
0x10062480 GetCapture
0x10062484 SystemParametersInfoA
0x10062488 IsWindow
0x1006248c RedrawWindow
0x10062490 DrawFrameControl
0x10062494 DrawFocusRect
0x10062498 GetParent
0x1006249c IsIconic
0x100624a0 GetSystemMetrics
0x100624a4 DrawIcon
0x100624a8 GetSystemMenu
0x100624ac AppendMenuA
0x100624b0 SendMessageA
0x100624b4 LoadIconA
0x100624b8 GetScrollPos
0x100624bc GetScrollRange
0x100624c0 SetScrollPos
0x100624c4 SetRectEmpty
0x100624c8 EnableWindow
0x100624cc IsRectEmpty
0x100624d0 CopyRect
0x100624d4 ReleaseDC
0x100624d8 ReleaseCapture
0x100624dc SetCapture
0x100624e0 UpdateWindow
0x100624e4 ChildWindowFromPoint
0x100624e8 LoadCursorA
0x100624ec DrawEdge
0x100624f0 GetClassInfoA
0x100624f4 DefWindowProcA
0x100624f8 RegisterClassA
0x100624fc SetCursor
0x10062500 GetClientRect
0x10062504 GetSysColor
0x10062508 InvalidateRect
0x1006250c SetRect
0x10062510 OffsetRect
0x10062514 FillRect
0x10062518 InflateRect
0x1006251c GetPropA
0x10062520 PostThreadMessageA
0x10062524 PtInRect
0x10062528 GetWindowRect
0x1006252c GetDlgItem
0x10062530 RegisterClipboardFormatA
0x10062534 MessageBeep
0x10062538 GetNextDlgGroupItem
0x1006253c InvalidateRgn
0x10062540 CopyAcceleratorTableA
0x10062544 CharNextA
0x10062548 CharUpperA
0x1006254c GetSysColorBrush
0x10062550 WindowFromPoint
0x10062554 DestroyMenu
0x10062558 SetWindowContextHelpId
0x1006255c MapDialogRect
0x10062560 GetMessageA
0x10062564 TranslateMessage
0x10062568 GetCursorPos
0x1006256c ValidateRect
0x10062570 PostQuitMessage
0x10062574 GetDesktopWindow
0x10062578 GetActiveWindow
0x1006257c CreateDialogIndirectParamA
0x10062580 GetNextDlgTabItem
0x10062584 EndDialog
0x10062588 SetMenuItemBitmaps
0x1006258c GetMenuCheckMarkDimensions
0x10062590 LoadBitmapA
0x10062594 SetPropA
0x10062598 EnableMenuItem
0x1006259c CheckMenuItem
0x100625a0 RegisterWindowMessageA
0x100625a4 WinHelpA
0x100625a8 IsChild
0x100625ac SetWindowsHookExA
0x100625b0 CallNextHookEx
0x100625b4 GetClassLongA
0x100625b8 SendDlgItemMessageA
0x100625bc GetClassNameA
0x100625c0 ModifyMenuA
GDI32.dll
0x10062038 SelectObject
0x1006203c DeleteDC
0x10062040 GetObjectA
0x10062044 Polyline
0x10062048 PolyBezier
0x1006204c ExtCreatePen
0x10062050 Polygon
0x10062054 Ellipse
0x10062058 CreateHatchBrush
0x1006205c CreatePalette
0x10062060 CreateFontIndirectA
0x10062064 RealizePalette
0x10062068 SaveDC
0x1006206c RestoreDC
0x10062070 SetBkColor
0x10062074 SetBkMode
0x10062078 SetTextColor
0x1006207c SetMapMode
0x10062080 GetClipBox
0x10062084 IntersectClipRect
0x10062088 LineTo
0x1006208c MoveToEx
0x10062090 SelectClipRgn
0x10062094 GetViewportExtEx
0x10062098 GetWindowExtEx
0x1006209c PtVisible
0x100620a0 RectVisible
0x100620a4 TextOutA
0x100620a8 Escape
0x100620ac SetViewportOrgEx
0x100620b0 OffsetViewportOrgEx
0x100620b4 SetViewportExtEx
0x100620b8 ScaleViewportExtEx
0x100620bc SetWindowOrgEx
0x100620c0 SetWindowExtEx
0x100620c4 ScaleWindowExtEx
0x100620c8 ExtSelectClipRgn
0x100620cc CreateBitmap
0x100620d0 SelectPalette
0x100620d4 CreateRectRgnIndirect
0x100620d8 GetMapMode
0x100620dc DPtoLP
0x100620e0 GetBkColor
0x100620e4 GetTextColor
0x100620e8 GetRgnBox
0x100620ec StartDocA
0x100620f0 CreateFontA
0x100620f4 GetDeviceCaps
0x100620f8 StartPage
0x100620fc EndPage
0x10062100 EndDoc
0x10062104 AbortDoc
0x10062108 CreateCompatibleDC
0x1006210c CreateCompatibleBitmap
0x10062110 GetStockObject
0x10062114 BitBlt
0x10062118 CreatePen
0x1006211c CreateSolidBrush
0x10062120 Rectangle
0x10062124 DeleteObject
0x10062128 ExtTextOutA
0x1006212c GetTextExtentPoint32A
MSIMG32.dll
0x10062340 GradientFill
COMDLG32.dll
0x10062030 GetFileTitleA
WINSPOOL.DRV
0x100625c8 DocumentPropertiesA
0x100625cc OpenPrinterA
0x100625d0 ClosePrinter
ADVAPI32.dll
0x10062000 RegOpenKeyA
0x10062004 RegSetValueExA
0x10062008 RegCreateKeyExA
0x1006200c RegQueryValueA
0x10062010 RegCloseKey
0x10062014 RegEnumKeyA
0x10062018 RegDeleteKeyA
0x1006201c RegOpenKeyExA
0x10062020 RegQueryValueExA
COMCTL32.dll
0x10062028 None
SHLWAPI.dll
0x1006238c PathFindExtensionA
0x10062390 PathFindFileNameA
0x10062394 PathStripToRootA
0x10062398 PathIsUNCA
oledlg.dll
0x10062620 None
ole32.dll
0x100625e0 CLSIDFromString
0x100625e4 CLSIDFromProgID
0x100625e8 CoTaskMemAlloc
0x100625ec CoTaskMemFree
0x100625f0 OleIsCurrentClipboard
0x100625f4 OleFlushClipboard
0x100625f8 CoRegisterMessageFilter
0x100625fc CoGetClassObject
0x10062600 StgOpenStorageOnILockBytes
0x10062604 StgCreateDocfileOnILockBytes
0x10062608 CreateILockBytesOnHGlobal
0x1006260c OleUninitialize
0x10062610 CoFreeUnusedLibraries
0x10062614 OleInitialize
0x10062618 CoRevokeClassObject
OLEAUT32.dll
0x10062354 VariantClear
0x10062358 VariantChangeType
0x1006235c VariantInit
0x10062360 SysAllocStringLen
0x10062364 VariantCopy
0x10062368 SafeArrayDestroy
0x1006236c OleCreateFontIndirect
0x10062370 SysAllocString
0x10062374 SysAllocStringByteLen
0x10062378 VariantTimeToSystemTime
0x1006237c SystemTimeToVariantTime
0x10062380 SysFreeString
0x10062384 SysStringLen
gdiplus.dll
0x100625d8 GdiplusShutdown
OLEACC.dll
0x10062348 CreateStdAccessibleObject
0x1006234c LresultFromObject
EAT(Export Address Table) Library
0x1001e280 StartW