ScreenShot
| Created | 2021.07.19 15:23 | Machine | s1_win7_x6401 |
| Filename | 리스펙.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 20 detected (Hacktool, Artemis, malicious, confidence, RiskTool, Convagent, DllInject, fjhtkg, Generic PUA LC, Unsafe, Score, BTSGeneric, Wacatac, XQ potentially unsafe, R002H09AB21, Igent, bTKAcV, Static AI, Suspicious PE, FileRepMalware) | ||
| md5 | db9f97abc6cd7564e1c8bc4d1da6edf9 | ||
| sha256 | 6b1832d04cdbfc5f55ecb4b14c63dd6f51bd4936a0b255431f6c7dada69ac4ea | ||
| ssdeep | 98304:HNlFiGJcFpFEJ+xwLRPwLMPR2E2eKNEVJyZlng4p2VXFxdIrh/ldenchCfgpDhsR:LMhEowLGLNEVcn1paymnKDLKPN | ||
| imphash | bd58dea49029306a580ad58afd88299f | ||
| impfuzzy | 192:NOsdTFXsJncdqRUurdVYTexCWTOwI7uOQdOHuPyEO:NOsdpctcE3PTOGOQdOoO | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 20 AntiVirus engines on VirusTotal as malicious |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates executable files on the filesystem |
| notice | Drops a binary and executes it |
| notice | Expresses interest in specific running processes |
| notice | One or more potentially interesting buffers were extracted |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Collects information to fingerprint the system (MachineGuid |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (20cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (download) |
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| watch | Win32_Trojan_PWS_Net_1_Zero | Win32 Trojan PWS .NET Azorult | binaries (download) |
| watch | Win32_Trojan_PWS_Net_1_Zero | Win32 Trojan PWS .NET Azorult | binaries (upload) |
| info | Is_DotNET_EXE | (no description) | binaries (download) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win_Backdoor_AsyncRAT_Zero | Win Backdoor AsyncRAT | binaries (download) |
| info | Win_Backdoor_AsyncRAT_Zero | Win Backdoor AsyncRAT | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
kernel32.dll
0x614888 GetACP
0x61488c CloseHandle
0x614890 LocalFree
0x614894 GetCurrentProcessId
0x614898 SizeofResource
0x61489c VirtualProtect
0x6148a0 QueryPerformanceFrequency
0x6148a4 IsDebuggerPresent
0x6148a8 VirtualFree
0x6148ac GetFullPathNameW
0x6148b0 ExitProcess
0x6148b4 HeapAlloc
0x6148b8 GetCPInfoExW
0x6148bc RtlUnwind
0x6148c0 GetCPInfo
0x6148c4 EnumSystemLocalesW
0x6148c8 GetStdHandle
0x6148cc GetModuleHandleW
0x6148d0 FreeLibrary
0x6148d4 TryEnterCriticalSection
0x6148d8 HeapDestroy
0x6148dc ReadFile
0x6148e0 HeapSize
0x6148e4 GetLastError
0x6148e8 GetModuleFileNameW
0x6148ec SetLastError
0x6148f0 GlobalAlloc
0x6148f4 GlobalUnlock
0x6148f8 FindResourceW
0x6148fc CreateThread
0x614900 CompareStringW
0x614904 LoadLibraryA
0x614908 ResetEvent
0x61490c MulDiv
0x614910 FreeResource
0x614914 GetVersion
0x614918 RaiseException
0x61491c GlobalAddAtomW
0x614920 FormatMessageW
0x614924 OpenProcess
0x614928 SwitchToThread
0x61492c GetExitCodeThread
0x614930 GetCurrentThread
0x614934 LoadLibraryExW
0x614938 TerminateProcess
0x61493c LockResource
0x614940 GetCurrentThreadId
0x614944 UnhandledExceptionFilter
0x614948 VirtualQuery
0x61494c GlobalFindAtomW
0x614950 VirtualQueryEx
0x614954 GlobalFree
0x614958 Sleep
0x61495c EnterCriticalSection
0x614960 SetFilePointer
0x614964 LoadResource
0x614968 SuspendThread
0x61496c GetTickCount
0x614970 GetStartupInfoW
0x614974 GlobalDeleteAtom
0x614978 GetFileAttributesW
0x61497c GetCurrentDirectoryW
0x614980 SetCurrentDirectoryW
0x614984 InitializeCriticalSection
0x614988 GetThreadPriority
0x61498c GetCurrentProcess
0x614990 SetThreadPriority
0x614994 GlobalLock
0x614998 VirtualAlloc
0x61499c GetSystemInfo
0x6149a0 GetCommandLineW
0x6149a4 LeaveCriticalSection
0x6149a8 GetProcAddress
0x6149ac ResumeThread
0x6149b0 GetVersionExW
0x6149b4 VerifyVersionInfoW
0x6149b8 HeapCreate
0x6149bc GetDiskFreeSpaceW
0x6149c0 VerSetConditionMask
0x6149c4 FindFirstFileW
0x6149c8 GetUserDefaultUILanguage
0x6149cc lstrlenW
0x6149d0 QueryPerformanceCounter
0x6149d4 SetEndOfFile
0x6149d8 HeapFree
0x6149dc WideCharToMultiByte
0x6149e0 FindClose
0x6149e4 MultiByteToWideChar
0x6149e8 LoadLibraryW
0x6149ec SetEvent
0x6149f0 CreateFileW
0x6149f4 GetLocaleInfoW
0x6149f8 EnumResourceNamesW
0x6149fc DeleteFileW
0x614a00 GetLocalTime
0x614a04 WaitForSingleObject
0x614a08 WriteFile
0x614a0c ExitThread
0x614a10 DeleteCriticalSection
0x614a14 GetDateFormatW
0x614a18 TlsGetValue
0x614a1c SetErrorMode
0x614a20 IsValidLocale
0x614a24 TlsSetValue
0x614a28 GetSystemDefaultUILanguage
0x614a2c EnumCalendarInfoW
0x614a30 LocalAlloc
0x614a34 RemoveDirectoryW
0x614a38 CreateEventW
0x614a3c WaitForMultipleObjectsEx
0x614a40 SetThreadLocale
0x614a44 GetThreadLocale
winspool.drv
0x614a4c DocumentPropertiesW
0x614a50 ClosePrinter
0x614a54 OpenPrinterW
0x614a58 GetDefaultPrinterW
0x614a5c EnumPrintersW
comctl32.dll
0x614a64 ImageList_GetImageInfo
0x614a68 FlatSB_SetScrollInfo
0x614a6c ImageList_DragMove
0x614a70 ImageList_Destroy
0x614a74 _TrackMouseEvent
0x614a78 ImageList_DragShowNolock
0x614a7c ImageList_Add
0x614a80 FlatSB_SetScrollProp
0x614a84 ImageList_GetDragImage
0x614a88 ImageList_Create
0x614a8c ImageList_EndDrag
0x614a90 ImageList_DrawEx
0x614a94 ImageList_SetImageCount
0x614a98 FlatSB_GetScrollPos
0x614a9c FlatSB_SetScrollPos
0x614aa0 InitializeFlatSB
0x614aa4 ImageList_Copy
0x614aa8 FlatSB_GetScrollInfo
0x614aac ImageList_Write
0x614ab0 ImageList_SetBkColor
0x614ab4 ImageList_GetBkColor
0x614ab8 ImageList_BeginDrag
0x614abc ImageList_GetIcon
0x614ac0 ImageList_Replace
0x614ac4 ImageList_GetImageCount
0x614ac8 ImageList_DragEnter
0x614acc ImageList_GetIconSize
0x614ad0 ImageList_SetIconSize
0x614ad4 ImageList_Read
0x614ad8 ImageList_DragLeave
0x614adc ImageList_LoadImageW
0x614ae0 ImageList_Draw
0x614ae4 ImageList_Remove
0x614ae8 ImageList_ReplaceIcon
0x614aec ImageList_SetOverlayImage
shell32.dll
0x614af4 Shell_NotifyIconW
0x614af8 ShellExecuteW
ole32.dll
0x614b00 IsEqualGUID
0x614b04 OleInitialize
0x614b08 OleUninitialize
0x614b0c CoInitialize
0x614b10 CoCreateInstance
0x614b14 CoUninitialize
0x614b18 CoTaskMemFree
0x614b1c CoTaskMemAlloc
version.dll
0x614b24 GetFileVersionInfoSizeW
0x614b28 VerQueryValueW
0x614b2c GetFileVersionInfoW
user32.dll
0x614b34 CopyImage
0x614b38 CreateWindowExW
0x614b3c GetMenuItemInfoW
0x614b40 SetMenuItemInfoW
0x614b44 DefFrameProcW
0x614b48 GetDCEx
0x614b4c PeekMessageW
0x614b50 MonitorFromWindow
0x614b54 GetDlgCtrlID
0x614b58 SetTimer
0x614b5c WindowFromPoint
0x614b60 BeginPaint
0x614b64 RegisterClipboardFormatW
0x614b68 FrameRect
0x614b6c MapVirtualKeyW
0x614b70 IsWindowUnicode
0x614b74 RegisterWindowMessageW
0x614b78 FillRect
0x614b7c GetMenuStringW
0x614b80 DispatchMessageW
0x614b84 CreateAcceleratorTableW
0x614b88 SendMessageA
0x614b8c DefMDIChildProcW
0x614b90 EnumWindows
0x614b94 GetClassInfoW
0x614b98 ShowOwnedPopups
0x614b9c GetSystemMenu
0x614ba0 GetScrollRange
0x614ba4 SetScrollPos
0x614ba8 GetScrollPos
0x614bac GetActiveWindow
0x614bb0 SetActiveWindow
0x614bb4 DrawEdge
0x614bb8 GetKeyboardLayoutList
0x614bbc LoadBitmapW
0x614bc0 DrawFocusRect
0x614bc4 EnumChildWindows
0x614bc8 ReleaseCapture
0x614bcc UnhookWindowsHookEx
0x614bd0 LoadCursorW
0x614bd4 GetCapture
0x614bd8 SetCapture
0x614bdc CreatePopupMenu
0x614be0 ScrollWindow
0x614be4 ShowCaret
0x614be8 GetMenuItemID
0x614bec GetLastActivePopup
0x614bf0 CharLowerBuffW
0x614bf4 GetSystemMetrics
0x614bf8 SetWindowLongW
0x614bfc PostMessageW
0x614c00 DrawMenuBar
0x614c04 SetParent
0x614c08 IsZoomed
0x614c0c CharUpperBuffW
0x614c10 GetClientRect
0x614c14 IsChild
0x614c18 ClientToScreen
0x614c1c GetClipboardData
0x614c20 SetClipboardData
0x614c24 SetWindowPlacement
0x614c28 IsIconic
0x614c2c CallNextHookEx
0x614c30 GetMonitorInfoW
0x614c34 ShowWindow
0x614c38 CheckMenuItem
0x614c3c CharUpperW
0x614c40 DefWindowProcW
0x614c44 GetForegroundWindow
0x614c48 SetForegroundWindow
0x614c4c GetWindowTextW
0x614c50 EnableWindow
0x614c54 DestroyWindow
0x614c58 IsDialogMessageW
0x614c5c EndMenu
0x614c60 RegisterClassW
0x614c64 CharNextW
0x614c68 GetWindowThreadProcessId
0x614c6c RedrawWindow
0x614c70 GetDC
0x614c74 GetFocus
0x614c78 SetFocus
0x614c7c EndPaint
0x614c80 ReleaseDC
0x614c84 MsgWaitForMultipleObjectsEx
0x614c88 LoadKeyboardLayoutW
0x614c8c GetClassLongW
0x614c90 ActivateKeyboardLayout
0x614c94 GetParent
0x614c98 DrawTextW
0x614c9c SetScrollRange
0x614ca0 MonitorFromRect
0x614ca4 InsertMenuItemW
0x614ca8 PeekMessageA
0x614cac GetPropW
0x614cb0 SetClassLongW
0x614cb4 MessageBoxW
0x614cb8 MessageBeep
0x614cbc SetPropW
0x614cc0 RemovePropW
0x614cc4 UpdateWindow
0x614cc8 GetSubMenu
0x614ccc MsgWaitForMultipleObjects
0x614cd0 DestroyMenu
0x614cd4 DestroyIcon
0x614cd8 SetWindowsHookExW
0x614cdc EmptyClipboard
0x614ce0 IsWindowVisible
0x614ce4 DispatchMessageA
0x614ce8 UnregisterClassW
0x614cec GetTopWindow
0x614cf0 SendMessageW
0x614cf4 AdjustWindowRectEx
0x614cf8 DrawIcon
0x614cfc IsWindow
0x614d00 EnumThreadWindows
0x614d04 InvalidateRect
0x614d08 GetKeyboardState
0x614d0c DrawFrameControl
0x614d10 ScreenToClient
0x614d14 SetCursor
0x614d18 CreateIcon
0x614d1c CreateMenu
0x614d20 LoadStringW
0x614d24 CharLowerW
0x614d28 SetWindowRgn
0x614d2c SetWindowPos
0x614d30 GetMenuItemCount
0x614d34 RemoveMenu
0x614d38 GetSysColorBrush
0x614d3c GetKeyboardLayoutNameW
0x614d40 GetWindowDC
0x614d44 TranslateMessage
0x614d48 OpenClipboard
0x614d4c DrawTextExW
0x614d50 MapWindowPoints
0x614d54 EnumDisplayMonitors
0x614d58 CallWindowProcW
0x614d5c CloseClipboard
0x614d60 DestroyCursor
0x614d64 GetScrollInfo
0x614d68 SetWindowTextW
0x614d6c GetMessageExtraInfo
0x614d70 EnableScrollBar
0x614d74 GetSysColor
0x614d78 TrackPopupMenu
0x614d7c CopyIcon
0x614d80 DrawIconEx
0x614d84 PostQuitMessage
0x614d88 GetClassNameW
0x614d8c ShowScrollBar
0x614d90 EnableMenuItem
0x614d94 GetIconInfo
0x614d98 GetMessagePos
0x614d9c SetScrollInfo
0x614da0 GetKeyNameTextW
0x614da4 GetDesktopWindow
0x614da8 GetCursorPos
0x614dac SetCursorPos
0x614db0 HideCaret
0x614db4 GetMenu
0x614db8 GetMenuState
0x614dbc SetMenu
0x614dc0 SetRect
0x614dc4 GetKeyState
0x614dc8 FindWindowExW
0x614dcc MonitorFromPoint
0x614dd0 SystemParametersInfoW
0x614dd4 LoadIconW
0x614dd8 GetCursor
0x614ddc GetWindow
0x614de0 GetWindowLongW
0x614de4 GetWindowRect
0x614de8 InsertMenuW
0x614dec KillTimer
0x614df0 WaitMessage
0x614df4 IsWindowEnabled
0x614df8 IsDialogMessageA
0x614dfc TranslateMDISysAccel
0x614e00 GetWindowPlacement
0x614e04 FindWindowW
0x614e08 DeleteMenu
0x614e0c GetKeyboardLayout
oleaut32.dll
0x614e14 SysFreeString
0x614e18 VariantClear
0x614e1c VariantInit
0x614e20 GetErrorInfo
0x614e24 SysReAllocStringLen
0x614e28 SafeArrayCreate
0x614e2c SysAllocStringLen
0x614e30 SafeArrayPtrOfIndex
0x614e34 SafeArrayGetUBound
0x614e38 SafeArrayGetLBound
0x614e3c VariantCopy
0x614e40 VariantChangeType
netapi32.dll
0x614e48 NetWkstaGetInfo
0x614e4c NetApiBufferFree
advapi32.dll
0x614e54 RegSetValueExW
0x614e58 RegConnectRegistryW
0x614e5c RegEnumKeyExW
0x614e60 RegLoadKeyW
0x614e64 RegDeleteKeyW
0x614e68 RegOpenKeyExW
0x614e6c RegQueryInfoKeyW
0x614e70 RegUnLoadKeyW
0x614e74 RegSaveKeyW
0x614e78 RegDeleteValueW
0x614e7c RegReplaceKeyW
0x614e80 RegFlushKey
0x614e84 RegQueryValueExW
0x614e88 RegEnumValueW
0x614e8c RegCloseKey
0x614e90 RegCreateKeyExW
0x614e94 RegRestoreKeyW
gdi32.dll
0x614e9c Pie
0x614ea0 SetBkMode
0x614ea4 CreateCompatibleBitmap
0x614ea8 GetEnhMetaFileHeader
0x614eac RectVisible
0x614eb0 AngleArc
0x614eb4 SetAbortProc
0x614eb8 SetTextColor
0x614ebc StretchBlt
0x614ec0 RoundRect
0x614ec4 RestoreDC
0x614ec8 SetRectRgn
0x614ecc GetTextMetricsW
0x614ed0 GetWindowOrgEx
0x614ed4 CreatePalette
0x614ed8 PolyBezierTo
0x614edc CreateICW
0x614ee0 CreateDCW
0x614ee4 GetStockObject
0x614ee8 CreateSolidBrush
0x614eec Polygon
0x614ef0 MoveToEx
0x614ef4 PlayEnhMetaFile
0x614ef8 Ellipse
0x614efc StartPage
0x614f00 GetBitmapBits
0x614f04 StartDocW
0x614f08 GetSystemPaletteEntries
0x614f0c GetEnhMetaFileBits
0x614f10 AbortDoc
0x614f14 GetEnhMetaFilePaletteEntries
0x614f18 CreatePenIndirect
0x614f1c CreateFontIndirectW
0x614f20 PolyBezier
0x614f24 EndDoc
0x614f28 GetObjectW
0x614f2c GetWinMetaFileBits
0x614f30 SetROP2
0x614f34 GetEnhMetaFileDescriptionW
0x614f38 ArcTo
0x614f3c Arc
0x614f40 SelectPalette
0x614f44 ExcludeClipRect
0x614f48 MaskBlt
0x614f4c SetWindowOrgEx
0x614f50 EndPage
0x614f54 DeleteEnhMetaFile
0x614f58 Chord
0x614f5c SetDIBits
0x614f60 SetViewportOrgEx
0x614f64 CreateRectRgn
0x614f68 RealizePalette
0x614f6c SetDIBColorTable
0x614f70 GetDIBColorTable
0x614f74 CreateBrushIndirect
0x614f78 PatBlt
0x614f7c SetEnhMetaFileBits
0x614f80 Rectangle
0x614f84 SaveDC
0x614f88 DeleteDC
0x614f8c FrameRgn
0x614f90 BitBlt
0x614f94 GetDeviceCaps
0x614f98 GetTextExtentPoint32W
0x614f9c GetClipBox
0x614fa0 IntersectClipRect
0x614fa4 Polyline
0x614fa8 CreateBitmap
0x614fac SetWinMetaFileBits
0x614fb0 GetStretchBltMode
0x614fb4 CreateDIBitmap
0x614fb8 SetStretchBltMode
0x614fbc GetDIBits
0x614fc0 CreateDIBSection
0x614fc4 LineTo
0x614fc8 GetRgnBox
0x614fcc EnumFontsW
0x614fd0 CreateHalftonePalette
0x614fd4 SelectObject
0x614fd8 DeleteObject
0x614fdc ExtFloodFill
0x614fe0 UnrealizeObject
0x614fe4 CopyEnhMetaFileW
0x614fe8 SetBkColor
0x614fec CreateCompatibleDC
0x614ff0 GetBrushOrgEx
0x614ff4 GetCurrentPositionEx
0x614ff8 GetTextExtentPointW
0x614ffc ExtTextOutW
0x615000 SetBrushOrgEx
0x615004 GetPixel
0x615008 GdiFlush
0x61500c SetPixel
0x615010 EnumFontFamiliesExW
0x615014 StretchDIBits
0x615018 GetPaletteEntries
EAT(Export Address Table) Library
0x4d74dc TMethodImplementationIntercept
0x410794 __dbk_fcall_wrapper
0x61063c dbkFCallWrapperAddr
kernel32.dll
0x614888 GetACP
0x61488c CloseHandle
0x614890 LocalFree
0x614894 GetCurrentProcessId
0x614898 SizeofResource
0x61489c VirtualProtect
0x6148a0 QueryPerformanceFrequency
0x6148a4 IsDebuggerPresent
0x6148a8 VirtualFree
0x6148ac GetFullPathNameW
0x6148b0 ExitProcess
0x6148b4 HeapAlloc
0x6148b8 GetCPInfoExW
0x6148bc RtlUnwind
0x6148c0 GetCPInfo
0x6148c4 EnumSystemLocalesW
0x6148c8 GetStdHandle
0x6148cc GetModuleHandleW
0x6148d0 FreeLibrary
0x6148d4 TryEnterCriticalSection
0x6148d8 HeapDestroy
0x6148dc ReadFile
0x6148e0 HeapSize
0x6148e4 GetLastError
0x6148e8 GetModuleFileNameW
0x6148ec SetLastError
0x6148f0 GlobalAlloc
0x6148f4 GlobalUnlock
0x6148f8 FindResourceW
0x6148fc CreateThread
0x614900 CompareStringW
0x614904 LoadLibraryA
0x614908 ResetEvent
0x61490c MulDiv
0x614910 FreeResource
0x614914 GetVersion
0x614918 RaiseException
0x61491c GlobalAddAtomW
0x614920 FormatMessageW
0x614924 OpenProcess
0x614928 SwitchToThread
0x61492c GetExitCodeThread
0x614930 GetCurrentThread
0x614934 LoadLibraryExW
0x614938 TerminateProcess
0x61493c LockResource
0x614940 GetCurrentThreadId
0x614944 UnhandledExceptionFilter
0x614948 VirtualQuery
0x61494c GlobalFindAtomW
0x614950 VirtualQueryEx
0x614954 GlobalFree
0x614958 Sleep
0x61495c EnterCriticalSection
0x614960 SetFilePointer
0x614964 LoadResource
0x614968 SuspendThread
0x61496c GetTickCount
0x614970 GetStartupInfoW
0x614974 GlobalDeleteAtom
0x614978 GetFileAttributesW
0x61497c GetCurrentDirectoryW
0x614980 SetCurrentDirectoryW
0x614984 InitializeCriticalSection
0x614988 GetThreadPriority
0x61498c GetCurrentProcess
0x614990 SetThreadPriority
0x614994 GlobalLock
0x614998 VirtualAlloc
0x61499c GetSystemInfo
0x6149a0 GetCommandLineW
0x6149a4 LeaveCriticalSection
0x6149a8 GetProcAddress
0x6149ac ResumeThread
0x6149b0 GetVersionExW
0x6149b4 VerifyVersionInfoW
0x6149b8 HeapCreate
0x6149bc GetDiskFreeSpaceW
0x6149c0 VerSetConditionMask
0x6149c4 FindFirstFileW
0x6149c8 GetUserDefaultUILanguage
0x6149cc lstrlenW
0x6149d0 QueryPerformanceCounter
0x6149d4 SetEndOfFile
0x6149d8 HeapFree
0x6149dc WideCharToMultiByte
0x6149e0 FindClose
0x6149e4 MultiByteToWideChar
0x6149e8 LoadLibraryW
0x6149ec SetEvent
0x6149f0 CreateFileW
0x6149f4 GetLocaleInfoW
0x6149f8 EnumResourceNamesW
0x6149fc DeleteFileW
0x614a00 GetLocalTime
0x614a04 WaitForSingleObject
0x614a08 WriteFile
0x614a0c ExitThread
0x614a10 DeleteCriticalSection
0x614a14 GetDateFormatW
0x614a18 TlsGetValue
0x614a1c SetErrorMode
0x614a20 IsValidLocale
0x614a24 TlsSetValue
0x614a28 GetSystemDefaultUILanguage
0x614a2c EnumCalendarInfoW
0x614a30 LocalAlloc
0x614a34 RemoveDirectoryW
0x614a38 CreateEventW
0x614a3c WaitForMultipleObjectsEx
0x614a40 SetThreadLocale
0x614a44 GetThreadLocale
winspool.drv
0x614a4c DocumentPropertiesW
0x614a50 ClosePrinter
0x614a54 OpenPrinterW
0x614a58 GetDefaultPrinterW
0x614a5c EnumPrintersW
comctl32.dll
0x614a64 ImageList_GetImageInfo
0x614a68 FlatSB_SetScrollInfo
0x614a6c ImageList_DragMove
0x614a70 ImageList_Destroy
0x614a74 _TrackMouseEvent
0x614a78 ImageList_DragShowNolock
0x614a7c ImageList_Add
0x614a80 FlatSB_SetScrollProp
0x614a84 ImageList_GetDragImage
0x614a88 ImageList_Create
0x614a8c ImageList_EndDrag
0x614a90 ImageList_DrawEx
0x614a94 ImageList_SetImageCount
0x614a98 FlatSB_GetScrollPos
0x614a9c FlatSB_SetScrollPos
0x614aa0 InitializeFlatSB
0x614aa4 ImageList_Copy
0x614aa8 FlatSB_GetScrollInfo
0x614aac ImageList_Write
0x614ab0 ImageList_SetBkColor
0x614ab4 ImageList_GetBkColor
0x614ab8 ImageList_BeginDrag
0x614abc ImageList_GetIcon
0x614ac0 ImageList_Replace
0x614ac4 ImageList_GetImageCount
0x614ac8 ImageList_DragEnter
0x614acc ImageList_GetIconSize
0x614ad0 ImageList_SetIconSize
0x614ad4 ImageList_Read
0x614ad8 ImageList_DragLeave
0x614adc ImageList_LoadImageW
0x614ae0 ImageList_Draw
0x614ae4 ImageList_Remove
0x614ae8 ImageList_ReplaceIcon
0x614aec ImageList_SetOverlayImage
shell32.dll
0x614af4 Shell_NotifyIconW
0x614af8 ShellExecuteW
ole32.dll
0x614b00 IsEqualGUID
0x614b04 OleInitialize
0x614b08 OleUninitialize
0x614b0c CoInitialize
0x614b10 CoCreateInstance
0x614b14 CoUninitialize
0x614b18 CoTaskMemFree
0x614b1c CoTaskMemAlloc
version.dll
0x614b24 GetFileVersionInfoSizeW
0x614b28 VerQueryValueW
0x614b2c GetFileVersionInfoW
user32.dll
0x614b34 CopyImage
0x614b38 CreateWindowExW
0x614b3c GetMenuItemInfoW
0x614b40 SetMenuItemInfoW
0x614b44 DefFrameProcW
0x614b48 GetDCEx
0x614b4c PeekMessageW
0x614b50 MonitorFromWindow
0x614b54 GetDlgCtrlID
0x614b58 SetTimer
0x614b5c WindowFromPoint
0x614b60 BeginPaint
0x614b64 RegisterClipboardFormatW
0x614b68 FrameRect
0x614b6c MapVirtualKeyW
0x614b70 IsWindowUnicode
0x614b74 RegisterWindowMessageW
0x614b78 FillRect
0x614b7c GetMenuStringW
0x614b80 DispatchMessageW
0x614b84 CreateAcceleratorTableW
0x614b88 SendMessageA
0x614b8c DefMDIChildProcW
0x614b90 EnumWindows
0x614b94 GetClassInfoW
0x614b98 ShowOwnedPopups
0x614b9c GetSystemMenu
0x614ba0 GetScrollRange
0x614ba4 SetScrollPos
0x614ba8 GetScrollPos
0x614bac GetActiveWindow
0x614bb0 SetActiveWindow
0x614bb4 DrawEdge
0x614bb8 GetKeyboardLayoutList
0x614bbc LoadBitmapW
0x614bc0 DrawFocusRect
0x614bc4 EnumChildWindows
0x614bc8 ReleaseCapture
0x614bcc UnhookWindowsHookEx
0x614bd0 LoadCursorW
0x614bd4 GetCapture
0x614bd8 SetCapture
0x614bdc CreatePopupMenu
0x614be0 ScrollWindow
0x614be4 ShowCaret
0x614be8 GetMenuItemID
0x614bec GetLastActivePopup
0x614bf0 CharLowerBuffW
0x614bf4 GetSystemMetrics
0x614bf8 SetWindowLongW
0x614bfc PostMessageW
0x614c00 DrawMenuBar
0x614c04 SetParent
0x614c08 IsZoomed
0x614c0c CharUpperBuffW
0x614c10 GetClientRect
0x614c14 IsChild
0x614c18 ClientToScreen
0x614c1c GetClipboardData
0x614c20 SetClipboardData
0x614c24 SetWindowPlacement
0x614c28 IsIconic
0x614c2c CallNextHookEx
0x614c30 GetMonitorInfoW
0x614c34 ShowWindow
0x614c38 CheckMenuItem
0x614c3c CharUpperW
0x614c40 DefWindowProcW
0x614c44 GetForegroundWindow
0x614c48 SetForegroundWindow
0x614c4c GetWindowTextW
0x614c50 EnableWindow
0x614c54 DestroyWindow
0x614c58 IsDialogMessageW
0x614c5c EndMenu
0x614c60 RegisterClassW
0x614c64 CharNextW
0x614c68 GetWindowThreadProcessId
0x614c6c RedrawWindow
0x614c70 GetDC
0x614c74 GetFocus
0x614c78 SetFocus
0x614c7c EndPaint
0x614c80 ReleaseDC
0x614c84 MsgWaitForMultipleObjectsEx
0x614c88 LoadKeyboardLayoutW
0x614c8c GetClassLongW
0x614c90 ActivateKeyboardLayout
0x614c94 GetParent
0x614c98 DrawTextW
0x614c9c SetScrollRange
0x614ca0 MonitorFromRect
0x614ca4 InsertMenuItemW
0x614ca8 PeekMessageA
0x614cac GetPropW
0x614cb0 SetClassLongW
0x614cb4 MessageBoxW
0x614cb8 MessageBeep
0x614cbc SetPropW
0x614cc0 RemovePropW
0x614cc4 UpdateWindow
0x614cc8 GetSubMenu
0x614ccc MsgWaitForMultipleObjects
0x614cd0 DestroyMenu
0x614cd4 DestroyIcon
0x614cd8 SetWindowsHookExW
0x614cdc EmptyClipboard
0x614ce0 IsWindowVisible
0x614ce4 DispatchMessageA
0x614ce8 UnregisterClassW
0x614cec GetTopWindow
0x614cf0 SendMessageW
0x614cf4 AdjustWindowRectEx
0x614cf8 DrawIcon
0x614cfc IsWindow
0x614d00 EnumThreadWindows
0x614d04 InvalidateRect
0x614d08 GetKeyboardState
0x614d0c DrawFrameControl
0x614d10 ScreenToClient
0x614d14 SetCursor
0x614d18 CreateIcon
0x614d1c CreateMenu
0x614d20 LoadStringW
0x614d24 CharLowerW
0x614d28 SetWindowRgn
0x614d2c SetWindowPos
0x614d30 GetMenuItemCount
0x614d34 RemoveMenu
0x614d38 GetSysColorBrush
0x614d3c GetKeyboardLayoutNameW
0x614d40 GetWindowDC
0x614d44 TranslateMessage
0x614d48 OpenClipboard
0x614d4c DrawTextExW
0x614d50 MapWindowPoints
0x614d54 EnumDisplayMonitors
0x614d58 CallWindowProcW
0x614d5c CloseClipboard
0x614d60 DestroyCursor
0x614d64 GetScrollInfo
0x614d68 SetWindowTextW
0x614d6c GetMessageExtraInfo
0x614d70 EnableScrollBar
0x614d74 GetSysColor
0x614d78 TrackPopupMenu
0x614d7c CopyIcon
0x614d80 DrawIconEx
0x614d84 PostQuitMessage
0x614d88 GetClassNameW
0x614d8c ShowScrollBar
0x614d90 EnableMenuItem
0x614d94 GetIconInfo
0x614d98 GetMessagePos
0x614d9c SetScrollInfo
0x614da0 GetKeyNameTextW
0x614da4 GetDesktopWindow
0x614da8 GetCursorPos
0x614dac SetCursorPos
0x614db0 HideCaret
0x614db4 GetMenu
0x614db8 GetMenuState
0x614dbc SetMenu
0x614dc0 SetRect
0x614dc4 GetKeyState
0x614dc8 FindWindowExW
0x614dcc MonitorFromPoint
0x614dd0 SystemParametersInfoW
0x614dd4 LoadIconW
0x614dd8 GetCursor
0x614ddc GetWindow
0x614de0 GetWindowLongW
0x614de4 GetWindowRect
0x614de8 InsertMenuW
0x614dec KillTimer
0x614df0 WaitMessage
0x614df4 IsWindowEnabled
0x614df8 IsDialogMessageA
0x614dfc TranslateMDISysAccel
0x614e00 GetWindowPlacement
0x614e04 FindWindowW
0x614e08 DeleteMenu
0x614e0c GetKeyboardLayout
oleaut32.dll
0x614e14 SysFreeString
0x614e18 VariantClear
0x614e1c VariantInit
0x614e20 GetErrorInfo
0x614e24 SysReAllocStringLen
0x614e28 SafeArrayCreate
0x614e2c SysAllocStringLen
0x614e30 SafeArrayPtrOfIndex
0x614e34 SafeArrayGetUBound
0x614e38 SafeArrayGetLBound
0x614e3c VariantCopy
0x614e40 VariantChangeType
netapi32.dll
0x614e48 NetWkstaGetInfo
0x614e4c NetApiBufferFree
advapi32.dll
0x614e54 RegSetValueExW
0x614e58 RegConnectRegistryW
0x614e5c RegEnumKeyExW
0x614e60 RegLoadKeyW
0x614e64 RegDeleteKeyW
0x614e68 RegOpenKeyExW
0x614e6c RegQueryInfoKeyW
0x614e70 RegUnLoadKeyW
0x614e74 RegSaveKeyW
0x614e78 RegDeleteValueW
0x614e7c RegReplaceKeyW
0x614e80 RegFlushKey
0x614e84 RegQueryValueExW
0x614e88 RegEnumValueW
0x614e8c RegCloseKey
0x614e90 RegCreateKeyExW
0x614e94 RegRestoreKeyW
gdi32.dll
0x614e9c Pie
0x614ea0 SetBkMode
0x614ea4 CreateCompatibleBitmap
0x614ea8 GetEnhMetaFileHeader
0x614eac RectVisible
0x614eb0 AngleArc
0x614eb4 SetAbortProc
0x614eb8 SetTextColor
0x614ebc StretchBlt
0x614ec0 RoundRect
0x614ec4 RestoreDC
0x614ec8 SetRectRgn
0x614ecc GetTextMetricsW
0x614ed0 GetWindowOrgEx
0x614ed4 CreatePalette
0x614ed8 PolyBezierTo
0x614edc CreateICW
0x614ee0 CreateDCW
0x614ee4 GetStockObject
0x614ee8 CreateSolidBrush
0x614eec Polygon
0x614ef0 MoveToEx
0x614ef4 PlayEnhMetaFile
0x614ef8 Ellipse
0x614efc StartPage
0x614f00 GetBitmapBits
0x614f04 StartDocW
0x614f08 GetSystemPaletteEntries
0x614f0c GetEnhMetaFileBits
0x614f10 AbortDoc
0x614f14 GetEnhMetaFilePaletteEntries
0x614f18 CreatePenIndirect
0x614f1c CreateFontIndirectW
0x614f20 PolyBezier
0x614f24 EndDoc
0x614f28 GetObjectW
0x614f2c GetWinMetaFileBits
0x614f30 SetROP2
0x614f34 GetEnhMetaFileDescriptionW
0x614f38 ArcTo
0x614f3c Arc
0x614f40 SelectPalette
0x614f44 ExcludeClipRect
0x614f48 MaskBlt
0x614f4c SetWindowOrgEx
0x614f50 EndPage
0x614f54 DeleteEnhMetaFile
0x614f58 Chord
0x614f5c SetDIBits
0x614f60 SetViewportOrgEx
0x614f64 CreateRectRgn
0x614f68 RealizePalette
0x614f6c SetDIBColorTable
0x614f70 GetDIBColorTable
0x614f74 CreateBrushIndirect
0x614f78 PatBlt
0x614f7c SetEnhMetaFileBits
0x614f80 Rectangle
0x614f84 SaveDC
0x614f88 DeleteDC
0x614f8c FrameRgn
0x614f90 BitBlt
0x614f94 GetDeviceCaps
0x614f98 GetTextExtentPoint32W
0x614f9c GetClipBox
0x614fa0 IntersectClipRect
0x614fa4 Polyline
0x614fa8 CreateBitmap
0x614fac SetWinMetaFileBits
0x614fb0 GetStretchBltMode
0x614fb4 CreateDIBitmap
0x614fb8 SetStretchBltMode
0x614fbc GetDIBits
0x614fc0 CreateDIBSection
0x614fc4 LineTo
0x614fc8 GetRgnBox
0x614fcc EnumFontsW
0x614fd0 CreateHalftonePalette
0x614fd4 SelectObject
0x614fd8 DeleteObject
0x614fdc ExtFloodFill
0x614fe0 UnrealizeObject
0x614fe4 CopyEnhMetaFileW
0x614fe8 SetBkColor
0x614fec CreateCompatibleDC
0x614ff0 GetBrushOrgEx
0x614ff4 GetCurrentPositionEx
0x614ff8 GetTextExtentPointW
0x614ffc ExtTextOutW
0x615000 SetBrushOrgEx
0x615004 GetPixel
0x615008 GdiFlush
0x61500c SetPixel
0x615010 EnumFontFamiliesExW
0x615014 StretchDIBits
0x615018 GetPaletteEntries
EAT(Export Address Table) Library
0x4d74dc TMethodImplementationIntercept
0x410794 __dbk_fcall_wrapper
0x61063c dbkFCallWrapperAddr