ScreenShot
| Created | 2021.07.22 14:00 | Machine | s1_win7_x6401 |
| Filename | lovemetertok.exe | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 29 detected (Trickpak, FKRT, malicious, confidence, 100%, Attribute, HighConfidence, TrickBot, BankerX, Artemis, Outbreak, kcloud, score, FTKT, ai score=82, Kryptik, susgen, GdSda) | ||
| md5 | ea252a83f501a1fd293d4a649cce274a | ||
| sha256 | 7bc0a27df5b8420ca23081fb973bb68729bab7b6229513c81019f7be76deb8e1 | ||
| ssdeep | 6144:6nhWubOStZ6AbgmgwLp3gUhWeGthOPc/woVPHma1MXohuPATdTpNSTrbkYW412ph:6nTltgBNwxgUXy/DGaXhu45pI3rep | ||
| imphash | f3deb6209dc9c95daaecc9f849af840f | ||
| impfuzzy | 192:jtgiIJFluDuwMkkoj2uq1WF6XcRcFcxP5:zQl5w/kFXEQM | ||
Network IP location
Signature (20cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| warning | File has been identified by 29 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Collects information to fingerprint the system (MachineGuid |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (16cnts) ?
Suricata ids
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET CNC Feodo Tracker Reported CnC Server group 22
ET CNC Feodo Tracker Reported CnC Server group 10
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)
ET CNC Feodo Tracker Reported CnC Server group 22
ET CNC Feodo Tracker Reported CnC Server group 10
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x10035180 GetStringTypeA
0x10035184 GetStringTypeW
0x10035188 IsBadReadPtr
0x1003518c IsBadCodePtr
0x10035190 LCMapStringW
0x10035194 SetStdHandle
0x10035198 CompareStringA
0x1003519c CompareStringW
0x100351a0 SetEnvironmentVariableA
0x100351a4 LCMapStringA
0x100351a8 GetProfileStringA
0x100351ac SetUnhandledExceptionFilter
0x100351b0 GetEnvironmentStringsW
0x100351b4 GetEnvironmentStrings
0x100351b8 FreeEnvironmentStringsW
0x100351bc FreeEnvironmentStringsA
0x100351c0 GetStartupInfoA
0x100351c4 GetFileType
0x100351c8 GetStdHandle
0x100351cc SetHandleCount
0x100351d0 IsBadWritePtr
0x100351d4 VirtualAlloc
0x100351d8 VirtualFree
0x100351dc HeapCreate
0x100351e0 HeapDestroy
0x100351e4 GetTimeZoneInformation
0x100351e8 HeapSize
0x100351ec HeapReAlloc
0x100351f0 GetACP
0x100351f4 TerminateProcess
0x100351f8 ExitProcess
0x100351fc RaiseException
0x10035200 HeapFree
0x10035204 GetCommandLineA
0x10035208 HeapAlloc
0x1003520c RtlUnwind
0x10035210 FileTimeToLocalFileTime
0x10035214 FileTimeToSystemTime
0x10035218 GetCurrentDirectoryA
0x1003521c SizeofResource
0x10035220 WritePrivateProfileStringA
0x10035224 GetPrivateProfileStringA
0x10035228 GetPrivateProfileIntA
0x1003522c GetOEMCP
0x10035230 GetCPInfo
0x10035234 TlsGetValue
0x10035238 LocalReAlloc
0x1003523c TlsSetValue
0x10035240 GlobalReAlloc
0x10035244 TlsFree
0x10035248 GlobalHandle
0x1003524c TlsAlloc
0x10035250 LocalFree
0x10035254 LocalAlloc
0x10035258 GlobalFlags
0x1003525c EnterCriticalSection
0x10035260 LeaveCriticalSection
0x10035264 DeleteCriticalSection
0x10035268 InitializeCriticalSection
0x1003526c SystemTimeToFileTime
0x10035270 LocalFileTimeToFileTime
0x10035274 GetFileSize
0x10035278 GetProcessVersion
0x1003527c GetShortPathNameA
0x10035280 GetThreadLocale
0x10035284 GetStringTypeExA
0x10035288 GetVolumeInformationA
0x1003528c FindFirstFileA
0x10035290 FindClose
0x10035294 DeleteFileA
0x10035298 MoveFileA
0x1003529c SetEndOfFile
0x100352a0 UnlockFile
0x100352a4 LockFile
0x100352a8 FlushFileBuffers
0x100352ac SetFilePointer
0x100352b0 WriteFile
0x100352b4 ReadFile
0x100352b8 CreateFileA
0x100352bc DuplicateHandle
0x100352c0 CloseHandle
0x100352c4 GetModuleFileNameA
0x100352c8 CreateProcessA
0x100352cc GlobalAlloc
0x100352d0 GetCurrentThread
0x100352d4 lstrcmpA
0x100352d8 GlobalFree
0x100352dc SetLastError
0x100352e0 WideCharToMultiByte
0x100352e4 InterlockedDecrement
0x100352e8 InterlockedIncrement
0x100352ec LoadLibraryA
0x100352f0 FreeLibrary
0x100352f4 FindResourceA
0x100352f8 LoadResource
0x100352fc LockResource
0x10035300 GetCurrentThreadId
0x10035304 lstrcmpiA
0x10035308 GlobalFindAtomA
0x1003530c GlobalDeleteAtom
0x10035310 lstrcatA
0x10035314 lstrcpyA
0x10035318 GlobalLock
0x1003531c GlobalUnlock
0x10035320 GlobalGetAtomNameA
0x10035324 GlobalAddAtomA
0x10035328 GetVersion
0x1003532c MulDiv
0x10035330 GetModuleHandleA
0x10035334 GetProcAddress
0x10035338 lstrlenA
0x1003533c MultiByteToWideChar
0x10035340 GetLastError
0x10035344 GetDiskFreeSpaceA
0x10035348 GetFileTime
0x1003534c SetFileTime
0x10035350 GetFullPathNameA
0x10035354 GetTempFileNameA
0x10035358 lstrcpynA
0x1003535c GetFileAttributesA
0x10035360 LoadLibraryW
0x10035364 GetCurrentProcess
USER32.dll
0x10035380 DefFrameProcA
0x10035384 TranslateMDISysAccel
0x10035388 DrawMenuBar
0x1003538c DefMDIChildProcA
0x10035390 RedrawWindow
0x10035394 IsZoomed
0x10035398 SetParent
0x1003539c IsRectEmpty
0x100353a0 AppendMenuA
0x100353a4 DeleteMenu
0x100353a8 GetSystemMenu
0x100353ac CreateDialogIndirectParamA
0x100353b0 EndDialog
0x100353b4 PostQuitMessage
0x100353b8 ShowOwnedPopups
0x100353bc ValidateRect
0x100353c0 TranslateMessage
0x100353c4 GetMessageA
0x100353c8 CharUpperA
0x100353cc GetSysColorBrush
0x100353d0 LoadStringA
0x100353d4 GetClassNameA
0x100353d8 FindWindowA
0x100353dc GetTabbedTextExtentA
0x100353e0 InflateRect
0x100353e4 GetDCEx
0x100353e8 LockWindowUpdate
0x100353ec SetCapture
0x100353f0 InvertRect
0x100353f4 InsertMenuA
0x100353f8 GetMenuStringA
0x100353fc DestroyIcon
0x10035400 ClientToScreen
0x10035404 WindowFromPoint
0x10035408 KillTimer
0x1003540c SetTimer
0x10035410 SetWindowTextA
0x10035414 IsDialogMessageA
0x10035418 SetDlgItemTextA
0x1003541c SendDlgItemMessageA
0x10035420 MapWindowPoints
0x10035424 DispatchMessageA
0x10035428 DeferWindowPos
0x1003542c BeginDeferWindowPos
0x10035430 EndDeferWindowPos
0x10035434 ScrollWindow
0x10035438 GetScrollInfo
0x1003543c SetScrollInfo
0x10035440 GetScrollRange
0x10035444 SetScrollRange
0x10035448 GetScrollPos
0x1003544c SetScrollPos
0x10035450 GetTopWindow
0x10035454 MessageBoxA
0x10035458 RegisterClassA
0x1003545c TrackPopupMenu
0x10035460 GetWindowTextLengthA
0x10035464 GetWindowTextA
0x10035468 DefWindowProcA
0x1003546c DestroyWindow
0x10035470 CreateWindowExA
0x10035474 CallNextHookEx
0x10035478 GetClassLongA
0x1003547c SetPropA
0x10035480 UnhookWindowsHookEx
0x10035484 GetPropA
0x10035488 CallWindowProcA
0x1003548c GrayStringA
0x10035490 GetMessageTime
0x10035494 GetMessagePos
0x10035498 GetForegroundWindow
0x1003549c SetForegroundWindow
0x100354a0 IntersectRect
0x100354a4 SystemParametersInfoA
0x100354a8 GetWindowPlacement
0x100354ac GetWindowRect
0x100354b0 GetSystemMetrics
0x100354b4 GetLastActivePopup
0x100354b8 BringWindowToTop
0x100354bc EqualRect
0x100354c0 CopyRect
0x100354c4 GetDlgItem
0x100354c8 SetWindowLongA
0x100354cc SetWindowPos
0x100354d0 GetMenuItemCount
0x100354d4 GetMenuItemID
0x100354d8 UnpackDDElParam
0x100354dc ReuseDDElParam
0x100354e0 SetActiveWindow
0x100354e4 WinHelpA
0x100354e8 SetMenu
0x100354ec GetMenu
0x100354f0 LoadIconA
0x100354f4 GetClassInfoA
0x100354f8 DestroyMenu
0x100354fc SetFocus
0x10035500 GetActiveWindow
0x10035504 ShowWindow
0x10035508 GetWindowLongA
0x1003550c IsWindow
0x10035510 GetDesktopWindow
0x10035514 GetWindow
0x10035518 IsWindowEnabled
0x1003551c GetCapture
0x10035520 ReleaseCapture
0x10035524 TranslateAcceleratorA
0x10035528 LoadAcceleratorsA
0x1003552c SetRectEmpty
0x10035530 RegisterWindowMessageA
0x10035534 GetDlgCtrlID
0x10035538 IsIconic
0x1003553c AdjustWindowRectEx
0x10035540 PeekMessageA
0x10035544 GetCursorPos
0x10035548 ScreenToClient
0x1003554c wsprintfA
0x10035550 InvalidateRect
0x10035554 PtInRect
0x10035558 FillRect
0x1003555c GetSysColor
0x10035560 SetRect
0x10035564 OffsetRect
0x10035568 EnableWindow
0x1003556c HideCaret
0x10035570 ShowCaret
0x10035574 ExcludeUpdateRgn
0x10035578 DrawFocusRect
0x1003557c DefDlgProcA
0x10035580 CharNextA
0x10035584 IsWindowUnicode
0x10035588 PostMessageA
0x1003558c EnumThreadWindows
0x10035590 GetSubMenu
0x10035594 IsChild
0x10035598 GetDC
0x1003559c ReleaseDC
0x100355a0 ShowScrollBar
0x100355a4 LoadCursorA
0x100355a8 SetCursor
0x100355ac DestroyCursor
0x100355b0 GetMenuCheckMarkDimensions
0x100355b4 LoadBitmapA
0x100355b8 GetMenuState
0x100355bc ModifyMenuA
0x100355c0 SetMenuItemBitmaps
0x100355c4 CheckMenuItem
0x100355c8 EnableMenuItem
0x100355cc GetFocus
0x100355d0 DrawTextA
0x100355d4 TabbedTextOutA
0x100355d8 EndPaint
0x100355dc BeginPaint
0x100355e0 RemovePropA
0x100355e4 GetWindowDC
0x100355e8 GetParent
0x100355ec GetNextDlgTabItem
0x100355f0 IsWindowVisible
0x100355f4 UpdateWindow
0x100355f8 SendMessageA
0x100355fc GetKeyState
0x10035600 GetClientRect
0x10035604 LoadMenuA
0x10035608 SetWindowsHookExA
GDI32.dll
0x10035044 DeleteObject
0x10035048 GetCharWidthA
0x1003504c CreateFontA
0x10035050 CreateRectRgnIndirect
0x10035054 SaveDC
0x10035058 RestoreDC
0x1003505c SetBkMode
0x10035060 SetPolyFillMode
0x10035064 SetROP2
0x10035068 SetStretchBltMode
0x1003506c SetMapMode
0x10035070 SetViewportOrgEx
0x10035074 OffsetViewportOrgEx
0x10035078 SetViewportExtEx
0x1003507c ScaleViewportExtEx
0x10035080 SetWindowOrgEx
0x10035084 SetWindowExtEx
0x10035088 ScaleWindowExtEx
0x1003508c SelectClipRgn
0x10035090 ExcludeClipRect
0x10035094 IntersectClipRect
0x10035098 MoveToEx
0x1003509c LineTo
0x100350a0 SetTextAlign
0x100350a4 GetCurrentPositionEx
0x100350a8 CreateCompatibleBitmap
0x100350ac CreateRectRgn
0x100350b0 GetViewportExtEx
0x100350b4 GetWindowExtEx
0x100350b8 CreateSolidBrush
0x100350bc CreatePatternBrush
0x100350c0 PtVisible
0x100350c4 RectVisible
0x100350c8 TextOutA
0x100350cc ExtTextOutA
0x100350d0 Escape
0x100350d4 GetTextExtentPoint32A
0x100350d8 GetTextMetricsA
0x100350dc LPtoDP
0x100350e0 GetBkColor
0x100350e4 GetNearestColor
0x100350e8 GetTextColor
0x100350ec GetStretchBltMode
0x100350f0 GetPolyFillMode
0x100350f4 GetTextAlign
0x100350f8 GetBkMode
0x100350fc GetROP2
0x10035100 CreateFontIndirectA
0x10035104 GetTextFaceA
0x10035108 GetWindowOrgEx
0x1003510c SetRectRgn
0x10035110 CombineRgn
0x10035114 BitBlt
0x10035118 CreateCompatibleDC
0x1003511c SelectObject
0x10035120 StretchDIBits
0x10035124 GetObjectA
0x10035128 SetBkColor
0x1003512c SetTextColor
0x10035130 GetClipBox
0x10035134 DeleteDC
0x10035138 CreateDCA
0x1003513c SetAbortProc
0x10035140 StartDocA
0x10035144 StartPage
0x10035148 EndPage
0x1003514c EndDoc
0x10035150 AbortDoc
0x10035154 GetViewportOrgEx
0x10035158 CreatePen
0x1003515c DPtoLP
0x10035160 Rectangle
0x10035164 GetStockObject
0x10035168 PatBlt
0x1003516c GetDeviceCaps
0x10035170 CreateDIBitmap
0x10035174 GetTextExtentPointA
0x10035178 CreateBitmap
comdlg32.dll
0x10035620 PrintDlgA
0x10035624 GetFileTitleA
0x10035628 CommDlgExtendedError
0x1003562c GetSaveFileNameA
0x10035630 GetOpenFileNameA
WINSPOOL.DRV
0x10035610 OpenPrinterA
0x10035614 DocumentPropertiesA
0x10035618 ClosePrinter
ADVAPI32.dll
0x10035000 RegDeleteValueA
0x10035004 GetFileSecurityA
0x10035008 RegQueryValueA
0x1003500c RegCloseKey
0x10035010 RegEnumKeyA
0x10035014 RegOpenKeyA
0x10035018 RegDeleteKeyA
0x1003501c RegQueryValueExA
0x10035020 RegOpenKeyExA
0x10035024 RegSetValueA
0x10035028 RegCreateKeyA
0x1003502c SetFileSecurityA
0x10035030 RegSetValueExA
0x10035034 RegCreateKeyExA
SHELL32.dll
0x1003536c SHGetFileInfoA
0x10035370 DragQueryFileA
0x10035374 DragFinish
0x10035378 ExtractIconA
COMCTL32.dll
0x1003503c None
EAT(Export Address Table) Library
0x10001dd0 StartW
KERNEL32.dll
0x10035180 GetStringTypeA
0x10035184 GetStringTypeW
0x10035188 IsBadReadPtr
0x1003518c IsBadCodePtr
0x10035190 LCMapStringW
0x10035194 SetStdHandle
0x10035198 CompareStringA
0x1003519c CompareStringW
0x100351a0 SetEnvironmentVariableA
0x100351a4 LCMapStringA
0x100351a8 GetProfileStringA
0x100351ac SetUnhandledExceptionFilter
0x100351b0 GetEnvironmentStringsW
0x100351b4 GetEnvironmentStrings
0x100351b8 FreeEnvironmentStringsW
0x100351bc FreeEnvironmentStringsA
0x100351c0 GetStartupInfoA
0x100351c4 GetFileType
0x100351c8 GetStdHandle
0x100351cc SetHandleCount
0x100351d0 IsBadWritePtr
0x100351d4 VirtualAlloc
0x100351d8 VirtualFree
0x100351dc HeapCreate
0x100351e0 HeapDestroy
0x100351e4 GetTimeZoneInformation
0x100351e8 HeapSize
0x100351ec HeapReAlloc
0x100351f0 GetACP
0x100351f4 TerminateProcess
0x100351f8 ExitProcess
0x100351fc RaiseException
0x10035200 HeapFree
0x10035204 GetCommandLineA
0x10035208 HeapAlloc
0x1003520c RtlUnwind
0x10035210 FileTimeToLocalFileTime
0x10035214 FileTimeToSystemTime
0x10035218 GetCurrentDirectoryA
0x1003521c SizeofResource
0x10035220 WritePrivateProfileStringA
0x10035224 GetPrivateProfileStringA
0x10035228 GetPrivateProfileIntA
0x1003522c GetOEMCP
0x10035230 GetCPInfo
0x10035234 TlsGetValue
0x10035238 LocalReAlloc
0x1003523c TlsSetValue
0x10035240 GlobalReAlloc
0x10035244 TlsFree
0x10035248 GlobalHandle
0x1003524c TlsAlloc
0x10035250 LocalFree
0x10035254 LocalAlloc
0x10035258 GlobalFlags
0x1003525c EnterCriticalSection
0x10035260 LeaveCriticalSection
0x10035264 DeleteCriticalSection
0x10035268 InitializeCriticalSection
0x1003526c SystemTimeToFileTime
0x10035270 LocalFileTimeToFileTime
0x10035274 GetFileSize
0x10035278 GetProcessVersion
0x1003527c GetShortPathNameA
0x10035280 GetThreadLocale
0x10035284 GetStringTypeExA
0x10035288 GetVolumeInformationA
0x1003528c FindFirstFileA
0x10035290 FindClose
0x10035294 DeleteFileA
0x10035298 MoveFileA
0x1003529c SetEndOfFile
0x100352a0 UnlockFile
0x100352a4 LockFile
0x100352a8 FlushFileBuffers
0x100352ac SetFilePointer
0x100352b0 WriteFile
0x100352b4 ReadFile
0x100352b8 CreateFileA
0x100352bc DuplicateHandle
0x100352c0 CloseHandle
0x100352c4 GetModuleFileNameA
0x100352c8 CreateProcessA
0x100352cc GlobalAlloc
0x100352d0 GetCurrentThread
0x100352d4 lstrcmpA
0x100352d8 GlobalFree
0x100352dc SetLastError
0x100352e0 WideCharToMultiByte
0x100352e4 InterlockedDecrement
0x100352e8 InterlockedIncrement
0x100352ec LoadLibraryA
0x100352f0 FreeLibrary
0x100352f4 FindResourceA
0x100352f8 LoadResource
0x100352fc LockResource
0x10035300 GetCurrentThreadId
0x10035304 lstrcmpiA
0x10035308 GlobalFindAtomA
0x1003530c GlobalDeleteAtom
0x10035310 lstrcatA
0x10035314 lstrcpyA
0x10035318 GlobalLock
0x1003531c GlobalUnlock
0x10035320 GlobalGetAtomNameA
0x10035324 GlobalAddAtomA
0x10035328 GetVersion
0x1003532c MulDiv
0x10035330 GetModuleHandleA
0x10035334 GetProcAddress
0x10035338 lstrlenA
0x1003533c MultiByteToWideChar
0x10035340 GetLastError
0x10035344 GetDiskFreeSpaceA
0x10035348 GetFileTime
0x1003534c SetFileTime
0x10035350 GetFullPathNameA
0x10035354 GetTempFileNameA
0x10035358 lstrcpynA
0x1003535c GetFileAttributesA
0x10035360 LoadLibraryW
0x10035364 GetCurrentProcess
USER32.dll
0x10035380 DefFrameProcA
0x10035384 TranslateMDISysAccel
0x10035388 DrawMenuBar
0x1003538c DefMDIChildProcA
0x10035390 RedrawWindow
0x10035394 IsZoomed
0x10035398 SetParent
0x1003539c IsRectEmpty
0x100353a0 AppendMenuA
0x100353a4 DeleteMenu
0x100353a8 GetSystemMenu
0x100353ac CreateDialogIndirectParamA
0x100353b0 EndDialog
0x100353b4 PostQuitMessage
0x100353b8 ShowOwnedPopups
0x100353bc ValidateRect
0x100353c0 TranslateMessage
0x100353c4 GetMessageA
0x100353c8 CharUpperA
0x100353cc GetSysColorBrush
0x100353d0 LoadStringA
0x100353d4 GetClassNameA
0x100353d8 FindWindowA
0x100353dc GetTabbedTextExtentA
0x100353e0 InflateRect
0x100353e4 GetDCEx
0x100353e8 LockWindowUpdate
0x100353ec SetCapture
0x100353f0 InvertRect
0x100353f4 InsertMenuA
0x100353f8 GetMenuStringA
0x100353fc DestroyIcon
0x10035400 ClientToScreen
0x10035404 WindowFromPoint
0x10035408 KillTimer
0x1003540c SetTimer
0x10035410 SetWindowTextA
0x10035414 IsDialogMessageA
0x10035418 SetDlgItemTextA
0x1003541c SendDlgItemMessageA
0x10035420 MapWindowPoints
0x10035424 DispatchMessageA
0x10035428 DeferWindowPos
0x1003542c BeginDeferWindowPos
0x10035430 EndDeferWindowPos
0x10035434 ScrollWindow
0x10035438 GetScrollInfo
0x1003543c SetScrollInfo
0x10035440 GetScrollRange
0x10035444 SetScrollRange
0x10035448 GetScrollPos
0x1003544c SetScrollPos
0x10035450 GetTopWindow
0x10035454 MessageBoxA
0x10035458 RegisterClassA
0x1003545c TrackPopupMenu
0x10035460 GetWindowTextLengthA
0x10035464 GetWindowTextA
0x10035468 DefWindowProcA
0x1003546c DestroyWindow
0x10035470 CreateWindowExA
0x10035474 CallNextHookEx
0x10035478 GetClassLongA
0x1003547c SetPropA
0x10035480 UnhookWindowsHookEx
0x10035484 GetPropA
0x10035488 CallWindowProcA
0x1003548c GrayStringA
0x10035490 GetMessageTime
0x10035494 GetMessagePos
0x10035498 GetForegroundWindow
0x1003549c SetForegroundWindow
0x100354a0 IntersectRect
0x100354a4 SystemParametersInfoA
0x100354a8 GetWindowPlacement
0x100354ac GetWindowRect
0x100354b0 GetSystemMetrics
0x100354b4 GetLastActivePopup
0x100354b8 BringWindowToTop
0x100354bc EqualRect
0x100354c0 CopyRect
0x100354c4 GetDlgItem
0x100354c8 SetWindowLongA
0x100354cc SetWindowPos
0x100354d0 GetMenuItemCount
0x100354d4 GetMenuItemID
0x100354d8 UnpackDDElParam
0x100354dc ReuseDDElParam
0x100354e0 SetActiveWindow
0x100354e4 WinHelpA
0x100354e8 SetMenu
0x100354ec GetMenu
0x100354f0 LoadIconA
0x100354f4 GetClassInfoA
0x100354f8 DestroyMenu
0x100354fc SetFocus
0x10035500 GetActiveWindow
0x10035504 ShowWindow
0x10035508 GetWindowLongA
0x1003550c IsWindow
0x10035510 GetDesktopWindow
0x10035514 GetWindow
0x10035518 IsWindowEnabled
0x1003551c GetCapture
0x10035520 ReleaseCapture
0x10035524 TranslateAcceleratorA
0x10035528 LoadAcceleratorsA
0x1003552c SetRectEmpty
0x10035530 RegisterWindowMessageA
0x10035534 GetDlgCtrlID
0x10035538 IsIconic
0x1003553c AdjustWindowRectEx
0x10035540 PeekMessageA
0x10035544 GetCursorPos
0x10035548 ScreenToClient
0x1003554c wsprintfA
0x10035550 InvalidateRect
0x10035554 PtInRect
0x10035558 FillRect
0x1003555c GetSysColor
0x10035560 SetRect
0x10035564 OffsetRect
0x10035568 EnableWindow
0x1003556c HideCaret
0x10035570 ShowCaret
0x10035574 ExcludeUpdateRgn
0x10035578 DrawFocusRect
0x1003557c DefDlgProcA
0x10035580 CharNextA
0x10035584 IsWindowUnicode
0x10035588 PostMessageA
0x1003558c EnumThreadWindows
0x10035590 GetSubMenu
0x10035594 IsChild
0x10035598 GetDC
0x1003559c ReleaseDC
0x100355a0 ShowScrollBar
0x100355a4 LoadCursorA
0x100355a8 SetCursor
0x100355ac DestroyCursor
0x100355b0 GetMenuCheckMarkDimensions
0x100355b4 LoadBitmapA
0x100355b8 GetMenuState
0x100355bc ModifyMenuA
0x100355c0 SetMenuItemBitmaps
0x100355c4 CheckMenuItem
0x100355c8 EnableMenuItem
0x100355cc GetFocus
0x100355d0 DrawTextA
0x100355d4 TabbedTextOutA
0x100355d8 EndPaint
0x100355dc BeginPaint
0x100355e0 RemovePropA
0x100355e4 GetWindowDC
0x100355e8 GetParent
0x100355ec GetNextDlgTabItem
0x100355f0 IsWindowVisible
0x100355f4 UpdateWindow
0x100355f8 SendMessageA
0x100355fc GetKeyState
0x10035600 GetClientRect
0x10035604 LoadMenuA
0x10035608 SetWindowsHookExA
GDI32.dll
0x10035044 DeleteObject
0x10035048 GetCharWidthA
0x1003504c CreateFontA
0x10035050 CreateRectRgnIndirect
0x10035054 SaveDC
0x10035058 RestoreDC
0x1003505c SetBkMode
0x10035060 SetPolyFillMode
0x10035064 SetROP2
0x10035068 SetStretchBltMode
0x1003506c SetMapMode
0x10035070 SetViewportOrgEx
0x10035074 OffsetViewportOrgEx
0x10035078 SetViewportExtEx
0x1003507c ScaleViewportExtEx
0x10035080 SetWindowOrgEx
0x10035084 SetWindowExtEx
0x10035088 ScaleWindowExtEx
0x1003508c SelectClipRgn
0x10035090 ExcludeClipRect
0x10035094 IntersectClipRect
0x10035098 MoveToEx
0x1003509c LineTo
0x100350a0 SetTextAlign
0x100350a4 GetCurrentPositionEx
0x100350a8 CreateCompatibleBitmap
0x100350ac CreateRectRgn
0x100350b0 GetViewportExtEx
0x100350b4 GetWindowExtEx
0x100350b8 CreateSolidBrush
0x100350bc CreatePatternBrush
0x100350c0 PtVisible
0x100350c4 RectVisible
0x100350c8 TextOutA
0x100350cc ExtTextOutA
0x100350d0 Escape
0x100350d4 GetTextExtentPoint32A
0x100350d8 GetTextMetricsA
0x100350dc LPtoDP
0x100350e0 GetBkColor
0x100350e4 GetNearestColor
0x100350e8 GetTextColor
0x100350ec GetStretchBltMode
0x100350f0 GetPolyFillMode
0x100350f4 GetTextAlign
0x100350f8 GetBkMode
0x100350fc GetROP2
0x10035100 CreateFontIndirectA
0x10035104 GetTextFaceA
0x10035108 GetWindowOrgEx
0x1003510c SetRectRgn
0x10035110 CombineRgn
0x10035114 BitBlt
0x10035118 CreateCompatibleDC
0x1003511c SelectObject
0x10035120 StretchDIBits
0x10035124 GetObjectA
0x10035128 SetBkColor
0x1003512c SetTextColor
0x10035130 GetClipBox
0x10035134 DeleteDC
0x10035138 CreateDCA
0x1003513c SetAbortProc
0x10035140 StartDocA
0x10035144 StartPage
0x10035148 EndPage
0x1003514c EndDoc
0x10035150 AbortDoc
0x10035154 GetViewportOrgEx
0x10035158 CreatePen
0x1003515c DPtoLP
0x10035160 Rectangle
0x10035164 GetStockObject
0x10035168 PatBlt
0x1003516c GetDeviceCaps
0x10035170 CreateDIBitmap
0x10035174 GetTextExtentPointA
0x10035178 CreateBitmap
comdlg32.dll
0x10035620 PrintDlgA
0x10035624 GetFileTitleA
0x10035628 CommDlgExtendedError
0x1003562c GetSaveFileNameA
0x10035630 GetOpenFileNameA
WINSPOOL.DRV
0x10035610 OpenPrinterA
0x10035614 DocumentPropertiesA
0x10035618 ClosePrinter
ADVAPI32.dll
0x10035000 RegDeleteValueA
0x10035004 GetFileSecurityA
0x10035008 RegQueryValueA
0x1003500c RegCloseKey
0x10035010 RegEnumKeyA
0x10035014 RegOpenKeyA
0x10035018 RegDeleteKeyA
0x1003501c RegQueryValueExA
0x10035020 RegOpenKeyExA
0x10035024 RegSetValueA
0x10035028 RegCreateKeyA
0x1003502c SetFileSecurityA
0x10035030 RegSetValueExA
0x10035034 RegCreateKeyExA
SHELL32.dll
0x1003536c SHGetFileInfoA
0x10035370 DragQueryFileA
0x10035374 DragFinish
0x10035378 ExtractIconA
COMCTL32.dll
0x1003503c None
EAT(Export Address Table) Library
0x10001dd0 StartW