ScreenShot
| Created | 2021.07.30 11:51 | Machine | s1_win7_x6402 |
| Filename | credit.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 20 detected (Androm, malicious, high confidence, Artemis, Attribute, HighConfidence, GenKryptik, FHVJ, FileRepMalware, Generic ML PUA, kcloud, Fareit, score, ZelphiF, bHW@aaKucxfi, Outbreak, susgen) | ||
| md5 | 821e75318f291ec08bafe26ceb1eeeff | ||
| sha256 | e1686c75b6d0982c533063557289dd24d66ba74a9dd37cd5d328c3451035a01f | ||
| ssdeep | 12288:Emt6Xn/fYF7E9rTdcDNVn14ZNBehaSXYG0aAJ92PHiLeN0aSy3V6+1G6W:xt0XnVcDNcm7JBa2HKaLFt | ||
| imphash | 04e2fca09a354b909f05dafce23756a7 | ||
| impfuzzy | 192:f3Cnf1sT1/kbuuaxSUvK9/3oaqyrUo7CPbOQw+:f3o1scaq9AIePbOQP | ||
Network IP location
Signature (20cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 20 AntiVirus engines on VirusTotal as malicious |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Creates a thread using CreateRemoteThread in a non-child process indicative of process injection |
| watch | Installs itself for autorun at Windows startup |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | Network activity contains more than one unique useragent |
| watch | One or more of the buffers contains an embedded PE file |
| watch | Potential code injection by writing to the memory of another process |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Command line console output was observed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (38cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Network_Downloader | File Downloader | memory |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | Code_injection | Code injection with CreateRemoteThread in a remote process | memory |
| notice | Create_Service | Create a windows service | memory |
| notice | Escalate_priviledges | Escalate priviledges | memory |
| notice | KeyLogger | Run a KeyLogger | memory |
| notice | local_credential_Steal | Steal credential | memory |
| notice | Network_DGA | Communication using DGA | memory |
| notice | Network_DNS | Communications use DNS | memory |
| notice | Network_FTP | Communications over FTP | memory |
| notice | Network_HTTP | Communications over HTTP | memory |
| notice | Network_P2P_Win | Communications over P2P network | memory |
| notice | Network_TCP_Socket | Communications over RAW Socket | memory |
| notice | ScreenShot | Take ScreenShot | memory |
| notice | Sniff_Audio | Record Audio | memory |
| notice | Str_Win32_Http_API | Match Windows Http API call | memory |
| notice | Str_Win32_Internet_API | Match Windows Inet API call | memory |
| info | anti_dbg | Checks if being debugged | memory |
| info | antisb_threatExpert | Anti-Sandbox checks for ThreatExpert | memory |
| info | Check_Dlls | (no description) | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerCheck__RemoteAPI | (no description) | memory |
| info | DebuggerException__ConsoleCtrl | (no description) | memory |
| info | DebuggerException__SetConsoleCtrl | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
| info | win_hook | Affect hook table | memory |
Network (7cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
kernel32.dll
0x4c2168 DeleteCriticalSection
0x4c216c LeaveCriticalSection
0x4c2170 EnterCriticalSection
0x4c2174 InitializeCriticalSection
0x4c2178 VirtualFree
0x4c217c VirtualAlloc
0x4c2180 LocalFree
0x4c2184 LocalAlloc
0x4c2188 GetVersion
0x4c218c GetCurrentThreadId
0x4c2190 InterlockedDecrement
0x4c2194 InterlockedIncrement
0x4c2198 VirtualQuery
0x4c219c WideCharToMultiByte
0x4c21a0 MultiByteToWideChar
0x4c21a4 lstrlenA
0x4c21a8 lstrcpynA
0x4c21ac LoadLibraryExA
0x4c21b0 GetThreadLocale
0x4c21b4 GetStartupInfoA
0x4c21b8 GetProcAddress
0x4c21bc GetModuleHandleA
0x4c21c0 GetModuleFileNameA
0x4c21c4 GetLocaleInfoA
0x4c21c8 GetCommandLineA
0x4c21cc FreeLibrary
0x4c21d0 FindFirstFileA
0x4c21d4 FindClose
0x4c21d8 ExitProcess
0x4c21dc WriteFile
0x4c21e0 UnhandledExceptionFilter
0x4c21e4 RtlUnwind
0x4c21e8 RaiseException
0x4c21ec GetStdHandle
user32.dll
0x4c21f4 GetKeyboardType
0x4c21f8 LoadStringA
0x4c21fc MessageBoxA
0x4c2200 CharNextA
advapi32.dll
0x4c2208 RegQueryValueExA
0x4c220c RegOpenKeyExA
0x4c2210 RegCloseKey
oleaut32.dll
0x4c2218 SysFreeString
0x4c221c SysReAllocStringLen
0x4c2220 SysAllocStringLen
kernel32.dll
0x4c2228 TlsSetValue
0x4c222c TlsGetValue
0x4c2230 LocalAlloc
0x4c2234 GetModuleHandleA
advapi32.dll
0x4c223c RegQueryValueExA
0x4c2240 RegOpenKeyExA
0x4c2244 RegCloseKey
kernel32.dll
0x4c224c lstrcpyA
0x4c2250 lstrcmpA
0x4c2254 WriteFile
0x4c2258 WaitForSingleObject
0x4c225c VirtualQuery
0x4c2260 VirtualProtect
0x4c2264 VirtualAlloc
0x4c2268 Sleep
0x4c226c SizeofResource
0x4c2270 SetThreadLocale
0x4c2274 SetFilePointer
0x4c2278 SetEvent
0x4c227c SetErrorMode
0x4c2280 SetEndOfFile
0x4c2284 ResetEvent
0x4c2288 ReadFile
0x4c228c MultiByteToWideChar
0x4c2290 MulDiv
0x4c2294 LockResource
0x4c2298 LoadResource
0x4c229c LoadLibraryA
0x4c22a0 LeaveCriticalSection
0x4c22a4 InitializeCriticalSection
0x4c22a8 GlobalUnlock
0x4c22ac GlobalSize
0x4c22b0 GlobalReAlloc
0x4c22b4 GlobalHandle
0x4c22b8 GlobalLock
0x4c22bc GlobalFree
0x4c22c0 GlobalFindAtomA
0x4c22c4 GlobalDeleteAtom
0x4c22c8 GlobalAlloc
0x4c22cc GlobalAddAtomA
0x4c22d0 GetVersionExA
0x4c22d4 GetVersion
0x4c22d8 GetUserDefaultLCID
0x4c22dc GetTickCount
0x4c22e0 GetThreadLocale
0x4c22e4 GetSystemInfo
0x4c22e8 GetStringTypeExA
0x4c22ec GetStdHandle
0x4c22f0 GetProcAddress
0x4c22f4 GetModuleHandleA
0x4c22f8 GetModuleFileNameA
0x4c22fc GetLocaleInfoA
0x4c2300 GetLocalTime
0x4c2304 GetLastError
0x4c2308 GetFullPathNameA
0x4c230c GetDiskFreeSpaceA
0x4c2310 GetDateFormatA
0x4c2314 GetCurrentThreadId
0x4c2318 GetCurrentProcessId
0x4c231c GetComputerNameA
0x4c2320 GetCPInfo
0x4c2324 GetACP
0x4c2328 FreeResource
0x4c232c InterlockedExchange
0x4c2330 FreeLibrary
0x4c2334 FormatMessageA
0x4c2338 FindResourceA
0x4c233c FindFirstFileA
0x4c2340 FindClose
0x4c2344 FileTimeToLocalFileTime
0x4c2348 FileTimeToDosDateTime
0x4c234c EnumCalendarInfoA
0x4c2350 EnterCriticalSection
0x4c2354 DeleteFileA
0x4c2358 DeleteCriticalSection
0x4c235c CreateThread
0x4c2360 CreateFileA
0x4c2364 CreateEventA
0x4c2368 CompareStringA
0x4c236c CloseHandle
version.dll
0x4c2374 VerQueryValueA
0x4c2378 GetFileVersionInfoSizeA
0x4c237c GetFileVersionInfoA
gdi32.dll
0x4c2384 UnrealizeObject
0x4c2388 StretchBlt
0x4c238c SetWindowOrgEx
0x4c2390 SetWinMetaFileBits
0x4c2394 SetViewportOrgEx
0x4c2398 SetTextColor
0x4c239c SetStretchBltMode
0x4c23a0 SetROP2
0x4c23a4 SetPixel
0x4c23a8 SetEnhMetaFileBits
0x4c23ac SetDIBColorTable
0x4c23b0 SetBrushOrgEx
0x4c23b4 SetBkMode
0x4c23b8 SetBkColor
0x4c23bc SelectPalette
0x4c23c0 SelectObject
0x4c23c4 SaveDC
0x4c23c8 RestoreDC
0x4c23cc Rectangle
0x4c23d0 RectVisible
0x4c23d4 RealizePalette
0x4c23d8 Polyline
0x4c23dc Polygon
0x4c23e0 PlayEnhMetaFile
0x4c23e4 PatBlt
0x4c23e8 MoveToEx
0x4c23ec MaskBlt
0x4c23f0 LineTo
0x4c23f4 IntersectClipRect
0x4c23f8 GetWindowOrgEx
0x4c23fc GetWinMetaFileBits
0x4c2400 GetTextMetricsA
0x4c2404 GetTextExtentPointA
0x4c2408 GetTextExtentPoint32A
0x4c240c GetSystemPaletteEntries
0x4c2410 GetStockObject
0x4c2414 GetPixel
0x4c2418 GetPaletteEntries
0x4c241c GetObjectA
0x4c2420 GetEnhMetaFilePaletteEntries
0x4c2424 GetEnhMetaFileHeader
0x4c2428 GetEnhMetaFileDescriptionA
0x4c242c GetEnhMetaFileBits
0x4c2430 GetDeviceCaps
0x4c2434 GetDIBits
0x4c2438 GetDIBColorTable
0x4c243c GetDCOrgEx
0x4c2440 GetCurrentPositionEx
0x4c2444 GetClipBox
0x4c2448 GetBrushOrgEx
0x4c244c GetBitmapBits
0x4c2450 GdiFlush
0x4c2454 ExtTextOutA
0x4c2458 ExcludeClipRect
0x4c245c DeleteObject
0x4c2460 DeleteEnhMetaFile
0x4c2464 DeleteDC
0x4c2468 CreateSolidBrush
0x4c246c CreatePenIndirect
0x4c2470 CreatePalette
0x4c2474 CreateHalftonePalette
0x4c2478 CreateFontIndirectA
0x4c247c CreateEnhMetaFileA
0x4c2480 CreateDIBitmap
0x4c2484 CreateDIBSection
0x4c2488 CreateCompatibleDC
0x4c248c CreateCompatibleBitmap
0x4c2490 CreateBrushIndirect
0x4c2494 CreateBitmap
0x4c2498 CopyEnhMetaFileA
0x4c249c CloseEnhMetaFile
0x4c24a0 BitBlt
user32.dll
0x4c24a8 CreateWindowExA
0x4c24ac WindowFromPoint
0x4c24b0 WinHelpA
0x4c24b4 WaitMessage
0x4c24b8 UpdateWindow
0x4c24bc UnregisterClassA
0x4c24c0 UnhookWindowsHookEx
0x4c24c4 TranslateMessage
0x4c24c8 TranslateMDISysAccel
0x4c24cc TrackPopupMenu
0x4c24d0 SystemParametersInfoA
0x4c24d4 ShowWindow
0x4c24d8 ShowScrollBar
0x4c24dc ShowOwnedPopups
0x4c24e0 ShowCursor
0x4c24e4 ShowCaret
0x4c24e8 SetWindowsHookExA
0x4c24ec SetWindowTextA
0x4c24f0 SetWindowPos
0x4c24f4 SetWindowPlacement
0x4c24f8 SetWindowLongA
0x4c24fc SetTimer
0x4c2500 SetScrollRange
0x4c2504 SetScrollPos
0x4c2508 SetScrollInfo
0x4c250c SetRect
0x4c2510 SetPropA
0x4c2514 SetParent
0x4c2518 SetMenuItemInfoA
0x4c251c SetMenu
0x4c2520 SetForegroundWindow
0x4c2524 SetFocus
0x4c2528 SetCursor
0x4c252c SetClipboardData
0x4c2530 SetClassLongA
0x4c2534 SetCapture
0x4c2538 SetActiveWindow
0x4c253c SendMessageA
0x4c2540 ScrollWindow
0x4c2544 ScreenToClient
0x4c2548 RemovePropA
0x4c254c RemoveMenu
0x4c2550 ReleaseDC
0x4c2554 ReleaseCapture
0x4c2558 RegisterWindowMessageA
0x4c255c RegisterClipboardFormatA
0x4c2560 RegisterClassA
0x4c2564 RedrawWindow
0x4c2568 PtInRect
0x4c256c PostQuitMessage
0x4c2570 PostMessageA
0x4c2574 PeekMessageA
0x4c2578 OpenClipboard
0x4c257c OffsetRect
0x4c2580 OemToCharA
0x4c2584 MsgWaitForMultipleObjects
0x4c2588 MessageBoxA
0x4c258c MessageBeep
0x4c2590 MapWindowPoints
0x4c2594 MapVirtualKeyA
0x4c2598 LoadStringA
0x4c259c LoadKeyboardLayoutA
0x4c25a0 LoadIconA
0x4c25a4 LoadCursorA
0x4c25a8 LoadBitmapA
0x4c25ac KillTimer
0x4c25b0 IsZoomed
0x4c25b4 IsWindowVisible
0x4c25b8 IsWindowEnabled
0x4c25bc IsWindow
0x4c25c0 IsRectEmpty
0x4c25c4 IsIconic
0x4c25c8 IsDialogMessageA
0x4c25cc IsChild
0x4c25d0 InvalidateRect
0x4c25d4 IntersectRect
0x4c25d8 InsertMenuItemA
0x4c25dc InsertMenuA
0x4c25e0 InflateRect
0x4c25e4 HideCaret
0x4c25e8 GetWindowThreadProcessId
0x4c25ec GetWindowTextA
0x4c25f0 GetWindowRect
0x4c25f4 GetWindowPlacement
0x4c25f8 GetWindowLongA
0x4c25fc GetWindowDC
0x4c2600 GetTopWindow
0x4c2604 GetSystemMetrics
0x4c2608 GetSystemMenu
0x4c260c GetSysColorBrush
0x4c2610 GetSysColor
0x4c2614 GetSubMenu
0x4c2618 GetScrollRange
0x4c261c GetScrollPos
0x4c2620 GetScrollInfo
0x4c2624 GetPropA
0x4c2628 GetParent
0x4c262c GetWindow
0x4c2630 GetMessageTime
0x4c2634 GetMenuStringA
0x4c2638 GetMenuState
0x4c263c GetMenuItemInfoA
0x4c2640 GetMenuItemID
0x4c2644 GetMenuItemCount
0x4c2648 GetMenu
0x4c264c GetLastActivePopup
0x4c2650 GetKeyboardState
0x4c2654 GetKeyboardLayoutList
0x4c2658 GetKeyboardLayout
0x4c265c GetKeyState
0x4c2660 GetKeyNameTextA
0x4c2664 GetIconInfo
0x4c2668 GetForegroundWindow
0x4c266c GetFocus
0x4c2670 GetDlgItem
0x4c2674 GetDesktopWindow
0x4c2678 GetDCEx
0x4c267c GetDC
0x4c2680 GetCursorPos
0x4c2684 GetCursor
0x4c2688 GetClipboardData
0x4c268c GetClientRect
0x4c2690 GetClassNameA
0x4c2694 GetClassInfoA
0x4c2698 GetCapture
0x4c269c GetActiveWindow
0x4c26a0 FrameRect
0x4c26a4 FindWindowA
0x4c26a8 FillRect
0x4c26ac EqualRect
0x4c26b0 EnumWindows
0x4c26b4 EnumThreadWindows
0x4c26b8 EnumClipboardFormats
0x4c26bc EndPaint
0x4c26c0 EnableWindow
0x4c26c4 EnableScrollBar
0x4c26c8 EnableMenuItem
0x4c26cc EmptyClipboard
0x4c26d0 DrawTextA
0x4c26d4 DrawStateA
0x4c26d8 DrawMenuBar
0x4c26dc DrawIconEx
0x4c26e0 DrawIcon
0x4c26e4 DrawFrameControl
0x4c26e8 DrawFocusRect
0x4c26ec DrawEdge
0x4c26f0 DispatchMessageA
0x4c26f4 DestroyWindow
0x4c26f8 DestroyMenu
0x4c26fc DestroyIcon
0x4c2700 DestroyCursor
0x4c2704 DeleteMenu
0x4c2708 DefWindowProcA
0x4c270c DefMDIChildProcA
0x4c2710 DefFrameProcA
0x4c2714 CreatePopupMenu
0x4c2718 CreateMenu
0x4c271c CreateIcon
0x4c2720 CloseClipboard
0x4c2724 ClientToScreen
0x4c2728 CheckMenuItem
0x4c272c CallWindowProcA
0x4c2730 CallNextHookEx
0x4c2734 BeginPaint
0x4c2738 CharNextA
0x4c273c CharLowerBuffA
0x4c2740 CharLowerA
0x4c2744 CharUpperBuffA
0x4c2748 CharToOemA
0x4c274c AdjustWindowRectEx
0x4c2750 ActivateKeyboardLayout
kernel32.dll
0x4c2758 Sleep
oleaut32.dll
0x4c2760 SafeArrayPtrOfIndex
0x4c2764 SafeArrayPutElement
0x4c2768 SafeArrayGetElement
0x4c276c SafeArrayUnaccessData
0x4c2770 SafeArrayAccessData
0x4c2774 SafeArrayGetUBound
0x4c2778 SafeArrayGetLBound
0x4c277c SafeArrayCreate
0x4c2780 VariantChangeType
0x4c2784 VariantCopyInd
0x4c2788 VariantCopy
0x4c278c VariantClear
0x4c2790 VariantInit
ole32.dll
0x4c2798 CreateStreamOnHGlobal
0x4c279c IsAccelerator
0x4c27a0 OleDraw
0x4c27a4 OleSetMenuDescriptor
0x4c27a8 CoTaskMemFree
0x4c27ac ProgIDFromCLSID
0x4c27b0 StringFromCLSID
0x4c27b4 CoCreateInstance
0x4c27b8 CoGetClassObject
0x4c27bc CoUninitialize
0x4c27c0 CoInitialize
0x4c27c4 IsEqualGUID
oleaut32.dll
0x4c27cc GetErrorInfo
0x4c27d0 GetActiveObject
0x4c27d4 SysFreeString
comctl32.dll
0x4c27dc ImageList_SetIconSize
0x4c27e0 ImageList_GetIconSize
0x4c27e4 ImageList_Write
0x4c27e8 ImageList_Read
0x4c27ec ImageList_GetDragImage
0x4c27f0 ImageList_DragShowNolock
0x4c27f4 ImageList_SetDragCursorImage
0x4c27f8 ImageList_DragMove
0x4c27fc ImageList_DragLeave
0x4c2800 ImageList_DragEnter
0x4c2804 ImageList_EndDrag
0x4c2808 ImageList_BeginDrag
0x4c280c ImageList_Remove
0x4c2810 ImageList_DrawEx
0x4c2814 ImageList_Replace
0x4c2818 ImageList_Draw
0x4c281c ImageList_GetBkColor
0x4c2820 ImageList_SetBkColor
0x4c2824 ImageList_ReplaceIcon
0x4c2828 ImageList_Add
0x4c282c ImageList_SetImageCount
0x4c2830 ImageList_GetImageCount
0x4c2834 ImageList_Destroy
0x4c2838 ImageList_Create
0x4c283c InitCommonControls
comdlg32.dll
0x4c2844 GetSaveFileNameA
0x4c2848 GetOpenFileNameA
winmm.dll
0x4c2850 sndPlaySoundA
EAT(Export Address Table) is none
kernel32.dll
0x4c2168 DeleteCriticalSection
0x4c216c LeaveCriticalSection
0x4c2170 EnterCriticalSection
0x4c2174 InitializeCriticalSection
0x4c2178 VirtualFree
0x4c217c VirtualAlloc
0x4c2180 LocalFree
0x4c2184 LocalAlloc
0x4c2188 GetVersion
0x4c218c GetCurrentThreadId
0x4c2190 InterlockedDecrement
0x4c2194 InterlockedIncrement
0x4c2198 VirtualQuery
0x4c219c WideCharToMultiByte
0x4c21a0 MultiByteToWideChar
0x4c21a4 lstrlenA
0x4c21a8 lstrcpynA
0x4c21ac LoadLibraryExA
0x4c21b0 GetThreadLocale
0x4c21b4 GetStartupInfoA
0x4c21b8 GetProcAddress
0x4c21bc GetModuleHandleA
0x4c21c0 GetModuleFileNameA
0x4c21c4 GetLocaleInfoA
0x4c21c8 GetCommandLineA
0x4c21cc FreeLibrary
0x4c21d0 FindFirstFileA
0x4c21d4 FindClose
0x4c21d8 ExitProcess
0x4c21dc WriteFile
0x4c21e0 UnhandledExceptionFilter
0x4c21e4 RtlUnwind
0x4c21e8 RaiseException
0x4c21ec GetStdHandle
user32.dll
0x4c21f4 GetKeyboardType
0x4c21f8 LoadStringA
0x4c21fc MessageBoxA
0x4c2200 CharNextA
advapi32.dll
0x4c2208 RegQueryValueExA
0x4c220c RegOpenKeyExA
0x4c2210 RegCloseKey
oleaut32.dll
0x4c2218 SysFreeString
0x4c221c SysReAllocStringLen
0x4c2220 SysAllocStringLen
kernel32.dll
0x4c2228 TlsSetValue
0x4c222c TlsGetValue
0x4c2230 LocalAlloc
0x4c2234 GetModuleHandleA
advapi32.dll
0x4c223c RegQueryValueExA
0x4c2240 RegOpenKeyExA
0x4c2244 RegCloseKey
kernel32.dll
0x4c224c lstrcpyA
0x4c2250 lstrcmpA
0x4c2254 WriteFile
0x4c2258 WaitForSingleObject
0x4c225c VirtualQuery
0x4c2260 VirtualProtect
0x4c2264 VirtualAlloc
0x4c2268 Sleep
0x4c226c SizeofResource
0x4c2270 SetThreadLocale
0x4c2274 SetFilePointer
0x4c2278 SetEvent
0x4c227c SetErrorMode
0x4c2280 SetEndOfFile
0x4c2284 ResetEvent
0x4c2288 ReadFile
0x4c228c MultiByteToWideChar
0x4c2290 MulDiv
0x4c2294 LockResource
0x4c2298 LoadResource
0x4c229c LoadLibraryA
0x4c22a0 LeaveCriticalSection
0x4c22a4 InitializeCriticalSection
0x4c22a8 GlobalUnlock
0x4c22ac GlobalSize
0x4c22b0 GlobalReAlloc
0x4c22b4 GlobalHandle
0x4c22b8 GlobalLock
0x4c22bc GlobalFree
0x4c22c0 GlobalFindAtomA
0x4c22c4 GlobalDeleteAtom
0x4c22c8 GlobalAlloc
0x4c22cc GlobalAddAtomA
0x4c22d0 GetVersionExA
0x4c22d4 GetVersion
0x4c22d8 GetUserDefaultLCID
0x4c22dc GetTickCount
0x4c22e0 GetThreadLocale
0x4c22e4 GetSystemInfo
0x4c22e8 GetStringTypeExA
0x4c22ec GetStdHandle
0x4c22f0 GetProcAddress
0x4c22f4 GetModuleHandleA
0x4c22f8 GetModuleFileNameA
0x4c22fc GetLocaleInfoA
0x4c2300 GetLocalTime
0x4c2304 GetLastError
0x4c2308 GetFullPathNameA
0x4c230c GetDiskFreeSpaceA
0x4c2310 GetDateFormatA
0x4c2314 GetCurrentThreadId
0x4c2318 GetCurrentProcessId
0x4c231c GetComputerNameA
0x4c2320 GetCPInfo
0x4c2324 GetACP
0x4c2328 FreeResource
0x4c232c InterlockedExchange
0x4c2330 FreeLibrary
0x4c2334 FormatMessageA
0x4c2338 FindResourceA
0x4c233c FindFirstFileA
0x4c2340 FindClose
0x4c2344 FileTimeToLocalFileTime
0x4c2348 FileTimeToDosDateTime
0x4c234c EnumCalendarInfoA
0x4c2350 EnterCriticalSection
0x4c2354 DeleteFileA
0x4c2358 DeleteCriticalSection
0x4c235c CreateThread
0x4c2360 CreateFileA
0x4c2364 CreateEventA
0x4c2368 CompareStringA
0x4c236c CloseHandle
version.dll
0x4c2374 VerQueryValueA
0x4c2378 GetFileVersionInfoSizeA
0x4c237c GetFileVersionInfoA
gdi32.dll
0x4c2384 UnrealizeObject
0x4c2388 StretchBlt
0x4c238c SetWindowOrgEx
0x4c2390 SetWinMetaFileBits
0x4c2394 SetViewportOrgEx
0x4c2398 SetTextColor
0x4c239c SetStretchBltMode
0x4c23a0 SetROP2
0x4c23a4 SetPixel
0x4c23a8 SetEnhMetaFileBits
0x4c23ac SetDIBColorTable
0x4c23b0 SetBrushOrgEx
0x4c23b4 SetBkMode
0x4c23b8 SetBkColor
0x4c23bc SelectPalette
0x4c23c0 SelectObject
0x4c23c4 SaveDC
0x4c23c8 RestoreDC
0x4c23cc Rectangle
0x4c23d0 RectVisible
0x4c23d4 RealizePalette
0x4c23d8 Polyline
0x4c23dc Polygon
0x4c23e0 PlayEnhMetaFile
0x4c23e4 PatBlt
0x4c23e8 MoveToEx
0x4c23ec MaskBlt
0x4c23f0 LineTo
0x4c23f4 IntersectClipRect
0x4c23f8 GetWindowOrgEx
0x4c23fc GetWinMetaFileBits
0x4c2400 GetTextMetricsA
0x4c2404 GetTextExtentPointA
0x4c2408 GetTextExtentPoint32A
0x4c240c GetSystemPaletteEntries
0x4c2410 GetStockObject
0x4c2414 GetPixel
0x4c2418 GetPaletteEntries
0x4c241c GetObjectA
0x4c2420 GetEnhMetaFilePaletteEntries
0x4c2424 GetEnhMetaFileHeader
0x4c2428 GetEnhMetaFileDescriptionA
0x4c242c GetEnhMetaFileBits
0x4c2430 GetDeviceCaps
0x4c2434 GetDIBits
0x4c2438 GetDIBColorTable
0x4c243c GetDCOrgEx
0x4c2440 GetCurrentPositionEx
0x4c2444 GetClipBox
0x4c2448 GetBrushOrgEx
0x4c244c GetBitmapBits
0x4c2450 GdiFlush
0x4c2454 ExtTextOutA
0x4c2458 ExcludeClipRect
0x4c245c DeleteObject
0x4c2460 DeleteEnhMetaFile
0x4c2464 DeleteDC
0x4c2468 CreateSolidBrush
0x4c246c CreatePenIndirect
0x4c2470 CreatePalette
0x4c2474 CreateHalftonePalette
0x4c2478 CreateFontIndirectA
0x4c247c CreateEnhMetaFileA
0x4c2480 CreateDIBitmap
0x4c2484 CreateDIBSection
0x4c2488 CreateCompatibleDC
0x4c248c CreateCompatibleBitmap
0x4c2490 CreateBrushIndirect
0x4c2494 CreateBitmap
0x4c2498 CopyEnhMetaFileA
0x4c249c CloseEnhMetaFile
0x4c24a0 BitBlt
user32.dll
0x4c24a8 CreateWindowExA
0x4c24ac WindowFromPoint
0x4c24b0 WinHelpA
0x4c24b4 WaitMessage
0x4c24b8 UpdateWindow
0x4c24bc UnregisterClassA
0x4c24c0 UnhookWindowsHookEx
0x4c24c4 TranslateMessage
0x4c24c8 TranslateMDISysAccel
0x4c24cc TrackPopupMenu
0x4c24d0 SystemParametersInfoA
0x4c24d4 ShowWindow
0x4c24d8 ShowScrollBar
0x4c24dc ShowOwnedPopups
0x4c24e0 ShowCursor
0x4c24e4 ShowCaret
0x4c24e8 SetWindowsHookExA
0x4c24ec SetWindowTextA
0x4c24f0 SetWindowPos
0x4c24f4 SetWindowPlacement
0x4c24f8 SetWindowLongA
0x4c24fc SetTimer
0x4c2500 SetScrollRange
0x4c2504 SetScrollPos
0x4c2508 SetScrollInfo
0x4c250c SetRect
0x4c2510 SetPropA
0x4c2514 SetParent
0x4c2518 SetMenuItemInfoA
0x4c251c SetMenu
0x4c2520 SetForegroundWindow
0x4c2524 SetFocus
0x4c2528 SetCursor
0x4c252c SetClipboardData
0x4c2530 SetClassLongA
0x4c2534 SetCapture
0x4c2538 SetActiveWindow
0x4c253c SendMessageA
0x4c2540 ScrollWindow
0x4c2544 ScreenToClient
0x4c2548 RemovePropA
0x4c254c RemoveMenu
0x4c2550 ReleaseDC
0x4c2554 ReleaseCapture
0x4c2558 RegisterWindowMessageA
0x4c255c RegisterClipboardFormatA
0x4c2560 RegisterClassA
0x4c2564 RedrawWindow
0x4c2568 PtInRect
0x4c256c PostQuitMessage
0x4c2570 PostMessageA
0x4c2574 PeekMessageA
0x4c2578 OpenClipboard
0x4c257c OffsetRect
0x4c2580 OemToCharA
0x4c2584 MsgWaitForMultipleObjects
0x4c2588 MessageBoxA
0x4c258c MessageBeep
0x4c2590 MapWindowPoints
0x4c2594 MapVirtualKeyA
0x4c2598 LoadStringA
0x4c259c LoadKeyboardLayoutA
0x4c25a0 LoadIconA
0x4c25a4 LoadCursorA
0x4c25a8 LoadBitmapA
0x4c25ac KillTimer
0x4c25b0 IsZoomed
0x4c25b4 IsWindowVisible
0x4c25b8 IsWindowEnabled
0x4c25bc IsWindow
0x4c25c0 IsRectEmpty
0x4c25c4 IsIconic
0x4c25c8 IsDialogMessageA
0x4c25cc IsChild
0x4c25d0 InvalidateRect
0x4c25d4 IntersectRect
0x4c25d8 InsertMenuItemA
0x4c25dc InsertMenuA
0x4c25e0 InflateRect
0x4c25e4 HideCaret
0x4c25e8 GetWindowThreadProcessId
0x4c25ec GetWindowTextA
0x4c25f0 GetWindowRect
0x4c25f4 GetWindowPlacement
0x4c25f8 GetWindowLongA
0x4c25fc GetWindowDC
0x4c2600 GetTopWindow
0x4c2604 GetSystemMetrics
0x4c2608 GetSystemMenu
0x4c260c GetSysColorBrush
0x4c2610 GetSysColor
0x4c2614 GetSubMenu
0x4c2618 GetScrollRange
0x4c261c GetScrollPos
0x4c2620 GetScrollInfo
0x4c2624 GetPropA
0x4c2628 GetParent
0x4c262c GetWindow
0x4c2630 GetMessageTime
0x4c2634 GetMenuStringA
0x4c2638 GetMenuState
0x4c263c GetMenuItemInfoA
0x4c2640 GetMenuItemID
0x4c2644 GetMenuItemCount
0x4c2648 GetMenu
0x4c264c GetLastActivePopup
0x4c2650 GetKeyboardState
0x4c2654 GetKeyboardLayoutList
0x4c2658 GetKeyboardLayout
0x4c265c GetKeyState
0x4c2660 GetKeyNameTextA
0x4c2664 GetIconInfo
0x4c2668 GetForegroundWindow
0x4c266c GetFocus
0x4c2670 GetDlgItem
0x4c2674 GetDesktopWindow
0x4c2678 GetDCEx
0x4c267c GetDC
0x4c2680 GetCursorPos
0x4c2684 GetCursor
0x4c2688 GetClipboardData
0x4c268c GetClientRect
0x4c2690 GetClassNameA
0x4c2694 GetClassInfoA
0x4c2698 GetCapture
0x4c269c GetActiveWindow
0x4c26a0 FrameRect
0x4c26a4 FindWindowA
0x4c26a8 FillRect
0x4c26ac EqualRect
0x4c26b0 EnumWindows
0x4c26b4 EnumThreadWindows
0x4c26b8 EnumClipboardFormats
0x4c26bc EndPaint
0x4c26c0 EnableWindow
0x4c26c4 EnableScrollBar
0x4c26c8 EnableMenuItem
0x4c26cc EmptyClipboard
0x4c26d0 DrawTextA
0x4c26d4 DrawStateA
0x4c26d8 DrawMenuBar
0x4c26dc DrawIconEx
0x4c26e0 DrawIcon
0x4c26e4 DrawFrameControl
0x4c26e8 DrawFocusRect
0x4c26ec DrawEdge
0x4c26f0 DispatchMessageA
0x4c26f4 DestroyWindow
0x4c26f8 DestroyMenu
0x4c26fc DestroyIcon
0x4c2700 DestroyCursor
0x4c2704 DeleteMenu
0x4c2708 DefWindowProcA
0x4c270c DefMDIChildProcA
0x4c2710 DefFrameProcA
0x4c2714 CreatePopupMenu
0x4c2718 CreateMenu
0x4c271c CreateIcon
0x4c2720 CloseClipboard
0x4c2724 ClientToScreen
0x4c2728 CheckMenuItem
0x4c272c CallWindowProcA
0x4c2730 CallNextHookEx
0x4c2734 BeginPaint
0x4c2738 CharNextA
0x4c273c CharLowerBuffA
0x4c2740 CharLowerA
0x4c2744 CharUpperBuffA
0x4c2748 CharToOemA
0x4c274c AdjustWindowRectEx
0x4c2750 ActivateKeyboardLayout
kernel32.dll
0x4c2758 Sleep
oleaut32.dll
0x4c2760 SafeArrayPtrOfIndex
0x4c2764 SafeArrayPutElement
0x4c2768 SafeArrayGetElement
0x4c276c SafeArrayUnaccessData
0x4c2770 SafeArrayAccessData
0x4c2774 SafeArrayGetUBound
0x4c2778 SafeArrayGetLBound
0x4c277c SafeArrayCreate
0x4c2780 VariantChangeType
0x4c2784 VariantCopyInd
0x4c2788 VariantCopy
0x4c278c VariantClear
0x4c2790 VariantInit
ole32.dll
0x4c2798 CreateStreamOnHGlobal
0x4c279c IsAccelerator
0x4c27a0 OleDraw
0x4c27a4 OleSetMenuDescriptor
0x4c27a8 CoTaskMemFree
0x4c27ac ProgIDFromCLSID
0x4c27b0 StringFromCLSID
0x4c27b4 CoCreateInstance
0x4c27b8 CoGetClassObject
0x4c27bc CoUninitialize
0x4c27c0 CoInitialize
0x4c27c4 IsEqualGUID
oleaut32.dll
0x4c27cc GetErrorInfo
0x4c27d0 GetActiveObject
0x4c27d4 SysFreeString
comctl32.dll
0x4c27dc ImageList_SetIconSize
0x4c27e0 ImageList_GetIconSize
0x4c27e4 ImageList_Write
0x4c27e8 ImageList_Read
0x4c27ec ImageList_GetDragImage
0x4c27f0 ImageList_DragShowNolock
0x4c27f4 ImageList_SetDragCursorImage
0x4c27f8 ImageList_DragMove
0x4c27fc ImageList_DragLeave
0x4c2800 ImageList_DragEnter
0x4c2804 ImageList_EndDrag
0x4c2808 ImageList_BeginDrag
0x4c280c ImageList_Remove
0x4c2810 ImageList_DrawEx
0x4c2814 ImageList_Replace
0x4c2818 ImageList_Draw
0x4c281c ImageList_GetBkColor
0x4c2820 ImageList_SetBkColor
0x4c2824 ImageList_ReplaceIcon
0x4c2828 ImageList_Add
0x4c282c ImageList_SetImageCount
0x4c2830 ImageList_GetImageCount
0x4c2834 ImageList_Destroy
0x4c2838 ImageList_Create
0x4c283c InitCommonControls
comdlg32.dll
0x4c2844 GetSaveFileNameA
0x4c2848 GetOpenFileNameA
winmm.dll
0x4c2850 sndPlaySoundA
EAT(Export Address Table) is none