ScreenShot
| Created | 2021.08.04 09:59 | Machine | s1_win7_x6401 |
| Filename | zoom.doc | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 14 detected (malicious, high confidence, Artemis, Unsafe, confidence, Attribute, HighConfidence, Emotet, kcloud, Cloxer, score) | ||
| md5 | e5ec8603bbcfe3820c59749a24641570 | ||
| sha256 | 0add7ef3e57fd9a619be1befd6df759a53b53952c4c2b4a10facdddedcc5174c | ||
| ssdeep | 24576:sMX4Q2OCU9/pFEyQdAFs6r8QaWpusNV01YP:L/2OCg/4//Cng+0 | ||
| imphash | 805a20dd232c79743bdd30eee2ab28e2 | ||
| impfuzzy | 192:8ZtHw7fFknvaEZRksKV8CkzLTP3cBcRcwi9SuNC/TNPHlN:8Dmdw3khMLj3GEFUdCLNPFN | ||
Network IP location
Signature (16cnts)
| Level | Description |
|---|---|
| watch | Communicates with host for which no DNS query was performed |
| watch | File has been identified by 14 AntiVirus engines on VirusTotal as malicious |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Looks up the external IP address |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (13cnts) ?
Suricata ids
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)
ET POLICY curl User-Agent Outbound
ET POLICY External IP Lookup api.ipify.org
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)
ET POLICY curl User-Agent Outbound
ET POLICY External IP Lookup api.ipify.org
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x100a9e9c HeapAlloc
0x100a9ea0 GetCommandLineA
0x100a9ea4 HeapFree
0x100a9ea8 Sleep
0x100a9eac ExitProcess
0x100a9eb0 ExitThread
0x100a9eb4 CreateThread
0x100a9eb8 RaiseException
0x100a9ebc VirtualProtect
0x100a9ec0 VirtualAlloc
0x100a9ec4 GetSystemInfo
0x100a9ec8 VirtualQuery
0x100a9ecc HeapReAlloc
0x100a9ed0 HeapSize
0x100a9ed4 TerminateProcess
0x100a9ed8 UnhandledExceptionFilter
0x100a9edc SetUnhandledExceptionFilter
0x100a9ee0 IsDebuggerPresent
0x100a9ee4 GetACP
0x100a9ee8 IsValidCodePage
0x100a9eec FatalAppExitA
0x100a9ef0 VirtualFree
0x100a9ef4 HeapCreate
0x100a9ef8 HeapDestroy
0x100a9efc GetStdHandle
0x100a9f00 SetHandleCount
0x100a9f04 GetFileType
0x100a9f08 GetStartupInfoA
0x100a9f0c RtlUnwind
0x100a9f10 GetEnvironmentStrings
0x100a9f14 FreeEnvironmentStringsW
0x100a9f18 GetEnvironmentStringsW
0x100a9f1c QueryPerformanceCounter
0x100a9f20 GetTickCount
0x100a9f24 GetSystemTimeAsFileTime
0x100a9f28 SetConsoleCtrlHandler
0x100a9f2c InitializeCriticalSectionAndSpinCount
0x100a9f30 GetTimeZoneInformation
0x100a9f34 LCMapStringA
0x100a9f38 LCMapStringW
0x100a9f3c GetStringTypeA
0x100a9f40 GetStringTypeW
0x100a9f44 GetTimeFormatA
0x100a9f48 GetDateFormatA
0x100a9f4c GetUserDefaultLCID
0x100a9f50 EnumSystemLocalesA
0x100a9f54 IsValidLocale
0x100a9f58 GetConsoleCP
0x100a9f5c GetConsoleMode
0x100a9f60 GetLocaleInfoW
0x100a9f64 SetStdHandle
0x100a9f68 WriteConsoleA
0x100a9f6c GetConsoleOutputCP
0x100a9f70 WriteConsoleW
0x100a9f74 CompareStringW
0x100a9f78 SetEnvironmentVariableA
0x100a9f7c GetFileTime
0x100a9f80 GetFileSizeEx
0x100a9f84 GetFileAttributesA
0x100a9f88 SetFileAttributesA
0x100a9f8c SetFileTime
0x100a9f90 LocalFileTimeToFileTime
0x100a9f94 FileTimeToLocalFileTime
0x100a9f98 SetErrorMode
0x100a9f9c SystemTimeToFileTime
0x100a9fa0 FileTimeToSystemTime
0x100a9fa4 GetModuleHandleW
0x100a9fa8 GetAtomNameA
0x100a9fac GetOEMCP
0x100a9fb0 GetCPInfo
0x100a9fb4 CreateFileA
0x100a9fb8 GetShortPathNameA
0x100a9fbc GetFullPathNameA
0x100a9fc0 GetVolumeInformationA
0x100a9fc4 FindFirstFileA
0x100a9fc8 FindClose
0x100a9fcc DuplicateHandle
0x100a9fd0 GetFileSize
0x100a9fd4 SetEndOfFile
0x100a9fd8 UnlockFile
0x100a9fdc LockFile
0x100a9fe0 FlushFileBuffers
0x100a9fe4 SetFilePointer
0x100a9fe8 WriteFile
0x100a9fec ReadFile
0x100a9ff0 lstrcmpiA
0x100a9ff4 GetThreadLocale
0x100a9ff8 GetStringTypeExA
0x100a9ffc DeleteFileA
0x100aa000 MoveFileA
0x100aa004 InterlockedIncrement
0x100aa008 TlsFree
0x100aa00c DeleteCriticalSection
0x100aa010 LocalReAlloc
0x100aa014 TlsSetValue
0x100aa018 TlsAlloc
0x100aa01c InitializeCriticalSection
0x100aa020 GlobalHandle
0x100aa024 GlobalReAlloc
0x100aa028 EnterCriticalSection
0x100aa02c TlsGetValue
0x100aa030 LeaveCriticalSection
0x100aa034 LocalAlloc
0x100aa038 GlobalFlags
0x100aa03c GetCurrentDirectoryA
0x100aa040 GetPrivateProfileStringA
0x100aa044 WritePrivateProfileStringA
0x100aa048 GetPrivateProfileIntA
0x100aa04c CopyFileA
0x100aa050 GlobalSize
0x100aa054 FormatMessageA
0x100aa058 LocalFree
0x100aa05c lstrlenW
0x100aa060 MulDiv
0x100aa064 lstrlenA
0x100aa068 GlobalUnlock
0x100aa06c GlobalFree
0x100aa070 FreeResource
0x100aa074 GlobalGetAtomNameA
0x100aa078 GlobalFindAtomA
0x100aa07c MultiByteToWideChar
0x100aa080 lstrcmpW
0x100aa084 GetVersionExA
0x100aa088 InterlockedDecrement
0x100aa08c GetModuleFileNameW
0x100aa090 GlobalAddAtomA
0x100aa094 CreateEventA
0x100aa098 SuspendThread
0x100aa09c SetEvent
0x100aa0a0 WaitForSingleObject
0x100aa0a4 ResumeThread
0x100aa0a8 SetThreadPriority
0x100aa0ac CloseHandle
0x100aa0b0 GlobalDeleteAtom
0x100aa0b4 GetCurrentThread
0x100aa0b8 GetCurrentThreadId
0x100aa0bc ConvertDefaultLocale
0x100aa0c0 EnumResourceLanguagesA
0x100aa0c4 GetModuleFileNameA
0x100aa0c8 GetLocaleInfoA
0x100aa0cc LoadLibraryA
0x100aa0d0 CompareStringA
0x100aa0d4 InterlockedExchange
0x100aa0d8 GlobalLock
0x100aa0dc lstrcmpA
0x100aa0e0 GlobalAlloc
0x100aa0e4 FreeLibrary
0x100aa0e8 GetModuleHandleA
0x100aa0ec GetProcAddress
0x100aa0f0 GetCurrentProcessId
0x100aa0f4 GetLastError
0x100aa0f8 SetLastError
0x100aa0fc WideCharToMultiByte
0x100aa100 FindResourceA
0x100aa104 LoadResource
0x100aa108 LockResource
0x100aa10c SizeofResource
0x100aa110 LoadLibraryW
0x100aa114 FreeEnvironmentStringsA
0x100aa118 GetCurrentProcess
USER32.dll
0x100aa370 MapVirtualKeyA
0x100aa374 IsRectEmpty
0x100aa378 GetSystemMenu
0x100aa37c SetParent
0x100aa380 UnionRect
0x100aa384 GetDCEx
0x100aa388 LockWindowUpdate
0x100aa38c SetCapture
0x100aa390 RegisterWindowMessageA
0x100aa394 SendDlgItemMessageA
0x100aa398 WinHelpA
0x100aa39c IsChild
0x100aa3a0 GetCapture
0x100aa3a4 GetClassLongA
0x100aa3a8 SetPropA
0x100aa3ac GetPropA
0x100aa3b0 RemovePropA
0x100aa3b4 SetFocus
0x100aa3b8 GetWindowTextA
0x100aa3bc GetForegroundWindow
0x100aa3c0 SetActiveWindow
0x100aa3c4 BeginDeferWindowPos
0x100aa3c8 EndDeferWindowPos
0x100aa3cc GetDlgItem
0x100aa3d0 GetTopWindow
0x100aa3d4 DestroyWindow
0x100aa3d8 GetMessageTime
0x100aa3dc GetMessagePos
0x100aa3e0 MapWindowPoints
0x100aa3e4 ScrollWindow
0x100aa3e8 TrackPopupMenuEx
0x100aa3ec TrackPopupMenu
0x100aa3f0 SetMenu
0x100aa3f4 SetScrollRange
0x100aa3f8 GetScrollRange
0x100aa3fc SetScrollPos
0x100aa400 GetScrollPos
0x100aa404 SetForegroundWindow
0x100aa408 ShowScrollBar
0x100aa40c UpdateWindow
0x100aa410 GetSubMenu
0x100aa414 GetMenuItemID
0x100aa418 GetMenuItemCount
0x100aa41c CreateWindowExA
0x100aa420 GetClassInfoExA
0x100aa424 GetClassInfoA
0x100aa428 RegisterClassA
0x100aa42c GetSysColor
0x100aa430 AdjustWindowRectEx
0x100aa434 ScreenToClient
0x100aa438 EqualRect
0x100aa43c DeferWindowPos
0x100aa440 GetScrollInfo
0x100aa444 SetScrollInfo
0x100aa448 CopyRect
0x100aa44c PtInRect
0x100aa450 TranslateAcceleratorA
0x100aa454 GetKeyNameTextA
0x100aa458 DefWindowProcA
0x100aa45c CallWindowProcA
0x100aa460 GetMenu
0x100aa464 SetWindowLongA
0x100aa468 SetWindowPos
0x100aa46c IntersectRect
0x100aa470 SystemParametersInfoA
0x100aa474 GetWindowPlacement
0x100aa478 UnhookWindowsHookEx
0x100aa47c GetWindowLongA
0x100aa480 GetLastActivePopup
0x100aa484 IsWindowEnabled
0x100aa488 ShowOwnedPopups
0x100aa48c SetCursor
0x100aa490 SetWindowsHookExA
0x100aa494 CallNextHookEx
0x100aa498 GetMessageA
0x100aa49c TranslateMessage
0x100aa4a0 DispatchMessageA
0x100aa4a4 GetActiveWindow
0x100aa4a8 IsWindowVisible
0x100aa4ac GetKeyState
0x100aa4b0 PeekMessageA
0x100aa4b4 GetCursorPos
0x100aa4b8 ValidateRect
0x100aa4bc SetMenuItemBitmaps
0x100aa4c0 GetMenuCheckMarkDimensions
0x100aa4c4 LoadBitmapA
0x100aa4c8 GetFocus
0x100aa4cc GetParent
0x100aa4d0 ModifyMenuA
0x100aa4d4 GetMenuState
0x100aa4d8 EnableMenuItem
0x100aa4dc CheckMenuItem
0x100aa4e0 PostQuitMessage
0x100aa4e4 GetWindowThreadProcessId
0x100aa4e8 MapDialogRect
0x100aa4ec GetClassNameA
0x100aa4f0 IsWindow
0x100aa4f4 GetWindow
0x100aa4f8 KillTimer
0x100aa4fc GetDesktopWindow
0x100aa500 DrawIcon
0x100aa504 SendMessageA
0x100aa508 InvalidateRect
0x100aa50c SetTimer
0x100aa510 ReleaseDC
0x100aa514 GetDC
0x100aa518 GetWindowRect
0x100aa51c PostMessageA
0x100aa520 MessageBoxIndirectA
0x100aa524 MessageBoxA
0x100aa528 OffsetRect
0x100aa52c EnableWindow
0x100aa530 GetSystemMetrics
0x100aa534 LoadIconA
0x100aa538 GetClientRect
0x100aa53c IsIconic
0x100aa540 WindowFromPoint
0x100aa544 SetRect
0x100aa548 UnpackDDElParam
0x100aa54c ReuseDDElParam
0x100aa550 LoadMenuA
0x100aa554 GetMenuBarInfo
0x100aa558 ReleaseCapture
0x100aa55c LoadAcceleratorsA
0x100aa560 InsertMenuItemA
0x100aa564 CreatePopupMenu
0x100aa568 GetDlgCtrlID
0x100aa56c BringWindowToTop
0x100aa570 SetRectEmpty
0x100aa574 GetDialogBaseUnits
0x100aa578 DestroyMenu
0x100aa57c GetMenuItemInfoA
0x100aa580 InflateRect
0x100aa584 UnregisterClassA
0x100aa588 CharUpperA
0x100aa58c DestroyIcon
0x100aa590 LoadCursorA
0x100aa594 GetSysColorBrush
0x100aa598 DeleteMenu
0x100aa59c EndPaint
0x100aa5a0 BeginPaint
0x100aa5a4 GetWindowDC
0x100aa5a8 ClientToScreen
0x100aa5ac GrayStringA
0x100aa5b0 DrawTextExA
0x100aa5b4 DrawTextA
0x100aa5b8 TabbedTextOutA
0x100aa5bc FillRect
0x100aa5c0 ScrollWindowEx
0x100aa5c4 ShowWindow
0x100aa5c8 MoveWindow
0x100aa5cc SetWindowTextA
0x100aa5d0 IsDialogMessageA
0x100aa5d4 IsDlgButtonChecked
0x100aa5d8 SetDlgItemTextA
0x100aa5dc SetDlgItemInt
0x100aa5e0 GetDlgItemTextA
0x100aa5e4 GetDlgItemInt
0x100aa5e8 CheckRadioButton
0x100aa5ec CheckDlgButton
0x100aa5f0 GetMenuStringA
0x100aa5f4 AppendMenuA
0x100aa5f8 InsertMenuA
0x100aa5fc RemoveMenu
0x100aa600 CreateDialogIndirectParamA
0x100aa604 GetNextDlgTabItem
0x100aa608 SetWindowPlacement
0x100aa60c EndDialog
0x100aa610 GetWindowTextLengthA
GDI32.dll
0x100a9ccc SetMapMode
0x100a9cd0 ExcludeClipRect
0x100a9cd4 IntersectClipRect
0x100a9cd8 OffsetClipRgn
0x100a9cdc LineTo
0x100a9ce0 MoveToEx
0x100a9ce4 SetTextAlign
0x100a9ce8 SetTextJustification
0x100a9cec SetTextCharacterExtra
0x100a9cf0 SetMapperFlags
0x100a9cf4 SetArcDirection
0x100a9cf8 SetColorAdjustment
0x100a9cfc DeleteObject
0x100a9d00 SelectClipRgn
0x100a9d04 GetClipRgn
0x100a9d08 CreateRectRgn
0x100a9d0c SelectClipPath
0x100a9d10 GetViewportExtEx
0x100a9d14 GetWindowExtEx
0x100a9d18 BitBlt
0x100a9d1c GetPixel
0x100a9d20 StartDocA
0x100a9d24 PtVisible
0x100a9d28 RectVisible
0x100a9d2c TextOutA
0x100a9d30 ExtTextOutA
0x100a9d34 Escape
0x100a9d38 SelectObject
0x100a9d3c SetViewportOrgEx
0x100a9d40 OffsetViewportOrgEx
0x100a9d44 SetViewportExtEx
0x100a9d48 ScaleViewportExtEx
0x100a9d4c SetWindowOrgEx
0x100a9d50 OffsetWindowOrgEx
0x100a9d54 ModifyWorldTransform
0x100a9d58 ScaleWindowExtEx
0x100a9d5c GetCurrentPositionEx
0x100a9d60 ArcTo
0x100a9d64 PolyDraw
0x100a9d68 PolylineTo
0x100a9d6c PolyBezierTo
0x100a9d70 ExtSelectClipRgn
0x100a9d74 DeleteDC
0x100a9d78 CreateDIBPatternBrushPt
0x100a9d7c CreatePatternBrush
0x100a9d80 CreateCompatibleDC
0x100a9d84 GetStockObject
0x100a9d88 SelectPalette
0x100a9d8c PlayMetaFileRecord
0x100a9d90 GetObjectType
0x100a9d94 EnumMetaFile
0x100a9d98 PlayMetaFile
0x100a9d9c CreatePen
0x100a9da0 ExtCreatePen
0x100a9da4 CreateSolidBrush
0x100a9da8 CreateHatchBrush
0x100a9dac CreateFontIndirectA
0x100a9db0 GetTextMetricsA
0x100a9db4 CreateRectRgnIndirect
0x100a9db8 SetRectRgn
0x100a9dbc CombineRgn
0x100a9dc0 GetMapMode
0x100a9dc4 PatBlt
0x100a9dc8 DPtoLP
0x100a9dcc GetCharWidthA
0x100a9dd0 CreateFontA
0x100a9dd4 StretchDIBits
0x100a9dd8 CreateCompatibleBitmap
0x100a9ddc GetBkColor
0x100a9de0 SetGraphicsMode
0x100a9de4 SetWorldTransform
0x100a9de8 SetStretchBltMode
0x100a9dec SetROP2
0x100a9df0 SetPolyFillMode
0x100a9df4 SetBkMode
0x100a9df8 RestoreDC
0x100a9dfc SaveDC
0x100a9e00 SetTextColor
0x100a9e04 CreateDCA
0x100a9e08 CopyMetaFileA
0x100a9e0c GetDeviceCaps
0x100a9e10 GetObjectA
0x100a9e14 SetWindowExtEx
0x100a9e18 GetTextExtentPoint32A
0x100a9e1c GetClipBox
0x100a9e20 GetDCOrgEx
0x100a9e24 CreateBitmap
0x100a9e28 SetBkColor
COMDLG32.dll
0x100a9c9c GetFileTitleA
WINSPOOL.DRV
0x100aa6c4 DocumentPropertiesA
0x100aa6c8 OpenPrinterA
0x100aa6cc ClosePrinter
ADVAPI32.dll
0x100a9c38 RegDeleteValueA
0x100a9c3c RegSetValueExA
0x100a9c40 RegCreateKeyExA
0x100a9c44 RegSetValueA
0x100a9c48 RegQueryValueA
0x100a9c4c RegOpenKeyA
0x100a9c50 RegEnumKeyA
0x100a9c54 RegDeleteKeyA
0x100a9c58 RegOpenKeyExA
0x100a9c5c RegQueryValueExA
0x100a9c60 RegCloseKey
0x100a9c64 RegCreateKeyA
SHELL32.dll
0x100aa2ec ExtractIconA
0x100aa2f0 DragFinish
0x100aa2f4 DragQueryFileA
0x100aa2f8 SHGetFileInfoA
SHLWAPI.dll
0x100aa328 PathFindFileNameA
0x100aa32c PathStripToRootA
0x100aa330 PathIsUNCA
0x100aa334 PathFindExtensionA
0x100aa338 PathRemoveExtensionA
0x100aa33c PathRemoveFileSpecW
ole32.dll
0x100aa6fc StringFromGUID2
0x100aa700 CoDisconnectObject
0x100aa704 OleDuplicateData
0x100aa708 CoTaskMemAlloc
0x100aa70c ReleaseStgMedium
0x100aa710 CreateBindCtx
0x100aa714 CoTreatAsClass
0x100aa718 CoCreateInstance
0x100aa71c ReadClassStg
0x100aa720 ReadFmtUserTypeStg
0x100aa724 OleRegGetUserType
0x100aa728 WriteClassStg
0x100aa72c WriteFmtUserTypeStg
0x100aa730 SetConvertStg
0x100aa734 CoTaskMemFree
0x100aa738 CLSIDFromString
0x100aa73c CoUninitialize
0x100aa740 CoInitializeEx
0x100aa744 StringFromCLSID
OLEAUT32.dll
0x100aa200 VariantCopy
0x100aa204 SafeArrayCreate
0x100aa208 SafeArrayGetDim
0x100aa20c SafeArrayGetElemsize
0x100aa210 SafeArrayGetLBound
0x100aa214 SafeArrayGetUBound
0x100aa218 SafeArrayAccessData
0x100aa21c SafeArrayUnaccessData
0x100aa220 LoadRegTypeLib
0x100aa224 LoadTypeLib
0x100aa228 RegisterTypeLib
0x100aa22c SysStringByteLen
0x100aa230 SysAllocStringByteLen
0x100aa234 SysFreeString
0x100aa238 SysStringLen
0x100aa23c SysAllocStringLen
0x100aa240 VariantInit
0x100aa244 VariantChangeType
0x100aa248 VariantClear
0x100aa24c SafeArrayAllocData
0x100aa250 SafeArrayAllocDescriptor
0x100aa254 SafeArrayCopy
0x100aa258 SafeArrayGetElement
0x100aa25c SafeArrayPtrOfIndex
0x100aa260 SafeArrayPutElement
0x100aa264 SafeArrayLock
0x100aa268 SafeArrayUnlock
0x100aa26c SafeArrayDestroy
0x100aa270 SafeArrayDestroyData
0x100aa274 SafeArrayDestroyDescriptor
0x100aa278 VariantTimeToSystemTime
0x100aa27c SystemTimeToVariantTime
0x100aa280 SysReAllocStringLen
0x100aa284 VarDateFromStr
0x100aa288 VarBstrFromCy
0x100aa28c VarBstrFromDec
0x100aa290 VarDecFromStr
0x100aa294 VarCyFromStr
0x100aa298 VarBstrFromDate
0x100aa29c SafeArrayRedim
OLEACC.dll
0x100aa1c8 AccessibleObjectFromWindow
0x100aa1cc LresultFromObject
0x100aa1d0 CreateStdAccessibleObject
EAT(Export Address Table) Library
0x100011ef StartW
KERNEL32.dll
0x100a9e9c HeapAlloc
0x100a9ea0 GetCommandLineA
0x100a9ea4 HeapFree
0x100a9ea8 Sleep
0x100a9eac ExitProcess
0x100a9eb0 ExitThread
0x100a9eb4 CreateThread
0x100a9eb8 RaiseException
0x100a9ebc VirtualProtect
0x100a9ec0 VirtualAlloc
0x100a9ec4 GetSystemInfo
0x100a9ec8 VirtualQuery
0x100a9ecc HeapReAlloc
0x100a9ed0 HeapSize
0x100a9ed4 TerminateProcess
0x100a9ed8 UnhandledExceptionFilter
0x100a9edc SetUnhandledExceptionFilter
0x100a9ee0 IsDebuggerPresent
0x100a9ee4 GetACP
0x100a9ee8 IsValidCodePage
0x100a9eec FatalAppExitA
0x100a9ef0 VirtualFree
0x100a9ef4 HeapCreate
0x100a9ef8 HeapDestroy
0x100a9efc GetStdHandle
0x100a9f00 SetHandleCount
0x100a9f04 GetFileType
0x100a9f08 GetStartupInfoA
0x100a9f0c RtlUnwind
0x100a9f10 GetEnvironmentStrings
0x100a9f14 FreeEnvironmentStringsW
0x100a9f18 GetEnvironmentStringsW
0x100a9f1c QueryPerformanceCounter
0x100a9f20 GetTickCount
0x100a9f24 GetSystemTimeAsFileTime
0x100a9f28 SetConsoleCtrlHandler
0x100a9f2c InitializeCriticalSectionAndSpinCount
0x100a9f30 GetTimeZoneInformation
0x100a9f34 LCMapStringA
0x100a9f38 LCMapStringW
0x100a9f3c GetStringTypeA
0x100a9f40 GetStringTypeW
0x100a9f44 GetTimeFormatA
0x100a9f48 GetDateFormatA
0x100a9f4c GetUserDefaultLCID
0x100a9f50 EnumSystemLocalesA
0x100a9f54 IsValidLocale
0x100a9f58 GetConsoleCP
0x100a9f5c GetConsoleMode
0x100a9f60 GetLocaleInfoW
0x100a9f64 SetStdHandle
0x100a9f68 WriteConsoleA
0x100a9f6c GetConsoleOutputCP
0x100a9f70 WriteConsoleW
0x100a9f74 CompareStringW
0x100a9f78 SetEnvironmentVariableA
0x100a9f7c GetFileTime
0x100a9f80 GetFileSizeEx
0x100a9f84 GetFileAttributesA
0x100a9f88 SetFileAttributesA
0x100a9f8c SetFileTime
0x100a9f90 LocalFileTimeToFileTime
0x100a9f94 FileTimeToLocalFileTime
0x100a9f98 SetErrorMode
0x100a9f9c SystemTimeToFileTime
0x100a9fa0 FileTimeToSystemTime
0x100a9fa4 GetModuleHandleW
0x100a9fa8 GetAtomNameA
0x100a9fac GetOEMCP
0x100a9fb0 GetCPInfo
0x100a9fb4 CreateFileA
0x100a9fb8 GetShortPathNameA
0x100a9fbc GetFullPathNameA
0x100a9fc0 GetVolumeInformationA
0x100a9fc4 FindFirstFileA
0x100a9fc8 FindClose
0x100a9fcc DuplicateHandle
0x100a9fd0 GetFileSize
0x100a9fd4 SetEndOfFile
0x100a9fd8 UnlockFile
0x100a9fdc LockFile
0x100a9fe0 FlushFileBuffers
0x100a9fe4 SetFilePointer
0x100a9fe8 WriteFile
0x100a9fec ReadFile
0x100a9ff0 lstrcmpiA
0x100a9ff4 GetThreadLocale
0x100a9ff8 GetStringTypeExA
0x100a9ffc DeleteFileA
0x100aa000 MoveFileA
0x100aa004 InterlockedIncrement
0x100aa008 TlsFree
0x100aa00c DeleteCriticalSection
0x100aa010 LocalReAlloc
0x100aa014 TlsSetValue
0x100aa018 TlsAlloc
0x100aa01c InitializeCriticalSection
0x100aa020 GlobalHandle
0x100aa024 GlobalReAlloc
0x100aa028 EnterCriticalSection
0x100aa02c TlsGetValue
0x100aa030 LeaveCriticalSection
0x100aa034 LocalAlloc
0x100aa038 GlobalFlags
0x100aa03c GetCurrentDirectoryA
0x100aa040 GetPrivateProfileStringA
0x100aa044 WritePrivateProfileStringA
0x100aa048 GetPrivateProfileIntA
0x100aa04c CopyFileA
0x100aa050 GlobalSize
0x100aa054 FormatMessageA
0x100aa058 LocalFree
0x100aa05c lstrlenW
0x100aa060 MulDiv
0x100aa064 lstrlenA
0x100aa068 GlobalUnlock
0x100aa06c GlobalFree
0x100aa070 FreeResource
0x100aa074 GlobalGetAtomNameA
0x100aa078 GlobalFindAtomA
0x100aa07c MultiByteToWideChar
0x100aa080 lstrcmpW
0x100aa084 GetVersionExA
0x100aa088 InterlockedDecrement
0x100aa08c GetModuleFileNameW
0x100aa090 GlobalAddAtomA
0x100aa094 CreateEventA
0x100aa098 SuspendThread
0x100aa09c SetEvent
0x100aa0a0 WaitForSingleObject
0x100aa0a4 ResumeThread
0x100aa0a8 SetThreadPriority
0x100aa0ac CloseHandle
0x100aa0b0 GlobalDeleteAtom
0x100aa0b4 GetCurrentThread
0x100aa0b8 GetCurrentThreadId
0x100aa0bc ConvertDefaultLocale
0x100aa0c0 EnumResourceLanguagesA
0x100aa0c4 GetModuleFileNameA
0x100aa0c8 GetLocaleInfoA
0x100aa0cc LoadLibraryA
0x100aa0d0 CompareStringA
0x100aa0d4 InterlockedExchange
0x100aa0d8 GlobalLock
0x100aa0dc lstrcmpA
0x100aa0e0 GlobalAlloc
0x100aa0e4 FreeLibrary
0x100aa0e8 GetModuleHandleA
0x100aa0ec GetProcAddress
0x100aa0f0 GetCurrentProcessId
0x100aa0f4 GetLastError
0x100aa0f8 SetLastError
0x100aa0fc WideCharToMultiByte
0x100aa100 FindResourceA
0x100aa104 LoadResource
0x100aa108 LockResource
0x100aa10c SizeofResource
0x100aa110 LoadLibraryW
0x100aa114 FreeEnvironmentStringsA
0x100aa118 GetCurrentProcess
USER32.dll
0x100aa370 MapVirtualKeyA
0x100aa374 IsRectEmpty
0x100aa378 GetSystemMenu
0x100aa37c SetParent
0x100aa380 UnionRect
0x100aa384 GetDCEx
0x100aa388 LockWindowUpdate
0x100aa38c SetCapture
0x100aa390 RegisterWindowMessageA
0x100aa394 SendDlgItemMessageA
0x100aa398 WinHelpA
0x100aa39c IsChild
0x100aa3a0 GetCapture
0x100aa3a4 GetClassLongA
0x100aa3a8 SetPropA
0x100aa3ac GetPropA
0x100aa3b0 RemovePropA
0x100aa3b4 SetFocus
0x100aa3b8 GetWindowTextA
0x100aa3bc GetForegroundWindow
0x100aa3c0 SetActiveWindow
0x100aa3c4 BeginDeferWindowPos
0x100aa3c8 EndDeferWindowPos
0x100aa3cc GetDlgItem
0x100aa3d0 GetTopWindow
0x100aa3d4 DestroyWindow
0x100aa3d8 GetMessageTime
0x100aa3dc GetMessagePos
0x100aa3e0 MapWindowPoints
0x100aa3e4 ScrollWindow
0x100aa3e8 TrackPopupMenuEx
0x100aa3ec TrackPopupMenu
0x100aa3f0 SetMenu
0x100aa3f4 SetScrollRange
0x100aa3f8 GetScrollRange
0x100aa3fc SetScrollPos
0x100aa400 GetScrollPos
0x100aa404 SetForegroundWindow
0x100aa408 ShowScrollBar
0x100aa40c UpdateWindow
0x100aa410 GetSubMenu
0x100aa414 GetMenuItemID
0x100aa418 GetMenuItemCount
0x100aa41c CreateWindowExA
0x100aa420 GetClassInfoExA
0x100aa424 GetClassInfoA
0x100aa428 RegisterClassA
0x100aa42c GetSysColor
0x100aa430 AdjustWindowRectEx
0x100aa434 ScreenToClient
0x100aa438 EqualRect
0x100aa43c DeferWindowPos
0x100aa440 GetScrollInfo
0x100aa444 SetScrollInfo
0x100aa448 CopyRect
0x100aa44c PtInRect
0x100aa450 TranslateAcceleratorA
0x100aa454 GetKeyNameTextA
0x100aa458 DefWindowProcA
0x100aa45c CallWindowProcA
0x100aa460 GetMenu
0x100aa464 SetWindowLongA
0x100aa468 SetWindowPos
0x100aa46c IntersectRect
0x100aa470 SystemParametersInfoA
0x100aa474 GetWindowPlacement
0x100aa478 UnhookWindowsHookEx
0x100aa47c GetWindowLongA
0x100aa480 GetLastActivePopup
0x100aa484 IsWindowEnabled
0x100aa488 ShowOwnedPopups
0x100aa48c SetCursor
0x100aa490 SetWindowsHookExA
0x100aa494 CallNextHookEx
0x100aa498 GetMessageA
0x100aa49c TranslateMessage
0x100aa4a0 DispatchMessageA
0x100aa4a4 GetActiveWindow
0x100aa4a8 IsWindowVisible
0x100aa4ac GetKeyState
0x100aa4b0 PeekMessageA
0x100aa4b4 GetCursorPos
0x100aa4b8 ValidateRect
0x100aa4bc SetMenuItemBitmaps
0x100aa4c0 GetMenuCheckMarkDimensions
0x100aa4c4 LoadBitmapA
0x100aa4c8 GetFocus
0x100aa4cc GetParent
0x100aa4d0 ModifyMenuA
0x100aa4d4 GetMenuState
0x100aa4d8 EnableMenuItem
0x100aa4dc CheckMenuItem
0x100aa4e0 PostQuitMessage
0x100aa4e4 GetWindowThreadProcessId
0x100aa4e8 MapDialogRect
0x100aa4ec GetClassNameA
0x100aa4f0 IsWindow
0x100aa4f4 GetWindow
0x100aa4f8 KillTimer
0x100aa4fc GetDesktopWindow
0x100aa500 DrawIcon
0x100aa504 SendMessageA
0x100aa508 InvalidateRect
0x100aa50c SetTimer
0x100aa510 ReleaseDC
0x100aa514 GetDC
0x100aa518 GetWindowRect
0x100aa51c PostMessageA
0x100aa520 MessageBoxIndirectA
0x100aa524 MessageBoxA
0x100aa528 OffsetRect
0x100aa52c EnableWindow
0x100aa530 GetSystemMetrics
0x100aa534 LoadIconA
0x100aa538 GetClientRect
0x100aa53c IsIconic
0x100aa540 WindowFromPoint
0x100aa544 SetRect
0x100aa548 UnpackDDElParam
0x100aa54c ReuseDDElParam
0x100aa550 LoadMenuA
0x100aa554 GetMenuBarInfo
0x100aa558 ReleaseCapture
0x100aa55c LoadAcceleratorsA
0x100aa560 InsertMenuItemA
0x100aa564 CreatePopupMenu
0x100aa568 GetDlgCtrlID
0x100aa56c BringWindowToTop
0x100aa570 SetRectEmpty
0x100aa574 GetDialogBaseUnits
0x100aa578 DestroyMenu
0x100aa57c GetMenuItemInfoA
0x100aa580 InflateRect
0x100aa584 UnregisterClassA
0x100aa588 CharUpperA
0x100aa58c DestroyIcon
0x100aa590 LoadCursorA
0x100aa594 GetSysColorBrush
0x100aa598 DeleteMenu
0x100aa59c EndPaint
0x100aa5a0 BeginPaint
0x100aa5a4 GetWindowDC
0x100aa5a8 ClientToScreen
0x100aa5ac GrayStringA
0x100aa5b0 DrawTextExA
0x100aa5b4 DrawTextA
0x100aa5b8 TabbedTextOutA
0x100aa5bc FillRect
0x100aa5c0 ScrollWindowEx
0x100aa5c4 ShowWindow
0x100aa5c8 MoveWindow
0x100aa5cc SetWindowTextA
0x100aa5d0 IsDialogMessageA
0x100aa5d4 IsDlgButtonChecked
0x100aa5d8 SetDlgItemTextA
0x100aa5dc SetDlgItemInt
0x100aa5e0 GetDlgItemTextA
0x100aa5e4 GetDlgItemInt
0x100aa5e8 CheckRadioButton
0x100aa5ec CheckDlgButton
0x100aa5f0 GetMenuStringA
0x100aa5f4 AppendMenuA
0x100aa5f8 InsertMenuA
0x100aa5fc RemoveMenu
0x100aa600 CreateDialogIndirectParamA
0x100aa604 GetNextDlgTabItem
0x100aa608 SetWindowPlacement
0x100aa60c EndDialog
0x100aa610 GetWindowTextLengthA
GDI32.dll
0x100a9ccc SetMapMode
0x100a9cd0 ExcludeClipRect
0x100a9cd4 IntersectClipRect
0x100a9cd8 OffsetClipRgn
0x100a9cdc LineTo
0x100a9ce0 MoveToEx
0x100a9ce4 SetTextAlign
0x100a9ce8 SetTextJustification
0x100a9cec SetTextCharacterExtra
0x100a9cf0 SetMapperFlags
0x100a9cf4 SetArcDirection
0x100a9cf8 SetColorAdjustment
0x100a9cfc DeleteObject
0x100a9d00 SelectClipRgn
0x100a9d04 GetClipRgn
0x100a9d08 CreateRectRgn
0x100a9d0c SelectClipPath
0x100a9d10 GetViewportExtEx
0x100a9d14 GetWindowExtEx
0x100a9d18 BitBlt
0x100a9d1c GetPixel
0x100a9d20 StartDocA
0x100a9d24 PtVisible
0x100a9d28 RectVisible
0x100a9d2c TextOutA
0x100a9d30 ExtTextOutA
0x100a9d34 Escape
0x100a9d38 SelectObject
0x100a9d3c SetViewportOrgEx
0x100a9d40 OffsetViewportOrgEx
0x100a9d44 SetViewportExtEx
0x100a9d48 ScaleViewportExtEx
0x100a9d4c SetWindowOrgEx
0x100a9d50 OffsetWindowOrgEx
0x100a9d54 ModifyWorldTransform
0x100a9d58 ScaleWindowExtEx
0x100a9d5c GetCurrentPositionEx
0x100a9d60 ArcTo
0x100a9d64 PolyDraw
0x100a9d68 PolylineTo
0x100a9d6c PolyBezierTo
0x100a9d70 ExtSelectClipRgn
0x100a9d74 DeleteDC
0x100a9d78 CreateDIBPatternBrushPt
0x100a9d7c CreatePatternBrush
0x100a9d80 CreateCompatibleDC
0x100a9d84 GetStockObject
0x100a9d88 SelectPalette
0x100a9d8c PlayMetaFileRecord
0x100a9d90 GetObjectType
0x100a9d94 EnumMetaFile
0x100a9d98 PlayMetaFile
0x100a9d9c CreatePen
0x100a9da0 ExtCreatePen
0x100a9da4 CreateSolidBrush
0x100a9da8 CreateHatchBrush
0x100a9dac CreateFontIndirectA
0x100a9db0 GetTextMetricsA
0x100a9db4 CreateRectRgnIndirect
0x100a9db8 SetRectRgn
0x100a9dbc CombineRgn
0x100a9dc0 GetMapMode
0x100a9dc4 PatBlt
0x100a9dc8 DPtoLP
0x100a9dcc GetCharWidthA
0x100a9dd0 CreateFontA
0x100a9dd4 StretchDIBits
0x100a9dd8 CreateCompatibleBitmap
0x100a9ddc GetBkColor
0x100a9de0 SetGraphicsMode
0x100a9de4 SetWorldTransform
0x100a9de8 SetStretchBltMode
0x100a9dec SetROP2
0x100a9df0 SetPolyFillMode
0x100a9df4 SetBkMode
0x100a9df8 RestoreDC
0x100a9dfc SaveDC
0x100a9e00 SetTextColor
0x100a9e04 CreateDCA
0x100a9e08 CopyMetaFileA
0x100a9e0c GetDeviceCaps
0x100a9e10 GetObjectA
0x100a9e14 SetWindowExtEx
0x100a9e18 GetTextExtentPoint32A
0x100a9e1c GetClipBox
0x100a9e20 GetDCOrgEx
0x100a9e24 CreateBitmap
0x100a9e28 SetBkColor
COMDLG32.dll
0x100a9c9c GetFileTitleA
WINSPOOL.DRV
0x100aa6c4 DocumentPropertiesA
0x100aa6c8 OpenPrinterA
0x100aa6cc ClosePrinter
ADVAPI32.dll
0x100a9c38 RegDeleteValueA
0x100a9c3c RegSetValueExA
0x100a9c40 RegCreateKeyExA
0x100a9c44 RegSetValueA
0x100a9c48 RegQueryValueA
0x100a9c4c RegOpenKeyA
0x100a9c50 RegEnumKeyA
0x100a9c54 RegDeleteKeyA
0x100a9c58 RegOpenKeyExA
0x100a9c5c RegQueryValueExA
0x100a9c60 RegCloseKey
0x100a9c64 RegCreateKeyA
SHELL32.dll
0x100aa2ec ExtractIconA
0x100aa2f0 DragFinish
0x100aa2f4 DragQueryFileA
0x100aa2f8 SHGetFileInfoA
SHLWAPI.dll
0x100aa328 PathFindFileNameA
0x100aa32c PathStripToRootA
0x100aa330 PathIsUNCA
0x100aa334 PathFindExtensionA
0x100aa338 PathRemoveExtensionA
0x100aa33c PathRemoveFileSpecW
ole32.dll
0x100aa6fc StringFromGUID2
0x100aa700 CoDisconnectObject
0x100aa704 OleDuplicateData
0x100aa708 CoTaskMemAlloc
0x100aa70c ReleaseStgMedium
0x100aa710 CreateBindCtx
0x100aa714 CoTreatAsClass
0x100aa718 CoCreateInstance
0x100aa71c ReadClassStg
0x100aa720 ReadFmtUserTypeStg
0x100aa724 OleRegGetUserType
0x100aa728 WriteClassStg
0x100aa72c WriteFmtUserTypeStg
0x100aa730 SetConvertStg
0x100aa734 CoTaskMemFree
0x100aa738 CLSIDFromString
0x100aa73c CoUninitialize
0x100aa740 CoInitializeEx
0x100aa744 StringFromCLSID
OLEAUT32.dll
0x100aa200 VariantCopy
0x100aa204 SafeArrayCreate
0x100aa208 SafeArrayGetDim
0x100aa20c SafeArrayGetElemsize
0x100aa210 SafeArrayGetLBound
0x100aa214 SafeArrayGetUBound
0x100aa218 SafeArrayAccessData
0x100aa21c SafeArrayUnaccessData
0x100aa220 LoadRegTypeLib
0x100aa224 LoadTypeLib
0x100aa228 RegisterTypeLib
0x100aa22c SysStringByteLen
0x100aa230 SysAllocStringByteLen
0x100aa234 SysFreeString
0x100aa238 SysStringLen
0x100aa23c SysAllocStringLen
0x100aa240 VariantInit
0x100aa244 VariantChangeType
0x100aa248 VariantClear
0x100aa24c SafeArrayAllocData
0x100aa250 SafeArrayAllocDescriptor
0x100aa254 SafeArrayCopy
0x100aa258 SafeArrayGetElement
0x100aa25c SafeArrayPtrOfIndex
0x100aa260 SafeArrayPutElement
0x100aa264 SafeArrayLock
0x100aa268 SafeArrayUnlock
0x100aa26c SafeArrayDestroy
0x100aa270 SafeArrayDestroyData
0x100aa274 SafeArrayDestroyDescriptor
0x100aa278 VariantTimeToSystemTime
0x100aa27c SystemTimeToVariantTime
0x100aa280 SysReAllocStringLen
0x100aa284 VarDateFromStr
0x100aa288 VarBstrFromCy
0x100aa28c VarBstrFromDec
0x100aa290 VarDecFromStr
0x100aa294 VarCyFromStr
0x100aa298 VarBstrFromDate
0x100aa29c SafeArrayRedim
OLEACC.dll
0x100aa1c8 AccessibleObjectFromWindow
0x100aa1cc LresultFromObject
0x100aa1d0 CreateStdAccessibleObject
EAT(Export Address Table) Library
0x100011ef StartW