ScreenShot
| Created | 2021.08.06 08:07 | Machine | s1_win7_x6401 |
| Filename | dHAfdxR.img | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 9 detected (Artemis, malicious, confidence, BadFile, TrickBotCrypt, score, Kryptik, CLASSIC) | ||
| md5 | 7c44e0a43e508476eda5f699d39a0c7f | ||
| sha256 | bf81ad343dce8b514941ffd47576b78e02b41c23aec991fd5a48ad00c67ad942 | ||
| ssdeep | 12288:5bjfhtlWxycV80o3xKA3cHfnoEQOuG/ENYIm8MxxO9qrcOJz8:5bj9ZcG0CxKA3cHPoEQRjNXNYxtnF | ||
| imphash | 8b7fb8fc4de24822c3d2cd067d85f8ec | ||
| impfuzzy | 192:R1Rs9JaiI+uOkZtYAC7xkZu0IpcRcIcxri:6i9YkWfxpE7r | ||
Network IP location
Signature (17cnts)
| Level | Description |
|---|---|
| watch | Communicates with host for which no DNS query was performed |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | File has been identified by 9 AntiVirus engines on VirusTotal as malicious |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Looks up the external IP address |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The executable uses a known packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (13cnts) ?
Suricata ids
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)
ET POLICY IP Check wtfismyip.com
ET POLICY curl User-Agent Outbound
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)
ET POLICY IP Check wtfismyip.com
ET POLICY curl User-Agent Outbound
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1004b198 GetStringTypeW
0x1004b19c IsBadReadPtr
0x1004b1a0 IsBadCodePtr
0x1004b1a4 GetStringTypeA
0x1004b1a8 CompareStringA
0x1004b1ac CompareStringW
0x1004b1b0 SetEnvironmentVariableA
0x1004b1b4 GetProfileStringA
0x1004b1b8 LCMapStringW
0x1004b1bc LCMapStringA
0x1004b1c0 GetEnvironmentStringsW
0x1004b1c4 GetEnvironmentStrings
0x1004b1c8 FreeEnvironmentStringsW
0x1004b1cc FreeEnvironmentStringsA
0x1004b1d0 GetStartupInfoA
0x1004b1d4 GetStdHandle
0x1004b1d8 SetHandleCount
0x1004b1dc GetFileType
0x1004b1e0 SetUnhandledExceptionFilter
0x1004b1e4 IsBadWritePtr
0x1004b1e8 VirtualAlloc
0x1004b1ec VirtualFree
0x1004b1f0 HeapCreate
0x1004b1f4 HeapDestroy
0x1004b1f8 GetTimeZoneInformation
0x1004b1fc GetACP
0x1004b200 HeapSize
0x1004b204 HeapReAlloc
0x1004b208 TerminateProcess
0x1004b20c ExitProcess
0x1004b210 GetCommandLineA
0x1004b214 RaiseException
0x1004b218 HeapAlloc
0x1004b21c HeapFree
0x1004b220 RtlUnwind
0x1004b224 FileTimeToLocalFileTime
0x1004b228 FileTimeToSystemTime
0x1004b22c SystemTimeToFileTime
0x1004b230 LocalFileTimeToFileTime
0x1004b234 GetFileSize
0x1004b238 GetCurrentDirectoryA
0x1004b23c WritePrivateProfileStringA
0x1004b240 GetPrivateProfileStringA
0x1004b244 GetPrivateProfileIntA
0x1004b248 GetOEMCP
0x1004b24c GetCPInfo
0x1004b250 TlsGetValue
0x1004b254 LocalReAlloc
0x1004b258 TlsSetValue
0x1004b25c EnterCriticalSection
0x1004b260 GlobalReAlloc
0x1004b264 LeaveCriticalSection
0x1004b268 TlsFree
0x1004b26c GlobalHandle
0x1004b270 DeleteCriticalSection
0x1004b274 TlsAlloc
0x1004b278 InitializeCriticalSection
0x1004b27c LocalAlloc
0x1004b280 GlobalFlags
0x1004b284 GetProcessVersion
0x1004b288 MulDiv
0x1004b28c GetShortPathNameA
0x1004b290 GetThreadLocale
0x1004b294 GetStringTypeExA
0x1004b298 GetVolumeInformationA
0x1004b29c FindFirstFileA
0x1004b2a0 FindClose
0x1004b2a4 DeleteFileA
0x1004b2a8 MoveFileA
0x1004b2ac SetEndOfFile
0x1004b2b0 UnlockFile
0x1004b2b4 LockFile
0x1004b2b8 FlushFileBuffers
0x1004b2bc SetFilePointer
0x1004b2c0 WriteFile
0x1004b2c4 ReadFile
0x1004b2c8 CreateFileA
0x1004b2cc DuplicateHandle
0x1004b2d0 SetLastError
0x1004b2d4 GetLastError
0x1004b2d8 GetDiskFreeSpaceA
0x1004b2dc GetFileTime
0x1004b2e0 SetFileTime
0x1004b2e4 GetFullPathNameA
0x1004b2e8 GetTempFileNameA
0x1004b2ec GetFileAttributesA
0x1004b2f0 LocalFree
0x1004b2f4 MultiByteToWideChar
0x1004b2f8 WideCharToMultiByte
0x1004b2fc InterlockedDecrement
0x1004b300 QueryPerformanceFrequency
0x1004b304 InterlockedIncrement
0x1004b308 GetModuleFileNameA
0x1004b30c GetCurrentThread
0x1004b310 lstrcmpA
0x1004b314 FindResourceA
0x1004b318 GetCurrentThreadId
0x1004b31c lstrcmpiA
0x1004b320 GlobalFindAtomA
0x1004b324 GlobalDeleteAtom
0x1004b328 GetModuleHandleA
0x1004b32c lstrcatA
0x1004b330 lstrcpynA
0x1004b334 GlobalGetAtomNameA
0x1004b338 GlobalAddAtomA
0x1004b33c GetVersion
0x1004b340 lstrcpyA
0x1004b344 lstrlenA
0x1004b348 SizeofResource
0x1004b34c LoadResource
0x1004b350 LockResource
0x1004b354 GlobalAlloc
0x1004b358 GlobalLock
0x1004b35c GlobalUnlock
0x1004b360 GlobalFree
0x1004b364 LoadLibraryA
0x1004b368 GetProcAddress
0x1004b36c FreeLibrary
0x1004b370 LoadLibraryW
0x1004b374 GetCurrentProcess
0x1004b378 QueryPerformanceCounter
0x1004b37c CreateThread
0x1004b380 Sleep
0x1004b384 WaitForSingleObject
0x1004b388 CloseHandle
0x1004b38c ResumeThread
0x1004b390 SetStdHandle
USER32.dll
0x1004b3b0 ValidateRect
0x1004b3b4 TranslateMessage
0x1004b3b8 GetMessageA
0x1004b3bc CharUpperA
0x1004b3c0 DestroyCursor
0x1004b3c4 LoadCursorA
0x1004b3c8 SetRect
0x1004b3cc PtInRect
0x1004b3d0 FindWindowA
0x1004b3d4 IsRectEmpty
0x1004b3d8 ClientToScreen
0x1004b3dc BeginPaint
0x1004b3e0 EndPaint
0x1004b3e4 InflateRect
0x1004b3e8 wvsprintfA
0x1004b3ec SetParent
0x1004b3f0 AppendMenuA
0x1004b3f4 DeleteMenu
0x1004b3f8 GetSystemMenu
0x1004b3fc SetTimer
0x1004b400 KillTimer
0x1004b404 WindowFromPoint
0x1004b408 GetSysColorBrush
0x1004b40c GetClassNameA
0x1004b410 LoadStringA
0x1004b414 InsertMenuA
0x1004b418 GetMenuStringA
0x1004b41c DestroyIcon
0x1004b420 GetTabbedTextExtentA
0x1004b424 SetCapture
0x1004b428 InvertRect
0x1004b42c GetDCEx
0x1004b430 LockWindowUpdate
0x1004b434 GetMenuState
0x1004b438 ModifyMenuA
0x1004b43c SetMenuItemBitmaps
0x1004b440 CheckMenuItem
0x1004b444 EnableMenuItem
0x1004b448 GetNextDlgTabItem
0x1004b44c SetWindowTextA
0x1004b450 IsDialogMessageA
0x1004b454 SetDlgItemTextA
0x1004b458 SendDlgItemMessageA
0x1004b45c MapWindowPoints
0x1004b460 DispatchMessageA
0x1004b464 ScreenToClient
0x1004b468 DeferWindowPos
0x1004b46c BeginDeferWindowPos
0x1004b470 EndDeferWindowPos
0x1004b474 ScrollWindow
0x1004b478 GetScrollInfo
0x1004b47c SetScrollInfo
0x1004b480 ShowScrollBar
0x1004b484 GetScrollRange
0x1004b488 SetScrollRange
0x1004b48c GetScrollPos
0x1004b490 SetScrollPos
0x1004b494 GetTopWindow
0x1004b498 MessageBoxA
0x1004b49c IsChild
0x1004b4a0 RegisterClassA
0x1004b4a4 TrackPopupMenu
0x1004b4a8 GetWindowTextLengthA
0x1004b4ac DefWindowProcA
0x1004b4b0 SetWindowsHookExA
0x1004b4b4 CallNextHookEx
0x1004b4b8 GetClassLongA
0x1004b4bc SetPropA
0x1004b4c0 UnhookWindowsHookEx
0x1004b4c4 GetPropA
0x1004b4c8 CallWindowProcA
0x1004b4cc GetCursorPos
0x1004b4d0 GetMessageTime
0x1004b4d4 GetMessagePos
0x1004b4d8 GetForegroundWindow
0x1004b4dc SetForegroundWindow
0x1004b4e0 OffsetRect
0x1004b4e4 IntersectRect
0x1004b4e8 SystemParametersInfoA
0x1004b4ec GetWindowPlacement
0x1004b4f0 GetSystemMetrics
0x1004b4f4 GetLastActivePopup
0x1004b4f8 GetFocus
0x1004b4fc EqualRect
0x1004b500 GetDlgItem
0x1004b504 GetKeyState
0x1004b508 GetDlgCtrlID
0x1004b50c UnpackDDElParam
0x1004b510 ReuseDDElParam
0x1004b514 SetActiveWindow
0x1004b518 WinHelpA
0x1004b51c SetMenu
0x1004b520 LoadIconA
0x1004b524 GetClassInfoA
0x1004b528 DestroyMenu
0x1004b52c SetFocus
0x1004b530 GetWindow
0x1004b534 IsWindowEnabled
0x1004b538 SetCursor
0x1004b53c PeekMessageA
0x1004b540 PostMessageA
0x1004b544 GetCapture
0x1004b548 ReleaseCapture
0x1004b54c LoadAcceleratorsA
0x1004b550 SetRectEmpty
0x1004b554 RegisterWindowMessageA
0x1004b558 GetActiveWindow
0x1004b55c wsprintfA
0x1004b560 GetParent
0x1004b564 GetMenuItemID
0x1004b568 AdjustWindowRectEx
0x1004b56c GetWindowLongA
0x1004b570 SetWindowLongA
0x1004b574 DefMDIChildProcA
0x1004b578 DrawMenuBar
0x1004b57c TranslateAcceleratorA
0x1004b580 TranslateMDISysAccel
0x1004b584 DefFrameProcA
0x1004b588 CreateWindowExA
0x1004b58c BringWindowToTop
0x1004b590 GetMenu
0x1004b594 GetMenuItemCount
0x1004b598 ReleaseDC
0x1004b59c IsWindow
0x1004b5a0 SetWindowPos
0x1004b5a4 GetDC
0x1004b5a8 GetWindowDC
0x1004b5ac IsClipboardFormatAvailable
0x1004b5b0 GetClipboardData
0x1004b5b4 ShowWindow
0x1004b5b8 HideCaret
0x1004b5bc ShowCaret
0x1004b5c0 ExcludeUpdateRgn
0x1004b5c4 DrawFocusRect
0x1004b5c8 DefDlgProcA
0x1004b5cc CharNextA
0x1004b5d0 IsWindowUnicode
0x1004b5d4 UpdateWindow
0x1004b5d8 EnableWindow
0x1004b5dc LoadBitmapA
0x1004b5e0 CloseClipboard
0x1004b5e4 RedrawWindow
0x1004b5e8 CopyRect
0x1004b5ec GetSysColor
0x1004b5f0 EnumWindows
0x1004b5f4 GetDesktopWindow
0x1004b5f8 IsWindowVisible
0x1004b5fc GetWindowTextA
0x1004b600 InvalidateRect
0x1004b604 LoadMenuA
0x1004b608 GetSubMenu
0x1004b60c IsIconic
0x1004b610 IsZoomed
0x1004b614 GetWindowRect
0x1004b618 GrayStringA
0x1004b61c DrawTextA
0x1004b620 ShowOwnedPopups
0x1004b624 PostQuitMessage
0x1004b628 EndDialog
0x1004b62c CreateDialogIndirectParamA
0x1004b630 RemovePropA
0x1004b634 GetMenuCheckMarkDimensions
0x1004b638 TabbedTextOutA
0x1004b63c GetClientRect
0x1004b640 FillRect
0x1004b644 SendMessageA
0x1004b648 OpenClipboard
0x1004b64c EmptyClipboard
0x1004b650 SetClipboardData
0x1004b654 DestroyWindow
GDI32.dll
0x1004b044 StretchBlt
0x1004b048 SetStretchBltMode
0x1004b04c SetTextColor
0x1004b050 SetBkColor
0x1004b054 CreateBitmap
0x1004b058 StretchDIBits
0x1004b05c CreateDIBitmap
0x1004b060 GetClipBox
0x1004b064 GetStockObject
0x1004b068 Rectangle
0x1004b06c CreatePen
0x1004b070 GetViewportOrgEx
0x1004b074 AbortDoc
0x1004b078 EndDoc
0x1004b07c EndPage
0x1004b080 StartPage
0x1004b084 StartDocA
0x1004b088 SetAbortProc
0x1004b08c CreateDCA
0x1004b090 SaveDC
0x1004b094 RestoreDC
0x1004b098 SetBkMode
0x1004b09c SetPolyFillMode
0x1004b0a0 SetROP2
0x1004b0a4 SetMapMode
0x1004b0a8 SetViewportOrgEx
0x1004b0ac OffsetViewportOrgEx
0x1004b0b0 SetViewportExtEx
0x1004b0b4 ScaleViewportExtEx
0x1004b0b8 SetWindowOrgEx
0x1004b0bc SetWindowExtEx
0x1004b0c0 ScaleWindowExtEx
0x1004b0c4 SelectClipRgn
0x1004b0c8 ExcludeClipRect
0x1004b0cc IntersectClipRect
0x1004b0d0 MoveToEx
0x1004b0d4 DeleteDC
0x1004b0d8 SetTextAlign
0x1004b0dc GetCurrentPositionEx
0x1004b0e0 CreateRectRgn
0x1004b0e4 GetViewportExtEx
0x1004b0e8 GetWindowExtEx
0x1004b0ec CreateSolidBrush
0x1004b0f0 CreatePatternBrush
0x1004b0f4 SetRectRgn
0x1004b0f8 CombineRgn
0x1004b0fc CreateRectRgnIndirect
0x1004b100 CreateFontIndirectA
0x1004b104 GetCharWidthA
0x1004b108 GetNearestColor
0x1004b10c GetTextColor
0x1004b110 GetStretchBltMode
0x1004b114 GetPolyFillMode
0x1004b118 GetTextAlign
0x1004b11c GetBkMode
0x1004b120 GetROP2
0x1004b124 GetTextFaceA
0x1004b128 GetWindowOrgEx
0x1004b12c GetObjectA
0x1004b130 GetDIBits
0x1004b134 SelectObject
0x1004b138 DeleteObject
0x1004b13c PatBlt
0x1004b140 GetTextMetricsA
0x1004b144 GetTextExtentPoint32A
0x1004b148 CreateFontA
0x1004b14c BitBlt
0x1004b150 CreateCompatibleDC
0x1004b154 CreateCompatibleBitmap
0x1004b158 GetMapMode
0x1004b15c DPtoLP
0x1004b160 GetBkColor
0x1004b164 Escape
0x1004b168 ExtTextOutA
0x1004b16c TextOutA
0x1004b170 RectVisible
0x1004b174 PtVisible
0x1004b178 UnrealizeObject
0x1004b17c LPtoDP
0x1004b180 SetBrushOrgEx
0x1004b184 GetDeviceCaps
0x1004b188 LineTo
0x1004b18c GetTextExtentPointA
0x1004b190 CreateHatchBrush
comdlg32.dll
0x1004b66c GetFileTitleA
0x1004b670 GetOpenFileNameA
0x1004b674 GetSaveFileNameA
0x1004b678 CommDlgExtendedError
0x1004b67c PrintDlgA
WINSPOOL.DRV
0x1004b65c OpenPrinterA
0x1004b660 DocumentPropertiesA
0x1004b664 ClosePrinter
ADVAPI32.dll
0x1004b000 RegDeleteValueA
0x1004b004 RegCloseKey
0x1004b008 RegEnumKeyA
0x1004b00c RegOpenKeyA
0x1004b010 RegDeleteKeyA
0x1004b014 SetFileSecurityA
0x1004b018 GetFileSecurityA
0x1004b01c RegQueryValueExA
0x1004b020 RegOpenKeyExA
0x1004b024 RegSetValueA
0x1004b028 RegCreateKeyA
0x1004b02c RegQueryValueA
0x1004b030 RegSetValueExA
0x1004b034 RegCreateKeyExA
SHELL32.dll
0x1004b398 SHGetFileInfoA
0x1004b39c DragAcceptFiles
0x1004b3a0 DragQueryFileA
0x1004b3a4 DragFinish
0x1004b3a8 ExtractIconA
COMCTL32.dll
0x1004b03c None
EAT(Export Address Table) Library
0x10015154 StartW
KERNEL32.dll
0x1004b198 GetStringTypeW
0x1004b19c IsBadReadPtr
0x1004b1a0 IsBadCodePtr
0x1004b1a4 GetStringTypeA
0x1004b1a8 CompareStringA
0x1004b1ac CompareStringW
0x1004b1b0 SetEnvironmentVariableA
0x1004b1b4 GetProfileStringA
0x1004b1b8 LCMapStringW
0x1004b1bc LCMapStringA
0x1004b1c0 GetEnvironmentStringsW
0x1004b1c4 GetEnvironmentStrings
0x1004b1c8 FreeEnvironmentStringsW
0x1004b1cc FreeEnvironmentStringsA
0x1004b1d0 GetStartupInfoA
0x1004b1d4 GetStdHandle
0x1004b1d8 SetHandleCount
0x1004b1dc GetFileType
0x1004b1e0 SetUnhandledExceptionFilter
0x1004b1e4 IsBadWritePtr
0x1004b1e8 VirtualAlloc
0x1004b1ec VirtualFree
0x1004b1f0 HeapCreate
0x1004b1f4 HeapDestroy
0x1004b1f8 GetTimeZoneInformation
0x1004b1fc GetACP
0x1004b200 HeapSize
0x1004b204 HeapReAlloc
0x1004b208 TerminateProcess
0x1004b20c ExitProcess
0x1004b210 GetCommandLineA
0x1004b214 RaiseException
0x1004b218 HeapAlloc
0x1004b21c HeapFree
0x1004b220 RtlUnwind
0x1004b224 FileTimeToLocalFileTime
0x1004b228 FileTimeToSystemTime
0x1004b22c SystemTimeToFileTime
0x1004b230 LocalFileTimeToFileTime
0x1004b234 GetFileSize
0x1004b238 GetCurrentDirectoryA
0x1004b23c WritePrivateProfileStringA
0x1004b240 GetPrivateProfileStringA
0x1004b244 GetPrivateProfileIntA
0x1004b248 GetOEMCP
0x1004b24c GetCPInfo
0x1004b250 TlsGetValue
0x1004b254 LocalReAlloc
0x1004b258 TlsSetValue
0x1004b25c EnterCriticalSection
0x1004b260 GlobalReAlloc
0x1004b264 LeaveCriticalSection
0x1004b268 TlsFree
0x1004b26c GlobalHandle
0x1004b270 DeleteCriticalSection
0x1004b274 TlsAlloc
0x1004b278 InitializeCriticalSection
0x1004b27c LocalAlloc
0x1004b280 GlobalFlags
0x1004b284 GetProcessVersion
0x1004b288 MulDiv
0x1004b28c GetShortPathNameA
0x1004b290 GetThreadLocale
0x1004b294 GetStringTypeExA
0x1004b298 GetVolumeInformationA
0x1004b29c FindFirstFileA
0x1004b2a0 FindClose
0x1004b2a4 DeleteFileA
0x1004b2a8 MoveFileA
0x1004b2ac SetEndOfFile
0x1004b2b0 UnlockFile
0x1004b2b4 LockFile
0x1004b2b8 FlushFileBuffers
0x1004b2bc SetFilePointer
0x1004b2c0 WriteFile
0x1004b2c4 ReadFile
0x1004b2c8 CreateFileA
0x1004b2cc DuplicateHandle
0x1004b2d0 SetLastError
0x1004b2d4 GetLastError
0x1004b2d8 GetDiskFreeSpaceA
0x1004b2dc GetFileTime
0x1004b2e0 SetFileTime
0x1004b2e4 GetFullPathNameA
0x1004b2e8 GetTempFileNameA
0x1004b2ec GetFileAttributesA
0x1004b2f0 LocalFree
0x1004b2f4 MultiByteToWideChar
0x1004b2f8 WideCharToMultiByte
0x1004b2fc InterlockedDecrement
0x1004b300 QueryPerformanceFrequency
0x1004b304 InterlockedIncrement
0x1004b308 GetModuleFileNameA
0x1004b30c GetCurrentThread
0x1004b310 lstrcmpA
0x1004b314 FindResourceA
0x1004b318 GetCurrentThreadId
0x1004b31c lstrcmpiA
0x1004b320 GlobalFindAtomA
0x1004b324 GlobalDeleteAtom
0x1004b328 GetModuleHandleA
0x1004b32c lstrcatA
0x1004b330 lstrcpynA
0x1004b334 GlobalGetAtomNameA
0x1004b338 GlobalAddAtomA
0x1004b33c GetVersion
0x1004b340 lstrcpyA
0x1004b344 lstrlenA
0x1004b348 SizeofResource
0x1004b34c LoadResource
0x1004b350 LockResource
0x1004b354 GlobalAlloc
0x1004b358 GlobalLock
0x1004b35c GlobalUnlock
0x1004b360 GlobalFree
0x1004b364 LoadLibraryA
0x1004b368 GetProcAddress
0x1004b36c FreeLibrary
0x1004b370 LoadLibraryW
0x1004b374 GetCurrentProcess
0x1004b378 QueryPerformanceCounter
0x1004b37c CreateThread
0x1004b380 Sleep
0x1004b384 WaitForSingleObject
0x1004b388 CloseHandle
0x1004b38c ResumeThread
0x1004b390 SetStdHandle
USER32.dll
0x1004b3b0 ValidateRect
0x1004b3b4 TranslateMessage
0x1004b3b8 GetMessageA
0x1004b3bc CharUpperA
0x1004b3c0 DestroyCursor
0x1004b3c4 LoadCursorA
0x1004b3c8 SetRect
0x1004b3cc PtInRect
0x1004b3d0 FindWindowA
0x1004b3d4 IsRectEmpty
0x1004b3d8 ClientToScreen
0x1004b3dc BeginPaint
0x1004b3e0 EndPaint
0x1004b3e4 InflateRect
0x1004b3e8 wvsprintfA
0x1004b3ec SetParent
0x1004b3f0 AppendMenuA
0x1004b3f4 DeleteMenu
0x1004b3f8 GetSystemMenu
0x1004b3fc SetTimer
0x1004b400 KillTimer
0x1004b404 WindowFromPoint
0x1004b408 GetSysColorBrush
0x1004b40c GetClassNameA
0x1004b410 LoadStringA
0x1004b414 InsertMenuA
0x1004b418 GetMenuStringA
0x1004b41c DestroyIcon
0x1004b420 GetTabbedTextExtentA
0x1004b424 SetCapture
0x1004b428 InvertRect
0x1004b42c GetDCEx
0x1004b430 LockWindowUpdate
0x1004b434 GetMenuState
0x1004b438 ModifyMenuA
0x1004b43c SetMenuItemBitmaps
0x1004b440 CheckMenuItem
0x1004b444 EnableMenuItem
0x1004b448 GetNextDlgTabItem
0x1004b44c SetWindowTextA
0x1004b450 IsDialogMessageA
0x1004b454 SetDlgItemTextA
0x1004b458 SendDlgItemMessageA
0x1004b45c MapWindowPoints
0x1004b460 DispatchMessageA
0x1004b464 ScreenToClient
0x1004b468 DeferWindowPos
0x1004b46c BeginDeferWindowPos
0x1004b470 EndDeferWindowPos
0x1004b474 ScrollWindow
0x1004b478 GetScrollInfo
0x1004b47c SetScrollInfo
0x1004b480 ShowScrollBar
0x1004b484 GetScrollRange
0x1004b488 SetScrollRange
0x1004b48c GetScrollPos
0x1004b490 SetScrollPos
0x1004b494 GetTopWindow
0x1004b498 MessageBoxA
0x1004b49c IsChild
0x1004b4a0 RegisterClassA
0x1004b4a4 TrackPopupMenu
0x1004b4a8 GetWindowTextLengthA
0x1004b4ac DefWindowProcA
0x1004b4b0 SetWindowsHookExA
0x1004b4b4 CallNextHookEx
0x1004b4b8 GetClassLongA
0x1004b4bc SetPropA
0x1004b4c0 UnhookWindowsHookEx
0x1004b4c4 GetPropA
0x1004b4c8 CallWindowProcA
0x1004b4cc GetCursorPos
0x1004b4d0 GetMessageTime
0x1004b4d4 GetMessagePos
0x1004b4d8 GetForegroundWindow
0x1004b4dc SetForegroundWindow
0x1004b4e0 OffsetRect
0x1004b4e4 IntersectRect
0x1004b4e8 SystemParametersInfoA
0x1004b4ec GetWindowPlacement
0x1004b4f0 GetSystemMetrics
0x1004b4f4 GetLastActivePopup
0x1004b4f8 GetFocus
0x1004b4fc EqualRect
0x1004b500 GetDlgItem
0x1004b504 GetKeyState
0x1004b508 GetDlgCtrlID
0x1004b50c UnpackDDElParam
0x1004b510 ReuseDDElParam
0x1004b514 SetActiveWindow
0x1004b518 WinHelpA
0x1004b51c SetMenu
0x1004b520 LoadIconA
0x1004b524 GetClassInfoA
0x1004b528 DestroyMenu
0x1004b52c SetFocus
0x1004b530 GetWindow
0x1004b534 IsWindowEnabled
0x1004b538 SetCursor
0x1004b53c PeekMessageA
0x1004b540 PostMessageA
0x1004b544 GetCapture
0x1004b548 ReleaseCapture
0x1004b54c LoadAcceleratorsA
0x1004b550 SetRectEmpty
0x1004b554 RegisterWindowMessageA
0x1004b558 GetActiveWindow
0x1004b55c wsprintfA
0x1004b560 GetParent
0x1004b564 GetMenuItemID
0x1004b568 AdjustWindowRectEx
0x1004b56c GetWindowLongA
0x1004b570 SetWindowLongA
0x1004b574 DefMDIChildProcA
0x1004b578 DrawMenuBar
0x1004b57c TranslateAcceleratorA
0x1004b580 TranslateMDISysAccel
0x1004b584 DefFrameProcA
0x1004b588 CreateWindowExA
0x1004b58c BringWindowToTop
0x1004b590 GetMenu
0x1004b594 GetMenuItemCount
0x1004b598 ReleaseDC
0x1004b59c IsWindow
0x1004b5a0 SetWindowPos
0x1004b5a4 GetDC
0x1004b5a8 GetWindowDC
0x1004b5ac IsClipboardFormatAvailable
0x1004b5b0 GetClipboardData
0x1004b5b4 ShowWindow
0x1004b5b8 HideCaret
0x1004b5bc ShowCaret
0x1004b5c0 ExcludeUpdateRgn
0x1004b5c4 DrawFocusRect
0x1004b5c8 DefDlgProcA
0x1004b5cc CharNextA
0x1004b5d0 IsWindowUnicode
0x1004b5d4 UpdateWindow
0x1004b5d8 EnableWindow
0x1004b5dc LoadBitmapA
0x1004b5e0 CloseClipboard
0x1004b5e4 RedrawWindow
0x1004b5e8 CopyRect
0x1004b5ec GetSysColor
0x1004b5f0 EnumWindows
0x1004b5f4 GetDesktopWindow
0x1004b5f8 IsWindowVisible
0x1004b5fc GetWindowTextA
0x1004b600 InvalidateRect
0x1004b604 LoadMenuA
0x1004b608 GetSubMenu
0x1004b60c IsIconic
0x1004b610 IsZoomed
0x1004b614 GetWindowRect
0x1004b618 GrayStringA
0x1004b61c DrawTextA
0x1004b620 ShowOwnedPopups
0x1004b624 PostQuitMessage
0x1004b628 EndDialog
0x1004b62c CreateDialogIndirectParamA
0x1004b630 RemovePropA
0x1004b634 GetMenuCheckMarkDimensions
0x1004b638 TabbedTextOutA
0x1004b63c GetClientRect
0x1004b640 FillRect
0x1004b644 SendMessageA
0x1004b648 OpenClipboard
0x1004b64c EmptyClipboard
0x1004b650 SetClipboardData
0x1004b654 DestroyWindow
GDI32.dll
0x1004b044 StretchBlt
0x1004b048 SetStretchBltMode
0x1004b04c SetTextColor
0x1004b050 SetBkColor
0x1004b054 CreateBitmap
0x1004b058 StretchDIBits
0x1004b05c CreateDIBitmap
0x1004b060 GetClipBox
0x1004b064 GetStockObject
0x1004b068 Rectangle
0x1004b06c CreatePen
0x1004b070 GetViewportOrgEx
0x1004b074 AbortDoc
0x1004b078 EndDoc
0x1004b07c EndPage
0x1004b080 StartPage
0x1004b084 StartDocA
0x1004b088 SetAbortProc
0x1004b08c CreateDCA
0x1004b090 SaveDC
0x1004b094 RestoreDC
0x1004b098 SetBkMode
0x1004b09c SetPolyFillMode
0x1004b0a0 SetROP2
0x1004b0a4 SetMapMode
0x1004b0a8 SetViewportOrgEx
0x1004b0ac OffsetViewportOrgEx
0x1004b0b0 SetViewportExtEx
0x1004b0b4 ScaleViewportExtEx
0x1004b0b8 SetWindowOrgEx
0x1004b0bc SetWindowExtEx
0x1004b0c0 ScaleWindowExtEx
0x1004b0c4 SelectClipRgn
0x1004b0c8 ExcludeClipRect
0x1004b0cc IntersectClipRect
0x1004b0d0 MoveToEx
0x1004b0d4 DeleteDC
0x1004b0d8 SetTextAlign
0x1004b0dc GetCurrentPositionEx
0x1004b0e0 CreateRectRgn
0x1004b0e4 GetViewportExtEx
0x1004b0e8 GetWindowExtEx
0x1004b0ec CreateSolidBrush
0x1004b0f0 CreatePatternBrush
0x1004b0f4 SetRectRgn
0x1004b0f8 CombineRgn
0x1004b0fc CreateRectRgnIndirect
0x1004b100 CreateFontIndirectA
0x1004b104 GetCharWidthA
0x1004b108 GetNearestColor
0x1004b10c GetTextColor
0x1004b110 GetStretchBltMode
0x1004b114 GetPolyFillMode
0x1004b118 GetTextAlign
0x1004b11c GetBkMode
0x1004b120 GetROP2
0x1004b124 GetTextFaceA
0x1004b128 GetWindowOrgEx
0x1004b12c GetObjectA
0x1004b130 GetDIBits
0x1004b134 SelectObject
0x1004b138 DeleteObject
0x1004b13c PatBlt
0x1004b140 GetTextMetricsA
0x1004b144 GetTextExtentPoint32A
0x1004b148 CreateFontA
0x1004b14c BitBlt
0x1004b150 CreateCompatibleDC
0x1004b154 CreateCompatibleBitmap
0x1004b158 GetMapMode
0x1004b15c DPtoLP
0x1004b160 GetBkColor
0x1004b164 Escape
0x1004b168 ExtTextOutA
0x1004b16c TextOutA
0x1004b170 RectVisible
0x1004b174 PtVisible
0x1004b178 UnrealizeObject
0x1004b17c LPtoDP
0x1004b180 SetBrushOrgEx
0x1004b184 GetDeviceCaps
0x1004b188 LineTo
0x1004b18c GetTextExtentPointA
0x1004b190 CreateHatchBrush
comdlg32.dll
0x1004b66c GetFileTitleA
0x1004b670 GetOpenFileNameA
0x1004b674 GetSaveFileNameA
0x1004b678 CommDlgExtendedError
0x1004b67c PrintDlgA
WINSPOOL.DRV
0x1004b65c OpenPrinterA
0x1004b660 DocumentPropertiesA
0x1004b664 ClosePrinter
ADVAPI32.dll
0x1004b000 RegDeleteValueA
0x1004b004 RegCloseKey
0x1004b008 RegEnumKeyA
0x1004b00c RegOpenKeyA
0x1004b010 RegDeleteKeyA
0x1004b014 SetFileSecurityA
0x1004b018 GetFileSecurityA
0x1004b01c RegQueryValueExA
0x1004b020 RegOpenKeyExA
0x1004b024 RegSetValueA
0x1004b028 RegCreateKeyA
0x1004b02c RegQueryValueA
0x1004b030 RegSetValueExA
0x1004b034 RegCreateKeyExA
SHELL32.dll
0x1004b398 SHGetFileInfoA
0x1004b39c DragAcceptFiles
0x1004b3a0 DragQueryFileA
0x1004b3a4 DragFinish
0x1004b3a8 ExtractIconA
COMCTL32.dll
0x1004b03c None
EAT(Export Address Table) Library
0x10015154 StartW