ScreenShot
| Created | 2021.08.09 11:30 | Machine | s1_win7_x6401 |
| Filename | 2.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 55 detected (malicious, high confidence, Redosdru, Farfli, Unsafe, Gencirc, CWO@7k0rzk, DownLoader36, ZEGOST, SM17, Static AI, Suspicious PE, ajkp, AGEN, ai score=86, ASMalwS, score, R369242, BScope, CLASSIC, GenAsa, 6HyyeQhbdKM, susgen, Kryptik, GHFL, ZexaF, Qq3@aGEzvJhb, Genetic, confidence, 100%, HwcBUJ4A) | ||
| md5 | 294fab1523dc3b50cbcc120e67946a5b | ||
| sha256 | 31a88f1273d29300652ece4ce7d5eeef39b404dd628c59c2c327b0333bf33c36 | ||
| ssdeep | 12288:veD27Sdt6DA+v7tdOmzsrFczvPE7QlSEvB:hSbsA+vuTFczvPeQlSEp | ||
| imphash | 91076518487bb133a8d219f38936b9d9 | ||
| impfuzzy | 192:NIAYERkJxFvzU6w5kZggioiu99mB1rUcRc6c7aKFP2fcYiP1:NI04vI5kz9mvUENYYriP1 | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 55 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| watch | Installs itself for autorun at Windows startup |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a service |
| notice | Creates executable files on the filesystem |
| notice | Foreign language identified in PE resource |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| info | The executable uses a known packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
ET DNS Query for .cc TLD
ET INFO Dotted Quad Host DLL Request
ET INFO Dotted Quad Host DLL Request
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x43d190 FormatMessageA
0x43d194 GlobalSize
0x43d198 CopyFileA
0x43d19c HeapReAlloc
0x43d1a0 RtlUnwind
0x43d1a4 GetStartupInfoA
0x43d1a8 GetCommandLineA
0x43d1ac ExitProcess
0x43d1b0 TerminateProcess
0x43d1b4 RaiseException
0x43d1b8 HeapSize
0x43d1bc GetACP
0x43d1c0 GetTimeZoneInformation
0x43d1c4 GetSystemTime
0x43d1c8 GetLocalTime
0x43d1cc IsBadWritePtr
0x43d1d0 GetEnvironmentVariableA
0x43d1d4 GetVersionExA
0x43d1d8 HeapDestroy
0x43d1dc HeapCreate
0x43d1e0 SetFileAttributesA
0x43d1e4 FreeEnvironmentStringsA
0x43d1e8 FreeEnvironmentStringsW
0x43d1ec GetEnvironmentStrings
0x43d1f0 GetEnvironmentStringsW
0x43d1f4 SetHandleCount
0x43d1f8 GetStdHandle
0x43d1fc GetFileType
0x43d200 SetUnhandledExceptionFilter
0x43d204 LCMapStringA
0x43d208 LCMapStringW
0x43d20c GetStringTypeA
0x43d210 GetStringTypeW
0x43d214 IsBadCodePtr
0x43d218 SetConsoleCtrlHandler
0x43d21c SetStdHandle
0x43d220 CompareStringA
0x43d224 CompareStringW
0x43d228 SetEnvironmentVariableA
0x43d22c SetFileTime
0x43d230 SystemTimeToFileTime
0x43d234 LocalFileTimeToFileTime
0x43d238 GetProfileStringA
0x43d23c GetFileTime
0x43d240 GetFileAttributesA
0x43d244 GetTickCount
0x43d248 FileTimeToLocalFileTime
0x43d24c FileTimeToSystemTime
0x43d250 lstrlenW
0x43d254 GetShortPathNameA
0x43d258 GetStringTypeExA
0x43d25c GetFullPathNameA
0x43d260 GetVolumeInformationA
0x43d264 FindFirstFileA
0x43d268 FindClose
0x43d26c DeleteFileA
0x43d270 MoveFileA
0x43d274 SetEndOfFile
0x43d278 UnlockFile
0x43d27c LockFile
0x43d280 FlushFileBuffers
0x43d284 SetFilePointer
0x43d288 GetCurrentProcess
0x43d28c DuplicateHandle
0x43d290 SetErrorMode
0x43d294 GetOEMCP
0x43d298 GetCPInfo
0x43d29c GetThreadLocale
0x43d2a0 SizeofResource
0x43d2a4 GetProcessVersion
0x43d2a8 GetCurrentDirectoryA
0x43d2ac WritePrivateProfileStringA
0x43d2b0 GetPrivateProfileStringA
0x43d2b4 GetPrivateProfileIntA
0x43d2b8 GlobalFlags
0x43d2bc TlsGetValue
0x43d2c0 LocalReAlloc
0x43d2c4 TlsSetValue
0x43d2c8 EnterCriticalSection
0x43d2cc GlobalReAlloc
0x43d2d0 LeaveCriticalSection
0x43d2d4 TlsFree
0x43d2d8 GlobalHandle
0x43d2dc DeleteCriticalSection
0x43d2e0 TlsAlloc
0x43d2e4 InitializeCriticalSection
0x43d2e8 LocalFree
0x43d2ec LocalAlloc
0x43d2f0 lstrcpynA
0x43d2f4 GetLastError
0x43d2f8 MulDiv
0x43d2fc SetLastError
0x43d300 MultiByteToWideChar
0x43d304 WideCharToMultiByte
0x43d308 lstrlenA
0x43d30c InterlockedIncrement
0x43d310 InterlockedDecrement
0x43d314 GetVersion
0x43d318 lstrcatA
0x43d31c GlobalGetAtomNameA
0x43d320 GlobalAddAtomA
0x43d324 GlobalFindAtomA
0x43d328 lstrcpyA
0x43d32c GetModuleHandleA
0x43d330 GlobalUnlock
0x43d334 GlobalFree
0x43d338 LockResource
0x43d33c FindResourceA
0x43d340 LoadResource
0x43d344 CreateEventA
0x43d348 SuspendThread
0x43d34c SetThreadPriority
0x43d350 ResumeThread
0x43d354 SetEvent
0x43d358 WaitForSingleObject
0x43d35c GetModuleFileNameA
0x43d360 GlobalLock
0x43d364 GlobalAlloc
0x43d368 GlobalDeleteAtom
0x43d36c lstrcmpA
0x43d370 lstrcmpiA
0x43d374 GetCurrentThread
0x43d378 GetCurrentThreadId
0x43d37c GetFileSize
0x43d380 ReadFile
0x43d384 Sleep
0x43d388 CreateFileA
0x43d38c WriteFile
0x43d390 CloseHandle
0x43d394 FreeLibrary
0x43d398 HeapFree
0x43d39c IsBadReadPtr
0x43d3a0 LoadLibraryA
0x43d3a4 GetProcAddress
0x43d3a8 VirtualFree
0x43d3ac VirtualProtect
0x43d3b0 VirtualAlloc
0x43d3b4 GetProcessHeap
0x43d3b8 UnhandledExceptionFilter
0x43d3bc HeapAlloc
USER32.dll
0x43d480 LoadAcceleratorsA
0x43d484 TranslateAcceleratorA
0x43d488 LoadMenuA
0x43d48c SetMenu
0x43d490 ReuseDDElParam
0x43d494 UnpackDDElParam
0x43d498 InvalidateRect
0x43d49c BringWindowToTop
0x43d4a0 CharUpperA
0x43d4a4 InflateRect
0x43d4a8 RegisterClipboardFormatA
0x43d4ac RemoveMenu
0x43d4b0 wvsprintfA
0x43d4b4 PostThreadMessageA
0x43d4b8 DestroyIcon
0x43d4bc GetSysColor
0x43d4c0 SetFocus
0x43d4c4 AdjustWindowRectEx
0x43d4c8 ScreenToClient
0x43d4cc EqualRect
0x43d4d0 DeferWindowPos
0x43d4d4 BeginDeferWindowPos
0x43d4d8 CopyRect
0x43d4dc EndDeferWindowPos
0x43d4e0 ScrollWindow
0x43d4e4 GetScrollInfo
0x43d4e8 SetScrollInfo
0x43d4ec ShowScrollBar
0x43d4f0 GetScrollRange
0x43d4f4 SetScrollRange
0x43d4f8 GetScrollPos
0x43d4fc SetScrollPos
0x43d500 GetTopWindow
0x43d504 IsChild
0x43d508 GetCapture
0x43d50c WinHelpA
0x43d510 wsprintfA
0x43d514 GetClassInfoA
0x43d518 RegisterClassA
0x43d51c GetMenu
0x43d520 GetMenuItemCount
0x43d524 GetSubMenu
0x43d528 GetMenuItemID
0x43d52c TrackPopupMenu
0x43d530 SetWindowPlacement
0x43d534 GetWindowTextLengthA
0x43d538 GetWindowTextA
0x43d53c GetDlgCtrlID
0x43d540 CreateWindowExA
0x43d544 GetClassLongA
0x43d548 SetPropA
0x43d54c UnhookWindowsHookEx
0x43d550 GetPropA
0x43d554 CallWindowProcA
0x43d558 RemovePropA
0x43d55c DefWindowProcA
0x43d560 GetMessageTime
0x43d564 SetRectEmpty
0x43d568 GetForegroundWindow
0x43d56c GetMenuStringA
0x43d570 SetWindowLongA
0x43d574 RegisterWindowMessageA
0x43d578 OffsetRect
0x43d57c IntersectRect
0x43d580 SystemParametersInfoA
0x43d584 GetWindowPlacement
0x43d588 GetWindowRect
0x43d58c MapDialogRect
0x43d590 SetWindowPos
0x43d594 GetWindow
0x43d598 SetWindowContextHelpId
0x43d59c EndDialog
0x43d5a0 SetActiveWindow
0x43d5a4 IsWindow
0x43d5a8 CreateDialogIndirectParamA
0x43d5ac DestroyWindow
0x43d5b0 GetDialogBaseUnits
0x43d5b4 GetMenuCheckMarkDimensions
0x43d5b8 LoadBitmapA
0x43d5bc GetMenuState
0x43d5c0 ModifyMenuA
0x43d5c4 SetMenuItemBitmaps
0x43d5c8 CheckMenuItem
0x43d5cc EnableMenuItem
0x43d5d0 GetFocus
0x43d5d4 GetNextDlgTabItem
0x43d5d8 GetMessageA
0x43d5dc TranslateMessage
0x43d5e0 DispatchMessageA
0x43d5e4 GetActiveWindow
0x43d5e8 GetKeyState
0x43d5ec CallNextHookEx
0x43d5f0 ValidateRect
0x43d5f4 IsWindowVisible
0x43d5f8 PeekMessageA
0x43d5fc GetCursorPos
0x43d600 EnableWindow
0x43d604 LoadIconA
0x43d608 AppendMenuA
0x43d60c HideCaret
0x43d610 ShowCaret
0x43d614 ExcludeUpdateRgn
0x43d618 DrawFocusRect
0x43d61c DefDlgProcA
0x43d620 SetWindowsHookExA
0x43d624 GetParent
0x43d628 GetLastActivePopup
0x43d62c IsWindowEnabled
0x43d630 GetWindowLongA
0x43d634 MessageBoxA
0x43d638 SetCursor
0x43d63c ShowOwnedPopups
0x43d640 PostQuitMessage
0x43d644 PostMessageA
0x43d648 GetClientRect
0x43d64c IsIconic
0x43d650 DrawIcon
0x43d654 MessageBeep
0x43d658 GetNextDlgGroupItem
0x43d65c SetRect
0x43d660 CopyAcceleratorTableA
0x43d664 GetMessagePos
0x43d668 CharNextA
0x43d66c GetSystemMetrics
0x43d670 SendMessageA
0x43d674 IsWindowUnicode
0x43d678 GetSystemMenu
0x43d67c DeleteMenu
0x43d680 InsertMenuA
0x43d684 PtInRect
0x43d688 GetClassNameA
0x43d68c WindowFromPoint
0x43d690 GetWindowThreadProcessId
0x43d694 GetDesktopWindow
0x43d698 WaitMessage
0x43d69c ReleaseCapture
0x43d6a0 SetCapture
0x43d6a4 LoadCursorA
0x43d6a8 GrayStringA
0x43d6ac DrawTextA
0x43d6b0 TabbedTextOutA
0x43d6b4 EndPaint
0x43d6b8 BeginPaint
0x43d6bc GetWindowDC
0x43d6c0 ReleaseDC
0x43d6c4 GetDC
0x43d6c8 ClientToScreen
0x43d6cc DestroyMenu
0x43d6d0 LoadStringA
0x43d6d4 OemToCharA
0x43d6d8 CharToOemA
0x43d6dc MapWindowPoints
0x43d6e0 MoveWindow
0x43d6e4 SetWindowTextA
0x43d6e8 IsDialogMessageA
0x43d6ec ScrollWindowEx
0x43d6f0 IsDlgButtonChecked
0x43d6f4 SetDlgItemTextA
0x43d6f8 SetDlgItemInt
0x43d6fc GetDlgItemTextA
0x43d700 GetDlgItem
0x43d704 GetSysColorBrush
0x43d708 GetDlgItemInt
0x43d70c CheckRadioButton
0x43d710 CheckDlgButton
0x43d714 UpdateWindow
0x43d718 SetForegroundWindow
0x43d71c SendDlgItemMessageA
0x43d720 ShowWindow
GDI32.dll
0x43d03c SetROP2
0x43d040 SetStretchBltMode
0x43d044 SetMapMode
0x43d048 SetViewportOrgEx
0x43d04c OffsetViewportOrgEx
0x43d050 SetViewportExtEx
0x43d054 ScaleViewportExtEx
0x43d058 SetWindowOrgEx
0x43d05c OffsetWindowOrgEx
0x43d060 SetWindowExtEx
0x43d064 ScaleWindowExtEx
0x43d068 SelectClipRgn
0x43d06c ExcludeClipRect
0x43d070 IntersectClipRect
0x43d074 OffsetClipRgn
0x43d078 MoveToEx
0x43d07c LineTo
0x43d080 SetTextAlign
0x43d084 SetTextJustification
0x43d088 SetTextCharacterExtra
0x43d08c SetMapperFlags
0x43d090 GetCurrentPositionEx
0x43d094 ArcTo
0x43d098 SetArcDirection
0x43d09c PolyDraw
0x43d0a0 PolylineTo
0x43d0a4 SetColorAdjustment
0x43d0a8 PolyBezierTo
0x43d0ac DeleteObject
0x43d0b0 GetClipRgn
0x43d0b4 CreateRectRgn
0x43d0b8 SelectClipPath
0x43d0bc SetPolyFillMode
0x43d0c0 PlayMetaFileRecord
0x43d0c4 GetObjectType
0x43d0c8 EnumMetaFile
0x43d0cc PlayMetaFile
0x43d0d0 GetDeviceCaps
0x43d0d4 GetViewportExtEx
0x43d0d8 GetWindowExtEx
0x43d0dc CreatePen
0x43d0e0 ExtCreatePen
0x43d0e4 CreateSolidBrush
0x43d0e8 CreateHatchBrush
0x43d0ec CreatePatternBrush
0x43d0f0 CreateDIBPatternBrushPt
0x43d0f4 PtVisible
0x43d0f8 RectVisible
0x43d0fc TextOutA
0x43d100 ExtTextOutA
0x43d104 Escape
0x43d108 GetTextExtentPoint32A
0x43d10c GetTextMetricsA
0x43d110 CreateFontIndirectA
0x43d114 GetTextColor
0x43d118 GetBkColor
0x43d11c DPtoLP
0x43d120 LPtoDP
0x43d124 GetMapMode
0x43d128 PatBlt
0x43d12c SetRectRgn
0x43d130 CombineRgn
0x43d134 CreateRectRgnIndirect
0x43d138 CopyMetaFileA
0x43d13c CreateDCA
0x43d140 SetBkMode
0x43d144 SelectPalette
0x43d148 GetStockObject
0x43d14c SelectObject
0x43d150 RestoreDC
0x43d154 SaveDC
0x43d158 StartDocA
0x43d15c DeleteDC
0x43d160 GetObjectA
0x43d164 SetBkColor
0x43d168 SetTextColor
0x43d16c GetClipBox
0x43d170 GetDCOrgEx
0x43d174 ExtSelectClipRgn
0x43d178 CreateDIBitmap
0x43d17c GetTextExtentPointA
0x43d180 BitBlt
0x43d184 CreateCompatibleDC
0x43d188 CreateBitmap
comdlg32.dll
0x43d74c GetSaveFileNameA
0x43d750 GetFileTitleA
0x43d754 GetOpenFileNameA
WINSPOOL.DRV
0x43d73c ClosePrinter
0x43d740 OpenPrinterA
0x43d744 DocumentPropertiesA
ADVAPI32.dll
0x43d000 RegDeleteKeyA
0x43d004 RegCreateKeyA
0x43d008 RegEnumKeyA
0x43d00c RegQueryValueA
0x43d010 RegSetValueA
0x43d014 RegOpenKeyA
0x43d018 RegCloseKey
0x43d01c RegDeleteValueA
0x43d020 RegSetValueExA
0x43d024 RegQueryValueExA
0x43d028 RegOpenKeyExA
0x43d02c RegCreateKeyExA
SHELL32.dll
0x43d468 SHGetFileInfoA
0x43d46c DragQueryFileA
0x43d470 DragFinish
0x43d474 DragAcceptFiles
0x43d478 ExtractIconA
COMCTL32.dll
0x43d034 None
oledlg.dll
0x43d7e8 None
ole32.dll
0x43d764 SetConvertStg
0x43d768 CreateBindCtx
0x43d76c OleDuplicateData
0x43d770 CoFreeUnusedLibraries
0x43d774 OleUninitialize
0x43d778 OleInitialize
0x43d77c CoDisconnectObject
0x43d780 OleRun
0x43d784 WriteFmtUserTypeStg
0x43d788 CoTaskMemAlloc
0x43d78c CoTaskMemFree
0x43d790 CreateILockBytesOnHGlobal
0x43d794 StgCreateDocfileOnILockBytes
0x43d798 StgOpenStorageOnILockBytes
0x43d79c CoGetClassObject
0x43d7a0 CLSIDFromString
0x43d7a4 CLSIDFromProgID
0x43d7a8 OleRegGetUserType
0x43d7ac WriteClassStg
0x43d7b0 ReadFmtUserTypeStg
0x43d7b4 ReadClassStg
0x43d7b8 StringFromCLSID
0x43d7bc CoTreatAsClass
0x43d7c0 ReleaseStgMedium
0x43d7c4 CoRegisterMessageFilter
0x43d7c8 CoRegisterClassObject
0x43d7cc CoRevokeClassObject
0x43d7d0 OleSetClipboard
0x43d7d4 OleFlushClipboard
0x43d7d8 OleIsCurrentClipboard
0x43d7dc CreateStreamOnHGlobal
0x43d7e0 CoCreateInstance
OLEPRO32.DLL
0x43d460 None
OLEAUT32.dll
0x43d3d0 SysAllocStringLen
0x43d3d4 SysFreeString
0x43d3d8 SysReAllocStringLen
0x43d3dc SysAllocString
0x43d3e0 SafeArrayUnaccessData
0x43d3e4 SafeArrayAccessData
0x43d3e8 SafeArrayGetUBound
0x43d3ec SafeArrayGetLBound
0x43d3f0 SafeArrayGetElemsize
0x43d3f4 SafeArrayGetDim
0x43d3f8 SafeArrayCreate
0x43d3fc SafeArrayRedim
0x43d400 SysAllocStringByteLen
0x43d404 SysStringByteLen
0x43d408 VarCyFromStr
0x43d40c VariantClear
0x43d410 VarDateFromStr
0x43d414 VarBstrFromDate
0x43d418 SafeArrayCopy
0x43d41c SafeArrayAllocData
0x43d420 SafeArrayAllocDescriptor
0x43d424 SafeArrayGetElement
0x43d428 SafeArrayPtrOfIndex
0x43d42c SafeArrayPutElement
0x43d430 SafeArrayLock
0x43d434 SafeArrayUnlock
0x43d438 SafeArrayDestroy
0x43d43c SafeArrayDestroyData
0x43d440 SafeArrayDestroyDescriptor
0x43d444 SysStringLen
0x43d448 LoadTypeLib
0x43d44c VariantTimeToSystemTime
0x43d450 VarBstrFromCy
0x43d454 VariantChangeType
0x43d458 VariantCopy
MSVCRT.dll
0x43d3c4 _endthreadex
0x43d3c8 _beginthreadex
imagehlp.dll
0x43d75c MakeSureDirectoryPathExists
WININET.dll
0x43d728 InternetReadFile
0x43d72c InternetOpenUrlA
0x43d730 InternetOpenA
0x43d734 InternetCloseHandle
EAT(Export Address Table) is none
KERNEL32.dll
0x43d190 FormatMessageA
0x43d194 GlobalSize
0x43d198 CopyFileA
0x43d19c HeapReAlloc
0x43d1a0 RtlUnwind
0x43d1a4 GetStartupInfoA
0x43d1a8 GetCommandLineA
0x43d1ac ExitProcess
0x43d1b0 TerminateProcess
0x43d1b4 RaiseException
0x43d1b8 HeapSize
0x43d1bc GetACP
0x43d1c0 GetTimeZoneInformation
0x43d1c4 GetSystemTime
0x43d1c8 GetLocalTime
0x43d1cc IsBadWritePtr
0x43d1d0 GetEnvironmentVariableA
0x43d1d4 GetVersionExA
0x43d1d8 HeapDestroy
0x43d1dc HeapCreate
0x43d1e0 SetFileAttributesA
0x43d1e4 FreeEnvironmentStringsA
0x43d1e8 FreeEnvironmentStringsW
0x43d1ec GetEnvironmentStrings
0x43d1f0 GetEnvironmentStringsW
0x43d1f4 SetHandleCount
0x43d1f8 GetStdHandle
0x43d1fc GetFileType
0x43d200 SetUnhandledExceptionFilter
0x43d204 LCMapStringA
0x43d208 LCMapStringW
0x43d20c GetStringTypeA
0x43d210 GetStringTypeW
0x43d214 IsBadCodePtr
0x43d218 SetConsoleCtrlHandler
0x43d21c SetStdHandle
0x43d220 CompareStringA
0x43d224 CompareStringW
0x43d228 SetEnvironmentVariableA
0x43d22c SetFileTime
0x43d230 SystemTimeToFileTime
0x43d234 LocalFileTimeToFileTime
0x43d238 GetProfileStringA
0x43d23c GetFileTime
0x43d240 GetFileAttributesA
0x43d244 GetTickCount
0x43d248 FileTimeToLocalFileTime
0x43d24c FileTimeToSystemTime
0x43d250 lstrlenW
0x43d254 GetShortPathNameA
0x43d258 GetStringTypeExA
0x43d25c GetFullPathNameA
0x43d260 GetVolumeInformationA
0x43d264 FindFirstFileA
0x43d268 FindClose
0x43d26c DeleteFileA
0x43d270 MoveFileA
0x43d274 SetEndOfFile
0x43d278 UnlockFile
0x43d27c LockFile
0x43d280 FlushFileBuffers
0x43d284 SetFilePointer
0x43d288 GetCurrentProcess
0x43d28c DuplicateHandle
0x43d290 SetErrorMode
0x43d294 GetOEMCP
0x43d298 GetCPInfo
0x43d29c GetThreadLocale
0x43d2a0 SizeofResource
0x43d2a4 GetProcessVersion
0x43d2a8 GetCurrentDirectoryA
0x43d2ac WritePrivateProfileStringA
0x43d2b0 GetPrivateProfileStringA
0x43d2b4 GetPrivateProfileIntA
0x43d2b8 GlobalFlags
0x43d2bc TlsGetValue
0x43d2c0 LocalReAlloc
0x43d2c4 TlsSetValue
0x43d2c8 EnterCriticalSection
0x43d2cc GlobalReAlloc
0x43d2d0 LeaveCriticalSection
0x43d2d4 TlsFree
0x43d2d8 GlobalHandle
0x43d2dc DeleteCriticalSection
0x43d2e0 TlsAlloc
0x43d2e4 InitializeCriticalSection
0x43d2e8 LocalFree
0x43d2ec LocalAlloc
0x43d2f0 lstrcpynA
0x43d2f4 GetLastError
0x43d2f8 MulDiv
0x43d2fc SetLastError
0x43d300 MultiByteToWideChar
0x43d304 WideCharToMultiByte
0x43d308 lstrlenA
0x43d30c InterlockedIncrement
0x43d310 InterlockedDecrement
0x43d314 GetVersion
0x43d318 lstrcatA
0x43d31c GlobalGetAtomNameA
0x43d320 GlobalAddAtomA
0x43d324 GlobalFindAtomA
0x43d328 lstrcpyA
0x43d32c GetModuleHandleA
0x43d330 GlobalUnlock
0x43d334 GlobalFree
0x43d338 LockResource
0x43d33c FindResourceA
0x43d340 LoadResource
0x43d344 CreateEventA
0x43d348 SuspendThread
0x43d34c SetThreadPriority
0x43d350 ResumeThread
0x43d354 SetEvent
0x43d358 WaitForSingleObject
0x43d35c GetModuleFileNameA
0x43d360 GlobalLock
0x43d364 GlobalAlloc
0x43d368 GlobalDeleteAtom
0x43d36c lstrcmpA
0x43d370 lstrcmpiA
0x43d374 GetCurrentThread
0x43d378 GetCurrentThreadId
0x43d37c GetFileSize
0x43d380 ReadFile
0x43d384 Sleep
0x43d388 CreateFileA
0x43d38c WriteFile
0x43d390 CloseHandle
0x43d394 FreeLibrary
0x43d398 HeapFree
0x43d39c IsBadReadPtr
0x43d3a0 LoadLibraryA
0x43d3a4 GetProcAddress
0x43d3a8 VirtualFree
0x43d3ac VirtualProtect
0x43d3b0 VirtualAlloc
0x43d3b4 GetProcessHeap
0x43d3b8 UnhandledExceptionFilter
0x43d3bc HeapAlloc
USER32.dll
0x43d480 LoadAcceleratorsA
0x43d484 TranslateAcceleratorA
0x43d488 LoadMenuA
0x43d48c SetMenu
0x43d490 ReuseDDElParam
0x43d494 UnpackDDElParam
0x43d498 InvalidateRect
0x43d49c BringWindowToTop
0x43d4a0 CharUpperA
0x43d4a4 InflateRect
0x43d4a8 RegisterClipboardFormatA
0x43d4ac RemoveMenu
0x43d4b0 wvsprintfA
0x43d4b4 PostThreadMessageA
0x43d4b8 DestroyIcon
0x43d4bc GetSysColor
0x43d4c0 SetFocus
0x43d4c4 AdjustWindowRectEx
0x43d4c8 ScreenToClient
0x43d4cc EqualRect
0x43d4d0 DeferWindowPos
0x43d4d4 BeginDeferWindowPos
0x43d4d8 CopyRect
0x43d4dc EndDeferWindowPos
0x43d4e0 ScrollWindow
0x43d4e4 GetScrollInfo
0x43d4e8 SetScrollInfo
0x43d4ec ShowScrollBar
0x43d4f0 GetScrollRange
0x43d4f4 SetScrollRange
0x43d4f8 GetScrollPos
0x43d4fc SetScrollPos
0x43d500 GetTopWindow
0x43d504 IsChild
0x43d508 GetCapture
0x43d50c WinHelpA
0x43d510 wsprintfA
0x43d514 GetClassInfoA
0x43d518 RegisterClassA
0x43d51c GetMenu
0x43d520 GetMenuItemCount
0x43d524 GetSubMenu
0x43d528 GetMenuItemID
0x43d52c TrackPopupMenu
0x43d530 SetWindowPlacement
0x43d534 GetWindowTextLengthA
0x43d538 GetWindowTextA
0x43d53c GetDlgCtrlID
0x43d540 CreateWindowExA
0x43d544 GetClassLongA
0x43d548 SetPropA
0x43d54c UnhookWindowsHookEx
0x43d550 GetPropA
0x43d554 CallWindowProcA
0x43d558 RemovePropA
0x43d55c DefWindowProcA
0x43d560 GetMessageTime
0x43d564 SetRectEmpty
0x43d568 GetForegroundWindow
0x43d56c GetMenuStringA
0x43d570 SetWindowLongA
0x43d574 RegisterWindowMessageA
0x43d578 OffsetRect
0x43d57c IntersectRect
0x43d580 SystemParametersInfoA
0x43d584 GetWindowPlacement
0x43d588 GetWindowRect
0x43d58c MapDialogRect
0x43d590 SetWindowPos
0x43d594 GetWindow
0x43d598 SetWindowContextHelpId
0x43d59c EndDialog
0x43d5a0 SetActiveWindow
0x43d5a4 IsWindow
0x43d5a8 CreateDialogIndirectParamA
0x43d5ac DestroyWindow
0x43d5b0 GetDialogBaseUnits
0x43d5b4 GetMenuCheckMarkDimensions
0x43d5b8 LoadBitmapA
0x43d5bc GetMenuState
0x43d5c0 ModifyMenuA
0x43d5c4 SetMenuItemBitmaps
0x43d5c8 CheckMenuItem
0x43d5cc EnableMenuItem
0x43d5d0 GetFocus
0x43d5d4 GetNextDlgTabItem
0x43d5d8 GetMessageA
0x43d5dc TranslateMessage
0x43d5e0 DispatchMessageA
0x43d5e4 GetActiveWindow
0x43d5e8 GetKeyState
0x43d5ec CallNextHookEx
0x43d5f0 ValidateRect
0x43d5f4 IsWindowVisible
0x43d5f8 PeekMessageA
0x43d5fc GetCursorPos
0x43d600 EnableWindow
0x43d604 LoadIconA
0x43d608 AppendMenuA
0x43d60c HideCaret
0x43d610 ShowCaret
0x43d614 ExcludeUpdateRgn
0x43d618 DrawFocusRect
0x43d61c DefDlgProcA
0x43d620 SetWindowsHookExA
0x43d624 GetParent
0x43d628 GetLastActivePopup
0x43d62c IsWindowEnabled
0x43d630 GetWindowLongA
0x43d634 MessageBoxA
0x43d638 SetCursor
0x43d63c ShowOwnedPopups
0x43d640 PostQuitMessage
0x43d644 PostMessageA
0x43d648 GetClientRect
0x43d64c IsIconic
0x43d650 DrawIcon
0x43d654 MessageBeep
0x43d658 GetNextDlgGroupItem
0x43d65c SetRect
0x43d660 CopyAcceleratorTableA
0x43d664 GetMessagePos
0x43d668 CharNextA
0x43d66c GetSystemMetrics
0x43d670 SendMessageA
0x43d674 IsWindowUnicode
0x43d678 GetSystemMenu
0x43d67c DeleteMenu
0x43d680 InsertMenuA
0x43d684 PtInRect
0x43d688 GetClassNameA
0x43d68c WindowFromPoint
0x43d690 GetWindowThreadProcessId
0x43d694 GetDesktopWindow
0x43d698 WaitMessage
0x43d69c ReleaseCapture
0x43d6a0 SetCapture
0x43d6a4 LoadCursorA
0x43d6a8 GrayStringA
0x43d6ac DrawTextA
0x43d6b0 TabbedTextOutA
0x43d6b4 EndPaint
0x43d6b8 BeginPaint
0x43d6bc GetWindowDC
0x43d6c0 ReleaseDC
0x43d6c4 GetDC
0x43d6c8 ClientToScreen
0x43d6cc DestroyMenu
0x43d6d0 LoadStringA
0x43d6d4 OemToCharA
0x43d6d8 CharToOemA
0x43d6dc MapWindowPoints
0x43d6e0 MoveWindow
0x43d6e4 SetWindowTextA
0x43d6e8 IsDialogMessageA
0x43d6ec ScrollWindowEx
0x43d6f0 IsDlgButtonChecked
0x43d6f4 SetDlgItemTextA
0x43d6f8 SetDlgItemInt
0x43d6fc GetDlgItemTextA
0x43d700 GetDlgItem
0x43d704 GetSysColorBrush
0x43d708 GetDlgItemInt
0x43d70c CheckRadioButton
0x43d710 CheckDlgButton
0x43d714 UpdateWindow
0x43d718 SetForegroundWindow
0x43d71c SendDlgItemMessageA
0x43d720 ShowWindow
GDI32.dll
0x43d03c SetROP2
0x43d040 SetStretchBltMode
0x43d044 SetMapMode
0x43d048 SetViewportOrgEx
0x43d04c OffsetViewportOrgEx
0x43d050 SetViewportExtEx
0x43d054 ScaleViewportExtEx
0x43d058 SetWindowOrgEx
0x43d05c OffsetWindowOrgEx
0x43d060 SetWindowExtEx
0x43d064 ScaleWindowExtEx
0x43d068 SelectClipRgn
0x43d06c ExcludeClipRect
0x43d070 IntersectClipRect
0x43d074 OffsetClipRgn
0x43d078 MoveToEx
0x43d07c LineTo
0x43d080 SetTextAlign
0x43d084 SetTextJustification
0x43d088 SetTextCharacterExtra
0x43d08c SetMapperFlags
0x43d090 GetCurrentPositionEx
0x43d094 ArcTo
0x43d098 SetArcDirection
0x43d09c PolyDraw
0x43d0a0 PolylineTo
0x43d0a4 SetColorAdjustment
0x43d0a8 PolyBezierTo
0x43d0ac DeleteObject
0x43d0b0 GetClipRgn
0x43d0b4 CreateRectRgn
0x43d0b8 SelectClipPath
0x43d0bc SetPolyFillMode
0x43d0c0 PlayMetaFileRecord
0x43d0c4 GetObjectType
0x43d0c8 EnumMetaFile
0x43d0cc PlayMetaFile
0x43d0d0 GetDeviceCaps
0x43d0d4 GetViewportExtEx
0x43d0d8 GetWindowExtEx
0x43d0dc CreatePen
0x43d0e0 ExtCreatePen
0x43d0e4 CreateSolidBrush
0x43d0e8 CreateHatchBrush
0x43d0ec CreatePatternBrush
0x43d0f0 CreateDIBPatternBrushPt
0x43d0f4 PtVisible
0x43d0f8 RectVisible
0x43d0fc TextOutA
0x43d100 ExtTextOutA
0x43d104 Escape
0x43d108 GetTextExtentPoint32A
0x43d10c GetTextMetricsA
0x43d110 CreateFontIndirectA
0x43d114 GetTextColor
0x43d118 GetBkColor
0x43d11c DPtoLP
0x43d120 LPtoDP
0x43d124 GetMapMode
0x43d128 PatBlt
0x43d12c SetRectRgn
0x43d130 CombineRgn
0x43d134 CreateRectRgnIndirect
0x43d138 CopyMetaFileA
0x43d13c CreateDCA
0x43d140 SetBkMode
0x43d144 SelectPalette
0x43d148 GetStockObject
0x43d14c SelectObject
0x43d150 RestoreDC
0x43d154 SaveDC
0x43d158 StartDocA
0x43d15c DeleteDC
0x43d160 GetObjectA
0x43d164 SetBkColor
0x43d168 SetTextColor
0x43d16c GetClipBox
0x43d170 GetDCOrgEx
0x43d174 ExtSelectClipRgn
0x43d178 CreateDIBitmap
0x43d17c GetTextExtentPointA
0x43d180 BitBlt
0x43d184 CreateCompatibleDC
0x43d188 CreateBitmap
comdlg32.dll
0x43d74c GetSaveFileNameA
0x43d750 GetFileTitleA
0x43d754 GetOpenFileNameA
WINSPOOL.DRV
0x43d73c ClosePrinter
0x43d740 OpenPrinterA
0x43d744 DocumentPropertiesA
ADVAPI32.dll
0x43d000 RegDeleteKeyA
0x43d004 RegCreateKeyA
0x43d008 RegEnumKeyA
0x43d00c RegQueryValueA
0x43d010 RegSetValueA
0x43d014 RegOpenKeyA
0x43d018 RegCloseKey
0x43d01c RegDeleteValueA
0x43d020 RegSetValueExA
0x43d024 RegQueryValueExA
0x43d028 RegOpenKeyExA
0x43d02c RegCreateKeyExA
SHELL32.dll
0x43d468 SHGetFileInfoA
0x43d46c DragQueryFileA
0x43d470 DragFinish
0x43d474 DragAcceptFiles
0x43d478 ExtractIconA
COMCTL32.dll
0x43d034 None
oledlg.dll
0x43d7e8 None
ole32.dll
0x43d764 SetConvertStg
0x43d768 CreateBindCtx
0x43d76c OleDuplicateData
0x43d770 CoFreeUnusedLibraries
0x43d774 OleUninitialize
0x43d778 OleInitialize
0x43d77c CoDisconnectObject
0x43d780 OleRun
0x43d784 WriteFmtUserTypeStg
0x43d788 CoTaskMemAlloc
0x43d78c CoTaskMemFree
0x43d790 CreateILockBytesOnHGlobal
0x43d794 StgCreateDocfileOnILockBytes
0x43d798 StgOpenStorageOnILockBytes
0x43d79c CoGetClassObject
0x43d7a0 CLSIDFromString
0x43d7a4 CLSIDFromProgID
0x43d7a8 OleRegGetUserType
0x43d7ac WriteClassStg
0x43d7b0 ReadFmtUserTypeStg
0x43d7b4 ReadClassStg
0x43d7b8 StringFromCLSID
0x43d7bc CoTreatAsClass
0x43d7c0 ReleaseStgMedium
0x43d7c4 CoRegisterMessageFilter
0x43d7c8 CoRegisterClassObject
0x43d7cc CoRevokeClassObject
0x43d7d0 OleSetClipboard
0x43d7d4 OleFlushClipboard
0x43d7d8 OleIsCurrentClipboard
0x43d7dc CreateStreamOnHGlobal
0x43d7e0 CoCreateInstance
OLEPRO32.DLL
0x43d460 None
OLEAUT32.dll
0x43d3d0 SysAllocStringLen
0x43d3d4 SysFreeString
0x43d3d8 SysReAllocStringLen
0x43d3dc SysAllocString
0x43d3e0 SafeArrayUnaccessData
0x43d3e4 SafeArrayAccessData
0x43d3e8 SafeArrayGetUBound
0x43d3ec SafeArrayGetLBound
0x43d3f0 SafeArrayGetElemsize
0x43d3f4 SafeArrayGetDim
0x43d3f8 SafeArrayCreate
0x43d3fc SafeArrayRedim
0x43d400 SysAllocStringByteLen
0x43d404 SysStringByteLen
0x43d408 VarCyFromStr
0x43d40c VariantClear
0x43d410 VarDateFromStr
0x43d414 VarBstrFromDate
0x43d418 SafeArrayCopy
0x43d41c SafeArrayAllocData
0x43d420 SafeArrayAllocDescriptor
0x43d424 SafeArrayGetElement
0x43d428 SafeArrayPtrOfIndex
0x43d42c SafeArrayPutElement
0x43d430 SafeArrayLock
0x43d434 SafeArrayUnlock
0x43d438 SafeArrayDestroy
0x43d43c SafeArrayDestroyData
0x43d440 SafeArrayDestroyDescriptor
0x43d444 SysStringLen
0x43d448 LoadTypeLib
0x43d44c VariantTimeToSystemTime
0x43d450 VarBstrFromCy
0x43d454 VariantChangeType
0x43d458 VariantCopy
MSVCRT.dll
0x43d3c4 _endthreadex
0x43d3c8 _beginthreadex
imagehlp.dll
0x43d75c MakeSureDirectoryPathExists
WININET.dll
0x43d728 InternetReadFile
0x43d72c InternetOpenUrlA
0x43d730 InternetOpenA
0x43d734 InternetCloseHandle
EAT(Export Address Table) is none