ScreenShot
| Created | 2021.08.18 09:44 | Machine | s1_win7_x6402 |
| Filename | Has US policy toward the Palestinian cause changed pdf.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 38 detected (Bobik, GenericKD, Micropsia, TrojanX, TFAN, Attribute, HighConfidence, Delf, Malicious, Generic@ML, RDML, HvCQDca, EftVryz2UGC45g, Siggen2, R011C0WHE21, xjhlz, ai score=83, kcloud, Tiggre, Artemis, TScope, susgen, GdSda, HgIASaMA) | ||
| md5 | 5711989af8510851baf4fec63d67d1e3 | ||
| sha256 | 9e8f02051b24719f3f3382ebefeea17fcadf989f3cf155a81b25eaafe1a2d102 | ||
| ssdeep | 49152:snnKhl7OrJv21vo5esN14SAzk6utURvyNoH8T3UwnedLyXh+JcNa9ERLWb9mej1a:se0JO1vo5ebPRv8n5X4uU9seqGhs | ||
| imphash | c7778a7df15e7c4fcda955e30303ce4a | ||
| impfuzzy | 192:NcdqJUu5dVYTexCWTOwI7ueQTO7uNjv4DxITFgsTmw/yoO:NcEhPTOGeQTOUv4DxIpHSw7O | ||
Network IP location
Signature (23cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 38 AntiVirus engines on VirusTotal as malicious |
| watch | Executes one or more WMI queries |
| watch | One or more non-whitelisted processes were created |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates (office) documents on the filesystem |
| notice | Creates a shortcut to an executable file |
| notice | Creates executable files on the filesystem |
| notice | Queries for potentially installed applications |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Uses Windows utilities for basic Windows functionality |
| info | Checks if process is being debugged by a debugger |
| info | Collects information to fingerprint the system (MachineGuid |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | Tries to locate where the browsers are installed |
Rules (9cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | PDF_Format_Z | PDF Format | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | Lnk_Format_Zero | LNK Format | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
winspool.drv
0x6f594c DocumentPropertiesW
0x6f5950 ClosePrinter
0x6f5954 OpenPrinterW
0x6f5958 GetDefaultPrinterW
0x6f595c EnumPrintersW
comctl32.dll
0x6f5964 ImageList_GetImageInfo
0x6f5968 FlatSB_SetScrollInfo
0x6f596c ImageList_DragMove
0x6f5970 ImageList_Destroy
0x6f5974 _TrackMouseEvent
0x6f5978 ImageList_DragShowNolock
0x6f597c ImageList_Add
0x6f5980 FlatSB_SetScrollProp
0x6f5984 ImageList_GetDragImage
0x6f5988 ImageList_Create
0x6f598c ImageList_EndDrag
0x6f5990 ImageList_DrawEx
0x6f5994 ImageList_SetImageCount
0x6f5998 FlatSB_GetScrollPos
0x6f599c FlatSB_SetScrollPos
0x6f59a0 InitializeFlatSB
0x6f59a4 ImageList_Copy
0x6f59a8 FlatSB_GetScrollInfo
0x6f59ac ImageList_Write
0x6f59b0 ImageList_DrawIndirect
0x6f59b4 ImageList_SetBkColor
0x6f59b8 ImageList_GetBkColor
0x6f59bc ImageList_BeginDrag
0x6f59c0 ImageList_GetIcon
0x6f59c4 ImageList_Replace
0x6f59c8 ImageList_GetImageCount
0x6f59cc ImageList_DragEnter
0x6f59d0 ImageList_GetIconSize
0x6f59d4 ImageList_SetIconSize
0x6f59d8 ImageList_Read
0x6f59dc ImageList_DragLeave
0x6f59e0 ImageList_LoadImageW
0x6f59e4 ImageList_Draw
0x6f59e8 ImageList_Remove
0x6f59ec ImageList_ReplaceIcon
0x6f59f0 ImageList_SetOverlayImage
shell32.dll
0x6f59f8 SHGetSpecialFolderLocation
0x6f59fc Shell_NotifyIconW
0x6f5a00 ShellExecuteW
0x6f5a04 SHGetPathFromIDListW
user32.dll
0x6f5a0c CopyImage
0x6f5a10 CreateWindowExW
0x6f5a14 GetMenuItemInfoW
0x6f5a18 SetMenuItemInfoW
0x6f5a1c DefFrameProcW
0x6f5a20 GetDCEx
0x6f5a24 PeekMessageW
0x6f5a28 MonitorFromWindow
0x6f5a2c GetDlgCtrlID
0x6f5a30 GetUpdateRect
0x6f5a34 SetTimer
0x6f5a38 WindowFromPoint
0x6f5a3c BeginPaint
0x6f5a40 RegisterClipboardFormatW
0x6f5a44 FrameRect
0x6f5a48 MapVirtualKeyW
0x6f5a4c IsWindowUnicode
0x6f5a50 RegisterWindowMessageW
0x6f5a54 FillRect
0x6f5a58 GetMenuStringW
0x6f5a5c DispatchMessageW
0x6f5a60 CreateAcceleratorTableW
0x6f5a64 SendMessageA
0x6f5a68 DefMDIChildProcW
0x6f5a6c EnumWindows
0x6f5a70 GetClassInfoW
0x6f5a74 ShowOwnedPopups
0x6f5a78 GetSystemMenu
0x6f5a7c GetScrollRange
0x6f5a80 SetScrollPos
0x6f5a84 GetScrollPos
0x6f5a88 GetActiveWindow
0x6f5a8c SetActiveWindow
0x6f5a90 DrawEdge
0x6f5a94 GetKeyboardLayoutList
0x6f5a98 LoadBitmapW
0x6f5a9c DrawFocusRect
0x6f5aa0 EnumChildWindows
0x6f5aa4 GetScrollBarInfo
0x6f5aa8 ReleaseCapture
0x6f5aac UnhookWindowsHookEx
0x6f5ab0 LoadCursorW
0x6f5ab4 GetCapture
0x6f5ab8 SetCapture
0x6f5abc CreatePopupMenu
0x6f5ac0 ScrollWindow
0x6f5ac4 ShowCaret
0x6f5ac8 GetMenuItemID
0x6f5acc GetLastActivePopup
0x6f5ad0 CharLowerBuffW
0x6f5ad4 GetSystemMetrics
0x6f5ad8 SetWindowLongW
0x6f5adc PostMessageW
0x6f5ae0 DrawMenuBar
0x6f5ae4 SetParent
0x6f5ae8 IsZoomed
0x6f5aec CharUpperBuffW
0x6f5af0 GetClientRect
0x6f5af4 IsChild
0x6f5af8 ClientToScreen
0x6f5afc GetClipboardData
0x6f5b00 SetClipboardData
0x6f5b04 SetWindowPlacement
0x6f5b08 IsIconic
0x6f5b0c CallNextHookEx
0x6f5b10 GetMonitorInfoW
0x6f5b14 ShowWindow
0x6f5b18 CheckMenuItem
0x6f5b1c CharUpperW
0x6f5b20 DefWindowProcW
0x6f5b24 GetForegroundWindow
0x6f5b28 SetForegroundWindow
0x6f5b2c GetWindowTextW
0x6f5b30 EnableWindow
0x6f5b34 DestroyWindow
0x6f5b38 IsDialogMessageW
0x6f5b3c EndMenu
0x6f5b40 RegisterClassW
0x6f5b44 CharNextW
0x6f5b48 GetWindowThreadProcessId
0x6f5b4c RedrawWindow
0x6f5b50 GetDC
0x6f5b54 GetFocus
0x6f5b58 SetFocus
0x6f5b5c EndPaint
0x6f5b60 ReleaseDC
0x6f5b64 MsgWaitForMultipleObjectsEx
0x6f5b68 LoadKeyboardLayoutW
0x6f5b6c GetClassLongW
0x6f5b70 ActivateKeyboardLayout
0x6f5b74 GetParent
0x6f5b78 DrawTextW
0x6f5b7c SetScrollRange
0x6f5b80 MonitorFromRect
0x6f5b84 InsertMenuItemW
0x6f5b88 PeekMessageA
0x6f5b8c GetPropW
0x6f5b90 SetClassLongW
0x6f5b94 MessageBoxW
0x6f5b98 MessageBeep
0x6f5b9c SetPropW
0x6f5ba0 RemovePropW
0x6f5ba4 UpdateWindow
0x6f5ba8 GetSubMenu
0x6f5bac MsgWaitForMultipleObjects
0x6f5bb0 DestroyMenu
0x6f5bb4 DestroyIcon
0x6f5bb8 SetWindowsHookExW
0x6f5bbc EmptyClipboard
0x6f5bc0 IsWindowVisible
0x6f5bc4 DispatchMessageA
0x6f5bc8 UnregisterClassW
0x6f5bcc GetTopWindow
0x6f5bd0 SendMessageW
0x6f5bd4 AdjustWindowRectEx
0x6f5bd8 DrawIcon
0x6f5bdc IsWindow
0x6f5be0 EnumThreadWindows
0x6f5be4 InvalidateRect
0x6f5be8 GetKeyboardState
0x6f5bec DrawFrameControl
0x6f5bf0 ScreenToClient
0x6f5bf4 SetCursor
0x6f5bf8 CreateIcon
0x6f5bfc CreateMenu
0x6f5c00 LoadStringW
0x6f5c04 CharLowerW
0x6f5c08 SetWindowRgn
0x6f5c0c SetWindowPos
0x6f5c10 GetMenuItemCount
0x6f5c14 RemoveMenu
0x6f5c18 GetSysColorBrush
0x6f5c1c GetKeyboardLayoutNameW
0x6f5c20 GetWindowDC
0x6f5c24 TranslateMessage
0x6f5c28 OpenClipboard
0x6f5c2c DrawTextExW
0x6f5c30 MapWindowPoints
0x6f5c34 EnumDisplayMonitors
0x6f5c38 CallWindowProcW
0x6f5c3c CloseClipboard
0x6f5c40 DestroyCursor
0x6f5c44 GetScrollInfo
0x6f5c48 SetWindowTextW
0x6f5c4c GetMessageExtraInfo
0x6f5c50 EnableScrollBar
0x6f5c54 GetSysColor
0x6f5c58 TrackPopupMenu
0x6f5c5c CopyIcon
0x6f5c60 DrawIconEx
0x6f5c64 PostQuitMessage
0x6f5c68 GetClassNameW
0x6f5c6c ShowScrollBar
0x6f5c70 EnableMenuItem
0x6f5c74 GetIconInfo
0x6f5c78 GetMessagePos
0x6f5c7c SetScrollInfo
0x6f5c80 GetKeyNameTextW
0x6f5c84 GetDesktopWindow
0x6f5c88 GetCursorPos
0x6f5c8c SetCursorPos
0x6f5c90 HideCaret
0x6f5c94 GetMenu
0x6f5c98 GetMenuState
0x6f5c9c SetMenu
0x6f5ca0 SetRect
0x6f5ca4 GetKeyState
0x6f5ca8 FindWindowExW
0x6f5cac MonitorFromPoint
0x6f5cb0 SystemParametersInfoW
0x6f5cb4 LoadIconW
0x6f5cb8 GetCursor
0x6f5cbc GetWindow
0x6f5cc0 GetWindowLongW
0x6f5cc4 GetWindowRect
0x6f5cc8 InsertMenuW
0x6f5ccc KillTimer
0x6f5cd0 WaitMessage
0x6f5cd4 IsWindowEnabled
0x6f5cd8 IsDialogMessageA
0x6f5cdc TranslateMDISysAccel
0x6f5ce0 GetWindowPlacement
0x6f5ce4 CreateIconIndirect
0x6f5ce8 FindWindowW
0x6f5cec DeleteMenu
0x6f5cf0 GetKeyboardLayout
version.dll
0x6f5cf8 GetFileVersionInfoSizeW
0x6f5cfc VerQueryValueW
0x6f5d00 GetFileVersionInfoW
oleaut32.dll
0x6f5d08 GetErrorInfo
0x6f5d0c SysFreeString
0x6f5d10 VariantClear
0x6f5d14 VariantInit
0x6f5d18 SysReAllocStringLen
0x6f5d1c SafeArrayCreate
0x6f5d20 SafeArrayGetElement
0x6f5d24 SysAllocStringLen
0x6f5d28 SafeArrayPtrOfIndex
0x6f5d2c SafeArrayGetUBound
0x6f5d30 SafeArrayGetLBound
0x6f5d34 VariantCopy
0x6f5d38 VariantChangeType
advapi32.dll
0x6f5d40 RegSetValueExW
0x6f5d44 RegConnectRegistryW
0x6f5d48 RegEnumKeyExW
0x6f5d4c RegLoadKeyW
0x6f5d50 RegDeleteKeyW
0x6f5d54 RegOpenKeyExW
0x6f5d58 RegQueryInfoKeyW
0x6f5d5c RegUnLoadKeyW
0x6f5d60 RegSaveKeyW
0x6f5d64 RegDeleteValueW
0x6f5d68 RegReplaceKeyW
0x6f5d6c RegFlushKey
0x6f5d70 RegQueryValueExW
0x6f5d74 RegEnumValueW
0x6f5d78 RegCloseKey
0x6f5d7c RegCreateKeyExW
0x6f5d80 RegRestoreKeyW
netapi32.dll
0x6f5d88 NetWkstaGetInfo
0x6f5d8c NetApiBufferFree
msvcrt.dll
0x6f5d94 memcpy
0x6f5d98 memset
winhttp.dll
0x6f5da0 WinHttpGetIEProxyConfigForCurrentUser
0x6f5da4 WinHttpSetTimeouts
0x6f5da8 WinHttpSetStatusCallback
0x6f5dac WinHttpConnect
0x6f5db0 WinHttpReceiveResponse
0x6f5db4 WinHttpQueryAuthSchemes
0x6f5db8 WinHttpGetProxyForUrl
0x6f5dbc WinHttpReadData
0x6f5dc0 WinHttpCloseHandle
0x6f5dc4 WinHttpQueryHeaders
0x6f5dc8 WinHttpOpenRequest
0x6f5dcc WinHttpAddRequestHeaders
0x6f5dd0 WinHttpOpen
0x6f5dd4 WinHttpWriteData
0x6f5dd8 WinHttpSetCredentials
0x6f5ddc WinHttpQueryDataAvailable
0x6f5de0 WinHttpSetOption
0x6f5de4 WinHttpSendRequest
0x6f5de8 WinHttpQueryOption
kernel32.dll
0x6f5df0 GetACP
0x6f5df4 LocalFree
0x6f5df8 CloseHandle
0x6f5dfc GetCurrentProcessId
0x6f5e00 SizeofResource
0x6f5e04 VirtualProtect
0x6f5e08 TerminateThread
0x6f5e0c QueryPerformanceFrequency
0x6f5e10 IsDebuggerPresent
0x6f5e14 VirtualFree
0x6f5e18 GetFullPathNameW
0x6f5e1c ExitProcess
0x6f5e20 HeapAlloc
0x6f5e24 GetCPInfoExW
0x6f5e28 RtlUnwind
0x6f5e2c GetCPInfo
0x6f5e30 EnumSystemLocalesW
0x6f5e34 GetStdHandle
0x6f5e38 GetTimeZoneInformation
0x6f5e3c GetModuleHandleW
0x6f5e40 FreeLibrary
0x6f5e44 TryEnterCriticalSection
0x6f5e48 HeapDestroy
0x6f5e4c ReadFile
0x6f5e50 CreateProcessW
0x6f5e54 GetLastError
0x6f5e58 GetModuleFileNameW
0x6f5e5c SetLastError
0x6f5e60 GlobalAlloc
0x6f5e64 GlobalUnlock
0x6f5e68 FindResourceW
0x6f5e6c CreateThread
0x6f5e70 CompareStringW
0x6f5e74 CreateMutexW
0x6f5e78 LoadLibraryA
0x6f5e7c ResetEvent
0x6f5e80 MulDiv
0x6f5e84 FreeResource
0x6f5e88 GetVersion
0x6f5e8c RaiseException
0x6f5e90 MoveFileW
0x6f5e94 GlobalAddAtomW
0x6f5e98 FormatMessageW
0x6f5e9c SwitchToThread
0x6f5ea0 GetExitCodeThread
0x6f5ea4 GetCurrentThread
0x6f5ea8 LoadLibraryExW
0x6f5eac LockResource
0x6f5eb0 FileTimeToSystemTime
0x6f5eb4 GetCurrentThreadId
0x6f5eb8 UnhandledExceptionFilter
0x6f5ebc VirtualQuery
0x6f5ec0 GlobalFindAtomW
0x6f5ec4 VirtualQueryEx
0x6f5ec8 GlobalFree
0x6f5ecc Sleep
0x6f5ed0 EnterCriticalSection
0x6f5ed4 SetFilePointer
0x6f5ed8 LoadResource
0x6f5edc SuspendThread
0x6f5ee0 GetTickCount
0x6f5ee4 GetStartupInfoW
0x6f5ee8 GlobalDeleteAtom
0x6f5eec GetFileAttributesW
0x6f5ef0 InitializeCriticalSection
0x6f5ef4 GetThreadPriority
0x6f5ef8 GetCurrentProcess
0x6f5efc SetThreadPriority
0x6f5f00 GlobalLock
0x6f5f04 VirtualAlloc
0x6f5f08 GetSystemInfo
0x6f5f0c GetCommandLineW
0x6f5f10 LeaveCriticalSection
0x6f5f14 GetProcAddress
0x6f5f18 ResumeThread
0x6f5f1c GetVersionExW
0x6f5f20 VerifyVersionInfoW
0x6f5f24 HeapCreate
0x6f5f28 LCMapStringW
0x6f5f2c GetDiskFreeSpaceW
0x6f5f30 VerSetConditionMask
0x6f5f34 FindFirstFileW
0x6f5f38 GetUserDefaultUILanguage
0x6f5f3c lstrlenW
0x6f5f40 QueryPerformanceCounter
0x6f5f44 SetEndOfFile
0x6f5f48 HeapFree
0x6f5f4c WideCharToMultiByte
0x6f5f50 FindClose
0x6f5f54 MultiByteToWideChar
0x6f5f58 LoadLibraryW
0x6f5f5c SetEvent
0x6f5f60 CreateFileW
0x6f5f64 GetLocaleInfoW
0x6f5f68 EnumResourceNamesW
0x6f5f6c DeleteFileW
0x6f5f70 GetLocalTime
0x6f5f74 GetEnvironmentVariableW
0x6f5f78 WaitForSingleObject
0x6f5f7c WriteFile
0x6f5f80 ExitThread
0x6f5f84 CreatePipe
0x6f5f88 DeleteCriticalSection
0x6f5f8c GetDateFormatW
0x6f5f90 TlsGetValue
0x6f5f94 SetErrorMode
0x6f5f98 IsValidLocale
0x6f5f9c TlsSetValue
0x6f5fa0 CreateDirectoryW
0x6f5fa4 GetSystemDefaultUILanguage
0x6f5fa8 EnumCalendarInfoW
0x6f5fac LocalAlloc
0x6f5fb0 RemoveDirectoryW
0x6f5fb4 CreateEventW
0x6f5fb8 WaitForMultipleObjectsEx
0x6f5fbc SetThreadLocale
0x6f5fc0 GetThreadLocale
ole32.dll
0x6f5fc8 IsEqualGUID
0x6f5fcc OleInitialize
0x6f5fd0 CreateBindCtx
0x6f5fd4 OleUninitialize
0x6f5fd8 MkParseDisplayName
0x6f5fdc CoInitialize
0x6f5fe0 CoCreateInstance
0x6f5fe4 CoUninitialize
0x6f5fe8 CoTaskMemFree
0x6f5fec CoTaskMemAlloc
0x6f5ff0 StringFromCLSID
gdi32.dll
0x6f5ff8 Pie
0x6f5ffc SetBkMode
0x6f6000 CreateCompatibleBitmap
0x6f6004 GetEnhMetaFileHeader
0x6f6008 RectVisible
0x6f600c AngleArc
0x6f6010 SetAbortProc
0x6f6014 SetTextColor
0x6f6018 StretchBlt
0x6f601c RoundRect
0x6f6020 RestoreDC
0x6f6024 SetRectRgn
0x6f6028 GetTextMetricsW
0x6f602c GetWindowOrgEx
0x6f6030 CreatePalette
0x6f6034 PolyBezierTo
0x6f6038 CreateICW
0x6f603c CreateDCW
0x6f6040 GetStockObject
0x6f6044 CreateSolidBrush
0x6f6048 Polygon
0x6f604c MoveToEx
0x6f6050 PlayEnhMetaFile
0x6f6054 Ellipse
0x6f6058 StartPage
0x6f605c GetBitmapBits
0x6f6060 StartDocW
0x6f6064 AbortDoc
0x6f6068 GetSystemPaletteEntries
0x6f606c GetEnhMetaFileBits
0x6f6070 GetEnhMetaFilePaletteEntries
0x6f6074 CreatePenIndirect
0x6f6078 SetMapMode
0x6f607c CreateFontIndirectW
0x6f6080 PolyBezier
0x6f6084 EndDoc
0x6f6088 GetObjectW
0x6f608c GetWinMetaFileBits
0x6f6090 SetROP2
0x6f6094 GetEnhMetaFileDescriptionW
0x6f6098 ArcTo
0x6f609c Arc
0x6f60a0 SelectPalette
0x6f60a4 ExcludeClipRect
0x6f60a8 MaskBlt
0x6f60ac SetWindowOrgEx
0x6f60b0 EndPage
0x6f60b4 DeleteEnhMetaFile
0x6f60b8 Chord
0x6f60bc SetDIBits
0x6f60c0 SetViewportOrgEx
0x6f60c4 CreateRectRgn
0x6f60c8 RealizePalette
0x6f60cc SetDIBColorTable
0x6f60d0 GetDIBColorTable
0x6f60d4 CreateBrushIndirect
0x6f60d8 PatBlt
0x6f60dc SetEnhMetaFileBits
0x6f60e0 Rectangle
0x6f60e4 SaveDC
0x6f60e8 DeleteDC
0x6f60ec FrameRgn
0x6f60f0 BitBlt
0x6f60f4 GetDeviceCaps
0x6f60f8 GetTextExtentPoint32W
0x6f60fc GetClipBox
0x6f6100 IntersectClipRect
0x6f6104 Polyline
0x6f6108 CreateBitmap
0x6f610c SetWinMetaFileBits
0x6f6110 GetStretchBltMode
0x6f6114 CreateDIBitmap
0x6f6118 SetStretchBltMode
0x6f611c GetDIBits
0x6f6120 CreateDIBSection
0x6f6124 LineTo
0x6f6128 GetRgnBox
0x6f612c EnumFontsW
0x6f6130 CreateHalftonePalette
0x6f6134 SelectObject
0x6f6138 DeleteObject
0x6f613c ExtFloodFill
0x6f6140 UnrealizeObject
0x6f6144 CopyEnhMetaFileW
0x6f6148 SetBkColor
0x6f614c CreateCompatibleDC
0x6f6150 GetBrushOrgEx
0x6f6154 GetCurrentPositionEx
0x6f6158 GetTextExtentPointW
0x6f615c ExtTextOutW
0x6f6160 SetBrushOrgEx
0x6f6164 GetPixel
0x6f6168 GdiFlush
0x6f616c SetPixel
0x6f6170 EnumFontFamiliesExW
0x6f6174 StretchDIBits
0x6f6178 GetPaletteEntries
EAT(Export Address Table) Library
0x4e0fa0 TMethodImplementationIntercept
0x4113dc __dbk_fcall_wrapper
0x6f1640 dbkFCallWrapperAddr
winspool.drv
0x6f594c DocumentPropertiesW
0x6f5950 ClosePrinter
0x6f5954 OpenPrinterW
0x6f5958 GetDefaultPrinterW
0x6f595c EnumPrintersW
comctl32.dll
0x6f5964 ImageList_GetImageInfo
0x6f5968 FlatSB_SetScrollInfo
0x6f596c ImageList_DragMove
0x6f5970 ImageList_Destroy
0x6f5974 _TrackMouseEvent
0x6f5978 ImageList_DragShowNolock
0x6f597c ImageList_Add
0x6f5980 FlatSB_SetScrollProp
0x6f5984 ImageList_GetDragImage
0x6f5988 ImageList_Create
0x6f598c ImageList_EndDrag
0x6f5990 ImageList_DrawEx
0x6f5994 ImageList_SetImageCount
0x6f5998 FlatSB_GetScrollPos
0x6f599c FlatSB_SetScrollPos
0x6f59a0 InitializeFlatSB
0x6f59a4 ImageList_Copy
0x6f59a8 FlatSB_GetScrollInfo
0x6f59ac ImageList_Write
0x6f59b0 ImageList_DrawIndirect
0x6f59b4 ImageList_SetBkColor
0x6f59b8 ImageList_GetBkColor
0x6f59bc ImageList_BeginDrag
0x6f59c0 ImageList_GetIcon
0x6f59c4 ImageList_Replace
0x6f59c8 ImageList_GetImageCount
0x6f59cc ImageList_DragEnter
0x6f59d0 ImageList_GetIconSize
0x6f59d4 ImageList_SetIconSize
0x6f59d8 ImageList_Read
0x6f59dc ImageList_DragLeave
0x6f59e0 ImageList_LoadImageW
0x6f59e4 ImageList_Draw
0x6f59e8 ImageList_Remove
0x6f59ec ImageList_ReplaceIcon
0x6f59f0 ImageList_SetOverlayImage
shell32.dll
0x6f59f8 SHGetSpecialFolderLocation
0x6f59fc Shell_NotifyIconW
0x6f5a00 ShellExecuteW
0x6f5a04 SHGetPathFromIDListW
user32.dll
0x6f5a0c CopyImage
0x6f5a10 CreateWindowExW
0x6f5a14 GetMenuItemInfoW
0x6f5a18 SetMenuItemInfoW
0x6f5a1c DefFrameProcW
0x6f5a20 GetDCEx
0x6f5a24 PeekMessageW
0x6f5a28 MonitorFromWindow
0x6f5a2c GetDlgCtrlID
0x6f5a30 GetUpdateRect
0x6f5a34 SetTimer
0x6f5a38 WindowFromPoint
0x6f5a3c BeginPaint
0x6f5a40 RegisterClipboardFormatW
0x6f5a44 FrameRect
0x6f5a48 MapVirtualKeyW
0x6f5a4c IsWindowUnicode
0x6f5a50 RegisterWindowMessageW
0x6f5a54 FillRect
0x6f5a58 GetMenuStringW
0x6f5a5c DispatchMessageW
0x6f5a60 CreateAcceleratorTableW
0x6f5a64 SendMessageA
0x6f5a68 DefMDIChildProcW
0x6f5a6c EnumWindows
0x6f5a70 GetClassInfoW
0x6f5a74 ShowOwnedPopups
0x6f5a78 GetSystemMenu
0x6f5a7c GetScrollRange
0x6f5a80 SetScrollPos
0x6f5a84 GetScrollPos
0x6f5a88 GetActiveWindow
0x6f5a8c SetActiveWindow
0x6f5a90 DrawEdge
0x6f5a94 GetKeyboardLayoutList
0x6f5a98 LoadBitmapW
0x6f5a9c DrawFocusRect
0x6f5aa0 EnumChildWindows
0x6f5aa4 GetScrollBarInfo
0x6f5aa8 ReleaseCapture
0x6f5aac UnhookWindowsHookEx
0x6f5ab0 LoadCursorW
0x6f5ab4 GetCapture
0x6f5ab8 SetCapture
0x6f5abc CreatePopupMenu
0x6f5ac0 ScrollWindow
0x6f5ac4 ShowCaret
0x6f5ac8 GetMenuItemID
0x6f5acc GetLastActivePopup
0x6f5ad0 CharLowerBuffW
0x6f5ad4 GetSystemMetrics
0x6f5ad8 SetWindowLongW
0x6f5adc PostMessageW
0x6f5ae0 DrawMenuBar
0x6f5ae4 SetParent
0x6f5ae8 IsZoomed
0x6f5aec CharUpperBuffW
0x6f5af0 GetClientRect
0x6f5af4 IsChild
0x6f5af8 ClientToScreen
0x6f5afc GetClipboardData
0x6f5b00 SetClipboardData
0x6f5b04 SetWindowPlacement
0x6f5b08 IsIconic
0x6f5b0c CallNextHookEx
0x6f5b10 GetMonitorInfoW
0x6f5b14 ShowWindow
0x6f5b18 CheckMenuItem
0x6f5b1c CharUpperW
0x6f5b20 DefWindowProcW
0x6f5b24 GetForegroundWindow
0x6f5b28 SetForegroundWindow
0x6f5b2c GetWindowTextW
0x6f5b30 EnableWindow
0x6f5b34 DestroyWindow
0x6f5b38 IsDialogMessageW
0x6f5b3c EndMenu
0x6f5b40 RegisterClassW
0x6f5b44 CharNextW
0x6f5b48 GetWindowThreadProcessId
0x6f5b4c RedrawWindow
0x6f5b50 GetDC
0x6f5b54 GetFocus
0x6f5b58 SetFocus
0x6f5b5c EndPaint
0x6f5b60 ReleaseDC
0x6f5b64 MsgWaitForMultipleObjectsEx
0x6f5b68 LoadKeyboardLayoutW
0x6f5b6c GetClassLongW
0x6f5b70 ActivateKeyboardLayout
0x6f5b74 GetParent
0x6f5b78 DrawTextW
0x6f5b7c SetScrollRange
0x6f5b80 MonitorFromRect
0x6f5b84 InsertMenuItemW
0x6f5b88 PeekMessageA
0x6f5b8c GetPropW
0x6f5b90 SetClassLongW
0x6f5b94 MessageBoxW
0x6f5b98 MessageBeep
0x6f5b9c SetPropW
0x6f5ba0 RemovePropW
0x6f5ba4 UpdateWindow
0x6f5ba8 GetSubMenu
0x6f5bac MsgWaitForMultipleObjects
0x6f5bb0 DestroyMenu
0x6f5bb4 DestroyIcon
0x6f5bb8 SetWindowsHookExW
0x6f5bbc EmptyClipboard
0x6f5bc0 IsWindowVisible
0x6f5bc4 DispatchMessageA
0x6f5bc8 UnregisterClassW
0x6f5bcc GetTopWindow
0x6f5bd0 SendMessageW
0x6f5bd4 AdjustWindowRectEx
0x6f5bd8 DrawIcon
0x6f5bdc IsWindow
0x6f5be0 EnumThreadWindows
0x6f5be4 InvalidateRect
0x6f5be8 GetKeyboardState
0x6f5bec DrawFrameControl
0x6f5bf0 ScreenToClient
0x6f5bf4 SetCursor
0x6f5bf8 CreateIcon
0x6f5bfc CreateMenu
0x6f5c00 LoadStringW
0x6f5c04 CharLowerW
0x6f5c08 SetWindowRgn
0x6f5c0c SetWindowPos
0x6f5c10 GetMenuItemCount
0x6f5c14 RemoveMenu
0x6f5c18 GetSysColorBrush
0x6f5c1c GetKeyboardLayoutNameW
0x6f5c20 GetWindowDC
0x6f5c24 TranslateMessage
0x6f5c28 OpenClipboard
0x6f5c2c DrawTextExW
0x6f5c30 MapWindowPoints
0x6f5c34 EnumDisplayMonitors
0x6f5c38 CallWindowProcW
0x6f5c3c CloseClipboard
0x6f5c40 DestroyCursor
0x6f5c44 GetScrollInfo
0x6f5c48 SetWindowTextW
0x6f5c4c GetMessageExtraInfo
0x6f5c50 EnableScrollBar
0x6f5c54 GetSysColor
0x6f5c58 TrackPopupMenu
0x6f5c5c CopyIcon
0x6f5c60 DrawIconEx
0x6f5c64 PostQuitMessage
0x6f5c68 GetClassNameW
0x6f5c6c ShowScrollBar
0x6f5c70 EnableMenuItem
0x6f5c74 GetIconInfo
0x6f5c78 GetMessagePos
0x6f5c7c SetScrollInfo
0x6f5c80 GetKeyNameTextW
0x6f5c84 GetDesktopWindow
0x6f5c88 GetCursorPos
0x6f5c8c SetCursorPos
0x6f5c90 HideCaret
0x6f5c94 GetMenu
0x6f5c98 GetMenuState
0x6f5c9c SetMenu
0x6f5ca0 SetRect
0x6f5ca4 GetKeyState
0x6f5ca8 FindWindowExW
0x6f5cac MonitorFromPoint
0x6f5cb0 SystemParametersInfoW
0x6f5cb4 LoadIconW
0x6f5cb8 GetCursor
0x6f5cbc GetWindow
0x6f5cc0 GetWindowLongW
0x6f5cc4 GetWindowRect
0x6f5cc8 InsertMenuW
0x6f5ccc KillTimer
0x6f5cd0 WaitMessage
0x6f5cd4 IsWindowEnabled
0x6f5cd8 IsDialogMessageA
0x6f5cdc TranslateMDISysAccel
0x6f5ce0 GetWindowPlacement
0x6f5ce4 CreateIconIndirect
0x6f5ce8 FindWindowW
0x6f5cec DeleteMenu
0x6f5cf0 GetKeyboardLayout
version.dll
0x6f5cf8 GetFileVersionInfoSizeW
0x6f5cfc VerQueryValueW
0x6f5d00 GetFileVersionInfoW
oleaut32.dll
0x6f5d08 GetErrorInfo
0x6f5d0c SysFreeString
0x6f5d10 VariantClear
0x6f5d14 VariantInit
0x6f5d18 SysReAllocStringLen
0x6f5d1c SafeArrayCreate
0x6f5d20 SafeArrayGetElement
0x6f5d24 SysAllocStringLen
0x6f5d28 SafeArrayPtrOfIndex
0x6f5d2c SafeArrayGetUBound
0x6f5d30 SafeArrayGetLBound
0x6f5d34 VariantCopy
0x6f5d38 VariantChangeType
advapi32.dll
0x6f5d40 RegSetValueExW
0x6f5d44 RegConnectRegistryW
0x6f5d48 RegEnumKeyExW
0x6f5d4c RegLoadKeyW
0x6f5d50 RegDeleteKeyW
0x6f5d54 RegOpenKeyExW
0x6f5d58 RegQueryInfoKeyW
0x6f5d5c RegUnLoadKeyW
0x6f5d60 RegSaveKeyW
0x6f5d64 RegDeleteValueW
0x6f5d68 RegReplaceKeyW
0x6f5d6c RegFlushKey
0x6f5d70 RegQueryValueExW
0x6f5d74 RegEnumValueW
0x6f5d78 RegCloseKey
0x6f5d7c RegCreateKeyExW
0x6f5d80 RegRestoreKeyW
netapi32.dll
0x6f5d88 NetWkstaGetInfo
0x6f5d8c NetApiBufferFree
msvcrt.dll
0x6f5d94 memcpy
0x6f5d98 memset
winhttp.dll
0x6f5da0 WinHttpGetIEProxyConfigForCurrentUser
0x6f5da4 WinHttpSetTimeouts
0x6f5da8 WinHttpSetStatusCallback
0x6f5dac WinHttpConnect
0x6f5db0 WinHttpReceiveResponse
0x6f5db4 WinHttpQueryAuthSchemes
0x6f5db8 WinHttpGetProxyForUrl
0x6f5dbc WinHttpReadData
0x6f5dc0 WinHttpCloseHandle
0x6f5dc4 WinHttpQueryHeaders
0x6f5dc8 WinHttpOpenRequest
0x6f5dcc WinHttpAddRequestHeaders
0x6f5dd0 WinHttpOpen
0x6f5dd4 WinHttpWriteData
0x6f5dd8 WinHttpSetCredentials
0x6f5ddc WinHttpQueryDataAvailable
0x6f5de0 WinHttpSetOption
0x6f5de4 WinHttpSendRequest
0x6f5de8 WinHttpQueryOption
kernel32.dll
0x6f5df0 GetACP
0x6f5df4 LocalFree
0x6f5df8 CloseHandle
0x6f5dfc GetCurrentProcessId
0x6f5e00 SizeofResource
0x6f5e04 VirtualProtect
0x6f5e08 TerminateThread
0x6f5e0c QueryPerformanceFrequency
0x6f5e10 IsDebuggerPresent
0x6f5e14 VirtualFree
0x6f5e18 GetFullPathNameW
0x6f5e1c ExitProcess
0x6f5e20 HeapAlloc
0x6f5e24 GetCPInfoExW
0x6f5e28 RtlUnwind
0x6f5e2c GetCPInfo
0x6f5e30 EnumSystemLocalesW
0x6f5e34 GetStdHandle
0x6f5e38 GetTimeZoneInformation
0x6f5e3c GetModuleHandleW
0x6f5e40 FreeLibrary
0x6f5e44 TryEnterCriticalSection
0x6f5e48 HeapDestroy
0x6f5e4c ReadFile
0x6f5e50 CreateProcessW
0x6f5e54 GetLastError
0x6f5e58 GetModuleFileNameW
0x6f5e5c SetLastError
0x6f5e60 GlobalAlloc
0x6f5e64 GlobalUnlock
0x6f5e68 FindResourceW
0x6f5e6c CreateThread
0x6f5e70 CompareStringW
0x6f5e74 CreateMutexW
0x6f5e78 LoadLibraryA
0x6f5e7c ResetEvent
0x6f5e80 MulDiv
0x6f5e84 FreeResource
0x6f5e88 GetVersion
0x6f5e8c RaiseException
0x6f5e90 MoveFileW
0x6f5e94 GlobalAddAtomW
0x6f5e98 FormatMessageW
0x6f5e9c SwitchToThread
0x6f5ea0 GetExitCodeThread
0x6f5ea4 GetCurrentThread
0x6f5ea8 LoadLibraryExW
0x6f5eac LockResource
0x6f5eb0 FileTimeToSystemTime
0x6f5eb4 GetCurrentThreadId
0x6f5eb8 UnhandledExceptionFilter
0x6f5ebc VirtualQuery
0x6f5ec0 GlobalFindAtomW
0x6f5ec4 VirtualQueryEx
0x6f5ec8 GlobalFree
0x6f5ecc Sleep
0x6f5ed0 EnterCriticalSection
0x6f5ed4 SetFilePointer
0x6f5ed8 LoadResource
0x6f5edc SuspendThread
0x6f5ee0 GetTickCount
0x6f5ee4 GetStartupInfoW
0x6f5ee8 GlobalDeleteAtom
0x6f5eec GetFileAttributesW
0x6f5ef0 InitializeCriticalSection
0x6f5ef4 GetThreadPriority
0x6f5ef8 GetCurrentProcess
0x6f5efc SetThreadPriority
0x6f5f00 GlobalLock
0x6f5f04 VirtualAlloc
0x6f5f08 GetSystemInfo
0x6f5f0c GetCommandLineW
0x6f5f10 LeaveCriticalSection
0x6f5f14 GetProcAddress
0x6f5f18 ResumeThread
0x6f5f1c GetVersionExW
0x6f5f20 VerifyVersionInfoW
0x6f5f24 HeapCreate
0x6f5f28 LCMapStringW
0x6f5f2c GetDiskFreeSpaceW
0x6f5f30 VerSetConditionMask
0x6f5f34 FindFirstFileW
0x6f5f38 GetUserDefaultUILanguage
0x6f5f3c lstrlenW
0x6f5f40 QueryPerformanceCounter
0x6f5f44 SetEndOfFile
0x6f5f48 HeapFree
0x6f5f4c WideCharToMultiByte
0x6f5f50 FindClose
0x6f5f54 MultiByteToWideChar
0x6f5f58 LoadLibraryW
0x6f5f5c SetEvent
0x6f5f60 CreateFileW
0x6f5f64 GetLocaleInfoW
0x6f5f68 EnumResourceNamesW
0x6f5f6c DeleteFileW
0x6f5f70 GetLocalTime
0x6f5f74 GetEnvironmentVariableW
0x6f5f78 WaitForSingleObject
0x6f5f7c WriteFile
0x6f5f80 ExitThread
0x6f5f84 CreatePipe
0x6f5f88 DeleteCriticalSection
0x6f5f8c GetDateFormatW
0x6f5f90 TlsGetValue
0x6f5f94 SetErrorMode
0x6f5f98 IsValidLocale
0x6f5f9c TlsSetValue
0x6f5fa0 CreateDirectoryW
0x6f5fa4 GetSystemDefaultUILanguage
0x6f5fa8 EnumCalendarInfoW
0x6f5fac LocalAlloc
0x6f5fb0 RemoveDirectoryW
0x6f5fb4 CreateEventW
0x6f5fb8 WaitForMultipleObjectsEx
0x6f5fbc SetThreadLocale
0x6f5fc0 GetThreadLocale
ole32.dll
0x6f5fc8 IsEqualGUID
0x6f5fcc OleInitialize
0x6f5fd0 CreateBindCtx
0x6f5fd4 OleUninitialize
0x6f5fd8 MkParseDisplayName
0x6f5fdc CoInitialize
0x6f5fe0 CoCreateInstance
0x6f5fe4 CoUninitialize
0x6f5fe8 CoTaskMemFree
0x6f5fec CoTaskMemAlloc
0x6f5ff0 StringFromCLSID
gdi32.dll
0x6f5ff8 Pie
0x6f5ffc SetBkMode
0x6f6000 CreateCompatibleBitmap
0x6f6004 GetEnhMetaFileHeader
0x6f6008 RectVisible
0x6f600c AngleArc
0x6f6010 SetAbortProc
0x6f6014 SetTextColor
0x6f6018 StretchBlt
0x6f601c RoundRect
0x6f6020 RestoreDC
0x6f6024 SetRectRgn
0x6f6028 GetTextMetricsW
0x6f602c GetWindowOrgEx
0x6f6030 CreatePalette
0x6f6034 PolyBezierTo
0x6f6038 CreateICW
0x6f603c CreateDCW
0x6f6040 GetStockObject
0x6f6044 CreateSolidBrush
0x6f6048 Polygon
0x6f604c MoveToEx
0x6f6050 PlayEnhMetaFile
0x6f6054 Ellipse
0x6f6058 StartPage
0x6f605c GetBitmapBits
0x6f6060 StartDocW
0x6f6064 AbortDoc
0x6f6068 GetSystemPaletteEntries
0x6f606c GetEnhMetaFileBits
0x6f6070 GetEnhMetaFilePaletteEntries
0x6f6074 CreatePenIndirect
0x6f6078 SetMapMode
0x6f607c CreateFontIndirectW
0x6f6080 PolyBezier
0x6f6084 EndDoc
0x6f6088 GetObjectW
0x6f608c GetWinMetaFileBits
0x6f6090 SetROP2
0x6f6094 GetEnhMetaFileDescriptionW
0x6f6098 ArcTo
0x6f609c Arc
0x6f60a0 SelectPalette
0x6f60a4 ExcludeClipRect
0x6f60a8 MaskBlt
0x6f60ac SetWindowOrgEx
0x6f60b0 EndPage
0x6f60b4 DeleteEnhMetaFile
0x6f60b8 Chord
0x6f60bc SetDIBits
0x6f60c0 SetViewportOrgEx
0x6f60c4 CreateRectRgn
0x6f60c8 RealizePalette
0x6f60cc SetDIBColorTable
0x6f60d0 GetDIBColorTable
0x6f60d4 CreateBrushIndirect
0x6f60d8 PatBlt
0x6f60dc SetEnhMetaFileBits
0x6f60e0 Rectangle
0x6f60e4 SaveDC
0x6f60e8 DeleteDC
0x6f60ec FrameRgn
0x6f60f0 BitBlt
0x6f60f4 GetDeviceCaps
0x6f60f8 GetTextExtentPoint32W
0x6f60fc GetClipBox
0x6f6100 IntersectClipRect
0x6f6104 Polyline
0x6f6108 CreateBitmap
0x6f610c SetWinMetaFileBits
0x6f6110 GetStretchBltMode
0x6f6114 CreateDIBitmap
0x6f6118 SetStretchBltMode
0x6f611c GetDIBits
0x6f6120 CreateDIBSection
0x6f6124 LineTo
0x6f6128 GetRgnBox
0x6f612c EnumFontsW
0x6f6130 CreateHalftonePalette
0x6f6134 SelectObject
0x6f6138 DeleteObject
0x6f613c ExtFloodFill
0x6f6140 UnrealizeObject
0x6f6144 CopyEnhMetaFileW
0x6f6148 SetBkColor
0x6f614c CreateCompatibleDC
0x6f6150 GetBrushOrgEx
0x6f6154 GetCurrentPositionEx
0x6f6158 GetTextExtentPointW
0x6f615c ExtTextOutW
0x6f6160 SetBrushOrgEx
0x6f6164 GetPixel
0x6f6168 GdiFlush
0x6f616c SetPixel
0x6f6170 EnumFontFamiliesExW
0x6f6174 StretchDIBits
0x6f6178 GetPaletteEntries
EAT(Export Address Table) Library
0x4e0fa0 TMethodImplementationIntercept
0x4113dc __dbk_fcall_wrapper
0x6f1640 dbkFCallWrapperAddr