ScreenShot
| Created | 2021.09.07 08:38 | Machine | s1_win7_x6402 |
| Filename | TXGJ.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 55 detected (AIDetect, malware2, lwj0, malicious, high confidence, Wsgame, Zusy, Unsafe, Save, MalwareX, ZexaF, @t0@aKaDhXpb, Eldorado, Attribute, HighConfidence, FlyStudio, Vmprotect, ixxbtl, OSCF@5rs7jr, R002C0WH121, Generic PUA KH, Static AI, Malicious PE, Binder, ASCommon, kcloud, GenericMC, 19Q2126, score, Black, R439979, GenericRXAA, ai score=81, BScope, CLASSIC, Pg9VsjQ8tI4, susgen, CoinMiner, GdSda, confidence) | ||
| md5 | 99d66cd7da25f37b13936ce6f0f939d7 | ||
| sha256 | 3179fe15e7ff91a0e02a7a75667f8c230e95817d1ac0e0fb0f34a74d33c0b8ad | ||
| ssdeep | 98304:XSse110tnw6AOXu57bC4RqlrjAe8VhhSEYEniZqgE2NFE6Wq+Pw1rhWixOU2tlOk:XEyWO+57bC8CAe8TMjNHN+PI9xLoMPsZ | ||
| imphash | 4b67c182997c6caacb0b141d8d598664 | ||
| impfuzzy | 192:/KWAaNM0UhFjUB1lh71TYBk29zVOpcnc3c/VBa7:fMPgiOpakV7 | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 55 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (15cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| watch | ASPack_Zero | ASPack packed file | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (download) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
WINMM.dll
0x4a86a4 midiStreamOut
0x4a86a8 midiOutPrepareHeader
0x4a86ac midiStreamProperty
0x4a86b0 midiStreamOpen
0x4a86b4 midiOutUnprepareHeader
0x4a86b8 waveOutOpen
0x4a86bc waveOutUnprepareHeader
0x4a86c0 waveOutPrepareHeader
0x4a86c4 waveOutWrite
0x4a86c8 waveOutPause
0x4a86cc waveOutReset
0x4a86d0 waveOutClose
0x4a86d4 waveOutGetNumDevs
0x4a86d8 midiStreamStop
0x4a86dc midiOutReset
0x4a86e0 midiStreamClose
0x4a86e4 midiStreamRestart
WS2_32.dll
0x4a86fc WSAAsyncSelect
0x4a8700 closesocket
0x4a8704 send
0x4a8708 WSACleanup
0x4a870c WSAStartup
0x4a8710 inet_ntoa
0x4a8714 recvfrom
0x4a8718 ioctlsocket
0x4a871c recv
0x4a8720 getpeername
0x4a8724 accept
0x4a8728 select
RASAPI32.dll
0x4a83d4 RasHangUpA
0x4a83d8 RasGetConnectStatusA
KERNEL32.dll
0x4a819c OpenProcess
0x4a81a0 SetLastError
0x4a81a4 GetTimeZoneInformation
0x4a81a8 TerminateProcess
0x4a81ac FileTimeToSystemTime
0x4a81b0 RaiseException
0x4a81b4 GetLocalTime
0x4a81b8 GetSystemTime
0x4a81bc RtlUnwind
0x4a81c0 GetStartupInfoA
0x4a81c4 GetOEMCP
0x4a81c8 GetCPInfo
0x4a81cc GetProcessVersion
0x4a81d0 SetErrorMode
0x4a81d4 GlobalFlags
0x4a81d8 GetCurrentThread
0x4a81dc GetFileTime
0x4a81e0 TlsGetValue
0x4a81e4 LocalReAlloc
0x4a81e8 TlsSetValue
0x4a81ec TlsFree
0x4a81f0 GlobalHandle
0x4a81f4 TlsAlloc
0x4a81f8 LocalAlloc
0x4a81fc lstrcmpA
0x4a8200 GlobalGetAtomNameA
0x4a8204 GlobalAddAtomA
0x4a8208 GlobalFindAtomA
0x4a820c GlobalDeleteAtom
0x4a8210 lstrcmpiA
0x4a8214 SetEndOfFile
0x4a8218 UnlockFile
0x4a821c LockFile
0x4a8220 FlushFileBuffers
0x4a8224 DuplicateHandle
0x4a8228 lstrcpynA
0x4a822c FileTimeToLocalFileTime
0x4a8230 LocalFree
0x4a8234 InterlockedDecrement
0x4a8238 InterlockedIncrement
0x4a823c GetCurrentProcess
0x4a8240 GetFileSize
0x4a8244 SetFilePointer
0x4a8248 CreateToolhelp32Snapshot
0x4a824c Process32First
0x4a8250 Process32Next
0x4a8254 CreateSemaphoreA
0x4a8258 ResumeThread
0x4a825c ReleaseSemaphore
0x4a8260 EnterCriticalSection
0x4a8264 LeaveCriticalSection
0x4a8268 GetProfileStringA
0x4a826c WriteFile
0x4a8270 WaitForMultipleObjects
0x4a8274 CreateFileA
0x4a8278 SetEvent
0x4a827c FindResourceA
0x4a8280 LoadResource
0x4a8284 LockResource
0x4a8288 ReadFile
0x4a828c GetModuleFileNameA
0x4a8290 WideCharToMultiByte
0x4a8294 MultiByteToWideChar
0x4a8298 GetCurrentThreadId
0x4a829c ExitProcess
0x4a82a0 GlobalSize
0x4a82a4 GlobalFree
0x4a82a8 DeleteCriticalSection
0x4a82ac InitializeCriticalSection
0x4a82b0 lstrcatA
0x4a82b4 lstrlenA
0x4a82b8 WinExec
0x4a82bc lstrcpyA
0x4a82c0 FindNextFileA
0x4a82c4 GlobalReAlloc
0x4a82c8 HeapFree
0x4a82cc HeapReAlloc
0x4a82d0 GetProcessHeap
0x4a82d4 HeapAlloc
0x4a82d8 GetFullPathNameA
0x4a82dc FreeLibrary
0x4a82e0 LoadLibraryA
0x4a82e4 GetLastError
0x4a82e8 GetVersionExA
0x4a82ec WritePrivateProfileStringA
0x4a82f0 CreateThread
0x4a82f4 CreateEventA
0x4a82f8 Sleep
0x4a82fc GlobalAlloc
0x4a8300 GlobalLock
0x4a8304 GlobalUnlock
0x4a8308 InterlockedExchange
0x4a830c GetTempPathA
0x4a8310 FindFirstFileA
0x4a8314 FindClose
0x4a8318 SetFileAttributesA
0x4a831c GetFileAttributesA
0x4a8320 MoveFileA
0x4a8324 DeleteFileA
0x4a8328 SetCurrentDirectoryA
0x4a832c GetVolumeInformationA
0x4a8330 GetModuleHandleA
0x4a8334 GetProcAddress
0x4a8338 MulDiv
0x4a833c GetCommandLineA
0x4a8340 GetTickCount
0x4a8344 CreateProcessA
0x4a8348 WaitForSingleObject
0x4a834c CloseHandle
0x4a8350 HeapSize
0x4a8354 GetACP
0x4a8358 SetStdHandle
0x4a835c GetFileType
0x4a8360 UnhandledExceptionFilter
0x4a8364 FreeEnvironmentStringsA
0x4a8368 FreeEnvironmentStringsW
0x4a836c GetEnvironmentStrings
0x4a8370 GetEnvironmentStringsW
0x4a8374 SetHandleCount
0x4a8378 GetStdHandle
0x4a837c GetEnvironmentVariableA
0x4a8380 HeapDestroy
0x4a8384 HeapCreate
0x4a8388 VirtualFree
0x4a838c SetEnvironmentVariableA
0x4a8390 LCMapStringA
0x4a8394 LCMapStringW
0x4a8398 VirtualAlloc
0x4a839c IsBadWritePtr
0x4a83a0 SetUnhandledExceptionFilter
0x4a83a4 GetStringTypeA
0x4a83a8 GetStringTypeW
0x4a83ac CompareStringA
0x4a83b0 CompareStringW
0x4a83b4 IsBadReadPtr
0x4a83b8 IsBadCodePtr
0x4a83bc GetVersion
USER32.dll
0x4a83f8 SetFocus
0x4a83fc GetActiveWindow
0x4a8400 GetWindow
0x4a8404 DestroyAcceleratorTable
0x4a8408 SetWindowRgn
0x4a840c GetSysColorBrush
0x4a8410 IsWindowEnabled
0x4a8414 ShowWindow
0x4a8418 SystemParametersInfoA
0x4a841c LoadImageA
0x4a8420 EnumDisplaySettingsA
0x4a8424 ClientToScreen
0x4a8428 EnableMenuItem
0x4a842c GetSubMenu
0x4a8430 GetDlgCtrlID
0x4a8434 CreateAcceleratorTableA
0x4a8438 CreateMenu
0x4a843c ModifyMenuA
0x4a8440 AppendMenuA
0x4a8444 CreatePopupMenu
0x4a8448 DrawIconEx
0x4a844c CreateIconFromResource
0x4a8450 CreateIconFromResourceEx
0x4a8454 RegisterClipboardFormatA
0x4a8458 SetRectEmpty
0x4a845c DispatchMessageA
0x4a8460 GetMessageA
0x4a8464 WindowFromPoint
0x4a8468 GetMessagePos
0x4a846c ScreenToClient
0x4a8470 ChildWindowFromPointEx
0x4a8474 CopyRect
0x4a8478 LoadBitmapA
0x4a847c WinHelpA
0x4a8480 KillTimer
0x4a8484 SetTimer
0x4a8488 ReleaseCapture
0x4a848c GetCapture
0x4a8490 SetCapture
0x4a8494 GetScrollRange
0x4a8498 SetScrollRange
0x4a849c SetScrollPos
0x4a84a0 SetRect
0x4a84a4 InflateRect
0x4a84a8 IntersectRect
0x4a84ac DestroyIcon
0x4a84b0 PtInRect
0x4a84b4 LoadStringA
0x4a84b8 DrawFocusRect
0x4a84bc GetMenuState
0x4a84c0 SetMenuItemBitmaps
0x4a84c4 CheckMenuItem
0x4a84c8 MoveWindow
0x4a84cc IsDialogMessageA
0x4a84d0 ScrollWindowEx
0x4a84d4 SendDlgItemMessageA
0x4a84d8 MapWindowPoints
0x4a84dc AdjustWindowRectEx
0x4a84e0 IsIconic
0x4a84e4 GetScrollPos
0x4a84e8 RegisterClassA
0x4a84ec GetMenuItemCount
0x4a84f0 GetMenuItemID
0x4a84f4 SetWindowsHookExA
0x4a84f8 CallNextHookEx
0x4a84fc GetClassLongA
0x4a8500 SetPropA
0x4a8504 UnhookWindowsHookEx
0x4a8508 GetPropA
0x4a850c RemovePropA
0x4a8510 GetMessageTime
0x4a8514 GetLastActivePopup
0x4a8518 GetForegroundWindow
0x4a851c RegisterWindowMessageA
0x4a8520 GetWindowPlacement
0x4a8524 GetNextDlgTabItem
0x4a8528 OffsetRect
0x4a852c IsWindowVisible
0x4a8530 EnableWindow
0x4a8534 RedrawWindow
0x4a8538 GetWindowLongA
0x4a853c SetWindowLongA
0x4a8540 GetSysColor
0x4a8544 SetActiveWindow
0x4a8548 SetCursorPos
0x4a854c LoadCursorA
0x4a8550 SetCursor
0x4a8554 GetDC
0x4a8558 FillRect
0x4a855c IsRectEmpty
0x4a8560 ReleaseDC
0x4a8564 IsChild
0x4a8568 DestroyMenu
0x4a856c SetForegroundWindow
0x4a8570 GetWindowRect
0x4a8574 EqualRect
0x4a8578 UpdateWindow
0x4a857c ValidateRect
0x4a8580 InvalidateRect
0x4a8584 GetClientRect
0x4a8588 GetFocus
0x4a858c GetParent
0x4a8590 GetTopWindow
0x4a8594 PostMessageA
0x4a8598 IsWindow
0x4a859c SetParent
0x4a85a0 DestroyCursor
0x4a85a4 SendMessageA
0x4a85a8 SetWindowPos
0x4a85ac MessageBoxA
0x4a85b0 GetCursorPos
0x4a85b4 GetSystemMetrics
0x4a85b8 EmptyClipboard
0x4a85bc SetClipboardData
0x4a85c0 OpenClipboard
0x4a85c4 GetClipboardData
0x4a85c8 CloseClipboard
0x4a85cc wsprintfA
0x4a85d0 WaitForInputIdle
0x4a85d4 PeekMessageA
0x4a85d8 SetMenu
0x4a85dc GetMenu
0x4a85e0 DeleteMenu
0x4a85e4 GetSystemMenu
0x4a85e8 DefWindowProcA
0x4a85ec GetClassInfoA
0x4a85f0 IsZoomed
0x4a85f4 DrawEdge
0x4a85f8 DrawFrameControl
0x4a85fc TranslateMessage
0x4a8600 LoadIconA
0x4a8604 UnregisterClassA
0x4a8608 GetDesktopWindow
0x4a860c GetClassNameA
0x4a8610 GetWindowThreadProcessId
0x4a8614 FindWindowA
0x4a8618 GetDlgItem
0x4a861c GetWindowTextA
0x4a8620 SetWindowTextA
0x4a8624 CallWindowProcA
0x4a8628 CreateWindowExA
0x4a862c RegisterHotKey
0x4a8630 UnregisterHotKey
0x4a8634 PostQuitMessage
0x4a8638 CopyAcceleratorTableA
0x4a863c GetKeyState
0x4a8640 TranslateAcceleratorA
0x4a8644 GetMenuCheckMarkDimensions
0x4a8648 GetWindowTextLengthA
0x4a864c CharUpperA
0x4a8650 GetWindowDC
0x4a8654 BeginPaint
0x4a8658 EndPaint
0x4a865c TabbedTextOutA
0x4a8660 DrawTextA
0x4a8664 GrayStringA
0x4a8668 DestroyWindow
0x4a866c CreateDialogIndirectParamA
0x4a8670 EndDialog
GDI32.dll
0x4a8048 ExtSelectClipRgn
0x4a804c LineTo
0x4a8050 MoveToEx
0x4a8054 ExcludeClipRect
0x4a8058 GetStockObject
0x4a805c CreateFontIndirectA
0x4a8060 EndPage
0x4a8064 EndDoc
0x4a8068 DeleteDC
0x4a806c StartDocA
0x4a8070 StartPage
0x4a8074 BitBlt
0x4a8078 CreateCompatibleDC
0x4a807c Ellipse
0x4a8080 Rectangle
0x4a8084 LPtoDP
0x4a8088 DPtoLP
0x4a808c GetCurrentObject
0x4a8090 RoundRect
0x4a8094 GetTextExtentPoint32A
0x4a8098 GetDeviceCaps
0x4a809c GetSystemPaletteEntries
0x4a80a0 CreateDIBitmap
0x4a80a4 DeleteObject
0x4a80a8 SelectClipRgn
0x4a80ac CreatePolygonRgn
0x4a80b0 GetClipRgn
0x4a80b4 SetStretchBltMode
0x4a80b8 CreateRectRgnIndirect
0x4a80bc SetBkColor
0x4a80c0 CreateFontA
0x4a80c4 TranslateCharsetInfo
0x4a80c8 GetClipBox
0x4a80cc ScaleWindowExtEx
0x4a80d0 SetWindowExtEx
0x4a80d4 SetWindowOrgEx
0x4a80d8 ScaleViewportExtEx
0x4a80dc SetViewportExtEx
0x4a80e0 OffsetViewportOrgEx
0x4a80e4 SetViewportOrgEx
0x4a80e8 SetMapMode
0x4a80ec SetTextColor
0x4a80f0 SetROP2
0x4a80f4 GetViewportExtEx
0x4a80f8 PtVisible
0x4a80fc RectVisible
0x4a8100 TextOutA
0x4a8104 ExtTextOutA
0x4a8108 Escape
0x4a810c GetTextMetricsA
0x4a8110 CreateSolidBrush
0x4a8114 FillRgn
0x4a8118 CreateRectRgn
0x4a811c CombineRgn
0x4a8120 PatBlt
0x4a8124 CreatePen
0x4a8128 GetObjectA
0x4a812c SelectObject
0x4a8130 CreateBitmap
0x4a8134 CreateDCA
0x4a8138 CreateCompatibleBitmap
0x4a813c GetPolyFillMode
0x4a8140 SetPolyFillMode
0x4a8144 SetBkMode
0x4a8148 RestoreDC
0x4a814c SaveDC
0x4a8150 GetStretchBltMode
0x4a8154 GetROP2
0x4a8158 GetBkColor
0x4a815c GetBkMode
0x4a8160 GetTextColor
0x4a8164 CreateRoundRectRgn
0x4a8168 CreateEllipticRgn
0x4a816c PathToRegion
0x4a8170 EndPath
0x4a8174 BeginPath
0x4a8178 GetWindowOrgEx
0x4a817c GetViewportOrgEx
0x4a8180 GetWindowExtEx
0x4a8184 GetDIBits
0x4a8188 RealizePalette
0x4a818c SelectPalette
0x4a8190 StretchBlt
0x4a8194 CreatePalette
WINSPOOL.DRV
0x4a86ec OpenPrinterA
0x4a86f0 DocumentPropertiesA
0x4a86f4 ClosePrinter
ADVAPI32.dll
0x4a8000 RegOpenKeyExA
0x4a8004 RegSetValueExA
0x4a8008 RegCreateKeyA
0x4a800c RegQueryValueA
0x4a8010 RegCreateKeyExA
0x4a8014 RegCloseKey
SHELL32.dll
0x4a83e0 DragAcceptFiles
0x4a83e4 DragFinish
0x4a83e8 DragQueryFileA
0x4a83ec ShellExecuteA
0x4a83f0 Shell_NotifyIconA
ole32.dll
0x4a8744 CLSIDFromString
0x4a8748 OleInitialize
0x4a874c OleUninitialize
OLEAUT32.dll
0x4a83c4 LoadTypeLib
0x4a83c8 RegisterTypeLib
0x4a83cc UnRegisterTypeLib
COMCTL32.dll
0x4a801c ImageList_Add
0x4a8020 ImageList_BeginDrag
0x4a8024 ImageList_Create
0x4a8028 ImageList_Destroy
0x4a802c ImageList_DragEnter
0x4a8030 ImageList_DragLeave
0x4a8034 ImageList_DragMove
0x4a8038 ImageList_DragShowNolock
0x4a803c ImageList_EndDrag
0x4a8040 None
WININET.dll
0x4a8678 InternetCanonicalizeUrlA
0x4a867c InternetCrackUrlA
0x4a8680 HttpOpenRequestA
0x4a8684 HttpSendRequestA
0x4a8688 HttpQueryInfoA
0x4a868c InternetConnectA
0x4a8690 InternetSetOptionA
0x4a8694 InternetOpenA
0x4a8698 InternetCloseHandle
0x4a869c InternetReadFile
comdlg32.dll
0x4a8730 ChooseColorA
0x4a8734 GetFileTitleA
0x4a8738 GetSaveFileNameA
0x4a873c GetOpenFileNameA
EAT(Export Address Table) is none
WINMM.dll
0x4a86a4 midiStreamOut
0x4a86a8 midiOutPrepareHeader
0x4a86ac midiStreamProperty
0x4a86b0 midiStreamOpen
0x4a86b4 midiOutUnprepareHeader
0x4a86b8 waveOutOpen
0x4a86bc waveOutUnprepareHeader
0x4a86c0 waveOutPrepareHeader
0x4a86c4 waveOutWrite
0x4a86c8 waveOutPause
0x4a86cc waveOutReset
0x4a86d0 waveOutClose
0x4a86d4 waveOutGetNumDevs
0x4a86d8 midiStreamStop
0x4a86dc midiOutReset
0x4a86e0 midiStreamClose
0x4a86e4 midiStreamRestart
WS2_32.dll
0x4a86fc WSAAsyncSelect
0x4a8700 closesocket
0x4a8704 send
0x4a8708 WSACleanup
0x4a870c WSAStartup
0x4a8710 inet_ntoa
0x4a8714 recvfrom
0x4a8718 ioctlsocket
0x4a871c recv
0x4a8720 getpeername
0x4a8724 accept
0x4a8728 select
RASAPI32.dll
0x4a83d4 RasHangUpA
0x4a83d8 RasGetConnectStatusA
KERNEL32.dll
0x4a819c OpenProcess
0x4a81a0 SetLastError
0x4a81a4 GetTimeZoneInformation
0x4a81a8 TerminateProcess
0x4a81ac FileTimeToSystemTime
0x4a81b0 RaiseException
0x4a81b4 GetLocalTime
0x4a81b8 GetSystemTime
0x4a81bc RtlUnwind
0x4a81c0 GetStartupInfoA
0x4a81c4 GetOEMCP
0x4a81c8 GetCPInfo
0x4a81cc GetProcessVersion
0x4a81d0 SetErrorMode
0x4a81d4 GlobalFlags
0x4a81d8 GetCurrentThread
0x4a81dc GetFileTime
0x4a81e0 TlsGetValue
0x4a81e4 LocalReAlloc
0x4a81e8 TlsSetValue
0x4a81ec TlsFree
0x4a81f0 GlobalHandle
0x4a81f4 TlsAlloc
0x4a81f8 LocalAlloc
0x4a81fc lstrcmpA
0x4a8200 GlobalGetAtomNameA
0x4a8204 GlobalAddAtomA
0x4a8208 GlobalFindAtomA
0x4a820c GlobalDeleteAtom
0x4a8210 lstrcmpiA
0x4a8214 SetEndOfFile
0x4a8218 UnlockFile
0x4a821c LockFile
0x4a8220 FlushFileBuffers
0x4a8224 DuplicateHandle
0x4a8228 lstrcpynA
0x4a822c FileTimeToLocalFileTime
0x4a8230 LocalFree
0x4a8234 InterlockedDecrement
0x4a8238 InterlockedIncrement
0x4a823c GetCurrentProcess
0x4a8240 GetFileSize
0x4a8244 SetFilePointer
0x4a8248 CreateToolhelp32Snapshot
0x4a824c Process32First
0x4a8250 Process32Next
0x4a8254 CreateSemaphoreA
0x4a8258 ResumeThread
0x4a825c ReleaseSemaphore
0x4a8260 EnterCriticalSection
0x4a8264 LeaveCriticalSection
0x4a8268 GetProfileStringA
0x4a826c WriteFile
0x4a8270 WaitForMultipleObjects
0x4a8274 CreateFileA
0x4a8278 SetEvent
0x4a827c FindResourceA
0x4a8280 LoadResource
0x4a8284 LockResource
0x4a8288 ReadFile
0x4a828c GetModuleFileNameA
0x4a8290 WideCharToMultiByte
0x4a8294 MultiByteToWideChar
0x4a8298 GetCurrentThreadId
0x4a829c ExitProcess
0x4a82a0 GlobalSize
0x4a82a4 GlobalFree
0x4a82a8 DeleteCriticalSection
0x4a82ac InitializeCriticalSection
0x4a82b0 lstrcatA
0x4a82b4 lstrlenA
0x4a82b8 WinExec
0x4a82bc lstrcpyA
0x4a82c0 FindNextFileA
0x4a82c4 GlobalReAlloc
0x4a82c8 HeapFree
0x4a82cc HeapReAlloc
0x4a82d0 GetProcessHeap
0x4a82d4 HeapAlloc
0x4a82d8 GetFullPathNameA
0x4a82dc FreeLibrary
0x4a82e0 LoadLibraryA
0x4a82e4 GetLastError
0x4a82e8 GetVersionExA
0x4a82ec WritePrivateProfileStringA
0x4a82f0 CreateThread
0x4a82f4 CreateEventA
0x4a82f8 Sleep
0x4a82fc GlobalAlloc
0x4a8300 GlobalLock
0x4a8304 GlobalUnlock
0x4a8308 InterlockedExchange
0x4a830c GetTempPathA
0x4a8310 FindFirstFileA
0x4a8314 FindClose
0x4a8318 SetFileAttributesA
0x4a831c GetFileAttributesA
0x4a8320 MoveFileA
0x4a8324 DeleteFileA
0x4a8328 SetCurrentDirectoryA
0x4a832c GetVolumeInformationA
0x4a8330 GetModuleHandleA
0x4a8334 GetProcAddress
0x4a8338 MulDiv
0x4a833c GetCommandLineA
0x4a8340 GetTickCount
0x4a8344 CreateProcessA
0x4a8348 WaitForSingleObject
0x4a834c CloseHandle
0x4a8350 HeapSize
0x4a8354 GetACP
0x4a8358 SetStdHandle
0x4a835c GetFileType
0x4a8360 UnhandledExceptionFilter
0x4a8364 FreeEnvironmentStringsA
0x4a8368 FreeEnvironmentStringsW
0x4a836c GetEnvironmentStrings
0x4a8370 GetEnvironmentStringsW
0x4a8374 SetHandleCount
0x4a8378 GetStdHandle
0x4a837c GetEnvironmentVariableA
0x4a8380 HeapDestroy
0x4a8384 HeapCreate
0x4a8388 VirtualFree
0x4a838c SetEnvironmentVariableA
0x4a8390 LCMapStringA
0x4a8394 LCMapStringW
0x4a8398 VirtualAlloc
0x4a839c IsBadWritePtr
0x4a83a0 SetUnhandledExceptionFilter
0x4a83a4 GetStringTypeA
0x4a83a8 GetStringTypeW
0x4a83ac CompareStringA
0x4a83b0 CompareStringW
0x4a83b4 IsBadReadPtr
0x4a83b8 IsBadCodePtr
0x4a83bc GetVersion
USER32.dll
0x4a83f8 SetFocus
0x4a83fc GetActiveWindow
0x4a8400 GetWindow
0x4a8404 DestroyAcceleratorTable
0x4a8408 SetWindowRgn
0x4a840c GetSysColorBrush
0x4a8410 IsWindowEnabled
0x4a8414 ShowWindow
0x4a8418 SystemParametersInfoA
0x4a841c LoadImageA
0x4a8420 EnumDisplaySettingsA
0x4a8424 ClientToScreen
0x4a8428 EnableMenuItem
0x4a842c GetSubMenu
0x4a8430 GetDlgCtrlID
0x4a8434 CreateAcceleratorTableA
0x4a8438 CreateMenu
0x4a843c ModifyMenuA
0x4a8440 AppendMenuA
0x4a8444 CreatePopupMenu
0x4a8448 DrawIconEx
0x4a844c CreateIconFromResource
0x4a8450 CreateIconFromResourceEx
0x4a8454 RegisterClipboardFormatA
0x4a8458 SetRectEmpty
0x4a845c DispatchMessageA
0x4a8460 GetMessageA
0x4a8464 WindowFromPoint
0x4a8468 GetMessagePos
0x4a846c ScreenToClient
0x4a8470 ChildWindowFromPointEx
0x4a8474 CopyRect
0x4a8478 LoadBitmapA
0x4a847c WinHelpA
0x4a8480 KillTimer
0x4a8484 SetTimer
0x4a8488 ReleaseCapture
0x4a848c GetCapture
0x4a8490 SetCapture
0x4a8494 GetScrollRange
0x4a8498 SetScrollRange
0x4a849c SetScrollPos
0x4a84a0 SetRect
0x4a84a4 InflateRect
0x4a84a8 IntersectRect
0x4a84ac DestroyIcon
0x4a84b0 PtInRect
0x4a84b4 LoadStringA
0x4a84b8 DrawFocusRect
0x4a84bc GetMenuState
0x4a84c0 SetMenuItemBitmaps
0x4a84c4 CheckMenuItem
0x4a84c8 MoveWindow
0x4a84cc IsDialogMessageA
0x4a84d0 ScrollWindowEx
0x4a84d4 SendDlgItemMessageA
0x4a84d8 MapWindowPoints
0x4a84dc AdjustWindowRectEx
0x4a84e0 IsIconic
0x4a84e4 GetScrollPos
0x4a84e8 RegisterClassA
0x4a84ec GetMenuItemCount
0x4a84f0 GetMenuItemID
0x4a84f4 SetWindowsHookExA
0x4a84f8 CallNextHookEx
0x4a84fc GetClassLongA
0x4a8500 SetPropA
0x4a8504 UnhookWindowsHookEx
0x4a8508 GetPropA
0x4a850c RemovePropA
0x4a8510 GetMessageTime
0x4a8514 GetLastActivePopup
0x4a8518 GetForegroundWindow
0x4a851c RegisterWindowMessageA
0x4a8520 GetWindowPlacement
0x4a8524 GetNextDlgTabItem
0x4a8528 OffsetRect
0x4a852c IsWindowVisible
0x4a8530 EnableWindow
0x4a8534 RedrawWindow
0x4a8538 GetWindowLongA
0x4a853c SetWindowLongA
0x4a8540 GetSysColor
0x4a8544 SetActiveWindow
0x4a8548 SetCursorPos
0x4a854c LoadCursorA
0x4a8550 SetCursor
0x4a8554 GetDC
0x4a8558 FillRect
0x4a855c IsRectEmpty
0x4a8560 ReleaseDC
0x4a8564 IsChild
0x4a8568 DestroyMenu
0x4a856c SetForegroundWindow
0x4a8570 GetWindowRect
0x4a8574 EqualRect
0x4a8578 UpdateWindow
0x4a857c ValidateRect
0x4a8580 InvalidateRect
0x4a8584 GetClientRect
0x4a8588 GetFocus
0x4a858c GetParent
0x4a8590 GetTopWindow
0x4a8594 PostMessageA
0x4a8598 IsWindow
0x4a859c SetParent
0x4a85a0 DestroyCursor
0x4a85a4 SendMessageA
0x4a85a8 SetWindowPos
0x4a85ac MessageBoxA
0x4a85b0 GetCursorPos
0x4a85b4 GetSystemMetrics
0x4a85b8 EmptyClipboard
0x4a85bc SetClipboardData
0x4a85c0 OpenClipboard
0x4a85c4 GetClipboardData
0x4a85c8 CloseClipboard
0x4a85cc wsprintfA
0x4a85d0 WaitForInputIdle
0x4a85d4 PeekMessageA
0x4a85d8 SetMenu
0x4a85dc GetMenu
0x4a85e0 DeleteMenu
0x4a85e4 GetSystemMenu
0x4a85e8 DefWindowProcA
0x4a85ec GetClassInfoA
0x4a85f0 IsZoomed
0x4a85f4 DrawEdge
0x4a85f8 DrawFrameControl
0x4a85fc TranslateMessage
0x4a8600 LoadIconA
0x4a8604 UnregisterClassA
0x4a8608 GetDesktopWindow
0x4a860c GetClassNameA
0x4a8610 GetWindowThreadProcessId
0x4a8614 FindWindowA
0x4a8618 GetDlgItem
0x4a861c GetWindowTextA
0x4a8620 SetWindowTextA
0x4a8624 CallWindowProcA
0x4a8628 CreateWindowExA
0x4a862c RegisterHotKey
0x4a8630 UnregisterHotKey
0x4a8634 PostQuitMessage
0x4a8638 CopyAcceleratorTableA
0x4a863c GetKeyState
0x4a8640 TranslateAcceleratorA
0x4a8644 GetMenuCheckMarkDimensions
0x4a8648 GetWindowTextLengthA
0x4a864c CharUpperA
0x4a8650 GetWindowDC
0x4a8654 BeginPaint
0x4a8658 EndPaint
0x4a865c TabbedTextOutA
0x4a8660 DrawTextA
0x4a8664 GrayStringA
0x4a8668 DestroyWindow
0x4a866c CreateDialogIndirectParamA
0x4a8670 EndDialog
GDI32.dll
0x4a8048 ExtSelectClipRgn
0x4a804c LineTo
0x4a8050 MoveToEx
0x4a8054 ExcludeClipRect
0x4a8058 GetStockObject
0x4a805c CreateFontIndirectA
0x4a8060 EndPage
0x4a8064 EndDoc
0x4a8068 DeleteDC
0x4a806c StartDocA
0x4a8070 StartPage
0x4a8074 BitBlt
0x4a8078 CreateCompatibleDC
0x4a807c Ellipse
0x4a8080 Rectangle
0x4a8084 LPtoDP
0x4a8088 DPtoLP
0x4a808c GetCurrentObject
0x4a8090 RoundRect
0x4a8094 GetTextExtentPoint32A
0x4a8098 GetDeviceCaps
0x4a809c GetSystemPaletteEntries
0x4a80a0 CreateDIBitmap
0x4a80a4 DeleteObject
0x4a80a8 SelectClipRgn
0x4a80ac CreatePolygonRgn
0x4a80b0 GetClipRgn
0x4a80b4 SetStretchBltMode
0x4a80b8 CreateRectRgnIndirect
0x4a80bc SetBkColor
0x4a80c0 CreateFontA
0x4a80c4 TranslateCharsetInfo
0x4a80c8 GetClipBox
0x4a80cc ScaleWindowExtEx
0x4a80d0 SetWindowExtEx
0x4a80d4 SetWindowOrgEx
0x4a80d8 ScaleViewportExtEx
0x4a80dc SetViewportExtEx
0x4a80e0 OffsetViewportOrgEx
0x4a80e4 SetViewportOrgEx
0x4a80e8 SetMapMode
0x4a80ec SetTextColor
0x4a80f0 SetROP2
0x4a80f4 GetViewportExtEx
0x4a80f8 PtVisible
0x4a80fc RectVisible
0x4a8100 TextOutA
0x4a8104 ExtTextOutA
0x4a8108 Escape
0x4a810c GetTextMetricsA
0x4a8110 CreateSolidBrush
0x4a8114 FillRgn
0x4a8118 CreateRectRgn
0x4a811c CombineRgn
0x4a8120 PatBlt
0x4a8124 CreatePen
0x4a8128 GetObjectA
0x4a812c SelectObject
0x4a8130 CreateBitmap
0x4a8134 CreateDCA
0x4a8138 CreateCompatibleBitmap
0x4a813c GetPolyFillMode
0x4a8140 SetPolyFillMode
0x4a8144 SetBkMode
0x4a8148 RestoreDC
0x4a814c SaveDC
0x4a8150 GetStretchBltMode
0x4a8154 GetROP2
0x4a8158 GetBkColor
0x4a815c GetBkMode
0x4a8160 GetTextColor
0x4a8164 CreateRoundRectRgn
0x4a8168 CreateEllipticRgn
0x4a816c PathToRegion
0x4a8170 EndPath
0x4a8174 BeginPath
0x4a8178 GetWindowOrgEx
0x4a817c GetViewportOrgEx
0x4a8180 GetWindowExtEx
0x4a8184 GetDIBits
0x4a8188 RealizePalette
0x4a818c SelectPalette
0x4a8190 StretchBlt
0x4a8194 CreatePalette
WINSPOOL.DRV
0x4a86ec OpenPrinterA
0x4a86f0 DocumentPropertiesA
0x4a86f4 ClosePrinter
ADVAPI32.dll
0x4a8000 RegOpenKeyExA
0x4a8004 RegSetValueExA
0x4a8008 RegCreateKeyA
0x4a800c RegQueryValueA
0x4a8010 RegCreateKeyExA
0x4a8014 RegCloseKey
SHELL32.dll
0x4a83e0 DragAcceptFiles
0x4a83e4 DragFinish
0x4a83e8 DragQueryFileA
0x4a83ec ShellExecuteA
0x4a83f0 Shell_NotifyIconA
ole32.dll
0x4a8744 CLSIDFromString
0x4a8748 OleInitialize
0x4a874c OleUninitialize
OLEAUT32.dll
0x4a83c4 LoadTypeLib
0x4a83c8 RegisterTypeLib
0x4a83cc UnRegisterTypeLib
COMCTL32.dll
0x4a801c ImageList_Add
0x4a8020 ImageList_BeginDrag
0x4a8024 ImageList_Create
0x4a8028 ImageList_Destroy
0x4a802c ImageList_DragEnter
0x4a8030 ImageList_DragLeave
0x4a8034 ImageList_DragMove
0x4a8038 ImageList_DragShowNolock
0x4a803c ImageList_EndDrag
0x4a8040 None
WININET.dll
0x4a8678 InternetCanonicalizeUrlA
0x4a867c InternetCrackUrlA
0x4a8680 HttpOpenRequestA
0x4a8684 HttpSendRequestA
0x4a8688 HttpQueryInfoA
0x4a868c InternetConnectA
0x4a8690 InternetSetOptionA
0x4a8694 InternetOpenA
0x4a8698 InternetCloseHandle
0x4a869c InternetReadFile
comdlg32.dll
0x4a8730 ChooseColorA
0x4a8734 GetFileTitleA
0x4a8738 GetSaveFileNameA
0x4a873c GetOpenFileNameA
EAT(Export Address Table) is none