ScreenShot
| Created | 2021.09.09 08:51 | Machine | s1_win7_x6402 |
| Filename | RFQ-Order_Sheet#43254363-Sept-21_signed-copy.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 40 detected (Remcos, malicious, high confidence, GenericKD, Unsafe, DelfInject, confidence, Delf, XFIT, Attribute, HighConfidence, Rescoms, RATX, DownLoader42, Static AI, Suspicious PE, Score, ai score=82, susgen, EQAC) | ||
| md5 | 68038cd6686e726c8d5fcfdf5b62d37a | ||
| sha256 | b70ee93e9f63d90785264d45dae48012a1d00b92f63c21ccae0f5d2003c00554 | ||
| ssdeep | 6144:5CZ5dEs7ZrwziKYDZ2/avaYvqfbUacyHeP/hz0Xkb5fjUOCMXjqfZPFVb/4rr7ZG:QZ5l7ZrwzLCMHHi5rUlI64rimoAryZV | ||
| imphash | 4dfd1417e7c3ef71650aaaaec402ef1c | ||
| impfuzzy | 192:33Pnk1Q//dbuuSxSUvK9yqoaqEXo72POQXN:33810Sq9AWPOQ9 | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 40 AntiVirus engines on VirusTotal as malicious |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Creates a thread using CreateRemoteThread in a non-child process indicative of process injection |
| watch | Installs itself for autorun at Windows startup |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | Network activity contains more than one unique useragent |
| watch | Potential code injection by writing to the memory of another process |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Creates executable files on the filesystem |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
kernel32.dll
0x4fb140 DeleteCriticalSection
0x4fb144 LeaveCriticalSection
0x4fb148 EnterCriticalSection
0x4fb14c InitializeCriticalSection
0x4fb150 VirtualFree
0x4fb154 VirtualAlloc
0x4fb158 LocalFree
0x4fb15c LocalAlloc
0x4fb160 GetTickCount
0x4fb164 QueryPerformanceCounter
0x4fb168 GetVersion
0x4fb16c GetCurrentThreadId
0x4fb170 InterlockedDecrement
0x4fb174 InterlockedIncrement
0x4fb178 VirtualQuery
0x4fb17c WideCharToMultiByte
0x4fb180 MultiByteToWideChar
0x4fb184 lstrlenA
0x4fb188 lstrcpynA
0x4fb18c LoadLibraryExA
0x4fb190 GetThreadLocale
0x4fb194 GetStartupInfoA
0x4fb198 GetProcAddress
0x4fb19c GetModuleHandleA
0x4fb1a0 GetModuleFileNameA
0x4fb1a4 GetLocaleInfoA
0x4fb1a8 GetCommandLineA
0x4fb1ac FreeLibrary
0x4fb1b0 FindFirstFileA
0x4fb1b4 FindClose
0x4fb1b8 ExitProcess
0x4fb1bc WriteFile
0x4fb1c0 UnhandledExceptionFilter
0x4fb1c4 RtlUnwind
0x4fb1c8 RaiseException
0x4fb1cc GetStdHandle
user32.dll
0x4fb1d4 GetKeyboardType
0x4fb1d8 LoadStringA
0x4fb1dc MessageBoxA
0x4fb1e0 CharNextA
advapi32.dll
0x4fb1e8 RegQueryValueExA
0x4fb1ec RegOpenKeyExA
0x4fb1f0 RegCloseKey
oleaut32.dll
0x4fb1f8 SysFreeString
0x4fb1fc SysReAllocStringLen
0x4fb200 SysAllocStringLen
kernel32.dll
0x4fb208 TlsSetValue
0x4fb20c TlsGetValue
0x4fb210 LocalAlloc
0x4fb214 GetModuleHandleA
advapi32.dll
0x4fb21c RegQueryValueExA
0x4fb220 RegOpenKeyExA
0x4fb224 RegCloseKey
kernel32.dll
0x4fb22c lstrcpyA
0x4fb230 lstrcmpiA
0x4fb234 WriteFile
0x4fb238 WaitForSingleObject
0x4fb23c VirtualQuery
0x4fb240 VirtualProtect
0x4fb244 VirtualAlloc
0x4fb248 Sleep
0x4fb24c SizeofResource
0x4fb250 SetThreadLocale
0x4fb254 SetFilePointer
0x4fb258 SetEvent
0x4fb25c SetErrorMode
0x4fb260 SetEndOfFile
0x4fb264 ResetEvent
0x4fb268 ReadFile
0x4fb26c MultiByteToWideChar
0x4fb270 MulDiv
0x4fb274 LockResource
0x4fb278 LoadResource
0x4fb27c LoadLibraryA
0x4fb280 LeaveCriticalSection
0x4fb284 InitializeCriticalSection
0x4fb288 GlobalUnlock
0x4fb28c GlobalSize
0x4fb290 GlobalReAlloc
0x4fb294 GlobalHandle
0x4fb298 GlobalLock
0x4fb29c GlobalFree
0x4fb2a0 GlobalFindAtomA
0x4fb2a4 GlobalDeleteAtom
0x4fb2a8 GlobalAlloc
0x4fb2ac GlobalAddAtomA
0x4fb2b0 GetVersionExA
0x4fb2b4 GetVersion
0x4fb2b8 GetUserDefaultLCID
0x4fb2bc GetTickCount
0x4fb2c0 GetThreadLocale
0x4fb2c4 GetSystemInfo
0x4fb2c8 GetStringTypeExA
0x4fb2cc GetStdHandle
0x4fb2d0 GetProcAddress
0x4fb2d4 GetModuleHandleA
0x4fb2d8 GetModuleFileNameA
0x4fb2dc GetLocaleInfoA
0x4fb2e0 GetLocalTime
0x4fb2e4 GetLastError
0x4fb2e8 GetFullPathNameA
0x4fb2ec GetDiskFreeSpaceA
0x4fb2f0 GetDateFormatA
0x4fb2f4 GetCurrentThreadId
0x4fb2f8 GetCurrentProcessId
0x4fb2fc GetCPInfo
0x4fb300 GetACP
0x4fb304 FreeResource
0x4fb308 InterlockedExchange
0x4fb30c FreeLibrary
0x4fb310 FormatMessageA
0x4fb314 FindResourceA
0x4fb318 EnumCalendarInfoA
0x4fb31c EnterCriticalSection
0x4fb320 DeleteCriticalSection
0x4fb324 CreateThread
0x4fb328 CreateFileA
0x4fb32c CreateEventA
0x4fb330 CompareStringA
0x4fb334 CloseHandle
version.dll
0x4fb33c VerQueryValueA
0x4fb340 GetFileVersionInfoSizeA
0x4fb344 GetFileVersionInfoA
gdi32.dll
0x4fb34c UnrealizeObject
0x4fb350 StretchBlt
0x4fb354 SetWindowOrgEx
0x4fb358 SetWinMetaFileBits
0x4fb35c SetViewportOrgEx
0x4fb360 SetTextColor
0x4fb364 SetStretchBltMode
0x4fb368 SetROP2
0x4fb36c SetPixel
0x4fb370 SetEnhMetaFileBits
0x4fb374 SetDIBColorTable
0x4fb378 SetBrushOrgEx
0x4fb37c SetBkMode
0x4fb380 SetBkColor
0x4fb384 SelectPalette
0x4fb388 SelectObject
0x4fb38c SaveDC
0x4fb390 RestoreDC
0x4fb394 Rectangle
0x4fb398 RectVisible
0x4fb39c RealizePalette
0x4fb3a0 PlayEnhMetaFile
0x4fb3a4 PatBlt
0x4fb3a8 MoveToEx
0x4fb3ac MaskBlt
0x4fb3b0 LineTo
0x4fb3b4 IntersectClipRect
0x4fb3b8 GetWindowOrgEx
0x4fb3bc GetWinMetaFileBits
0x4fb3c0 GetTextMetricsA
0x4fb3c4 GetTextExtentPointA
0x4fb3c8 GetTextExtentPoint32A
0x4fb3cc GetSystemPaletteEntries
0x4fb3d0 GetStockObject
0x4fb3d4 GetPixel
0x4fb3d8 GetPaletteEntries
0x4fb3dc GetObjectA
0x4fb3e0 GetEnhMetaFilePaletteEntries
0x4fb3e4 GetEnhMetaFileHeader
0x4fb3e8 GetEnhMetaFileDescriptionA
0x4fb3ec GetEnhMetaFileBits
0x4fb3f0 GetDeviceCaps
0x4fb3f4 GetDIBits
0x4fb3f8 GetDIBColorTable
0x4fb3fc GetDCOrgEx
0x4fb400 GetCurrentPositionEx
0x4fb404 GetClipBox
0x4fb408 GetBrushOrgEx
0x4fb40c GetBitmapBits
0x4fb410 ExcludeClipRect
0x4fb414 DeleteObject
0x4fb418 DeleteEnhMetaFile
0x4fb41c DeleteDC
0x4fb420 CreateSolidBrush
0x4fb424 CreatePenIndirect
0x4fb428 CreatePalette
0x4fb42c CreateHalftonePalette
0x4fb430 CreateFontIndirectA
0x4fb434 CreateEnhMetaFileA
0x4fb438 CreateDIBitmap
0x4fb43c CreateDIBSection
0x4fb440 CreateCompatibleDC
0x4fb444 CreateCompatibleBitmap
0x4fb448 CreateBrushIndirect
0x4fb44c CreateBitmap
0x4fb450 CopyEnhMetaFileA
0x4fb454 CloseEnhMetaFile
0x4fb458 BitBlt
user32.dll
0x4fb460 CreateWindowExA
0x4fb464 WindowFromPoint
0x4fb468 WinHelpA
0x4fb46c WaitMessage
0x4fb470 UpdateWindow
0x4fb474 UnregisterClassA
0x4fb478 UnhookWindowsHookEx
0x4fb47c TranslateMessage
0x4fb480 TranslateMDISysAccel
0x4fb484 TrackPopupMenu
0x4fb488 SystemParametersInfoA
0x4fb48c ShowWindow
0x4fb490 ShowScrollBar
0x4fb494 ShowOwnedPopups
0x4fb498 ShowCursor
0x4fb49c SetWindowsHookExA
0x4fb4a0 SetWindowPos
0x4fb4a4 SetWindowPlacement
0x4fb4a8 SetWindowLongA
0x4fb4ac SetTimer
0x4fb4b0 SetScrollRange
0x4fb4b4 SetScrollPos
0x4fb4b8 SetScrollInfo
0x4fb4bc SetRect
0x4fb4c0 SetPropA
0x4fb4c4 SetParent
0x4fb4c8 SetMenuItemInfoA
0x4fb4cc SetMenu
0x4fb4d0 SetForegroundWindow
0x4fb4d4 SetFocus
0x4fb4d8 SetCursor
0x4fb4dc SetClipboardData
0x4fb4e0 SetClassLongA
0x4fb4e4 SetCapture
0x4fb4e8 SetActiveWindow
0x4fb4ec SendMessageA
0x4fb4f0 ScrollWindow
0x4fb4f4 ScreenToClient
0x4fb4f8 RemovePropA
0x4fb4fc RemoveMenu
0x4fb500 ReleaseDC
0x4fb504 ReleaseCapture
0x4fb508 RegisterWindowMessageA
0x4fb50c RegisterClipboardFormatA
0x4fb510 RegisterClassA
0x4fb514 RedrawWindow
0x4fb518 PtInRect
0x4fb51c PostQuitMessage
0x4fb520 PostMessageA
0x4fb524 PeekMessageA
0x4fb528 OpenClipboard
0x4fb52c OffsetRect
0x4fb530 OemToCharA
0x4fb534 MessageBoxA
0x4fb538 MessageBeep
0x4fb53c MapWindowPoints
0x4fb540 MapVirtualKeyA
0x4fb544 LoadStringA
0x4fb548 LoadKeyboardLayoutA
0x4fb54c LoadIconA
0x4fb550 LoadCursorA
0x4fb554 LoadBitmapA
0x4fb558 KillTimer
0x4fb55c IsZoomed
0x4fb560 IsWindowVisible
0x4fb564 IsWindowEnabled
0x4fb568 IsWindow
0x4fb56c IsRectEmpty
0x4fb570 IsIconic
0x4fb574 IsDialogMessageA
0x4fb578 IsChild
0x4fb57c InvalidateRect
0x4fb580 IntersectRect
0x4fb584 InsertMenuItemA
0x4fb588 InsertMenuA
0x4fb58c InflateRect
0x4fb590 GetWindowThreadProcessId
0x4fb594 GetWindowTextA
0x4fb598 GetWindowRect
0x4fb59c GetWindowPlacement
0x4fb5a0 GetWindowLongA
0x4fb5a4 GetWindowDC
0x4fb5a8 GetTopWindow
0x4fb5ac GetSystemMetrics
0x4fb5b0 GetSystemMenu
0x4fb5b4 GetSysColorBrush
0x4fb5b8 GetSysColor
0x4fb5bc GetSubMenu
0x4fb5c0 GetScrollRange
0x4fb5c4 GetScrollPos
0x4fb5c8 GetScrollInfo
0x4fb5cc GetPropA
0x4fb5d0 GetParent
0x4fb5d4 GetWindow
0x4fb5d8 GetMessageTime
0x4fb5dc GetMenuStringA
0x4fb5e0 GetMenuState
0x4fb5e4 GetMenuItemInfoA
0x4fb5e8 GetMenuItemID
0x4fb5ec GetMenuItemCount
0x4fb5f0 GetMenu
0x4fb5f4 GetLastActivePopup
0x4fb5f8 GetKeyboardState
0x4fb5fc GetKeyboardLayoutList
0x4fb600 GetKeyboardLayout
0x4fb604 GetKeyState
0x4fb608 GetKeyNameTextA
0x4fb60c GetIconInfo
0x4fb610 GetForegroundWindow
0x4fb614 GetFocus
0x4fb618 GetDesktopWindow
0x4fb61c GetDCEx
0x4fb620 GetDC
0x4fb624 GetCursorPos
0x4fb628 GetCursor
0x4fb62c GetClipboardData
0x4fb630 GetClientRect
0x4fb634 GetClassNameA
0x4fb638 GetClassInfoA
0x4fb63c GetCapture
0x4fb640 GetActiveWindow
0x4fb644 FrameRect
0x4fb648 FindWindowA
0x4fb64c FillRect
0x4fb650 EqualRect
0x4fb654 EnumWindows
0x4fb658 EnumThreadWindows
0x4fb65c EndPaint
0x4fb660 EnableWindow
0x4fb664 EnableScrollBar
0x4fb668 EnableMenuItem
0x4fb66c EmptyClipboard
0x4fb670 DrawTextA
0x4fb674 DrawMenuBar
0x4fb678 DrawIconEx
0x4fb67c DrawIcon
0x4fb680 DrawFrameControl
0x4fb684 DrawEdge
0x4fb688 DispatchMessageA
0x4fb68c DestroyWindow
0x4fb690 DestroyMenu
0x4fb694 DestroyIcon
0x4fb698 DestroyCursor
0x4fb69c DeleteMenu
0x4fb6a0 DefWindowProcA
0x4fb6a4 DefMDIChildProcA
0x4fb6a8 DefFrameProcA
0x4fb6ac CreatePopupMenu
0x4fb6b0 CreateMenu
0x4fb6b4 CreateIcon
0x4fb6b8 CloseClipboard
0x4fb6bc ClientToScreen
0x4fb6c0 CheckMenuItem
0x4fb6c4 CallWindowProcA
0x4fb6c8 CallNextHookEx
0x4fb6cc BeginPaint
0x4fb6d0 CharNextA
0x4fb6d4 CharLowerBuffA
0x4fb6d8 CharLowerA
0x4fb6dc CharUpperBuffA
0x4fb6e0 CharToOemA
0x4fb6e4 AdjustWindowRectEx
0x4fb6e8 ActivateKeyboardLayout
kernel32.dll
0x4fb6f0 Sleep
oleaut32.dll
0x4fb6f8 SafeArrayPtrOfIndex
0x4fb6fc SafeArrayGetUBound
0x4fb700 SafeArrayGetLBound
0x4fb704 SafeArrayCreate
0x4fb708 VariantChangeType
0x4fb70c VariantCopy
0x4fb710 VariantClear
0x4fb714 VariantInit
ole32.dll
0x4fb71c CreateStreamOnHGlobal
0x4fb720 IsAccelerator
0x4fb724 OleDraw
0x4fb728 OleSetMenuDescriptor
0x4fb72c CoCreateInstance
0x4fb730 CoGetClassObject
0x4fb734 CoUninitialize
0x4fb738 CoInitialize
0x4fb73c IsEqualGUID
oleaut32.dll
0x4fb744 GetErrorInfo
0x4fb748 SysFreeString
comctl32.dll
0x4fb750 ImageList_SetIconSize
0x4fb754 ImageList_GetIconSize
0x4fb758 ImageList_Write
0x4fb75c ImageList_Read
0x4fb760 ImageList_GetDragImage
0x4fb764 ImageList_DragShowNolock
0x4fb768 ImageList_SetDragCursorImage
0x4fb76c ImageList_DragMove
0x4fb770 ImageList_DragLeave
0x4fb774 ImageList_DragEnter
0x4fb778 ImageList_EndDrag
0x4fb77c ImageList_BeginDrag
0x4fb780 ImageList_Remove
0x4fb784 ImageList_DrawEx
0x4fb788 ImageList_Draw
0x4fb78c ImageList_GetBkColor
0x4fb790 ImageList_SetBkColor
0x4fb794 ImageList_ReplaceIcon
0x4fb798 ImageList_Add
0x4fb79c ImageList_SetImageCount
0x4fb7a0 ImageList_GetImageCount
0x4fb7a4 ImageList_Destroy
0x4fb7a8 ImageList_Create
EAT(Export Address Table) is none
kernel32.dll
0x4fb140 DeleteCriticalSection
0x4fb144 LeaveCriticalSection
0x4fb148 EnterCriticalSection
0x4fb14c InitializeCriticalSection
0x4fb150 VirtualFree
0x4fb154 VirtualAlloc
0x4fb158 LocalFree
0x4fb15c LocalAlloc
0x4fb160 GetTickCount
0x4fb164 QueryPerformanceCounter
0x4fb168 GetVersion
0x4fb16c GetCurrentThreadId
0x4fb170 InterlockedDecrement
0x4fb174 InterlockedIncrement
0x4fb178 VirtualQuery
0x4fb17c WideCharToMultiByte
0x4fb180 MultiByteToWideChar
0x4fb184 lstrlenA
0x4fb188 lstrcpynA
0x4fb18c LoadLibraryExA
0x4fb190 GetThreadLocale
0x4fb194 GetStartupInfoA
0x4fb198 GetProcAddress
0x4fb19c GetModuleHandleA
0x4fb1a0 GetModuleFileNameA
0x4fb1a4 GetLocaleInfoA
0x4fb1a8 GetCommandLineA
0x4fb1ac FreeLibrary
0x4fb1b0 FindFirstFileA
0x4fb1b4 FindClose
0x4fb1b8 ExitProcess
0x4fb1bc WriteFile
0x4fb1c0 UnhandledExceptionFilter
0x4fb1c4 RtlUnwind
0x4fb1c8 RaiseException
0x4fb1cc GetStdHandle
user32.dll
0x4fb1d4 GetKeyboardType
0x4fb1d8 LoadStringA
0x4fb1dc MessageBoxA
0x4fb1e0 CharNextA
advapi32.dll
0x4fb1e8 RegQueryValueExA
0x4fb1ec RegOpenKeyExA
0x4fb1f0 RegCloseKey
oleaut32.dll
0x4fb1f8 SysFreeString
0x4fb1fc SysReAllocStringLen
0x4fb200 SysAllocStringLen
kernel32.dll
0x4fb208 TlsSetValue
0x4fb20c TlsGetValue
0x4fb210 LocalAlloc
0x4fb214 GetModuleHandleA
advapi32.dll
0x4fb21c RegQueryValueExA
0x4fb220 RegOpenKeyExA
0x4fb224 RegCloseKey
kernel32.dll
0x4fb22c lstrcpyA
0x4fb230 lstrcmpiA
0x4fb234 WriteFile
0x4fb238 WaitForSingleObject
0x4fb23c VirtualQuery
0x4fb240 VirtualProtect
0x4fb244 VirtualAlloc
0x4fb248 Sleep
0x4fb24c SizeofResource
0x4fb250 SetThreadLocale
0x4fb254 SetFilePointer
0x4fb258 SetEvent
0x4fb25c SetErrorMode
0x4fb260 SetEndOfFile
0x4fb264 ResetEvent
0x4fb268 ReadFile
0x4fb26c MultiByteToWideChar
0x4fb270 MulDiv
0x4fb274 LockResource
0x4fb278 LoadResource
0x4fb27c LoadLibraryA
0x4fb280 LeaveCriticalSection
0x4fb284 InitializeCriticalSection
0x4fb288 GlobalUnlock
0x4fb28c GlobalSize
0x4fb290 GlobalReAlloc
0x4fb294 GlobalHandle
0x4fb298 GlobalLock
0x4fb29c GlobalFree
0x4fb2a0 GlobalFindAtomA
0x4fb2a4 GlobalDeleteAtom
0x4fb2a8 GlobalAlloc
0x4fb2ac GlobalAddAtomA
0x4fb2b0 GetVersionExA
0x4fb2b4 GetVersion
0x4fb2b8 GetUserDefaultLCID
0x4fb2bc GetTickCount
0x4fb2c0 GetThreadLocale
0x4fb2c4 GetSystemInfo
0x4fb2c8 GetStringTypeExA
0x4fb2cc GetStdHandle
0x4fb2d0 GetProcAddress
0x4fb2d4 GetModuleHandleA
0x4fb2d8 GetModuleFileNameA
0x4fb2dc GetLocaleInfoA
0x4fb2e0 GetLocalTime
0x4fb2e4 GetLastError
0x4fb2e8 GetFullPathNameA
0x4fb2ec GetDiskFreeSpaceA
0x4fb2f0 GetDateFormatA
0x4fb2f4 GetCurrentThreadId
0x4fb2f8 GetCurrentProcessId
0x4fb2fc GetCPInfo
0x4fb300 GetACP
0x4fb304 FreeResource
0x4fb308 InterlockedExchange
0x4fb30c FreeLibrary
0x4fb310 FormatMessageA
0x4fb314 FindResourceA
0x4fb318 EnumCalendarInfoA
0x4fb31c EnterCriticalSection
0x4fb320 DeleteCriticalSection
0x4fb324 CreateThread
0x4fb328 CreateFileA
0x4fb32c CreateEventA
0x4fb330 CompareStringA
0x4fb334 CloseHandle
version.dll
0x4fb33c VerQueryValueA
0x4fb340 GetFileVersionInfoSizeA
0x4fb344 GetFileVersionInfoA
gdi32.dll
0x4fb34c UnrealizeObject
0x4fb350 StretchBlt
0x4fb354 SetWindowOrgEx
0x4fb358 SetWinMetaFileBits
0x4fb35c SetViewportOrgEx
0x4fb360 SetTextColor
0x4fb364 SetStretchBltMode
0x4fb368 SetROP2
0x4fb36c SetPixel
0x4fb370 SetEnhMetaFileBits
0x4fb374 SetDIBColorTable
0x4fb378 SetBrushOrgEx
0x4fb37c SetBkMode
0x4fb380 SetBkColor
0x4fb384 SelectPalette
0x4fb388 SelectObject
0x4fb38c SaveDC
0x4fb390 RestoreDC
0x4fb394 Rectangle
0x4fb398 RectVisible
0x4fb39c RealizePalette
0x4fb3a0 PlayEnhMetaFile
0x4fb3a4 PatBlt
0x4fb3a8 MoveToEx
0x4fb3ac MaskBlt
0x4fb3b0 LineTo
0x4fb3b4 IntersectClipRect
0x4fb3b8 GetWindowOrgEx
0x4fb3bc GetWinMetaFileBits
0x4fb3c0 GetTextMetricsA
0x4fb3c4 GetTextExtentPointA
0x4fb3c8 GetTextExtentPoint32A
0x4fb3cc GetSystemPaletteEntries
0x4fb3d0 GetStockObject
0x4fb3d4 GetPixel
0x4fb3d8 GetPaletteEntries
0x4fb3dc GetObjectA
0x4fb3e0 GetEnhMetaFilePaletteEntries
0x4fb3e4 GetEnhMetaFileHeader
0x4fb3e8 GetEnhMetaFileDescriptionA
0x4fb3ec GetEnhMetaFileBits
0x4fb3f0 GetDeviceCaps
0x4fb3f4 GetDIBits
0x4fb3f8 GetDIBColorTable
0x4fb3fc GetDCOrgEx
0x4fb400 GetCurrentPositionEx
0x4fb404 GetClipBox
0x4fb408 GetBrushOrgEx
0x4fb40c GetBitmapBits
0x4fb410 ExcludeClipRect
0x4fb414 DeleteObject
0x4fb418 DeleteEnhMetaFile
0x4fb41c DeleteDC
0x4fb420 CreateSolidBrush
0x4fb424 CreatePenIndirect
0x4fb428 CreatePalette
0x4fb42c CreateHalftonePalette
0x4fb430 CreateFontIndirectA
0x4fb434 CreateEnhMetaFileA
0x4fb438 CreateDIBitmap
0x4fb43c CreateDIBSection
0x4fb440 CreateCompatibleDC
0x4fb444 CreateCompatibleBitmap
0x4fb448 CreateBrushIndirect
0x4fb44c CreateBitmap
0x4fb450 CopyEnhMetaFileA
0x4fb454 CloseEnhMetaFile
0x4fb458 BitBlt
user32.dll
0x4fb460 CreateWindowExA
0x4fb464 WindowFromPoint
0x4fb468 WinHelpA
0x4fb46c WaitMessage
0x4fb470 UpdateWindow
0x4fb474 UnregisterClassA
0x4fb478 UnhookWindowsHookEx
0x4fb47c TranslateMessage
0x4fb480 TranslateMDISysAccel
0x4fb484 TrackPopupMenu
0x4fb488 SystemParametersInfoA
0x4fb48c ShowWindow
0x4fb490 ShowScrollBar
0x4fb494 ShowOwnedPopups
0x4fb498 ShowCursor
0x4fb49c SetWindowsHookExA
0x4fb4a0 SetWindowPos
0x4fb4a4 SetWindowPlacement
0x4fb4a8 SetWindowLongA
0x4fb4ac SetTimer
0x4fb4b0 SetScrollRange
0x4fb4b4 SetScrollPos
0x4fb4b8 SetScrollInfo
0x4fb4bc SetRect
0x4fb4c0 SetPropA
0x4fb4c4 SetParent
0x4fb4c8 SetMenuItemInfoA
0x4fb4cc SetMenu
0x4fb4d0 SetForegroundWindow
0x4fb4d4 SetFocus
0x4fb4d8 SetCursor
0x4fb4dc SetClipboardData
0x4fb4e0 SetClassLongA
0x4fb4e4 SetCapture
0x4fb4e8 SetActiveWindow
0x4fb4ec SendMessageA
0x4fb4f0 ScrollWindow
0x4fb4f4 ScreenToClient
0x4fb4f8 RemovePropA
0x4fb4fc RemoveMenu
0x4fb500 ReleaseDC
0x4fb504 ReleaseCapture
0x4fb508 RegisterWindowMessageA
0x4fb50c RegisterClipboardFormatA
0x4fb510 RegisterClassA
0x4fb514 RedrawWindow
0x4fb518 PtInRect
0x4fb51c PostQuitMessage
0x4fb520 PostMessageA
0x4fb524 PeekMessageA
0x4fb528 OpenClipboard
0x4fb52c OffsetRect
0x4fb530 OemToCharA
0x4fb534 MessageBoxA
0x4fb538 MessageBeep
0x4fb53c MapWindowPoints
0x4fb540 MapVirtualKeyA
0x4fb544 LoadStringA
0x4fb548 LoadKeyboardLayoutA
0x4fb54c LoadIconA
0x4fb550 LoadCursorA
0x4fb554 LoadBitmapA
0x4fb558 KillTimer
0x4fb55c IsZoomed
0x4fb560 IsWindowVisible
0x4fb564 IsWindowEnabled
0x4fb568 IsWindow
0x4fb56c IsRectEmpty
0x4fb570 IsIconic
0x4fb574 IsDialogMessageA
0x4fb578 IsChild
0x4fb57c InvalidateRect
0x4fb580 IntersectRect
0x4fb584 InsertMenuItemA
0x4fb588 InsertMenuA
0x4fb58c InflateRect
0x4fb590 GetWindowThreadProcessId
0x4fb594 GetWindowTextA
0x4fb598 GetWindowRect
0x4fb59c GetWindowPlacement
0x4fb5a0 GetWindowLongA
0x4fb5a4 GetWindowDC
0x4fb5a8 GetTopWindow
0x4fb5ac GetSystemMetrics
0x4fb5b0 GetSystemMenu
0x4fb5b4 GetSysColorBrush
0x4fb5b8 GetSysColor
0x4fb5bc GetSubMenu
0x4fb5c0 GetScrollRange
0x4fb5c4 GetScrollPos
0x4fb5c8 GetScrollInfo
0x4fb5cc GetPropA
0x4fb5d0 GetParent
0x4fb5d4 GetWindow
0x4fb5d8 GetMessageTime
0x4fb5dc GetMenuStringA
0x4fb5e0 GetMenuState
0x4fb5e4 GetMenuItemInfoA
0x4fb5e8 GetMenuItemID
0x4fb5ec GetMenuItemCount
0x4fb5f0 GetMenu
0x4fb5f4 GetLastActivePopup
0x4fb5f8 GetKeyboardState
0x4fb5fc GetKeyboardLayoutList
0x4fb600 GetKeyboardLayout
0x4fb604 GetKeyState
0x4fb608 GetKeyNameTextA
0x4fb60c GetIconInfo
0x4fb610 GetForegroundWindow
0x4fb614 GetFocus
0x4fb618 GetDesktopWindow
0x4fb61c GetDCEx
0x4fb620 GetDC
0x4fb624 GetCursorPos
0x4fb628 GetCursor
0x4fb62c GetClipboardData
0x4fb630 GetClientRect
0x4fb634 GetClassNameA
0x4fb638 GetClassInfoA
0x4fb63c GetCapture
0x4fb640 GetActiveWindow
0x4fb644 FrameRect
0x4fb648 FindWindowA
0x4fb64c FillRect
0x4fb650 EqualRect
0x4fb654 EnumWindows
0x4fb658 EnumThreadWindows
0x4fb65c EndPaint
0x4fb660 EnableWindow
0x4fb664 EnableScrollBar
0x4fb668 EnableMenuItem
0x4fb66c EmptyClipboard
0x4fb670 DrawTextA
0x4fb674 DrawMenuBar
0x4fb678 DrawIconEx
0x4fb67c DrawIcon
0x4fb680 DrawFrameControl
0x4fb684 DrawEdge
0x4fb688 DispatchMessageA
0x4fb68c DestroyWindow
0x4fb690 DestroyMenu
0x4fb694 DestroyIcon
0x4fb698 DestroyCursor
0x4fb69c DeleteMenu
0x4fb6a0 DefWindowProcA
0x4fb6a4 DefMDIChildProcA
0x4fb6a8 DefFrameProcA
0x4fb6ac CreatePopupMenu
0x4fb6b0 CreateMenu
0x4fb6b4 CreateIcon
0x4fb6b8 CloseClipboard
0x4fb6bc ClientToScreen
0x4fb6c0 CheckMenuItem
0x4fb6c4 CallWindowProcA
0x4fb6c8 CallNextHookEx
0x4fb6cc BeginPaint
0x4fb6d0 CharNextA
0x4fb6d4 CharLowerBuffA
0x4fb6d8 CharLowerA
0x4fb6dc CharUpperBuffA
0x4fb6e0 CharToOemA
0x4fb6e4 AdjustWindowRectEx
0x4fb6e8 ActivateKeyboardLayout
kernel32.dll
0x4fb6f0 Sleep
oleaut32.dll
0x4fb6f8 SafeArrayPtrOfIndex
0x4fb6fc SafeArrayGetUBound
0x4fb700 SafeArrayGetLBound
0x4fb704 SafeArrayCreate
0x4fb708 VariantChangeType
0x4fb70c VariantCopy
0x4fb710 VariantClear
0x4fb714 VariantInit
ole32.dll
0x4fb71c CreateStreamOnHGlobal
0x4fb720 IsAccelerator
0x4fb724 OleDraw
0x4fb728 OleSetMenuDescriptor
0x4fb72c CoCreateInstance
0x4fb730 CoGetClassObject
0x4fb734 CoUninitialize
0x4fb738 CoInitialize
0x4fb73c IsEqualGUID
oleaut32.dll
0x4fb744 GetErrorInfo
0x4fb748 SysFreeString
comctl32.dll
0x4fb750 ImageList_SetIconSize
0x4fb754 ImageList_GetIconSize
0x4fb758 ImageList_Write
0x4fb75c ImageList_Read
0x4fb760 ImageList_GetDragImage
0x4fb764 ImageList_DragShowNolock
0x4fb768 ImageList_SetDragCursorImage
0x4fb76c ImageList_DragMove
0x4fb770 ImageList_DragLeave
0x4fb774 ImageList_DragEnter
0x4fb778 ImageList_EndDrag
0x4fb77c ImageList_BeginDrag
0x4fb780 ImageList_Remove
0x4fb784 ImageList_DrawEx
0x4fb788 ImageList_Draw
0x4fb78c ImageList_GetBkColor
0x4fb790 ImageList_SetBkColor
0x4fb794 ImageList_ReplaceIcon
0x4fb798 ImageList_Add
0x4fb79c ImageList_SetImageCount
0x4fb7a0 ImageList_GetImageCount
0x4fb7a4 ImageList_Destroy
0x4fb7a8 ImageList_Create
EAT(Export Address Table) is none