ScreenShot
| Created | 2021.09.19 10:42 | Machine | s1_win7_x6401 |
| Filename | Kdkvxufvvymmebagxmoolsfkmwkkqanimn.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 26 detected (Vobfus, malicious, high confidence, score, Artemis, Unsafe, Delf, IHCZ, Attribute, HighConfidence, GenKryptik, FKTC, FileRepMalware, AGEN, Infected, Phonzy, susgen, EKLE, ZelphiF, 0KW@amR7dGli) | ||
| md5 | 663dfa8f055ba37eaa8bffc10026f311 | ||
| sha256 | 08c2e043056e5885236672d75e1f62ca87cffebb47457efc644611a065bfebcb | ||
| ssdeep | 12288:RNnBrnT39eHh9pAE6pPnrvQHOgJ8q//CS4/FZ4KPvnk6LHC7WWnMvwfHVBPggsek:35nReHhXknrvJ5K/vtKHngseB | ||
| imphash | e56b8f875592e725f8372fa466f75b12 | ||
| impfuzzy | 192:oV3MSbuuaxSUvK9kso1XEcenLkyG1Q+POQHn:43Baq9uL1vPOQH | ||
Network IP location
Signature (8cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 26 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Performs some HTTP requests |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (4cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x475744 SysFreeString
0x475748 SysReAllocStringLen
0x47574c SysAllocStringLen
advapi32.dll
0x475754 RegQueryValueExA
0x475758 RegOpenKeyExA
0x47575c RegCloseKey
user32.dll
0x475764 GetKeyboardType
0x475768 DestroyWindow
0x47576c LoadStringA
0x475770 MessageBoxA
0x475774 CharNextA
kernel32.dll
0x47577c GetACP
0x475780 Sleep
0x475784 VirtualFree
0x475788 VirtualAlloc
0x47578c GetTickCount
0x475790 QueryPerformanceCounter
0x475794 GetCurrentThreadId
0x475798 InterlockedDecrement
0x47579c InterlockedIncrement
0x4757a0 VirtualQuery
0x4757a4 WideCharToMultiByte
0x4757a8 MultiByteToWideChar
0x4757ac lstrlenA
0x4757b0 lstrcpynA
0x4757b4 LoadLibraryExA
0x4757b8 GetThreadLocale
0x4757bc GetStartupInfoA
0x4757c0 GetProcAddress
0x4757c4 GetModuleHandleA
0x4757c8 GetModuleFileNameA
0x4757cc GetLocaleInfoA
0x4757d0 GetLastError
0x4757d4 GetCommandLineA
0x4757d8 FreeLibrary
0x4757dc FindFirstFileA
0x4757e0 FindClose
0x4757e4 ExitProcess
0x4757e8 CompareStringA
0x4757ec WriteFile
0x4757f0 UnhandledExceptionFilter
0x4757f4 SetFilePointer
0x4757f8 SetEndOfFile
0x4757fc RtlUnwind
0x475800 ReadFile
0x475804 RaiseException
0x475808 GetStdHandle
0x47580c GetFileSize
0x475810 GetFileType
0x475814 CreateFileA
0x475818 CloseHandle
kernel32.dll
0x475820 TlsSetValue
0x475824 TlsGetValue
0x475828 LocalAlloc
0x47582c GetModuleHandleA
user32.dll
0x475834 CreateWindowExA
0x475838 WindowFromPoint
0x47583c WaitMessage
0x475840 UpdateWindow
0x475844 UnregisterClassA
0x475848 UnhookWindowsHookEx
0x47584c TranslateMessage
0x475850 TranslateMDISysAccel
0x475854 TrackPopupMenu
0x475858 SystemParametersInfoA
0x47585c ShowWindow
0x475860 ShowScrollBar
0x475864 ShowOwnedPopups
0x475868 SetWindowsHookExA
0x47586c SetWindowTextA
0x475870 SetWindowPos
0x475874 SetWindowPlacement
0x475878 SetWindowLongW
0x47587c SetWindowLongA
0x475880 SetTimer
0x475884 SetScrollRange
0x475888 SetScrollPos
0x47588c SetScrollInfo
0x475890 SetRect
0x475894 SetPropA
0x475898 SetParent
0x47589c SetMenuItemInfoA
0x4758a0 SetMenu
0x4758a4 SetForegroundWindow
0x4758a8 SetFocus
0x4758ac SetCursor
0x4758b0 SetClassLongA
0x4758b4 SetCapture
0x4758b8 SetActiveWindow
0x4758bc SendMessageW
0x4758c0 SendMessageA
0x4758c4 ScrollWindow
0x4758c8 ScreenToClient
0x4758cc RemovePropA
0x4758d0 RemoveMenu
0x4758d4 ReleaseDC
0x4758d8 ReleaseCapture
0x4758dc RegisterWindowMessageA
0x4758e0 RegisterClipboardFormatA
0x4758e4 RegisterClassA
0x4758e8 RedrawWindow
0x4758ec PtInRect
0x4758f0 PostQuitMessage
0x4758f4 PostMessageA
0x4758f8 PeekMessageW
0x4758fc PeekMessageA
0x475900 OffsetRect
0x475904 OemToCharA
0x475908 MessageBoxA
0x47590c MapWindowPoints
0x475910 MapVirtualKeyA
0x475914 LoadStringA
0x475918 LoadKeyboardLayoutA
0x47591c LoadIconA
0x475920 LoadCursorA
0x475924 LoadBitmapA
0x475928 KillTimer
0x47592c IsZoomed
0x475930 IsWindowVisible
0x475934 IsWindowUnicode
0x475938 IsWindowEnabled
0x47593c IsWindow
0x475940 IsRectEmpty
0x475944 IsIconic
0x475948 IsDialogMessageW
0x47594c IsDialogMessageA
0x475950 IsChild
0x475954 InvalidateRect
0x475958 IntersectRect
0x47595c InsertMenuItemA
0x475960 InsertMenuA
0x475964 InflateRect
0x475968 GetWindowThreadProcessId
0x47596c GetWindowTextA
0x475970 GetWindowRect
0x475974 GetWindowPlacement
0x475978 GetWindowLongW
0x47597c GetWindowLongA
0x475980 GetWindowDC
0x475984 GetTopWindow
0x475988 GetSystemMetrics
0x47598c GetSystemMenu
0x475990 GetSysColorBrush
0x475994 GetSysColor
0x475998 GetSubMenu
0x47599c GetScrollRange
0x4759a0 GetScrollPos
0x4759a4 GetScrollInfo
0x4759a8 GetPropA
0x4759ac GetParent
0x4759b0 GetWindow
0x4759b4 GetMessagePos
0x4759b8 GetMenuStringA
0x4759bc GetMenuState
0x4759c0 GetMenuItemInfoA
0x4759c4 GetMenuItemID
0x4759c8 GetMenuItemCount
0x4759cc GetMenu
0x4759d0 GetLastActivePopup
0x4759d4 GetKeyboardState
0x4759d8 GetKeyboardLayoutNameA
0x4759dc GetKeyboardLayoutList
0x4759e0 GetKeyboardLayout
0x4759e4 GetKeyState
0x4759e8 GetKeyNameTextA
0x4759ec GetIconInfo
0x4759f0 GetForegroundWindow
0x4759f4 GetFocus
0x4759f8 GetDesktopWindow
0x4759fc GetDCEx
0x475a00 GetDC
0x475a04 GetCursorPos
0x475a08 GetCursor
0x475a0c GetClipboardData
0x475a10 GetClientRect
0x475a14 GetClassLongA
0x475a18 GetClassInfoA
0x475a1c GetCapture
0x475a20 GetActiveWindow
0x475a24 FrameRect
0x475a28 FindWindowA
0x475a2c FillRect
0x475a30 EqualRect
0x475a34 EnumWindows
0x475a38 EnumThreadWindows
0x475a3c EnumChildWindows
0x475a40 EndPaint
0x475a44 EnableWindow
0x475a48 EnableScrollBar
0x475a4c EnableMenuItem
0x475a50 DrawTextExA
0x475a54 DrawTextA
0x475a58 DrawMenuBar
0x475a5c DrawIconEx
0x475a60 DrawIcon
0x475a64 DrawFrameControl
0x475a68 DrawFocusRect
0x475a6c DrawEdge
0x475a70 DispatchMessageW
0x475a74 DispatchMessageA
0x475a78 DestroyWindow
0x475a7c DestroyMenu
0x475a80 DestroyIcon
0x475a84 DestroyCursor
0x475a88 DeleteMenu
0x475a8c DefWindowProcA
0x475a90 DefMDIChildProcA
0x475a94 DefFrameProcA
0x475a98 CreatePopupMenu
0x475a9c CreateMenu
0x475aa0 CreateIcon
0x475aa4 ClientToScreen
0x475aa8 CheckMenuItem
0x475aac CallWindowProcA
0x475ab0 CallNextHookEx
0x475ab4 BeginPaint
0x475ab8 CharNextA
0x475abc CharLowerBuffA
0x475ac0 CharLowerA
0x475ac4 CharToOemA
0x475ac8 AdjustWindowRectEx
0x475acc ActivateKeyboardLayout
gdi32.dll
0x475ad4 UnrealizeObject
0x475ad8 StretchBlt
0x475adc SetWindowOrgEx
0x475ae0 SetWinMetaFileBits
0x475ae4 SetViewportOrgEx
0x475ae8 SetTextColor
0x475aec SetStretchBltMode
0x475af0 SetROP2
0x475af4 SetPixel
0x475af8 SetEnhMetaFileBits
0x475afc SetDIBColorTable
0x475b00 SetBrushOrgEx
0x475b04 SetBkMode
0x475b08 SetBkColor
0x475b0c SelectPalette
0x475b10 SelectObject
0x475b14 SelectClipRgn
0x475b18 SaveDC
0x475b1c RestoreDC
0x475b20 Rectangle
0x475b24 RectVisible
0x475b28 RealizePalette
0x475b2c Polyline
0x475b30 Polygon
0x475b34 PlayEnhMetaFile
0x475b38 PatBlt
0x475b3c MoveToEx
0x475b40 MaskBlt
0x475b44 LineTo
0x475b48 IntersectClipRect
0x475b4c GetWindowOrgEx
0x475b50 GetWinMetaFileBits
0x475b54 GetTextMetricsA
0x475b58 GetTextExtentPoint32A
0x475b5c GetSystemPaletteEntries
0x475b60 GetStockObject
0x475b64 GetRgnBox
0x475b68 GetPixel
0x475b6c GetPaletteEntries
0x475b70 GetObjectA
0x475b74 GetEnhMetaFilePaletteEntries
0x475b78 GetEnhMetaFileHeader
0x475b7c GetEnhMetaFileBits
0x475b80 GetDeviceCaps
0x475b84 GetDIBits
0x475b88 GetDIBColorTable
0x475b8c GetDCOrgEx
0x475b90 GetCurrentPositionEx
0x475b94 GetClipBox
0x475b98 GetBrushOrgEx
0x475b9c GetBitmapBits
0x475ba0 ExcludeClipRect
0x475ba4 DeleteObject
0x475ba8 DeleteEnhMetaFile
0x475bac DeleteDC
0x475bb0 CreateSolidBrush
0x475bb4 CreatePenIndirect
0x475bb8 CreatePalette
0x475bbc CreateHalftonePalette
0x475bc0 CreateFontIndirectA
0x475bc4 CreateDIBitmap
0x475bc8 CreateDIBSection
0x475bcc CreateCompatibleDC
0x475bd0 CreateCompatibleBitmap
0x475bd4 CreateBrushIndirect
0x475bd8 CreateBitmap
0x475bdc CopyEnhMetaFileA
0x475be0 BitBlt
version.dll
0x475be8 VerQueryValueA
0x475bec GetFileVersionInfoSizeA
0x475bf0 GetFileVersionInfoA
kernel32.dll
0x475bf8 lstrcpyA
0x475bfc WriteFile
0x475c00 WaitForSingleObject
0x475c04 VirtualQuery
0x475c08 VirtualProtect
0x475c0c VirtualAlloc
0x475c10 SizeofResource
0x475c14 SetThreadLocale
0x475c18 SetFilePointer
0x475c1c SetEvent
0x475c20 SetErrorMode
0x475c24 SetEndOfFile
0x475c28 ResetEvent
0x475c2c ReadFile
0x475c30 MulDiv
0x475c34 LockResource
0x475c38 LoadResource
0x475c3c LoadLibraryA
0x475c40 LeaveCriticalSection
0x475c44 InitializeCriticalSection
0x475c48 GlobalFindAtomA
0x475c4c GlobalDeleteAtom
0x475c50 GlobalAddAtomA
0x475c54 GetVersionExA
0x475c58 GetVersion
0x475c5c GetTickCount
0x475c60 GetThreadLocale
0x475c64 GetStdHandle
0x475c68 GetProcAddress
0x475c6c GetModuleHandleA
0x475c70 GetModuleFileNameA
0x475c74 GetLocaleInfoA
0x475c78 GetLocalTime
0x475c7c GetLastError
0x475c80 GetFullPathNameA
0x475c84 GetDiskFreeSpaceA
0x475c88 GetDateFormatA
0x475c8c GetCurrentThreadId
0x475c90 GetCurrentProcessId
0x475c94 GetCPInfo
0x475c98 FreeResource
0x475c9c InterlockedExchange
0x475ca0 FreeLibrary
0x475ca4 FormatMessageA
0x475ca8 FindResourceA
0x475cac EnumCalendarInfoA
0x475cb0 EnterCriticalSection
0x475cb4 DeleteCriticalSection
0x475cb8 CreateThread
0x475cbc CreateFileA
0x475cc0 CreateEventA
0x475cc4 CompareStringA
0x475cc8 CloseHandle
advapi32.dll
0x475cd0 RegQueryValueExA
0x475cd4 RegOpenKeyExA
0x475cd8 RegFlushKey
0x475cdc RegCloseKey
kernel32.dll
0x475ce4 Sleep
oleaut32.dll
0x475cec SafeArrayPtrOfIndex
0x475cf0 SafeArrayGetUBound
0x475cf4 SafeArrayGetLBound
0x475cf8 SafeArrayCreate
0x475cfc VariantChangeType
0x475d00 VariantCopy
0x475d04 VariantClear
0x475d08 VariantInit
comctl32.dll
0x475d10 _TrackMouseEvent
0x475d14 ImageList_SetIconSize
0x475d18 ImageList_GetIconSize
0x475d1c ImageList_Write
0x475d20 ImageList_Read
0x475d24 ImageList_GetDragImage
0x475d28 ImageList_DragShowNolock
0x475d2c ImageList_DragMove
0x475d30 ImageList_DragLeave
0x475d34 ImageList_DragEnter
0x475d38 ImageList_EndDrag
0x475d3c ImageList_BeginDrag
0x475d40 ImageList_Remove
0x475d44 ImageList_DrawEx
0x475d48 ImageList_Replace
0x475d4c ImageList_Draw
0x475d50 ImageList_GetBkColor
0x475d54 ImageList_SetBkColor
0x475d58 ImageList_Add
0x475d5c ImageList_GetImageCount
0x475d60 ImageList_Destroy
0x475d64 ImageList_Create
0x475d68 InitCommonControls
EAT(Export Address Table) is none
oleaut32.dll
0x475744 SysFreeString
0x475748 SysReAllocStringLen
0x47574c SysAllocStringLen
advapi32.dll
0x475754 RegQueryValueExA
0x475758 RegOpenKeyExA
0x47575c RegCloseKey
user32.dll
0x475764 GetKeyboardType
0x475768 DestroyWindow
0x47576c LoadStringA
0x475770 MessageBoxA
0x475774 CharNextA
kernel32.dll
0x47577c GetACP
0x475780 Sleep
0x475784 VirtualFree
0x475788 VirtualAlloc
0x47578c GetTickCount
0x475790 QueryPerformanceCounter
0x475794 GetCurrentThreadId
0x475798 InterlockedDecrement
0x47579c InterlockedIncrement
0x4757a0 VirtualQuery
0x4757a4 WideCharToMultiByte
0x4757a8 MultiByteToWideChar
0x4757ac lstrlenA
0x4757b0 lstrcpynA
0x4757b4 LoadLibraryExA
0x4757b8 GetThreadLocale
0x4757bc GetStartupInfoA
0x4757c0 GetProcAddress
0x4757c4 GetModuleHandleA
0x4757c8 GetModuleFileNameA
0x4757cc GetLocaleInfoA
0x4757d0 GetLastError
0x4757d4 GetCommandLineA
0x4757d8 FreeLibrary
0x4757dc FindFirstFileA
0x4757e0 FindClose
0x4757e4 ExitProcess
0x4757e8 CompareStringA
0x4757ec WriteFile
0x4757f0 UnhandledExceptionFilter
0x4757f4 SetFilePointer
0x4757f8 SetEndOfFile
0x4757fc RtlUnwind
0x475800 ReadFile
0x475804 RaiseException
0x475808 GetStdHandle
0x47580c GetFileSize
0x475810 GetFileType
0x475814 CreateFileA
0x475818 CloseHandle
kernel32.dll
0x475820 TlsSetValue
0x475824 TlsGetValue
0x475828 LocalAlloc
0x47582c GetModuleHandleA
user32.dll
0x475834 CreateWindowExA
0x475838 WindowFromPoint
0x47583c WaitMessage
0x475840 UpdateWindow
0x475844 UnregisterClassA
0x475848 UnhookWindowsHookEx
0x47584c TranslateMessage
0x475850 TranslateMDISysAccel
0x475854 TrackPopupMenu
0x475858 SystemParametersInfoA
0x47585c ShowWindow
0x475860 ShowScrollBar
0x475864 ShowOwnedPopups
0x475868 SetWindowsHookExA
0x47586c SetWindowTextA
0x475870 SetWindowPos
0x475874 SetWindowPlacement
0x475878 SetWindowLongW
0x47587c SetWindowLongA
0x475880 SetTimer
0x475884 SetScrollRange
0x475888 SetScrollPos
0x47588c SetScrollInfo
0x475890 SetRect
0x475894 SetPropA
0x475898 SetParent
0x47589c SetMenuItemInfoA
0x4758a0 SetMenu
0x4758a4 SetForegroundWindow
0x4758a8 SetFocus
0x4758ac SetCursor
0x4758b0 SetClassLongA
0x4758b4 SetCapture
0x4758b8 SetActiveWindow
0x4758bc SendMessageW
0x4758c0 SendMessageA
0x4758c4 ScrollWindow
0x4758c8 ScreenToClient
0x4758cc RemovePropA
0x4758d0 RemoveMenu
0x4758d4 ReleaseDC
0x4758d8 ReleaseCapture
0x4758dc RegisterWindowMessageA
0x4758e0 RegisterClipboardFormatA
0x4758e4 RegisterClassA
0x4758e8 RedrawWindow
0x4758ec PtInRect
0x4758f0 PostQuitMessage
0x4758f4 PostMessageA
0x4758f8 PeekMessageW
0x4758fc PeekMessageA
0x475900 OffsetRect
0x475904 OemToCharA
0x475908 MessageBoxA
0x47590c MapWindowPoints
0x475910 MapVirtualKeyA
0x475914 LoadStringA
0x475918 LoadKeyboardLayoutA
0x47591c LoadIconA
0x475920 LoadCursorA
0x475924 LoadBitmapA
0x475928 KillTimer
0x47592c IsZoomed
0x475930 IsWindowVisible
0x475934 IsWindowUnicode
0x475938 IsWindowEnabled
0x47593c IsWindow
0x475940 IsRectEmpty
0x475944 IsIconic
0x475948 IsDialogMessageW
0x47594c IsDialogMessageA
0x475950 IsChild
0x475954 InvalidateRect
0x475958 IntersectRect
0x47595c InsertMenuItemA
0x475960 InsertMenuA
0x475964 InflateRect
0x475968 GetWindowThreadProcessId
0x47596c GetWindowTextA
0x475970 GetWindowRect
0x475974 GetWindowPlacement
0x475978 GetWindowLongW
0x47597c GetWindowLongA
0x475980 GetWindowDC
0x475984 GetTopWindow
0x475988 GetSystemMetrics
0x47598c GetSystemMenu
0x475990 GetSysColorBrush
0x475994 GetSysColor
0x475998 GetSubMenu
0x47599c GetScrollRange
0x4759a0 GetScrollPos
0x4759a4 GetScrollInfo
0x4759a8 GetPropA
0x4759ac GetParent
0x4759b0 GetWindow
0x4759b4 GetMessagePos
0x4759b8 GetMenuStringA
0x4759bc GetMenuState
0x4759c0 GetMenuItemInfoA
0x4759c4 GetMenuItemID
0x4759c8 GetMenuItemCount
0x4759cc GetMenu
0x4759d0 GetLastActivePopup
0x4759d4 GetKeyboardState
0x4759d8 GetKeyboardLayoutNameA
0x4759dc GetKeyboardLayoutList
0x4759e0 GetKeyboardLayout
0x4759e4 GetKeyState
0x4759e8 GetKeyNameTextA
0x4759ec GetIconInfo
0x4759f0 GetForegroundWindow
0x4759f4 GetFocus
0x4759f8 GetDesktopWindow
0x4759fc GetDCEx
0x475a00 GetDC
0x475a04 GetCursorPos
0x475a08 GetCursor
0x475a0c GetClipboardData
0x475a10 GetClientRect
0x475a14 GetClassLongA
0x475a18 GetClassInfoA
0x475a1c GetCapture
0x475a20 GetActiveWindow
0x475a24 FrameRect
0x475a28 FindWindowA
0x475a2c FillRect
0x475a30 EqualRect
0x475a34 EnumWindows
0x475a38 EnumThreadWindows
0x475a3c EnumChildWindows
0x475a40 EndPaint
0x475a44 EnableWindow
0x475a48 EnableScrollBar
0x475a4c EnableMenuItem
0x475a50 DrawTextExA
0x475a54 DrawTextA
0x475a58 DrawMenuBar
0x475a5c DrawIconEx
0x475a60 DrawIcon
0x475a64 DrawFrameControl
0x475a68 DrawFocusRect
0x475a6c DrawEdge
0x475a70 DispatchMessageW
0x475a74 DispatchMessageA
0x475a78 DestroyWindow
0x475a7c DestroyMenu
0x475a80 DestroyIcon
0x475a84 DestroyCursor
0x475a88 DeleteMenu
0x475a8c DefWindowProcA
0x475a90 DefMDIChildProcA
0x475a94 DefFrameProcA
0x475a98 CreatePopupMenu
0x475a9c CreateMenu
0x475aa0 CreateIcon
0x475aa4 ClientToScreen
0x475aa8 CheckMenuItem
0x475aac CallWindowProcA
0x475ab0 CallNextHookEx
0x475ab4 BeginPaint
0x475ab8 CharNextA
0x475abc CharLowerBuffA
0x475ac0 CharLowerA
0x475ac4 CharToOemA
0x475ac8 AdjustWindowRectEx
0x475acc ActivateKeyboardLayout
gdi32.dll
0x475ad4 UnrealizeObject
0x475ad8 StretchBlt
0x475adc SetWindowOrgEx
0x475ae0 SetWinMetaFileBits
0x475ae4 SetViewportOrgEx
0x475ae8 SetTextColor
0x475aec SetStretchBltMode
0x475af0 SetROP2
0x475af4 SetPixel
0x475af8 SetEnhMetaFileBits
0x475afc SetDIBColorTable
0x475b00 SetBrushOrgEx
0x475b04 SetBkMode
0x475b08 SetBkColor
0x475b0c SelectPalette
0x475b10 SelectObject
0x475b14 SelectClipRgn
0x475b18 SaveDC
0x475b1c RestoreDC
0x475b20 Rectangle
0x475b24 RectVisible
0x475b28 RealizePalette
0x475b2c Polyline
0x475b30 Polygon
0x475b34 PlayEnhMetaFile
0x475b38 PatBlt
0x475b3c MoveToEx
0x475b40 MaskBlt
0x475b44 LineTo
0x475b48 IntersectClipRect
0x475b4c GetWindowOrgEx
0x475b50 GetWinMetaFileBits
0x475b54 GetTextMetricsA
0x475b58 GetTextExtentPoint32A
0x475b5c GetSystemPaletteEntries
0x475b60 GetStockObject
0x475b64 GetRgnBox
0x475b68 GetPixel
0x475b6c GetPaletteEntries
0x475b70 GetObjectA
0x475b74 GetEnhMetaFilePaletteEntries
0x475b78 GetEnhMetaFileHeader
0x475b7c GetEnhMetaFileBits
0x475b80 GetDeviceCaps
0x475b84 GetDIBits
0x475b88 GetDIBColorTable
0x475b8c GetDCOrgEx
0x475b90 GetCurrentPositionEx
0x475b94 GetClipBox
0x475b98 GetBrushOrgEx
0x475b9c GetBitmapBits
0x475ba0 ExcludeClipRect
0x475ba4 DeleteObject
0x475ba8 DeleteEnhMetaFile
0x475bac DeleteDC
0x475bb0 CreateSolidBrush
0x475bb4 CreatePenIndirect
0x475bb8 CreatePalette
0x475bbc CreateHalftonePalette
0x475bc0 CreateFontIndirectA
0x475bc4 CreateDIBitmap
0x475bc8 CreateDIBSection
0x475bcc CreateCompatibleDC
0x475bd0 CreateCompatibleBitmap
0x475bd4 CreateBrushIndirect
0x475bd8 CreateBitmap
0x475bdc CopyEnhMetaFileA
0x475be0 BitBlt
version.dll
0x475be8 VerQueryValueA
0x475bec GetFileVersionInfoSizeA
0x475bf0 GetFileVersionInfoA
kernel32.dll
0x475bf8 lstrcpyA
0x475bfc WriteFile
0x475c00 WaitForSingleObject
0x475c04 VirtualQuery
0x475c08 VirtualProtect
0x475c0c VirtualAlloc
0x475c10 SizeofResource
0x475c14 SetThreadLocale
0x475c18 SetFilePointer
0x475c1c SetEvent
0x475c20 SetErrorMode
0x475c24 SetEndOfFile
0x475c28 ResetEvent
0x475c2c ReadFile
0x475c30 MulDiv
0x475c34 LockResource
0x475c38 LoadResource
0x475c3c LoadLibraryA
0x475c40 LeaveCriticalSection
0x475c44 InitializeCriticalSection
0x475c48 GlobalFindAtomA
0x475c4c GlobalDeleteAtom
0x475c50 GlobalAddAtomA
0x475c54 GetVersionExA
0x475c58 GetVersion
0x475c5c GetTickCount
0x475c60 GetThreadLocale
0x475c64 GetStdHandle
0x475c68 GetProcAddress
0x475c6c GetModuleHandleA
0x475c70 GetModuleFileNameA
0x475c74 GetLocaleInfoA
0x475c78 GetLocalTime
0x475c7c GetLastError
0x475c80 GetFullPathNameA
0x475c84 GetDiskFreeSpaceA
0x475c88 GetDateFormatA
0x475c8c GetCurrentThreadId
0x475c90 GetCurrentProcessId
0x475c94 GetCPInfo
0x475c98 FreeResource
0x475c9c InterlockedExchange
0x475ca0 FreeLibrary
0x475ca4 FormatMessageA
0x475ca8 FindResourceA
0x475cac EnumCalendarInfoA
0x475cb0 EnterCriticalSection
0x475cb4 DeleteCriticalSection
0x475cb8 CreateThread
0x475cbc CreateFileA
0x475cc0 CreateEventA
0x475cc4 CompareStringA
0x475cc8 CloseHandle
advapi32.dll
0x475cd0 RegQueryValueExA
0x475cd4 RegOpenKeyExA
0x475cd8 RegFlushKey
0x475cdc RegCloseKey
kernel32.dll
0x475ce4 Sleep
oleaut32.dll
0x475cec SafeArrayPtrOfIndex
0x475cf0 SafeArrayGetUBound
0x475cf4 SafeArrayGetLBound
0x475cf8 SafeArrayCreate
0x475cfc VariantChangeType
0x475d00 VariantCopy
0x475d04 VariantClear
0x475d08 VariantInit
comctl32.dll
0x475d10 _TrackMouseEvent
0x475d14 ImageList_SetIconSize
0x475d18 ImageList_GetIconSize
0x475d1c ImageList_Write
0x475d20 ImageList_Read
0x475d24 ImageList_GetDragImage
0x475d28 ImageList_DragShowNolock
0x475d2c ImageList_DragMove
0x475d30 ImageList_DragLeave
0x475d34 ImageList_DragEnter
0x475d38 ImageList_EndDrag
0x475d3c ImageList_BeginDrag
0x475d40 ImageList_Remove
0x475d44 ImageList_DrawEx
0x475d48 ImageList_Replace
0x475d4c ImageList_Draw
0x475d50 ImageList_GetBkColor
0x475d54 ImageList_SetBkColor
0x475d58 ImageList_Add
0x475d5c ImageList_GetImageCount
0x475d60 ImageList_Destroy
0x475d64 ImageList_Create
0x475d68 InitCommonControls
EAT(Export Address Table) is none