ScreenShot
| Created | 2021.09.24 09:03 | Machine | s1_win7_x6402 |
| Filename | imagess.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 27 detected (AIDetect, malware2, Remcos, malicious, high confidence, Unsafe, confidence, YDNC, Attribute, HighConfidence, GenKryptik, FLBF, R06CH0DIN21, RATX, Generic@ML, RDML, zJUZvr90+aUz53T9qS5g, rxwt, susgen, Phonzy, score, Artemis, BScope, Outbreak) | ||
| md5 | 546b3cc7640a0c3105f6674fd9e2debf | ||
| sha256 | 198a6c69303e222c1e37be51ff9cf68615b4879fb2b152f96aad90daf49c7df1 | ||
| ssdeep | 12288:b71aIFXG0LBXveSLxZrJuGmxXQUTcQvPPRKZmQgMM4/YGu1q:bs6RL9veYLrJlIrTtnA8HGE | ||
| imphash | 206016043cadf3442135e07afc507bba | ||
| impfuzzy | 192:oN3MSbuu0xSUvK9kso1XEpeiLlyG1Q+POQk:O3B0q9um1vPOQk | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 27 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (4cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x4c1720 SysFreeString
0x4c1724 SysReAllocStringLen
0x4c1728 SysAllocStringLen
advapi32.dll
0x4c1730 RegQueryValueExA
0x4c1734 RegOpenKeyExA
0x4c1738 RegCloseKey
user32.dll
0x4c1740 GetKeyboardType
0x4c1744 DestroyWindow
0x4c1748 LoadStringA
0x4c174c MessageBoxA
0x4c1750 CharNextA
kernel32.dll
0x4c1758 GetACP
0x4c175c Sleep
0x4c1760 VirtualFree
0x4c1764 VirtualAlloc
0x4c1768 GetCurrentThreadId
0x4c176c InterlockedDecrement
0x4c1770 InterlockedIncrement
0x4c1774 VirtualQuery
0x4c1778 WideCharToMultiByte
0x4c177c MultiByteToWideChar
0x4c1780 lstrlenA
0x4c1784 lstrcpynA
0x4c1788 LoadLibraryExA
0x4c178c GetThreadLocale
0x4c1790 GetStartupInfoA
0x4c1794 GetProcAddress
0x4c1798 GetModuleHandleA
0x4c179c GetModuleFileNameA
0x4c17a0 GetLocaleInfoA
0x4c17a4 GetLastError
0x4c17a8 GetCommandLineA
0x4c17ac FreeLibrary
0x4c17b0 FindFirstFileA
0x4c17b4 FindClose
0x4c17b8 ExitProcess
0x4c17bc CompareStringA
0x4c17c0 WriteFile
0x4c17c4 UnhandledExceptionFilter
0x4c17c8 SetFilePointer
0x4c17cc SetEndOfFile
0x4c17d0 RtlUnwind
0x4c17d4 ReadFile
0x4c17d8 RaiseException
0x4c17dc GetStdHandle
0x4c17e0 GetFileSize
0x4c17e4 GetFileType
0x4c17e8 CreateFileA
0x4c17ec CloseHandle
kernel32.dll
0x4c17f4 TlsSetValue
0x4c17f8 TlsGetValue
0x4c17fc LocalAlloc
0x4c1800 GetModuleHandleA
user32.dll
0x4c1808 CreateWindowExA
0x4c180c WindowFromPoint
0x4c1810 WaitMessage
0x4c1814 UpdateWindow
0x4c1818 UnregisterClassA
0x4c181c UnhookWindowsHookEx
0x4c1820 TranslateMessage
0x4c1824 TranslateMDISysAccel
0x4c1828 TrackPopupMenu
0x4c182c SystemParametersInfoA
0x4c1830 ShowWindow
0x4c1834 ShowScrollBar
0x4c1838 ShowOwnedPopups
0x4c183c SetWindowsHookExA
0x4c1840 SetWindowPos
0x4c1844 SetWindowPlacement
0x4c1848 SetWindowLongW
0x4c184c SetWindowLongA
0x4c1850 SetTimer
0x4c1854 SetScrollRange
0x4c1858 SetScrollPos
0x4c185c SetScrollInfo
0x4c1860 SetRect
0x4c1864 SetPropA
0x4c1868 SetParent
0x4c186c SetMenuItemInfoA
0x4c1870 SetMenu
0x4c1874 SetForegroundWindow
0x4c1878 SetFocus
0x4c187c SetCursor
0x4c1880 SetClassLongA
0x4c1884 SetCapture
0x4c1888 SetActiveWindow
0x4c188c SendMessageW
0x4c1890 SendMessageA
0x4c1894 ScrollWindow
0x4c1898 ScreenToClient
0x4c189c RemovePropA
0x4c18a0 RemoveMenu
0x4c18a4 ReleaseDC
0x4c18a8 ReleaseCapture
0x4c18ac RegisterWindowMessageA
0x4c18b0 RegisterClipboardFormatA
0x4c18b4 RegisterClassA
0x4c18b8 RedrawWindow
0x4c18bc PtInRect
0x4c18c0 PostQuitMessage
0x4c18c4 PostMessageA
0x4c18c8 PeekMessageW
0x4c18cc PeekMessageA
0x4c18d0 OffsetRect
0x4c18d4 OemToCharA
0x4c18d8 MessageBoxA
0x4c18dc MapWindowPoints
0x4c18e0 MapVirtualKeyA
0x4c18e4 LoadStringA
0x4c18e8 LoadKeyboardLayoutA
0x4c18ec LoadIconA
0x4c18f0 LoadCursorA
0x4c18f4 LoadBitmapA
0x4c18f8 KillTimer
0x4c18fc IsZoomed
0x4c1900 IsWindowVisible
0x4c1904 IsWindowUnicode
0x4c1908 IsWindowEnabled
0x4c190c IsWindow
0x4c1910 IsRectEmpty
0x4c1914 IsIconic
0x4c1918 IsDialogMessageW
0x4c191c IsDialogMessageA
0x4c1920 IsChild
0x4c1924 InvalidateRect
0x4c1928 IntersectRect
0x4c192c InsertMenuItemA
0x4c1930 InsertMenuA
0x4c1934 InflateRect
0x4c1938 GetWindowThreadProcessId
0x4c193c GetWindowTextA
0x4c1940 GetWindowRect
0x4c1944 GetWindowPlacement
0x4c1948 GetWindowLongW
0x4c194c GetWindowLongA
0x4c1950 GetWindowDC
0x4c1954 GetTopWindow
0x4c1958 GetSystemMetrics
0x4c195c GetSystemMenu
0x4c1960 GetSysColorBrush
0x4c1964 GetSysColor
0x4c1968 GetSubMenu
0x4c196c GetScrollRange
0x4c1970 GetScrollPos
0x4c1974 GetScrollInfo
0x4c1978 GetPropA
0x4c197c GetParent
0x4c1980 GetWindow
0x4c1984 GetMessagePos
0x4c1988 GetMenuStringA
0x4c198c GetMenuState
0x4c1990 GetMenuItemInfoA
0x4c1994 GetMenuItemID
0x4c1998 GetMenuItemCount
0x4c199c GetMenu
0x4c19a0 GetLastActivePopup
0x4c19a4 GetKeyboardState
0x4c19a8 GetKeyboardLayoutNameA
0x4c19ac GetKeyboardLayoutList
0x4c19b0 GetKeyboardLayout
0x4c19b4 GetKeyState
0x4c19b8 GetKeyNameTextA
0x4c19bc GetIconInfo
0x4c19c0 GetForegroundWindow
0x4c19c4 GetFocus
0x4c19c8 GetDesktopWindow
0x4c19cc GetDCEx
0x4c19d0 GetDC
0x4c19d4 GetCursorPos
0x4c19d8 GetCursor
0x4c19dc GetClipboardData
0x4c19e0 GetClientRect
0x4c19e4 GetClassLongA
0x4c19e8 GetClassInfoA
0x4c19ec GetCapture
0x4c19f0 GetActiveWindow
0x4c19f4 FrameRect
0x4c19f8 FindWindowA
0x4c19fc FillRect
0x4c1a00 EqualRect
0x4c1a04 EnumWindows
0x4c1a08 EnumThreadWindows
0x4c1a0c EnumChildWindows
0x4c1a10 EndPaint
0x4c1a14 EnableWindow
0x4c1a18 EnableScrollBar
0x4c1a1c EnableMenuItem
0x4c1a20 DrawTextA
0x4c1a24 DrawMenuBar
0x4c1a28 DrawIconEx
0x4c1a2c DrawIcon
0x4c1a30 DrawFrameControl
0x4c1a34 DrawEdge
0x4c1a38 DispatchMessageW
0x4c1a3c DispatchMessageA
0x4c1a40 DestroyWindow
0x4c1a44 DestroyMenu
0x4c1a48 DestroyIcon
0x4c1a4c DestroyCursor
0x4c1a50 DeleteMenu
0x4c1a54 DefWindowProcA
0x4c1a58 DefMDIChildProcA
0x4c1a5c DefFrameProcA
0x4c1a60 CreatePopupMenu
0x4c1a64 CreateMenu
0x4c1a68 CreateIcon
0x4c1a6c ClientToScreen
0x4c1a70 CheckMenuItem
0x4c1a74 CallWindowProcA
0x4c1a78 CallNextHookEx
0x4c1a7c BeginPaint
0x4c1a80 CharNextA
0x4c1a84 CharLowerBuffA
0x4c1a88 CharLowerA
0x4c1a8c CharToOemA
0x4c1a90 AdjustWindowRectEx
0x4c1a94 ActivateKeyboardLayout
gdi32.dll
0x4c1a9c UnrealizeObject
0x4c1aa0 StretchBlt
0x4c1aa4 SetWindowOrgEx
0x4c1aa8 SetWinMetaFileBits
0x4c1aac SetViewportOrgEx
0x4c1ab0 SetTextColor
0x4c1ab4 SetStretchBltMode
0x4c1ab8 SetROP2
0x4c1abc SetPixel
0x4c1ac0 SetEnhMetaFileBits
0x4c1ac4 SetDIBColorTable
0x4c1ac8 SetBrushOrgEx
0x4c1acc SetBkMode
0x4c1ad0 SetBkColor
0x4c1ad4 SelectPalette
0x4c1ad8 SelectObject
0x4c1adc SaveDC
0x4c1ae0 RestoreDC
0x4c1ae4 Rectangle
0x4c1ae8 RectVisible
0x4c1aec RealizePalette
0x4c1af0 Polyline
0x4c1af4 PlayEnhMetaFile
0x4c1af8 PatBlt
0x4c1afc MoveToEx
0x4c1b00 MaskBlt
0x4c1b04 LineTo
0x4c1b08 IntersectClipRect
0x4c1b0c GetWindowOrgEx
0x4c1b10 GetWinMetaFileBits
0x4c1b14 GetTextMetricsA
0x4c1b18 GetTextExtentPoint32A
0x4c1b1c GetSystemPaletteEntries
0x4c1b20 GetStockObject
0x4c1b24 GetRgnBox
0x4c1b28 GetPixel
0x4c1b2c GetPaletteEntries
0x4c1b30 GetObjectA
0x4c1b34 GetEnhMetaFilePaletteEntries
0x4c1b38 GetEnhMetaFileHeader
0x4c1b3c GetEnhMetaFileBits
0x4c1b40 GetDeviceCaps
0x4c1b44 GetDIBits
0x4c1b48 GetDIBColorTable
0x4c1b4c GetDCOrgEx
0x4c1b50 GetCurrentPositionEx
0x4c1b54 GetClipBox
0x4c1b58 GetBrushOrgEx
0x4c1b5c GetBitmapBits
0x4c1b60 GdiFlush
0x4c1b64 ExcludeClipRect
0x4c1b68 DeleteObject
0x4c1b6c DeleteEnhMetaFile
0x4c1b70 DeleteDC
0x4c1b74 CreateSolidBrush
0x4c1b78 CreatePenIndirect
0x4c1b7c CreatePalette
0x4c1b80 CreateHalftonePalette
0x4c1b84 CreateFontIndirectA
0x4c1b88 CreateDIBitmap
0x4c1b8c CreateDIBSection
0x4c1b90 CreateCompatibleDC
0x4c1b94 CreateCompatibleBitmap
0x4c1b98 CreateBrushIndirect
0x4c1b9c CreateBitmap
0x4c1ba0 CopyEnhMetaFileA
0x4c1ba4 BitBlt
version.dll
0x4c1bac VerQueryValueA
0x4c1bb0 GetFileVersionInfoSizeA
0x4c1bb4 GetFileVersionInfoA
kernel32.dll
0x4c1bbc lstrcpyA
0x4c1bc0 WriteFile
0x4c1bc4 WaitForSingleObject
0x4c1bc8 VirtualQuery
0x4c1bcc VirtualProtect
0x4c1bd0 VirtualAlloc
0x4c1bd4 SizeofResource
0x4c1bd8 SetThreadLocale
0x4c1bdc SetFilePointer
0x4c1be0 SetEvent
0x4c1be4 SetErrorMode
0x4c1be8 SetEndOfFile
0x4c1bec ResetEvent
0x4c1bf0 ReadFile
0x4c1bf4 MulDiv
0x4c1bf8 LockResource
0x4c1bfc LoadResource
0x4c1c00 LoadLibraryA
0x4c1c04 LeaveCriticalSection
0x4c1c08 InitializeCriticalSection
0x4c1c0c GlobalFindAtomA
0x4c1c10 GlobalDeleteAtom
0x4c1c14 GlobalAddAtomA
0x4c1c18 GetVersionExA
0x4c1c1c GetVersion
0x4c1c20 GetTickCount
0x4c1c24 GetThreadLocale
0x4c1c28 GetStdHandle
0x4c1c2c GetProcAddress
0x4c1c30 GetModuleHandleA
0x4c1c34 GetModuleFileNameA
0x4c1c38 GetLocaleInfoA
0x4c1c3c GetLocalTime
0x4c1c40 GetLastError
0x4c1c44 GetFullPathNameA
0x4c1c48 GetDiskFreeSpaceA
0x4c1c4c GetDateFormatA
0x4c1c50 GetCurrentThreadId
0x4c1c54 GetCurrentProcessId
0x4c1c58 GetCPInfo
0x4c1c5c FreeResource
0x4c1c60 InterlockedExchange
0x4c1c64 FreeLibrary
0x4c1c68 FormatMessageA
0x4c1c6c FindResourceA
0x4c1c70 EnumCalendarInfoA
0x4c1c74 EnterCriticalSection
0x4c1c78 DeleteCriticalSection
0x4c1c7c CreateThread
0x4c1c80 CreateFileA
0x4c1c84 CreateEventA
0x4c1c88 CompareStringA
0x4c1c8c CloseHandle
advapi32.dll
0x4c1c94 RegQueryValueExA
0x4c1c98 RegOpenKeyExA
0x4c1c9c RegFlushKey
0x4c1ca0 RegCloseKey
kernel32.dll
0x4c1ca8 Sleep
oleaut32.dll
0x4c1cb0 SafeArrayPtrOfIndex
0x4c1cb4 SafeArrayGetUBound
0x4c1cb8 SafeArrayGetLBound
0x4c1cbc SafeArrayCreate
0x4c1cc0 VariantChangeType
0x4c1cc4 VariantCopy
0x4c1cc8 VariantClear
0x4c1ccc VariantInit
comctl32.dll
0x4c1cd4 _TrackMouseEvent
0x4c1cd8 ImageList_SetIconSize
0x4c1cdc ImageList_GetIconSize
0x4c1ce0 ImageList_Write
0x4c1ce4 ImageList_Read
0x4c1ce8 ImageList_DragShowNolock
0x4c1cec ImageList_DragMove
0x4c1cf0 ImageList_DragLeave
0x4c1cf4 ImageList_DragEnter
0x4c1cf8 ImageList_EndDrag
0x4c1cfc ImageList_BeginDrag
0x4c1d00 ImageList_Remove
0x4c1d04 ImageList_DrawEx
0x4c1d08 ImageList_Draw
0x4c1d0c ImageList_GetBkColor
0x4c1d10 ImageList_SetBkColor
0x4c1d14 ImageList_Add
0x4c1d18 ImageList_GetImageCount
0x4c1d1c ImageList_Destroy
0x4c1d20 ImageList_Create
EAT(Export Address Table) is none
oleaut32.dll
0x4c1720 SysFreeString
0x4c1724 SysReAllocStringLen
0x4c1728 SysAllocStringLen
advapi32.dll
0x4c1730 RegQueryValueExA
0x4c1734 RegOpenKeyExA
0x4c1738 RegCloseKey
user32.dll
0x4c1740 GetKeyboardType
0x4c1744 DestroyWindow
0x4c1748 LoadStringA
0x4c174c MessageBoxA
0x4c1750 CharNextA
kernel32.dll
0x4c1758 GetACP
0x4c175c Sleep
0x4c1760 VirtualFree
0x4c1764 VirtualAlloc
0x4c1768 GetCurrentThreadId
0x4c176c InterlockedDecrement
0x4c1770 InterlockedIncrement
0x4c1774 VirtualQuery
0x4c1778 WideCharToMultiByte
0x4c177c MultiByteToWideChar
0x4c1780 lstrlenA
0x4c1784 lstrcpynA
0x4c1788 LoadLibraryExA
0x4c178c GetThreadLocale
0x4c1790 GetStartupInfoA
0x4c1794 GetProcAddress
0x4c1798 GetModuleHandleA
0x4c179c GetModuleFileNameA
0x4c17a0 GetLocaleInfoA
0x4c17a4 GetLastError
0x4c17a8 GetCommandLineA
0x4c17ac FreeLibrary
0x4c17b0 FindFirstFileA
0x4c17b4 FindClose
0x4c17b8 ExitProcess
0x4c17bc CompareStringA
0x4c17c0 WriteFile
0x4c17c4 UnhandledExceptionFilter
0x4c17c8 SetFilePointer
0x4c17cc SetEndOfFile
0x4c17d0 RtlUnwind
0x4c17d4 ReadFile
0x4c17d8 RaiseException
0x4c17dc GetStdHandle
0x4c17e0 GetFileSize
0x4c17e4 GetFileType
0x4c17e8 CreateFileA
0x4c17ec CloseHandle
kernel32.dll
0x4c17f4 TlsSetValue
0x4c17f8 TlsGetValue
0x4c17fc LocalAlloc
0x4c1800 GetModuleHandleA
user32.dll
0x4c1808 CreateWindowExA
0x4c180c WindowFromPoint
0x4c1810 WaitMessage
0x4c1814 UpdateWindow
0x4c1818 UnregisterClassA
0x4c181c UnhookWindowsHookEx
0x4c1820 TranslateMessage
0x4c1824 TranslateMDISysAccel
0x4c1828 TrackPopupMenu
0x4c182c SystemParametersInfoA
0x4c1830 ShowWindow
0x4c1834 ShowScrollBar
0x4c1838 ShowOwnedPopups
0x4c183c SetWindowsHookExA
0x4c1840 SetWindowPos
0x4c1844 SetWindowPlacement
0x4c1848 SetWindowLongW
0x4c184c SetWindowLongA
0x4c1850 SetTimer
0x4c1854 SetScrollRange
0x4c1858 SetScrollPos
0x4c185c SetScrollInfo
0x4c1860 SetRect
0x4c1864 SetPropA
0x4c1868 SetParent
0x4c186c SetMenuItemInfoA
0x4c1870 SetMenu
0x4c1874 SetForegroundWindow
0x4c1878 SetFocus
0x4c187c SetCursor
0x4c1880 SetClassLongA
0x4c1884 SetCapture
0x4c1888 SetActiveWindow
0x4c188c SendMessageW
0x4c1890 SendMessageA
0x4c1894 ScrollWindow
0x4c1898 ScreenToClient
0x4c189c RemovePropA
0x4c18a0 RemoveMenu
0x4c18a4 ReleaseDC
0x4c18a8 ReleaseCapture
0x4c18ac RegisterWindowMessageA
0x4c18b0 RegisterClipboardFormatA
0x4c18b4 RegisterClassA
0x4c18b8 RedrawWindow
0x4c18bc PtInRect
0x4c18c0 PostQuitMessage
0x4c18c4 PostMessageA
0x4c18c8 PeekMessageW
0x4c18cc PeekMessageA
0x4c18d0 OffsetRect
0x4c18d4 OemToCharA
0x4c18d8 MessageBoxA
0x4c18dc MapWindowPoints
0x4c18e0 MapVirtualKeyA
0x4c18e4 LoadStringA
0x4c18e8 LoadKeyboardLayoutA
0x4c18ec LoadIconA
0x4c18f0 LoadCursorA
0x4c18f4 LoadBitmapA
0x4c18f8 KillTimer
0x4c18fc IsZoomed
0x4c1900 IsWindowVisible
0x4c1904 IsWindowUnicode
0x4c1908 IsWindowEnabled
0x4c190c IsWindow
0x4c1910 IsRectEmpty
0x4c1914 IsIconic
0x4c1918 IsDialogMessageW
0x4c191c IsDialogMessageA
0x4c1920 IsChild
0x4c1924 InvalidateRect
0x4c1928 IntersectRect
0x4c192c InsertMenuItemA
0x4c1930 InsertMenuA
0x4c1934 InflateRect
0x4c1938 GetWindowThreadProcessId
0x4c193c GetWindowTextA
0x4c1940 GetWindowRect
0x4c1944 GetWindowPlacement
0x4c1948 GetWindowLongW
0x4c194c GetWindowLongA
0x4c1950 GetWindowDC
0x4c1954 GetTopWindow
0x4c1958 GetSystemMetrics
0x4c195c GetSystemMenu
0x4c1960 GetSysColorBrush
0x4c1964 GetSysColor
0x4c1968 GetSubMenu
0x4c196c GetScrollRange
0x4c1970 GetScrollPos
0x4c1974 GetScrollInfo
0x4c1978 GetPropA
0x4c197c GetParent
0x4c1980 GetWindow
0x4c1984 GetMessagePos
0x4c1988 GetMenuStringA
0x4c198c GetMenuState
0x4c1990 GetMenuItemInfoA
0x4c1994 GetMenuItemID
0x4c1998 GetMenuItemCount
0x4c199c GetMenu
0x4c19a0 GetLastActivePopup
0x4c19a4 GetKeyboardState
0x4c19a8 GetKeyboardLayoutNameA
0x4c19ac GetKeyboardLayoutList
0x4c19b0 GetKeyboardLayout
0x4c19b4 GetKeyState
0x4c19b8 GetKeyNameTextA
0x4c19bc GetIconInfo
0x4c19c0 GetForegroundWindow
0x4c19c4 GetFocus
0x4c19c8 GetDesktopWindow
0x4c19cc GetDCEx
0x4c19d0 GetDC
0x4c19d4 GetCursorPos
0x4c19d8 GetCursor
0x4c19dc GetClipboardData
0x4c19e0 GetClientRect
0x4c19e4 GetClassLongA
0x4c19e8 GetClassInfoA
0x4c19ec GetCapture
0x4c19f0 GetActiveWindow
0x4c19f4 FrameRect
0x4c19f8 FindWindowA
0x4c19fc FillRect
0x4c1a00 EqualRect
0x4c1a04 EnumWindows
0x4c1a08 EnumThreadWindows
0x4c1a0c EnumChildWindows
0x4c1a10 EndPaint
0x4c1a14 EnableWindow
0x4c1a18 EnableScrollBar
0x4c1a1c EnableMenuItem
0x4c1a20 DrawTextA
0x4c1a24 DrawMenuBar
0x4c1a28 DrawIconEx
0x4c1a2c DrawIcon
0x4c1a30 DrawFrameControl
0x4c1a34 DrawEdge
0x4c1a38 DispatchMessageW
0x4c1a3c DispatchMessageA
0x4c1a40 DestroyWindow
0x4c1a44 DestroyMenu
0x4c1a48 DestroyIcon
0x4c1a4c DestroyCursor
0x4c1a50 DeleteMenu
0x4c1a54 DefWindowProcA
0x4c1a58 DefMDIChildProcA
0x4c1a5c DefFrameProcA
0x4c1a60 CreatePopupMenu
0x4c1a64 CreateMenu
0x4c1a68 CreateIcon
0x4c1a6c ClientToScreen
0x4c1a70 CheckMenuItem
0x4c1a74 CallWindowProcA
0x4c1a78 CallNextHookEx
0x4c1a7c BeginPaint
0x4c1a80 CharNextA
0x4c1a84 CharLowerBuffA
0x4c1a88 CharLowerA
0x4c1a8c CharToOemA
0x4c1a90 AdjustWindowRectEx
0x4c1a94 ActivateKeyboardLayout
gdi32.dll
0x4c1a9c UnrealizeObject
0x4c1aa0 StretchBlt
0x4c1aa4 SetWindowOrgEx
0x4c1aa8 SetWinMetaFileBits
0x4c1aac SetViewportOrgEx
0x4c1ab0 SetTextColor
0x4c1ab4 SetStretchBltMode
0x4c1ab8 SetROP2
0x4c1abc SetPixel
0x4c1ac0 SetEnhMetaFileBits
0x4c1ac4 SetDIBColorTable
0x4c1ac8 SetBrushOrgEx
0x4c1acc SetBkMode
0x4c1ad0 SetBkColor
0x4c1ad4 SelectPalette
0x4c1ad8 SelectObject
0x4c1adc SaveDC
0x4c1ae0 RestoreDC
0x4c1ae4 Rectangle
0x4c1ae8 RectVisible
0x4c1aec RealizePalette
0x4c1af0 Polyline
0x4c1af4 PlayEnhMetaFile
0x4c1af8 PatBlt
0x4c1afc MoveToEx
0x4c1b00 MaskBlt
0x4c1b04 LineTo
0x4c1b08 IntersectClipRect
0x4c1b0c GetWindowOrgEx
0x4c1b10 GetWinMetaFileBits
0x4c1b14 GetTextMetricsA
0x4c1b18 GetTextExtentPoint32A
0x4c1b1c GetSystemPaletteEntries
0x4c1b20 GetStockObject
0x4c1b24 GetRgnBox
0x4c1b28 GetPixel
0x4c1b2c GetPaletteEntries
0x4c1b30 GetObjectA
0x4c1b34 GetEnhMetaFilePaletteEntries
0x4c1b38 GetEnhMetaFileHeader
0x4c1b3c GetEnhMetaFileBits
0x4c1b40 GetDeviceCaps
0x4c1b44 GetDIBits
0x4c1b48 GetDIBColorTable
0x4c1b4c GetDCOrgEx
0x4c1b50 GetCurrentPositionEx
0x4c1b54 GetClipBox
0x4c1b58 GetBrushOrgEx
0x4c1b5c GetBitmapBits
0x4c1b60 GdiFlush
0x4c1b64 ExcludeClipRect
0x4c1b68 DeleteObject
0x4c1b6c DeleteEnhMetaFile
0x4c1b70 DeleteDC
0x4c1b74 CreateSolidBrush
0x4c1b78 CreatePenIndirect
0x4c1b7c CreatePalette
0x4c1b80 CreateHalftonePalette
0x4c1b84 CreateFontIndirectA
0x4c1b88 CreateDIBitmap
0x4c1b8c CreateDIBSection
0x4c1b90 CreateCompatibleDC
0x4c1b94 CreateCompatibleBitmap
0x4c1b98 CreateBrushIndirect
0x4c1b9c CreateBitmap
0x4c1ba0 CopyEnhMetaFileA
0x4c1ba4 BitBlt
version.dll
0x4c1bac VerQueryValueA
0x4c1bb0 GetFileVersionInfoSizeA
0x4c1bb4 GetFileVersionInfoA
kernel32.dll
0x4c1bbc lstrcpyA
0x4c1bc0 WriteFile
0x4c1bc4 WaitForSingleObject
0x4c1bc8 VirtualQuery
0x4c1bcc VirtualProtect
0x4c1bd0 VirtualAlloc
0x4c1bd4 SizeofResource
0x4c1bd8 SetThreadLocale
0x4c1bdc SetFilePointer
0x4c1be0 SetEvent
0x4c1be4 SetErrorMode
0x4c1be8 SetEndOfFile
0x4c1bec ResetEvent
0x4c1bf0 ReadFile
0x4c1bf4 MulDiv
0x4c1bf8 LockResource
0x4c1bfc LoadResource
0x4c1c00 LoadLibraryA
0x4c1c04 LeaveCriticalSection
0x4c1c08 InitializeCriticalSection
0x4c1c0c GlobalFindAtomA
0x4c1c10 GlobalDeleteAtom
0x4c1c14 GlobalAddAtomA
0x4c1c18 GetVersionExA
0x4c1c1c GetVersion
0x4c1c20 GetTickCount
0x4c1c24 GetThreadLocale
0x4c1c28 GetStdHandle
0x4c1c2c GetProcAddress
0x4c1c30 GetModuleHandleA
0x4c1c34 GetModuleFileNameA
0x4c1c38 GetLocaleInfoA
0x4c1c3c GetLocalTime
0x4c1c40 GetLastError
0x4c1c44 GetFullPathNameA
0x4c1c48 GetDiskFreeSpaceA
0x4c1c4c GetDateFormatA
0x4c1c50 GetCurrentThreadId
0x4c1c54 GetCurrentProcessId
0x4c1c58 GetCPInfo
0x4c1c5c FreeResource
0x4c1c60 InterlockedExchange
0x4c1c64 FreeLibrary
0x4c1c68 FormatMessageA
0x4c1c6c FindResourceA
0x4c1c70 EnumCalendarInfoA
0x4c1c74 EnterCriticalSection
0x4c1c78 DeleteCriticalSection
0x4c1c7c CreateThread
0x4c1c80 CreateFileA
0x4c1c84 CreateEventA
0x4c1c88 CompareStringA
0x4c1c8c CloseHandle
advapi32.dll
0x4c1c94 RegQueryValueExA
0x4c1c98 RegOpenKeyExA
0x4c1c9c RegFlushKey
0x4c1ca0 RegCloseKey
kernel32.dll
0x4c1ca8 Sleep
oleaut32.dll
0x4c1cb0 SafeArrayPtrOfIndex
0x4c1cb4 SafeArrayGetUBound
0x4c1cb8 SafeArrayGetLBound
0x4c1cbc SafeArrayCreate
0x4c1cc0 VariantChangeType
0x4c1cc4 VariantCopy
0x4c1cc8 VariantClear
0x4c1ccc VariantInit
comctl32.dll
0x4c1cd4 _TrackMouseEvent
0x4c1cd8 ImageList_SetIconSize
0x4c1cdc ImageList_GetIconSize
0x4c1ce0 ImageList_Write
0x4c1ce4 ImageList_Read
0x4c1ce8 ImageList_DragShowNolock
0x4c1cec ImageList_DragMove
0x4c1cf0 ImageList_DragLeave
0x4c1cf4 ImageList_DragEnter
0x4c1cf8 ImageList_EndDrag
0x4c1cfc ImageList_BeginDrag
0x4c1d00 ImageList_Remove
0x4c1d04 ImageList_DrawEx
0x4c1d08 ImageList_Draw
0x4c1d0c ImageList_GetBkColor
0x4c1d10 ImageList_SetBkColor
0x4c1d14 ImageList_Add
0x4c1d18 ImageList_GetImageCount
0x4c1d1c ImageList_Destroy
0x4c1d20 ImageList_Create
EAT(Export Address Table) is none