ScreenShot
| Created | 2021.09.25 10:47 | Machine | s1_win7_x6402 |
| Filename | file.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 4 detected (Malicious, ZelphiF, 9U0@a8aW0nbi, susgen) | ||
| md5 | cb2519c7618babe98a785cd7bd1485b4 | ||
| sha256 | c18804ac4abfb502a22a55644ff96ee944b3b311154e300517ba2f8b2e437055 | ||
| ssdeep | 24576:zCi8kgvcDLZthdivZE4q5FYrzuBhXq78fktBgSnJ9MaSfUz4Pf4zV1KQpeKr12lP:esgvqAr4XEtKSJ9MKz4If1ZOjtd9i | ||
| imphash | 2fc14194d725210106a447adb17abcd1 | ||
| impfuzzy | 192:DDcnTFYjncdqKUurdVYTexCWTOwI7uOQdOHuPyEO:DDcnpUcEYPTOGOQdOoO | ||
Network IP location
Signature (12cnts)
| Level | Description |
|---|---|
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates a suspicious process |
| notice | File has been identified by 4 AntiVirus engines on VirusTotal as malicious |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| notice | Resolves a suspicious Top Level Domain (TLD) |
| notice | Sends data using the HTTP POST Method |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
ET DNS Query to a *.top domain - Likely Hostile
ET INFO HTTP Request to a *.top domain
ET INFO HTTP Request to a *.top domain
PE API
IAT(Import Address Table) Library
kernel32.dll
0x6a6890 GetACP
0x6a6894 GetExitCodeProcess
0x6a6898 LocalFree
0x6a689c CloseHandle
0x6a68a0 GetCurrentProcessId
0x6a68a4 SizeofResource
0x6a68a8 VirtualProtect
0x6a68ac QueryPerformanceFrequency
0x6a68b0 IsDebuggerPresent
0x6a68b4 VirtualFree
0x6a68b8 GetFullPathNameW
0x6a68bc ExitProcess
0x6a68c0 HeapAlloc
0x6a68c4 GetCPInfoExW
0x6a68c8 RtlUnwind
0x6a68cc GetCPInfo
0x6a68d0 EnumSystemLocalesW
0x6a68d4 GetStdHandle
0x6a68d8 GetTimeZoneInformation
0x6a68dc GetModuleHandleW
0x6a68e0 FreeLibrary
0x6a68e4 TryEnterCriticalSection
0x6a68e8 HeapDestroy
0x6a68ec ReadFile
0x6a68f0 CreateProcessW
0x6a68f4 HeapSize
0x6a68f8 GetLastError
0x6a68fc GetModuleFileNameW
0x6a6900 SetLastError
0x6a6904 GlobalAlloc
0x6a6908 GlobalUnlock
0x6a690c FindResourceW
0x6a6910 CreateThread
0x6a6914 CompareStringW
0x6a6918 LoadLibraryA
0x6a691c ResetEvent
0x6a6920 MulDiv
0x6a6924 FreeResource
0x6a6928 GetVersion
0x6a692c RaiseException
0x6a6930 GlobalAddAtomW
0x6a6934 FormatMessageW
0x6a6938 SwitchToThread
0x6a693c GetExitCodeThread
0x6a6940 GetCurrentThread
0x6a6944 LoadLibraryExW
0x6a6948 LockResource
0x6a694c GetCurrentThreadId
0x6a6950 UnhandledExceptionFilter
0x6a6954 VirtualQuery
0x6a6958 GlobalFindAtomW
0x6a695c VirtualQueryEx
0x6a6960 GlobalFree
0x6a6964 Sleep
0x6a6968 EnterCriticalSection
0x6a696c SetFilePointer
0x6a6970 LoadResource
0x6a6974 SuspendThread
0x6a6978 GetTickCount
0x6a697c GetFileSize
0x6a6980 GetStartupInfoW
0x6a6984 GlobalDeleteAtom
0x6a6988 GetFileAttributesW
0x6a698c InitializeCriticalSection
0x6a6990 GetThreadPriority
0x6a6994 GetCurrentProcess
0x6a6998 SetThreadPriority
0x6a699c GlobalLock
0x6a69a0 VirtualAlloc
0x6a69a4 GetSystemInfo
0x6a69a8 GetCommandLineW
0x6a69ac GetTempPathW
0x6a69b0 DuplicateHandle
0x6a69b4 LeaveCriticalSection
0x6a69b8 GetProcAddress
0x6a69bc ResumeThread
0x6a69c0 GetVersionExW
0x6a69c4 VerifyVersionInfoW
0x6a69c8 HeapCreate
0x6a69cc GetDiskFreeSpaceW
0x6a69d0 VerSetConditionMask
0x6a69d4 FindFirstFileW
0x6a69d8 GetUserDefaultUILanguage
0x6a69dc lstrlenW
0x6a69e0 QueryPerformanceCounter
0x6a69e4 SetEndOfFile
0x6a69e8 HeapFree
0x6a69ec WideCharToMultiByte
0x6a69f0 FindClose
0x6a69f4 MultiByteToWideChar
0x6a69f8 LoadLibraryW
0x6a69fc SetEvent
0x6a6a00 CreateFileW
0x6a6a04 GetLocaleInfoW
0x6a6a08 EnumResourceNamesW
0x6a6a0c GetLocalTime
0x6a6a10 GetEnvironmentVariableW
0x6a6a14 WaitForSingleObject
0x6a6a18 WriteFile
0x6a6a1c ExitThread
0x6a6a20 CreatePipe
0x6a6a24 DeleteCriticalSection
0x6a6a28 GetDateFormatW
0x6a6a2c TlsGetValue
0x6a6a30 SetErrorMode
0x6a6a34 GetComputerNameW
0x6a6a38 IsValidLocale
0x6a6a3c TlsSetValue
0x6a6a40 GetSystemDefaultUILanguage
0x6a6a44 EnumCalendarInfoW
0x6a6a48 LocalAlloc
0x6a6a4c CreateEventW
0x6a6a50 WaitForMultipleObjectsEx
0x6a6a54 SetThreadLocale
0x6a6a58 GetThreadLocale
winspool.drv
0x6a6a60 DocumentPropertiesW
0x6a6a64 ClosePrinter
0x6a6a68 OpenPrinterW
0x6a6a6c GetDefaultPrinterW
0x6a6a70 EnumPrintersW
comctl32.dll
0x6a6a78 ImageList_GetImageInfo
0x6a6a7c FlatSB_SetScrollInfo
0x6a6a80 ImageList_DragMove
0x6a6a84 ImageList_Destroy
0x6a6a88 _TrackMouseEvent
0x6a6a8c ImageList_DragShowNolock
0x6a6a90 ImageList_Add
0x6a6a94 FlatSB_SetScrollProp
0x6a6a98 ImageList_GetDragImage
0x6a6a9c ImageList_Create
0x6a6aa0 ImageList_EndDrag
0x6a6aa4 ImageList_DrawEx
0x6a6aa8 ImageList_SetImageCount
0x6a6aac FlatSB_GetScrollPos
0x6a6ab0 FlatSB_SetScrollPos
0x6a6ab4 InitializeFlatSB
0x6a6ab8 ImageList_Copy
0x6a6abc FlatSB_GetScrollInfo
0x6a6ac0 ImageList_Write
0x6a6ac4 ImageList_SetBkColor
0x6a6ac8 ImageList_GetBkColor
0x6a6acc ImageList_BeginDrag
0x6a6ad0 ImageList_GetIcon
0x6a6ad4 ImageList_Replace
0x6a6ad8 ImageList_GetImageCount
0x6a6adc ImageList_DragEnter
0x6a6ae0 ImageList_GetIconSize
0x6a6ae4 ImageList_SetIconSize
0x6a6ae8 ImageList_Read
0x6a6aec ImageList_DragLeave
0x6a6af0 ImageList_LoadImageW
0x6a6af4 ImageList_Draw
0x6a6af8 ImageList_Remove
0x6a6afc ImageList_ReplaceIcon
0x6a6b00 ImageList_SetOverlayImage
shell32.dll
0x6a6b08 Shell_NotifyIconW
ole32.dll
0x6a6b10 IsEqualGUID
0x6a6b14 OleInitialize
0x6a6b18 OleUninitialize
0x6a6b1c CoInitialize
0x6a6b20 CoCreateInstance
0x6a6b24 CoUninitialize
0x6a6b28 CoTaskMemFree
0x6a6b2c CoTaskMemAlloc
version.dll
0x6a6b34 GetFileVersionInfoSizeW
0x6a6b38 VerQueryValueW
0x6a6b3c GetFileVersionInfoW
user32.dll
0x6a6b44 CopyImage
0x6a6b48 CreateWindowExW
0x6a6b4c GetMenuItemInfoW
0x6a6b50 SetMenuItemInfoW
0x6a6b54 DefFrameProcW
0x6a6b58 GetDCEx
0x6a6b5c PeekMessageW
0x6a6b60 MonitorFromWindow
0x6a6b64 GetDlgCtrlID
0x6a6b68 SetTimer
0x6a6b6c WindowFromPoint
0x6a6b70 BeginPaint
0x6a6b74 RegisterClipboardFormatW
0x6a6b78 FrameRect
0x6a6b7c MapVirtualKeyW
0x6a6b80 IsWindowUnicode
0x6a6b84 RegisterWindowMessageW
0x6a6b88 FillRect
0x6a6b8c GetMenuStringW
0x6a6b90 DispatchMessageW
0x6a6b94 CreateAcceleratorTableW
0x6a6b98 SendMessageA
0x6a6b9c DefMDIChildProcW
0x6a6ba0 EnumWindows
0x6a6ba4 GetClassInfoW
0x6a6ba8 ShowOwnedPopups
0x6a6bac GetSystemMenu
0x6a6bb0 GetScrollRange
0x6a6bb4 SetScrollPos
0x6a6bb8 GetScrollPos
0x6a6bbc GetActiveWindow
0x6a6bc0 SetActiveWindow
0x6a6bc4 DrawEdge
0x6a6bc8 GetKeyboardLayoutList
0x6a6bcc LoadBitmapW
0x6a6bd0 DrawFocusRect
0x6a6bd4 EnumChildWindows
0x6a6bd8 ReleaseCapture
0x6a6bdc UnhookWindowsHookEx
0x6a6be0 LoadCursorW
0x6a6be4 GetCapture
0x6a6be8 SetCapture
0x6a6bec CreatePopupMenu
0x6a6bf0 ScrollWindow
0x6a6bf4 ShowCaret
0x6a6bf8 GetMenuItemID
0x6a6bfc GetLastActivePopup
0x6a6c00 CharLowerBuffW
0x6a6c04 GetSystemMetrics
0x6a6c08 SetWindowLongW
0x6a6c0c PostMessageW
0x6a6c10 DrawMenuBar
0x6a6c14 SetParent
0x6a6c18 IsZoomed
0x6a6c1c CharUpperBuffW
0x6a6c20 GetClientRect
0x6a6c24 IsChild
0x6a6c28 ClientToScreen
0x6a6c2c GetClipboardData
0x6a6c30 SetClipboardData
0x6a6c34 SetWindowPlacement
0x6a6c38 IsIconic
0x6a6c3c CallNextHookEx
0x6a6c40 GetMonitorInfoW
0x6a6c44 ShowWindow
0x6a6c48 CheckMenuItem
0x6a6c4c CharUpperW
0x6a6c50 DefWindowProcW
0x6a6c54 GetForegroundWindow
0x6a6c58 SetForegroundWindow
0x6a6c5c GetWindowTextW
0x6a6c60 EnableWindow
0x6a6c64 DestroyWindow
0x6a6c68 IsDialogMessageW
0x6a6c6c EndMenu
0x6a6c70 RegisterClassW
0x6a6c74 CharNextW
0x6a6c78 GetWindowThreadProcessId
0x6a6c7c RedrawWindow
0x6a6c80 GetDC
0x6a6c84 GetFocus
0x6a6c88 SetFocus
0x6a6c8c EndPaint
0x6a6c90 ReleaseDC
0x6a6c94 MsgWaitForMultipleObjectsEx
0x6a6c98 LoadKeyboardLayoutW
0x6a6c9c GetClassLongW
0x6a6ca0 ActivateKeyboardLayout
0x6a6ca4 GetParent
0x6a6ca8 DrawTextW
0x6a6cac SetScrollRange
0x6a6cb0 MonitorFromRect
0x6a6cb4 InsertMenuItemW
0x6a6cb8 PeekMessageA
0x6a6cbc GetPropW
0x6a6cc0 SetClassLongW
0x6a6cc4 MessageBoxW
0x6a6cc8 MessageBeep
0x6a6ccc SetPropW
0x6a6cd0 RemovePropW
0x6a6cd4 UpdateWindow
0x6a6cd8 GetSubMenu
0x6a6cdc MsgWaitForMultipleObjects
0x6a6ce0 DestroyMenu
0x6a6ce4 DestroyIcon
0x6a6ce8 SetWindowsHookExW
0x6a6cec EmptyClipboard
0x6a6cf0 IsWindowVisible
0x6a6cf4 DispatchMessageA
0x6a6cf8 UnregisterClassW
0x6a6cfc GetTopWindow
0x6a6d00 SendMessageW
0x6a6d04 AdjustWindowRectEx
0x6a6d08 DrawIcon
0x6a6d0c IsWindow
0x6a6d10 EnumThreadWindows
0x6a6d14 InvalidateRect
0x6a6d18 GetKeyboardState
0x6a6d1c DrawFrameControl
0x6a6d20 ScreenToClient
0x6a6d24 SetCursor
0x6a6d28 CreateIcon
0x6a6d2c CreateMenu
0x6a6d30 LoadStringW
0x6a6d34 CharLowerW
0x6a6d38 SetWindowRgn
0x6a6d3c SetWindowPos
0x6a6d40 GetMenuItemCount
0x6a6d44 RemoveMenu
0x6a6d48 GetSysColorBrush
0x6a6d4c GetKeyboardLayoutNameW
0x6a6d50 GetWindowDC
0x6a6d54 TranslateMessage
0x6a6d58 OpenClipboard
0x6a6d5c DrawTextExW
0x6a6d60 MapWindowPoints
0x6a6d64 EnumDisplayMonitors
0x6a6d68 CallWindowProcW
0x6a6d6c CloseClipboard
0x6a6d70 DestroyCursor
0x6a6d74 GetScrollInfo
0x6a6d78 SetWindowTextW
0x6a6d7c GetMessageExtraInfo
0x6a6d80 EnableScrollBar
0x6a6d84 GetSysColor
0x6a6d88 TrackPopupMenu
0x6a6d8c CopyIcon
0x6a6d90 DrawIconEx
0x6a6d94 PostQuitMessage
0x6a6d98 GetClassNameW
0x6a6d9c ShowScrollBar
0x6a6da0 EnableMenuItem
0x6a6da4 GetIconInfo
0x6a6da8 GetMessagePos
0x6a6dac SetScrollInfo
0x6a6db0 GetKeyNameTextW
0x6a6db4 GetDesktopWindow
0x6a6db8 GetCursorPos
0x6a6dbc SetCursorPos
0x6a6dc0 HideCaret
0x6a6dc4 GetMenu
0x6a6dc8 GetMenuState
0x6a6dcc SetMenu
0x6a6dd0 SetRect
0x6a6dd4 GetKeyState
0x6a6dd8 FindWindowExW
0x6a6ddc MonitorFromPoint
0x6a6de0 SystemParametersInfoW
0x6a6de4 LoadIconW
0x6a6de8 GetCursor
0x6a6dec GetWindow
0x6a6df0 GetWindowLongW
0x6a6df4 GetWindowRect
0x6a6df8 InsertMenuW
0x6a6dfc KillTimer
0x6a6e00 WaitMessage
0x6a6e04 IsWindowEnabled
0x6a6e08 IsDialogMessageA
0x6a6e0c TranslateMDISysAccel
0x6a6e10 GetWindowPlacement
0x6a6e14 FindWindowW
0x6a6e18 DeleteMenu
0x6a6e1c GetKeyboardLayout
oleaut32.dll
0x6a6e24 SysFreeString
0x6a6e28 VariantClear
0x6a6e2c VariantInit
0x6a6e30 GetErrorInfo
0x6a6e34 SysReAllocStringLen
0x6a6e38 SafeArrayCreate
0x6a6e3c SysAllocStringLen
0x6a6e40 SafeArrayPtrOfIndex
0x6a6e44 SafeArrayGetUBound
0x6a6e48 SafeArrayGetLBound
0x6a6e4c VariantCopy
0x6a6e50 VariantChangeType
netapi32.dll
0x6a6e58 NetWkstaGetInfo
0x6a6e5c NetApiBufferFree
advapi32.dll
0x6a6e64 RegSetValueExW
0x6a6e68 RegConnectRegistryW
0x6a6e6c RegEnumKeyExW
0x6a6e70 RegLoadKeyW
0x6a6e74 RegDeleteKeyW
0x6a6e78 RegOpenKeyExW
0x6a6e7c RegQueryInfoKeyW
0x6a6e80 RegUnLoadKeyW
0x6a6e84 RegSaveKeyW
0x6a6e88 RegDeleteValueW
0x6a6e8c RegReplaceKeyW
0x6a6e90 RegFlushKey
0x6a6e94 RegQueryValueExW
0x6a6e98 RegEnumValueW
0x6a6e9c RegCloseKey
0x6a6ea0 RegCreateKeyExW
0x6a6ea4 RegRestoreKeyW
gdi32.dll
0x6a6eac Pie
0x6a6eb0 SetBkMode
0x6a6eb4 CreateCompatibleBitmap
0x6a6eb8 GetEnhMetaFileHeader
0x6a6ebc RectVisible
0x6a6ec0 AngleArc
0x6a6ec4 SetAbortProc
0x6a6ec8 SetTextColor
0x6a6ecc StretchBlt
0x6a6ed0 RoundRect
0x6a6ed4 RestoreDC
0x6a6ed8 SetRectRgn
0x6a6edc GetTextMetricsW
0x6a6ee0 GetWindowOrgEx
0x6a6ee4 CreatePalette
0x6a6ee8 PolyBezierTo
0x6a6eec CreateICW
0x6a6ef0 CreateDCW
0x6a6ef4 GetStockObject
0x6a6ef8 CreateSolidBrush
0x6a6efc Polygon
0x6a6f00 MoveToEx
0x6a6f04 PlayEnhMetaFile
0x6a6f08 Ellipse
0x6a6f0c StartPage
0x6a6f10 GetBitmapBits
0x6a6f14 StartDocW
0x6a6f18 GetSystemPaletteEntries
0x6a6f1c GetEnhMetaFileBits
0x6a6f20 AbortDoc
0x6a6f24 GetEnhMetaFilePaletteEntries
0x6a6f28 CreatePenIndirect
0x6a6f2c CreateFontIndirectW
0x6a6f30 PolyBezier
0x6a6f34 EndDoc
0x6a6f38 GetObjectW
0x6a6f3c GetWinMetaFileBits
0x6a6f40 SetROP2
0x6a6f44 GetEnhMetaFileDescriptionW
0x6a6f48 ArcTo
0x6a6f4c Arc
0x6a6f50 SelectPalette
0x6a6f54 ExcludeClipRect
0x6a6f58 MaskBlt
0x6a6f5c SetWindowOrgEx
0x6a6f60 EndPage
0x6a6f64 DeleteEnhMetaFile
0x6a6f68 Chord
0x6a6f6c SetDIBits
0x6a6f70 SetViewportOrgEx
0x6a6f74 CreateRectRgn
0x6a6f78 RealizePalette
0x6a6f7c SetDIBColorTable
0x6a6f80 GetDIBColorTable
0x6a6f84 CreateBrushIndirect
0x6a6f88 PatBlt
0x6a6f8c SetEnhMetaFileBits
0x6a6f90 Rectangle
0x6a6f94 SaveDC
0x6a6f98 DeleteDC
0x6a6f9c FrameRgn
0x6a6fa0 BitBlt
0x6a6fa4 GetDeviceCaps
0x6a6fa8 GetTextExtentPoint32W
0x6a6fac GetClipBox
0x6a6fb0 IntersectClipRect
0x6a6fb4 Polyline
0x6a6fb8 CreateBitmap
0x6a6fbc SetWinMetaFileBits
0x6a6fc0 GetStretchBltMode
0x6a6fc4 CreateDIBitmap
0x6a6fc8 SetStretchBltMode
0x6a6fcc GetDIBits
0x6a6fd0 CreateDIBSection
0x6a6fd4 LineTo
0x6a6fd8 GetRgnBox
0x6a6fdc EnumFontsW
0x6a6fe0 CreateHalftonePalette
0x6a6fe4 SelectObject
0x6a6fe8 DeleteObject
0x6a6fec ExtFloodFill
0x6a6ff0 UnrealizeObject
0x6a6ff4 CopyEnhMetaFileW
0x6a6ff8 SetBkColor
0x6a6ffc CreateCompatibleDC
0x6a7000 GetBrushOrgEx
0x6a7004 GetCurrentPositionEx
0x6a7008 GetTextExtentPointW
0x6a700c ExtTextOutW
0x6a7010 SetBrushOrgEx
0x6a7014 GetPixel
0x6a7018 GdiFlush
0x6a701c SetPixel
0x6a7020 EnumFontFamiliesExW
0x6a7024 StretchDIBits
0x6a7028 GetPaletteEntries
EAT(Export Address Table) Library
0x4d7934 TMethodImplementationIntercept
0x410794 __dbk_fcall_wrapper
0x6a263c dbkFCallWrapperAddr
kernel32.dll
0x6a6890 GetACP
0x6a6894 GetExitCodeProcess
0x6a6898 LocalFree
0x6a689c CloseHandle
0x6a68a0 GetCurrentProcessId
0x6a68a4 SizeofResource
0x6a68a8 VirtualProtect
0x6a68ac QueryPerformanceFrequency
0x6a68b0 IsDebuggerPresent
0x6a68b4 VirtualFree
0x6a68b8 GetFullPathNameW
0x6a68bc ExitProcess
0x6a68c0 HeapAlloc
0x6a68c4 GetCPInfoExW
0x6a68c8 RtlUnwind
0x6a68cc GetCPInfo
0x6a68d0 EnumSystemLocalesW
0x6a68d4 GetStdHandle
0x6a68d8 GetTimeZoneInformation
0x6a68dc GetModuleHandleW
0x6a68e0 FreeLibrary
0x6a68e4 TryEnterCriticalSection
0x6a68e8 HeapDestroy
0x6a68ec ReadFile
0x6a68f0 CreateProcessW
0x6a68f4 HeapSize
0x6a68f8 GetLastError
0x6a68fc GetModuleFileNameW
0x6a6900 SetLastError
0x6a6904 GlobalAlloc
0x6a6908 GlobalUnlock
0x6a690c FindResourceW
0x6a6910 CreateThread
0x6a6914 CompareStringW
0x6a6918 LoadLibraryA
0x6a691c ResetEvent
0x6a6920 MulDiv
0x6a6924 FreeResource
0x6a6928 GetVersion
0x6a692c RaiseException
0x6a6930 GlobalAddAtomW
0x6a6934 FormatMessageW
0x6a6938 SwitchToThread
0x6a693c GetExitCodeThread
0x6a6940 GetCurrentThread
0x6a6944 LoadLibraryExW
0x6a6948 LockResource
0x6a694c GetCurrentThreadId
0x6a6950 UnhandledExceptionFilter
0x6a6954 VirtualQuery
0x6a6958 GlobalFindAtomW
0x6a695c VirtualQueryEx
0x6a6960 GlobalFree
0x6a6964 Sleep
0x6a6968 EnterCriticalSection
0x6a696c SetFilePointer
0x6a6970 LoadResource
0x6a6974 SuspendThread
0x6a6978 GetTickCount
0x6a697c GetFileSize
0x6a6980 GetStartupInfoW
0x6a6984 GlobalDeleteAtom
0x6a6988 GetFileAttributesW
0x6a698c InitializeCriticalSection
0x6a6990 GetThreadPriority
0x6a6994 GetCurrentProcess
0x6a6998 SetThreadPriority
0x6a699c GlobalLock
0x6a69a0 VirtualAlloc
0x6a69a4 GetSystemInfo
0x6a69a8 GetCommandLineW
0x6a69ac GetTempPathW
0x6a69b0 DuplicateHandle
0x6a69b4 LeaveCriticalSection
0x6a69b8 GetProcAddress
0x6a69bc ResumeThread
0x6a69c0 GetVersionExW
0x6a69c4 VerifyVersionInfoW
0x6a69c8 HeapCreate
0x6a69cc GetDiskFreeSpaceW
0x6a69d0 VerSetConditionMask
0x6a69d4 FindFirstFileW
0x6a69d8 GetUserDefaultUILanguage
0x6a69dc lstrlenW
0x6a69e0 QueryPerformanceCounter
0x6a69e4 SetEndOfFile
0x6a69e8 HeapFree
0x6a69ec WideCharToMultiByte
0x6a69f0 FindClose
0x6a69f4 MultiByteToWideChar
0x6a69f8 LoadLibraryW
0x6a69fc SetEvent
0x6a6a00 CreateFileW
0x6a6a04 GetLocaleInfoW
0x6a6a08 EnumResourceNamesW
0x6a6a0c GetLocalTime
0x6a6a10 GetEnvironmentVariableW
0x6a6a14 WaitForSingleObject
0x6a6a18 WriteFile
0x6a6a1c ExitThread
0x6a6a20 CreatePipe
0x6a6a24 DeleteCriticalSection
0x6a6a28 GetDateFormatW
0x6a6a2c TlsGetValue
0x6a6a30 SetErrorMode
0x6a6a34 GetComputerNameW
0x6a6a38 IsValidLocale
0x6a6a3c TlsSetValue
0x6a6a40 GetSystemDefaultUILanguage
0x6a6a44 EnumCalendarInfoW
0x6a6a48 LocalAlloc
0x6a6a4c CreateEventW
0x6a6a50 WaitForMultipleObjectsEx
0x6a6a54 SetThreadLocale
0x6a6a58 GetThreadLocale
winspool.drv
0x6a6a60 DocumentPropertiesW
0x6a6a64 ClosePrinter
0x6a6a68 OpenPrinterW
0x6a6a6c GetDefaultPrinterW
0x6a6a70 EnumPrintersW
comctl32.dll
0x6a6a78 ImageList_GetImageInfo
0x6a6a7c FlatSB_SetScrollInfo
0x6a6a80 ImageList_DragMove
0x6a6a84 ImageList_Destroy
0x6a6a88 _TrackMouseEvent
0x6a6a8c ImageList_DragShowNolock
0x6a6a90 ImageList_Add
0x6a6a94 FlatSB_SetScrollProp
0x6a6a98 ImageList_GetDragImage
0x6a6a9c ImageList_Create
0x6a6aa0 ImageList_EndDrag
0x6a6aa4 ImageList_DrawEx
0x6a6aa8 ImageList_SetImageCount
0x6a6aac FlatSB_GetScrollPos
0x6a6ab0 FlatSB_SetScrollPos
0x6a6ab4 InitializeFlatSB
0x6a6ab8 ImageList_Copy
0x6a6abc FlatSB_GetScrollInfo
0x6a6ac0 ImageList_Write
0x6a6ac4 ImageList_SetBkColor
0x6a6ac8 ImageList_GetBkColor
0x6a6acc ImageList_BeginDrag
0x6a6ad0 ImageList_GetIcon
0x6a6ad4 ImageList_Replace
0x6a6ad8 ImageList_GetImageCount
0x6a6adc ImageList_DragEnter
0x6a6ae0 ImageList_GetIconSize
0x6a6ae4 ImageList_SetIconSize
0x6a6ae8 ImageList_Read
0x6a6aec ImageList_DragLeave
0x6a6af0 ImageList_LoadImageW
0x6a6af4 ImageList_Draw
0x6a6af8 ImageList_Remove
0x6a6afc ImageList_ReplaceIcon
0x6a6b00 ImageList_SetOverlayImage
shell32.dll
0x6a6b08 Shell_NotifyIconW
ole32.dll
0x6a6b10 IsEqualGUID
0x6a6b14 OleInitialize
0x6a6b18 OleUninitialize
0x6a6b1c CoInitialize
0x6a6b20 CoCreateInstance
0x6a6b24 CoUninitialize
0x6a6b28 CoTaskMemFree
0x6a6b2c CoTaskMemAlloc
version.dll
0x6a6b34 GetFileVersionInfoSizeW
0x6a6b38 VerQueryValueW
0x6a6b3c GetFileVersionInfoW
user32.dll
0x6a6b44 CopyImage
0x6a6b48 CreateWindowExW
0x6a6b4c GetMenuItemInfoW
0x6a6b50 SetMenuItemInfoW
0x6a6b54 DefFrameProcW
0x6a6b58 GetDCEx
0x6a6b5c PeekMessageW
0x6a6b60 MonitorFromWindow
0x6a6b64 GetDlgCtrlID
0x6a6b68 SetTimer
0x6a6b6c WindowFromPoint
0x6a6b70 BeginPaint
0x6a6b74 RegisterClipboardFormatW
0x6a6b78 FrameRect
0x6a6b7c MapVirtualKeyW
0x6a6b80 IsWindowUnicode
0x6a6b84 RegisterWindowMessageW
0x6a6b88 FillRect
0x6a6b8c GetMenuStringW
0x6a6b90 DispatchMessageW
0x6a6b94 CreateAcceleratorTableW
0x6a6b98 SendMessageA
0x6a6b9c DefMDIChildProcW
0x6a6ba0 EnumWindows
0x6a6ba4 GetClassInfoW
0x6a6ba8 ShowOwnedPopups
0x6a6bac GetSystemMenu
0x6a6bb0 GetScrollRange
0x6a6bb4 SetScrollPos
0x6a6bb8 GetScrollPos
0x6a6bbc GetActiveWindow
0x6a6bc0 SetActiveWindow
0x6a6bc4 DrawEdge
0x6a6bc8 GetKeyboardLayoutList
0x6a6bcc LoadBitmapW
0x6a6bd0 DrawFocusRect
0x6a6bd4 EnumChildWindows
0x6a6bd8 ReleaseCapture
0x6a6bdc UnhookWindowsHookEx
0x6a6be0 LoadCursorW
0x6a6be4 GetCapture
0x6a6be8 SetCapture
0x6a6bec CreatePopupMenu
0x6a6bf0 ScrollWindow
0x6a6bf4 ShowCaret
0x6a6bf8 GetMenuItemID
0x6a6bfc GetLastActivePopup
0x6a6c00 CharLowerBuffW
0x6a6c04 GetSystemMetrics
0x6a6c08 SetWindowLongW
0x6a6c0c PostMessageW
0x6a6c10 DrawMenuBar
0x6a6c14 SetParent
0x6a6c18 IsZoomed
0x6a6c1c CharUpperBuffW
0x6a6c20 GetClientRect
0x6a6c24 IsChild
0x6a6c28 ClientToScreen
0x6a6c2c GetClipboardData
0x6a6c30 SetClipboardData
0x6a6c34 SetWindowPlacement
0x6a6c38 IsIconic
0x6a6c3c CallNextHookEx
0x6a6c40 GetMonitorInfoW
0x6a6c44 ShowWindow
0x6a6c48 CheckMenuItem
0x6a6c4c CharUpperW
0x6a6c50 DefWindowProcW
0x6a6c54 GetForegroundWindow
0x6a6c58 SetForegroundWindow
0x6a6c5c GetWindowTextW
0x6a6c60 EnableWindow
0x6a6c64 DestroyWindow
0x6a6c68 IsDialogMessageW
0x6a6c6c EndMenu
0x6a6c70 RegisterClassW
0x6a6c74 CharNextW
0x6a6c78 GetWindowThreadProcessId
0x6a6c7c RedrawWindow
0x6a6c80 GetDC
0x6a6c84 GetFocus
0x6a6c88 SetFocus
0x6a6c8c EndPaint
0x6a6c90 ReleaseDC
0x6a6c94 MsgWaitForMultipleObjectsEx
0x6a6c98 LoadKeyboardLayoutW
0x6a6c9c GetClassLongW
0x6a6ca0 ActivateKeyboardLayout
0x6a6ca4 GetParent
0x6a6ca8 DrawTextW
0x6a6cac SetScrollRange
0x6a6cb0 MonitorFromRect
0x6a6cb4 InsertMenuItemW
0x6a6cb8 PeekMessageA
0x6a6cbc GetPropW
0x6a6cc0 SetClassLongW
0x6a6cc4 MessageBoxW
0x6a6cc8 MessageBeep
0x6a6ccc SetPropW
0x6a6cd0 RemovePropW
0x6a6cd4 UpdateWindow
0x6a6cd8 GetSubMenu
0x6a6cdc MsgWaitForMultipleObjects
0x6a6ce0 DestroyMenu
0x6a6ce4 DestroyIcon
0x6a6ce8 SetWindowsHookExW
0x6a6cec EmptyClipboard
0x6a6cf0 IsWindowVisible
0x6a6cf4 DispatchMessageA
0x6a6cf8 UnregisterClassW
0x6a6cfc GetTopWindow
0x6a6d00 SendMessageW
0x6a6d04 AdjustWindowRectEx
0x6a6d08 DrawIcon
0x6a6d0c IsWindow
0x6a6d10 EnumThreadWindows
0x6a6d14 InvalidateRect
0x6a6d18 GetKeyboardState
0x6a6d1c DrawFrameControl
0x6a6d20 ScreenToClient
0x6a6d24 SetCursor
0x6a6d28 CreateIcon
0x6a6d2c CreateMenu
0x6a6d30 LoadStringW
0x6a6d34 CharLowerW
0x6a6d38 SetWindowRgn
0x6a6d3c SetWindowPos
0x6a6d40 GetMenuItemCount
0x6a6d44 RemoveMenu
0x6a6d48 GetSysColorBrush
0x6a6d4c GetKeyboardLayoutNameW
0x6a6d50 GetWindowDC
0x6a6d54 TranslateMessage
0x6a6d58 OpenClipboard
0x6a6d5c DrawTextExW
0x6a6d60 MapWindowPoints
0x6a6d64 EnumDisplayMonitors
0x6a6d68 CallWindowProcW
0x6a6d6c CloseClipboard
0x6a6d70 DestroyCursor
0x6a6d74 GetScrollInfo
0x6a6d78 SetWindowTextW
0x6a6d7c GetMessageExtraInfo
0x6a6d80 EnableScrollBar
0x6a6d84 GetSysColor
0x6a6d88 TrackPopupMenu
0x6a6d8c CopyIcon
0x6a6d90 DrawIconEx
0x6a6d94 PostQuitMessage
0x6a6d98 GetClassNameW
0x6a6d9c ShowScrollBar
0x6a6da0 EnableMenuItem
0x6a6da4 GetIconInfo
0x6a6da8 GetMessagePos
0x6a6dac SetScrollInfo
0x6a6db0 GetKeyNameTextW
0x6a6db4 GetDesktopWindow
0x6a6db8 GetCursorPos
0x6a6dbc SetCursorPos
0x6a6dc0 HideCaret
0x6a6dc4 GetMenu
0x6a6dc8 GetMenuState
0x6a6dcc SetMenu
0x6a6dd0 SetRect
0x6a6dd4 GetKeyState
0x6a6dd8 FindWindowExW
0x6a6ddc MonitorFromPoint
0x6a6de0 SystemParametersInfoW
0x6a6de4 LoadIconW
0x6a6de8 GetCursor
0x6a6dec GetWindow
0x6a6df0 GetWindowLongW
0x6a6df4 GetWindowRect
0x6a6df8 InsertMenuW
0x6a6dfc KillTimer
0x6a6e00 WaitMessage
0x6a6e04 IsWindowEnabled
0x6a6e08 IsDialogMessageA
0x6a6e0c TranslateMDISysAccel
0x6a6e10 GetWindowPlacement
0x6a6e14 FindWindowW
0x6a6e18 DeleteMenu
0x6a6e1c GetKeyboardLayout
oleaut32.dll
0x6a6e24 SysFreeString
0x6a6e28 VariantClear
0x6a6e2c VariantInit
0x6a6e30 GetErrorInfo
0x6a6e34 SysReAllocStringLen
0x6a6e38 SafeArrayCreate
0x6a6e3c SysAllocStringLen
0x6a6e40 SafeArrayPtrOfIndex
0x6a6e44 SafeArrayGetUBound
0x6a6e48 SafeArrayGetLBound
0x6a6e4c VariantCopy
0x6a6e50 VariantChangeType
netapi32.dll
0x6a6e58 NetWkstaGetInfo
0x6a6e5c NetApiBufferFree
advapi32.dll
0x6a6e64 RegSetValueExW
0x6a6e68 RegConnectRegistryW
0x6a6e6c RegEnumKeyExW
0x6a6e70 RegLoadKeyW
0x6a6e74 RegDeleteKeyW
0x6a6e78 RegOpenKeyExW
0x6a6e7c RegQueryInfoKeyW
0x6a6e80 RegUnLoadKeyW
0x6a6e84 RegSaveKeyW
0x6a6e88 RegDeleteValueW
0x6a6e8c RegReplaceKeyW
0x6a6e90 RegFlushKey
0x6a6e94 RegQueryValueExW
0x6a6e98 RegEnumValueW
0x6a6e9c RegCloseKey
0x6a6ea0 RegCreateKeyExW
0x6a6ea4 RegRestoreKeyW
gdi32.dll
0x6a6eac Pie
0x6a6eb0 SetBkMode
0x6a6eb4 CreateCompatibleBitmap
0x6a6eb8 GetEnhMetaFileHeader
0x6a6ebc RectVisible
0x6a6ec0 AngleArc
0x6a6ec4 SetAbortProc
0x6a6ec8 SetTextColor
0x6a6ecc StretchBlt
0x6a6ed0 RoundRect
0x6a6ed4 RestoreDC
0x6a6ed8 SetRectRgn
0x6a6edc GetTextMetricsW
0x6a6ee0 GetWindowOrgEx
0x6a6ee4 CreatePalette
0x6a6ee8 PolyBezierTo
0x6a6eec CreateICW
0x6a6ef0 CreateDCW
0x6a6ef4 GetStockObject
0x6a6ef8 CreateSolidBrush
0x6a6efc Polygon
0x6a6f00 MoveToEx
0x6a6f04 PlayEnhMetaFile
0x6a6f08 Ellipse
0x6a6f0c StartPage
0x6a6f10 GetBitmapBits
0x6a6f14 StartDocW
0x6a6f18 GetSystemPaletteEntries
0x6a6f1c GetEnhMetaFileBits
0x6a6f20 AbortDoc
0x6a6f24 GetEnhMetaFilePaletteEntries
0x6a6f28 CreatePenIndirect
0x6a6f2c CreateFontIndirectW
0x6a6f30 PolyBezier
0x6a6f34 EndDoc
0x6a6f38 GetObjectW
0x6a6f3c GetWinMetaFileBits
0x6a6f40 SetROP2
0x6a6f44 GetEnhMetaFileDescriptionW
0x6a6f48 ArcTo
0x6a6f4c Arc
0x6a6f50 SelectPalette
0x6a6f54 ExcludeClipRect
0x6a6f58 MaskBlt
0x6a6f5c SetWindowOrgEx
0x6a6f60 EndPage
0x6a6f64 DeleteEnhMetaFile
0x6a6f68 Chord
0x6a6f6c SetDIBits
0x6a6f70 SetViewportOrgEx
0x6a6f74 CreateRectRgn
0x6a6f78 RealizePalette
0x6a6f7c SetDIBColorTable
0x6a6f80 GetDIBColorTable
0x6a6f84 CreateBrushIndirect
0x6a6f88 PatBlt
0x6a6f8c SetEnhMetaFileBits
0x6a6f90 Rectangle
0x6a6f94 SaveDC
0x6a6f98 DeleteDC
0x6a6f9c FrameRgn
0x6a6fa0 BitBlt
0x6a6fa4 GetDeviceCaps
0x6a6fa8 GetTextExtentPoint32W
0x6a6fac GetClipBox
0x6a6fb0 IntersectClipRect
0x6a6fb4 Polyline
0x6a6fb8 CreateBitmap
0x6a6fbc SetWinMetaFileBits
0x6a6fc0 GetStretchBltMode
0x6a6fc4 CreateDIBitmap
0x6a6fc8 SetStretchBltMode
0x6a6fcc GetDIBits
0x6a6fd0 CreateDIBSection
0x6a6fd4 LineTo
0x6a6fd8 GetRgnBox
0x6a6fdc EnumFontsW
0x6a6fe0 CreateHalftonePalette
0x6a6fe4 SelectObject
0x6a6fe8 DeleteObject
0x6a6fec ExtFloodFill
0x6a6ff0 UnrealizeObject
0x6a6ff4 CopyEnhMetaFileW
0x6a6ff8 SetBkColor
0x6a6ffc CreateCompatibleDC
0x6a7000 GetBrushOrgEx
0x6a7004 GetCurrentPositionEx
0x6a7008 GetTextExtentPointW
0x6a700c ExtTextOutW
0x6a7010 SetBrushOrgEx
0x6a7014 GetPixel
0x6a7018 GdiFlush
0x6a701c SetPixel
0x6a7020 EnumFontFamiliesExW
0x6a7024 StretchDIBits
0x6a7028 GetPaletteEntries
EAT(Export Address Table) Library
0x4d7934 TMethodImplementationIntercept
0x410794 __dbk_fcall_wrapper
0x6a263c dbkFCallWrapperAddr