ScreenShot
| Created | 2021.10.01 18:14 | Machine | s1_win7_x6401 |
| Filename | esmallruby.png | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | c1c5d100cbfc61d121150b08b3f5584a | ||
| sha256 | ceb3b9c60419bdca8cc8f0a84d56d7e6f38e244fb0e49175f1b2ee293ff19f1f | ||
| ssdeep | 12288:/7U/coE8Co7pYVzAC/s8+VAA2SzML8/uYr0I2an:/7U/Fm/l/s8wQcPJ28 | ||
| imphash | 4052499054ea62aacc9b71303ced775c | ||
| impfuzzy | 192:UeG236LdHO2AQkupkh6UKeLNDIcncAKVfPgJK/KQPD:dG7LdukkjVIayHgJcKQPD | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| warning | Generates some ICMP traffic |
| watch | Communicates with host for which no DNS query was performed |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | One or more potentially interesting buffers were extracted |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Collects information to fingerprint the system (MachineGuid |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | This executable has a PDB path |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (6cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x43d0f8 RtlUnwind
0x43d0fc RaiseException
0x43d100 Sleep
0x43d104 HeapReAlloc
0x43d108 HeapSize
0x43d10c VirtualAlloc
0x43d110 SetUnhandledExceptionFilter
0x43d114 GetStdHandle
0x43d118 GetModuleFileNameA
0x43d11c FreeEnvironmentStringsW
0x43d120 GetEnvironmentStringsW
0x43d124 GetCommandLineW
0x43d128 SetHandleCount
0x43d12c GetFileType
0x43d130 GetStartupInfoA
0x43d134 HeapCreate
0x43d138 VirtualFree
0x43d13c QueryPerformanceCounter
0x43d140 GetSystemTimeAsFileTime
0x43d144 TerminateProcess
0x43d148 UnhandledExceptionFilter
0x43d14c HeapFree
0x43d150 GetCPInfo
0x43d154 GetACP
0x43d158 GetOEMCP
0x43d15c IsValidCodePage
0x43d160 InitializeCriticalSectionAndSpinCount
0x43d164 GetTimeZoneInformation
0x43d168 LCMapStringA
0x43d16c LCMapStringW
0x43d170 GetStringTypeA
0x43d174 GetStringTypeW
0x43d178 GetLocaleInfoA
0x43d17c GetConsoleCP
0x43d180 GetConsoleMode
0x43d184 SetStdHandle
0x43d188 WriteConsoleA
0x43d18c GetConsoleOutputCP
0x43d190 WriteConsoleW
0x43d194 CreateFileA
0x43d198 SetEnvironmentVariableA
0x43d19c HeapAlloc
0x43d1a0 GetStartupInfoW
0x43d1a4 SetErrorMode
0x43d1a8 GetFileSizeEx
0x43d1ac SystemTimeToFileTime
0x43d1b0 LocalFileTimeToFileTime
0x43d1b4 FileTimeToLocalFileTime
0x43d1b8 FileTimeToSystemTime
0x43d1bc CreateFileW
0x43d1c0 GetShortPathNameW
0x43d1c4 GetVolumeInformationW
0x43d1c8 FindFirstFileW
0x43d1cc FindClose
0x43d1d0 GetCurrentProcess
0x43d1d4 DuplicateHandle
0x43d1d8 GetFileSize
0x43d1dc SetEndOfFile
0x43d1e0 UnlockFile
0x43d1e4 LockFile
0x43d1e8 FlushFileBuffers
0x43d1ec SetFilePointer
0x43d1f0 WriteFile
0x43d1f4 ReadFile
0x43d1f8 lstrcmpiW
0x43d1fc GetThreadLocale
0x43d200 GetStringTypeExW
0x43d204 DeleteFileW
0x43d208 MoveFileW
0x43d20c GetCurrentDirectoryW
0x43d210 InterlockedIncrement
0x43d214 TlsFree
0x43d218 LocalReAlloc
0x43d21c TlsSetValue
0x43d220 TlsAlloc
0x43d224 GlobalHandle
0x43d228 GlobalReAlloc
0x43d22c TlsGetValue
0x43d230 LocalAlloc
0x43d234 GlobalFlags
0x43d238 EnterCriticalSection
0x43d23c LeaveCriticalSection
0x43d240 DeleteCriticalSection
0x43d244 InitializeCriticalSection
0x43d248 GetProfileIntW
0x43d24c InterlockedDecrement
0x43d250 lstrlenA
0x43d254 CopyFileW
0x43d258 GlobalSize
0x43d25c FormatMessageW
0x43d260 LocalFree
0x43d264 MulDiv
0x43d268 GetModuleHandleA
0x43d26c GetDiskFreeSpaceW
0x43d270 GetFullPathNameW
0x43d274 GetTempFileNameW
0x43d278 GetFileTime
0x43d27c SetFileTime
0x43d280 GetFileAttributesW
0x43d284 GetTickCount
0x43d288 CloseHandle
0x43d28c GetPrivateProfileStringW
0x43d290 WritePrivateProfileStringW
0x43d294 GetPrivateProfileIntW
0x43d298 GetCurrentThread
0x43d29c ConvertDefaultLocale
0x43d2a0 EnumResourceLanguagesW
0x43d2a4 GetModuleFileNameW
0x43d2a8 lstrcmpA
0x43d2ac GetLocaleInfoW
0x43d2b0 CompareStringA
0x43d2b4 InterlockedExchange
0x43d2b8 FreeResource
0x43d2bc GetCurrentThreadId
0x43d2c0 GlobalFindAtomW
0x43d2c4 GlobalDeleteAtom
0x43d2c8 GetVersionExW
0x43d2cc FreeLibrary
0x43d2d0 CompareStringW
0x43d2d4 LoadLibraryA
0x43d2d8 lstrcmpW
0x43d2dc MultiByteToWideChar
0x43d2e0 GetVersionExA
0x43d2e4 lstrlenW
0x43d2e8 GetCurrentProcessId
0x43d2ec GetProcAddress
0x43d2f0 GetModuleHandleW
0x43d2f4 GlobalGetAtomNameW
0x43d2f8 GlobalAddAtomW
0x43d2fc GetLastError
0x43d300 SetLastError
0x43d304 WideCharToMultiByte
0x43d308 FindResourceW
0x43d30c LoadResource
0x43d310 LockResource
0x43d314 SizeofResource
0x43d318 GlobalFree
0x43d31c GlobalUnlock
0x43d320 GlobalAlloc
0x43d324 GlobalLock
0x43d328 LoadLibraryW
0x43d32c IsDebuggerPresent
0x43d330 ExitProcess
USER32.dll
0x43d37c DestroyIcon
0x43d380 CharUpperW
0x43d384 PostThreadMessageW
0x43d388 UnregisterClassW
0x43d38c DrawIcon
0x43d390 IsRectEmpty
0x43d394 SystemParametersInfoW
0x43d398 GetMenuStringW
0x43d39c InsertMenuW
0x43d3a0 EndPaint
0x43d3a4 BeginPaint
0x43d3a8 GetWindowDC
0x43d3ac ReleaseDC
0x43d3b0 GetDC
0x43d3b4 ClientToScreen
0x43d3b8 GrayStringW
0x43d3bc DrawTextExW
0x43d3c0 DrawTextW
0x43d3c4 TabbedTextOutW
0x43d3c8 FillRect
0x43d3cc CreateDialogIndirectParamW
0x43d3d0 GetNextDlgTabItem
0x43d3d4 EndDialog
0x43d3d8 GetMessageW
0x43d3dc TranslateMessage
0x43d3e0 GetCursorPos
0x43d3e4 ValidateRect
0x43d3e8 ShowOwnedPopups
0x43d3ec PostQuitMessage
0x43d3f0 SetWindowTextW
0x43d3f4 IsDialogMessageW
0x43d3f8 RegisterWindowMessageW
0x43d3fc SendDlgItemMessageW
0x43d400 SendDlgItemMessageA
0x43d404 SetWindowsHookExW
0x43d408 CallNextHookEx
0x43d40c GetClassLongW
0x43d410 SetPropW
0x43d414 GetPropW
0x43d418 RemovePropW
0x43d41c GetWindowTextW
0x43d420 GetForegroundWindow
0x43d424 DispatchMessageW
0x43d428 DeleteMenu
0x43d42c EndDeferWindowPos
0x43d430 GetTopWindow
0x43d434 DestroyWindow
0x43d438 UnhookWindowsHookEx
0x43d43c GetMessageTime
0x43d440 GetMessagePos
0x43d444 MapWindowPoints
0x43d448 ScrollWindow
0x43d44c TrackPopupMenu
0x43d450 SetScrollRange
0x43d454 GetScrollRange
0x43d458 SetScrollPos
0x43d45c GetScrollPos
0x43d460 SetForegroundWindow
0x43d464 ShowScrollBar
0x43d468 GetClientRect
0x43d46c MessageBoxW
0x43d470 CreateWindowExW
0x43d474 GetClassInfoExW
0x43d478 RegisterClassW
0x43d47c AdjustWindowRectEx
0x43d480 ScreenToClient
0x43d484 DeferWindowPos
0x43d488 GetScrollInfo
0x43d48c SetScrollInfo
0x43d490 DefWindowProcW
0x43d494 CallWindowProcW
0x43d498 SystemParametersInfoA
0x43d49c GetWindowPlacement
0x43d4a0 GetClassNameW
0x43d4a4 GetSysColor
0x43d4a8 UnpackDDElParam
0x43d4ac ReuseDDElParam
0x43d4b0 LoadMenuW
0x43d4b4 DestroyMenu
0x43d4b8 WinHelpW
0x43d4bc SetWindowPos
0x43d4c0 SetFocus
0x43d4c4 GetWindowThreadProcessId
0x43d4c8 GetActiveWindow
0x43d4cc MessageBoxA
0x43d4d0 EnableWindow
0x43d4d4 UpdateWindow
0x43d4d8 RegisterClipboardFormatW
0x43d4dc IsWindowEnabled
0x43d4e0 EqualRect
0x43d4e4 GetDlgItem
0x43d4e8 SetWindowLongW
0x43d4ec GetDlgCtrlID
0x43d4f0 GetKeyState
0x43d4f4 LoadIconW
0x43d4f8 SetCursor
0x43d4fc PeekMessageW
0x43d500 GetCapture
0x43d504 ReleaseCapture
0x43d508 LoadAcceleratorsW
0x43d50c SetActiveWindow
0x43d510 IsWindowVisible
0x43d514 IsIconic
0x43d518 GetMenuItemInfoW
0x43d51c WindowFromPoint
0x43d520 GetSysColorBrush
0x43d524 SetRect
0x43d528 InflateRect
0x43d52c LoadCursorW
0x43d530 SetCapture
0x43d534 KillTimer
0x43d538 SetTimer
0x43d53c BeginDeferWindowPos
0x43d540 SetWindowRgn
0x43d544 PtInRect
0x43d548 InvalidateRect
0x43d54c IsClipboardFormatAvailable
0x43d550 GetFocus
0x43d554 CheckMenuItem
0x43d558 EnableMenuItem
0x43d55c GetMenuState
0x43d560 ModifyMenuW
0x43d564 SendMessageW
0x43d568 GetParent
0x43d56c LoadBitmapW
0x43d570 GetMenuCheckMarkDimensions
0x43d574 SetMenuItemBitmaps
0x43d578 GetSystemMetrics
0x43d57c IsZoomed
0x43d580 SetRectEmpty
0x43d584 OffsetRect
0x43d588 GetWindowRect
0x43d58c TranslateAcceleratorW
0x43d590 IsWindow
0x43d594 GetWindowLongW
0x43d598 ShowWindow
0x43d59c GetWindow
0x43d5a0 GetDesktopWindow
0x43d5a4 SetMenu
0x43d5a8 PostMessageW
0x43d5ac BringWindowToTop
0x43d5b0 GetLastActivePopup
0x43d5b4 GetMenu
0x43d5b8 CopyRect
0x43d5bc IntersectRect
0x43d5c0 GetClassInfoW
0x43d5c4 CreatePopupMenu
0x43d5c8 GetMenuItemCount
0x43d5cc GetMenuItemID
0x43d5d0 GetSubMenu
0x43d5d4 InsertMenuItemW
0x43d5d8 IsChild
GDI32.dll
0x43d044 DeleteDC
0x43d048 CreatePatternBrush
0x43d04c GetStockObject
0x43d050 GetDeviceCaps
0x43d054 CopyMetaFileW
0x43d058 CreateEllipticRgn
0x43d05c LPtoDP
0x43d060 Ellipse
0x43d064 GetBkColor
0x43d068 CreateFontIndirectW
0x43d06c ScaleWindowExtEx
0x43d070 SetWindowExtEx
0x43d074 ScaleViewportExtEx
0x43d078 SetViewportExtEx
0x43d07c OffsetViewportOrgEx
0x43d080 SetViewportOrgEx
0x43d084 Escape
0x43d088 ExtTextOutW
0x43d08c TextOutW
0x43d090 RectVisible
0x43d094 PtVisible
0x43d098 CreateSolidBrush
0x43d09c Polygon
0x43d0a0 BitBlt
0x43d0a4 DeleteObject
0x43d0a8 IntersectClipRect
0x43d0ac ExcludeClipRect
0x43d0b0 SetMapMode
0x43d0b4 SetROP2
0x43d0b8 SetBkMode
0x43d0bc RestoreDC
0x43d0c0 SaveDC
0x43d0c4 GetObjectW
0x43d0c8 SetBkColor
0x43d0cc SetTextColor
0x43d0d0 GetClipBox
0x43d0d4 CreateCompatibleDC
0x43d0d8 CreateCompatibleBitmap
0x43d0dc GetTextExtentPoint32W
0x43d0e0 GetTextMetricsW
0x43d0e4 SelectObject
0x43d0e8 CreateBitmap
0x43d0ec DPtoLP
0x43d0f0 GetPixel
COMDLG32.dll
0x43d03c GetFileTitleW
WINSPOOL.DRV
0x43d5e0 DocumentPropertiesW
0x43d5e4 ClosePrinter
0x43d5e8 OpenPrinterW
ADVAPI32.dll
0x43d000 RegSetValueW
0x43d004 GetFileSecurityW
0x43d008 SetFileSecurityW
0x43d00c RegDeleteValueW
0x43d010 RegSetValueExW
0x43d014 RegCreateKeyExW
0x43d018 RegQueryValueW
0x43d01c RegOpenKeyW
0x43d020 RegEnumKeyW
0x43d024 RegDeleteKeyW
0x43d028 RegOpenKeyExW
0x43d02c RegQueryValueExW
0x43d030 RegCloseKey
0x43d034 RegCreateKeyW
SHELL32.dll
0x43d348 DragFinish
0x43d34c DragQueryFileW
0x43d350 ExtractIconW
0x43d354 SHGetFileInfoW
0x43d358 DragAcceptFiles
SHLWAPI.dll
0x43d360 PathRemoveExtensionW
0x43d364 PathFindFileNameW
0x43d368 PathStripToRootW
0x43d36c PathIsUNCW
0x43d370 PathFindExtensionW
0x43d374 PathRemoveFileSpecW
oledlg.dll
0x43d648 OleUIBusyW
ole32.dll
0x43d5f0 CreateStreamOnHGlobal
0x43d5f4 CoCreateInstance
0x43d5f8 CoRegisterMessageFilter
0x43d5fc CoRevokeClassObject
0x43d600 DoDragDrop
0x43d604 OleFlushClipboard
0x43d608 OleIsCurrentClipboard
0x43d60c OleSetClipboard
0x43d610 RevokeDragDrop
0x43d614 CoLockObjectExternal
0x43d618 RegisterDragDrop
0x43d61c CoUninitialize
0x43d620 OleDuplicateData
0x43d624 CoTaskMemAlloc
0x43d628 ReleaseStgMedium
0x43d62c CoTaskMemFree
0x43d630 OleInitialize
0x43d634 CoFreeUnusedLibraries
0x43d638 OleUninitialize
0x43d63c CoInitializeEx
0x43d640 OleGetClipboard
OLEAUT32.dll
0x43d338 VariantClear
0x43d33c VariantChangeType
0x43d340 VariantInit
EAT(Export Address Table) is none
KERNEL32.dll
0x43d0f8 RtlUnwind
0x43d0fc RaiseException
0x43d100 Sleep
0x43d104 HeapReAlloc
0x43d108 HeapSize
0x43d10c VirtualAlloc
0x43d110 SetUnhandledExceptionFilter
0x43d114 GetStdHandle
0x43d118 GetModuleFileNameA
0x43d11c FreeEnvironmentStringsW
0x43d120 GetEnvironmentStringsW
0x43d124 GetCommandLineW
0x43d128 SetHandleCount
0x43d12c GetFileType
0x43d130 GetStartupInfoA
0x43d134 HeapCreate
0x43d138 VirtualFree
0x43d13c QueryPerformanceCounter
0x43d140 GetSystemTimeAsFileTime
0x43d144 TerminateProcess
0x43d148 UnhandledExceptionFilter
0x43d14c HeapFree
0x43d150 GetCPInfo
0x43d154 GetACP
0x43d158 GetOEMCP
0x43d15c IsValidCodePage
0x43d160 InitializeCriticalSectionAndSpinCount
0x43d164 GetTimeZoneInformation
0x43d168 LCMapStringA
0x43d16c LCMapStringW
0x43d170 GetStringTypeA
0x43d174 GetStringTypeW
0x43d178 GetLocaleInfoA
0x43d17c GetConsoleCP
0x43d180 GetConsoleMode
0x43d184 SetStdHandle
0x43d188 WriteConsoleA
0x43d18c GetConsoleOutputCP
0x43d190 WriteConsoleW
0x43d194 CreateFileA
0x43d198 SetEnvironmentVariableA
0x43d19c HeapAlloc
0x43d1a0 GetStartupInfoW
0x43d1a4 SetErrorMode
0x43d1a8 GetFileSizeEx
0x43d1ac SystemTimeToFileTime
0x43d1b0 LocalFileTimeToFileTime
0x43d1b4 FileTimeToLocalFileTime
0x43d1b8 FileTimeToSystemTime
0x43d1bc CreateFileW
0x43d1c0 GetShortPathNameW
0x43d1c4 GetVolumeInformationW
0x43d1c8 FindFirstFileW
0x43d1cc FindClose
0x43d1d0 GetCurrentProcess
0x43d1d4 DuplicateHandle
0x43d1d8 GetFileSize
0x43d1dc SetEndOfFile
0x43d1e0 UnlockFile
0x43d1e4 LockFile
0x43d1e8 FlushFileBuffers
0x43d1ec SetFilePointer
0x43d1f0 WriteFile
0x43d1f4 ReadFile
0x43d1f8 lstrcmpiW
0x43d1fc GetThreadLocale
0x43d200 GetStringTypeExW
0x43d204 DeleteFileW
0x43d208 MoveFileW
0x43d20c GetCurrentDirectoryW
0x43d210 InterlockedIncrement
0x43d214 TlsFree
0x43d218 LocalReAlloc
0x43d21c TlsSetValue
0x43d220 TlsAlloc
0x43d224 GlobalHandle
0x43d228 GlobalReAlloc
0x43d22c TlsGetValue
0x43d230 LocalAlloc
0x43d234 GlobalFlags
0x43d238 EnterCriticalSection
0x43d23c LeaveCriticalSection
0x43d240 DeleteCriticalSection
0x43d244 InitializeCriticalSection
0x43d248 GetProfileIntW
0x43d24c InterlockedDecrement
0x43d250 lstrlenA
0x43d254 CopyFileW
0x43d258 GlobalSize
0x43d25c FormatMessageW
0x43d260 LocalFree
0x43d264 MulDiv
0x43d268 GetModuleHandleA
0x43d26c GetDiskFreeSpaceW
0x43d270 GetFullPathNameW
0x43d274 GetTempFileNameW
0x43d278 GetFileTime
0x43d27c SetFileTime
0x43d280 GetFileAttributesW
0x43d284 GetTickCount
0x43d288 CloseHandle
0x43d28c GetPrivateProfileStringW
0x43d290 WritePrivateProfileStringW
0x43d294 GetPrivateProfileIntW
0x43d298 GetCurrentThread
0x43d29c ConvertDefaultLocale
0x43d2a0 EnumResourceLanguagesW
0x43d2a4 GetModuleFileNameW
0x43d2a8 lstrcmpA
0x43d2ac GetLocaleInfoW
0x43d2b0 CompareStringA
0x43d2b4 InterlockedExchange
0x43d2b8 FreeResource
0x43d2bc GetCurrentThreadId
0x43d2c0 GlobalFindAtomW
0x43d2c4 GlobalDeleteAtom
0x43d2c8 GetVersionExW
0x43d2cc FreeLibrary
0x43d2d0 CompareStringW
0x43d2d4 LoadLibraryA
0x43d2d8 lstrcmpW
0x43d2dc MultiByteToWideChar
0x43d2e0 GetVersionExA
0x43d2e4 lstrlenW
0x43d2e8 GetCurrentProcessId
0x43d2ec GetProcAddress
0x43d2f0 GetModuleHandleW
0x43d2f4 GlobalGetAtomNameW
0x43d2f8 GlobalAddAtomW
0x43d2fc GetLastError
0x43d300 SetLastError
0x43d304 WideCharToMultiByte
0x43d308 FindResourceW
0x43d30c LoadResource
0x43d310 LockResource
0x43d314 SizeofResource
0x43d318 GlobalFree
0x43d31c GlobalUnlock
0x43d320 GlobalAlloc
0x43d324 GlobalLock
0x43d328 LoadLibraryW
0x43d32c IsDebuggerPresent
0x43d330 ExitProcess
USER32.dll
0x43d37c DestroyIcon
0x43d380 CharUpperW
0x43d384 PostThreadMessageW
0x43d388 UnregisterClassW
0x43d38c DrawIcon
0x43d390 IsRectEmpty
0x43d394 SystemParametersInfoW
0x43d398 GetMenuStringW
0x43d39c InsertMenuW
0x43d3a0 EndPaint
0x43d3a4 BeginPaint
0x43d3a8 GetWindowDC
0x43d3ac ReleaseDC
0x43d3b0 GetDC
0x43d3b4 ClientToScreen
0x43d3b8 GrayStringW
0x43d3bc DrawTextExW
0x43d3c0 DrawTextW
0x43d3c4 TabbedTextOutW
0x43d3c8 FillRect
0x43d3cc CreateDialogIndirectParamW
0x43d3d0 GetNextDlgTabItem
0x43d3d4 EndDialog
0x43d3d8 GetMessageW
0x43d3dc TranslateMessage
0x43d3e0 GetCursorPos
0x43d3e4 ValidateRect
0x43d3e8 ShowOwnedPopups
0x43d3ec PostQuitMessage
0x43d3f0 SetWindowTextW
0x43d3f4 IsDialogMessageW
0x43d3f8 RegisterWindowMessageW
0x43d3fc SendDlgItemMessageW
0x43d400 SendDlgItemMessageA
0x43d404 SetWindowsHookExW
0x43d408 CallNextHookEx
0x43d40c GetClassLongW
0x43d410 SetPropW
0x43d414 GetPropW
0x43d418 RemovePropW
0x43d41c GetWindowTextW
0x43d420 GetForegroundWindow
0x43d424 DispatchMessageW
0x43d428 DeleteMenu
0x43d42c EndDeferWindowPos
0x43d430 GetTopWindow
0x43d434 DestroyWindow
0x43d438 UnhookWindowsHookEx
0x43d43c GetMessageTime
0x43d440 GetMessagePos
0x43d444 MapWindowPoints
0x43d448 ScrollWindow
0x43d44c TrackPopupMenu
0x43d450 SetScrollRange
0x43d454 GetScrollRange
0x43d458 SetScrollPos
0x43d45c GetScrollPos
0x43d460 SetForegroundWindow
0x43d464 ShowScrollBar
0x43d468 GetClientRect
0x43d46c MessageBoxW
0x43d470 CreateWindowExW
0x43d474 GetClassInfoExW
0x43d478 RegisterClassW
0x43d47c AdjustWindowRectEx
0x43d480 ScreenToClient
0x43d484 DeferWindowPos
0x43d488 GetScrollInfo
0x43d48c SetScrollInfo
0x43d490 DefWindowProcW
0x43d494 CallWindowProcW
0x43d498 SystemParametersInfoA
0x43d49c GetWindowPlacement
0x43d4a0 GetClassNameW
0x43d4a4 GetSysColor
0x43d4a8 UnpackDDElParam
0x43d4ac ReuseDDElParam
0x43d4b0 LoadMenuW
0x43d4b4 DestroyMenu
0x43d4b8 WinHelpW
0x43d4bc SetWindowPos
0x43d4c0 SetFocus
0x43d4c4 GetWindowThreadProcessId
0x43d4c8 GetActiveWindow
0x43d4cc MessageBoxA
0x43d4d0 EnableWindow
0x43d4d4 UpdateWindow
0x43d4d8 RegisterClipboardFormatW
0x43d4dc IsWindowEnabled
0x43d4e0 EqualRect
0x43d4e4 GetDlgItem
0x43d4e8 SetWindowLongW
0x43d4ec GetDlgCtrlID
0x43d4f0 GetKeyState
0x43d4f4 LoadIconW
0x43d4f8 SetCursor
0x43d4fc PeekMessageW
0x43d500 GetCapture
0x43d504 ReleaseCapture
0x43d508 LoadAcceleratorsW
0x43d50c SetActiveWindow
0x43d510 IsWindowVisible
0x43d514 IsIconic
0x43d518 GetMenuItemInfoW
0x43d51c WindowFromPoint
0x43d520 GetSysColorBrush
0x43d524 SetRect
0x43d528 InflateRect
0x43d52c LoadCursorW
0x43d530 SetCapture
0x43d534 KillTimer
0x43d538 SetTimer
0x43d53c BeginDeferWindowPos
0x43d540 SetWindowRgn
0x43d544 PtInRect
0x43d548 InvalidateRect
0x43d54c IsClipboardFormatAvailable
0x43d550 GetFocus
0x43d554 CheckMenuItem
0x43d558 EnableMenuItem
0x43d55c GetMenuState
0x43d560 ModifyMenuW
0x43d564 SendMessageW
0x43d568 GetParent
0x43d56c LoadBitmapW
0x43d570 GetMenuCheckMarkDimensions
0x43d574 SetMenuItemBitmaps
0x43d578 GetSystemMetrics
0x43d57c IsZoomed
0x43d580 SetRectEmpty
0x43d584 OffsetRect
0x43d588 GetWindowRect
0x43d58c TranslateAcceleratorW
0x43d590 IsWindow
0x43d594 GetWindowLongW
0x43d598 ShowWindow
0x43d59c GetWindow
0x43d5a0 GetDesktopWindow
0x43d5a4 SetMenu
0x43d5a8 PostMessageW
0x43d5ac BringWindowToTop
0x43d5b0 GetLastActivePopup
0x43d5b4 GetMenu
0x43d5b8 CopyRect
0x43d5bc IntersectRect
0x43d5c0 GetClassInfoW
0x43d5c4 CreatePopupMenu
0x43d5c8 GetMenuItemCount
0x43d5cc GetMenuItemID
0x43d5d0 GetSubMenu
0x43d5d4 InsertMenuItemW
0x43d5d8 IsChild
GDI32.dll
0x43d044 DeleteDC
0x43d048 CreatePatternBrush
0x43d04c GetStockObject
0x43d050 GetDeviceCaps
0x43d054 CopyMetaFileW
0x43d058 CreateEllipticRgn
0x43d05c LPtoDP
0x43d060 Ellipse
0x43d064 GetBkColor
0x43d068 CreateFontIndirectW
0x43d06c ScaleWindowExtEx
0x43d070 SetWindowExtEx
0x43d074 ScaleViewportExtEx
0x43d078 SetViewportExtEx
0x43d07c OffsetViewportOrgEx
0x43d080 SetViewportOrgEx
0x43d084 Escape
0x43d088 ExtTextOutW
0x43d08c TextOutW
0x43d090 RectVisible
0x43d094 PtVisible
0x43d098 CreateSolidBrush
0x43d09c Polygon
0x43d0a0 BitBlt
0x43d0a4 DeleteObject
0x43d0a8 IntersectClipRect
0x43d0ac ExcludeClipRect
0x43d0b0 SetMapMode
0x43d0b4 SetROP2
0x43d0b8 SetBkMode
0x43d0bc RestoreDC
0x43d0c0 SaveDC
0x43d0c4 GetObjectW
0x43d0c8 SetBkColor
0x43d0cc SetTextColor
0x43d0d0 GetClipBox
0x43d0d4 CreateCompatibleDC
0x43d0d8 CreateCompatibleBitmap
0x43d0dc GetTextExtentPoint32W
0x43d0e0 GetTextMetricsW
0x43d0e4 SelectObject
0x43d0e8 CreateBitmap
0x43d0ec DPtoLP
0x43d0f0 GetPixel
COMDLG32.dll
0x43d03c GetFileTitleW
WINSPOOL.DRV
0x43d5e0 DocumentPropertiesW
0x43d5e4 ClosePrinter
0x43d5e8 OpenPrinterW
ADVAPI32.dll
0x43d000 RegSetValueW
0x43d004 GetFileSecurityW
0x43d008 SetFileSecurityW
0x43d00c RegDeleteValueW
0x43d010 RegSetValueExW
0x43d014 RegCreateKeyExW
0x43d018 RegQueryValueW
0x43d01c RegOpenKeyW
0x43d020 RegEnumKeyW
0x43d024 RegDeleteKeyW
0x43d028 RegOpenKeyExW
0x43d02c RegQueryValueExW
0x43d030 RegCloseKey
0x43d034 RegCreateKeyW
SHELL32.dll
0x43d348 DragFinish
0x43d34c DragQueryFileW
0x43d350 ExtractIconW
0x43d354 SHGetFileInfoW
0x43d358 DragAcceptFiles
SHLWAPI.dll
0x43d360 PathRemoveExtensionW
0x43d364 PathFindFileNameW
0x43d368 PathStripToRootW
0x43d36c PathIsUNCW
0x43d370 PathFindExtensionW
0x43d374 PathRemoveFileSpecW
oledlg.dll
0x43d648 OleUIBusyW
ole32.dll
0x43d5f0 CreateStreamOnHGlobal
0x43d5f4 CoCreateInstance
0x43d5f8 CoRegisterMessageFilter
0x43d5fc CoRevokeClassObject
0x43d600 DoDragDrop
0x43d604 OleFlushClipboard
0x43d608 OleIsCurrentClipboard
0x43d60c OleSetClipboard
0x43d610 RevokeDragDrop
0x43d614 CoLockObjectExternal
0x43d618 RegisterDragDrop
0x43d61c CoUninitialize
0x43d620 OleDuplicateData
0x43d624 CoTaskMemAlloc
0x43d628 ReleaseStgMedium
0x43d62c CoTaskMemFree
0x43d630 OleInitialize
0x43d634 CoFreeUnusedLibraries
0x43d638 OleUninitialize
0x43d63c CoInitializeEx
0x43d640 OleGetClipboard
OLEAUT32.dll
0x43d338 VariantClear
0x43d33c VariantChangeType
0x43d340 VariantInit
EAT(Export Address Table) is none