ScreenShot
| Created | 2021.10.07 13:15 | Machine | s1_win7_x6401 |
| Filename | PLATBA-06-10-21.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 62 detected (MafocenMV, Renamer, lCUC, malicious, high confidence, score, Grenam, Tainp, FileInfector, Pintu, Save, confidence, 100%, Eldorado, Tapin, Delf, lxyhd, A + W32, E@4pfq97, DownLoad4, BrowseFox, Genome, axcm, ATRAPS, ASBOL, Unruy, X1603, ai score=80, Unsafe, StealIcon, CLASSIC, Igent, bUnICa, Static AI, Malicious PE, Dtcontx) | ||
| md5 | f01f582a8ec6b760ebfb59eda10b0b43 | ||
| sha256 | f46f584cef57a71647f5a7738c6489c7f36e8c9830c327fa18d565487b2b8964 | ||
| ssdeep | 12288:OwCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4FhozEt888888888888W8888888J:eNzCtUpQ9WWPBSSRMTEpMNl | ||
| imphash | c00b6ba7dbbc6abee9ace3a65a49ba24 | ||
| impfuzzy | 192:ocqNRRuujhEUh99IeoINeJ/F9VR3h18hhOxxePOQTn:ANrj59mFHRx186xUPOQTn | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 62 AntiVirus engines on VirusTotal as malicious |
| watch | Creates a slightly modified copy of itself |
| notice | Creates a shortcut to an executable file |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (13cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (download) |
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | Lnk_Format_Zero | LNK Format | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x4b5990 SysFreeString
0x4b5994 SysReAllocStringLen
0x4b5998 SysAllocStringLen
advapi32.dll
0x4b59a0 RegQueryValueExW
0x4b59a4 RegOpenKeyExW
0x4b59a8 RegCloseKey
user32.dll
0x4b59b0 LoadStringW
0x4b59b4 MessageBoxA
0x4b59b8 CharNextW
kernel32.dll
0x4b59c0 lstrcmpiA
0x4b59c4 LoadLibraryA
0x4b59c8 LocalFree
0x4b59cc LocalAlloc
0x4b59d0 GetACP
0x4b59d4 Sleep
0x4b59d8 VirtualFree
0x4b59dc VirtualAlloc
0x4b59e0 GetSystemInfo
0x4b59e4 GetTickCount
0x4b59e8 QueryPerformanceCounter
0x4b59ec GetVersion
0x4b59f0 GetCurrentThreadId
0x4b59f4 VirtualQuery
0x4b59f8 WideCharToMultiByte
0x4b59fc MultiByteToWideChar
0x4b5a00 lstrlenW
0x4b5a04 lstrcpynW
0x4b5a08 LoadLibraryExW
0x4b5a0c IsValidLocale
0x4b5a10 GetSystemDefaultUILanguage
0x4b5a14 GetStartupInfoA
0x4b5a18 GetProcAddress
0x4b5a1c GetModuleHandleW
0x4b5a20 GetModuleFileNameW
0x4b5a24 GetUserDefaultUILanguage
0x4b5a28 GetLocaleInfoW
0x4b5a2c GetLastError
0x4b5a30 GetCommandLineW
0x4b5a34 FreeLibrary
0x4b5a38 FindFirstFileW
0x4b5a3c FindClose
0x4b5a40 ExitProcess
0x4b5a44 ExitThread
0x4b5a48 CreateThread
0x4b5a4c CompareStringW
0x4b5a50 WriteFile
0x4b5a54 UnhandledExceptionFilter
0x4b5a58 SetFilePointer
0x4b5a5c SetEndOfFile
0x4b5a60 RtlUnwind
0x4b5a64 ReadFile
0x4b5a68 RaiseException
0x4b5a6c GetStdHandle
0x4b5a70 GetFileSize
0x4b5a74 GetFileType
0x4b5a78 DeleteCriticalSection
0x4b5a7c LeaveCriticalSection
0x4b5a80 EnterCriticalSection
0x4b5a84 InitializeCriticalSection
0x4b5a88 CreateFileW
0x4b5a8c CloseHandle
kernel32.dll
0x4b5a94 TlsSetValue
0x4b5a98 TlsGetValue
0x4b5a9c LocalAlloc
0x4b5aa0 GetModuleHandleW
user32.dll
0x4b5aa8 CreateWindowExW
0x4b5aac WindowFromPoint
0x4b5ab0 WaitMessage
0x4b5ab4 UpdateWindow
0x4b5ab8 UnregisterClassW
0x4b5abc UnhookWindowsHookEx
0x4b5ac0 TranslateMessage
0x4b5ac4 TranslateMDISysAccel
0x4b5ac8 TrackPopupMenu
0x4b5acc SystemParametersInfoW
0x4b5ad0 ShowWindow
0x4b5ad4 ShowScrollBar
0x4b5ad8 ShowOwnedPopups
0x4b5adc SetWindowsHookExW
0x4b5ae0 SetWindowTextW
0x4b5ae4 SetWindowPos
0x4b5ae8 SetWindowPlacement
0x4b5aec SetWindowLongW
0x4b5af0 SetTimer
0x4b5af4 SetScrollRange
0x4b5af8 SetScrollPos
0x4b5afc SetScrollInfo
0x4b5b00 SetRect
0x4b5b04 SetPropW
0x4b5b08 SetParent
0x4b5b0c SetMenuItemInfoW
0x4b5b10 SetMenu
0x4b5b14 SetForegroundWindow
0x4b5b18 SetFocus
0x4b5b1c SetCursorPos
0x4b5b20 SetCursor
0x4b5b24 SetClassLongW
0x4b5b28 SetCapture
0x4b5b2c SetActiveWindow
0x4b5b30 SendMessageA
0x4b5b34 SendMessageW
0x4b5b38 ScrollWindow
0x4b5b3c ScreenToClient
0x4b5b40 RemovePropW
0x4b5b44 RemoveMenu
0x4b5b48 ReleaseDC
0x4b5b4c ReleaseCapture
0x4b5b50 RegisterWindowMessageW
0x4b5b54 RegisterClipboardFormatW
0x4b5b58 RegisterClassW
0x4b5b5c RedrawWindow
0x4b5b60 PostQuitMessage
0x4b5b64 PostMessageW
0x4b5b68 PeekMessageA
0x4b5b6c PeekMessageW
0x4b5b70 OffsetRect
0x4b5b74 MsgWaitForMultipleObjectsEx
0x4b5b78 MsgWaitForMultipleObjects
0x4b5b7c MessageBoxW
0x4b5b80 MapWindowPoints
0x4b5b84 MapVirtualKeyW
0x4b5b88 LoadStringW
0x4b5b8c LoadKeyboardLayoutW
0x4b5b90 LoadIconW
0x4b5b94 LoadCursorW
0x4b5b98 LoadBitmapW
0x4b5b9c KillTimer
0x4b5ba0 IsZoomed
0x4b5ba4 IsWindowVisible
0x4b5ba8 IsWindowUnicode
0x4b5bac IsWindowEnabled
0x4b5bb0 IsWindow
0x4b5bb4 IsIconic
0x4b5bb8 IsDialogMessageA
0x4b5bbc IsDialogMessageW
0x4b5bc0 IsChild
0x4b5bc4 InvalidateRect
0x4b5bc8 IntersectRect
0x4b5bcc InsertMenuItemW
0x4b5bd0 InsertMenuW
0x4b5bd4 InflateRect
0x4b5bd8 GetWindowThreadProcessId
0x4b5bdc GetWindowTextW
0x4b5be0 GetWindowRect
0x4b5be4 GetWindowPlacement
0x4b5be8 GetWindowLongW
0x4b5bec GetWindowDC
0x4b5bf0 GetTopWindow
0x4b5bf4 GetSystemMetrics
0x4b5bf8 GetSystemMenu
0x4b5bfc GetSysColorBrush
0x4b5c00 GetSysColor
0x4b5c04 GetSubMenu
0x4b5c08 GetScrollRange
0x4b5c0c GetScrollPos
0x4b5c10 GetScrollInfo
0x4b5c14 GetPropW
0x4b5c18 GetParent
0x4b5c1c GetWindow
0x4b5c20 GetMessagePos
0x4b5c24 GetMessageExtraInfo
0x4b5c28 GetMenuStringW
0x4b5c2c GetMenuState
0x4b5c30 GetMenuItemInfoW
0x4b5c34 GetMenuItemID
0x4b5c38 GetMenuItemCount
0x4b5c3c GetMenu
0x4b5c40 GetLastActivePopup
0x4b5c44 GetKeyboardState
0x4b5c48 GetKeyboardLayoutNameW
0x4b5c4c GetKeyboardLayoutList
0x4b5c50 GetKeyboardLayout
0x4b5c54 GetKeyState
0x4b5c58 GetKeyNameTextW
0x4b5c5c GetIconInfo
0x4b5c60 GetForegroundWindow
0x4b5c64 GetFocus
0x4b5c68 GetDesktopWindow
0x4b5c6c GetDCEx
0x4b5c70 GetDC
0x4b5c74 GetCursorPos
0x4b5c78 GetCursor
0x4b5c7c GetClientRect
0x4b5c80 GetClassLongW
0x4b5c84 GetClassInfoW
0x4b5c88 GetCapture
0x4b5c8c GetActiveWindow
0x4b5c90 FrameRect
0x4b5c94 FindWindowExW
0x4b5c98 FindWindowW
0x4b5c9c FillRect
0x4b5ca0 EnumWindows
0x4b5ca4 EnumThreadWindows
0x4b5ca8 EnumChildWindows
0x4b5cac EndPaint
0x4b5cb0 EnableWindow
0x4b5cb4 EnableScrollBar
0x4b5cb8 EnableMenuItem
0x4b5cbc DrawTextExW
0x4b5cc0 DrawTextW
0x4b5cc4 DrawMenuBar
0x4b5cc8 DrawIconEx
0x4b5ccc DrawIcon
0x4b5cd0 DrawFrameControl
0x4b5cd4 DrawFocusRect
0x4b5cd8 DrawEdge
0x4b5cdc DispatchMessageA
0x4b5ce0 DispatchMessageW
0x4b5ce4 DestroyWindow
0x4b5ce8 DestroyMenu
0x4b5cec DestroyIcon
0x4b5cf0 DestroyCursor
0x4b5cf4 DeleteMenu
0x4b5cf8 DefWindowProcW
0x4b5cfc DefMDIChildProcW
0x4b5d00 DefFrameProcW
0x4b5d04 CreatePopupMenu
0x4b5d08 CreateMenu
0x4b5d0c CreateIcon
0x4b5d10 CreateAcceleratorTableW
0x4b5d14 CopyIcon
0x4b5d18 ClientToScreen
0x4b5d1c CheckMenuItem
0x4b5d20 CharUpperBuffW
0x4b5d24 CharNextW
0x4b5d28 CharLowerW
0x4b5d2c CallWindowProcW
0x4b5d30 CallNextHookEx
0x4b5d34 BeginPaint
0x4b5d38 AdjustWindowRectEx
0x4b5d3c ActivateKeyboardLayout
msimg32.dll
0x4b5d44 AlphaBlend
gdi32.dll
0x4b5d4c UnrealizeObject
0x4b5d50 StretchDIBits
0x4b5d54 StretchBlt
0x4b5d58 StartPage
0x4b5d5c StartDocW
0x4b5d60 SetWindowOrgEx
0x4b5d64 SetViewportOrgEx
0x4b5d68 SetTextColor
0x4b5d6c SetStretchBltMode
0x4b5d70 SetROP2
0x4b5d74 SetPixel
0x4b5d78 SetDIBits
0x4b5d7c SetDIBColorTable
0x4b5d80 SetBrushOrgEx
0x4b5d84 SetBkMode
0x4b5d88 SetBkColor
0x4b5d8c SetAbortProc
0x4b5d90 SelectPalette
0x4b5d94 SelectObject
0x4b5d98 SaveDC
0x4b5d9c RoundRect
0x4b5da0 RestoreDC
0x4b5da4 Rectangle
0x4b5da8 RectVisible
0x4b5dac RealizePalette
0x4b5db0 Polyline
0x4b5db4 Polygon
0x4b5db8 PolyBezierTo
0x4b5dbc PolyBezier
0x4b5dc0 Pie
0x4b5dc4 PatBlt
0x4b5dc8 MoveToEx
0x4b5dcc MaskBlt
0x4b5dd0 LineTo
0x4b5dd4 IntersectClipRect
0x4b5dd8 GetWindowOrgEx
0x4b5ddc GetTextMetricsW
0x4b5de0 GetTextExtentPoint32W
0x4b5de4 GetSystemPaletteEntries
0x4b5de8 GetStockObject
0x4b5dec GetRgnBox
0x4b5df0 GetPixel
0x4b5df4 GetPaletteEntries
0x4b5df8 GetObjectW
0x4b5dfc GetDeviceCaps
0x4b5e00 GetDIBits
0x4b5e04 GetDIBColorTable
0x4b5e08 GetDCOrgEx
0x4b5e0c GetCurrentPositionEx
0x4b5e10 GetClipBox
0x4b5e14 GetBrushOrgEx
0x4b5e18 GetBitmapBits
0x4b5e1c FrameRgn
0x4b5e20 ExtTextOutW
0x4b5e24 ExtFloodFill
0x4b5e28 ExcludeClipRect
0x4b5e2c EnumFontsW
0x4b5e30 EnumFontFamiliesExW
0x4b5e34 EndPage
0x4b5e38 EndDoc
0x4b5e3c Ellipse
0x4b5e40 DeleteObject
0x4b5e44 DeleteDC
0x4b5e48 CreateSolidBrush
0x4b5e4c CreateRectRgn
0x4b5e50 CreatePenIndirect
0x4b5e54 CreatePalette
0x4b5e58 CreateICW
0x4b5e5c CreateHalftonePalette
0x4b5e60 CreateFontIndirectW
0x4b5e64 CreateDIBitmap
0x4b5e68 CreateDIBSection
0x4b5e6c CreateDCW
0x4b5e70 CreateCompatibleDC
0x4b5e74 CreateCompatibleBitmap
0x4b5e78 CreateBrushIndirect
0x4b5e7c CreateBitmap
0x4b5e80 Chord
0x4b5e84 BitBlt
0x4b5e88 Arc
0x4b5e8c AbortDoc
version.dll
0x4b5e94 VerQueryValueW
0x4b5e98 GetFileVersionInfoSizeW
0x4b5e9c GetFileVersionInfoW
kernel32.dll
0x4b5ea4 lstrcpyW
0x4b5ea8 WriteFile
0x4b5eac WideCharToMultiByte
0x4b5eb0 WaitForSingleObject
0x4b5eb4 WaitForMultipleObjectsEx
0x4b5eb8 VirtualQueryEx
0x4b5ebc VirtualQuery
0x4b5ec0 VirtualFree
0x4b5ec4 VirtualAlloc
0x4b5ec8 UpdateResourceW
0x4b5ecc TryEnterCriticalSection
0x4b5ed0 SwitchToThread
0x4b5ed4 SuspendThread
0x4b5ed8 SizeofResource
0x4b5edc SignalObjectAndWait
0x4b5ee0 SetThreadPriority
0x4b5ee4 SetThreadLocale
0x4b5ee8 SetLastError
0x4b5eec SetFilePointer
0x4b5ef0 SetFileAttributesW
0x4b5ef4 SetEvent
0x4b5ef8 SetErrorMode
0x4b5efc SetEndOfFile
0x4b5f00 ResumeThread
0x4b5f04 ResetEvent
0x4b5f08 ReadFile
0x4b5f0c RaiseException
0x4b5f10 IsDebuggerPresent
0x4b5f14 OpenMutexW
0x4b5f18 MultiByteToWideChar
0x4b5f1c MulDiv
0x4b5f20 MoveFileW
0x4b5f24 LockResource
0x4b5f28 LoadResource
0x4b5f2c LoadLibraryW
0x4b5f30 LeaveCriticalSection
0x4b5f34 InitializeCriticalSection
0x4b5f38 GlobalUnlock
0x4b5f3c GlobalLock
0x4b5f40 GlobalFree
0x4b5f44 GlobalFindAtomW
0x4b5f48 GlobalDeleteAtom
0x4b5f4c GlobalAlloc
0x4b5f50 GlobalAddAtomW
0x4b5f54 GetVersionExW
0x4b5f58 GetVersion
0x4b5f5c GetTickCount
0x4b5f60 GetThreadPriority
0x4b5f64 GetThreadLocale
0x4b5f68 GetStdHandle
0x4b5f6c GetProcAddress
0x4b5f70 GetModuleHandleW
0x4b5f74 GetModuleFileNameW
0x4b5f78 GetLogicalDriveStringsW
0x4b5f7c GetLocaleInfoW
0x4b5f80 GetLocalTime
0x4b5f84 GetLastError
0x4b5f88 GetFullPathNameW
0x4b5f8c GetFileAttributesW
0x4b5f90 GetExitCodeThread
0x4b5f94 GetDriveTypeW
0x4b5f98 GetDiskFreeSpaceW
0x4b5f9c GetDateFormatW
0x4b5fa0 GetCurrentThreadId
0x4b5fa4 GetCurrentThread
0x4b5fa8 GetCurrentProcessId
0x4b5fac GetCurrentProcess
0x4b5fb0 GetCPInfo
0x4b5fb4 FreeResource
0x4b5fb8 InterlockedExchangeAdd
0x4b5fbc InterlockedExchange
0x4b5fc0 InterlockedCompareExchange
0x4b5fc4 FreeLibrary
0x4b5fc8 FormatMessageW
0x4b5fcc FindResourceW
0x4b5fd0 FindNextFileW
0x4b5fd4 FindFirstFileW
0x4b5fd8 FindClose
0x4b5fdc FileTimeToLocalFileTime
0x4b5fe0 FileTimeToDosDateTime
0x4b5fe4 EnumCalendarInfoW
0x4b5fe8 EnterCriticalSection
0x4b5fec EndUpdateResourceW
0x4b5ff0 DeleteFileW
0x4b5ff4 DeleteCriticalSection
0x4b5ff8 CreateThread
0x4b5ffc CreateMutexW
0x4b6000 CreateFileW
0x4b6004 CreateEventW
0x4b6008 CompareStringW
0x4b600c CloseHandle
0x4b6010 BeginUpdateResourceW
advapi32.dll
0x4b6018 RegUnLoadKeyW
0x4b601c RegSetValueExW
0x4b6020 RegSaveKeyW
0x4b6024 RegRestoreKeyW
0x4b6028 RegReplaceKeyW
0x4b602c RegQueryValueExW
0x4b6030 RegQueryInfoKeyW
0x4b6034 RegOpenKeyExW
0x4b6038 RegLoadKeyW
0x4b603c RegFlushKey
0x4b6040 RegEnumValueW
0x4b6044 RegEnumKeyExW
0x4b6048 RegDeleteValueW
0x4b604c RegDeleteKeyW
0x4b6050 RegCreateKeyExW
0x4b6054 RegConnectRegistryW
0x4b6058 RegCloseKey
oleaut32.dll
0x4b6060 GetErrorInfo
0x4b6064 SysFreeString
ole32.dll
0x4b606c OleUninitialize
0x4b6070 OleInitialize
0x4b6074 CoTaskMemFree
0x4b6078 StringFromCLSID
0x4b607c CoCreateInstance
0x4b6080 CoUninitialize
0x4b6084 CoInitialize
comctl32.dll
0x4b608c InitializeFlatSB
0x4b6090 FlatSB_SetScrollProp
0x4b6094 FlatSB_SetScrollPos
0x4b6098 FlatSB_SetScrollInfo
0x4b609c FlatSB_GetScrollPos
0x4b60a0 FlatSB_GetScrollInfo
0x4b60a4 _TrackMouseEvent
0x4b60a8 ImageList_GetImageInfo
0x4b60ac ImageList_SetIconSize
0x4b60b0 ImageList_GetIconSize
0x4b60b4 ImageList_Write
0x4b60b8 ImageList_Read
0x4b60bc ImageList_GetDragImage
0x4b60c0 ImageList_DragShowNolock
0x4b60c4 ImageList_DragMove
0x4b60c8 ImageList_DragLeave
0x4b60cc ImageList_DragEnter
0x4b60d0 ImageList_EndDrag
0x4b60d4 ImageList_BeginDrag
0x4b60d8 ImageList_Copy
0x4b60dc ImageList_LoadImageW
0x4b60e0 ImageList_GetIcon
0x4b60e4 ImageList_Remove
0x4b60e8 ImageList_DrawEx
0x4b60ec ImageList_Replace
0x4b60f0 ImageList_Draw
0x4b60f4 ImageList_SetOverlayImage
0x4b60f8 ImageList_GetBkColor
0x4b60fc ImageList_SetBkColor
0x4b6100 ImageList_ReplaceIcon
0x4b6104 ImageList_Add
0x4b6108 ImageList_SetImageCount
0x4b610c ImageList_GetImageCount
0x4b6110 ImageList_Destroy
0x4b6114 ImageList_Create
kernel32.dll
0x4b611c Sleep
oleaut32.dll
0x4b6124 SafeArrayPtrOfIndex
0x4b6128 SafeArrayGetUBound
0x4b612c SafeArrayGetLBound
0x4b6130 SafeArrayCreate
0x4b6134 VariantChangeType
0x4b6138 VariantCopy
0x4b613c VariantClear
0x4b6140 VariantInit
shell32.dll
0x4b6148 ShellExecuteW
0x4b614c ExtractIconW
shell32.dll
0x4b6154 SHGetSpecialFolderLocation
0x4b6158 SHGetPathFromIDListW
winspool.drv
0x4b6160 OpenPrinterW
0x4b6164 EnumPrintersW
0x4b6168 DocumentPropertiesW
0x4b616c ClosePrinter
winspool.drv
0x4b6174 GetDefaultPrinterW
EAT(Export Address Table) is none
oleaut32.dll
0x4b5990 SysFreeString
0x4b5994 SysReAllocStringLen
0x4b5998 SysAllocStringLen
advapi32.dll
0x4b59a0 RegQueryValueExW
0x4b59a4 RegOpenKeyExW
0x4b59a8 RegCloseKey
user32.dll
0x4b59b0 LoadStringW
0x4b59b4 MessageBoxA
0x4b59b8 CharNextW
kernel32.dll
0x4b59c0 lstrcmpiA
0x4b59c4 LoadLibraryA
0x4b59c8 LocalFree
0x4b59cc LocalAlloc
0x4b59d0 GetACP
0x4b59d4 Sleep
0x4b59d8 VirtualFree
0x4b59dc VirtualAlloc
0x4b59e0 GetSystemInfo
0x4b59e4 GetTickCount
0x4b59e8 QueryPerformanceCounter
0x4b59ec GetVersion
0x4b59f0 GetCurrentThreadId
0x4b59f4 VirtualQuery
0x4b59f8 WideCharToMultiByte
0x4b59fc MultiByteToWideChar
0x4b5a00 lstrlenW
0x4b5a04 lstrcpynW
0x4b5a08 LoadLibraryExW
0x4b5a0c IsValidLocale
0x4b5a10 GetSystemDefaultUILanguage
0x4b5a14 GetStartupInfoA
0x4b5a18 GetProcAddress
0x4b5a1c GetModuleHandleW
0x4b5a20 GetModuleFileNameW
0x4b5a24 GetUserDefaultUILanguage
0x4b5a28 GetLocaleInfoW
0x4b5a2c GetLastError
0x4b5a30 GetCommandLineW
0x4b5a34 FreeLibrary
0x4b5a38 FindFirstFileW
0x4b5a3c FindClose
0x4b5a40 ExitProcess
0x4b5a44 ExitThread
0x4b5a48 CreateThread
0x4b5a4c CompareStringW
0x4b5a50 WriteFile
0x4b5a54 UnhandledExceptionFilter
0x4b5a58 SetFilePointer
0x4b5a5c SetEndOfFile
0x4b5a60 RtlUnwind
0x4b5a64 ReadFile
0x4b5a68 RaiseException
0x4b5a6c GetStdHandle
0x4b5a70 GetFileSize
0x4b5a74 GetFileType
0x4b5a78 DeleteCriticalSection
0x4b5a7c LeaveCriticalSection
0x4b5a80 EnterCriticalSection
0x4b5a84 InitializeCriticalSection
0x4b5a88 CreateFileW
0x4b5a8c CloseHandle
kernel32.dll
0x4b5a94 TlsSetValue
0x4b5a98 TlsGetValue
0x4b5a9c LocalAlloc
0x4b5aa0 GetModuleHandleW
user32.dll
0x4b5aa8 CreateWindowExW
0x4b5aac WindowFromPoint
0x4b5ab0 WaitMessage
0x4b5ab4 UpdateWindow
0x4b5ab8 UnregisterClassW
0x4b5abc UnhookWindowsHookEx
0x4b5ac0 TranslateMessage
0x4b5ac4 TranslateMDISysAccel
0x4b5ac8 TrackPopupMenu
0x4b5acc SystemParametersInfoW
0x4b5ad0 ShowWindow
0x4b5ad4 ShowScrollBar
0x4b5ad8 ShowOwnedPopups
0x4b5adc SetWindowsHookExW
0x4b5ae0 SetWindowTextW
0x4b5ae4 SetWindowPos
0x4b5ae8 SetWindowPlacement
0x4b5aec SetWindowLongW
0x4b5af0 SetTimer
0x4b5af4 SetScrollRange
0x4b5af8 SetScrollPos
0x4b5afc SetScrollInfo
0x4b5b00 SetRect
0x4b5b04 SetPropW
0x4b5b08 SetParent
0x4b5b0c SetMenuItemInfoW
0x4b5b10 SetMenu
0x4b5b14 SetForegroundWindow
0x4b5b18 SetFocus
0x4b5b1c SetCursorPos
0x4b5b20 SetCursor
0x4b5b24 SetClassLongW
0x4b5b28 SetCapture
0x4b5b2c SetActiveWindow
0x4b5b30 SendMessageA
0x4b5b34 SendMessageW
0x4b5b38 ScrollWindow
0x4b5b3c ScreenToClient
0x4b5b40 RemovePropW
0x4b5b44 RemoveMenu
0x4b5b48 ReleaseDC
0x4b5b4c ReleaseCapture
0x4b5b50 RegisterWindowMessageW
0x4b5b54 RegisterClipboardFormatW
0x4b5b58 RegisterClassW
0x4b5b5c RedrawWindow
0x4b5b60 PostQuitMessage
0x4b5b64 PostMessageW
0x4b5b68 PeekMessageA
0x4b5b6c PeekMessageW
0x4b5b70 OffsetRect
0x4b5b74 MsgWaitForMultipleObjectsEx
0x4b5b78 MsgWaitForMultipleObjects
0x4b5b7c MessageBoxW
0x4b5b80 MapWindowPoints
0x4b5b84 MapVirtualKeyW
0x4b5b88 LoadStringW
0x4b5b8c LoadKeyboardLayoutW
0x4b5b90 LoadIconW
0x4b5b94 LoadCursorW
0x4b5b98 LoadBitmapW
0x4b5b9c KillTimer
0x4b5ba0 IsZoomed
0x4b5ba4 IsWindowVisible
0x4b5ba8 IsWindowUnicode
0x4b5bac IsWindowEnabled
0x4b5bb0 IsWindow
0x4b5bb4 IsIconic
0x4b5bb8 IsDialogMessageA
0x4b5bbc IsDialogMessageW
0x4b5bc0 IsChild
0x4b5bc4 InvalidateRect
0x4b5bc8 IntersectRect
0x4b5bcc InsertMenuItemW
0x4b5bd0 InsertMenuW
0x4b5bd4 InflateRect
0x4b5bd8 GetWindowThreadProcessId
0x4b5bdc GetWindowTextW
0x4b5be0 GetWindowRect
0x4b5be4 GetWindowPlacement
0x4b5be8 GetWindowLongW
0x4b5bec GetWindowDC
0x4b5bf0 GetTopWindow
0x4b5bf4 GetSystemMetrics
0x4b5bf8 GetSystemMenu
0x4b5bfc GetSysColorBrush
0x4b5c00 GetSysColor
0x4b5c04 GetSubMenu
0x4b5c08 GetScrollRange
0x4b5c0c GetScrollPos
0x4b5c10 GetScrollInfo
0x4b5c14 GetPropW
0x4b5c18 GetParent
0x4b5c1c GetWindow
0x4b5c20 GetMessagePos
0x4b5c24 GetMessageExtraInfo
0x4b5c28 GetMenuStringW
0x4b5c2c GetMenuState
0x4b5c30 GetMenuItemInfoW
0x4b5c34 GetMenuItemID
0x4b5c38 GetMenuItemCount
0x4b5c3c GetMenu
0x4b5c40 GetLastActivePopup
0x4b5c44 GetKeyboardState
0x4b5c48 GetKeyboardLayoutNameW
0x4b5c4c GetKeyboardLayoutList
0x4b5c50 GetKeyboardLayout
0x4b5c54 GetKeyState
0x4b5c58 GetKeyNameTextW
0x4b5c5c GetIconInfo
0x4b5c60 GetForegroundWindow
0x4b5c64 GetFocus
0x4b5c68 GetDesktopWindow
0x4b5c6c GetDCEx
0x4b5c70 GetDC
0x4b5c74 GetCursorPos
0x4b5c78 GetCursor
0x4b5c7c GetClientRect
0x4b5c80 GetClassLongW
0x4b5c84 GetClassInfoW
0x4b5c88 GetCapture
0x4b5c8c GetActiveWindow
0x4b5c90 FrameRect
0x4b5c94 FindWindowExW
0x4b5c98 FindWindowW
0x4b5c9c FillRect
0x4b5ca0 EnumWindows
0x4b5ca4 EnumThreadWindows
0x4b5ca8 EnumChildWindows
0x4b5cac EndPaint
0x4b5cb0 EnableWindow
0x4b5cb4 EnableScrollBar
0x4b5cb8 EnableMenuItem
0x4b5cbc DrawTextExW
0x4b5cc0 DrawTextW
0x4b5cc4 DrawMenuBar
0x4b5cc8 DrawIconEx
0x4b5ccc DrawIcon
0x4b5cd0 DrawFrameControl
0x4b5cd4 DrawFocusRect
0x4b5cd8 DrawEdge
0x4b5cdc DispatchMessageA
0x4b5ce0 DispatchMessageW
0x4b5ce4 DestroyWindow
0x4b5ce8 DestroyMenu
0x4b5cec DestroyIcon
0x4b5cf0 DestroyCursor
0x4b5cf4 DeleteMenu
0x4b5cf8 DefWindowProcW
0x4b5cfc DefMDIChildProcW
0x4b5d00 DefFrameProcW
0x4b5d04 CreatePopupMenu
0x4b5d08 CreateMenu
0x4b5d0c CreateIcon
0x4b5d10 CreateAcceleratorTableW
0x4b5d14 CopyIcon
0x4b5d18 ClientToScreen
0x4b5d1c CheckMenuItem
0x4b5d20 CharUpperBuffW
0x4b5d24 CharNextW
0x4b5d28 CharLowerW
0x4b5d2c CallWindowProcW
0x4b5d30 CallNextHookEx
0x4b5d34 BeginPaint
0x4b5d38 AdjustWindowRectEx
0x4b5d3c ActivateKeyboardLayout
msimg32.dll
0x4b5d44 AlphaBlend
gdi32.dll
0x4b5d4c UnrealizeObject
0x4b5d50 StretchDIBits
0x4b5d54 StretchBlt
0x4b5d58 StartPage
0x4b5d5c StartDocW
0x4b5d60 SetWindowOrgEx
0x4b5d64 SetViewportOrgEx
0x4b5d68 SetTextColor
0x4b5d6c SetStretchBltMode
0x4b5d70 SetROP2
0x4b5d74 SetPixel
0x4b5d78 SetDIBits
0x4b5d7c SetDIBColorTable
0x4b5d80 SetBrushOrgEx
0x4b5d84 SetBkMode
0x4b5d88 SetBkColor
0x4b5d8c SetAbortProc
0x4b5d90 SelectPalette
0x4b5d94 SelectObject
0x4b5d98 SaveDC
0x4b5d9c RoundRect
0x4b5da0 RestoreDC
0x4b5da4 Rectangle
0x4b5da8 RectVisible
0x4b5dac RealizePalette
0x4b5db0 Polyline
0x4b5db4 Polygon
0x4b5db8 PolyBezierTo
0x4b5dbc PolyBezier
0x4b5dc0 Pie
0x4b5dc4 PatBlt
0x4b5dc8 MoveToEx
0x4b5dcc MaskBlt
0x4b5dd0 LineTo
0x4b5dd4 IntersectClipRect
0x4b5dd8 GetWindowOrgEx
0x4b5ddc GetTextMetricsW
0x4b5de0 GetTextExtentPoint32W
0x4b5de4 GetSystemPaletteEntries
0x4b5de8 GetStockObject
0x4b5dec GetRgnBox
0x4b5df0 GetPixel
0x4b5df4 GetPaletteEntries
0x4b5df8 GetObjectW
0x4b5dfc GetDeviceCaps
0x4b5e00 GetDIBits
0x4b5e04 GetDIBColorTable
0x4b5e08 GetDCOrgEx
0x4b5e0c GetCurrentPositionEx
0x4b5e10 GetClipBox
0x4b5e14 GetBrushOrgEx
0x4b5e18 GetBitmapBits
0x4b5e1c FrameRgn
0x4b5e20 ExtTextOutW
0x4b5e24 ExtFloodFill
0x4b5e28 ExcludeClipRect
0x4b5e2c EnumFontsW
0x4b5e30 EnumFontFamiliesExW
0x4b5e34 EndPage
0x4b5e38 EndDoc
0x4b5e3c Ellipse
0x4b5e40 DeleteObject
0x4b5e44 DeleteDC
0x4b5e48 CreateSolidBrush
0x4b5e4c CreateRectRgn
0x4b5e50 CreatePenIndirect
0x4b5e54 CreatePalette
0x4b5e58 CreateICW
0x4b5e5c CreateHalftonePalette
0x4b5e60 CreateFontIndirectW
0x4b5e64 CreateDIBitmap
0x4b5e68 CreateDIBSection
0x4b5e6c CreateDCW
0x4b5e70 CreateCompatibleDC
0x4b5e74 CreateCompatibleBitmap
0x4b5e78 CreateBrushIndirect
0x4b5e7c CreateBitmap
0x4b5e80 Chord
0x4b5e84 BitBlt
0x4b5e88 Arc
0x4b5e8c AbortDoc
version.dll
0x4b5e94 VerQueryValueW
0x4b5e98 GetFileVersionInfoSizeW
0x4b5e9c GetFileVersionInfoW
kernel32.dll
0x4b5ea4 lstrcpyW
0x4b5ea8 WriteFile
0x4b5eac WideCharToMultiByte
0x4b5eb0 WaitForSingleObject
0x4b5eb4 WaitForMultipleObjectsEx
0x4b5eb8 VirtualQueryEx
0x4b5ebc VirtualQuery
0x4b5ec0 VirtualFree
0x4b5ec4 VirtualAlloc
0x4b5ec8 UpdateResourceW
0x4b5ecc TryEnterCriticalSection
0x4b5ed0 SwitchToThread
0x4b5ed4 SuspendThread
0x4b5ed8 SizeofResource
0x4b5edc SignalObjectAndWait
0x4b5ee0 SetThreadPriority
0x4b5ee4 SetThreadLocale
0x4b5ee8 SetLastError
0x4b5eec SetFilePointer
0x4b5ef0 SetFileAttributesW
0x4b5ef4 SetEvent
0x4b5ef8 SetErrorMode
0x4b5efc SetEndOfFile
0x4b5f00 ResumeThread
0x4b5f04 ResetEvent
0x4b5f08 ReadFile
0x4b5f0c RaiseException
0x4b5f10 IsDebuggerPresent
0x4b5f14 OpenMutexW
0x4b5f18 MultiByteToWideChar
0x4b5f1c MulDiv
0x4b5f20 MoveFileW
0x4b5f24 LockResource
0x4b5f28 LoadResource
0x4b5f2c LoadLibraryW
0x4b5f30 LeaveCriticalSection
0x4b5f34 InitializeCriticalSection
0x4b5f38 GlobalUnlock
0x4b5f3c GlobalLock
0x4b5f40 GlobalFree
0x4b5f44 GlobalFindAtomW
0x4b5f48 GlobalDeleteAtom
0x4b5f4c GlobalAlloc
0x4b5f50 GlobalAddAtomW
0x4b5f54 GetVersionExW
0x4b5f58 GetVersion
0x4b5f5c GetTickCount
0x4b5f60 GetThreadPriority
0x4b5f64 GetThreadLocale
0x4b5f68 GetStdHandle
0x4b5f6c GetProcAddress
0x4b5f70 GetModuleHandleW
0x4b5f74 GetModuleFileNameW
0x4b5f78 GetLogicalDriveStringsW
0x4b5f7c GetLocaleInfoW
0x4b5f80 GetLocalTime
0x4b5f84 GetLastError
0x4b5f88 GetFullPathNameW
0x4b5f8c GetFileAttributesW
0x4b5f90 GetExitCodeThread
0x4b5f94 GetDriveTypeW
0x4b5f98 GetDiskFreeSpaceW
0x4b5f9c GetDateFormatW
0x4b5fa0 GetCurrentThreadId
0x4b5fa4 GetCurrentThread
0x4b5fa8 GetCurrentProcessId
0x4b5fac GetCurrentProcess
0x4b5fb0 GetCPInfo
0x4b5fb4 FreeResource
0x4b5fb8 InterlockedExchangeAdd
0x4b5fbc InterlockedExchange
0x4b5fc0 InterlockedCompareExchange
0x4b5fc4 FreeLibrary
0x4b5fc8 FormatMessageW
0x4b5fcc FindResourceW
0x4b5fd0 FindNextFileW
0x4b5fd4 FindFirstFileW
0x4b5fd8 FindClose
0x4b5fdc FileTimeToLocalFileTime
0x4b5fe0 FileTimeToDosDateTime
0x4b5fe4 EnumCalendarInfoW
0x4b5fe8 EnterCriticalSection
0x4b5fec EndUpdateResourceW
0x4b5ff0 DeleteFileW
0x4b5ff4 DeleteCriticalSection
0x4b5ff8 CreateThread
0x4b5ffc CreateMutexW
0x4b6000 CreateFileW
0x4b6004 CreateEventW
0x4b6008 CompareStringW
0x4b600c CloseHandle
0x4b6010 BeginUpdateResourceW
advapi32.dll
0x4b6018 RegUnLoadKeyW
0x4b601c RegSetValueExW
0x4b6020 RegSaveKeyW
0x4b6024 RegRestoreKeyW
0x4b6028 RegReplaceKeyW
0x4b602c RegQueryValueExW
0x4b6030 RegQueryInfoKeyW
0x4b6034 RegOpenKeyExW
0x4b6038 RegLoadKeyW
0x4b603c RegFlushKey
0x4b6040 RegEnumValueW
0x4b6044 RegEnumKeyExW
0x4b6048 RegDeleteValueW
0x4b604c RegDeleteKeyW
0x4b6050 RegCreateKeyExW
0x4b6054 RegConnectRegistryW
0x4b6058 RegCloseKey
oleaut32.dll
0x4b6060 GetErrorInfo
0x4b6064 SysFreeString
ole32.dll
0x4b606c OleUninitialize
0x4b6070 OleInitialize
0x4b6074 CoTaskMemFree
0x4b6078 StringFromCLSID
0x4b607c CoCreateInstance
0x4b6080 CoUninitialize
0x4b6084 CoInitialize
comctl32.dll
0x4b608c InitializeFlatSB
0x4b6090 FlatSB_SetScrollProp
0x4b6094 FlatSB_SetScrollPos
0x4b6098 FlatSB_SetScrollInfo
0x4b609c FlatSB_GetScrollPos
0x4b60a0 FlatSB_GetScrollInfo
0x4b60a4 _TrackMouseEvent
0x4b60a8 ImageList_GetImageInfo
0x4b60ac ImageList_SetIconSize
0x4b60b0 ImageList_GetIconSize
0x4b60b4 ImageList_Write
0x4b60b8 ImageList_Read
0x4b60bc ImageList_GetDragImage
0x4b60c0 ImageList_DragShowNolock
0x4b60c4 ImageList_DragMove
0x4b60c8 ImageList_DragLeave
0x4b60cc ImageList_DragEnter
0x4b60d0 ImageList_EndDrag
0x4b60d4 ImageList_BeginDrag
0x4b60d8 ImageList_Copy
0x4b60dc ImageList_LoadImageW
0x4b60e0 ImageList_GetIcon
0x4b60e4 ImageList_Remove
0x4b60e8 ImageList_DrawEx
0x4b60ec ImageList_Replace
0x4b60f0 ImageList_Draw
0x4b60f4 ImageList_SetOverlayImage
0x4b60f8 ImageList_GetBkColor
0x4b60fc ImageList_SetBkColor
0x4b6100 ImageList_ReplaceIcon
0x4b6104 ImageList_Add
0x4b6108 ImageList_SetImageCount
0x4b610c ImageList_GetImageCount
0x4b6110 ImageList_Destroy
0x4b6114 ImageList_Create
kernel32.dll
0x4b611c Sleep
oleaut32.dll
0x4b6124 SafeArrayPtrOfIndex
0x4b6128 SafeArrayGetUBound
0x4b612c SafeArrayGetLBound
0x4b6130 SafeArrayCreate
0x4b6134 VariantChangeType
0x4b6138 VariantCopy
0x4b613c VariantClear
0x4b6140 VariantInit
shell32.dll
0x4b6148 ShellExecuteW
0x4b614c ExtractIconW
shell32.dll
0x4b6154 SHGetSpecialFolderLocation
0x4b6158 SHGetPathFromIDListW
winspool.drv
0x4b6160 OpenPrinterW
0x4b6164 EnumPrintersW
0x4b6168 DocumentPropertiesW
0x4b616c ClosePrinter
winspool.drv
0x4b6174 GetDefaultPrinterW
EAT(Export Address Table) is none