ScreenShot
| Created | 2021.10.15 18:04 | Machine | s1_win7_x6402 |
| Filename | babay.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 55 detected (AIDetect, malware2, malicious, high confidence, WebPick, Zusy, Dodiw, FCXS, Unsafe, Save, confidence, ZexaF, TuW@aifT5qbi, Eldorado, Fsysna, cewh, duviir, Cradle, RATX, Gencirc, BrowseFox, BAGZ, bhnec, BabylonRAT, uqiib, ASMalwS, score, R197218, ai score=85, PasswordStealer, CLASSIC, GenAsa, qQ7637zty1s, Static AI, Malicious PE, 100%, Genetic, susgen) | ||
| md5 | 1f67cc3aee307cde9e5102d372f9b87e | ||
| sha256 | 8618bf549fe77b12325caeac35e24857145cba568d740c191a5850e2cc2c3960 | ||
| ssdeep | 12288:8qzcpVgUXzL0TTUKZHTNloEkOpnKgofuIwV6eAj0wZxxXMcEe/3paPcgrX:8qzcpKIL0TvZzNlNky0wVW0wZxxVgrX | ||
| imphash | 2cbe6db2ec1d8a931b50336af1a7dc15 | ||
| impfuzzy | 96:9VftCPsajgFBCuQC/KK3xc8fZhVLarbmiMXHg5h1kKn0mQyKgbR:9dkPsajgLf13t8EHg5hFnlQ49 | ||
Network IP location
Signature (9cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 55 AntiVirus engines on VirusTotal as malicious |
| danger | Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) |
| warning | Generates some ICMP traffic |
| watch | Communicates with host for which no DNS query was performed |
| watch | Creates a windows hook that monitors keyboard input (keylogger) |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Checks whether any human activity is being performed by constantly checking whether the foreground window changed |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x48307c IsWow64Process
0x483080 GetLocaleInfoW
0x483084 CreateProcessW
0x483088 GetFileSize
0x48308c WriteFile
0x483090 ReadFile
0x483094 GetSystemDirectoryA
0x483098 CreateFileA
0x48309c SetFileAttributesA
0x4830a0 lstrcmpW
0x4830a4 lstrlenW
0x4830a8 GetModuleFileNameW
0x4830ac GetTempFileNameW
0x4830b0 RemoveDirectoryW
0x4830b4 SetFileAttributesW
0x4830b8 GetFileAttributesW
0x4830bc DeleteFileW
0x4830c0 CopyFileW
0x4830c4 MoveFileW
0x4830c8 MoveFileExW
0x4830cc GetCurrentProcessId
0x4830d0 GetVersionExW
0x4830d4 GetExitCodeProcess
0x4830d8 CreatePipe
0x4830dc PeekNamedPipe
0x4830e0 GetStartupInfoW
0x4830e4 DeleteFileA
0x4830e8 AreFileApisANSI
0x4830ec GetSystemTime
0x4830f0 LocalFree
0x4830f4 GetTempPathA
0x4830f8 GetVersionExA
0x4830fc OutputDebugStringA
0x483100 GetFileAttributesExW
0x483104 GetDiskFreeSpaceA
0x483108 CreateFileMappingW
0x48310c CreateFileMappingA
0x483110 GetDiskFreeSpaceW
0x483114 LockFileEx
0x483118 HeapSize
0x48311c GetLastError
0x483120 FlushFileBuffers
0x483124 CreateFileW
0x483128 HeapValidate
0x48312c HeapCreate
0x483130 HeapDestroy
0x483134 FormatMessageW
0x483138 FormatMessageA
0x48313c GetSystemTimeAsFileTime
0x483140 GetProcessHeap
0x483144 UnlockFileEx
0x483148 GetTickCount
0x48314c OutputDebugStringW
0x483150 WaitForSingleObjectEx
0x483154 LockFile
0x483158 FlushViewOfFile
0x48315c UnlockFile
0x483160 InterlockedCompareExchange
0x483164 WaitForSingleObject
0x483168 HeapFree
0x48316c QueryPerformanceCounter
0x483170 SystemTimeToFileTime
0x483174 HeapAlloc
0x483178 FreeLibrary
0x48317c SetEndOfFile
0x483180 UnmapViewOfFile
0x483184 MapViewOfFile
0x483188 ResetEvent
0x48318c HeapCompact
0x483190 GetTempPathW
0x483194 HeapReAlloc
0x483198 GetFullPathNameA
0x48319c GetFullPathNameW
0x4831a0 GetCurrentThreadId
0x4831a4 TryEnterCriticalSection
0x4831a8 GetCurrentProcess
0x4831ac SetErrorMode
0x4831b0 GetCommandLineW
0x4831b4 GetCurrentDirectoryW
0x4831b8 SetSystemPowerState
0x4831bc OpenMutexW
0x4831c0 GlobalAlloc
0x4831c4 GlobalFree
0x4831c8 InterlockedDecrement
0x4831cc lstrcpyW
0x4831d0 GetComputerNameW
0x4831d4 GetLogicalDrives
0x4831d8 GetFileSizeEx
0x4831dc FindClose
0x4831e0 SystemTimeToTzSpecificLocalTime
0x4831e4 FileTimeToSystemTime
0x4831e8 GetDriveTypeW
0x4831ec GetDiskFreeSpaceExW
0x4831f0 FindFirstFileW
0x4831f4 FindNextFileW
0x4831f8 SetEvent
0x4831fc DeleteCriticalSection
0x483200 LeaveCriticalSection
0x483204 WriteConsoleW
0x483208 SetStdHandle
0x48320c FreeEnvironmentStringsW
0x483210 GetEnvironmentStringsW
0x483214 GetModuleFileNameA
0x483218 GetTimeZoneInformation
0x48321c GetConsoleCP
0x483220 GetFileType
0x483224 SetFilePointerEx
0x483228 ReadConsoleW
0x48322c GetConsoleMode
0x483230 SetEnvironmentVariableW
0x483234 SetEnvironmentVariableA
0x483238 GetStdHandle
0x48323c GetOEMCP
0x483240 GetACP
0x483244 IsValidCodePage
0x483248 GetModuleHandleExW
0x48324c ExitProcess
0x483250 EnumSystemLocalesW
0x483254 GetUserDefaultLCID
0x483258 IsValidLocale
0x48325c LCMapStringW
0x483260 CompareStringW
0x483264 GetTimeFormatW
0x483268 GetDateFormatW
0x48326c TlsFree
0x483270 EnterCriticalSection
0x483274 TlsSetValue
0x483278 TlsGetValue
0x48327c TlsAlloc
0x483280 InitializeCriticalSectionAndSpinCount
0x483284 SetLastError
0x483288 SetUnhandledExceptionFilter
0x48328c UnhandledExceptionFilter
0x483290 GetCPInfo
0x483294 LoadLibraryW
0x483298 GetNativeSystemInfo
0x48329c GetSystemInfo
0x4832a0 GlobalMemoryStatusEx
0x4832a4 Process32NextW
0x4832a8 Process32FirstW
0x4832ac CreateDirectoryW
0x4832b0 GetLocalTime
0x4832b4 GlobalUnlock
0x4832b8 GlobalLock
0x4832bc CreateEventW
0x4832c0 CreateMutexW
0x4832c4 Sleep
0x4832c8 InitializeCriticalSection
0x4832cc GetModuleHandleW
0x4832d0 ResumeThread
0x4832d4 TerminateThread
0x4832d8 CreateThread
0x4832dc Process32Next
0x4832e0 Process32First
0x4832e4 CreateToolhelp32Snapshot
0x4832e8 WideCharToMultiByte
0x4832ec MultiByteToWideChar
0x4832f0 GetPrivateProfileSectionNamesA
0x4832f4 GetPrivateProfileStringA
0x4832f8 LoadLibraryA
0x4832fc CloseHandle
0x483300 TerminateProcess
0x483304 OpenProcess
0x483308 GetProcAddress
0x48330c GetFileAttributesA
0x483310 lstrlenA
0x483314 lstrcatA
0x483318 SetFilePointer
0x48331c GetCommandLineA
0x483320 LoadLibraryExW
0x483324 ExitThread
0x483328 IsProcessorFeaturePresent
0x48332c IsDebuggerPresent
0x483330 RtlUnwind
0x483334 RaiseException
0x483338 GetStringTypeW
0x48333c DecodePointer
0x483340 EncodePointer
USER32.dll
0x4833a8 LoadIconW
0x4833ac wsprintfW
0x4833b0 OpenClipboard
0x4833b4 CloseClipboard
0x4833b8 GetClipboardData
0x4833bc GetForegroundWindow
0x4833c0 GetWindowThreadProcessId
0x4833c4 ToUnicodeEx
0x4833c8 GetKeyboardLayout
0x4833cc GetKeyboardState
0x4833d0 CharUpperW
0x4833d4 GetKeyState
0x4833d8 LoadCursorW
0x4833dc UnhookWindowsHookEx
0x4833e0 CallNextHookEx
0x4833e4 ExitWindowsEx
0x4833e8 GetLastInputInfo
0x4833ec GetWindowRect
0x4833f0 SendInput
0x4833f4 GetSystemMetrics
0x4833f8 GetDC
0x4833fc ReleaseDC
0x483400 GetClientRect
0x483404 SetCursorPos
0x483408 GetWindowTextLengthW
0x48340c GetWindowTextW
0x483410 SetWindowTextW
0x483414 UpdateWindow
0x483418 FlashWindowEx
0x48341c ShowWindow
0x483420 CreateWindowExW
0x483424 EnumDisplaySettingsW
0x483428 EnumDisplayDevicesW
0x48342c GetDesktopWindow
0x483430 RegisterClassExW
0x483434 PostQuitMessage
0x483438 DefWindowProcW
0x48343c SendMessageW
0x483440 DispatchMessageW
0x483444 TranslateMessage
0x483448 GetMessageW
0x48344c SetWindowsHookExW
GDI32.dll
0x483048 SetStretchBltMode
0x48304c StretchBlt
0x483050 SelectObject
0x483054 GetDIBits
0x483058 DeleteObject
0x48305c CreateCompatibleDC
0x483060 CreateCompatibleBitmap
0x483064 SetTextColor
0x483068 SetBkColor
0x48306c GetStockObject
0x483070 CreateFontW
0x483074 GetObjectW
ADVAPI32.dll
0x483000 LookupPrivilegeValueW
0x483004 AdjustTokenPrivileges
0x483008 OpenProcessToken
0x48300c RegSetValueExW
0x483010 RegDeleteValueW
0x483014 RegCreateKeyW
0x483018 RegQueryValueExW
0x48301c RegOpenKeyExW
0x483020 GetUserNameW
0x483024 RegOpenKeyExA
0x483028 RegQueryValueExA
0x48302c RegCloseKey
SHELL32.dll
0x48337c SHGetFileInfoW
0x483380 SHGetFolderPathW
0x483384 ShellExecuteW
0x483388 SHGetKnownFolderPath
0x48338c SHFileOperationW
0x483390 CommandLineToArgvW
0x483394 SHGetFolderPathA
ole32.dll
0x4834d4 CoInitializeSecurity
0x4834d8 CoSetProxyBlanket
0x4834dc CoInitializeEx
0x4834e0 CoTaskMemFree
0x4834e4 CoCreateInstance
0x4834e8 CoInitialize
0x4834ec CoUninitialize
OLEAUT32.dll
0x483354 SysAllocString
0x483358 SysFreeString
0x48335c VariantClear
0x483360 VariantInit
SHLWAPI.dll
0x48339c None
0x4833a0 SHGetValueA
CRYPT32.dll
0x48303c CryptStringToBinaryA
0x483040 CryptUnprotectData
NETAPI32.dll
0x483348 NetApiBufferFree
0x48334c NetUserEnum
urlmon.dll
0x4834f4 URLDownloadToFileW
gdiplus.dll
0x483490 GdipFree
0x483494 GdiplusShutdown
0x483498 GdipCloneImage
0x48349c GdipCreateBitmapFromGdiDib
0x4834a0 GdipSaveImageToStream
0x4834a4 GdipDisposeImage
0x4834a8 GdiplusStartup
0x4834ac GdipGetImageEncoders
0x4834b0 GdipGetImageEncodersSize
0x4834b4 GdipBitmapUnlockBits
0x4834b8 GdipBitmapLockBits
0x4834bc GdipCreateBitmapFromStream
0x4834c0 GdipGetImagePixelFormat
0x4834c4 GdipGetImageHeight
0x4834c8 GdipGetImageWidth
0x4834cc GdipAlloc
WS2_32.dll
0x483454 WSAStartup
0x483458 connect
0x48345c ioctlsocket
0x483460 inet_ntop
0x483464 inet_pton
0x483468 FreeAddrInfoW
0x48346c GetAddrInfoW
0x483470 WSACleanup
0x483474 closesocket
0x483478 htons
0x48347c sendto
0x483480 socket
0x483484 send
0x483488 recv
PSAPI.DLL
0x483370 GetModuleFileNameExW
0x483374 GetModuleBaseNameW
POWRPROF.dll
0x483368 SetSuspendState
COMCTL32.dll
0x483034 InitCommonControlsEx
EAT(Export Address Table) is none
KERNEL32.dll
0x48307c IsWow64Process
0x483080 GetLocaleInfoW
0x483084 CreateProcessW
0x483088 GetFileSize
0x48308c WriteFile
0x483090 ReadFile
0x483094 GetSystemDirectoryA
0x483098 CreateFileA
0x48309c SetFileAttributesA
0x4830a0 lstrcmpW
0x4830a4 lstrlenW
0x4830a8 GetModuleFileNameW
0x4830ac GetTempFileNameW
0x4830b0 RemoveDirectoryW
0x4830b4 SetFileAttributesW
0x4830b8 GetFileAttributesW
0x4830bc DeleteFileW
0x4830c0 CopyFileW
0x4830c4 MoveFileW
0x4830c8 MoveFileExW
0x4830cc GetCurrentProcessId
0x4830d0 GetVersionExW
0x4830d4 GetExitCodeProcess
0x4830d8 CreatePipe
0x4830dc PeekNamedPipe
0x4830e0 GetStartupInfoW
0x4830e4 DeleteFileA
0x4830e8 AreFileApisANSI
0x4830ec GetSystemTime
0x4830f0 LocalFree
0x4830f4 GetTempPathA
0x4830f8 GetVersionExA
0x4830fc OutputDebugStringA
0x483100 GetFileAttributesExW
0x483104 GetDiskFreeSpaceA
0x483108 CreateFileMappingW
0x48310c CreateFileMappingA
0x483110 GetDiskFreeSpaceW
0x483114 LockFileEx
0x483118 HeapSize
0x48311c GetLastError
0x483120 FlushFileBuffers
0x483124 CreateFileW
0x483128 HeapValidate
0x48312c HeapCreate
0x483130 HeapDestroy
0x483134 FormatMessageW
0x483138 FormatMessageA
0x48313c GetSystemTimeAsFileTime
0x483140 GetProcessHeap
0x483144 UnlockFileEx
0x483148 GetTickCount
0x48314c OutputDebugStringW
0x483150 WaitForSingleObjectEx
0x483154 LockFile
0x483158 FlushViewOfFile
0x48315c UnlockFile
0x483160 InterlockedCompareExchange
0x483164 WaitForSingleObject
0x483168 HeapFree
0x48316c QueryPerformanceCounter
0x483170 SystemTimeToFileTime
0x483174 HeapAlloc
0x483178 FreeLibrary
0x48317c SetEndOfFile
0x483180 UnmapViewOfFile
0x483184 MapViewOfFile
0x483188 ResetEvent
0x48318c HeapCompact
0x483190 GetTempPathW
0x483194 HeapReAlloc
0x483198 GetFullPathNameA
0x48319c GetFullPathNameW
0x4831a0 GetCurrentThreadId
0x4831a4 TryEnterCriticalSection
0x4831a8 GetCurrentProcess
0x4831ac SetErrorMode
0x4831b0 GetCommandLineW
0x4831b4 GetCurrentDirectoryW
0x4831b8 SetSystemPowerState
0x4831bc OpenMutexW
0x4831c0 GlobalAlloc
0x4831c4 GlobalFree
0x4831c8 InterlockedDecrement
0x4831cc lstrcpyW
0x4831d0 GetComputerNameW
0x4831d4 GetLogicalDrives
0x4831d8 GetFileSizeEx
0x4831dc FindClose
0x4831e0 SystemTimeToTzSpecificLocalTime
0x4831e4 FileTimeToSystemTime
0x4831e8 GetDriveTypeW
0x4831ec GetDiskFreeSpaceExW
0x4831f0 FindFirstFileW
0x4831f4 FindNextFileW
0x4831f8 SetEvent
0x4831fc DeleteCriticalSection
0x483200 LeaveCriticalSection
0x483204 WriteConsoleW
0x483208 SetStdHandle
0x48320c FreeEnvironmentStringsW
0x483210 GetEnvironmentStringsW
0x483214 GetModuleFileNameA
0x483218 GetTimeZoneInformation
0x48321c GetConsoleCP
0x483220 GetFileType
0x483224 SetFilePointerEx
0x483228 ReadConsoleW
0x48322c GetConsoleMode
0x483230 SetEnvironmentVariableW
0x483234 SetEnvironmentVariableA
0x483238 GetStdHandle
0x48323c GetOEMCP
0x483240 GetACP
0x483244 IsValidCodePage
0x483248 GetModuleHandleExW
0x48324c ExitProcess
0x483250 EnumSystemLocalesW
0x483254 GetUserDefaultLCID
0x483258 IsValidLocale
0x48325c LCMapStringW
0x483260 CompareStringW
0x483264 GetTimeFormatW
0x483268 GetDateFormatW
0x48326c TlsFree
0x483270 EnterCriticalSection
0x483274 TlsSetValue
0x483278 TlsGetValue
0x48327c TlsAlloc
0x483280 InitializeCriticalSectionAndSpinCount
0x483284 SetLastError
0x483288 SetUnhandledExceptionFilter
0x48328c UnhandledExceptionFilter
0x483290 GetCPInfo
0x483294 LoadLibraryW
0x483298 GetNativeSystemInfo
0x48329c GetSystemInfo
0x4832a0 GlobalMemoryStatusEx
0x4832a4 Process32NextW
0x4832a8 Process32FirstW
0x4832ac CreateDirectoryW
0x4832b0 GetLocalTime
0x4832b4 GlobalUnlock
0x4832b8 GlobalLock
0x4832bc CreateEventW
0x4832c0 CreateMutexW
0x4832c4 Sleep
0x4832c8 InitializeCriticalSection
0x4832cc GetModuleHandleW
0x4832d0 ResumeThread
0x4832d4 TerminateThread
0x4832d8 CreateThread
0x4832dc Process32Next
0x4832e0 Process32First
0x4832e4 CreateToolhelp32Snapshot
0x4832e8 WideCharToMultiByte
0x4832ec MultiByteToWideChar
0x4832f0 GetPrivateProfileSectionNamesA
0x4832f4 GetPrivateProfileStringA
0x4832f8 LoadLibraryA
0x4832fc CloseHandle
0x483300 TerminateProcess
0x483304 OpenProcess
0x483308 GetProcAddress
0x48330c GetFileAttributesA
0x483310 lstrlenA
0x483314 lstrcatA
0x483318 SetFilePointer
0x48331c GetCommandLineA
0x483320 LoadLibraryExW
0x483324 ExitThread
0x483328 IsProcessorFeaturePresent
0x48332c IsDebuggerPresent
0x483330 RtlUnwind
0x483334 RaiseException
0x483338 GetStringTypeW
0x48333c DecodePointer
0x483340 EncodePointer
USER32.dll
0x4833a8 LoadIconW
0x4833ac wsprintfW
0x4833b0 OpenClipboard
0x4833b4 CloseClipboard
0x4833b8 GetClipboardData
0x4833bc GetForegroundWindow
0x4833c0 GetWindowThreadProcessId
0x4833c4 ToUnicodeEx
0x4833c8 GetKeyboardLayout
0x4833cc GetKeyboardState
0x4833d0 CharUpperW
0x4833d4 GetKeyState
0x4833d8 LoadCursorW
0x4833dc UnhookWindowsHookEx
0x4833e0 CallNextHookEx
0x4833e4 ExitWindowsEx
0x4833e8 GetLastInputInfo
0x4833ec GetWindowRect
0x4833f0 SendInput
0x4833f4 GetSystemMetrics
0x4833f8 GetDC
0x4833fc ReleaseDC
0x483400 GetClientRect
0x483404 SetCursorPos
0x483408 GetWindowTextLengthW
0x48340c GetWindowTextW
0x483410 SetWindowTextW
0x483414 UpdateWindow
0x483418 FlashWindowEx
0x48341c ShowWindow
0x483420 CreateWindowExW
0x483424 EnumDisplaySettingsW
0x483428 EnumDisplayDevicesW
0x48342c GetDesktopWindow
0x483430 RegisterClassExW
0x483434 PostQuitMessage
0x483438 DefWindowProcW
0x48343c SendMessageW
0x483440 DispatchMessageW
0x483444 TranslateMessage
0x483448 GetMessageW
0x48344c SetWindowsHookExW
GDI32.dll
0x483048 SetStretchBltMode
0x48304c StretchBlt
0x483050 SelectObject
0x483054 GetDIBits
0x483058 DeleteObject
0x48305c CreateCompatibleDC
0x483060 CreateCompatibleBitmap
0x483064 SetTextColor
0x483068 SetBkColor
0x48306c GetStockObject
0x483070 CreateFontW
0x483074 GetObjectW
ADVAPI32.dll
0x483000 LookupPrivilegeValueW
0x483004 AdjustTokenPrivileges
0x483008 OpenProcessToken
0x48300c RegSetValueExW
0x483010 RegDeleteValueW
0x483014 RegCreateKeyW
0x483018 RegQueryValueExW
0x48301c RegOpenKeyExW
0x483020 GetUserNameW
0x483024 RegOpenKeyExA
0x483028 RegQueryValueExA
0x48302c RegCloseKey
SHELL32.dll
0x48337c SHGetFileInfoW
0x483380 SHGetFolderPathW
0x483384 ShellExecuteW
0x483388 SHGetKnownFolderPath
0x48338c SHFileOperationW
0x483390 CommandLineToArgvW
0x483394 SHGetFolderPathA
ole32.dll
0x4834d4 CoInitializeSecurity
0x4834d8 CoSetProxyBlanket
0x4834dc CoInitializeEx
0x4834e0 CoTaskMemFree
0x4834e4 CoCreateInstance
0x4834e8 CoInitialize
0x4834ec CoUninitialize
OLEAUT32.dll
0x483354 SysAllocString
0x483358 SysFreeString
0x48335c VariantClear
0x483360 VariantInit
SHLWAPI.dll
0x48339c None
0x4833a0 SHGetValueA
CRYPT32.dll
0x48303c CryptStringToBinaryA
0x483040 CryptUnprotectData
NETAPI32.dll
0x483348 NetApiBufferFree
0x48334c NetUserEnum
urlmon.dll
0x4834f4 URLDownloadToFileW
gdiplus.dll
0x483490 GdipFree
0x483494 GdiplusShutdown
0x483498 GdipCloneImage
0x48349c GdipCreateBitmapFromGdiDib
0x4834a0 GdipSaveImageToStream
0x4834a4 GdipDisposeImage
0x4834a8 GdiplusStartup
0x4834ac GdipGetImageEncoders
0x4834b0 GdipGetImageEncodersSize
0x4834b4 GdipBitmapUnlockBits
0x4834b8 GdipBitmapLockBits
0x4834bc GdipCreateBitmapFromStream
0x4834c0 GdipGetImagePixelFormat
0x4834c4 GdipGetImageHeight
0x4834c8 GdipGetImageWidth
0x4834cc GdipAlloc
WS2_32.dll
0x483454 WSAStartup
0x483458 connect
0x48345c ioctlsocket
0x483460 inet_ntop
0x483464 inet_pton
0x483468 FreeAddrInfoW
0x48346c GetAddrInfoW
0x483470 WSACleanup
0x483474 closesocket
0x483478 htons
0x48347c sendto
0x483480 socket
0x483484 send
0x483488 recv
PSAPI.DLL
0x483370 GetModuleFileNameExW
0x483374 GetModuleBaseNameW
POWRPROF.dll
0x483368 SetSuspendState
COMCTL32.dll
0x483034 InitCommonControlsEx
EAT(Export Address Table) is none