ScreenShot
| Created | 2021.10.16 13:29 | Machine | s1_win7_x6402 |
| Filename | vbc.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 34 detected (Formbook, malicious, high confidence, Siggen15, GenericKDZ, Midie, Unsafe, Save, confidence, 100%, ZXRR, EQHV, FileRepMalware, AGEN, ai score=80, kcloud, Remcos, score, R445723, GenericRXAA, BScope, Noon, R002H0CJF21, EQAC, GdSda, susgen) | ||
| md5 | cc92dedec89f09b08729784048f1060b | ||
| sha256 | a2539269c2b9200d7baed9f0dfc25b59fd4713a641d79fd9bd13272c7e1296ca | ||
| ssdeep | 12288:bCF4Dqt0bJMifjeHRcPF7KyiNUZci+BfZ8fQO:eiVbJMifjQ0JiNUZc/Z8I | ||
| imphash | f5ffba271bfb9624023f7853a89e38a4 | ||
| impfuzzy | 192:o13MDbuu0xSUvK9ksoHXEpettMDg1OwPOQP:C3m0q9uJ1zPOQP | ||
Network IP location
Signature (7cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 34 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Performs some HTTP requests |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x4867b8 SysFreeString
0x4867bc SysReAllocStringLen
0x4867c0 SysAllocStringLen
advapi32.dll
0x4867c8 RegQueryValueExA
0x4867cc RegOpenKeyExA
0x4867d0 RegCloseKey
user32.dll
0x4867d8 GetKeyboardType
0x4867dc DestroyWindow
0x4867e0 LoadStringA
0x4867e4 MessageBoxA
0x4867e8 CharNextA
kernel32.dll
0x4867f0 GetACP
0x4867f4 Sleep
0x4867f8 VirtualFree
0x4867fc VirtualAlloc
0x486800 GetCurrentThreadId
0x486804 InterlockedDecrement
0x486808 InterlockedIncrement
0x48680c VirtualQuery
0x486810 WideCharToMultiByte
0x486814 MultiByteToWideChar
0x486818 lstrlenA
0x48681c lstrcpynA
0x486820 LoadLibraryExA
0x486824 GetThreadLocale
0x486828 GetStartupInfoA
0x48682c GetProcAddress
0x486830 GetModuleHandleA
0x486834 GetModuleFileNameA
0x486838 GetLocaleInfoA
0x48683c GetCommandLineA
0x486840 FreeLibrary
0x486844 FindFirstFileA
0x486848 FindClose
0x48684c ExitProcess
0x486850 CompareStringA
0x486854 WriteFile
0x486858 UnhandledExceptionFilter
0x48685c RtlUnwind
0x486860 RaiseException
0x486864 GetStdHandle
kernel32.dll
0x48686c TlsSetValue
0x486870 TlsGetValue
0x486874 LocalAlloc
0x486878 GetModuleHandleA
user32.dll
0x486880 CreateWindowExA
0x486884 WindowFromPoint
0x486888 WaitMessage
0x48688c UpdateWindow
0x486890 UnregisterClassA
0x486894 UnhookWindowsHookEx
0x486898 TranslateMessage
0x48689c TranslateMDISysAccel
0x4868a0 TrackPopupMenu
0x4868a4 SystemParametersInfoA
0x4868a8 ShowWindow
0x4868ac ShowScrollBar
0x4868b0 ShowOwnedPopups
0x4868b4 SetWindowsHookExA
0x4868b8 SetWindowPos
0x4868bc SetWindowPlacement
0x4868c0 SetWindowLongW
0x4868c4 SetWindowLongA
0x4868c8 SetTimer
0x4868cc SetScrollRange
0x4868d0 SetScrollPos
0x4868d4 SetScrollInfo
0x4868d8 SetRect
0x4868dc SetPropA
0x4868e0 SetParent
0x4868e4 SetMenuItemInfoA
0x4868e8 SetMenu
0x4868ec SetForegroundWindow
0x4868f0 SetFocus
0x4868f4 SetCursor
0x4868f8 SetClassLongA
0x4868fc SetCapture
0x486900 SetActiveWindow
0x486904 SendMessageW
0x486908 SendMessageA
0x48690c ScrollWindow
0x486910 ScreenToClient
0x486914 RemovePropA
0x486918 RemoveMenu
0x48691c ReleaseDC
0x486920 ReleaseCapture
0x486924 RegisterWindowMessageA
0x486928 RegisterClipboardFormatA
0x48692c RegisterClassA
0x486930 RedrawWindow
0x486934 PtInRect
0x486938 PostQuitMessage
0x48693c PostMessageA
0x486940 PeekMessageW
0x486944 PeekMessageA
0x486948 OffsetRect
0x48694c OemToCharA
0x486950 MessageBoxA
0x486954 MapWindowPoints
0x486958 MapVirtualKeyA
0x48695c LoadStringA
0x486960 LoadKeyboardLayoutA
0x486964 LoadIconA
0x486968 LoadCursorA
0x48696c LoadBitmapA
0x486970 KillTimer
0x486974 IsZoomed
0x486978 IsWindowVisible
0x48697c IsWindowUnicode
0x486980 IsWindowEnabled
0x486984 IsWindow
0x486988 IsRectEmpty
0x48698c IsIconic
0x486990 IsDialogMessageW
0x486994 IsDialogMessageA
0x486998 IsChild
0x48699c InvalidateRect
0x4869a0 IntersectRect
0x4869a4 InsertMenuItemA
0x4869a8 InsertMenuA
0x4869ac InflateRect
0x4869b0 GetWindowThreadProcessId
0x4869b4 GetWindowTextA
0x4869b8 GetWindowRect
0x4869bc GetWindowPlacement
0x4869c0 GetWindowLongW
0x4869c4 GetWindowLongA
0x4869c8 GetWindowDC
0x4869cc GetTopWindow
0x4869d0 GetSystemMetrics
0x4869d4 GetSystemMenu
0x4869d8 GetSysColorBrush
0x4869dc GetSysColor
0x4869e0 GetSubMenu
0x4869e4 GetScrollRange
0x4869e8 GetScrollPos
0x4869ec GetScrollInfo
0x4869f0 GetPropA
0x4869f4 GetParent
0x4869f8 GetWindow
0x4869fc GetMessageTime
0x486a00 GetMessagePos
0x486a04 GetMenuStringA
0x486a08 GetMenuState
0x486a0c GetMenuItemInfoA
0x486a10 GetMenuItemID
0x486a14 GetMenuItemCount
0x486a18 GetMenu
0x486a1c GetLastActivePopup
0x486a20 GetKeyboardState
0x486a24 GetKeyboardLayoutNameA
0x486a28 GetKeyboardLayoutList
0x486a2c GetKeyboardLayout
0x486a30 GetKeyState
0x486a34 GetKeyNameTextA
0x486a38 GetIconInfo
0x486a3c GetForegroundWindow
0x486a40 GetFocus
0x486a44 GetDesktopWindow
0x486a48 GetDCEx
0x486a4c GetDC
0x486a50 GetCursorPos
0x486a54 GetCursor
0x486a58 GetClipboardData
0x486a5c GetClientRect
0x486a60 GetClassLongA
0x486a64 GetClassInfoA
0x486a68 GetCapture
0x486a6c GetActiveWindow
0x486a70 FrameRect
0x486a74 FindWindowA
0x486a78 FillRect
0x486a7c EqualRect
0x486a80 EnumWindows
0x486a84 EnumThreadWindows
0x486a88 EnumChildWindows
0x486a8c EndPaint
0x486a90 EnableWindow
0x486a94 EnableScrollBar
0x486a98 EnableMenuItem
0x486a9c DrawTextA
0x486aa0 DrawMenuBar
0x486aa4 DrawIconEx
0x486aa8 DrawIcon
0x486aac DrawFrameControl
0x486ab0 DrawEdge
0x486ab4 DispatchMessageW
0x486ab8 DispatchMessageA
0x486abc DestroyWindow
0x486ac0 DestroyMenu
0x486ac4 DestroyIcon
0x486ac8 DestroyCursor
0x486acc DeleteMenu
0x486ad0 DefWindowProcA
0x486ad4 DefMDIChildProcA
0x486ad8 DefFrameProcA
0x486adc CreatePopupMenu
0x486ae0 CreateMenu
0x486ae4 CreateIcon
0x486ae8 ClientToScreen
0x486aec CheckMenuItem
0x486af0 CallWindowProcA
0x486af4 CallNextHookEx
0x486af8 BeginPaint
0x486afc CharNextA
0x486b00 CharLowerBuffA
0x486b04 CharLowerA
0x486b08 CharToOemA
0x486b0c AdjustWindowRectEx
0x486b10 ActivateKeyboardLayout
gdi32.dll
0x486b18 UnrealizeObject
0x486b1c StretchBlt
0x486b20 SetWindowOrgEx
0x486b24 SetWinMetaFileBits
0x486b28 SetViewportOrgEx
0x486b2c SetTextColor
0x486b30 SetStretchBltMode
0x486b34 SetROP2
0x486b38 SetPixel
0x486b3c SetMapMode
0x486b40 SetEnhMetaFileBits
0x486b44 SetDIBColorTable
0x486b48 SetBrushOrgEx
0x486b4c SetBkMode
0x486b50 SetBkColor
0x486b54 SelectPalette
0x486b58 SelectObject
0x486b5c SelectClipRgn
0x486b60 SaveDC
0x486b64 RestoreDC
0x486b68 Rectangle
0x486b6c RectVisible
0x486b70 RealizePalette
0x486b74 PlayEnhMetaFile
0x486b78 PatBlt
0x486b7c MoveToEx
0x486b80 MaskBlt
0x486b84 LineTo
0x486b88 LPtoDP
0x486b8c IntersectClipRect
0x486b90 GetWindowOrgEx
0x486b94 GetWinMetaFileBits
0x486b98 GetTextMetricsA
0x486b9c GetTextExtentPoint32A
0x486ba0 GetSystemPaletteEntries
0x486ba4 GetStockObject
0x486ba8 GetRgnBox
0x486bac GetPixelFormat
0x486bb0 GetPixel
0x486bb4 GetPaletteEntries
0x486bb8 GetObjectA
0x486bbc GetEnhMetaFilePaletteEntries
0x486bc0 GetEnhMetaFileHeader
0x486bc4 GetEnhMetaFileDescriptionA
0x486bc8 GetEnhMetaFileBits
0x486bcc GetDeviceCaps
0x486bd0 GetDIBits
0x486bd4 GetDIBColorTable
0x486bd8 GetDCOrgEx
0x486bdc GetCurrentPositionEx
0x486be0 GetClipBox
0x486be4 GetBrushOrgEx
0x486be8 GetBitmapBits
0x486bec GdiFlush
0x486bf0 ExcludeClipRect
0x486bf4 DeleteObject
0x486bf8 DeleteEnhMetaFile
0x486bfc DeleteDC
0x486c00 CreateSolidBrush
0x486c04 CreatePenIndirect
0x486c08 CreatePalette
0x486c0c CreateHalftonePalette
0x486c10 CreateFontIndirectA
0x486c14 CreateEnhMetaFileA
0x486c18 CreateDIBitmap
0x486c1c CreateDIBSection
0x486c20 CreateCompatibleDC
0x486c24 CreateCompatibleBitmap
0x486c28 CreateBrushIndirect
0x486c2c CreateBitmap
0x486c30 CopyEnhMetaFileA
0x486c34 CloseEnhMetaFile
0x486c38 BitBlt
version.dll
0x486c40 VerQueryValueA
0x486c44 GetFileVersionInfoSizeA
0x486c48 GetFileVersionInfoA
kernel32.dll
0x486c50 lstrcpyA
0x486c54 WriteFile
0x486c58 WaitForSingleObject
0x486c5c VirtualQuery
0x486c60 VirtualProtect
0x486c64 VirtualAlloc
0x486c68 SizeofResource
0x486c6c SetThreadLocale
0x486c70 SetFilePointer
0x486c74 SetEvent
0x486c78 SetErrorMode
0x486c7c SetEndOfFile
0x486c80 ResetEvent
0x486c84 ReadFile
0x486c88 MultiByteToWideChar
0x486c8c MulDiv
0x486c90 LockResource
0x486c94 LoadResource
0x486c98 LoadLibraryA
0x486c9c LeaveCriticalSection
0x486ca0 InitializeCriticalSection
0x486ca4 GlobalUnlock
0x486ca8 GlobalSize
0x486cac GlobalLock
0x486cb0 GlobalFree
0x486cb4 GlobalFindAtomA
0x486cb8 GlobalDeleteAtom
0x486cbc GlobalAlloc
0x486cc0 GlobalAddAtomA
0x486cc4 GetVersionExA
0x486cc8 GetVersion
0x486ccc GetUserDefaultLCID
0x486cd0 GetTickCount
0x486cd4 GetThreadLocale
0x486cd8 GetStdHandle
0x486cdc GetProcAddress
0x486ce0 GetModuleHandleA
0x486ce4 GetModuleFileNameA
0x486ce8 GetLocaleInfoA
0x486cec GetLocalTime
0x486cf0 GetLastError
0x486cf4 GetFullPathNameA
0x486cf8 GetDiskFreeSpaceA
0x486cfc GetDateFormatA
0x486d00 GetCurrentThreadId
0x486d04 GetCurrentProcessId
0x486d08 GetCurrentProcess
0x486d0c GetCPInfo
0x486d10 FreeResource
0x486d14 InterlockedExchange
0x486d18 FreeLibrary
0x486d1c FormatMessageA
0x486d20 FlushInstructionCache
0x486d24 FindResourceA
0x486d28 EnumCalendarInfoA
0x486d2c EnterCriticalSection
0x486d30 DeleteCriticalSection
0x486d34 CreateThread
0x486d38 CreateFileA
0x486d3c CreateEventA
0x486d40 CompareStringA
0x486d44 CloseHandle
advapi32.dll
0x486d4c RegQueryValueExA
0x486d50 RegOpenKeyExA
0x486d54 RegFlushKey
0x486d58 RegCloseKey
oleaut32.dll
0x486d60 GetErrorInfo
0x486d64 SysFreeString
ole32.dll
0x486d6c CreateStreamOnHGlobal
0x486d70 IsAccelerator
0x486d74 OleDraw
0x486d78 OleSetMenuDescriptor
0x486d7c CoCreateInstance
0x486d80 CoGetClassObject
0x486d84 CoUninitialize
0x486d88 CoInitialize
0x486d8c IsEqualGUID
kernel32.dll
0x486d94 Sleep
oleaut32.dll
0x486d9c SafeArrayPtrOfIndex
0x486da0 SafeArrayGetUBound
0x486da4 SafeArrayGetLBound
0x486da8 SafeArrayCreate
0x486dac VariantChangeType
0x486db0 VariantCopy
0x486db4 VariantClear
0x486db8 VariantInit
comctl32.dll
0x486dc0 _TrackMouseEvent
0x486dc4 ImageList_SetIconSize
0x486dc8 ImageList_GetIconSize
0x486dcc ImageList_Write
0x486dd0 ImageList_Read
0x486dd4 ImageList_DragShowNolock
0x486dd8 ImageList_DragMove
0x486ddc ImageList_DragLeave
0x486de0 ImageList_DragEnter
0x486de4 ImageList_EndDrag
0x486de8 ImageList_BeginDrag
0x486dec ImageList_Remove
0x486df0 ImageList_DrawEx
0x486df4 ImageList_Draw
0x486df8 ImageList_GetBkColor
0x486dfc ImageList_SetBkColor
0x486e00 ImageList_Add
0x486e04 ImageList_GetImageCount
0x486e08 ImageList_Destroy
0x486e0c ImageList_Create
winhttp
0x486e14 WinHttpCheckPlatform
EAT(Export Address Table) is none
oleaut32.dll
0x4867b8 SysFreeString
0x4867bc SysReAllocStringLen
0x4867c0 SysAllocStringLen
advapi32.dll
0x4867c8 RegQueryValueExA
0x4867cc RegOpenKeyExA
0x4867d0 RegCloseKey
user32.dll
0x4867d8 GetKeyboardType
0x4867dc DestroyWindow
0x4867e0 LoadStringA
0x4867e4 MessageBoxA
0x4867e8 CharNextA
kernel32.dll
0x4867f0 GetACP
0x4867f4 Sleep
0x4867f8 VirtualFree
0x4867fc VirtualAlloc
0x486800 GetCurrentThreadId
0x486804 InterlockedDecrement
0x486808 InterlockedIncrement
0x48680c VirtualQuery
0x486810 WideCharToMultiByte
0x486814 MultiByteToWideChar
0x486818 lstrlenA
0x48681c lstrcpynA
0x486820 LoadLibraryExA
0x486824 GetThreadLocale
0x486828 GetStartupInfoA
0x48682c GetProcAddress
0x486830 GetModuleHandleA
0x486834 GetModuleFileNameA
0x486838 GetLocaleInfoA
0x48683c GetCommandLineA
0x486840 FreeLibrary
0x486844 FindFirstFileA
0x486848 FindClose
0x48684c ExitProcess
0x486850 CompareStringA
0x486854 WriteFile
0x486858 UnhandledExceptionFilter
0x48685c RtlUnwind
0x486860 RaiseException
0x486864 GetStdHandle
kernel32.dll
0x48686c TlsSetValue
0x486870 TlsGetValue
0x486874 LocalAlloc
0x486878 GetModuleHandleA
user32.dll
0x486880 CreateWindowExA
0x486884 WindowFromPoint
0x486888 WaitMessage
0x48688c UpdateWindow
0x486890 UnregisterClassA
0x486894 UnhookWindowsHookEx
0x486898 TranslateMessage
0x48689c TranslateMDISysAccel
0x4868a0 TrackPopupMenu
0x4868a4 SystemParametersInfoA
0x4868a8 ShowWindow
0x4868ac ShowScrollBar
0x4868b0 ShowOwnedPopups
0x4868b4 SetWindowsHookExA
0x4868b8 SetWindowPos
0x4868bc SetWindowPlacement
0x4868c0 SetWindowLongW
0x4868c4 SetWindowLongA
0x4868c8 SetTimer
0x4868cc SetScrollRange
0x4868d0 SetScrollPos
0x4868d4 SetScrollInfo
0x4868d8 SetRect
0x4868dc SetPropA
0x4868e0 SetParent
0x4868e4 SetMenuItemInfoA
0x4868e8 SetMenu
0x4868ec SetForegroundWindow
0x4868f0 SetFocus
0x4868f4 SetCursor
0x4868f8 SetClassLongA
0x4868fc SetCapture
0x486900 SetActiveWindow
0x486904 SendMessageW
0x486908 SendMessageA
0x48690c ScrollWindow
0x486910 ScreenToClient
0x486914 RemovePropA
0x486918 RemoveMenu
0x48691c ReleaseDC
0x486920 ReleaseCapture
0x486924 RegisterWindowMessageA
0x486928 RegisterClipboardFormatA
0x48692c RegisterClassA
0x486930 RedrawWindow
0x486934 PtInRect
0x486938 PostQuitMessage
0x48693c PostMessageA
0x486940 PeekMessageW
0x486944 PeekMessageA
0x486948 OffsetRect
0x48694c OemToCharA
0x486950 MessageBoxA
0x486954 MapWindowPoints
0x486958 MapVirtualKeyA
0x48695c LoadStringA
0x486960 LoadKeyboardLayoutA
0x486964 LoadIconA
0x486968 LoadCursorA
0x48696c LoadBitmapA
0x486970 KillTimer
0x486974 IsZoomed
0x486978 IsWindowVisible
0x48697c IsWindowUnicode
0x486980 IsWindowEnabled
0x486984 IsWindow
0x486988 IsRectEmpty
0x48698c IsIconic
0x486990 IsDialogMessageW
0x486994 IsDialogMessageA
0x486998 IsChild
0x48699c InvalidateRect
0x4869a0 IntersectRect
0x4869a4 InsertMenuItemA
0x4869a8 InsertMenuA
0x4869ac InflateRect
0x4869b0 GetWindowThreadProcessId
0x4869b4 GetWindowTextA
0x4869b8 GetWindowRect
0x4869bc GetWindowPlacement
0x4869c0 GetWindowLongW
0x4869c4 GetWindowLongA
0x4869c8 GetWindowDC
0x4869cc GetTopWindow
0x4869d0 GetSystemMetrics
0x4869d4 GetSystemMenu
0x4869d8 GetSysColorBrush
0x4869dc GetSysColor
0x4869e0 GetSubMenu
0x4869e4 GetScrollRange
0x4869e8 GetScrollPos
0x4869ec GetScrollInfo
0x4869f0 GetPropA
0x4869f4 GetParent
0x4869f8 GetWindow
0x4869fc GetMessageTime
0x486a00 GetMessagePos
0x486a04 GetMenuStringA
0x486a08 GetMenuState
0x486a0c GetMenuItemInfoA
0x486a10 GetMenuItemID
0x486a14 GetMenuItemCount
0x486a18 GetMenu
0x486a1c GetLastActivePopup
0x486a20 GetKeyboardState
0x486a24 GetKeyboardLayoutNameA
0x486a28 GetKeyboardLayoutList
0x486a2c GetKeyboardLayout
0x486a30 GetKeyState
0x486a34 GetKeyNameTextA
0x486a38 GetIconInfo
0x486a3c GetForegroundWindow
0x486a40 GetFocus
0x486a44 GetDesktopWindow
0x486a48 GetDCEx
0x486a4c GetDC
0x486a50 GetCursorPos
0x486a54 GetCursor
0x486a58 GetClipboardData
0x486a5c GetClientRect
0x486a60 GetClassLongA
0x486a64 GetClassInfoA
0x486a68 GetCapture
0x486a6c GetActiveWindow
0x486a70 FrameRect
0x486a74 FindWindowA
0x486a78 FillRect
0x486a7c EqualRect
0x486a80 EnumWindows
0x486a84 EnumThreadWindows
0x486a88 EnumChildWindows
0x486a8c EndPaint
0x486a90 EnableWindow
0x486a94 EnableScrollBar
0x486a98 EnableMenuItem
0x486a9c DrawTextA
0x486aa0 DrawMenuBar
0x486aa4 DrawIconEx
0x486aa8 DrawIcon
0x486aac DrawFrameControl
0x486ab0 DrawEdge
0x486ab4 DispatchMessageW
0x486ab8 DispatchMessageA
0x486abc DestroyWindow
0x486ac0 DestroyMenu
0x486ac4 DestroyIcon
0x486ac8 DestroyCursor
0x486acc DeleteMenu
0x486ad0 DefWindowProcA
0x486ad4 DefMDIChildProcA
0x486ad8 DefFrameProcA
0x486adc CreatePopupMenu
0x486ae0 CreateMenu
0x486ae4 CreateIcon
0x486ae8 ClientToScreen
0x486aec CheckMenuItem
0x486af0 CallWindowProcA
0x486af4 CallNextHookEx
0x486af8 BeginPaint
0x486afc CharNextA
0x486b00 CharLowerBuffA
0x486b04 CharLowerA
0x486b08 CharToOemA
0x486b0c AdjustWindowRectEx
0x486b10 ActivateKeyboardLayout
gdi32.dll
0x486b18 UnrealizeObject
0x486b1c StretchBlt
0x486b20 SetWindowOrgEx
0x486b24 SetWinMetaFileBits
0x486b28 SetViewportOrgEx
0x486b2c SetTextColor
0x486b30 SetStretchBltMode
0x486b34 SetROP2
0x486b38 SetPixel
0x486b3c SetMapMode
0x486b40 SetEnhMetaFileBits
0x486b44 SetDIBColorTable
0x486b48 SetBrushOrgEx
0x486b4c SetBkMode
0x486b50 SetBkColor
0x486b54 SelectPalette
0x486b58 SelectObject
0x486b5c SelectClipRgn
0x486b60 SaveDC
0x486b64 RestoreDC
0x486b68 Rectangle
0x486b6c RectVisible
0x486b70 RealizePalette
0x486b74 PlayEnhMetaFile
0x486b78 PatBlt
0x486b7c MoveToEx
0x486b80 MaskBlt
0x486b84 LineTo
0x486b88 LPtoDP
0x486b8c IntersectClipRect
0x486b90 GetWindowOrgEx
0x486b94 GetWinMetaFileBits
0x486b98 GetTextMetricsA
0x486b9c GetTextExtentPoint32A
0x486ba0 GetSystemPaletteEntries
0x486ba4 GetStockObject
0x486ba8 GetRgnBox
0x486bac GetPixelFormat
0x486bb0 GetPixel
0x486bb4 GetPaletteEntries
0x486bb8 GetObjectA
0x486bbc GetEnhMetaFilePaletteEntries
0x486bc0 GetEnhMetaFileHeader
0x486bc4 GetEnhMetaFileDescriptionA
0x486bc8 GetEnhMetaFileBits
0x486bcc GetDeviceCaps
0x486bd0 GetDIBits
0x486bd4 GetDIBColorTable
0x486bd8 GetDCOrgEx
0x486bdc GetCurrentPositionEx
0x486be0 GetClipBox
0x486be4 GetBrushOrgEx
0x486be8 GetBitmapBits
0x486bec GdiFlush
0x486bf0 ExcludeClipRect
0x486bf4 DeleteObject
0x486bf8 DeleteEnhMetaFile
0x486bfc DeleteDC
0x486c00 CreateSolidBrush
0x486c04 CreatePenIndirect
0x486c08 CreatePalette
0x486c0c CreateHalftonePalette
0x486c10 CreateFontIndirectA
0x486c14 CreateEnhMetaFileA
0x486c18 CreateDIBitmap
0x486c1c CreateDIBSection
0x486c20 CreateCompatibleDC
0x486c24 CreateCompatibleBitmap
0x486c28 CreateBrushIndirect
0x486c2c CreateBitmap
0x486c30 CopyEnhMetaFileA
0x486c34 CloseEnhMetaFile
0x486c38 BitBlt
version.dll
0x486c40 VerQueryValueA
0x486c44 GetFileVersionInfoSizeA
0x486c48 GetFileVersionInfoA
kernel32.dll
0x486c50 lstrcpyA
0x486c54 WriteFile
0x486c58 WaitForSingleObject
0x486c5c VirtualQuery
0x486c60 VirtualProtect
0x486c64 VirtualAlloc
0x486c68 SizeofResource
0x486c6c SetThreadLocale
0x486c70 SetFilePointer
0x486c74 SetEvent
0x486c78 SetErrorMode
0x486c7c SetEndOfFile
0x486c80 ResetEvent
0x486c84 ReadFile
0x486c88 MultiByteToWideChar
0x486c8c MulDiv
0x486c90 LockResource
0x486c94 LoadResource
0x486c98 LoadLibraryA
0x486c9c LeaveCriticalSection
0x486ca0 InitializeCriticalSection
0x486ca4 GlobalUnlock
0x486ca8 GlobalSize
0x486cac GlobalLock
0x486cb0 GlobalFree
0x486cb4 GlobalFindAtomA
0x486cb8 GlobalDeleteAtom
0x486cbc GlobalAlloc
0x486cc0 GlobalAddAtomA
0x486cc4 GetVersionExA
0x486cc8 GetVersion
0x486ccc GetUserDefaultLCID
0x486cd0 GetTickCount
0x486cd4 GetThreadLocale
0x486cd8 GetStdHandle
0x486cdc GetProcAddress
0x486ce0 GetModuleHandleA
0x486ce4 GetModuleFileNameA
0x486ce8 GetLocaleInfoA
0x486cec GetLocalTime
0x486cf0 GetLastError
0x486cf4 GetFullPathNameA
0x486cf8 GetDiskFreeSpaceA
0x486cfc GetDateFormatA
0x486d00 GetCurrentThreadId
0x486d04 GetCurrentProcessId
0x486d08 GetCurrentProcess
0x486d0c GetCPInfo
0x486d10 FreeResource
0x486d14 InterlockedExchange
0x486d18 FreeLibrary
0x486d1c FormatMessageA
0x486d20 FlushInstructionCache
0x486d24 FindResourceA
0x486d28 EnumCalendarInfoA
0x486d2c EnterCriticalSection
0x486d30 DeleteCriticalSection
0x486d34 CreateThread
0x486d38 CreateFileA
0x486d3c CreateEventA
0x486d40 CompareStringA
0x486d44 CloseHandle
advapi32.dll
0x486d4c RegQueryValueExA
0x486d50 RegOpenKeyExA
0x486d54 RegFlushKey
0x486d58 RegCloseKey
oleaut32.dll
0x486d60 GetErrorInfo
0x486d64 SysFreeString
ole32.dll
0x486d6c CreateStreamOnHGlobal
0x486d70 IsAccelerator
0x486d74 OleDraw
0x486d78 OleSetMenuDescriptor
0x486d7c CoCreateInstance
0x486d80 CoGetClassObject
0x486d84 CoUninitialize
0x486d88 CoInitialize
0x486d8c IsEqualGUID
kernel32.dll
0x486d94 Sleep
oleaut32.dll
0x486d9c SafeArrayPtrOfIndex
0x486da0 SafeArrayGetUBound
0x486da4 SafeArrayGetLBound
0x486da8 SafeArrayCreate
0x486dac VariantChangeType
0x486db0 VariantCopy
0x486db4 VariantClear
0x486db8 VariantInit
comctl32.dll
0x486dc0 _TrackMouseEvent
0x486dc4 ImageList_SetIconSize
0x486dc8 ImageList_GetIconSize
0x486dcc ImageList_Write
0x486dd0 ImageList_Read
0x486dd4 ImageList_DragShowNolock
0x486dd8 ImageList_DragMove
0x486ddc ImageList_DragLeave
0x486de0 ImageList_DragEnter
0x486de4 ImageList_EndDrag
0x486de8 ImageList_BeginDrag
0x486dec ImageList_Remove
0x486df0 ImageList_DrawEx
0x486df4 ImageList_Draw
0x486df8 ImageList_GetBkColor
0x486dfc ImageList_SetBkColor
0x486e00 ImageList_Add
0x486e04 ImageList_GetImageCount
0x486e08 ImageList_Destroy
0x486e0c ImageList_Create
winhttp
0x486e14 WinHttpCheckPlatform
EAT(Export Address Table) is none