ScreenShot
| Created | 2021.10.20 11:34 | Machine | s1_win7_x6401 |
| Filename | .vbc.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 25 detected (malicious, high confidence, Unsafe, Save, ZelphiCO, jHW@aSfncNei, Delf, Eldorado, R002H0CJJ21, Fhqr, Remcos, UMal, cxceq@0, Phonzy, GenericRXAA, BScope, Noon, CrypterX, Generic@ML, RDML, DLViw, ES7n3LaC, poxgGxw, susgen, GenKryptik, DPIE, confidence, 100%) | ||
| md5 | 9261cdcf86933da34b74afa3da380bc3 | ||
| sha256 | 42e09f0e4d7ab0448e04d5d31fbc63cfb2df988f848853a5a149ff5454040184 | ||
| ssdeep | 12288:0xwB6jcB+VlDdNvGOLPs46HcqC9Q1LEYLtwauiAkupubMkkUshtgQowaI9hj8mey:Gr1bvGObs46nCmLJw5uwkPZwakpKhG | ||
| imphash | a410078918980fce320f92b4875de320 | ||
| impfuzzy | 192:33hNL1yT1f3buuaxSUvK9y3ooqERo7CPbOQH5:33T1yNaq9/yPbOQZ | ||
Network IP location
Signature (9cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 25 AntiVirus engines on VirusTotal as malicious |
| watch | Network activity contains more than one unique useragent |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Performs some HTTP requests |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | NPKI_Zero | File included NPKI | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (7cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
kernel32.dll
0x498154 DeleteCriticalSection
0x498158 LeaveCriticalSection
0x49815c EnterCriticalSection
0x498160 InitializeCriticalSection
0x498164 VirtualFree
0x498168 VirtualAlloc
0x49816c LocalFree
0x498170 LocalAlloc
0x498174 GetTickCount
0x498178 QueryPerformanceCounter
0x49817c GetVersion
0x498180 GetCurrentThreadId
0x498184 InterlockedDecrement
0x498188 InterlockedIncrement
0x49818c VirtualQuery
0x498190 WideCharToMultiByte
0x498194 MultiByteToWideChar
0x498198 lstrlenA
0x49819c lstrcpynA
0x4981a0 LoadLibraryExA
0x4981a4 GetThreadLocale
0x4981a8 GetStartupInfoA
0x4981ac GetProcAddress
0x4981b0 GetModuleHandleA
0x4981b4 GetModuleFileNameA
0x4981b8 GetLocaleInfoA
0x4981bc GetLastError
0x4981c0 GetCommandLineA
0x4981c4 FreeLibrary
0x4981c8 FindFirstFileA
0x4981cc FindClose
0x4981d0 ExitProcess
0x4981d4 WriteFile
0x4981d8 UnhandledExceptionFilter
0x4981dc SetFilePointer
0x4981e0 SetEndOfFile
0x4981e4 RtlUnwind
0x4981e8 ReadFile
0x4981ec RaiseException
0x4981f0 GetStdHandle
0x4981f4 GetFileSize
0x4981f8 GetFileType
0x4981fc CreateFileA
0x498200 CloseHandle
user32.dll
0x498208 GetKeyboardType
0x49820c LoadStringA
0x498210 MessageBoxA
0x498214 CharNextA
advapi32.dll
0x49821c RegQueryValueExA
0x498220 RegOpenKeyExA
0x498224 RegCloseKey
oleaut32.dll
0x49822c SysFreeString
0x498230 SysReAllocStringLen
0x498234 SysAllocStringLen
kernel32.dll
0x49823c TlsSetValue
0x498240 TlsGetValue
0x498244 LocalAlloc
0x498248 GetModuleHandleA
advapi32.dll
0x498250 RegQueryValueExA
0x498254 RegOpenKeyExA
0x498258 RegCloseKey
kernel32.dll
0x498260 lstrcpyA
0x498264 WriteFile
0x498268 WaitForSingleObject
0x49826c VirtualQuery
0x498270 VirtualProtect
0x498274 VirtualAlloc
0x498278 Sleep
0x49827c SizeofResource
0x498280 SetThreadLocale
0x498284 SetFilePointer
0x498288 SetEvent
0x49828c SetErrorMode
0x498290 SetEndOfFile
0x498294 ResetEvent
0x498298 ReadFile
0x49829c MultiByteToWideChar
0x4982a0 MulDiv
0x4982a4 LockResource
0x4982a8 LoadResource
0x4982ac LoadLibraryA
0x4982b0 LeaveCriticalSection
0x4982b4 InitializeCriticalSection
0x4982b8 GlobalUnlock
0x4982bc GlobalReAlloc
0x4982c0 GlobalHandle
0x4982c4 GlobalLock
0x4982c8 GlobalFree
0x4982cc GlobalFindAtomA
0x4982d0 GlobalDeleteAtom
0x4982d4 GlobalAlloc
0x4982d8 GlobalAddAtomA
0x4982dc GetVersionExA
0x4982e0 GetVersion
0x4982e4 GetTickCount
0x4982e8 GetThreadLocale
0x4982ec GetSystemInfo
0x4982f0 GetStringTypeExA
0x4982f4 GetStdHandle
0x4982f8 GetProcAddress
0x4982fc GetModuleHandleA
0x498300 GetModuleFileNameA
0x498304 GetLocaleInfoA
0x498308 GetLocalTime
0x49830c GetLastError
0x498310 GetFullPathNameA
0x498314 GetDiskFreeSpaceA
0x498318 GetDateFormatA
0x49831c GetCurrentThreadId
0x498320 GetCurrentProcessId
0x498324 GetCurrentProcess
0x498328 GetComputerNameA
0x49832c GetCPInfo
0x498330 GetACP
0x498334 FreeResource
0x498338 InterlockedIncrement
0x49833c InterlockedExchange
0x498340 InterlockedDecrement
0x498344 FreeLibrary
0x498348 FormatMessageA
0x49834c FlushInstructionCache
0x498350 FindResourceA
0x498354 FindFirstFileA
0x498358 FindClose
0x49835c FileTimeToLocalFileTime
0x498360 FileTimeToDosDateTime
0x498364 EnumCalendarInfoA
0x498368 EnterCriticalSection
0x49836c DeleteFileA
0x498370 DeleteCriticalSection
0x498374 CreateThread
0x498378 CreateFileA
0x49837c CreateEventA
0x498380 CompareStringA
0x498384 CloseHandle
version.dll
0x49838c VerQueryValueA
0x498390 GetFileVersionInfoSizeA
0x498394 GetFileVersionInfoA
gdi32.dll
0x49839c UnrealizeObject
0x4983a0 StretchBlt
0x4983a4 SetWindowOrgEx
0x4983a8 SetWinMetaFileBits
0x4983ac SetViewportOrgEx
0x4983b0 SetTextColor
0x4983b4 SetStretchBltMode
0x4983b8 SetROP2
0x4983bc SetPixel
0x4983c0 SetEnhMetaFileBits
0x4983c4 SetDIBColorTable
0x4983c8 SetBrushOrgEx
0x4983cc SetBkMode
0x4983d0 SetBkColor
0x4983d4 SelectPalette
0x4983d8 SelectObject
0x4983dc SaveDC
0x4983e0 RestoreDC
0x4983e4 Rectangle
0x4983e8 RectVisible
0x4983ec RealizePalette
0x4983f0 Polyline
0x4983f4 Polygon
0x4983f8 PlayEnhMetaFile
0x4983fc PatBlt
0x498400 MoveToEx
0x498404 MaskBlt
0x498408 LineTo
0x49840c IntersectClipRect
0x498410 GetWindowOrgEx
0x498414 GetWinMetaFileBits
0x498418 GetTextMetricsA
0x49841c GetTextExtentPointA
0x498420 GetTextExtentPoint32A
0x498424 GetSystemPaletteEntries
0x498428 GetStockObject
0x49842c GetPixel
0x498430 GetPaletteEntries
0x498434 GetObjectA
0x498438 GetMapMode
0x49843c GetEnhMetaFilePaletteEntries
0x498440 GetEnhMetaFileHeader
0x498444 GetEnhMetaFileBits
0x498448 GetDeviceCaps
0x49844c GetDIBits
0x498450 GetDIBColorTable
0x498454 GetDCOrgEx
0x498458 GetDCPenColor
0x49845c GetCurrentPositionEx
0x498460 GetClipBox
0x498464 GetBrushOrgEx
0x498468 GetBitmapBits
0x49846c GdiFlush
0x498470 ExcludeClipRect
0x498474 DeleteObject
0x498478 DeleteEnhMetaFile
0x49847c DeleteDC
0x498480 CreateSolidBrush
0x498484 CreatePenIndirect
0x498488 CreatePalette
0x49848c CreateHalftonePalette
0x498490 CreateFontIndirectA
0x498494 CreateDIBitmap
0x498498 CreateDIBSection
0x49849c CreateCompatibleDC
0x4984a0 CreateCompatibleBitmap
0x4984a4 CreateBrushIndirect
0x4984a8 CreateBitmap
0x4984ac CopyEnhMetaFileA
0x4984b0 BitBlt
user32.dll
0x4984b8 CreateWindowExA
0x4984bc WindowFromPoint
0x4984c0 WinHelpA
0x4984c4 WaitMessage
0x4984c8 UpdateWindow
0x4984cc UnregisterClassA
0x4984d0 UnhookWindowsHookEx
0x4984d4 TranslateMessage
0x4984d8 TranslateMDISysAccel
0x4984dc TrackPopupMenu
0x4984e0 SystemParametersInfoA
0x4984e4 ShowWindow
0x4984e8 ShowScrollBar
0x4984ec ShowOwnedPopups
0x4984f0 ShowCursor
0x4984f4 ShowCaret
0x4984f8 SetWindowsHookExA
0x4984fc SetWindowTextA
0x498500 SetWindowPos
0x498504 SetWindowPlacement
0x498508 SetWindowLongA
0x49850c SetTimer
0x498510 SetScrollRange
0x498514 SetScrollPos
0x498518 SetScrollInfo
0x49851c SetRect
0x498520 SetPropA
0x498524 SetParent
0x498528 SetMenuItemInfoA
0x49852c SetMenu
0x498530 SetForegroundWindow
0x498534 SetFocus
0x498538 SetCursor
0x49853c SetClipboardData
0x498540 SetClassLongA
0x498544 SetCapture
0x498548 SetActiveWindow
0x49854c SendMessageA
0x498550 ScrollWindow
0x498554 ScreenToClient
0x498558 RemovePropA
0x49855c RemoveMenu
0x498560 ReleaseDC
0x498564 ReleaseCapture
0x498568 RegisterWindowMessageA
0x49856c RegisterClipboardFormatA
0x498570 RegisterClassA
0x498574 RedrawWindow
0x498578 PtInRect
0x49857c PostQuitMessage
0x498580 PostMessageA
0x498584 PeekMessageA
0x498588 OpenClipboard
0x49858c OffsetRect
0x498590 OemToCharA
0x498594 MessageBoxA
0x498598 MessageBeep
0x49859c MapWindowPoints
0x4985a0 MapVirtualKeyA
0x4985a4 LoadStringA
0x4985a8 LoadKeyboardLayoutA
0x4985ac LoadIconA
0x4985b0 LoadCursorA
0x4985b4 LoadBitmapA
0x4985b8 KillTimer
0x4985bc IsZoomed
0x4985c0 IsWindowVisible
0x4985c4 IsWindowEnabled
0x4985c8 IsWindow
0x4985cc IsRectEmpty
0x4985d0 IsIconic
0x4985d4 IsDialogMessageA
0x4985d8 IsChild
0x4985dc InvalidateRect
0x4985e0 IntersectRect
0x4985e4 InsertMenuItemA
0x4985e8 InsertMenuA
0x4985ec InflateRect
0x4985f0 HideCaret
0x4985f4 GetWindowThreadProcessId
0x4985f8 GetWindowTextA
0x4985fc GetWindowRect
0x498600 GetWindowPlacement
0x498604 GetWindowLongA
0x498608 GetWindowDC
0x49860c GetTopWindow
0x498610 GetSystemMetrics
0x498614 GetSystemMenu
0x498618 GetSysColorBrush
0x49861c GetSysColor
0x498620 GetSubMenu
0x498624 GetScrollRange
0x498628 GetScrollPos
0x49862c GetScrollInfo
0x498630 GetPropA
0x498634 GetParent
0x498638 GetWindow
0x49863c GetMenuStringA
0x498640 GetMenuState
0x498644 GetMenuItemInfoA
0x498648 GetMenuItemID
0x49864c GetMenuItemCount
0x498650 GetMenu
0x498654 GetLastActivePopup
0x498658 GetKeyboardState
0x49865c GetKeyboardLayoutList
0x498660 GetKeyboardLayout
0x498664 GetKeyState
0x498668 GetKeyNameTextA
0x49866c GetIconInfo
0x498670 GetForegroundWindow
0x498674 GetFocus
0x498678 GetDesktopWindow
0x49867c GetDCEx
0x498680 GetDC
0x498684 GetCursorPos
0x498688 GetCursor
0x49868c GetClipboardData
0x498690 GetClientRect
0x498694 GetClassNameA
0x498698 GetClassInfoA
0x49869c GetCapture
0x4986a0 GetActiveWindow
0x4986a4 FrameRect
0x4986a8 FindWindowA
0x4986ac FillRect
0x4986b0 EqualRect
0x4986b4 EnumWindows
0x4986b8 EnumThreadWindows
0x4986bc EndPaint
0x4986c0 EnableWindow
0x4986c4 EnableScrollBar
0x4986c8 EnableMenuItem
0x4986cc EmptyClipboard
0x4986d0 DrawTextA
0x4986d4 DrawStateA
0x4986d8 DrawMenuBar
0x4986dc DrawIconEx
0x4986e0 DrawIcon
0x4986e4 DrawFrameControl
0x4986e8 DrawEdge
0x4986ec DispatchMessageA
0x4986f0 DestroyWindow
0x4986f4 DestroyMenu
0x4986f8 DestroyIcon
0x4986fc DestroyCursor
0x498700 DeleteMenu
0x498704 DefWindowProcA
0x498708 DefMDIChildProcA
0x49870c DefFrameProcA
0x498710 CreatePopupMenu
0x498714 CreateMenu
0x498718 CreateIcon
0x49871c CloseClipboard
0x498720 ClientToScreen
0x498724 CheckMenuItem
0x498728 CallWindowProcA
0x49872c CallNextHookEx
0x498730 BeginPaint
0x498734 CharNextA
0x498738 CharLowerBuffA
0x49873c CharLowerA
0x498740 CharUpperBuffA
0x498744 CharToOemA
0x498748 AdjustWindowRectEx
0x49874c ActivateKeyboardLayout
kernel32.dll
0x498754 Sleep
oleaut32.dll
0x49875c SafeArrayPtrOfIndex
0x498760 SafeArrayPutElement
0x498764 SafeArrayGetElement
0x498768 SafeArrayUnaccessData
0x49876c SafeArrayAccessData
0x498770 SafeArrayGetUBound
0x498774 SafeArrayGetLBound
0x498778 SafeArrayCreate
0x49877c VariantChangeType
0x498780 VariantCopyInd
0x498784 VariantCopy
0x498788 VariantClear
0x49878c VariantInit
ole32.dll
0x498794 CoTaskMemFree
0x498798 ProgIDFromCLSID
0x49879c StringFromCLSID
0x4987a0 CoCreateInstance
0x4987a4 CoUninitialize
0x4987a8 CoInitialize
0x4987ac IsEqualGUID
oleaut32.dll
0x4987b4 CreateErrorInfo
0x4987b8 GetErrorInfo
0x4987bc SetErrorInfo
0x4987c0 GetActiveObject
0x4987c4 SysFreeString
comctl32.dll
0x4987cc ImageList_SetIconSize
0x4987d0 ImageList_GetIconSize
0x4987d4 ImageList_Write
0x4987d8 ImageList_Read
0x4987dc ImageList_GetDragImage
0x4987e0 ImageList_DragShowNolock
0x4987e4 ImageList_SetDragCursorImage
0x4987e8 ImageList_DragMove
0x4987ec ImageList_DragLeave
0x4987f0 ImageList_DragEnter
0x4987f4 ImageList_EndDrag
0x4987f8 ImageList_BeginDrag
0x4987fc ImageList_Remove
0x498800 ImageList_DrawEx
0x498804 ImageList_Replace
0x498808 ImageList_Draw
0x49880c ImageList_GetBkColor
0x498810 ImageList_SetBkColor
0x498814 ImageList_ReplaceIcon
0x498818 ImageList_Add
0x49881c ImageList_SetImageCount
0x498820 ImageList_GetImageCount
0x498824 ImageList_Destroy
0x498828 ImageList_Create
winmm.dll
0x498830 sndPlaySoundA
EAT(Export Address Table) is none
kernel32.dll
0x498154 DeleteCriticalSection
0x498158 LeaveCriticalSection
0x49815c EnterCriticalSection
0x498160 InitializeCriticalSection
0x498164 VirtualFree
0x498168 VirtualAlloc
0x49816c LocalFree
0x498170 LocalAlloc
0x498174 GetTickCount
0x498178 QueryPerformanceCounter
0x49817c GetVersion
0x498180 GetCurrentThreadId
0x498184 InterlockedDecrement
0x498188 InterlockedIncrement
0x49818c VirtualQuery
0x498190 WideCharToMultiByte
0x498194 MultiByteToWideChar
0x498198 lstrlenA
0x49819c lstrcpynA
0x4981a0 LoadLibraryExA
0x4981a4 GetThreadLocale
0x4981a8 GetStartupInfoA
0x4981ac GetProcAddress
0x4981b0 GetModuleHandleA
0x4981b4 GetModuleFileNameA
0x4981b8 GetLocaleInfoA
0x4981bc GetLastError
0x4981c0 GetCommandLineA
0x4981c4 FreeLibrary
0x4981c8 FindFirstFileA
0x4981cc FindClose
0x4981d0 ExitProcess
0x4981d4 WriteFile
0x4981d8 UnhandledExceptionFilter
0x4981dc SetFilePointer
0x4981e0 SetEndOfFile
0x4981e4 RtlUnwind
0x4981e8 ReadFile
0x4981ec RaiseException
0x4981f0 GetStdHandle
0x4981f4 GetFileSize
0x4981f8 GetFileType
0x4981fc CreateFileA
0x498200 CloseHandle
user32.dll
0x498208 GetKeyboardType
0x49820c LoadStringA
0x498210 MessageBoxA
0x498214 CharNextA
advapi32.dll
0x49821c RegQueryValueExA
0x498220 RegOpenKeyExA
0x498224 RegCloseKey
oleaut32.dll
0x49822c SysFreeString
0x498230 SysReAllocStringLen
0x498234 SysAllocStringLen
kernel32.dll
0x49823c TlsSetValue
0x498240 TlsGetValue
0x498244 LocalAlloc
0x498248 GetModuleHandleA
advapi32.dll
0x498250 RegQueryValueExA
0x498254 RegOpenKeyExA
0x498258 RegCloseKey
kernel32.dll
0x498260 lstrcpyA
0x498264 WriteFile
0x498268 WaitForSingleObject
0x49826c VirtualQuery
0x498270 VirtualProtect
0x498274 VirtualAlloc
0x498278 Sleep
0x49827c SizeofResource
0x498280 SetThreadLocale
0x498284 SetFilePointer
0x498288 SetEvent
0x49828c SetErrorMode
0x498290 SetEndOfFile
0x498294 ResetEvent
0x498298 ReadFile
0x49829c MultiByteToWideChar
0x4982a0 MulDiv
0x4982a4 LockResource
0x4982a8 LoadResource
0x4982ac LoadLibraryA
0x4982b0 LeaveCriticalSection
0x4982b4 InitializeCriticalSection
0x4982b8 GlobalUnlock
0x4982bc GlobalReAlloc
0x4982c0 GlobalHandle
0x4982c4 GlobalLock
0x4982c8 GlobalFree
0x4982cc GlobalFindAtomA
0x4982d0 GlobalDeleteAtom
0x4982d4 GlobalAlloc
0x4982d8 GlobalAddAtomA
0x4982dc GetVersionExA
0x4982e0 GetVersion
0x4982e4 GetTickCount
0x4982e8 GetThreadLocale
0x4982ec GetSystemInfo
0x4982f0 GetStringTypeExA
0x4982f4 GetStdHandle
0x4982f8 GetProcAddress
0x4982fc GetModuleHandleA
0x498300 GetModuleFileNameA
0x498304 GetLocaleInfoA
0x498308 GetLocalTime
0x49830c GetLastError
0x498310 GetFullPathNameA
0x498314 GetDiskFreeSpaceA
0x498318 GetDateFormatA
0x49831c GetCurrentThreadId
0x498320 GetCurrentProcessId
0x498324 GetCurrentProcess
0x498328 GetComputerNameA
0x49832c GetCPInfo
0x498330 GetACP
0x498334 FreeResource
0x498338 InterlockedIncrement
0x49833c InterlockedExchange
0x498340 InterlockedDecrement
0x498344 FreeLibrary
0x498348 FormatMessageA
0x49834c FlushInstructionCache
0x498350 FindResourceA
0x498354 FindFirstFileA
0x498358 FindClose
0x49835c FileTimeToLocalFileTime
0x498360 FileTimeToDosDateTime
0x498364 EnumCalendarInfoA
0x498368 EnterCriticalSection
0x49836c DeleteFileA
0x498370 DeleteCriticalSection
0x498374 CreateThread
0x498378 CreateFileA
0x49837c CreateEventA
0x498380 CompareStringA
0x498384 CloseHandle
version.dll
0x49838c VerQueryValueA
0x498390 GetFileVersionInfoSizeA
0x498394 GetFileVersionInfoA
gdi32.dll
0x49839c UnrealizeObject
0x4983a0 StretchBlt
0x4983a4 SetWindowOrgEx
0x4983a8 SetWinMetaFileBits
0x4983ac SetViewportOrgEx
0x4983b0 SetTextColor
0x4983b4 SetStretchBltMode
0x4983b8 SetROP2
0x4983bc SetPixel
0x4983c0 SetEnhMetaFileBits
0x4983c4 SetDIBColorTable
0x4983c8 SetBrushOrgEx
0x4983cc SetBkMode
0x4983d0 SetBkColor
0x4983d4 SelectPalette
0x4983d8 SelectObject
0x4983dc SaveDC
0x4983e0 RestoreDC
0x4983e4 Rectangle
0x4983e8 RectVisible
0x4983ec RealizePalette
0x4983f0 Polyline
0x4983f4 Polygon
0x4983f8 PlayEnhMetaFile
0x4983fc PatBlt
0x498400 MoveToEx
0x498404 MaskBlt
0x498408 LineTo
0x49840c IntersectClipRect
0x498410 GetWindowOrgEx
0x498414 GetWinMetaFileBits
0x498418 GetTextMetricsA
0x49841c GetTextExtentPointA
0x498420 GetTextExtentPoint32A
0x498424 GetSystemPaletteEntries
0x498428 GetStockObject
0x49842c GetPixel
0x498430 GetPaletteEntries
0x498434 GetObjectA
0x498438 GetMapMode
0x49843c GetEnhMetaFilePaletteEntries
0x498440 GetEnhMetaFileHeader
0x498444 GetEnhMetaFileBits
0x498448 GetDeviceCaps
0x49844c GetDIBits
0x498450 GetDIBColorTable
0x498454 GetDCOrgEx
0x498458 GetDCPenColor
0x49845c GetCurrentPositionEx
0x498460 GetClipBox
0x498464 GetBrushOrgEx
0x498468 GetBitmapBits
0x49846c GdiFlush
0x498470 ExcludeClipRect
0x498474 DeleteObject
0x498478 DeleteEnhMetaFile
0x49847c DeleteDC
0x498480 CreateSolidBrush
0x498484 CreatePenIndirect
0x498488 CreatePalette
0x49848c CreateHalftonePalette
0x498490 CreateFontIndirectA
0x498494 CreateDIBitmap
0x498498 CreateDIBSection
0x49849c CreateCompatibleDC
0x4984a0 CreateCompatibleBitmap
0x4984a4 CreateBrushIndirect
0x4984a8 CreateBitmap
0x4984ac CopyEnhMetaFileA
0x4984b0 BitBlt
user32.dll
0x4984b8 CreateWindowExA
0x4984bc WindowFromPoint
0x4984c0 WinHelpA
0x4984c4 WaitMessage
0x4984c8 UpdateWindow
0x4984cc UnregisterClassA
0x4984d0 UnhookWindowsHookEx
0x4984d4 TranslateMessage
0x4984d8 TranslateMDISysAccel
0x4984dc TrackPopupMenu
0x4984e0 SystemParametersInfoA
0x4984e4 ShowWindow
0x4984e8 ShowScrollBar
0x4984ec ShowOwnedPopups
0x4984f0 ShowCursor
0x4984f4 ShowCaret
0x4984f8 SetWindowsHookExA
0x4984fc SetWindowTextA
0x498500 SetWindowPos
0x498504 SetWindowPlacement
0x498508 SetWindowLongA
0x49850c SetTimer
0x498510 SetScrollRange
0x498514 SetScrollPos
0x498518 SetScrollInfo
0x49851c SetRect
0x498520 SetPropA
0x498524 SetParent
0x498528 SetMenuItemInfoA
0x49852c SetMenu
0x498530 SetForegroundWindow
0x498534 SetFocus
0x498538 SetCursor
0x49853c SetClipboardData
0x498540 SetClassLongA
0x498544 SetCapture
0x498548 SetActiveWindow
0x49854c SendMessageA
0x498550 ScrollWindow
0x498554 ScreenToClient
0x498558 RemovePropA
0x49855c RemoveMenu
0x498560 ReleaseDC
0x498564 ReleaseCapture
0x498568 RegisterWindowMessageA
0x49856c RegisterClipboardFormatA
0x498570 RegisterClassA
0x498574 RedrawWindow
0x498578 PtInRect
0x49857c PostQuitMessage
0x498580 PostMessageA
0x498584 PeekMessageA
0x498588 OpenClipboard
0x49858c OffsetRect
0x498590 OemToCharA
0x498594 MessageBoxA
0x498598 MessageBeep
0x49859c MapWindowPoints
0x4985a0 MapVirtualKeyA
0x4985a4 LoadStringA
0x4985a8 LoadKeyboardLayoutA
0x4985ac LoadIconA
0x4985b0 LoadCursorA
0x4985b4 LoadBitmapA
0x4985b8 KillTimer
0x4985bc IsZoomed
0x4985c0 IsWindowVisible
0x4985c4 IsWindowEnabled
0x4985c8 IsWindow
0x4985cc IsRectEmpty
0x4985d0 IsIconic
0x4985d4 IsDialogMessageA
0x4985d8 IsChild
0x4985dc InvalidateRect
0x4985e0 IntersectRect
0x4985e4 InsertMenuItemA
0x4985e8 InsertMenuA
0x4985ec InflateRect
0x4985f0 HideCaret
0x4985f4 GetWindowThreadProcessId
0x4985f8 GetWindowTextA
0x4985fc GetWindowRect
0x498600 GetWindowPlacement
0x498604 GetWindowLongA
0x498608 GetWindowDC
0x49860c GetTopWindow
0x498610 GetSystemMetrics
0x498614 GetSystemMenu
0x498618 GetSysColorBrush
0x49861c GetSysColor
0x498620 GetSubMenu
0x498624 GetScrollRange
0x498628 GetScrollPos
0x49862c GetScrollInfo
0x498630 GetPropA
0x498634 GetParent
0x498638 GetWindow
0x49863c GetMenuStringA
0x498640 GetMenuState
0x498644 GetMenuItemInfoA
0x498648 GetMenuItemID
0x49864c GetMenuItemCount
0x498650 GetMenu
0x498654 GetLastActivePopup
0x498658 GetKeyboardState
0x49865c GetKeyboardLayoutList
0x498660 GetKeyboardLayout
0x498664 GetKeyState
0x498668 GetKeyNameTextA
0x49866c GetIconInfo
0x498670 GetForegroundWindow
0x498674 GetFocus
0x498678 GetDesktopWindow
0x49867c GetDCEx
0x498680 GetDC
0x498684 GetCursorPos
0x498688 GetCursor
0x49868c GetClipboardData
0x498690 GetClientRect
0x498694 GetClassNameA
0x498698 GetClassInfoA
0x49869c GetCapture
0x4986a0 GetActiveWindow
0x4986a4 FrameRect
0x4986a8 FindWindowA
0x4986ac FillRect
0x4986b0 EqualRect
0x4986b4 EnumWindows
0x4986b8 EnumThreadWindows
0x4986bc EndPaint
0x4986c0 EnableWindow
0x4986c4 EnableScrollBar
0x4986c8 EnableMenuItem
0x4986cc EmptyClipboard
0x4986d0 DrawTextA
0x4986d4 DrawStateA
0x4986d8 DrawMenuBar
0x4986dc DrawIconEx
0x4986e0 DrawIcon
0x4986e4 DrawFrameControl
0x4986e8 DrawEdge
0x4986ec DispatchMessageA
0x4986f0 DestroyWindow
0x4986f4 DestroyMenu
0x4986f8 DestroyIcon
0x4986fc DestroyCursor
0x498700 DeleteMenu
0x498704 DefWindowProcA
0x498708 DefMDIChildProcA
0x49870c DefFrameProcA
0x498710 CreatePopupMenu
0x498714 CreateMenu
0x498718 CreateIcon
0x49871c CloseClipboard
0x498720 ClientToScreen
0x498724 CheckMenuItem
0x498728 CallWindowProcA
0x49872c CallNextHookEx
0x498730 BeginPaint
0x498734 CharNextA
0x498738 CharLowerBuffA
0x49873c CharLowerA
0x498740 CharUpperBuffA
0x498744 CharToOemA
0x498748 AdjustWindowRectEx
0x49874c ActivateKeyboardLayout
kernel32.dll
0x498754 Sleep
oleaut32.dll
0x49875c SafeArrayPtrOfIndex
0x498760 SafeArrayPutElement
0x498764 SafeArrayGetElement
0x498768 SafeArrayUnaccessData
0x49876c SafeArrayAccessData
0x498770 SafeArrayGetUBound
0x498774 SafeArrayGetLBound
0x498778 SafeArrayCreate
0x49877c VariantChangeType
0x498780 VariantCopyInd
0x498784 VariantCopy
0x498788 VariantClear
0x49878c VariantInit
ole32.dll
0x498794 CoTaskMemFree
0x498798 ProgIDFromCLSID
0x49879c StringFromCLSID
0x4987a0 CoCreateInstance
0x4987a4 CoUninitialize
0x4987a8 CoInitialize
0x4987ac IsEqualGUID
oleaut32.dll
0x4987b4 CreateErrorInfo
0x4987b8 GetErrorInfo
0x4987bc SetErrorInfo
0x4987c0 GetActiveObject
0x4987c4 SysFreeString
comctl32.dll
0x4987cc ImageList_SetIconSize
0x4987d0 ImageList_GetIconSize
0x4987d4 ImageList_Write
0x4987d8 ImageList_Read
0x4987dc ImageList_GetDragImage
0x4987e0 ImageList_DragShowNolock
0x4987e4 ImageList_SetDragCursorImage
0x4987e8 ImageList_DragMove
0x4987ec ImageList_DragLeave
0x4987f0 ImageList_DragEnter
0x4987f4 ImageList_EndDrag
0x4987f8 ImageList_BeginDrag
0x4987fc ImageList_Remove
0x498800 ImageList_DrawEx
0x498804 ImageList_Replace
0x498808 ImageList_Draw
0x49880c ImageList_GetBkColor
0x498810 ImageList_SetBkColor
0x498814 ImageList_ReplaceIcon
0x498818 ImageList_Add
0x49881c ImageList_SetImageCount
0x498820 ImageList_GetImageCount
0x498824 ImageList_Destroy
0x498828 ImageList_Create
winmm.dll
0x498830 sndPlaySoundA
EAT(Export Address Table) is none