ScreenShot
| Created | 2021.10.23 09:49 | Machine | s1_win7_x6401 |
| Filename | vbc.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 26 detected (malicious, high confidence, Artemis, Unsafe, Save, confidence, 100%, Delf, Eldorado, EQIH, Convagent, PWSX, Outbreak, Phonzy, score, ZelphiCO, QGW@aygMNHpi, R002H0CJM21, Generic@ML, RDML, Otp6Z6kVVnUxy39Rm846Tw, Static AI, Suspicious PE, susgen, EQAB) | ||
| md5 | 34df0e4d3d5863b1a86489be85a045aa | ||
| sha256 | b3bc74c1f3673da08a95775af5f39dd116a249d8a7e597fcd8bb56e07ae3bcd2 | ||
| ssdeep | 12288:EdO8lwYc+Plun+IBTid8obF+OCefbtaKuRmDI:EUOTPlun+zdRaYbOF | ||
| imphash | 7c956dad9ea202d643355dc7895aa9c5 | ||
| impfuzzy | 192:33NSQBL1O//pbuuAxSUvK9/qo4qEXo7CPbOQv1F:33d1uAq9J4PbOQ3 | ||
Network IP location
Signature (10cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 26 AntiVirus engines on VirusTotal as malicious |
| watch | Network activity contains more than one unique useragent |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Performs some HTTP requests |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (7cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
kernel32.dll
0x49b168 DeleteCriticalSection
0x49b16c LeaveCriticalSection
0x49b170 EnterCriticalSection
0x49b174 InitializeCriticalSection
0x49b178 VirtualFree
0x49b17c VirtualAlloc
0x49b180 LocalFree
0x49b184 LocalAlloc
0x49b188 GetTickCount
0x49b18c QueryPerformanceCounter
0x49b190 GetVersion
0x49b194 GetCurrentThreadId
0x49b198 InterlockedDecrement
0x49b19c InterlockedIncrement
0x49b1a0 VirtualQuery
0x49b1a4 WideCharToMultiByte
0x49b1a8 MultiByteToWideChar
0x49b1ac lstrlenA
0x49b1b0 lstrcpynA
0x49b1b4 LoadLibraryExA
0x49b1b8 GetThreadLocale
0x49b1bc GetStartupInfoA
0x49b1c0 GetProcAddress
0x49b1c4 GetModuleHandleA
0x49b1c8 GetModuleFileNameA
0x49b1cc GetLocaleInfoA
0x49b1d0 GetCommandLineA
0x49b1d4 FreeLibrary
0x49b1d8 FindFirstFileA
0x49b1dc FindClose
0x49b1e0 ExitProcess
0x49b1e4 ExitThread
0x49b1e8 CreateThread
0x49b1ec WriteFile
0x49b1f0 UnhandledExceptionFilter
0x49b1f4 RtlUnwind
0x49b1f8 RaiseException
0x49b1fc GetStdHandle
user32.dll
0x49b204 GetKeyboardType
0x49b208 LoadStringA
0x49b20c MessageBoxA
0x49b210 CharNextA
advapi32.dll
0x49b218 RegQueryValueExA
0x49b21c RegOpenKeyExA
0x49b220 RegCloseKey
oleaut32.dll
0x49b228 SysFreeString
0x49b22c SysReAllocStringLen
0x49b230 SysAllocStringLen
kernel32.dll
0x49b238 TlsSetValue
0x49b23c TlsGetValue
0x49b240 LocalAlloc
0x49b244 GetModuleHandleA
advapi32.dll
0x49b24c ReportEventA
0x49b250 RegisterEventSourceA
0x49b254 RegQueryValueExA
0x49b258 RegOpenKeyExA
0x49b25c RegCloseKey
0x49b260 DeregisterEventSource
kernel32.dll
0x49b268 lstrcpyA
0x49b26c WriteFile
0x49b270 WaitForSingleObject
0x49b274 VirtualQuery
0x49b278 VirtualProtect
0x49b27c VirtualAlloc
0x49b280 SuspendThread
0x49b284 Sleep
0x49b288 SizeofResource
0x49b28c SetThreadLocale
0x49b290 SetFilePointer
0x49b294 SetEvent
0x49b298 SetErrorMode
0x49b29c SetEndOfFile
0x49b2a0 ResumeThread
0x49b2a4 ResetEvent
0x49b2a8 ReadFile
0x49b2ac MultiByteToWideChar
0x49b2b0 MulDiv
0x49b2b4 LockResource
0x49b2b8 LoadResource
0x49b2bc LoadLibraryA
0x49b2c0 LeaveCriticalSection
0x49b2c4 InitializeCriticalSection
0x49b2c8 GlobalUnlock
0x49b2cc GlobalReAlloc
0x49b2d0 GlobalHandle
0x49b2d4 GlobalLock
0x49b2d8 GlobalFree
0x49b2dc GlobalFindAtomA
0x49b2e0 GlobalDeleteAtom
0x49b2e4 GlobalAlloc
0x49b2e8 GlobalAddAtomA
0x49b2ec GetVersionExA
0x49b2f0 GetVersion
0x49b2f4 GetTickCount
0x49b2f8 GetThreadLocale
0x49b2fc GetSystemInfo
0x49b300 GetStringTypeExA
0x49b304 GetStdHandle
0x49b308 GetProcAddress
0x49b30c GetModuleHandleA
0x49b310 GetModuleFileNameA
0x49b314 GetLocaleInfoA
0x49b318 GetLocalTime
0x49b31c GetLastError
0x49b320 GetFullPathNameA
0x49b324 GetExitCodeThread
0x49b328 GetDiskFreeSpaceA
0x49b32c GetDateFormatA
0x49b330 GetCurrentThreadId
0x49b334 GetCurrentProcessId
0x49b338 GetCurrentProcess
0x49b33c GetComputerNameA
0x49b340 GetCPInfo
0x49b344 GetACP
0x49b348 FreeResource
0x49b34c InterlockedIncrement
0x49b350 InterlockedExchange
0x49b354 InterlockedDecrement
0x49b358 FreeLibrary
0x49b35c FormatMessageA
0x49b360 FlushInstructionCache
0x49b364 FindResourceA
0x49b368 EnumCalendarInfoA
0x49b36c EnterCriticalSection
0x49b370 DeleteCriticalSection
0x49b374 CreateThread
0x49b378 CreateFileA
0x49b37c CreateEventA
0x49b380 CompareStringA
0x49b384 CloseHandle
version.dll
0x49b38c VerQueryValueA
0x49b390 GetFileVersionInfoSizeA
0x49b394 GetFileVersionInfoA
gdi32.dll
0x49b39c UnrealizeObject
0x49b3a0 StretchBlt
0x49b3a4 SetWindowOrgEx
0x49b3a8 SetWinMetaFileBits
0x49b3ac SetViewportOrgEx
0x49b3b0 SetTextColor
0x49b3b4 SetStretchBltMode
0x49b3b8 SetROP2
0x49b3bc SetPixel
0x49b3c0 SetEnhMetaFileBits
0x49b3c4 SetDIBColorTable
0x49b3c8 SetBrushOrgEx
0x49b3cc SetBkMode
0x49b3d0 SetBkColor
0x49b3d4 SelectPalette
0x49b3d8 SelectObject
0x49b3dc SaveDC
0x49b3e0 RestoreDC
0x49b3e4 Rectangle
0x49b3e8 RectVisible
0x49b3ec RealizePalette
0x49b3f0 PlayEnhMetaFile
0x49b3f4 PatBlt
0x49b3f8 MoveToEx
0x49b3fc MaskBlt
0x49b400 LineTo
0x49b404 IntersectClipRect
0x49b408 GetWindowOrgEx
0x49b40c GetWinMetaFileBits
0x49b410 GetTextMetricsA
0x49b414 GetTextExtentPointA
0x49b418 GetTextExtentPoint32A
0x49b41c GetSystemPaletteEntries
0x49b420 GetStockObject
0x49b424 GetPixel
0x49b428 GetPaletteEntries
0x49b42c GetObjectA
0x49b430 GetEnhMetaFilePaletteEntries
0x49b434 GetEnhMetaFileHeader
0x49b438 GetEnhMetaFileBits
0x49b43c GetDeviceCaps
0x49b440 GetDIBits
0x49b444 GetDIBColorTable
0x49b448 GetDCOrgEx
0x49b44c GetCurrentPositionEx
0x49b450 GetClipBox
0x49b454 GetBrushOrgEx
0x49b458 GetBitmapBits
0x49b45c GdiFlush
0x49b460 ExcludeClipRect
0x49b464 DeleteObject
0x49b468 DeleteEnhMetaFile
0x49b46c DeleteDC
0x49b470 CreateSolidBrush
0x49b474 CreatePenIndirect
0x49b478 CreatePalette
0x49b47c CreateHalftonePalette
0x49b480 CreateFontIndirectA
0x49b484 CreateDIBitmap
0x49b488 CreateDIBSection
0x49b48c CreateCompatibleDC
0x49b490 CreateCompatibleBitmap
0x49b494 CreateBrushIndirect
0x49b498 CreateBitmap
0x49b49c CopyEnhMetaFileA
0x49b4a0 BitBlt
user32.dll
0x49b4a8 CreateWindowExA
0x49b4ac WindowFromPoint
0x49b4b0 WinHelpA
0x49b4b4 WaitMessage
0x49b4b8 UpdateWindow
0x49b4bc UnregisterClassA
0x49b4c0 UnhookWindowsHookEx
0x49b4c4 TranslateMessage
0x49b4c8 TranslateMDISysAccel
0x49b4cc TrackPopupMenu
0x49b4d0 SystemParametersInfoA
0x49b4d4 ShowWindow
0x49b4d8 ShowScrollBar
0x49b4dc ShowOwnedPopups
0x49b4e0 ShowCursor
0x49b4e4 SetWindowsHookExA
0x49b4e8 SetWindowTextA
0x49b4ec SetWindowPos
0x49b4f0 SetWindowPlacement
0x49b4f4 SetWindowLongA
0x49b4f8 SetTimer
0x49b4fc SetScrollRange
0x49b500 SetScrollPos
0x49b504 SetScrollInfo
0x49b508 SetRect
0x49b50c SetPropA
0x49b510 SetParent
0x49b514 SetMenuItemInfoA
0x49b518 SetMenu
0x49b51c SetForegroundWindow
0x49b520 SetFocus
0x49b524 SetCursor
0x49b528 SetClipboardData
0x49b52c SetClassLongA
0x49b530 SetCapture
0x49b534 SetActiveWindow
0x49b538 SendMessageA
0x49b53c ScrollWindow
0x49b540 ScreenToClient
0x49b544 RemovePropA
0x49b548 RemoveMenu
0x49b54c ReleaseDC
0x49b550 ReleaseCapture
0x49b554 RegisterWindowMessageA
0x49b558 RegisterClipboardFormatA
0x49b55c RegisterClassA
0x49b560 RedrawWindow
0x49b564 PtInRect
0x49b568 PostQuitMessage
0x49b56c PostMessageA
0x49b570 PeekMessageA
0x49b574 OpenClipboard
0x49b578 OffsetRect
0x49b57c OemToCharA
0x49b580 MsgWaitForMultipleObjects
0x49b584 MessageBoxA
0x49b588 MessageBeep
0x49b58c MapWindowPoints
0x49b590 MapVirtualKeyA
0x49b594 LoadStringA
0x49b598 LoadKeyboardLayoutA
0x49b59c LoadIconA
0x49b5a0 LoadCursorA
0x49b5a4 LoadBitmapA
0x49b5a8 KillTimer
0x49b5ac IsZoomed
0x49b5b0 IsWindowVisible
0x49b5b4 IsWindowEnabled
0x49b5b8 IsWindow
0x49b5bc IsRectEmpty
0x49b5c0 IsIconic
0x49b5c4 IsDialogMessageA
0x49b5c8 IsChild
0x49b5cc InvalidateRect
0x49b5d0 IntersectRect
0x49b5d4 InsertMenuItemA
0x49b5d8 InsertMenuA
0x49b5dc InflateRect
0x49b5e0 GetWindowThreadProcessId
0x49b5e4 GetWindowTextA
0x49b5e8 GetWindowRect
0x49b5ec GetWindowPlacement
0x49b5f0 GetWindowLongA
0x49b5f4 GetWindowDC
0x49b5f8 GetTopWindow
0x49b5fc GetSystemMetrics
0x49b600 GetSystemMenu
0x49b604 GetSysColorBrush
0x49b608 GetSysColor
0x49b60c GetSubMenu
0x49b610 GetScrollRange
0x49b614 GetScrollPos
0x49b618 GetScrollInfo
0x49b61c GetPropA
0x49b620 GetParent
0x49b624 GetWindow
0x49b628 GetMessageA
0x49b62c GetMenuStringA
0x49b630 GetMenuState
0x49b634 GetMenuItemInfoA
0x49b638 GetMenuItemID
0x49b63c GetMenuItemCount
0x49b640 GetMenu
0x49b644 GetLastActivePopup
0x49b648 GetKeyboardState
0x49b64c GetKeyboardLayoutList
0x49b650 GetKeyboardLayout
0x49b654 GetKeyState
0x49b658 GetKeyNameTextA
0x49b65c GetIconInfo
0x49b660 GetForegroundWindow
0x49b664 GetFocus
0x49b668 GetDesktopWindow
0x49b66c GetDCEx
0x49b670 GetDC
0x49b674 GetCursorPos
0x49b678 GetCursor
0x49b67c GetClipboardData
0x49b680 GetClientRect
0x49b684 GetClassNameA
0x49b688 GetClassInfoA
0x49b68c GetCapture
0x49b690 GetActiveWindow
0x49b694 FrameRect
0x49b698 FindWindowA
0x49b69c FillRect
0x49b6a0 EqualRect
0x49b6a4 EnumWindows
0x49b6a8 EnumThreadWindows
0x49b6ac EndPaint
0x49b6b0 EnableWindow
0x49b6b4 EnableScrollBar
0x49b6b8 EnableMenuItem
0x49b6bc EmptyClipboard
0x49b6c0 DrawTextA
0x49b6c4 DrawMenuBar
0x49b6c8 DrawIconEx
0x49b6cc DrawIcon
0x49b6d0 DrawFrameControl
0x49b6d4 DrawEdge
0x49b6d8 DispatchMessageA
0x49b6dc DestroyWindow
0x49b6e0 DestroyMenu
0x49b6e4 DestroyIcon
0x49b6e8 DestroyCursor
0x49b6ec DeleteMenu
0x49b6f0 DefWindowProcA
0x49b6f4 DefMDIChildProcA
0x49b6f8 DefFrameProcA
0x49b6fc CreatePopupMenu
0x49b700 CreateMenu
0x49b704 CreateIcon
0x49b708 CloseClipboard
0x49b70c ClientToScreen
0x49b710 CheckMenuItem
0x49b714 CallWindowProcA
0x49b718 CallNextHookEx
0x49b71c BeginPaint
0x49b720 CharNextA
0x49b724 CharLowerBuffA
0x49b728 CharLowerA
0x49b72c CharUpperBuffA
0x49b730 CharToOemA
0x49b734 AdjustWindowRectEx
0x49b738 ActivateKeyboardLayout
kernel32.dll
0x49b740 Sleep
oleaut32.dll
0x49b748 SafeArrayPtrOfIndex
0x49b74c SafeArrayPutElement
0x49b750 SafeArrayGetElement
0x49b754 SafeArrayUnaccessData
0x49b758 SafeArrayAccessData
0x49b75c SafeArrayGetUBound
0x49b760 SafeArrayGetLBound
0x49b764 SafeArrayCreate
0x49b768 VariantChangeType
0x49b76c VariantCopyInd
0x49b770 VariantCopy
0x49b774 VariantClear
0x49b778 VariantInit
ole32.dll
0x49b780 CoTaskMemFree
0x49b784 ProgIDFromCLSID
0x49b788 StringFromCLSID
0x49b78c CoCreateInstance
0x49b790 CoUninitialize
0x49b794 CoInitialize
0x49b798 IsEqualGUID
oleaut32.dll
0x49b7a0 GetErrorInfo
0x49b7a4 GetActiveObject
0x49b7a8 SysFreeString
comctl32.dll
0x49b7b0 ImageList_SetIconSize
0x49b7b4 ImageList_GetIconSize
0x49b7b8 ImageList_Write
0x49b7bc ImageList_Read
0x49b7c0 ImageList_GetDragImage
0x49b7c4 ImageList_DragShowNolock
0x49b7c8 ImageList_SetDragCursorImage
0x49b7cc ImageList_DragMove
0x49b7d0 ImageList_DragLeave
0x49b7d4 ImageList_DragEnter
0x49b7d8 ImageList_EndDrag
0x49b7dc ImageList_BeginDrag
0x49b7e0 ImageList_Remove
0x49b7e4 ImageList_DrawEx
0x49b7e8 ImageList_Draw
0x49b7ec ImageList_GetBkColor
0x49b7f0 ImageList_SetBkColor
0x49b7f4 ImageList_ReplaceIcon
0x49b7f8 ImageList_Add
0x49b7fc ImageList_SetImageCount
0x49b800 ImageList_GetImageCount
0x49b804 ImageList_Destroy
0x49b808 ImageList_Create
advapi32.dll
0x49b810 StartServiceCtrlDispatcherA
0x49b814 SetServiceStatus
0x49b818 RegisterServiceCtrlHandlerA
0x49b81c OpenServiceA
0x49b820 OpenSCManagerA
0x49b824 DeleteService
0x49b828 CreateServiceA
0x49b82c CloseServiceHandle
uRL
0x49b834 InetIsOffline
EAT(Export Address Table) is none
kernel32.dll
0x49b168 DeleteCriticalSection
0x49b16c LeaveCriticalSection
0x49b170 EnterCriticalSection
0x49b174 InitializeCriticalSection
0x49b178 VirtualFree
0x49b17c VirtualAlloc
0x49b180 LocalFree
0x49b184 LocalAlloc
0x49b188 GetTickCount
0x49b18c QueryPerformanceCounter
0x49b190 GetVersion
0x49b194 GetCurrentThreadId
0x49b198 InterlockedDecrement
0x49b19c InterlockedIncrement
0x49b1a0 VirtualQuery
0x49b1a4 WideCharToMultiByte
0x49b1a8 MultiByteToWideChar
0x49b1ac lstrlenA
0x49b1b0 lstrcpynA
0x49b1b4 LoadLibraryExA
0x49b1b8 GetThreadLocale
0x49b1bc GetStartupInfoA
0x49b1c0 GetProcAddress
0x49b1c4 GetModuleHandleA
0x49b1c8 GetModuleFileNameA
0x49b1cc GetLocaleInfoA
0x49b1d0 GetCommandLineA
0x49b1d4 FreeLibrary
0x49b1d8 FindFirstFileA
0x49b1dc FindClose
0x49b1e0 ExitProcess
0x49b1e4 ExitThread
0x49b1e8 CreateThread
0x49b1ec WriteFile
0x49b1f0 UnhandledExceptionFilter
0x49b1f4 RtlUnwind
0x49b1f8 RaiseException
0x49b1fc GetStdHandle
user32.dll
0x49b204 GetKeyboardType
0x49b208 LoadStringA
0x49b20c MessageBoxA
0x49b210 CharNextA
advapi32.dll
0x49b218 RegQueryValueExA
0x49b21c RegOpenKeyExA
0x49b220 RegCloseKey
oleaut32.dll
0x49b228 SysFreeString
0x49b22c SysReAllocStringLen
0x49b230 SysAllocStringLen
kernel32.dll
0x49b238 TlsSetValue
0x49b23c TlsGetValue
0x49b240 LocalAlloc
0x49b244 GetModuleHandleA
advapi32.dll
0x49b24c ReportEventA
0x49b250 RegisterEventSourceA
0x49b254 RegQueryValueExA
0x49b258 RegOpenKeyExA
0x49b25c RegCloseKey
0x49b260 DeregisterEventSource
kernel32.dll
0x49b268 lstrcpyA
0x49b26c WriteFile
0x49b270 WaitForSingleObject
0x49b274 VirtualQuery
0x49b278 VirtualProtect
0x49b27c VirtualAlloc
0x49b280 SuspendThread
0x49b284 Sleep
0x49b288 SizeofResource
0x49b28c SetThreadLocale
0x49b290 SetFilePointer
0x49b294 SetEvent
0x49b298 SetErrorMode
0x49b29c SetEndOfFile
0x49b2a0 ResumeThread
0x49b2a4 ResetEvent
0x49b2a8 ReadFile
0x49b2ac MultiByteToWideChar
0x49b2b0 MulDiv
0x49b2b4 LockResource
0x49b2b8 LoadResource
0x49b2bc LoadLibraryA
0x49b2c0 LeaveCriticalSection
0x49b2c4 InitializeCriticalSection
0x49b2c8 GlobalUnlock
0x49b2cc GlobalReAlloc
0x49b2d0 GlobalHandle
0x49b2d4 GlobalLock
0x49b2d8 GlobalFree
0x49b2dc GlobalFindAtomA
0x49b2e0 GlobalDeleteAtom
0x49b2e4 GlobalAlloc
0x49b2e8 GlobalAddAtomA
0x49b2ec GetVersionExA
0x49b2f0 GetVersion
0x49b2f4 GetTickCount
0x49b2f8 GetThreadLocale
0x49b2fc GetSystemInfo
0x49b300 GetStringTypeExA
0x49b304 GetStdHandle
0x49b308 GetProcAddress
0x49b30c GetModuleHandleA
0x49b310 GetModuleFileNameA
0x49b314 GetLocaleInfoA
0x49b318 GetLocalTime
0x49b31c GetLastError
0x49b320 GetFullPathNameA
0x49b324 GetExitCodeThread
0x49b328 GetDiskFreeSpaceA
0x49b32c GetDateFormatA
0x49b330 GetCurrentThreadId
0x49b334 GetCurrentProcessId
0x49b338 GetCurrentProcess
0x49b33c GetComputerNameA
0x49b340 GetCPInfo
0x49b344 GetACP
0x49b348 FreeResource
0x49b34c InterlockedIncrement
0x49b350 InterlockedExchange
0x49b354 InterlockedDecrement
0x49b358 FreeLibrary
0x49b35c FormatMessageA
0x49b360 FlushInstructionCache
0x49b364 FindResourceA
0x49b368 EnumCalendarInfoA
0x49b36c EnterCriticalSection
0x49b370 DeleteCriticalSection
0x49b374 CreateThread
0x49b378 CreateFileA
0x49b37c CreateEventA
0x49b380 CompareStringA
0x49b384 CloseHandle
version.dll
0x49b38c VerQueryValueA
0x49b390 GetFileVersionInfoSizeA
0x49b394 GetFileVersionInfoA
gdi32.dll
0x49b39c UnrealizeObject
0x49b3a0 StretchBlt
0x49b3a4 SetWindowOrgEx
0x49b3a8 SetWinMetaFileBits
0x49b3ac SetViewportOrgEx
0x49b3b0 SetTextColor
0x49b3b4 SetStretchBltMode
0x49b3b8 SetROP2
0x49b3bc SetPixel
0x49b3c0 SetEnhMetaFileBits
0x49b3c4 SetDIBColorTable
0x49b3c8 SetBrushOrgEx
0x49b3cc SetBkMode
0x49b3d0 SetBkColor
0x49b3d4 SelectPalette
0x49b3d8 SelectObject
0x49b3dc SaveDC
0x49b3e0 RestoreDC
0x49b3e4 Rectangle
0x49b3e8 RectVisible
0x49b3ec RealizePalette
0x49b3f0 PlayEnhMetaFile
0x49b3f4 PatBlt
0x49b3f8 MoveToEx
0x49b3fc MaskBlt
0x49b400 LineTo
0x49b404 IntersectClipRect
0x49b408 GetWindowOrgEx
0x49b40c GetWinMetaFileBits
0x49b410 GetTextMetricsA
0x49b414 GetTextExtentPointA
0x49b418 GetTextExtentPoint32A
0x49b41c GetSystemPaletteEntries
0x49b420 GetStockObject
0x49b424 GetPixel
0x49b428 GetPaletteEntries
0x49b42c GetObjectA
0x49b430 GetEnhMetaFilePaletteEntries
0x49b434 GetEnhMetaFileHeader
0x49b438 GetEnhMetaFileBits
0x49b43c GetDeviceCaps
0x49b440 GetDIBits
0x49b444 GetDIBColorTable
0x49b448 GetDCOrgEx
0x49b44c GetCurrentPositionEx
0x49b450 GetClipBox
0x49b454 GetBrushOrgEx
0x49b458 GetBitmapBits
0x49b45c GdiFlush
0x49b460 ExcludeClipRect
0x49b464 DeleteObject
0x49b468 DeleteEnhMetaFile
0x49b46c DeleteDC
0x49b470 CreateSolidBrush
0x49b474 CreatePenIndirect
0x49b478 CreatePalette
0x49b47c CreateHalftonePalette
0x49b480 CreateFontIndirectA
0x49b484 CreateDIBitmap
0x49b488 CreateDIBSection
0x49b48c CreateCompatibleDC
0x49b490 CreateCompatibleBitmap
0x49b494 CreateBrushIndirect
0x49b498 CreateBitmap
0x49b49c CopyEnhMetaFileA
0x49b4a0 BitBlt
user32.dll
0x49b4a8 CreateWindowExA
0x49b4ac WindowFromPoint
0x49b4b0 WinHelpA
0x49b4b4 WaitMessage
0x49b4b8 UpdateWindow
0x49b4bc UnregisterClassA
0x49b4c0 UnhookWindowsHookEx
0x49b4c4 TranslateMessage
0x49b4c8 TranslateMDISysAccel
0x49b4cc TrackPopupMenu
0x49b4d0 SystemParametersInfoA
0x49b4d4 ShowWindow
0x49b4d8 ShowScrollBar
0x49b4dc ShowOwnedPopups
0x49b4e0 ShowCursor
0x49b4e4 SetWindowsHookExA
0x49b4e8 SetWindowTextA
0x49b4ec SetWindowPos
0x49b4f0 SetWindowPlacement
0x49b4f4 SetWindowLongA
0x49b4f8 SetTimer
0x49b4fc SetScrollRange
0x49b500 SetScrollPos
0x49b504 SetScrollInfo
0x49b508 SetRect
0x49b50c SetPropA
0x49b510 SetParent
0x49b514 SetMenuItemInfoA
0x49b518 SetMenu
0x49b51c SetForegroundWindow
0x49b520 SetFocus
0x49b524 SetCursor
0x49b528 SetClipboardData
0x49b52c SetClassLongA
0x49b530 SetCapture
0x49b534 SetActiveWindow
0x49b538 SendMessageA
0x49b53c ScrollWindow
0x49b540 ScreenToClient
0x49b544 RemovePropA
0x49b548 RemoveMenu
0x49b54c ReleaseDC
0x49b550 ReleaseCapture
0x49b554 RegisterWindowMessageA
0x49b558 RegisterClipboardFormatA
0x49b55c RegisterClassA
0x49b560 RedrawWindow
0x49b564 PtInRect
0x49b568 PostQuitMessage
0x49b56c PostMessageA
0x49b570 PeekMessageA
0x49b574 OpenClipboard
0x49b578 OffsetRect
0x49b57c OemToCharA
0x49b580 MsgWaitForMultipleObjects
0x49b584 MessageBoxA
0x49b588 MessageBeep
0x49b58c MapWindowPoints
0x49b590 MapVirtualKeyA
0x49b594 LoadStringA
0x49b598 LoadKeyboardLayoutA
0x49b59c LoadIconA
0x49b5a0 LoadCursorA
0x49b5a4 LoadBitmapA
0x49b5a8 KillTimer
0x49b5ac IsZoomed
0x49b5b0 IsWindowVisible
0x49b5b4 IsWindowEnabled
0x49b5b8 IsWindow
0x49b5bc IsRectEmpty
0x49b5c0 IsIconic
0x49b5c4 IsDialogMessageA
0x49b5c8 IsChild
0x49b5cc InvalidateRect
0x49b5d0 IntersectRect
0x49b5d4 InsertMenuItemA
0x49b5d8 InsertMenuA
0x49b5dc InflateRect
0x49b5e0 GetWindowThreadProcessId
0x49b5e4 GetWindowTextA
0x49b5e8 GetWindowRect
0x49b5ec GetWindowPlacement
0x49b5f0 GetWindowLongA
0x49b5f4 GetWindowDC
0x49b5f8 GetTopWindow
0x49b5fc GetSystemMetrics
0x49b600 GetSystemMenu
0x49b604 GetSysColorBrush
0x49b608 GetSysColor
0x49b60c GetSubMenu
0x49b610 GetScrollRange
0x49b614 GetScrollPos
0x49b618 GetScrollInfo
0x49b61c GetPropA
0x49b620 GetParent
0x49b624 GetWindow
0x49b628 GetMessageA
0x49b62c GetMenuStringA
0x49b630 GetMenuState
0x49b634 GetMenuItemInfoA
0x49b638 GetMenuItemID
0x49b63c GetMenuItemCount
0x49b640 GetMenu
0x49b644 GetLastActivePopup
0x49b648 GetKeyboardState
0x49b64c GetKeyboardLayoutList
0x49b650 GetKeyboardLayout
0x49b654 GetKeyState
0x49b658 GetKeyNameTextA
0x49b65c GetIconInfo
0x49b660 GetForegroundWindow
0x49b664 GetFocus
0x49b668 GetDesktopWindow
0x49b66c GetDCEx
0x49b670 GetDC
0x49b674 GetCursorPos
0x49b678 GetCursor
0x49b67c GetClipboardData
0x49b680 GetClientRect
0x49b684 GetClassNameA
0x49b688 GetClassInfoA
0x49b68c GetCapture
0x49b690 GetActiveWindow
0x49b694 FrameRect
0x49b698 FindWindowA
0x49b69c FillRect
0x49b6a0 EqualRect
0x49b6a4 EnumWindows
0x49b6a8 EnumThreadWindows
0x49b6ac EndPaint
0x49b6b0 EnableWindow
0x49b6b4 EnableScrollBar
0x49b6b8 EnableMenuItem
0x49b6bc EmptyClipboard
0x49b6c0 DrawTextA
0x49b6c4 DrawMenuBar
0x49b6c8 DrawIconEx
0x49b6cc DrawIcon
0x49b6d0 DrawFrameControl
0x49b6d4 DrawEdge
0x49b6d8 DispatchMessageA
0x49b6dc DestroyWindow
0x49b6e0 DestroyMenu
0x49b6e4 DestroyIcon
0x49b6e8 DestroyCursor
0x49b6ec DeleteMenu
0x49b6f0 DefWindowProcA
0x49b6f4 DefMDIChildProcA
0x49b6f8 DefFrameProcA
0x49b6fc CreatePopupMenu
0x49b700 CreateMenu
0x49b704 CreateIcon
0x49b708 CloseClipboard
0x49b70c ClientToScreen
0x49b710 CheckMenuItem
0x49b714 CallWindowProcA
0x49b718 CallNextHookEx
0x49b71c BeginPaint
0x49b720 CharNextA
0x49b724 CharLowerBuffA
0x49b728 CharLowerA
0x49b72c CharUpperBuffA
0x49b730 CharToOemA
0x49b734 AdjustWindowRectEx
0x49b738 ActivateKeyboardLayout
kernel32.dll
0x49b740 Sleep
oleaut32.dll
0x49b748 SafeArrayPtrOfIndex
0x49b74c SafeArrayPutElement
0x49b750 SafeArrayGetElement
0x49b754 SafeArrayUnaccessData
0x49b758 SafeArrayAccessData
0x49b75c SafeArrayGetUBound
0x49b760 SafeArrayGetLBound
0x49b764 SafeArrayCreate
0x49b768 VariantChangeType
0x49b76c VariantCopyInd
0x49b770 VariantCopy
0x49b774 VariantClear
0x49b778 VariantInit
ole32.dll
0x49b780 CoTaskMemFree
0x49b784 ProgIDFromCLSID
0x49b788 StringFromCLSID
0x49b78c CoCreateInstance
0x49b790 CoUninitialize
0x49b794 CoInitialize
0x49b798 IsEqualGUID
oleaut32.dll
0x49b7a0 GetErrorInfo
0x49b7a4 GetActiveObject
0x49b7a8 SysFreeString
comctl32.dll
0x49b7b0 ImageList_SetIconSize
0x49b7b4 ImageList_GetIconSize
0x49b7b8 ImageList_Write
0x49b7bc ImageList_Read
0x49b7c0 ImageList_GetDragImage
0x49b7c4 ImageList_DragShowNolock
0x49b7c8 ImageList_SetDragCursorImage
0x49b7cc ImageList_DragMove
0x49b7d0 ImageList_DragLeave
0x49b7d4 ImageList_DragEnter
0x49b7d8 ImageList_EndDrag
0x49b7dc ImageList_BeginDrag
0x49b7e0 ImageList_Remove
0x49b7e4 ImageList_DrawEx
0x49b7e8 ImageList_Draw
0x49b7ec ImageList_GetBkColor
0x49b7f0 ImageList_SetBkColor
0x49b7f4 ImageList_ReplaceIcon
0x49b7f8 ImageList_Add
0x49b7fc ImageList_SetImageCount
0x49b800 ImageList_GetImageCount
0x49b804 ImageList_Destroy
0x49b808 ImageList_Create
advapi32.dll
0x49b810 StartServiceCtrlDispatcherA
0x49b814 SetServiceStatus
0x49b818 RegisterServiceCtrlHandlerA
0x49b81c OpenServiceA
0x49b820 OpenSCManagerA
0x49b824 DeleteService
0x49b828 CreateServiceA
0x49b82c CloseServiceHandle
uRL
0x49b834 InetIsOffline
EAT(Export Address Table) is none