ScreenShot
| Created | 2021.10.27 14:20 | Machine | s1_win7_x6402 |
| Filename | chromedriver.exe | ||
| Type | PE32 executable (console) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 9e5141400fa79953543f744bac726cc8 | ||
| sha256 | 3cf646d073d566c9061d32777f7ec447fa966187c5066a5b60fb64f90d8c6960 | ||
| ssdeep | 196608:prkAebafA+00QbogTn7GFao8CESmwT/+ANWAs0QlhnsH1CdOs3iYjnzMTUHAkwQB:OPSA+00QbogTn7Ggo8CESmvANm0QlhnL | ||
| imphash | b8089ee82498b5ab0456a736b89a81fd | ||
| impfuzzy | 192:ekT3QwBO4PW5WiYdRS5Zb1yj4F99TuIfsaXWiAO:e+BLuJYdRS5d1FaIf3XH | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| watch | Communicates with host for which no DNS query was performed |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | This executable has a PDB path |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | Microsoft_Office_File_Zero | Microsoft Office File | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0xe7bcdc ConvertStringSecurityDescriptorToSecurityDescriptorW
0xe7bce0 CreateProcessAsUserW
0xe7bce4 EventRegister
0xe7bce8 EventUnregister
0xe7bcec EventWrite
0xe7bcf0 InitializeAcl
0xe7bcf4 InitializeSecurityDescriptor
0xe7bcf8 RegCloseKey
0xe7bcfc RegCreateKeyExW
0xe7bd00 RegNotifyChangeKeyValue
0xe7bd04 RegOpenKeyExW
0xe7bd08 RegQueryValueExW
0xe7bd0c SetSecurityDescriptorDacl
0xe7bd10 SystemFunction036
dbghelp.dll
0xe7bd18 SymCleanup
0xe7bd1c SymFromAddr
0xe7bd20 SymGetLineFromAddr64
0xe7bd24 SymGetSearchPathW
0xe7bd28 SymInitialize
0xe7bd2c SymSetOptions
0xe7bd30 SymSetSearchPathW
USER32.dll
0xe7bd38 AllowSetForegroundWindow
0xe7bd3c CreateWindowExW
0xe7bd40 DefWindowProcW
0xe7bd44 DestroyWindow
0xe7bd48 DispatchMessageW
0xe7bd4c GetQueueStatus
0xe7bd50 GetWindowLongW
0xe7bd54 KillTimer
0xe7bd58 LoadKeyboardLayoutW
0xe7bd5c MapVirtualKeyW
0xe7bd60 MsgWaitForMultipleObjectsEx
0xe7bd64 PeekMessageW
0xe7bd68 PostMessageW
0xe7bd6c PostQuitMessage
0xe7bd70 RegisterClassExW
0xe7bd74 SetTimer
0xe7bd78 SetWindowLongW
0xe7bd7c ToUnicode
0xe7bd80 TranslateMessage
0xe7bd84 UnregisterClassW
0xe7bd88 VkKeyScanW
WS2_32.dll
0xe7bd90 WSACloseEvent
0xe7bd94 WSACreateEvent
0xe7bd98 WSAEnumNetworkEvents
0xe7bd9c WSAEventSelect
0xe7bda0 WSAGetLastError
0xe7bda4 WSAGetOverlappedResult
0xe7bda8 WSAIoctl
0xe7bdac WSARecvFrom
0xe7bdb0 WSAResetEvent
0xe7bdb4 WSASend
0xe7bdb8 WSASendTo
0xe7bdbc WSASocketW
0xe7bdc0 WSAStartup
0xe7bdc4 accept
0xe7bdc8 ind
0xe7bdcc closesocket
0xe7bdd0 connect
0xe7bdd4 freeaddrinfo
0xe7bdd8 getaddrinfo
0xe7bddc gethostname
0xe7bde0 getpeername
0xe7bde4 getsockname
0xe7bde8 getsockopt
0xe7bdec htonl
0xe7bdf0 htons
0xe7bdf4 inet_ntop
0xe7bdf8 ioctlsocket
0xe7bdfc listen
0xe7be00 ntohs
0xe7be04 recv
0xe7be08 recvfrom
0xe7be0c sendto
0xe7be10 setsockopt
0xe7be14 shutdown
0xe7be18 socket
KERNEL32.dll
0xe7be20 AcquireSRWLockExclusive
0xe7be24 AcquireSRWLockShared
0xe7be28 AssignProcessToJobObject
0xe7be2c CallbackMayRunLong
0xe7be30 CancelIo
0xe7be34 CloseHandle
0xe7be38 CloseThreadpool
0xe7be3c CloseThreadpoolWork
0xe7be40 CompareStringW
0xe7be44 ConnectNamedPipe
0xe7be48 CreateDirectoryW
0xe7be4c CreateEventW
0xe7be50 CreateFileA
0xe7be54 CreateFileMappingW
0xe7be58 CreateFileW
0xe7be5c CreateIoCompletionPort
0xe7be60 CreateNamedPipeW
0xe7be64 CreateProcessW
0xe7be68 CreateThread
0xe7be6c CreateThreadpool
0xe7be70 CreateThreadpoolWork
0xe7be74 DebugBreak
0xe7be78 DecodePointer
0xe7be7c DeleteCriticalSection
0xe7be80 DeleteFileW
0xe7be84 DeleteProcThreadAttributeList
0xe7be88 DuplicateHandle
0xe7be8c EncodePointer
0xe7be90 EnterCriticalSection
0xe7be94 EnumSystemLocalesW
0xe7be98 ExitProcess
0xe7be9c ExitThread
0xe7bea0 ExpandEnvironmentStringsW
0xe7bea4 FileTimeToSystemTime
0xe7bea8 FindClose
0xe7beac FindFirstFileExW
0xe7beb0 FindNextFileW
0xe7beb4 FlsAlloc
0xe7beb8 FlsSetValue
0xe7bebc FlushFileBuffers
0xe7bec0 FormatMessageA
0xe7bec4 FormatMessageW
0xe7bec8 FreeEnvironmentStringsW
0xe7becc FreeLibrary
0xe7bed0 FreeLibraryAndExitThread
0xe7bed4 GetACP
0xe7bed8 GetCPInfo
0xe7bedc GetCommandLineA
0xe7bee0 GetCommandLineW
0xe7bee4 GetConsoleMode
0xe7bee8 GetConsoleOutputCP
0xe7beec GetCurrentDirectoryW
0xe7bef0 GetCurrentProcess
0xe7bef4 GetCurrentProcessId
0xe7bef8 GetCurrentThread
0xe7befc GetCurrentThreadId
0xe7bf00 GetDateFormatW
0xe7bf04 GetDiskFreeSpaceExW
0xe7bf08 GetDriveTypeW
0xe7bf0c GetEnvironmentStringsW
0xe7bf10 GetEnvironmentVariableW
0xe7bf14 GetExitCodeProcess
0xe7bf18 GetFileAttributesExW
0xe7bf1c GetFileAttributesW
0xe7bf20 GetFileInformationByHandle
0xe7bf24 GetFileSizeEx
0xe7bf28 GetFileType
0xe7bf2c GetFullPathNameW
0xe7bf30 GetLastError
0xe7bf34 GetLocalTime
0xe7bf38 GetLocaleInfoW
0xe7bf3c GetLongPathNameW
0xe7bf40 GetModuleFileNameW
0xe7bf44 GetModuleHandleA
0xe7bf48 GetModuleHandleExW
0xe7bf4c GetModuleHandleW
0xe7bf50 GetNativeSystemInfo
0xe7bf54 GetOEMCP
0xe7bf58 GetProcAddress
0xe7bf5c GetProcessHeap
0xe7bf60 GetProcessId
0xe7bf64 GetProcessTimes
0xe7bf68 GetProductInfo
0xe7bf6c GetQueuedCompletionStatus
0xe7bf70 GetStartupInfoW
0xe7bf74 GetStdHandle
0xe7bf78 GetStringTypeW
0xe7bf7c GetSystemDirectoryW
0xe7bf80 GetSystemInfo
0xe7bf84 GetSystemTimeAsFileTime
0xe7bf88 GetTempPathW
0xe7bf8c GetThreadId
0xe7bf90 GetThreadPriority
0xe7bf94 GetTickCount
0xe7bf98 GetTimeFormatW
0xe7bf9c GetTimeZoneInformation
0xe7bfa0 GetUserDefaultLCID
0xe7bfa4 GetVersionExW
0xe7bfa8 GetWindowsDirectoryW
0xe7bfac GlobalFree
0xe7bfb0 GlobalMemoryStatusEx
0xe7bfb4 InitOnceExecuteOnce
0xe7bfb8 InitializeConditionVariable
0xe7bfbc InitializeCriticalSectionAndSpinCount
0xe7bfc0 InitializeProcThreadAttributeList
0xe7bfc4 InitializeSListHead
0xe7bfc8 InitializeSRWLock
0xe7bfcc IsDebuggerPresent
0xe7bfd0 IsProcessorFeaturePresent
0xe7bfd4 IsValidCodePage
0xe7bfd8 IsValidLocale
0xe7bfdc IsWow64Process
0xe7bfe0 K32QueryWorkingSetEx
0xe7bfe4 LCMapStringW
0xe7bfe8 LeaveCriticalSection
0xe7bfec LoadLibraryExA
0xe7bff0 LoadLibraryExW
0xe7bff4 LoadLibraryW
0xe7bff8 LocalFree
0xe7bffc MapViewOfFile
0xe7c000 MoveFileExW
0xe7c004 MoveFileW
0xe7c008 MultiByteToWideChar
0xe7c00c OutputDebugStringA
0xe7c010 PostQueuedCompletionStatus
0xe7c014 QueryPerformanceCounter
0xe7c018 QueryPerformanceFrequency
0xe7c01c QueryThreadCycleTime
0xe7c020 RaiseException
0xe7c024 ReadConsoleW
0xe7c028 ReadFile
0xe7c02c RegisterWaitForSingleObject
0xe7c030 ReleaseSRWLockExclusive
0xe7c034 ReleaseSRWLockShared
0xe7c038 RemoveDirectoryW
0xe7c03c ReplaceFileW
0xe7c040 ResetEvent
0xe7c044 RtlCaptureStackBackTrace
0xe7c048 RtlUnwind
0xe7c04c SetEndOfFile
0xe7c050 SetEnvironmentVariableW
0xe7c054 SetEvent
0xe7c058 SetFileAttributesW
0xe7c05c SetFileInformationByHandle
0xe7c060 SetFilePointer
0xe7c064 SetFilePointerEx
0xe7c068 SetFileTime
0xe7c06c SetHandleInformation
0xe7c070 SetLastError
0xe7c074 SetStdHandle
0xe7c078 SetThreadPriority
0xe7c07c SetThreadpoolThreadMaximum
0xe7c080 SetThreadpoolThreadMinimum
0xe7c084 SetUnhandledExceptionFilter
0xe7c088 Sleep
0xe7c08c SleepConditionVariableSRW
0xe7c090 SubmitThreadpoolWork
0xe7c094 SystemTimeToFileTime
0xe7c098 SystemTimeToTzSpecificLocalTime
0xe7c09c TerminateProcess
0xe7c0a0 TlsAlloc
0xe7c0a4 TlsFree
0xe7c0a8 TlsGetValue
0xe7c0ac TlsSetValue
0xe7c0b0 TryAcquireSRWLockExclusive
0xe7c0b4 TzSpecificLocalTimeToSystemTime
0xe7c0b8 UnhandledExceptionFilter
0xe7c0bc UnmapViewOfFile
0xe7c0c0 UnregisterWaitEx
0xe7c0c4 UpdateProcThreadAttribute
0xe7c0c8 VirtualAlloc
0xe7c0cc VirtualFree
0xe7c0d0 VirtualProtect
0xe7c0d4 VirtualQuery
0xe7c0d8 WaitForMultipleObjects
0xe7c0dc WaitForSingleObject
0xe7c0e0 WaitForSingleObjectEx
0xe7c0e4 WaitForThreadpoolWorkCallbacks
0xe7c0e8 WaitNamedPipeW
0xe7c0ec WakeAllConditionVariable
0xe7c0f0 WakeConditionVariable
0xe7c0f4 WideCharToMultiByte
0xe7c0f8 WriteConsoleW
0xe7c0fc WriteFile
IPHLPAPI.DLL
0xe7c104 GetAdaptersAddresses
SHELL32.dll
0xe7c10c CommandLineToArgvW
0xe7c110 SHGetFolderPathW
0xe7c114 SHGetKnownFolderPath
USERENV.dll
0xe7c11c CreateEnvironmentBlock
0xe7c120 DestroyEnvironmentBlock
SHLWAPI.dll
0xe7c128 PathMatchSpecW
WINMM.dll
0xe7c130 timeBeginPeriod
0xe7c134 timeEndPeriod
0xe7c138 timeGetTime
ole32.dll
0xe7c140 CoInitializeEx
0xe7c144 CoRegisterInitializeSpy
0xe7c148 CoRevokeInitializeSpy
0xe7c14c CoTaskMemFree
0xe7c150 CoUninitialize
CRYPT32.dll
0xe7c158 CertAddEncodedCertificateToStore
0xe7c15c CertCloseStore
0xe7c160 CertCompareCertificateName
0xe7c164 CertCreateCertificateChainEngine
0xe7c168 CertDuplicateCertificateContext
0xe7c16c CertFindExtension
0xe7c170 CertFreeCertificateChain
0xe7c174 CertFreeCertificateChainEngine
0xe7c178 CertFreeCertificateContext
0xe7c17c CertGetCertificateChain
0xe7c180 CertGetCertificateContextProperty
0xe7c184 CertGetIssuerCertificateFromStore
0xe7c188 CertOpenStore
0xe7c18c CertSetCertificateContextProperty
0xe7c190 CertVerifyCertificateChainPolicy
0xe7c194 CryptDecodeObjectEx
0xe7c198 CryptInstallOIDFunctionAddress
0xe7c19c CryptVerifyCertificateSignatureEx
Secur32.dll
0xe7c1a4 AcquireCredentialsHandleW
0xe7c1a8 DeleteSecurityContext
0xe7c1ac FreeContextBuffer
0xe7c1b0 FreeCredentialsHandle
0xe7c1b4 InitializeSecurityContextW
0xe7c1b8 QueryContextAttributesW
0xe7c1bc QuerySecurityPackageInfoW
WINHTTP.dll
0xe7c1c4 WinHttpCloseHandle
0xe7c1c8 WinHttpGetIEProxyConfigForCurrentUser
0xe7c1cc WinHttpGetProxyForUrl
0xe7c1d0 WinHttpOpen
0xe7c1d4 WinHttpSetTimeouts
urlmon.dll
0xe7c1dc CoInternetCreateSecurityManager
EAT(Export Address Table) Library
0x667cd0 GetHandleVerifier
ADVAPI32.dll
0xe7bcdc ConvertStringSecurityDescriptorToSecurityDescriptorW
0xe7bce0 CreateProcessAsUserW
0xe7bce4 EventRegister
0xe7bce8 EventUnregister
0xe7bcec EventWrite
0xe7bcf0 InitializeAcl
0xe7bcf4 InitializeSecurityDescriptor
0xe7bcf8 RegCloseKey
0xe7bcfc RegCreateKeyExW
0xe7bd00 RegNotifyChangeKeyValue
0xe7bd04 RegOpenKeyExW
0xe7bd08 RegQueryValueExW
0xe7bd0c SetSecurityDescriptorDacl
0xe7bd10 SystemFunction036
dbghelp.dll
0xe7bd18 SymCleanup
0xe7bd1c SymFromAddr
0xe7bd20 SymGetLineFromAddr64
0xe7bd24 SymGetSearchPathW
0xe7bd28 SymInitialize
0xe7bd2c SymSetOptions
0xe7bd30 SymSetSearchPathW
USER32.dll
0xe7bd38 AllowSetForegroundWindow
0xe7bd3c CreateWindowExW
0xe7bd40 DefWindowProcW
0xe7bd44 DestroyWindow
0xe7bd48 DispatchMessageW
0xe7bd4c GetQueueStatus
0xe7bd50 GetWindowLongW
0xe7bd54 KillTimer
0xe7bd58 LoadKeyboardLayoutW
0xe7bd5c MapVirtualKeyW
0xe7bd60 MsgWaitForMultipleObjectsEx
0xe7bd64 PeekMessageW
0xe7bd68 PostMessageW
0xe7bd6c PostQuitMessage
0xe7bd70 RegisterClassExW
0xe7bd74 SetTimer
0xe7bd78 SetWindowLongW
0xe7bd7c ToUnicode
0xe7bd80 TranslateMessage
0xe7bd84 UnregisterClassW
0xe7bd88 VkKeyScanW
WS2_32.dll
0xe7bd90 WSACloseEvent
0xe7bd94 WSACreateEvent
0xe7bd98 WSAEnumNetworkEvents
0xe7bd9c WSAEventSelect
0xe7bda0 WSAGetLastError
0xe7bda4 WSAGetOverlappedResult
0xe7bda8 WSAIoctl
0xe7bdac WSARecvFrom
0xe7bdb0 WSAResetEvent
0xe7bdb4 WSASend
0xe7bdb8 WSASendTo
0xe7bdbc WSASocketW
0xe7bdc0 WSAStartup
0xe7bdc4 accept
0xe7bdc8 ind
0xe7bdcc closesocket
0xe7bdd0 connect
0xe7bdd4 freeaddrinfo
0xe7bdd8 getaddrinfo
0xe7bddc gethostname
0xe7bde0 getpeername
0xe7bde4 getsockname
0xe7bde8 getsockopt
0xe7bdec htonl
0xe7bdf0 htons
0xe7bdf4 inet_ntop
0xe7bdf8 ioctlsocket
0xe7bdfc listen
0xe7be00 ntohs
0xe7be04 recv
0xe7be08 recvfrom
0xe7be0c sendto
0xe7be10 setsockopt
0xe7be14 shutdown
0xe7be18 socket
KERNEL32.dll
0xe7be20 AcquireSRWLockExclusive
0xe7be24 AcquireSRWLockShared
0xe7be28 AssignProcessToJobObject
0xe7be2c CallbackMayRunLong
0xe7be30 CancelIo
0xe7be34 CloseHandle
0xe7be38 CloseThreadpool
0xe7be3c CloseThreadpoolWork
0xe7be40 CompareStringW
0xe7be44 ConnectNamedPipe
0xe7be48 CreateDirectoryW
0xe7be4c CreateEventW
0xe7be50 CreateFileA
0xe7be54 CreateFileMappingW
0xe7be58 CreateFileW
0xe7be5c CreateIoCompletionPort
0xe7be60 CreateNamedPipeW
0xe7be64 CreateProcessW
0xe7be68 CreateThread
0xe7be6c CreateThreadpool
0xe7be70 CreateThreadpoolWork
0xe7be74 DebugBreak
0xe7be78 DecodePointer
0xe7be7c DeleteCriticalSection
0xe7be80 DeleteFileW
0xe7be84 DeleteProcThreadAttributeList
0xe7be88 DuplicateHandle
0xe7be8c EncodePointer
0xe7be90 EnterCriticalSection
0xe7be94 EnumSystemLocalesW
0xe7be98 ExitProcess
0xe7be9c ExitThread
0xe7bea0 ExpandEnvironmentStringsW
0xe7bea4 FileTimeToSystemTime
0xe7bea8 FindClose
0xe7beac FindFirstFileExW
0xe7beb0 FindNextFileW
0xe7beb4 FlsAlloc
0xe7beb8 FlsSetValue
0xe7bebc FlushFileBuffers
0xe7bec0 FormatMessageA
0xe7bec4 FormatMessageW
0xe7bec8 FreeEnvironmentStringsW
0xe7becc FreeLibrary
0xe7bed0 FreeLibraryAndExitThread
0xe7bed4 GetACP
0xe7bed8 GetCPInfo
0xe7bedc GetCommandLineA
0xe7bee0 GetCommandLineW
0xe7bee4 GetConsoleMode
0xe7bee8 GetConsoleOutputCP
0xe7beec GetCurrentDirectoryW
0xe7bef0 GetCurrentProcess
0xe7bef4 GetCurrentProcessId
0xe7bef8 GetCurrentThread
0xe7befc GetCurrentThreadId
0xe7bf00 GetDateFormatW
0xe7bf04 GetDiskFreeSpaceExW
0xe7bf08 GetDriveTypeW
0xe7bf0c GetEnvironmentStringsW
0xe7bf10 GetEnvironmentVariableW
0xe7bf14 GetExitCodeProcess
0xe7bf18 GetFileAttributesExW
0xe7bf1c GetFileAttributesW
0xe7bf20 GetFileInformationByHandle
0xe7bf24 GetFileSizeEx
0xe7bf28 GetFileType
0xe7bf2c GetFullPathNameW
0xe7bf30 GetLastError
0xe7bf34 GetLocalTime
0xe7bf38 GetLocaleInfoW
0xe7bf3c GetLongPathNameW
0xe7bf40 GetModuleFileNameW
0xe7bf44 GetModuleHandleA
0xe7bf48 GetModuleHandleExW
0xe7bf4c GetModuleHandleW
0xe7bf50 GetNativeSystemInfo
0xe7bf54 GetOEMCP
0xe7bf58 GetProcAddress
0xe7bf5c GetProcessHeap
0xe7bf60 GetProcessId
0xe7bf64 GetProcessTimes
0xe7bf68 GetProductInfo
0xe7bf6c GetQueuedCompletionStatus
0xe7bf70 GetStartupInfoW
0xe7bf74 GetStdHandle
0xe7bf78 GetStringTypeW
0xe7bf7c GetSystemDirectoryW
0xe7bf80 GetSystemInfo
0xe7bf84 GetSystemTimeAsFileTime
0xe7bf88 GetTempPathW
0xe7bf8c GetThreadId
0xe7bf90 GetThreadPriority
0xe7bf94 GetTickCount
0xe7bf98 GetTimeFormatW
0xe7bf9c GetTimeZoneInformation
0xe7bfa0 GetUserDefaultLCID
0xe7bfa4 GetVersionExW
0xe7bfa8 GetWindowsDirectoryW
0xe7bfac GlobalFree
0xe7bfb0 GlobalMemoryStatusEx
0xe7bfb4 InitOnceExecuteOnce
0xe7bfb8 InitializeConditionVariable
0xe7bfbc InitializeCriticalSectionAndSpinCount
0xe7bfc0 InitializeProcThreadAttributeList
0xe7bfc4 InitializeSListHead
0xe7bfc8 InitializeSRWLock
0xe7bfcc IsDebuggerPresent
0xe7bfd0 IsProcessorFeaturePresent
0xe7bfd4 IsValidCodePage
0xe7bfd8 IsValidLocale
0xe7bfdc IsWow64Process
0xe7bfe0 K32QueryWorkingSetEx
0xe7bfe4 LCMapStringW
0xe7bfe8 LeaveCriticalSection
0xe7bfec LoadLibraryExA
0xe7bff0 LoadLibraryExW
0xe7bff4 LoadLibraryW
0xe7bff8 LocalFree
0xe7bffc MapViewOfFile
0xe7c000 MoveFileExW
0xe7c004 MoveFileW
0xe7c008 MultiByteToWideChar
0xe7c00c OutputDebugStringA
0xe7c010 PostQueuedCompletionStatus
0xe7c014 QueryPerformanceCounter
0xe7c018 QueryPerformanceFrequency
0xe7c01c QueryThreadCycleTime
0xe7c020 RaiseException
0xe7c024 ReadConsoleW
0xe7c028 ReadFile
0xe7c02c RegisterWaitForSingleObject
0xe7c030 ReleaseSRWLockExclusive
0xe7c034 ReleaseSRWLockShared
0xe7c038 RemoveDirectoryW
0xe7c03c ReplaceFileW
0xe7c040 ResetEvent
0xe7c044 RtlCaptureStackBackTrace
0xe7c048 RtlUnwind
0xe7c04c SetEndOfFile
0xe7c050 SetEnvironmentVariableW
0xe7c054 SetEvent
0xe7c058 SetFileAttributesW
0xe7c05c SetFileInformationByHandle
0xe7c060 SetFilePointer
0xe7c064 SetFilePointerEx
0xe7c068 SetFileTime
0xe7c06c SetHandleInformation
0xe7c070 SetLastError
0xe7c074 SetStdHandle
0xe7c078 SetThreadPriority
0xe7c07c SetThreadpoolThreadMaximum
0xe7c080 SetThreadpoolThreadMinimum
0xe7c084 SetUnhandledExceptionFilter
0xe7c088 Sleep
0xe7c08c SleepConditionVariableSRW
0xe7c090 SubmitThreadpoolWork
0xe7c094 SystemTimeToFileTime
0xe7c098 SystemTimeToTzSpecificLocalTime
0xe7c09c TerminateProcess
0xe7c0a0 TlsAlloc
0xe7c0a4 TlsFree
0xe7c0a8 TlsGetValue
0xe7c0ac TlsSetValue
0xe7c0b0 TryAcquireSRWLockExclusive
0xe7c0b4 TzSpecificLocalTimeToSystemTime
0xe7c0b8 UnhandledExceptionFilter
0xe7c0bc UnmapViewOfFile
0xe7c0c0 UnregisterWaitEx
0xe7c0c4 UpdateProcThreadAttribute
0xe7c0c8 VirtualAlloc
0xe7c0cc VirtualFree
0xe7c0d0 VirtualProtect
0xe7c0d4 VirtualQuery
0xe7c0d8 WaitForMultipleObjects
0xe7c0dc WaitForSingleObject
0xe7c0e0 WaitForSingleObjectEx
0xe7c0e4 WaitForThreadpoolWorkCallbacks
0xe7c0e8 WaitNamedPipeW
0xe7c0ec WakeAllConditionVariable
0xe7c0f0 WakeConditionVariable
0xe7c0f4 WideCharToMultiByte
0xe7c0f8 WriteConsoleW
0xe7c0fc WriteFile
IPHLPAPI.DLL
0xe7c104 GetAdaptersAddresses
SHELL32.dll
0xe7c10c CommandLineToArgvW
0xe7c110 SHGetFolderPathW
0xe7c114 SHGetKnownFolderPath
USERENV.dll
0xe7c11c CreateEnvironmentBlock
0xe7c120 DestroyEnvironmentBlock
SHLWAPI.dll
0xe7c128 PathMatchSpecW
WINMM.dll
0xe7c130 timeBeginPeriod
0xe7c134 timeEndPeriod
0xe7c138 timeGetTime
ole32.dll
0xe7c140 CoInitializeEx
0xe7c144 CoRegisterInitializeSpy
0xe7c148 CoRevokeInitializeSpy
0xe7c14c CoTaskMemFree
0xe7c150 CoUninitialize
CRYPT32.dll
0xe7c158 CertAddEncodedCertificateToStore
0xe7c15c CertCloseStore
0xe7c160 CertCompareCertificateName
0xe7c164 CertCreateCertificateChainEngine
0xe7c168 CertDuplicateCertificateContext
0xe7c16c CertFindExtension
0xe7c170 CertFreeCertificateChain
0xe7c174 CertFreeCertificateChainEngine
0xe7c178 CertFreeCertificateContext
0xe7c17c CertGetCertificateChain
0xe7c180 CertGetCertificateContextProperty
0xe7c184 CertGetIssuerCertificateFromStore
0xe7c188 CertOpenStore
0xe7c18c CertSetCertificateContextProperty
0xe7c190 CertVerifyCertificateChainPolicy
0xe7c194 CryptDecodeObjectEx
0xe7c198 CryptInstallOIDFunctionAddress
0xe7c19c CryptVerifyCertificateSignatureEx
Secur32.dll
0xe7c1a4 AcquireCredentialsHandleW
0xe7c1a8 DeleteSecurityContext
0xe7c1ac FreeContextBuffer
0xe7c1b0 FreeCredentialsHandle
0xe7c1b4 InitializeSecurityContextW
0xe7c1b8 QueryContextAttributesW
0xe7c1bc QuerySecurityPackageInfoW
WINHTTP.dll
0xe7c1c4 WinHttpCloseHandle
0xe7c1c8 WinHttpGetIEProxyConfigForCurrentUser
0xe7c1cc WinHttpGetProxyForUrl
0xe7c1d0 WinHttpOpen
0xe7c1d4 WinHttpSetTimeouts
urlmon.dll
0xe7c1dc CoInternetCreateSecurityManager
EAT(Export Address Table) Library
0x667cd0 GetHandleVerifier