ScreenShot
| Created | 2021.11.10 18:01 | Machine | s1_win7_x6402 |
| Filename | URGENT PURCHASE ORDER.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 37 detected (malicious, high confidence, GenericKD, GenericRXAA, ZelphiCO, 0GW@aSUq7bbi, Delf, SNSY, Attribute, HighConfidence, EQMT, MalwareX, DownLoader43, USMANK921, Static AI, Suspicious PE, Unsafe, Score, Wacatac, DelfInject, R449406, BScope, Noon, ai score=81, Generic@ML, RDMK, vF10pkRUfjS1rfjD7UmtpQ, Igent, bWUGOU, EQAC, GdSda) | ||
| md5 | 2c88a95d136be447e28c6ba0c424f93e | ||
| sha256 | 045a680f5cff3aa889bd6e366a1445dc6c9f066b6601ba69f973c77cf37a5bd2 | ||
| ssdeep | 6144:6ty9J2eb9Vmcc03Dl2QEE12/ggyHISePm7lDW/Bl5Wn7DYKbQAJRIl68hTnUE:R9J2ebzmccYDJ2tMIMS/n56D86mTnUE | ||
| imphash | 7b484975ebc1a121d346391a74418697 | ||
| impfuzzy | 96:8cfp95YU3O0MJ4IXLp4U8zS10+YVbuu2RrSUvK9LVqo1GqE6nDwPOQR8l:334mk1QVbuuArSUvK9RqooqE6EPOQR4 | ||
Network IP location
Signature (18cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 37 AntiVirus engines on VirusTotal as malicious |
| watch | Deletes executed files from disk |
| watch | Installs itself for autorun at Windows startup |
| watch | Network activity contains more than one unique useragent |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Performs some HTTP requests |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Command line console output was observed |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (38cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Network_Downloader | File Downloader | memory |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | Code_injection | Code injection with CreateRemoteThread in a remote process | memory |
| notice | Create_Service | Create a windows service | memory |
| notice | Escalate_priviledges | Escalate priviledges | memory |
| notice | KeyLogger | Run a KeyLogger | memory |
| notice | local_credential_Steal | Steal credential | memory |
| notice | Network_DGA | Communication using DGA | memory |
| notice | Network_DNS | Communications use DNS | memory |
| notice | Network_FTP | Communications over FTP | memory |
| notice | Network_HTTP | Communications over HTTP | memory |
| notice | Network_P2P_Win | Communications over P2P network | memory |
| notice | Network_TCP_Socket | Communications over RAW Socket | memory |
| notice | ScreenShot | Take ScreenShot | memory |
| notice | Sniff_Audio | Record Audio | memory |
| notice | Str_Win32_Http_API | Match Windows Http API call | memory |
| notice | Str_Win32_Internet_API | Match Windows Inet API call | memory |
| info | anti_dbg | Checks if being debugged | memory |
| info | antisb_threatExpert | Anti-Sandbox checks for ThreatExpert | memory |
| info | Check_Dlls | (no description) | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerCheck__RemoteAPI | (no description) | memory |
| info | DebuggerException__ConsoleCtrl | (no description) | memory |
| info | DebuggerException__SetConsoleCtrl | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
| info | win_hook | Affect hook table | memory |
Network (3cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
kernel32.dll
0x459140 DeleteCriticalSection
0x459144 LeaveCriticalSection
0x459148 EnterCriticalSection
0x45914c InitializeCriticalSection
0x459150 VirtualFree
0x459154 VirtualAlloc
0x459158 LocalFree
0x45915c LocalAlloc
0x459160 GetTickCount
0x459164 QueryPerformanceCounter
0x459168 GetVersion
0x45916c GetCurrentThreadId
0x459170 InterlockedDecrement
0x459174 InterlockedIncrement
0x459178 VirtualQuery
0x45917c WideCharToMultiByte
0x459180 MultiByteToWideChar
0x459184 lstrlenA
0x459188 lstrcpynA
0x45918c LoadLibraryExA
0x459190 GetThreadLocale
0x459194 GetStartupInfoA
0x459198 GetProcAddress
0x45919c GetModuleHandleA
0x4591a0 GetModuleFileNameA
0x4591a4 GetLocaleInfoA
0x4591a8 GetCommandLineA
0x4591ac FreeLibrary
0x4591b0 FindFirstFileA
0x4591b4 FindClose
0x4591b8 ExitProcess
0x4591bc WriteFile
0x4591c0 UnhandledExceptionFilter
0x4591c4 RtlUnwind
0x4591c8 RaiseException
0x4591cc GetStdHandle
user32.dll
0x4591d4 GetKeyboardType
0x4591d8 LoadStringA
0x4591dc MessageBoxA
0x4591e0 CharNextA
advapi32.dll
0x4591e8 RegQueryValueExA
0x4591ec RegOpenKeyExA
0x4591f0 RegCloseKey
oleaut32.dll
0x4591f8 SysFreeString
0x4591fc SysReAllocStringLen
0x459200 SysAllocStringLen
kernel32.dll
0x459208 TlsSetValue
0x45920c TlsGetValue
0x459210 LocalAlloc
0x459214 GetModuleHandleA
advapi32.dll
0x45921c RegQueryValueExA
0x459220 RegOpenKeyExA
0x459224 RegCloseKey
kernel32.dll
0x45922c lstrcpyA
0x459230 WriteFile
0x459234 WaitForSingleObject
0x459238 VirtualQuery
0x45923c VirtualProtect
0x459240 VirtualAlloc
0x459244 Sleep
0x459248 SizeofResource
0x45924c SetThreadLocale
0x459250 SetFilePointer
0x459254 SetEvent
0x459258 SetErrorMode
0x45925c SetEndOfFile
0x459260 ResetEvent
0x459264 ReadFile
0x459268 MulDiv
0x45926c LockResource
0x459270 LoadResource
0x459274 LoadLibraryW
0x459278 LoadLibraryA
0x45927c LeaveCriticalSection
0x459280 InitializeCriticalSection
0x459284 GlobalUnlock
0x459288 GlobalReAlloc
0x45928c GlobalHandle
0x459290 GlobalLock
0x459294 GlobalFree
0x459298 GlobalFindAtomA
0x45929c GlobalDeleteAtom
0x4592a0 GlobalAlloc
0x4592a4 GlobalAddAtomA
0x4592a8 GetVersionExA
0x4592ac GetVersion
0x4592b0 GetTickCount
0x4592b4 GetThreadLocale
0x4592b8 GetSystemInfo
0x4592bc GetStringTypeExA
0x4592c0 GetStdHandle
0x4592c4 GetProcAddress
0x4592c8 GetModuleHandleA
0x4592cc GetModuleFileNameA
0x4592d0 GetLocaleInfoA
0x4592d4 GetLocalTime
0x4592d8 GetLastError
0x4592dc GetFullPathNameA
0x4592e0 GetDiskFreeSpaceA
0x4592e4 GetDateFormatA
0x4592e8 GetCurrentThreadId
0x4592ec GetCurrentProcessId
0x4592f0 GetCPInfo
0x4592f4 GetACP
0x4592f8 FreeResource
0x4592fc InterlockedExchange
0x459300 FreeLibrary
0x459304 FormatMessageA
0x459308 FindResourceA
0x45930c EnumCalendarInfoA
0x459310 EnterCriticalSection
0x459314 DeleteCriticalSection
0x459318 CreateThread
0x45931c CreateFileA
0x459320 CreateEventA
0x459324 CompareStringA
0x459328 CloseHandle
version.dll
0x459330 VerQueryValueA
0x459334 GetFileVersionInfoSizeA
0x459338 GetFileVersionInfoA
gdi32.dll
0x459340 UnrealizeObject
0x459344 StretchBlt
0x459348 SetWindowOrgEx
0x45934c SetViewportOrgEx
0x459350 SetTextColor
0x459354 SetStretchBltMode
0x459358 SetROP2
0x45935c SetPixel
0x459360 SetDIBColorTable
0x459364 SetBrushOrgEx
0x459368 SetBkMode
0x45936c SetBkColor
0x459370 SelectPalette
0x459374 SelectObject
0x459378 SaveDC
0x45937c RestoreDC
0x459380 RectVisible
0x459384 RealizePalette
0x459388 Polyline
0x45938c PatBlt
0x459390 MoveToEx
0x459394 MaskBlt
0x459398 LineTo
0x45939c IntersectClipRect
0x4593a0 GetWindowOrgEx
0x4593a4 GetTextMetricsA
0x4593a8 GetTextExtentPoint32A
0x4593ac GetSystemPaletteEntries
0x4593b0 GetStockObject
0x4593b4 GetPixel
0x4593b8 GetPaletteEntries
0x4593bc GetObjectA
0x4593c0 GetDeviceCaps
0x4593c4 GetDIBits
0x4593c8 GetDIBColorTable
0x4593cc GetDCOrgEx
0x4593d0 GetCurrentPositionEx
0x4593d4 GetClipBox
0x4593d8 GetBrushOrgEx
0x4593dc GetBitmapBits
0x4593e0 GdiFlush
0x4593e4 ExcludeClipRect
0x4593e8 DeleteObject
0x4593ec DeleteDC
0x4593f0 CreateSolidBrush
0x4593f4 CreatePenIndirect
0x4593f8 CreatePalette
0x4593fc CreateHalftonePalette
0x459400 CreateFontIndirectA
0x459404 CreateDIBitmap
0x459408 CreateDIBSection
0x45940c CreateCompatibleDC
0x459410 CreateCompatibleBitmap
0x459414 CreateBrushIndirect
0x459418 CreateBitmap
0x45941c BitBlt
user32.dll
0x459424 CreateWindowExA
0x459428 WindowFromPoint
0x45942c WinHelpA
0x459430 WaitMessage
0x459434 UpdateWindow
0x459438 UnregisterClassA
0x45943c UnhookWindowsHookEx
0x459440 TranslateMessage
0x459444 TranslateMDISysAccel
0x459448 TrackPopupMenu
0x45944c SystemParametersInfoA
0x459450 ShowWindow
0x459454 ShowScrollBar
0x459458 ShowOwnedPopups
0x45945c ShowCursor
0x459460 SetWindowsHookExA
0x459464 SetWindowTextA
0x459468 SetWindowPos
0x45946c SetWindowPlacement
0x459470 SetWindowLongA
0x459474 SetTimer
0x459478 SetScrollRange
0x45947c SetScrollPos
0x459480 SetScrollInfo
0x459484 SetRect
0x459488 SetPropA
0x45948c SetParent
0x459490 SetMenuItemInfoA
0x459494 SetMenu
0x459498 SetForegroundWindow
0x45949c SetFocus
0x4594a0 SetCursor
0x4594a4 SetClassLongA
0x4594a8 SetCapture
0x4594ac SetActiveWindow
0x4594b0 SendMessageA
0x4594b4 ScrollWindow
0x4594b8 ScreenToClient
0x4594bc RemovePropA
0x4594c0 RemoveMenu
0x4594c4 ReleaseDC
0x4594c8 ReleaseCapture
0x4594cc RegisterWindowMessageA
0x4594d0 RegisterClipboardFormatA
0x4594d4 RegisterClassA
0x4594d8 RedrawWindow
0x4594dc PtInRect
0x4594e0 PostQuitMessage
0x4594e4 PostMessageA
0x4594e8 PeekMessageA
0x4594ec OffsetRect
0x4594f0 OemToCharA
0x4594f4 MessageBoxA
0x4594f8 MapWindowPoints
0x4594fc MapVirtualKeyA
0x459500 LoadStringA
0x459504 LoadKeyboardLayoutA
0x459508 LoadIconA
0x45950c LoadCursorA
0x459510 LoadBitmapA
0x459514 KillTimer
0x459518 IsZoomed
0x45951c IsWindowVisible
0x459520 IsWindowEnabled
0x459524 IsWindow
0x459528 IsRectEmpty
0x45952c IsIconic
0x459530 IsDialogMessageA
0x459534 IsChild
0x459538 InvalidateRect
0x45953c IntersectRect
0x459540 InsertMenuItemA
0x459544 InsertMenuA
0x459548 InflateRect
0x45954c GetWindowThreadProcessId
0x459550 GetWindowTextA
0x459554 GetWindowRect
0x459558 GetWindowPlacement
0x45955c GetWindowLongA
0x459560 GetWindowDC
0x459564 GetTopWindow
0x459568 GetSystemMetrics
0x45956c GetSystemMenu
0x459570 GetSysColorBrush
0x459574 GetSysColor
0x459578 GetSubMenu
0x45957c GetScrollRange
0x459580 GetScrollPos
0x459584 GetScrollInfo
0x459588 GetPropA
0x45958c GetParent
0x459590 GetWindow
0x459594 GetMenuStringA
0x459598 GetMenuState
0x45959c GetMenuItemInfoA
0x4595a0 GetMenuItemID
0x4595a4 GetMenuItemCount
0x4595a8 GetMenu
0x4595ac GetLastActivePopup
0x4595b0 GetKeyboardState
0x4595b4 GetKeyboardLayoutList
0x4595b8 GetKeyboardLayout
0x4595bc GetKeyState
0x4595c0 GetKeyNameTextA
0x4595c4 GetIconInfo
0x4595c8 GetForegroundWindow
0x4595cc GetFocus
0x4595d0 GetDesktopWindow
0x4595d4 GetDCEx
0x4595d8 GetDC
0x4595dc GetCursorPos
0x4595e0 GetCursor
0x4595e4 GetClientRect
0x4595e8 GetClassNameA
0x4595ec GetClassInfoA
0x4595f0 GetCapture
0x4595f4 GetActiveWindow
0x4595f8 FrameRect
0x4595fc FindWindowA
0x459600 FillRect
0x459604 EqualRect
0x459608 EnumWindows
0x45960c EnumThreadWindows
0x459610 EndPaint
0x459614 EnableWindow
0x459618 EnableScrollBar
0x45961c EnableMenuItem
0x459620 DrawTextA
0x459624 DrawMenuBar
0x459628 DrawIconEx
0x45962c DrawIcon
0x459630 DrawFrameControl
0x459634 DrawEdge
0x459638 DispatchMessageA
0x45963c DestroyWindow
0x459640 DestroyMenu
0x459644 DestroyIcon
0x459648 DestroyCursor
0x45964c DeleteMenu
0x459650 DefWindowProcA
0x459654 DefMDIChildProcA
0x459658 DefFrameProcA
0x45965c CreatePopupMenu
0x459660 CreateMenu
0x459664 CreateIcon
0x459668 ClientToScreen
0x45966c CheckMenuItem
0x459670 CallWindowProcA
0x459674 CallNextHookEx
0x459678 BeginPaint
0x45967c CharNextA
0x459680 CharLowerA
0x459684 CharToOemA
0x459688 AdjustWindowRectEx
0x45968c ActivateKeyboardLayout
kernel32.dll
0x459694 Sleep
oleaut32.dll
0x45969c SafeArrayPtrOfIndex
0x4596a0 SafeArrayGetUBound
0x4596a4 SafeArrayGetLBound
0x4596a8 SafeArrayCreate
0x4596ac VariantChangeType
0x4596b0 VariantCopy
0x4596b4 VariantClear
0x4596b8 VariantInit
comctl32.dll
0x4596c0 ImageList_SetIconSize
0x4596c4 ImageList_GetIconSize
0x4596c8 ImageList_Write
0x4596cc ImageList_Read
0x4596d0 ImageList_GetDragImage
0x4596d4 ImageList_DragShowNolock
0x4596d8 ImageList_SetDragCursorImage
0x4596dc ImageList_DragMove
0x4596e0 ImageList_DragLeave
0x4596e4 ImageList_DragEnter
0x4596e8 ImageList_EndDrag
0x4596ec ImageList_BeginDrag
0x4596f0 ImageList_Remove
0x4596f4 ImageList_DrawEx
0x4596f8 ImageList_Draw
0x4596fc ImageList_GetBkColor
0x459700 ImageList_SetBkColor
0x459704 ImageList_ReplaceIcon
0x459708 ImageList_Add
0x45970c ImageList_SetImageCount
0x459710 ImageList_GetImageCount
0x459714 ImageList_Destroy
0x459718 ImageList_Create
advapi32.dll
0x459720 QueryServiceStatus
0x459724 OpenServiceA
0x459728 OpenSCManagerA
0x45972c CloseServiceHandle
winhttp
0x459734 WinHttpCrackUrl
EAT(Export Address Table) is none
kernel32.dll
0x459140 DeleteCriticalSection
0x459144 LeaveCriticalSection
0x459148 EnterCriticalSection
0x45914c InitializeCriticalSection
0x459150 VirtualFree
0x459154 VirtualAlloc
0x459158 LocalFree
0x45915c LocalAlloc
0x459160 GetTickCount
0x459164 QueryPerformanceCounter
0x459168 GetVersion
0x45916c GetCurrentThreadId
0x459170 InterlockedDecrement
0x459174 InterlockedIncrement
0x459178 VirtualQuery
0x45917c WideCharToMultiByte
0x459180 MultiByteToWideChar
0x459184 lstrlenA
0x459188 lstrcpynA
0x45918c LoadLibraryExA
0x459190 GetThreadLocale
0x459194 GetStartupInfoA
0x459198 GetProcAddress
0x45919c GetModuleHandleA
0x4591a0 GetModuleFileNameA
0x4591a4 GetLocaleInfoA
0x4591a8 GetCommandLineA
0x4591ac FreeLibrary
0x4591b0 FindFirstFileA
0x4591b4 FindClose
0x4591b8 ExitProcess
0x4591bc WriteFile
0x4591c0 UnhandledExceptionFilter
0x4591c4 RtlUnwind
0x4591c8 RaiseException
0x4591cc GetStdHandle
user32.dll
0x4591d4 GetKeyboardType
0x4591d8 LoadStringA
0x4591dc MessageBoxA
0x4591e0 CharNextA
advapi32.dll
0x4591e8 RegQueryValueExA
0x4591ec RegOpenKeyExA
0x4591f0 RegCloseKey
oleaut32.dll
0x4591f8 SysFreeString
0x4591fc SysReAllocStringLen
0x459200 SysAllocStringLen
kernel32.dll
0x459208 TlsSetValue
0x45920c TlsGetValue
0x459210 LocalAlloc
0x459214 GetModuleHandleA
advapi32.dll
0x45921c RegQueryValueExA
0x459220 RegOpenKeyExA
0x459224 RegCloseKey
kernel32.dll
0x45922c lstrcpyA
0x459230 WriteFile
0x459234 WaitForSingleObject
0x459238 VirtualQuery
0x45923c VirtualProtect
0x459240 VirtualAlloc
0x459244 Sleep
0x459248 SizeofResource
0x45924c SetThreadLocale
0x459250 SetFilePointer
0x459254 SetEvent
0x459258 SetErrorMode
0x45925c SetEndOfFile
0x459260 ResetEvent
0x459264 ReadFile
0x459268 MulDiv
0x45926c LockResource
0x459270 LoadResource
0x459274 LoadLibraryW
0x459278 LoadLibraryA
0x45927c LeaveCriticalSection
0x459280 InitializeCriticalSection
0x459284 GlobalUnlock
0x459288 GlobalReAlloc
0x45928c GlobalHandle
0x459290 GlobalLock
0x459294 GlobalFree
0x459298 GlobalFindAtomA
0x45929c GlobalDeleteAtom
0x4592a0 GlobalAlloc
0x4592a4 GlobalAddAtomA
0x4592a8 GetVersionExA
0x4592ac GetVersion
0x4592b0 GetTickCount
0x4592b4 GetThreadLocale
0x4592b8 GetSystemInfo
0x4592bc GetStringTypeExA
0x4592c0 GetStdHandle
0x4592c4 GetProcAddress
0x4592c8 GetModuleHandleA
0x4592cc GetModuleFileNameA
0x4592d0 GetLocaleInfoA
0x4592d4 GetLocalTime
0x4592d8 GetLastError
0x4592dc GetFullPathNameA
0x4592e0 GetDiskFreeSpaceA
0x4592e4 GetDateFormatA
0x4592e8 GetCurrentThreadId
0x4592ec GetCurrentProcessId
0x4592f0 GetCPInfo
0x4592f4 GetACP
0x4592f8 FreeResource
0x4592fc InterlockedExchange
0x459300 FreeLibrary
0x459304 FormatMessageA
0x459308 FindResourceA
0x45930c EnumCalendarInfoA
0x459310 EnterCriticalSection
0x459314 DeleteCriticalSection
0x459318 CreateThread
0x45931c CreateFileA
0x459320 CreateEventA
0x459324 CompareStringA
0x459328 CloseHandle
version.dll
0x459330 VerQueryValueA
0x459334 GetFileVersionInfoSizeA
0x459338 GetFileVersionInfoA
gdi32.dll
0x459340 UnrealizeObject
0x459344 StretchBlt
0x459348 SetWindowOrgEx
0x45934c SetViewportOrgEx
0x459350 SetTextColor
0x459354 SetStretchBltMode
0x459358 SetROP2
0x45935c SetPixel
0x459360 SetDIBColorTable
0x459364 SetBrushOrgEx
0x459368 SetBkMode
0x45936c SetBkColor
0x459370 SelectPalette
0x459374 SelectObject
0x459378 SaveDC
0x45937c RestoreDC
0x459380 RectVisible
0x459384 RealizePalette
0x459388 Polyline
0x45938c PatBlt
0x459390 MoveToEx
0x459394 MaskBlt
0x459398 LineTo
0x45939c IntersectClipRect
0x4593a0 GetWindowOrgEx
0x4593a4 GetTextMetricsA
0x4593a8 GetTextExtentPoint32A
0x4593ac GetSystemPaletteEntries
0x4593b0 GetStockObject
0x4593b4 GetPixel
0x4593b8 GetPaletteEntries
0x4593bc GetObjectA
0x4593c0 GetDeviceCaps
0x4593c4 GetDIBits
0x4593c8 GetDIBColorTable
0x4593cc GetDCOrgEx
0x4593d0 GetCurrentPositionEx
0x4593d4 GetClipBox
0x4593d8 GetBrushOrgEx
0x4593dc GetBitmapBits
0x4593e0 GdiFlush
0x4593e4 ExcludeClipRect
0x4593e8 DeleteObject
0x4593ec DeleteDC
0x4593f0 CreateSolidBrush
0x4593f4 CreatePenIndirect
0x4593f8 CreatePalette
0x4593fc CreateHalftonePalette
0x459400 CreateFontIndirectA
0x459404 CreateDIBitmap
0x459408 CreateDIBSection
0x45940c CreateCompatibleDC
0x459410 CreateCompatibleBitmap
0x459414 CreateBrushIndirect
0x459418 CreateBitmap
0x45941c BitBlt
user32.dll
0x459424 CreateWindowExA
0x459428 WindowFromPoint
0x45942c WinHelpA
0x459430 WaitMessage
0x459434 UpdateWindow
0x459438 UnregisterClassA
0x45943c UnhookWindowsHookEx
0x459440 TranslateMessage
0x459444 TranslateMDISysAccel
0x459448 TrackPopupMenu
0x45944c SystemParametersInfoA
0x459450 ShowWindow
0x459454 ShowScrollBar
0x459458 ShowOwnedPopups
0x45945c ShowCursor
0x459460 SetWindowsHookExA
0x459464 SetWindowTextA
0x459468 SetWindowPos
0x45946c SetWindowPlacement
0x459470 SetWindowLongA
0x459474 SetTimer
0x459478 SetScrollRange
0x45947c SetScrollPos
0x459480 SetScrollInfo
0x459484 SetRect
0x459488 SetPropA
0x45948c SetParent
0x459490 SetMenuItemInfoA
0x459494 SetMenu
0x459498 SetForegroundWindow
0x45949c SetFocus
0x4594a0 SetCursor
0x4594a4 SetClassLongA
0x4594a8 SetCapture
0x4594ac SetActiveWindow
0x4594b0 SendMessageA
0x4594b4 ScrollWindow
0x4594b8 ScreenToClient
0x4594bc RemovePropA
0x4594c0 RemoveMenu
0x4594c4 ReleaseDC
0x4594c8 ReleaseCapture
0x4594cc RegisterWindowMessageA
0x4594d0 RegisterClipboardFormatA
0x4594d4 RegisterClassA
0x4594d8 RedrawWindow
0x4594dc PtInRect
0x4594e0 PostQuitMessage
0x4594e4 PostMessageA
0x4594e8 PeekMessageA
0x4594ec OffsetRect
0x4594f0 OemToCharA
0x4594f4 MessageBoxA
0x4594f8 MapWindowPoints
0x4594fc MapVirtualKeyA
0x459500 LoadStringA
0x459504 LoadKeyboardLayoutA
0x459508 LoadIconA
0x45950c LoadCursorA
0x459510 LoadBitmapA
0x459514 KillTimer
0x459518 IsZoomed
0x45951c IsWindowVisible
0x459520 IsWindowEnabled
0x459524 IsWindow
0x459528 IsRectEmpty
0x45952c IsIconic
0x459530 IsDialogMessageA
0x459534 IsChild
0x459538 InvalidateRect
0x45953c IntersectRect
0x459540 InsertMenuItemA
0x459544 InsertMenuA
0x459548 InflateRect
0x45954c GetWindowThreadProcessId
0x459550 GetWindowTextA
0x459554 GetWindowRect
0x459558 GetWindowPlacement
0x45955c GetWindowLongA
0x459560 GetWindowDC
0x459564 GetTopWindow
0x459568 GetSystemMetrics
0x45956c GetSystemMenu
0x459570 GetSysColorBrush
0x459574 GetSysColor
0x459578 GetSubMenu
0x45957c GetScrollRange
0x459580 GetScrollPos
0x459584 GetScrollInfo
0x459588 GetPropA
0x45958c GetParent
0x459590 GetWindow
0x459594 GetMenuStringA
0x459598 GetMenuState
0x45959c GetMenuItemInfoA
0x4595a0 GetMenuItemID
0x4595a4 GetMenuItemCount
0x4595a8 GetMenu
0x4595ac GetLastActivePopup
0x4595b0 GetKeyboardState
0x4595b4 GetKeyboardLayoutList
0x4595b8 GetKeyboardLayout
0x4595bc GetKeyState
0x4595c0 GetKeyNameTextA
0x4595c4 GetIconInfo
0x4595c8 GetForegroundWindow
0x4595cc GetFocus
0x4595d0 GetDesktopWindow
0x4595d4 GetDCEx
0x4595d8 GetDC
0x4595dc GetCursorPos
0x4595e0 GetCursor
0x4595e4 GetClientRect
0x4595e8 GetClassNameA
0x4595ec GetClassInfoA
0x4595f0 GetCapture
0x4595f4 GetActiveWindow
0x4595f8 FrameRect
0x4595fc FindWindowA
0x459600 FillRect
0x459604 EqualRect
0x459608 EnumWindows
0x45960c EnumThreadWindows
0x459610 EndPaint
0x459614 EnableWindow
0x459618 EnableScrollBar
0x45961c EnableMenuItem
0x459620 DrawTextA
0x459624 DrawMenuBar
0x459628 DrawIconEx
0x45962c DrawIcon
0x459630 DrawFrameControl
0x459634 DrawEdge
0x459638 DispatchMessageA
0x45963c DestroyWindow
0x459640 DestroyMenu
0x459644 DestroyIcon
0x459648 DestroyCursor
0x45964c DeleteMenu
0x459650 DefWindowProcA
0x459654 DefMDIChildProcA
0x459658 DefFrameProcA
0x45965c CreatePopupMenu
0x459660 CreateMenu
0x459664 CreateIcon
0x459668 ClientToScreen
0x45966c CheckMenuItem
0x459670 CallWindowProcA
0x459674 CallNextHookEx
0x459678 BeginPaint
0x45967c CharNextA
0x459680 CharLowerA
0x459684 CharToOemA
0x459688 AdjustWindowRectEx
0x45968c ActivateKeyboardLayout
kernel32.dll
0x459694 Sleep
oleaut32.dll
0x45969c SafeArrayPtrOfIndex
0x4596a0 SafeArrayGetUBound
0x4596a4 SafeArrayGetLBound
0x4596a8 SafeArrayCreate
0x4596ac VariantChangeType
0x4596b0 VariantCopy
0x4596b4 VariantClear
0x4596b8 VariantInit
comctl32.dll
0x4596c0 ImageList_SetIconSize
0x4596c4 ImageList_GetIconSize
0x4596c8 ImageList_Write
0x4596cc ImageList_Read
0x4596d0 ImageList_GetDragImage
0x4596d4 ImageList_DragShowNolock
0x4596d8 ImageList_SetDragCursorImage
0x4596dc ImageList_DragMove
0x4596e0 ImageList_DragLeave
0x4596e4 ImageList_DragEnter
0x4596e8 ImageList_EndDrag
0x4596ec ImageList_BeginDrag
0x4596f0 ImageList_Remove
0x4596f4 ImageList_DrawEx
0x4596f8 ImageList_Draw
0x4596fc ImageList_GetBkColor
0x459700 ImageList_SetBkColor
0x459704 ImageList_ReplaceIcon
0x459708 ImageList_Add
0x45970c ImageList_SetImageCount
0x459710 ImageList_GetImageCount
0x459714 ImageList_Destroy
0x459718 ImageList_Create
advapi32.dll
0x459720 QueryServiceStatus
0x459724 OpenServiceA
0x459728 OpenSCManagerA
0x45972c CloseServiceHandle
winhttp
0x459734 WinHttpCrackUrl
EAT(Export Address Table) is none