ScreenShot
| Created | 2021.11.12 11:10 | Machine | s1_win7_x6403 |
| Filename | uqiwang.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 18 detected (malicious, high confidence, Ursu, HCVX, TrojanX, Artemis, ai score=71, ET#79%, RDMK, cmRtazoBoUbMjPfl2fAL5jRRUXuB, Unsafe, Score, 100%) | ||
| md5 | 2fa17055cbe751f03a57d8b8ec3c6cd4 | ||
| sha256 | a6c9370b43fdff11eae35f61bc7d8f89ab817685a6157359eaf52496fcc949a2 | ||
| ssdeep | 393216:ejVFxACaeIi4i3B57+vyYTnrcbshWgQnzlFp1F5x2oWX2u7/:ejTISxknrcbshZUj/7WX2I | ||
| imphash | 52327f154b8be2af32817774d04f7824 | ||
| impfuzzy | 192:0shy3eEn4LaY3wChUADWSBNU+4XBccTcoSFgp3PQ00hYLC:0sha3E3wCTU0m4Q3PQ0+YLC | ||
Network IP location
Signature (33cnts)
| Level | Description |
|---|---|
| watch | Deletes executed files from disk |
| watch | File has been identified by 18 AntiVirus engines on VirusTotal as malicious |
| watch | Queries information on disks |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | A process attempted to delay the analysis task. |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Communication to multiple IPs on high port numbers possibly indicative of a peer-to-peer (P2P) or non-standard command and control protocol |
| notice | Creates a shortcut to an executable file |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Drops a binary and executes it |
| notice | Executes one or more WMI queries |
| notice | Executes one or more WMI queries which can be used to identify virtual machines |
| notice | Foreign language identified in PE resource |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Queries for potentially installed applications |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | Sends data using the HTTP POST Method |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | The executable is likely packed with VMProtect |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Command line console output was observed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (38cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (download) |
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | ASPack_Zero | ASPack packed file | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | MPRESS_Zero | MPRESS packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| watch | VMProtect_Zero | VMProtect packed file | binaries (download) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (download) |
| notice | Escalate_priviledges | Escalate priviledges | memory |
| notice | KeyLogger | Run a KeyLogger | memory |
| notice | Network_TCP_Socket | Communications over RAW Socket | memory |
| notice | ScreenShot | Take ScreenShot | memory |
| info | anti_dbg | Checks if being debugged | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (download) |
| info | Lnk_Format_Zero | LNK Format | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
| info | win_hook | Affect hook table | memory |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (download) |
Network (26cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x72d188 GetFileSizeEx
0x72d18c GetFileTime
0x72d190 SetFileAttributesW
0x72d194 GetCommandLineW
0x72d198 RtlUnwind
0x72d19c ExitProcess
0x72d1a0 GetModuleHandleExW
0x72d1a4 AreFileApisANSI
0x72d1a8 ExitThread
0x72d1ac IsDebuggerPresent
0x72d1b0 IsProcessorFeaturePresent
0x72d1b4 HeapQueryInformation
0x72d1b8 GetStdHandle
0x72d1bc GetFileType
0x72d1c0 GetStartupInfoW
0x72d1c4 QueryPerformanceCounter
0x72d1c8 GetSystemTimeAsFileTime
0x72d1cc GetEnvironmentStringsW
0x72d1d0 FreeEnvironmentStringsW
0x72d1d4 UnhandledExceptionFilter
0x72d1d8 SetUnhandledExceptionFilter
0x72d1dc Sleep
0x72d1e0 TerminateProcess
0x72d1e4 GetTickCount
0x72d1e8 IsValidCodePage
0x72d1ec GetOEMCP
0x72d1f0 GetCPInfo
0x72d1f4 GetTimeZoneInformation
0x72d1f8 OutputDebugStringW
0x72d1fc GetDateFormatW
0x72d200 GetTimeFormatW
0x72d204 LCMapStringW
0x72d208 IsValidLocale
0x72d20c GetUserDefaultLCID
0x72d210 EnumSystemLocalesW
0x72d214 GetConsoleCP
0x72d218 GetConsoleMode
0x72d21c SetFilePointerEx
0x72d220 GetStringTypeW
0x72d224 SetStdHandle
0x72d228 WriteConsoleW
0x72d22c ReadConsoleW
0x72d230 SetEnvironmentVariableA
0x72d234 GetSystemDefaultLangID
0x72d238 GetTempFileNameW
0x72d23c CreateFileA
0x72d240 MapViewOfFile
0x72d244 UnmapViewOfFile
0x72d248 GetDriveTypeW
0x72d24c GetLogicalDrives
0x72d250 GetSystemDefaultLCID
0x72d254 GetSystemPowerStatus
0x72d258 GetSystemDirectoryA
0x72d25c CreateFileMappingW
0x72d260 QueryDosDeviceW
0x72d264 GetSystemInfo
0x72d268 GetTempPathA
0x72d26c FindResourceA
0x72d270 MoveFileExW
0x72d274 GetLogicalDriveStringsW
0x72d278 OpenProcess
0x72d27c Process32FirstW
0x72d280 GetProcessId
0x72d284 Process32NextW
0x72d288 CreateToolhelp32Snapshot
0x72d28c OpenFile
0x72d290 SystemTimeToTzSpecificLocalTime
0x72d294 CreateDirectoryW
0x72d298 GetDriveTypeA
0x72d29c GetFileAttributesA
0x72d2a0 FindFirstFileA
0x72d2a4 RemoveDirectoryW
0x72d2a8 FindNextFileW
0x72d2ac FindVolumeClose
0x72d2b0 SetVolumeMountPointW
0x72d2b4 GetVolumeInformationA
0x72d2b8 DeleteVolumeMountPointW
0x72d2bc FindNextVolumeW
0x72d2c0 GetVolumePathNamesForVolumeNameW
0x72d2c4 DefineDosDeviceW
0x72d2c8 SetVolumeLabelW
0x72d2cc DeviceIoControl
0x72d2d0 GetDiskFreeSpaceExA
0x72d2d4 GetDiskFreeSpaceExW
0x72d2d8 FindFirstVolumeW
0x72d2dc GetVolumeNameForVolumeMountPointW
0x72d2e0 GetLocalTime
0x72d2e4 PeekNamedPipe
0x72d2e8 GetExitCodeProcess
0x72d2ec CreatePipe
0x72d2f0 lstrlenW
0x72d2f4 CreateProcessW
0x72d2f8 TryEnterCriticalSection
0x72d2fc InterlockedCompareExchange
0x72d300 GetFileAttributesExW
0x72d304 InterlockedDecrement
0x72d308 GetLogicalDriveStringsA
0x72d30c lstrlenA
0x72d310 WaitForMultipleObjects
0x72d314 GetExitCodeThread
0x72d318 DeleteFileA
0x72d31c GetSystemTime
0x72d320 GetVersionExA
0x72d324 GetDiskFreeSpaceA
0x72d328 CreateFileMappingA
0x72d32c GetDiskFreeSpaceW
0x72d330 LockFileEx
0x72d334 HeapValidate
0x72d338 HeapCreate
0x72d33c FormatMessageA
0x72d340 UnlockFileEx
0x72d344 WaitForSingleObjectEx
0x72d348 FlushViewOfFile
0x72d34c HeapCompact
0x72d350 CreateMutexW
0x72d354 GetPrivateProfileSectionW
0x72d358 GetPrivateProfileSectionNamesW
0x72d35c CopyFileExW
0x72d360 GetFullPathNameA
0x72d364 GetFileInformationByHandle
0x72d368 VirtualQuery
0x72d36c VirtualProtect
0x72d370 VirtualAlloc
0x72d374 FindFirstFileExW
0x72d378 GetFileAttributesW
0x72d37c FileTimeToLocalFileTime
0x72d380 SetErrorMode
0x72d384 SystemTimeToFileTime
0x72d388 FileTimeToSystemTime
0x72d38c lstrcmpiW
0x72d390 GetCurrentProcess
0x72d394 DuplicateHandle
0x72d398 WriteFile
0x72d39c UnlockFile
0x72d3a0 SetFilePointer
0x72d3a4 SetEndOfFile
0x72d3a8 ReadFile
0x72d3ac LockFile
0x72d3b0 GetVolumeInformationW
0x72d3b4 GetFullPathNameW
0x72d3b8 GetFileSize
0x72d3bc FlushFileBuffers
0x72d3c0 FindFirstFileW
0x72d3c4 FindClose
0x72d3c8 CreateFileW
0x72d3cc DeleteFileW
0x72d3d0 GlobalFlags
0x72d3d4 GetUserDefaultUILanguage
0x72d3d8 GetSystemDefaultUILanguage
0x72d3dc GetLocaleInfoW
0x72d3e0 CompareStringW
0x72d3e4 GetCurrentDirectoryW
0x72d3e8 LocalReAlloc
0x72d3ec LocalAlloc
0x72d3f0 GlobalHandle
0x72d3f4 GlobalReAlloc
0x72d3f8 TlsFree
0x72d3fc TlsSetValue
0x72d400 TlsGetValue
0x72d404 TlsAlloc
0x72d408 InitializeCriticalSection
0x72d40c CopyFileW
0x72d410 FormatMessageW
0x72d414 MulDiv
0x72d418 LocalFree
0x72d41c GlobalSize
0x72d420 WritePrivateProfileStringW
0x72d424 GetPrivateProfileStringW
0x72d428 GetPrivateProfileIntW
0x72d42c CreateEventW
0x72d430 SetEvent
0x72d434 GlobalUnlock
0x72d438 GlobalFindAtomW
0x72d43c GlobalAddAtomW
0x72d440 LoadLibraryA
0x72d444 FreeResource
0x72d448 GetSystemDirectoryW
0x72d44c LeaveCriticalSection
0x72d450 EnterCriticalSection
0x72d454 EncodePointer
0x72d458 FindResourceW
0x72d45c lstrcmpW
0x72d460 lstrcmpA
0x72d464 GlobalDeleteAtom
0x72d468 GlobalLock
0x72d46c GlobalAlloc
0x72d470 SizeofResource
0x72d474 LockResource
0x72d478 LoadResource
0x72d47c LoadLibraryExW
0x72d480 FreeLibrary
0x72d484 GetVersionExW
0x72d488 GetCurrentThreadId
0x72d48c GetCurrentThread
0x72d490 LoadLibraryW
0x72d494 GetProcAddress
0x72d498 GetModuleHandleA
0x72d49c GetModuleFileNameW
0x72d4a0 SetLastError
0x72d4a4 OutputDebugStringA
0x72d4a8 GetACP
0x72d4ac WideCharToMultiByte
0x72d4b0 MultiByteToWideChar
0x72d4b4 InterlockedExchange
0x72d4b8 GetThreadTimes
0x72d4bc InitializeSListHead
0x72d4c0 HeapReAlloc
0x72d4c4 GetCurrentProcessId
0x72d4c8 CreateThread
0x72d4cc CloseHandle
0x72d4d0 WaitForSingleObject
0x72d4d4 GlobalFree
0x72d4d8 GetModuleHandleW
0x72d4dc DeleteCriticalSection
0x72d4e0 DecodePointer
0x72d4e4 HeapSize
0x72d4e8 GetLastError
0x72d4ec RaiseException
0x72d4f0 HeapDestroy
0x72d4f4 InitializeCriticalSectionAndSpinCount
0x72d4f8 GetProcessHeap
0x72d4fc HeapFree
0x72d500 HeapAlloc
0x72d504 GetTempPathW
USER32.dll
0x72d5d8 MessageBoxW
0x72d5dc SetRect
0x72d5e0 OffsetRect
0x72d5e4 EqualRect
0x72d5e8 CopyRect
0x72d5ec GetSysColor
0x72d5f0 MapWindowPoints
0x72d5f4 ScreenToClient
0x72d5f8 AdjustWindowRectEx
0x72d5fc GetWindowRect
0x72d600 GetClientRect
0x72d604 GetWindowTextW
0x72d608 RemovePropW
0x72d60c GetPropW
0x72d610 SetPropW
0x72d614 ValidateRect
0x72d618 GetForegroundWindow
0x72d61c SetActiveWindow
0x72d620 UpdateWindow
0x72d624 MonitorFromWindow
0x72d628 GetMonitorInfoW
0x72d62c CreateDialogIndirectParamW
0x72d630 EndDialog
0x72d634 GetNextDlgTabItem
0x72d638 GetActiveWindow
0x72d63c IsWindowEnabled
0x72d640 GetDesktopWindow
0x72d644 CheckMenuItem
0x72d648 EnableMenuItem
0x72d64c SetMenuItemBitmaps
0x72d650 GetMenuCheckMarkDimensions
0x72d654 SetMenuItemInfoW
0x72d658 LoadBitmapW
0x72d65c GetMessageW
0x72d660 TranslateMessage
0x72d664 GetCursorPos
0x72d668 SetCursor
0x72d66c GetWindowThreadProcessId
0x72d670 PostMessageW
0x72d674 ShowWindow
0x72d678 SetForegroundWindow
0x72d67c KillTimer
0x72d680 SetTimer
0x72d684 SendMessageW
0x72d688 LoadIconW
0x72d68c GetClassInfoW
0x72d690 UnregisterClassW
0x72d694 PtInRect
0x72d698 GetWindowLongW
0x72d69c SetWindowLongW
0x72d6a0 GetClassLongW
0x72d6a4 GetClassNameW
0x72d6a8 MoveWindow
0x72d6ac GetTopWindow
0x72d6b0 GetLastActivePopup
0x72d6b4 UnionRect
0x72d6b8 GetCaretPos
0x72d6bc SetWindowRgn
0x72d6c0 IsZoomed
0x72d6c4 UpdateLayeredWindow
0x72d6c8 SetCaretPos
0x72d6cc HideCaret
0x72d6d0 CreateCaret
0x72d6d4 DestroyCaret
0x72d6d8 CloseWindow
0x72d6dc GetWindowRgn
0x72d6e0 RegisterClassExW
0x72d6e4 GetClassNameA
0x72d6e8 SendMessageA
0x72d6ec wsprintfW
0x72d6f0 CloseClipboard
0x72d6f4 EnumWindows
0x72d6f8 GetAsyncKeyState
0x72d6fc GetClipboardData
0x72d700 GetMenuItemCount
0x72d704 GetMenuItemID
0x72d708 GetWindow
0x72d70c SetWindowsHookExW
0x72d710 CallNextHookEx
0x72d714 EnableWindow
0x72d718 SetWindowTextW
0x72d71c EmptyClipboard
0x72d720 IsDialogMessageW
0x72d724 DrawTextW
0x72d728 SetClipboardData
0x72d72c DrawTextExW
0x72d730 GrayStringW
0x72d734 TabbedTextOutW
0x72d738 CreateDesktopW
0x72d73c CloseDesktop
0x72d740 GetDC
0x72d744 GetWindowDC
0x72d748 ReleaseDC
0x72d74c BeginPaint
0x72d750 EndPaint
0x72d754 ClientToScreen
0x72d758 SetCapture
0x72d75c ReleaseCapture
0x72d760 WindowFromPoint
0x72d764 LoadCursorW
0x72d768 SystemParametersInfoW
0x72d76c RealChildWindowFromPoint
0x72d770 InvalidateRect
0x72d774 GetSystemMetrics
0x72d778 DestroyMenu
0x72d77c GetSysColorBrush
0x72d780 IsIconic
0x72d784 DestroyIcon
0x72d788 CharUpperW
0x72d78c IntersectRect
0x72d790 WinHelpW
0x72d794 OpenClipboard
0x72d798 RedrawWindow
0x72d79c SendDlgItemMessageA
0x72d7a0 GetParent
0x72d7a4 PostQuitMessage
0x72d7a8 UnhookWindowsHookEx
0x72d7ac RegisterWindowMessageW
0x72d7b0 DispatchMessageW
0x72d7b4 PeekMessageW
0x72d7b8 GetMessagePos
0x72d7bc GetMessageTime
0x72d7c0 DefWindowProcW
0x72d7c4 CallWindowProcW
0x72d7c8 RegisterClassW
0x72d7cc GetClassInfoExW
0x72d7d0 CreateWindowExW
0x72d7d4 IsWindow
0x72d7d8 DestroyWindow
0x72d7dc SetWindowPos
0x72d7e0 GetWindowPlacement
0x72d7e4 IsWindowVisible
0x72d7e8 GetDlgItem
0x72d7ec GetSubMenu
0x72d7f0 SetMenu
0x72d7f4 GetMenu
0x72d7f8 GetCapture
0x72d7fc GetKeyState
0x72d800 GetFocus
0x72d804 GetDlgCtrlID
0x72d808 SetFocus
GDI32.dll
0x72d0ac SetMapMode
0x72d0b0 SetBkMode
0x72d0b4 SelectObject
0x72d0b8 SaveDC
0x72d0bc GetObjectW
0x72d0c0 RestoreDC
0x72d0c4 RectVisible
0x72d0c8 PtVisible
0x72d0cc EnumFontFamiliesExW
0x72d0d0 GetFontData
0x72d0d4 MoveToEx
0x72d0d8 TextOutW
0x72d0dc ExtTextOutW
0x72d0e0 SetViewportExtEx
0x72d0e4 SetViewportOrgEx
0x72d0e8 SetWindowExtEx
0x72d0ec OffsetViewportOrgEx
0x72d0f0 ScaleViewportExtEx
0x72d0f4 ScaleWindowExtEx
0x72d0f8 GetTextExtentPoint32W
0x72d0fc CreateCompatibleBitmap
0x72d100 CreateFontW
0x72d104 GetDIBits
0x72d108 CreateDIBSection
0x72d10c PtInRegion
0x72d110 CreatePolygonRgn
0x72d114 FillRgn
0x72d118 CreateRoundRectRgn
0x72d11c GetBitmapBits
0x72d120 SetBitmapBits
0x72d124 SetPixel
0x72d128 LineTo
0x72d12c GetClipBox
0x72d130 Escape
0x72d134 DeleteObject
0x72d138 DeleteDC
0x72d13c CreateSolidBrush
0x72d140 CreateRectRgn
0x72d144 CreatePen
0x72d148 CreateCompatibleDC
0x72d14c BitBlt
0x72d150 GetDeviceCaps
0x72d154 CreateBitmap
0x72d158 SetTextColor
0x72d15c GetStockObject
0x72d160 SetBkColor
SHELL32.dll
0x72d578 ShellExecuteExW
0x72d57c DragAcceptFiles
0x72d580 None
0x72d584 SHGetPathFromIDListA
0x72d588 SHGetMalloc
0x72d58c SHGetSpecialFolderLocation
0x72d590 SHGetSpecialFolderPathA
0x72d594 ShellExecuteW
0x72d598 DragQueryFileW
0x72d59c SHGetFileInfoW
SHLWAPI.dll
0x72d5a4 PathIsRootW
0x72d5a8 PathIsDirectoryW
0x72d5ac PathFileExistsA
0x72d5b0 PathCanonicalizeW
0x72d5b4 PathIsRootA
0x72d5b8 UrlUnescapeW
0x72d5bc PathStripToRootW
0x72d5c0 PathIsUNCW
0x72d5c4 PathRemoveFileSpecW
0x72d5c8 PathFindFileNameW
0x72d5cc PathFindExtensionW
0x72d5d0 PathFileExistsW
OLEACC.dll
0x72d514 CreateStdAccessibleObject
0x72d518 LresultFromObject
VERSION.dll
0x72d810 GetFileVersionInfoSizeW
0x72d814 VerQueryValueW
0x72d818 GetFileVersionInfoW
imagehlp.dll
0x72d9d4 MakeSureDirectoryPathExists
WINMM.dll
0x72d87c timeGetDevCaps
0x72d880 timeKillEvent
0x72d884 timeSetEvent
WINSPOOL.DRV
0x72d88c OpenPrinterW
0x72d890 DocumentPropertiesW
0x72d894 ClosePrinter
ADVAPI32.dll
0x72d000 RegQueryValueExW
0x72d004 UnlockServiceDatabase
0x72d008 AdjustTokenPrivileges
0x72d00c LookupPrivilegeValueW
0x72d010 LookupAccountNameW
0x72d014 GetSidSubAuthorityCount
0x72d018 GetUserNameW
0x72d01c GetSidSubAuthority
0x72d020 OpenProcessToken
0x72d024 GetSidIdentifierAuthority
0x72d028 RegEnumValueW
0x72d02c RegQueryValueW
0x72d030 RegEnumKeyW
0x72d034 RegSetValueExW
0x72d038 RegDeleteValueW
0x72d03c RegDeleteKeyW
0x72d040 RegCreateKeyExW
0x72d044 ControlService
0x72d048 RegOpenKeyExW
0x72d04c RegCloseKey
0x72d050 ChangeServiceConfigW
0x72d054 RegQueryInfoKeyW
0x72d058 RegQueryValueExA
0x72d05c RegOpenKeyExA
0x72d060 ImpersonateLoggedOnUser
0x72d064 RevertToSelf
0x72d068 LsaOpenPolicy
0x72d06c LsaClose
0x72d070 LsaNtStatusToWinError
0x72d074 LsaRetrievePrivateData
0x72d078 LsaFreeMemory
0x72d07c CloseServiceHandle
0x72d080 OpenSCManagerW
0x72d084 OpenServiceW
0x72d088 LockServiceDatabase
0x72d08c StartServiceW
0x72d090 QueryServiceStatus
ole32.dll
0x72d9dc CoSetProxyBlanket
0x72d9e0 CoInitializeSecurity
0x72d9e4 CoTaskMemFree
0x72d9e8 CoInitializeEx
0x72d9ec CoInitialize
0x72d9f0 CoCreateInstance
0x72d9f4 CoCreateGuid
0x72d9f8 CoUninitialize
0x72d9fc OleSetContainedObject
0x72da00 CreateStreamOnHGlobal
OLEAUT32.dll
0x72d520 VarDateFromStr
0x72d524 VariantTimeToSystemTime
0x72d528 VariantChangeType
0x72d52c VariantClear
0x72d530 VariantInit
0x72d534 SysAllocString
0x72d538 SysFreeString
MSIMG32.dll
0x72d50c AlphaBlend
COMCTL32.dll
0x72d098 _TrackMouseEvent
SETUPAPI.dll
0x72d550 SetupDiGetDeviceRegistryPropertyW
0x72d554 CM_Get_Device_IDA
0x72d558 CM_Get_Parent
0x72d55c SetupDiDestroyDeviceInfoList
0x72d560 SetupDiGetDeviceInterfaceDetailW
0x72d564 SetupDiEnumDeviceInterfaces
0x72d568 SetupDiGetDeviceRegistryPropertyA
0x72d56c SetupDiEnumDeviceInfo
0x72d570 SetupDiGetClassDevsW
gdiplus.dll
0x72d8f8 GdipDisposeImage
0x72d8fc GdipCloneImage
0x72d900 GdipAlloc
0x72d904 GdipFree
0x72d908 GdipCreateBitmapFromHBITMAP
0x72d90c GdiplusShutdown
0x72d910 GdiplusStartup
0x72d914 GdipDeleteGraphics
0x72d918 GdipCreateFromHDC
0x72d91c GdipCreateBitmapFromFile
0x72d920 GdipGetImageHeight
0x72d924 GdipGetImageWidth
0x72d928 GdipCreateBitmapFromScan0
0x72d92c GdipGetImageEncodersSize
0x72d930 GdipGetImageEncoders
0x72d934 GdipSaveImageToFile
0x72d938 GdipLoadImageFromStream
0x72d93c GdipSetSmoothingMode
0x72d940 GdipCreateSolidFill
0x72d944 GdipDeleteBrush
0x72d948 GdipResetPath
0x72d94c GdipFillPath
0x72d950 GdipCreatePen1
0x72d954 GdipDeletePen
0x72d958 GdipDrawPath
0x72d95c GdipDeletePath
0x72d960 GdipSetPenDashStyle
0x72d964 GdipDrawLineI
0x72d968 GdipCreateFontFamilyFromName
0x72d96c GdipDeleteFontFamily
0x72d970 GdipCreateFont
0x72d974 GdipDeleteFont
0x72d978 GdipCreateStringFormat
0x72d97c GdipDeleteStringFormat
0x72d980 GdipSetStringFormatAlign
0x72d984 GdipSetStringFormatLineAlign
0x72d988 GdipSetTextRenderingHint
0x72d98c GdipDrawString
0x72d990 GdipAddPathEllipseI
0x72d994 GdipAddPathRectangleI
0x72d998 GdipSetClipPath
0x72d99c GdipResetClip
0x72d9a0 GdipImageGetFrameDimensionsCount
0x72d9a4 GdipImageSelectActiveFrame
0x72d9a8 GdipImageGetFrameDimensionsList
0x72d9ac GdipImageGetFrameCount
0x72d9b0 GdipGetPropertyItemSize
0x72d9b4 GdipGetPropertyItem
0x72d9b8 GdipCreatePath
0x72d9bc GdipAddPathArcI
0x72d9c0 GdipAddPathLineI
0x72d9c4 GdipClosePathFigure
0x72d9c8 GdipCreateHBITMAPFromBitmap
0x72d9cc GdipDrawImageRectRect
IMM32.dll
0x72d168 ImmAssociateContext
0x72d16c ImmDestroyContext
0x72d170 ImmGetContext
0x72d174 ImmSetCompositionWindow
0x72d178 ImmReleaseContext
WS2_32.dll
0x72d89c connect
0x72d8a0 socket
0x72d8a4 send
0x72d8a8 WSAStartup
0x72d8ac select
0x72d8b0 WSAGetLastError
0x72d8b4 shutdown
0x72d8b8 setsockopt
0x72d8bc WSACleanup
0x72d8c0 ioctlsocket
0x72d8c4 inet_addr
0x72d8c8 gethostbyname
0x72d8cc closesocket
0x72d8d0 recv
0x72d8d4 htons
IPHLPAPI.DLL
0x72d180 GetAdaptersInfo
WININET.dll
0x72d82c InternetSetStatusCallbackW
0x72d830 InternetGetLastResponseInfoW
0x72d834 InternetSetOptionExW
0x72d838 HttpOpenRequestW
0x72d83c InternetQueryDataAvailable
0x72d840 InternetWriteFile
0x72d844 InternetSetFilePointer
0x72d848 InternetReadFile
0x72d84c InternetConnectW
0x72d850 InternetCloseHandle
0x72d854 InternetOpenW
0x72d858 InternetCanonicalizeUrlW
0x72d85c InternetCrackUrlW
0x72d860 HttpAddRequestHeadersW
0x72d864 HttpSendRequestW
0x72d868 HttpQueryInfoW
0x72d86c InternetQueryOptionW
0x72d870 InternetCrackUrlA
0x72d874 InternetCanonicalizeUrlA
Wlanapi.dll
0x72d8dc WlanGetProfile
0x72d8e0 WlanCloseHandle
0x72d8e4 WlanGetProfileList
0x72d8e8 WlanFreeMemory
0x72d8ec WlanEnumInterfaces
0x72d8f0 WlanOpenHandle
RPCRT4.dll
0x72d540 UuidToStringW
0x72d544 RpcStringFreeW
0x72d548 UuidFromStringW
CRYPT32.dll
0x72d0a0 CryptUnprotectData
0x72d0a4 CryptStringToBinaryW
EAT(Export Address Table) is none
KERNEL32.dll
0x72d188 GetFileSizeEx
0x72d18c GetFileTime
0x72d190 SetFileAttributesW
0x72d194 GetCommandLineW
0x72d198 RtlUnwind
0x72d19c ExitProcess
0x72d1a0 GetModuleHandleExW
0x72d1a4 AreFileApisANSI
0x72d1a8 ExitThread
0x72d1ac IsDebuggerPresent
0x72d1b0 IsProcessorFeaturePresent
0x72d1b4 HeapQueryInformation
0x72d1b8 GetStdHandle
0x72d1bc GetFileType
0x72d1c0 GetStartupInfoW
0x72d1c4 QueryPerformanceCounter
0x72d1c8 GetSystemTimeAsFileTime
0x72d1cc GetEnvironmentStringsW
0x72d1d0 FreeEnvironmentStringsW
0x72d1d4 UnhandledExceptionFilter
0x72d1d8 SetUnhandledExceptionFilter
0x72d1dc Sleep
0x72d1e0 TerminateProcess
0x72d1e4 GetTickCount
0x72d1e8 IsValidCodePage
0x72d1ec GetOEMCP
0x72d1f0 GetCPInfo
0x72d1f4 GetTimeZoneInformation
0x72d1f8 OutputDebugStringW
0x72d1fc GetDateFormatW
0x72d200 GetTimeFormatW
0x72d204 LCMapStringW
0x72d208 IsValidLocale
0x72d20c GetUserDefaultLCID
0x72d210 EnumSystemLocalesW
0x72d214 GetConsoleCP
0x72d218 GetConsoleMode
0x72d21c SetFilePointerEx
0x72d220 GetStringTypeW
0x72d224 SetStdHandle
0x72d228 WriteConsoleW
0x72d22c ReadConsoleW
0x72d230 SetEnvironmentVariableA
0x72d234 GetSystemDefaultLangID
0x72d238 GetTempFileNameW
0x72d23c CreateFileA
0x72d240 MapViewOfFile
0x72d244 UnmapViewOfFile
0x72d248 GetDriveTypeW
0x72d24c GetLogicalDrives
0x72d250 GetSystemDefaultLCID
0x72d254 GetSystemPowerStatus
0x72d258 GetSystemDirectoryA
0x72d25c CreateFileMappingW
0x72d260 QueryDosDeviceW
0x72d264 GetSystemInfo
0x72d268 GetTempPathA
0x72d26c FindResourceA
0x72d270 MoveFileExW
0x72d274 GetLogicalDriveStringsW
0x72d278 OpenProcess
0x72d27c Process32FirstW
0x72d280 GetProcessId
0x72d284 Process32NextW
0x72d288 CreateToolhelp32Snapshot
0x72d28c OpenFile
0x72d290 SystemTimeToTzSpecificLocalTime
0x72d294 CreateDirectoryW
0x72d298 GetDriveTypeA
0x72d29c GetFileAttributesA
0x72d2a0 FindFirstFileA
0x72d2a4 RemoveDirectoryW
0x72d2a8 FindNextFileW
0x72d2ac FindVolumeClose
0x72d2b0 SetVolumeMountPointW
0x72d2b4 GetVolumeInformationA
0x72d2b8 DeleteVolumeMountPointW
0x72d2bc FindNextVolumeW
0x72d2c0 GetVolumePathNamesForVolumeNameW
0x72d2c4 DefineDosDeviceW
0x72d2c8 SetVolumeLabelW
0x72d2cc DeviceIoControl
0x72d2d0 GetDiskFreeSpaceExA
0x72d2d4 GetDiskFreeSpaceExW
0x72d2d8 FindFirstVolumeW
0x72d2dc GetVolumeNameForVolumeMountPointW
0x72d2e0 GetLocalTime
0x72d2e4 PeekNamedPipe
0x72d2e8 GetExitCodeProcess
0x72d2ec CreatePipe
0x72d2f0 lstrlenW
0x72d2f4 CreateProcessW
0x72d2f8 TryEnterCriticalSection
0x72d2fc InterlockedCompareExchange
0x72d300 GetFileAttributesExW
0x72d304 InterlockedDecrement
0x72d308 GetLogicalDriveStringsA
0x72d30c lstrlenA
0x72d310 WaitForMultipleObjects
0x72d314 GetExitCodeThread
0x72d318 DeleteFileA
0x72d31c GetSystemTime
0x72d320 GetVersionExA
0x72d324 GetDiskFreeSpaceA
0x72d328 CreateFileMappingA
0x72d32c GetDiskFreeSpaceW
0x72d330 LockFileEx
0x72d334 HeapValidate
0x72d338 HeapCreate
0x72d33c FormatMessageA
0x72d340 UnlockFileEx
0x72d344 WaitForSingleObjectEx
0x72d348 FlushViewOfFile
0x72d34c HeapCompact
0x72d350 CreateMutexW
0x72d354 GetPrivateProfileSectionW
0x72d358 GetPrivateProfileSectionNamesW
0x72d35c CopyFileExW
0x72d360 GetFullPathNameA
0x72d364 GetFileInformationByHandle
0x72d368 VirtualQuery
0x72d36c VirtualProtect
0x72d370 VirtualAlloc
0x72d374 FindFirstFileExW
0x72d378 GetFileAttributesW
0x72d37c FileTimeToLocalFileTime
0x72d380 SetErrorMode
0x72d384 SystemTimeToFileTime
0x72d388 FileTimeToSystemTime
0x72d38c lstrcmpiW
0x72d390 GetCurrentProcess
0x72d394 DuplicateHandle
0x72d398 WriteFile
0x72d39c UnlockFile
0x72d3a0 SetFilePointer
0x72d3a4 SetEndOfFile
0x72d3a8 ReadFile
0x72d3ac LockFile
0x72d3b0 GetVolumeInformationW
0x72d3b4 GetFullPathNameW
0x72d3b8 GetFileSize
0x72d3bc FlushFileBuffers
0x72d3c0 FindFirstFileW
0x72d3c4 FindClose
0x72d3c8 CreateFileW
0x72d3cc DeleteFileW
0x72d3d0 GlobalFlags
0x72d3d4 GetUserDefaultUILanguage
0x72d3d8 GetSystemDefaultUILanguage
0x72d3dc GetLocaleInfoW
0x72d3e0 CompareStringW
0x72d3e4 GetCurrentDirectoryW
0x72d3e8 LocalReAlloc
0x72d3ec LocalAlloc
0x72d3f0 GlobalHandle
0x72d3f4 GlobalReAlloc
0x72d3f8 TlsFree
0x72d3fc TlsSetValue
0x72d400 TlsGetValue
0x72d404 TlsAlloc
0x72d408 InitializeCriticalSection
0x72d40c CopyFileW
0x72d410 FormatMessageW
0x72d414 MulDiv
0x72d418 LocalFree
0x72d41c GlobalSize
0x72d420 WritePrivateProfileStringW
0x72d424 GetPrivateProfileStringW
0x72d428 GetPrivateProfileIntW
0x72d42c CreateEventW
0x72d430 SetEvent
0x72d434 GlobalUnlock
0x72d438 GlobalFindAtomW
0x72d43c GlobalAddAtomW
0x72d440 LoadLibraryA
0x72d444 FreeResource
0x72d448 GetSystemDirectoryW
0x72d44c LeaveCriticalSection
0x72d450 EnterCriticalSection
0x72d454 EncodePointer
0x72d458 FindResourceW
0x72d45c lstrcmpW
0x72d460 lstrcmpA
0x72d464 GlobalDeleteAtom
0x72d468 GlobalLock
0x72d46c GlobalAlloc
0x72d470 SizeofResource
0x72d474 LockResource
0x72d478 LoadResource
0x72d47c LoadLibraryExW
0x72d480 FreeLibrary
0x72d484 GetVersionExW
0x72d488 GetCurrentThreadId
0x72d48c GetCurrentThread
0x72d490 LoadLibraryW
0x72d494 GetProcAddress
0x72d498 GetModuleHandleA
0x72d49c GetModuleFileNameW
0x72d4a0 SetLastError
0x72d4a4 OutputDebugStringA
0x72d4a8 GetACP
0x72d4ac WideCharToMultiByte
0x72d4b0 MultiByteToWideChar
0x72d4b4 InterlockedExchange
0x72d4b8 GetThreadTimes
0x72d4bc InitializeSListHead
0x72d4c0 HeapReAlloc
0x72d4c4 GetCurrentProcessId
0x72d4c8 CreateThread
0x72d4cc CloseHandle
0x72d4d0 WaitForSingleObject
0x72d4d4 GlobalFree
0x72d4d8 GetModuleHandleW
0x72d4dc DeleteCriticalSection
0x72d4e0 DecodePointer
0x72d4e4 HeapSize
0x72d4e8 GetLastError
0x72d4ec RaiseException
0x72d4f0 HeapDestroy
0x72d4f4 InitializeCriticalSectionAndSpinCount
0x72d4f8 GetProcessHeap
0x72d4fc HeapFree
0x72d500 HeapAlloc
0x72d504 GetTempPathW
USER32.dll
0x72d5d8 MessageBoxW
0x72d5dc SetRect
0x72d5e0 OffsetRect
0x72d5e4 EqualRect
0x72d5e8 CopyRect
0x72d5ec GetSysColor
0x72d5f0 MapWindowPoints
0x72d5f4 ScreenToClient
0x72d5f8 AdjustWindowRectEx
0x72d5fc GetWindowRect
0x72d600 GetClientRect
0x72d604 GetWindowTextW
0x72d608 RemovePropW
0x72d60c GetPropW
0x72d610 SetPropW
0x72d614 ValidateRect
0x72d618 GetForegroundWindow
0x72d61c SetActiveWindow
0x72d620 UpdateWindow
0x72d624 MonitorFromWindow
0x72d628 GetMonitorInfoW
0x72d62c CreateDialogIndirectParamW
0x72d630 EndDialog
0x72d634 GetNextDlgTabItem
0x72d638 GetActiveWindow
0x72d63c IsWindowEnabled
0x72d640 GetDesktopWindow
0x72d644 CheckMenuItem
0x72d648 EnableMenuItem
0x72d64c SetMenuItemBitmaps
0x72d650 GetMenuCheckMarkDimensions
0x72d654 SetMenuItemInfoW
0x72d658 LoadBitmapW
0x72d65c GetMessageW
0x72d660 TranslateMessage
0x72d664 GetCursorPos
0x72d668 SetCursor
0x72d66c GetWindowThreadProcessId
0x72d670 PostMessageW
0x72d674 ShowWindow
0x72d678 SetForegroundWindow
0x72d67c KillTimer
0x72d680 SetTimer
0x72d684 SendMessageW
0x72d688 LoadIconW
0x72d68c GetClassInfoW
0x72d690 UnregisterClassW
0x72d694 PtInRect
0x72d698 GetWindowLongW
0x72d69c SetWindowLongW
0x72d6a0 GetClassLongW
0x72d6a4 GetClassNameW
0x72d6a8 MoveWindow
0x72d6ac GetTopWindow
0x72d6b0 GetLastActivePopup
0x72d6b4 UnionRect
0x72d6b8 GetCaretPos
0x72d6bc SetWindowRgn
0x72d6c0 IsZoomed
0x72d6c4 UpdateLayeredWindow
0x72d6c8 SetCaretPos
0x72d6cc HideCaret
0x72d6d0 CreateCaret
0x72d6d4 DestroyCaret
0x72d6d8 CloseWindow
0x72d6dc GetWindowRgn
0x72d6e0 RegisterClassExW
0x72d6e4 GetClassNameA
0x72d6e8 SendMessageA
0x72d6ec wsprintfW
0x72d6f0 CloseClipboard
0x72d6f4 EnumWindows
0x72d6f8 GetAsyncKeyState
0x72d6fc GetClipboardData
0x72d700 GetMenuItemCount
0x72d704 GetMenuItemID
0x72d708 GetWindow
0x72d70c SetWindowsHookExW
0x72d710 CallNextHookEx
0x72d714 EnableWindow
0x72d718 SetWindowTextW
0x72d71c EmptyClipboard
0x72d720 IsDialogMessageW
0x72d724 DrawTextW
0x72d728 SetClipboardData
0x72d72c DrawTextExW
0x72d730 GrayStringW
0x72d734 TabbedTextOutW
0x72d738 CreateDesktopW
0x72d73c CloseDesktop
0x72d740 GetDC
0x72d744 GetWindowDC
0x72d748 ReleaseDC
0x72d74c BeginPaint
0x72d750 EndPaint
0x72d754 ClientToScreen
0x72d758 SetCapture
0x72d75c ReleaseCapture
0x72d760 WindowFromPoint
0x72d764 LoadCursorW
0x72d768 SystemParametersInfoW
0x72d76c RealChildWindowFromPoint
0x72d770 InvalidateRect
0x72d774 GetSystemMetrics
0x72d778 DestroyMenu
0x72d77c GetSysColorBrush
0x72d780 IsIconic
0x72d784 DestroyIcon
0x72d788 CharUpperW
0x72d78c IntersectRect
0x72d790 WinHelpW
0x72d794 OpenClipboard
0x72d798 RedrawWindow
0x72d79c SendDlgItemMessageA
0x72d7a0 GetParent
0x72d7a4 PostQuitMessage
0x72d7a8 UnhookWindowsHookEx
0x72d7ac RegisterWindowMessageW
0x72d7b0 DispatchMessageW
0x72d7b4 PeekMessageW
0x72d7b8 GetMessagePos
0x72d7bc GetMessageTime
0x72d7c0 DefWindowProcW
0x72d7c4 CallWindowProcW
0x72d7c8 RegisterClassW
0x72d7cc GetClassInfoExW
0x72d7d0 CreateWindowExW
0x72d7d4 IsWindow
0x72d7d8 DestroyWindow
0x72d7dc SetWindowPos
0x72d7e0 GetWindowPlacement
0x72d7e4 IsWindowVisible
0x72d7e8 GetDlgItem
0x72d7ec GetSubMenu
0x72d7f0 SetMenu
0x72d7f4 GetMenu
0x72d7f8 GetCapture
0x72d7fc GetKeyState
0x72d800 GetFocus
0x72d804 GetDlgCtrlID
0x72d808 SetFocus
GDI32.dll
0x72d0ac SetMapMode
0x72d0b0 SetBkMode
0x72d0b4 SelectObject
0x72d0b8 SaveDC
0x72d0bc GetObjectW
0x72d0c0 RestoreDC
0x72d0c4 RectVisible
0x72d0c8 PtVisible
0x72d0cc EnumFontFamiliesExW
0x72d0d0 GetFontData
0x72d0d4 MoveToEx
0x72d0d8 TextOutW
0x72d0dc ExtTextOutW
0x72d0e0 SetViewportExtEx
0x72d0e4 SetViewportOrgEx
0x72d0e8 SetWindowExtEx
0x72d0ec OffsetViewportOrgEx
0x72d0f0 ScaleViewportExtEx
0x72d0f4 ScaleWindowExtEx
0x72d0f8 GetTextExtentPoint32W
0x72d0fc CreateCompatibleBitmap
0x72d100 CreateFontW
0x72d104 GetDIBits
0x72d108 CreateDIBSection
0x72d10c PtInRegion
0x72d110 CreatePolygonRgn
0x72d114 FillRgn
0x72d118 CreateRoundRectRgn
0x72d11c GetBitmapBits
0x72d120 SetBitmapBits
0x72d124 SetPixel
0x72d128 LineTo
0x72d12c GetClipBox
0x72d130 Escape
0x72d134 DeleteObject
0x72d138 DeleteDC
0x72d13c CreateSolidBrush
0x72d140 CreateRectRgn
0x72d144 CreatePen
0x72d148 CreateCompatibleDC
0x72d14c BitBlt
0x72d150 GetDeviceCaps
0x72d154 CreateBitmap
0x72d158 SetTextColor
0x72d15c GetStockObject
0x72d160 SetBkColor
SHELL32.dll
0x72d578 ShellExecuteExW
0x72d57c DragAcceptFiles
0x72d580 None
0x72d584 SHGetPathFromIDListA
0x72d588 SHGetMalloc
0x72d58c SHGetSpecialFolderLocation
0x72d590 SHGetSpecialFolderPathA
0x72d594 ShellExecuteW
0x72d598 DragQueryFileW
0x72d59c SHGetFileInfoW
SHLWAPI.dll
0x72d5a4 PathIsRootW
0x72d5a8 PathIsDirectoryW
0x72d5ac PathFileExistsA
0x72d5b0 PathCanonicalizeW
0x72d5b4 PathIsRootA
0x72d5b8 UrlUnescapeW
0x72d5bc PathStripToRootW
0x72d5c0 PathIsUNCW
0x72d5c4 PathRemoveFileSpecW
0x72d5c8 PathFindFileNameW
0x72d5cc PathFindExtensionW
0x72d5d0 PathFileExistsW
OLEACC.dll
0x72d514 CreateStdAccessibleObject
0x72d518 LresultFromObject
VERSION.dll
0x72d810 GetFileVersionInfoSizeW
0x72d814 VerQueryValueW
0x72d818 GetFileVersionInfoW
imagehlp.dll
0x72d9d4 MakeSureDirectoryPathExists
WINMM.dll
0x72d87c timeGetDevCaps
0x72d880 timeKillEvent
0x72d884 timeSetEvent
WINSPOOL.DRV
0x72d88c OpenPrinterW
0x72d890 DocumentPropertiesW
0x72d894 ClosePrinter
ADVAPI32.dll
0x72d000 RegQueryValueExW
0x72d004 UnlockServiceDatabase
0x72d008 AdjustTokenPrivileges
0x72d00c LookupPrivilegeValueW
0x72d010 LookupAccountNameW
0x72d014 GetSidSubAuthorityCount
0x72d018 GetUserNameW
0x72d01c GetSidSubAuthority
0x72d020 OpenProcessToken
0x72d024 GetSidIdentifierAuthority
0x72d028 RegEnumValueW
0x72d02c RegQueryValueW
0x72d030 RegEnumKeyW
0x72d034 RegSetValueExW
0x72d038 RegDeleteValueW
0x72d03c RegDeleteKeyW
0x72d040 RegCreateKeyExW
0x72d044 ControlService
0x72d048 RegOpenKeyExW
0x72d04c RegCloseKey
0x72d050 ChangeServiceConfigW
0x72d054 RegQueryInfoKeyW
0x72d058 RegQueryValueExA
0x72d05c RegOpenKeyExA
0x72d060 ImpersonateLoggedOnUser
0x72d064 RevertToSelf
0x72d068 LsaOpenPolicy
0x72d06c LsaClose
0x72d070 LsaNtStatusToWinError
0x72d074 LsaRetrievePrivateData
0x72d078 LsaFreeMemory
0x72d07c CloseServiceHandle
0x72d080 OpenSCManagerW
0x72d084 OpenServiceW
0x72d088 LockServiceDatabase
0x72d08c StartServiceW
0x72d090 QueryServiceStatus
ole32.dll
0x72d9dc CoSetProxyBlanket
0x72d9e0 CoInitializeSecurity
0x72d9e4 CoTaskMemFree
0x72d9e8 CoInitializeEx
0x72d9ec CoInitialize
0x72d9f0 CoCreateInstance
0x72d9f4 CoCreateGuid
0x72d9f8 CoUninitialize
0x72d9fc OleSetContainedObject
0x72da00 CreateStreamOnHGlobal
OLEAUT32.dll
0x72d520 VarDateFromStr
0x72d524 VariantTimeToSystemTime
0x72d528 VariantChangeType
0x72d52c VariantClear
0x72d530 VariantInit
0x72d534 SysAllocString
0x72d538 SysFreeString
MSIMG32.dll
0x72d50c AlphaBlend
COMCTL32.dll
0x72d098 _TrackMouseEvent
SETUPAPI.dll
0x72d550 SetupDiGetDeviceRegistryPropertyW
0x72d554 CM_Get_Device_IDA
0x72d558 CM_Get_Parent
0x72d55c SetupDiDestroyDeviceInfoList
0x72d560 SetupDiGetDeviceInterfaceDetailW
0x72d564 SetupDiEnumDeviceInterfaces
0x72d568 SetupDiGetDeviceRegistryPropertyA
0x72d56c SetupDiEnumDeviceInfo
0x72d570 SetupDiGetClassDevsW
gdiplus.dll
0x72d8f8 GdipDisposeImage
0x72d8fc GdipCloneImage
0x72d900 GdipAlloc
0x72d904 GdipFree
0x72d908 GdipCreateBitmapFromHBITMAP
0x72d90c GdiplusShutdown
0x72d910 GdiplusStartup
0x72d914 GdipDeleteGraphics
0x72d918 GdipCreateFromHDC
0x72d91c GdipCreateBitmapFromFile
0x72d920 GdipGetImageHeight
0x72d924 GdipGetImageWidth
0x72d928 GdipCreateBitmapFromScan0
0x72d92c GdipGetImageEncodersSize
0x72d930 GdipGetImageEncoders
0x72d934 GdipSaveImageToFile
0x72d938 GdipLoadImageFromStream
0x72d93c GdipSetSmoothingMode
0x72d940 GdipCreateSolidFill
0x72d944 GdipDeleteBrush
0x72d948 GdipResetPath
0x72d94c GdipFillPath
0x72d950 GdipCreatePen1
0x72d954 GdipDeletePen
0x72d958 GdipDrawPath
0x72d95c GdipDeletePath
0x72d960 GdipSetPenDashStyle
0x72d964 GdipDrawLineI
0x72d968 GdipCreateFontFamilyFromName
0x72d96c GdipDeleteFontFamily
0x72d970 GdipCreateFont
0x72d974 GdipDeleteFont
0x72d978 GdipCreateStringFormat
0x72d97c GdipDeleteStringFormat
0x72d980 GdipSetStringFormatAlign
0x72d984 GdipSetStringFormatLineAlign
0x72d988 GdipSetTextRenderingHint
0x72d98c GdipDrawString
0x72d990 GdipAddPathEllipseI
0x72d994 GdipAddPathRectangleI
0x72d998 GdipSetClipPath
0x72d99c GdipResetClip
0x72d9a0 GdipImageGetFrameDimensionsCount
0x72d9a4 GdipImageSelectActiveFrame
0x72d9a8 GdipImageGetFrameDimensionsList
0x72d9ac GdipImageGetFrameCount
0x72d9b0 GdipGetPropertyItemSize
0x72d9b4 GdipGetPropertyItem
0x72d9b8 GdipCreatePath
0x72d9bc GdipAddPathArcI
0x72d9c0 GdipAddPathLineI
0x72d9c4 GdipClosePathFigure
0x72d9c8 GdipCreateHBITMAPFromBitmap
0x72d9cc GdipDrawImageRectRect
IMM32.dll
0x72d168 ImmAssociateContext
0x72d16c ImmDestroyContext
0x72d170 ImmGetContext
0x72d174 ImmSetCompositionWindow
0x72d178 ImmReleaseContext
WS2_32.dll
0x72d89c connect
0x72d8a0 socket
0x72d8a4 send
0x72d8a8 WSAStartup
0x72d8ac select
0x72d8b0 WSAGetLastError
0x72d8b4 shutdown
0x72d8b8 setsockopt
0x72d8bc WSACleanup
0x72d8c0 ioctlsocket
0x72d8c4 inet_addr
0x72d8c8 gethostbyname
0x72d8cc closesocket
0x72d8d0 recv
0x72d8d4 htons
IPHLPAPI.DLL
0x72d180 GetAdaptersInfo
WININET.dll
0x72d82c InternetSetStatusCallbackW
0x72d830 InternetGetLastResponseInfoW
0x72d834 InternetSetOptionExW
0x72d838 HttpOpenRequestW
0x72d83c InternetQueryDataAvailable
0x72d840 InternetWriteFile
0x72d844 InternetSetFilePointer
0x72d848 InternetReadFile
0x72d84c InternetConnectW
0x72d850 InternetCloseHandle
0x72d854 InternetOpenW
0x72d858 InternetCanonicalizeUrlW
0x72d85c InternetCrackUrlW
0x72d860 HttpAddRequestHeadersW
0x72d864 HttpSendRequestW
0x72d868 HttpQueryInfoW
0x72d86c InternetQueryOptionW
0x72d870 InternetCrackUrlA
0x72d874 InternetCanonicalizeUrlA
Wlanapi.dll
0x72d8dc WlanGetProfile
0x72d8e0 WlanCloseHandle
0x72d8e4 WlanGetProfileList
0x72d8e8 WlanFreeMemory
0x72d8ec WlanEnumInterfaces
0x72d8f0 WlanOpenHandle
RPCRT4.dll
0x72d540 UuidToStringW
0x72d544 RpcStringFreeW
0x72d548 UuidFromStringW
CRYPT32.dll
0x72d0a0 CryptUnprotectData
0x72d0a4 CryptStringToBinaryW
EAT(Export Address Table) is none