ScreenShot
| Created | 2021.11.20 18:42 | Machine | s1_win7_x6401 |
| Filename | pestudio.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 1 detected (Malicious) | ||
| md5 | 4041acd5c5461e4a2df43ea35b1d6555 | ||
| sha256 | 8920dc59a6ecffed62f983444825f753b5551089d8635989768e504a6dd7d450 | ||
| ssdeep | 12288:GUleFHQAHvQionS7icgl7J+lr42FXgUDZZSZ2Q:hngjSFQgUVZ | ||
| imphash | 684ee492a978160870b7dfc15ca88875 | ||
| impfuzzy | 96:NNTt40sLKo14x5QU2BuOnk487IzGJSBylJ42wcRcLggNjKW88BRZYrQPD:S0yc9k5k487IzASi1wcRcMgoWZurQPD | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | File has been identified by one AntiVirus engine on VirusTotal as malicious |
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x4680ec GetFileSizeEx
0x4680f0 lstrlenA
0x4680f4 GetStartupInfoW
0x4680f8 RtlUnwind
0x4680fc TerminateProcess
0x468100 UnhandledExceptionFilter
0x468104 SetUnhandledExceptionFilter
0x468108 IsDebuggerPresent
0x46810c HeapAlloc
0x468110 HeapFree
0x468114 Sleep
0x468118 ExitProcess
0x46811c HeapReAlloc
0x468120 HeapSize
0x468124 GetStdHandle
0x468128 GetModuleFileNameA
0x46812c FreeEnvironmentStringsW
0x468130 GetEnvironmentStringsW
0x468134 GetCommandLineW
0x468138 SetHandleCount
0x46813c GetFileType
0x468140 GetStartupInfoA
0x468144 HeapCreate
0x468148 VirtualFree
0x46814c SystemTimeToFileTime
0x468150 GetSystemTimeAsFileTime
0x468154 GetCPInfo
0x468158 GetACP
0x46815c GetOEMCP
0x468160 IsValidCodePage
0x468164 LCMapStringA
0x468168 LCMapStringW
0x46816c VirtualAlloc
0x468170 InitializeCriticalSectionAndSpinCount
0x468174 GetTimeZoneInformation
0x468178 GetLocaleInfoA
0x46817c GetConsoleCP
0x468180 GetConsoleMode
0x468184 GetStringTypeA
0x468188 GetStringTypeW
0x46818c SetStdHandle
0x468190 WriteConsoleA
0x468194 GetConsoleOutputCP
0x468198 WriteConsoleW
0x46819c CreateFileA
0x4681a0 SetEnvironmentVariableA
0x4681a4 LocalFileTimeToFileTime
0x4681a8 GetFileAttributesExW
0x4681ac FileTimeToLocalFileTime
0x4681b0 FileTimeToSystemTime
0x4681b4 GetShortPathNameW
0x4681b8 GetVolumeInformationW
0x4681bc FindFirstFileW
0x4681c0 FindClose
0x4681c4 GetCurrentProcess
0x4681c8 DuplicateHandle
0x4681cc GetFileSize
0x4681d0 SetEndOfFile
0x4681d4 UnlockFile
0x4681d8 LockFile
0x4681dc FlushFileBuffers
0x4681e0 SetFilePointer
0x4681e4 ReadFile
0x4681e8 lstrcmpiW
0x4681ec GetThreadLocale
0x4681f0 GetStringTypeExW
0x4681f4 DeleteFileW
0x4681f8 MoveFileW
0x4681fc InterlockedIncrement
0x468200 TlsFree
0x468204 DeleteCriticalSection
0x468208 LocalReAlloc
0x46820c TlsSetValue
0x468210 TlsAlloc
0x468214 InitializeCriticalSection
0x468218 GlobalHandle
0x46821c GlobalReAlloc
0x468220 EnterCriticalSection
0x468224 TlsGetValue
0x468228 LeaveCriticalSection
0x46822c LocalFree
0x468230 LocalAlloc
0x468234 GlobalFlags
0x468238 WritePrivateProfileStringW
0x46823c GlobalGetAtomNameW
0x468240 ReleaseMutex
0x468244 CreateMutexW
0x468248 MulDiv
0x46824c GetModuleHandleA
0x468250 InterlockedDecrement
0x468254 GlobalFindAtomW
0x468258 GetVersionExW
0x46825c CompareStringW
0x468260 GetVersionExA
0x468264 GetProfileIntW
0x468268 GetTickCount
0x46826c GetDiskFreeSpaceW
0x468270 GetFullPathNameW
0x468274 GetTempFileNameW
0x468278 GetFileTime
0x46827c SetFileTime
0x468280 lstrlenW
0x468284 GetFileAttributesW
0x468288 GlobalFree
0x46828c FreeResource
0x468290 GetCurrentProcessId
0x468294 GlobalAddAtomW
0x468298 WaitForSingleObject
0x46829c GlobalDeleteAtom
0x4682a0 GetCurrentThread
0x4682a4 GetCurrentThreadId
0x4682a8 ConvertDefaultLocale
0x4682ac EnumResourceLanguagesW
0x4682b0 GetModuleFileNameW
0x4682b4 lstrcmpA
0x4682b8 GetLocaleInfoW
0x4682bc CompareStringA
0x4682c0 InterlockedExchange
0x4682c4 lstrcmpW
0x4682c8 CreateFileW
0x4682cc WriteFile
0x4682d0 SetErrorMode
0x4682d4 LoadLibraryA
0x4682d8 CloseHandle
0x4682dc FreeLibrary
0x4682e0 GetLastError
0x4682e4 SetLastError
0x4682e8 GetProcAddress
0x4682ec GetModuleHandleW
0x4682f0 LoadLibraryW
0x4682f4 lstrcpynW
0x4682f8 GlobalAlloc
0x4682fc GlobalLock
0x468300 GlobalUnlock
0x468304 MultiByteToWideChar
0x468308 WideCharToMultiByte
0x46830c FindResourceW
0x468310 LoadResource
0x468314 LockResource
0x468318 SizeofResource
0x46831c QueryPerformanceCounter
0x468320 RaiseException
USER32.dll
0x46836c UnpackDDElParam
0x468370 IsZoomed
0x468374 GetSysColorBrush
0x468378 DestroyIcon
0x46837c CharUpperW
0x468380 UnregisterClassW
0x468384 EndPaint
0x468388 BeginPaint
0x46838c GetWindowDC
0x468390 GrayStringW
0x468394 DrawTextExW
0x468398 DrawTextW
0x46839c TabbedTextOutW
0x4683a0 FillRect
0x4683a4 GetMenuStringW
0x4683a8 DestroyMenu
0x4683ac GetMenuItemInfoW
0x4683b0 ShowWindow
0x4683b4 MoveWindow
0x4683b8 SetWindowTextW
0x4683bc IsDialogMessageW
0x4683c0 WindowFromPoint
0x4683c4 ClientToScreen
0x4683c8 SetRect
0x4683cc SetRectEmpty
0x4683d0 LoadIconW
0x4683d4 SendDlgItemMessageW
0x4683d8 SendDlgItemMessageA
0x4683dc WinHelpW
0x4683e0 IsChild
0x4683e4 GetCapture
0x4683e8 GetClassLongW
0x4683ec GetClassNameW
0x4683f0 SetPropW
0x4683f4 GetPropW
0x4683f8 RemovePropW
0x4683fc SetFocus
0x468400 GetWindowTextLengthW
0x468404 GetWindowTextW
0x468408 GetForegroundWindow
0x46840c BeginDeferWindowPos
0x468410 ReuseDDElParam
0x468414 GetTopWindow
0x468418 UnhookWindowsHookEx
0x46841c GetMessageTime
0x468420 TrackPopupMenu
0x468424 SetMenu
0x468428 SetScrollPos
0x46842c GetScrollPos
0x468430 SetForegroundWindow
0x468434 GetMenuItemID
0x468438 CreateWindowExW
0x46843c GetClassInfoExW
0x468440 GetClassInfoW
0x468444 RegisterClassW
0x468448 AdjustWindowRectEx
0x46844c EqualRect
0x468450 DeferWindowPos
0x468454 GetDlgCtrlID
0x468458 DefWindowProcW
0x46845c CallWindowProcW
0x468460 GetMenu
0x468464 SetWindowLongW
0x468468 SetWindowPos
0x46846c OffsetRect
0x468470 IntersectRect
0x468474 SystemParametersInfoA
0x468478 IsIconic
0x46847c GetWindowPlacement
0x468480 GetSystemMetrics
0x468484 GetWindow
0x468488 GetDesktopWindow
0x46848c SetActiveWindow
0x468490 CreateDialogIndirectParamW
0x468494 DestroyWindow
0x468498 GetDlgItem
0x46849c GetNextDlgTabItem
0x4684a0 EndDialog
0x4684a4 GetWindowThreadProcessId
0x4684a8 GetWindowLongW
0x4684ac GetLastActivePopup
0x4684b0 IsWindowEnabled
0x4684b4 MessageBoxW
0x4684b8 ShowOwnedPopups
0x4684bc SetCursor
0x4684c0 SetWindowsHookExW
0x4684c4 CallNextHookEx
0x4684c8 GetMessageW
0x4684cc TranslateMessage
0x4684d0 DispatchMessageW
0x4684d4 GetActiveWindow
0x4684d8 PeekMessageW
0x4684dc ValidateRect
0x4684e0 SetMenuItemBitmaps
0x4684e4 GetMenuCheckMarkDimensions
0x4684e8 LoadBitmapW
0x4684ec GetFocus
0x4684f0 GetParent
0x4684f4 PostMessageW
0x4684f8 LoadAcceleratorsW
0x4684fc InsertMenuItemW
0x468500 CreatePopupMenu
0x468504 BringWindowToTop
0x468508 TranslateAcceleratorW
0x46850c LoadCursorW
0x468510 DestroyCursor
0x468514 SetCursorPos
0x468518 ReleaseCapture
0x46851c EndDeferWindowPos
0x468520 SetCapture
0x468524 IsWindow
0x468528 PostQuitMessage
0x46852c IsWindowVisible
0x468530 CheckMenuItem
0x468534 EnableMenuItem
0x468538 GetMenuItemCount
0x46853c GetSubMenu
0x468540 RemoveMenu
0x468544 LoadMenuW
0x468548 GetCursorPos
0x46854c SendMessageW
0x468550 CopyRect
0x468554 PtInRect
0x468558 InflateRect
0x46855c GetClientRect
0x468560 ScreenToClient
0x468564 GetDC
0x468568 ReleaseDC
0x46856c UpdateWindow
0x468570 InvalidateRect
0x468574 EnableWindow
0x468578 GetMessagePos
0x46857c CloseClipboard
0x468580 SetClipboardData
0x468584 EmptyClipboard
0x468588 SystemParametersInfoW
0x46858c GetWindowRect
0x468590 GetMenuState
0x468594 RegisterWindowMessageW
0x468598 KillTimer
0x46859c SetTimer
0x4685a0 DeleteMenu
0x4685a4 GetKeyState
0x4685a8 ShowScrollBar
0x4685ac CreateIconFromResourceEx
0x4685b0 SetParent
0x4685b4 RedrawWindow
0x4685b8 GetSysColor
0x4685bc ModifyMenuW
0x4685c0 OpenClipboard
0x4685c4 MapWindowPoints
GDI32.dll
0x468040 SetViewportExtEx
0x468044 ScaleViewportExtEx
0x468048 SetWindowExtEx
0x46804c ScaleWindowExtEx
0x468050 CreatePatternBrush
0x468054 GetStockObject
0x468058 OffsetViewportOrgEx
0x46805c GetDeviceCaps
0x468060 GetTextMetricsW
0x468064 Escape
0x468068 SetViewportOrgEx
0x46806c TextOutW
0x468070 RectVisible
0x468074 PtVisible
0x468078 GetPixel
0x46807c CreateFontIndirectW
0x468080 IntersectClipRect
0x468084 ExcludeClipRect
0x468088 SetMapMode
0x46808c SetBkMode
0x468090 RestoreDC
0x468094 SaveDC
0x468098 PatBlt
0x46809c ExtTextOutW
0x4680a0 BitBlt
0x4680a4 GetBkColor
0x4680a8 CreateCompatibleBitmap
0x4680ac CreateCompatibleDC
0x4680b0 StretchDIBits
0x4680b4 DeleteDC
0x4680b8 CreateFontW
0x4680bc SelectObject
0x4680c0 GetCharWidthW
0x4680c4 DeleteObject
0x4680c8 SetBkColor
0x4680cc SetTextColor
0x4680d0 GetClipBox
0x4680d4 CreateBitmap
0x4680d8 CreateSolidBrush
0x4680dc GetTextExtentPoint32W
0x4680e0 GetCurrentObject
0x4680e4 GetObjectW
COMDLG32.dll
0x468038 GetFileTitleW
ADVAPI32.dll
0x468000 RegSetValueW
0x468004 RegSetValueExW
0x468008 RegCreateKeyExW
0x46800c GetFileSecurityW
0x468010 SetFileSecurityW
0x468014 RegQueryValueW
0x468018 RegOpenKeyW
0x46801c RegEnumKeyW
0x468020 RegDeleteKeyW
0x468024 RegOpenKeyExW
0x468028 RegQueryValueExW
0x46802c RegCloseKey
0x468030 RegCreateKeyW
SHELL32.dll
0x46833c DragFinish
0x468340 DragQueryFileW
0x468344 ExtractIconW
0x468348 SHGetFileInfoW
0x46834c DragAcceptFiles
SHLWAPI.dll
0x468354 PathFindFileNameW
0x468358 PathRemoveFileSpecW
0x46835c PathStripToRootW
0x468360 PathFindExtensionW
0x468364 PathIsUNCW
ole32.dll
0x4685cc CoTaskMemFree
0x4685d0 CoInitializeEx
0x4685d4 CoUninitialize
0x4685d8 RevokeDragDrop
0x4685dc CoLockObjectExternal
0x4685e0 CoCreateInstance
OLEAUT32.dll
0x468328 SysAllocStringLen
0x46832c VariantClear
0x468330 VariantChangeType
0x468334 VariantInit
EAT(Export Address Table) is none
KERNEL32.dll
0x4680ec GetFileSizeEx
0x4680f0 lstrlenA
0x4680f4 GetStartupInfoW
0x4680f8 RtlUnwind
0x4680fc TerminateProcess
0x468100 UnhandledExceptionFilter
0x468104 SetUnhandledExceptionFilter
0x468108 IsDebuggerPresent
0x46810c HeapAlloc
0x468110 HeapFree
0x468114 Sleep
0x468118 ExitProcess
0x46811c HeapReAlloc
0x468120 HeapSize
0x468124 GetStdHandle
0x468128 GetModuleFileNameA
0x46812c FreeEnvironmentStringsW
0x468130 GetEnvironmentStringsW
0x468134 GetCommandLineW
0x468138 SetHandleCount
0x46813c GetFileType
0x468140 GetStartupInfoA
0x468144 HeapCreate
0x468148 VirtualFree
0x46814c SystemTimeToFileTime
0x468150 GetSystemTimeAsFileTime
0x468154 GetCPInfo
0x468158 GetACP
0x46815c GetOEMCP
0x468160 IsValidCodePage
0x468164 LCMapStringA
0x468168 LCMapStringW
0x46816c VirtualAlloc
0x468170 InitializeCriticalSectionAndSpinCount
0x468174 GetTimeZoneInformation
0x468178 GetLocaleInfoA
0x46817c GetConsoleCP
0x468180 GetConsoleMode
0x468184 GetStringTypeA
0x468188 GetStringTypeW
0x46818c SetStdHandle
0x468190 WriteConsoleA
0x468194 GetConsoleOutputCP
0x468198 WriteConsoleW
0x46819c CreateFileA
0x4681a0 SetEnvironmentVariableA
0x4681a4 LocalFileTimeToFileTime
0x4681a8 GetFileAttributesExW
0x4681ac FileTimeToLocalFileTime
0x4681b0 FileTimeToSystemTime
0x4681b4 GetShortPathNameW
0x4681b8 GetVolumeInformationW
0x4681bc FindFirstFileW
0x4681c0 FindClose
0x4681c4 GetCurrentProcess
0x4681c8 DuplicateHandle
0x4681cc GetFileSize
0x4681d0 SetEndOfFile
0x4681d4 UnlockFile
0x4681d8 LockFile
0x4681dc FlushFileBuffers
0x4681e0 SetFilePointer
0x4681e4 ReadFile
0x4681e8 lstrcmpiW
0x4681ec GetThreadLocale
0x4681f0 GetStringTypeExW
0x4681f4 DeleteFileW
0x4681f8 MoveFileW
0x4681fc InterlockedIncrement
0x468200 TlsFree
0x468204 DeleteCriticalSection
0x468208 LocalReAlloc
0x46820c TlsSetValue
0x468210 TlsAlloc
0x468214 InitializeCriticalSection
0x468218 GlobalHandle
0x46821c GlobalReAlloc
0x468220 EnterCriticalSection
0x468224 TlsGetValue
0x468228 LeaveCriticalSection
0x46822c LocalFree
0x468230 LocalAlloc
0x468234 GlobalFlags
0x468238 WritePrivateProfileStringW
0x46823c GlobalGetAtomNameW
0x468240 ReleaseMutex
0x468244 CreateMutexW
0x468248 MulDiv
0x46824c GetModuleHandleA
0x468250 InterlockedDecrement
0x468254 GlobalFindAtomW
0x468258 GetVersionExW
0x46825c CompareStringW
0x468260 GetVersionExA
0x468264 GetProfileIntW
0x468268 GetTickCount
0x46826c GetDiskFreeSpaceW
0x468270 GetFullPathNameW
0x468274 GetTempFileNameW
0x468278 GetFileTime
0x46827c SetFileTime
0x468280 lstrlenW
0x468284 GetFileAttributesW
0x468288 GlobalFree
0x46828c FreeResource
0x468290 GetCurrentProcessId
0x468294 GlobalAddAtomW
0x468298 WaitForSingleObject
0x46829c GlobalDeleteAtom
0x4682a0 GetCurrentThread
0x4682a4 GetCurrentThreadId
0x4682a8 ConvertDefaultLocale
0x4682ac EnumResourceLanguagesW
0x4682b0 GetModuleFileNameW
0x4682b4 lstrcmpA
0x4682b8 GetLocaleInfoW
0x4682bc CompareStringA
0x4682c0 InterlockedExchange
0x4682c4 lstrcmpW
0x4682c8 CreateFileW
0x4682cc WriteFile
0x4682d0 SetErrorMode
0x4682d4 LoadLibraryA
0x4682d8 CloseHandle
0x4682dc FreeLibrary
0x4682e0 GetLastError
0x4682e4 SetLastError
0x4682e8 GetProcAddress
0x4682ec GetModuleHandleW
0x4682f0 LoadLibraryW
0x4682f4 lstrcpynW
0x4682f8 GlobalAlloc
0x4682fc GlobalLock
0x468300 GlobalUnlock
0x468304 MultiByteToWideChar
0x468308 WideCharToMultiByte
0x46830c FindResourceW
0x468310 LoadResource
0x468314 LockResource
0x468318 SizeofResource
0x46831c QueryPerformanceCounter
0x468320 RaiseException
USER32.dll
0x46836c UnpackDDElParam
0x468370 IsZoomed
0x468374 GetSysColorBrush
0x468378 DestroyIcon
0x46837c CharUpperW
0x468380 UnregisterClassW
0x468384 EndPaint
0x468388 BeginPaint
0x46838c GetWindowDC
0x468390 GrayStringW
0x468394 DrawTextExW
0x468398 DrawTextW
0x46839c TabbedTextOutW
0x4683a0 FillRect
0x4683a4 GetMenuStringW
0x4683a8 DestroyMenu
0x4683ac GetMenuItemInfoW
0x4683b0 ShowWindow
0x4683b4 MoveWindow
0x4683b8 SetWindowTextW
0x4683bc IsDialogMessageW
0x4683c0 WindowFromPoint
0x4683c4 ClientToScreen
0x4683c8 SetRect
0x4683cc SetRectEmpty
0x4683d0 LoadIconW
0x4683d4 SendDlgItemMessageW
0x4683d8 SendDlgItemMessageA
0x4683dc WinHelpW
0x4683e0 IsChild
0x4683e4 GetCapture
0x4683e8 GetClassLongW
0x4683ec GetClassNameW
0x4683f0 SetPropW
0x4683f4 GetPropW
0x4683f8 RemovePropW
0x4683fc SetFocus
0x468400 GetWindowTextLengthW
0x468404 GetWindowTextW
0x468408 GetForegroundWindow
0x46840c BeginDeferWindowPos
0x468410 ReuseDDElParam
0x468414 GetTopWindow
0x468418 UnhookWindowsHookEx
0x46841c GetMessageTime
0x468420 TrackPopupMenu
0x468424 SetMenu
0x468428 SetScrollPos
0x46842c GetScrollPos
0x468430 SetForegroundWindow
0x468434 GetMenuItemID
0x468438 CreateWindowExW
0x46843c GetClassInfoExW
0x468440 GetClassInfoW
0x468444 RegisterClassW
0x468448 AdjustWindowRectEx
0x46844c EqualRect
0x468450 DeferWindowPos
0x468454 GetDlgCtrlID
0x468458 DefWindowProcW
0x46845c CallWindowProcW
0x468460 GetMenu
0x468464 SetWindowLongW
0x468468 SetWindowPos
0x46846c OffsetRect
0x468470 IntersectRect
0x468474 SystemParametersInfoA
0x468478 IsIconic
0x46847c GetWindowPlacement
0x468480 GetSystemMetrics
0x468484 GetWindow
0x468488 GetDesktopWindow
0x46848c SetActiveWindow
0x468490 CreateDialogIndirectParamW
0x468494 DestroyWindow
0x468498 GetDlgItem
0x46849c GetNextDlgTabItem
0x4684a0 EndDialog
0x4684a4 GetWindowThreadProcessId
0x4684a8 GetWindowLongW
0x4684ac GetLastActivePopup
0x4684b0 IsWindowEnabled
0x4684b4 MessageBoxW
0x4684b8 ShowOwnedPopups
0x4684bc SetCursor
0x4684c0 SetWindowsHookExW
0x4684c4 CallNextHookEx
0x4684c8 GetMessageW
0x4684cc TranslateMessage
0x4684d0 DispatchMessageW
0x4684d4 GetActiveWindow
0x4684d8 PeekMessageW
0x4684dc ValidateRect
0x4684e0 SetMenuItemBitmaps
0x4684e4 GetMenuCheckMarkDimensions
0x4684e8 LoadBitmapW
0x4684ec GetFocus
0x4684f0 GetParent
0x4684f4 PostMessageW
0x4684f8 LoadAcceleratorsW
0x4684fc InsertMenuItemW
0x468500 CreatePopupMenu
0x468504 BringWindowToTop
0x468508 TranslateAcceleratorW
0x46850c LoadCursorW
0x468510 DestroyCursor
0x468514 SetCursorPos
0x468518 ReleaseCapture
0x46851c EndDeferWindowPos
0x468520 SetCapture
0x468524 IsWindow
0x468528 PostQuitMessage
0x46852c IsWindowVisible
0x468530 CheckMenuItem
0x468534 EnableMenuItem
0x468538 GetMenuItemCount
0x46853c GetSubMenu
0x468540 RemoveMenu
0x468544 LoadMenuW
0x468548 GetCursorPos
0x46854c SendMessageW
0x468550 CopyRect
0x468554 PtInRect
0x468558 InflateRect
0x46855c GetClientRect
0x468560 ScreenToClient
0x468564 GetDC
0x468568 ReleaseDC
0x46856c UpdateWindow
0x468570 InvalidateRect
0x468574 EnableWindow
0x468578 GetMessagePos
0x46857c CloseClipboard
0x468580 SetClipboardData
0x468584 EmptyClipboard
0x468588 SystemParametersInfoW
0x46858c GetWindowRect
0x468590 GetMenuState
0x468594 RegisterWindowMessageW
0x468598 KillTimer
0x46859c SetTimer
0x4685a0 DeleteMenu
0x4685a4 GetKeyState
0x4685a8 ShowScrollBar
0x4685ac CreateIconFromResourceEx
0x4685b0 SetParent
0x4685b4 RedrawWindow
0x4685b8 GetSysColor
0x4685bc ModifyMenuW
0x4685c0 OpenClipboard
0x4685c4 MapWindowPoints
GDI32.dll
0x468040 SetViewportExtEx
0x468044 ScaleViewportExtEx
0x468048 SetWindowExtEx
0x46804c ScaleWindowExtEx
0x468050 CreatePatternBrush
0x468054 GetStockObject
0x468058 OffsetViewportOrgEx
0x46805c GetDeviceCaps
0x468060 GetTextMetricsW
0x468064 Escape
0x468068 SetViewportOrgEx
0x46806c TextOutW
0x468070 RectVisible
0x468074 PtVisible
0x468078 GetPixel
0x46807c CreateFontIndirectW
0x468080 IntersectClipRect
0x468084 ExcludeClipRect
0x468088 SetMapMode
0x46808c SetBkMode
0x468090 RestoreDC
0x468094 SaveDC
0x468098 PatBlt
0x46809c ExtTextOutW
0x4680a0 BitBlt
0x4680a4 GetBkColor
0x4680a8 CreateCompatibleBitmap
0x4680ac CreateCompatibleDC
0x4680b0 StretchDIBits
0x4680b4 DeleteDC
0x4680b8 CreateFontW
0x4680bc SelectObject
0x4680c0 GetCharWidthW
0x4680c4 DeleteObject
0x4680c8 SetBkColor
0x4680cc SetTextColor
0x4680d0 GetClipBox
0x4680d4 CreateBitmap
0x4680d8 CreateSolidBrush
0x4680dc GetTextExtentPoint32W
0x4680e0 GetCurrentObject
0x4680e4 GetObjectW
COMDLG32.dll
0x468038 GetFileTitleW
ADVAPI32.dll
0x468000 RegSetValueW
0x468004 RegSetValueExW
0x468008 RegCreateKeyExW
0x46800c GetFileSecurityW
0x468010 SetFileSecurityW
0x468014 RegQueryValueW
0x468018 RegOpenKeyW
0x46801c RegEnumKeyW
0x468020 RegDeleteKeyW
0x468024 RegOpenKeyExW
0x468028 RegQueryValueExW
0x46802c RegCloseKey
0x468030 RegCreateKeyW
SHELL32.dll
0x46833c DragFinish
0x468340 DragQueryFileW
0x468344 ExtractIconW
0x468348 SHGetFileInfoW
0x46834c DragAcceptFiles
SHLWAPI.dll
0x468354 PathFindFileNameW
0x468358 PathRemoveFileSpecW
0x46835c PathStripToRootW
0x468360 PathFindExtensionW
0x468364 PathIsUNCW
ole32.dll
0x4685cc CoTaskMemFree
0x4685d0 CoInitializeEx
0x4685d4 CoUninitialize
0x4685d8 RevokeDragDrop
0x4685dc CoLockObjectExternal
0x4685e0 CoCreateInstance
OLEAUT32.dll
0x468328 SysAllocStringLen
0x46832c VariantClear
0x468330 VariantChangeType
0x468334 VariantInit
EAT(Export Address Table) is none