popup

Report - vbc.exe

Malicious Library UPX PE File PE32
  1. Resubmit analysis
  2. Detailed report
ScreenShot
Created 2022.01.13 09:46 Machine s1_win7_x6403
Filename vbc.exe
Type PE32 executable (GUI) Intel 80386, for MS Windows
AI Score
6
 Behavior Score
2.6
ZERO API file : malware
VT API (file) 36 detected (Noon, DownLoader44, Strictor, Zusy, Artemis, Unsafe, ZelphiCO, RK0@aiUZPDek, PSWStealer, Delf, Eldorado, Attribute, HighConfidence, EQXB, R002C0WAC22, InjectorX, GenKryptik, CLOUD, Fragtor, Infected, ai score=86, kcloud, Sabsik, Limpopo, Malicious, susgen, EQPQ, RnkBend)
md5 38f1007dda4df73d9274b8dfa1683d93
sha256 e98006424a36e34271488f8a584b535b0bdf1650d2da228ec4c2a94e24ca20bb
ssdeep 12288:HB+Wk51M2qz6umSUAXwF1Oh99ojWa713rCOKGbrq9JTu7dK+/3yjc4uBd8QWOl:hnK66umSUAXweh99oj3713rRS9JJ+fyu
imphash d4d44b461c7d54870dac4fd24262a9a9
impfuzzy 192:o13MDbuu0xSUvK9kso1XE75lPG1Q2PbOQk:C3m0q9uH19PbOQk
  Network IP location

Signature (6cnts)

Level Description
danger File has been identified by 36 AntiVirus engines on VirusTotal as malicious
notice Allocates read-write-execute memory (usually to unpack itself)
notice Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time)
notice Performs some HTTP requests
info The executable contains unknown PE section names indicative of a packer (could be a false positive)
info The executable uses a known packer

Rules (4cnts)

Level Name Description Collection
watch Malicious_Library_Zero Malicious_Library binaries (upload)
watch UPX_Zero UPX packed file binaries (upload)
info IsPE32 (no description) binaries (upload)
info PE_Header_Zero PE File Signature binaries (upload)

Network (18cnts) ?

Request CC ASN Co IP4 Rule ? ZERO ?
https://lqxlpq.db.files.1drv.com/y4meXszciy-_ipQdPKkDPt8ivd5YyEMjKYMeJy9AYEBBCIBWAG4IzdaIb6RKfae_sVjz6Tf33eaKQZRL0hC-u1YkPpJXV3WDp0Om8Tttsplx61Zgvd25BkUcYpVt5gNRmu4Co1Le_7LNbivMl3dNECZZX3r71Z7_qLX-mrmZTJpXNVivxHRlVoWqbM9VDRh9UUnYrt0B7-mstPdzd3M3NdPxQ/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4m0BlEv1YX95PV2PjGCqtA-YtVjNQ401tOEtAHUdFW7GtfRqGMBS5SzzbgPYlM9aRS6-Excq4Z6qxyC-GuKOzcdYwl5rKzG4D0U3ieyAcOXY0W7pxZID4iCpOnm6xET-ZXDyQfeW9GwZJgi06x4qQzukauTyYkg6iggBhD2a07At6AHBmrNiuF5Pra1MA5ODhxL7eA3tZ8UkTJJaFVurMtog/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4mSvcyy0IAHKrLkg3SjRZ4sSJf9w7rI-i3hpeiwSdZtPCKNyEk7AhccnqCGbt9_gizydGiHdj9uTqI965hvAGGnUAwJvW4P-oxn-TkhZRXehFvt57LMIdTUfXhtFy2hkJoOEIpC21B8LutJuAOLpLXymcC2POc-22UizC-eHX2wLDYR0lSQ4hwMYZje2tmvZ69wZKqzdyv527HwHoQdv9EMg/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4mlk7dFP-M0RnPYff1C3nkvINRW1bOZ9qHUq4MqIwe_I02IOVUwP9Z2VubMPC2YmRJW5w1UIVGClOrxxU2sgznVi1hUc4yd0vRe0pRKzkqXcQ4jeLxs-9z0Z5WTFUBG84Qly2oIS3WnAM4xkfaFMeu9zY0VD_O9JvfxfX4Uy1WB-0B6-62MPHKhIMjMs2DsGQ-43zoF5iMjVWq-mT4Q5dp6w/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4m9I-WXb_FACwf0q97jJsCvJOP70BT5w2WjysHvxQG_FmvQuXEwiaQRmToJZ5dR1snRULgd86WEaNJ4itHICK6CFu49tvL_z0ITeKH7WTTBgP5V24JNpZTO0peBToBXREjp-eD2f-ziNYuDl1USBat8ltotajQQa7ogs_DdwbVtzzyCAb9cb6PgkwXplv_b1TtEYH-4NKrE0ckL1fmnN1l3Q/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4m4QFHB58xOaRhE-Myq1XS4-F16QdkLadH1DQYRCjA1v4EzRspS-jS6Qa0LbYVTvWKMqASSwnj7J0S8CT8342BrVz8naC1XhyQwsZDxYHiDsKWqfgRzhlWCatbX-KiEq26isN_r8BaycTBtSxLXssp8SnYHxIoWN4orB2Y1nzDz87xYXtoMizyAfamf3_g1UBoFTXpduDbO-eo97yi3NYTyA/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4m4oG_AQ5gWHg4mu0IPxG8HvUuhKqLzGk89FqJfZJE-HwO5fsZjAfCm1O7bed7LpS_Yvb3NW53yKXg9JYqhHUriilfHUbQcs5ph-08FCsQ7cJzEpKj64GclLke1i4-oPJ9fQWwu-_30oeXsdjhnnjcuhInubQx8H-8nsqS_xKBk4vjEhSH3vAZ96ZaKM90Bw2T005otXg9i9BYuftiALJKpg/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4mhOYPZU47GNoGYQPhMcB9-cmuRofa9atgV20wglwgRqXE2F_vAMGtbNOw6N67uiB_rq4bYv8kjmHyi1IFXkFlSlA8tYGn_Rjypd5-sw44Va3PxMFYJoGLgeX_cP9JTVOmkeaL3CqquMmlo2KABT61MxNqN5cML2fprdmNu_z3R4ZH9TYjlEmrYXho53OFT4PxJ2zozdzb1Svl67RFiiC-nA/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4mFT8aPU00JDlQJJt4iDFlSELVjJklfB8osvD9ChHozVxqpSJhN9KnccxoJ5_qSikXyJLL09rNKnTIP7lbr5_as_VY5Jeqnjxq_tsvMMgsZx4AM1szRrsgFMdtqe6Rq0xxEAWGJC_Y2MfchwauZ3MEu_zMJ_q08U8JHUVR8LJa9VVr0RJKFOyWMFaYpW-1n4UxvWY7LKEspbqRPw7XcwuN7A/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4myEkjFT7XqiIGaMVTyZi9STNz9-W9cJZs7XmfaVEVUHO6DyckBbZmvQGu1bc3djb4wiNGLceiuyK4QKuuPsHJe2qZj3aVQKy59WDQb9Q5PyUfmOvBq18Ipe0EiLO3ypmU2zGJF6yaRHpdotiExFb07k2tongT8J4Jb--Ltt7PqyTVawH5lSXsActolwQYRprJtgDZFvHkPm9w8mD7oXligA/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://onedrive.live.com/download?cid=C3C0A692803ED1E8&resid=C3C0A692803ED1E8%21112&authkey=ANjDOz6phEbw5-8
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.13 clean
https://lqxlpq.db.files.1drv.com/y4mOM1rxJgJ-8chInwBzNO5-eMhuvn8mE9o4i_sZdp9oQUDLEOdnWMqkuI0dtX8m6x7-2rG6leW9MYSJj9CAbray9DVrn5OSnG6o7uUcJDyLGlnX50Caq4M0YEoL4-C35SYipjYxFbI2zDCvxZvTrpq-t5eFgt6mf21ETbPS_XERJ4Z_mdVrF4WJDSH00b6CYg0BDN5uhQ-XrIGYlCZrQnuTQ/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4mbCeSRE0rG7ziEp3ozPFebwlTjmNQ2GGlVznH174M4PNpvkRh0xz_fXvwSfxXvFHYueW8QvmNIjErg_1lTkuGYykO9i4B5ngD6CK4wLxFmyLJ-RQtD24OI8OA7DxQxGzyUzE50NlPCS59K9SDQnXv1tZNKKjbd_xbxBECtwKvEGgppHSoEKtPzOpaIYJElqH44iSu_icoueOXfBDtIgi9NA/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
https://lqxlpq.db.files.1drv.com/y4mXUEPM0n6sItbcbnjxoeVnPuQJavKC4NNFBXsvnAdWeoB_Ki3abADB2xScqFVwTo_NtEq9uj_2-Sg12JrsxjG5JnN8kxMeLy1J1C4x6d0jTvnLbffLqR1WsncX0Cf0EyzSI7ul8IfpwgF66--9pUPYJm3095BCmI17aIYo55jJjTvKZxH3_VhE_sOMUrcENnnJ3rIwVORawfK2Al1TzWMew/Vnsc
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
onedrive.live.com
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.13 mailcious
lqxlpq.db.files.1drv.com
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 clean
13.107.42.13
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.13 mailcious
13.107.42.12
whois
US MICROSOFT-CORP-MSN-AS-BLOCK 13.107.42.12 malware

Suricata ids

PE API

IAT(Import Address Table) Library

oleaut32.dll
 0x469768 SysFreeString
 0x46976c SysReAllocStringLen
 0x469770 SysAllocStringLen
advapi32.dll
 0x469778 RegQueryValueExA
 0x46977c RegOpenKeyExA
 0x469780 RegCloseKey
user32.dll
 0x469788 GetKeyboardType
 0x46978c DestroyWindow
 0x469790 LoadStringA
 0x469794 MessageBoxA
 0x469798 CharNextA
kernel32.dll
 0x4697a0 GetACP
 0x4697a4 Sleep
 0x4697a8 VirtualFree
 0x4697ac VirtualAlloc
 0x4697b0 GetCurrentThreadId
 0x4697b4 InterlockedDecrement
 0x4697b8 InterlockedIncrement
 0x4697bc VirtualQuery
 0x4697c0 WideCharToMultiByte
 0x4697c4 MultiByteToWideChar
 0x4697c8 lstrlenA
 0x4697cc lstrcpynA
 0x4697d0 LoadLibraryExA
 0x4697d4 GetThreadLocale
 0x4697d8 GetStartupInfoA
 0x4697dc GetProcAddress
 0x4697e0 GetModuleHandleA
 0x4697e4 GetModuleFileNameA
 0x4697e8 GetLocaleInfoA
 0x4697ec GetCommandLineA
 0x4697f0 FreeLibrary
 0x4697f4 FindFirstFileA
 0x4697f8 FindClose
 0x4697fc ExitProcess
 0x469800 CompareStringA
 0x469804 WriteFile
 0x469808 UnhandledExceptionFilter
 0x46980c RtlUnwind
 0x469810 RaiseException
 0x469814 GetStdHandle
kernel32.dll
 0x46981c TlsSetValue
 0x469820 TlsGetValue
 0x469824 LocalAlloc
 0x469828 GetModuleHandleA
user32.dll
 0x469830 CreateWindowExA
 0x469834 WindowFromPoint
 0x469838 WaitMessage
 0x46983c UpdateWindow
 0x469840 UnregisterClassA
 0x469844 UnhookWindowsHookEx
 0x469848 TranslateMessage
 0x46984c TranslateMDISysAccel
 0x469850 TrackPopupMenu
 0x469854 SystemParametersInfoA
 0x469858 ShowWindow
 0x46985c ShowScrollBar
 0x469860 ShowOwnedPopups
 0x469864 SetWindowsHookExA
 0x469868 SetWindowPos
 0x46986c SetWindowPlacement
 0x469870 SetWindowLongW
 0x469874 SetWindowLongA
 0x469878 SetTimer
 0x46987c SetScrollRange
 0x469880 SetScrollPos
 0x469884 SetScrollInfo
 0x469888 SetRect
 0x46988c SetPropA
 0x469890 SetParent
 0x469894 SetMenuItemInfoA
 0x469898 SetMenu
 0x46989c SetForegroundWindow
 0x4698a0 SetFocus
 0x4698a4 SetCursor
 0x4698a8 SetClassLongA
 0x4698ac SetCapture
 0x4698b0 SetActiveWindow
 0x4698b4 SendMessageW
 0x4698b8 SendMessageA
 0x4698bc ScrollWindow
 0x4698c0 ScreenToClient
 0x4698c4 RemovePropA
 0x4698c8 RemoveMenu
 0x4698cc ReleaseDC
 0x4698d0 ReleaseCapture
 0x4698d4 RegisterWindowMessageA
 0x4698d8 RegisterClipboardFormatA
 0x4698dc RegisterClassA
 0x4698e0 RedrawWindow
 0x4698e4 PtInRect
 0x4698e8 PostQuitMessage
 0x4698ec PostMessageA
 0x4698f0 PeekMessageW
 0x4698f4 PeekMessageA
 0x4698f8 OffsetRect
 0x4698fc OemToCharA
 0x469900 MessageBoxA
 0x469904 MapWindowPoints
 0x469908 MapVirtualKeyA
 0x46990c LoadStringA
 0x469910 LoadKeyboardLayoutA
 0x469914 LoadIconA
 0x469918 LoadCursorA
 0x46991c LoadBitmapA
 0x469920 KillTimer
 0x469924 IsZoomed
 0x469928 IsWindowVisible
 0x46992c IsWindowUnicode
 0x469930 IsWindowEnabled
 0x469934 IsWindow
 0x469938 IsRectEmpty
 0x46993c IsIconic
 0x469940 IsDialogMessageW
 0x469944 IsDialogMessageA
 0x469948 IsChild
 0x46994c InvalidateRect
 0x469950 IntersectRect
 0x469954 InsertMenuItemA
 0x469958 InsertMenuA
 0x46995c InflateRect
 0x469960 GetWindowThreadProcessId
 0x469964 GetWindowTextA
 0x469968 GetWindowRect
 0x46996c GetWindowPlacement
 0x469970 GetWindowLongW
 0x469974 GetWindowLongA
 0x469978 GetWindowDC
 0x46997c GetTopWindow
 0x469980 GetSystemMetrics
 0x469984 GetSystemMenu
 0x469988 GetSysColorBrush
 0x46998c GetSysColor
 0x469990 GetSubMenu
 0x469994 GetScrollRange
 0x469998 GetScrollPos
 0x46999c GetScrollInfo
 0x4699a0 GetPropA
 0x4699a4 GetParent
 0x4699a8 GetWindow
 0x4699ac GetMessagePos
 0x4699b0 GetMenuStringA
 0x4699b4 GetMenuState
 0x4699b8 GetMenuItemInfoA
 0x4699bc GetMenuItemID
 0x4699c0 GetMenuItemCount
 0x4699c4 GetMenu
 0x4699c8 GetLastActivePopup
 0x4699cc GetKeyboardState
 0x4699d0 GetKeyboardLayoutNameA
 0x4699d4 GetKeyboardLayoutList
 0x4699d8 GetKeyboardLayout
 0x4699dc GetKeyState
 0x4699e0 GetKeyNameTextA
 0x4699e4 GetIconInfo
 0x4699e8 GetForegroundWindow
 0x4699ec GetFocus
 0x4699f0 GetDesktopWindow
 0x4699f4 GetDCEx
 0x4699f8 GetDC
 0x4699fc GetCursorPos
 0x469a00 GetCursor
 0x469a04 GetClientRect
 0x469a08 GetClassLongA
 0x469a0c GetClassInfoA
 0x469a10 GetCapture
 0x469a14 GetActiveWindow
 0x469a18 FrameRect
 0x469a1c FindWindowA
 0x469a20 FillRect
 0x469a24 EqualRect
 0x469a28 EnumWindows
 0x469a2c EnumThreadWindows
 0x469a30 EnumChildWindows
 0x469a34 EndPaint
 0x469a38 EnableWindow
 0x469a3c EnableScrollBar
 0x469a40 EnableMenuItem
 0x469a44 DrawTextA
 0x469a48 DrawMenuBar
 0x469a4c DrawIconEx
 0x469a50 DrawIcon
 0x469a54 DrawFrameControl
 0x469a58 DrawEdge
 0x469a5c DispatchMessageW
 0x469a60 DispatchMessageA
 0x469a64 DestroyWindow
 0x469a68 DestroyMenu
 0x469a6c DestroyIcon
 0x469a70 DestroyCursor
 0x469a74 DeleteMenu
 0x469a78 DefWindowProcA
 0x469a7c DefMDIChildProcA
 0x469a80 DefFrameProcA
 0x469a84 CreatePopupMenu
 0x469a88 CreateMenu
 0x469a8c CreateIcon
 0x469a90 ClientToScreen
 0x469a94 CheckMenuItem
 0x469a98 CharNextW
 0x469a9c CallWindowProcA
 0x469aa0 CallNextHookEx
 0x469aa4 BeginPaint
 0x469aa8 CharNextA
 0x469aac CharLowerA
 0x469ab0 CharUpperBuffA
 0x469ab4 CharToOemA
 0x469ab8 AdjustWindowRectEx
 0x469abc ActivateKeyboardLayout
gdi32.dll
 0x469ac4 UnrealizeObject
 0x469ac8 StretchBlt
 0x469acc SetWindowOrgEx
 0x469ad0 SetViewportOrgEx
 0x469ad4 SetTextColor
 0x469ad8 SetStretchBltMode
 0x469adc SetROP2
 0x469ae0 SetPixel
 0x469ae4 SetDIBColorTable
 0x469ae8 SetBrushOrgEx
 0x469aec SetBkMode
 0x469af0 SetBkColor
 0x469af4 SelectPalette
 0x469af8 SelectObject
 0x469afc SaveDC
 0x469b00 RestoreDC
 0x469b04 RectVisible
 0x469b08 RealizePalette
 0x469b0c PatBlt
 0x469b10 MoveToEx
 0x469b14 MaskBlt
 0x469b18 LineTo
 0x469b1c IntersectClipRect
 0x469b20 GetWindowOrgEx
 0x469b24 GetTextMetricsA
 0x469b28 GetTextExtentPoint32A
 0x469b2c GetTextAlign
 0x469b30 GetSystemPaletteEntries
 0x469b34 GetStockObject
 0x469b38 GetRgnBox
 0x469b3c GetPixel
 0x469b40 GetPaletteEntries
 0x469b44 GetObjectA
 0x469b48 GetDeviceCaps
 0x469b4c GetDIBits
 0x469b50 GetDIBColorTable
 0x469b54 GetDCOrgEx
 0x469b58 GetCurrentPositionEx
 0x469b5c GetClipBox
 0x469b60 GetBrushOrgEx
 0x469b64 GetBitmapBits
 0x469b68 ExcludeClipRect
 0x469b6c DeleteObject
 0x469b70 DeleteDC
 0x469b74 CreateSolidBrush
 0x469b78 CreatePenIndirect
 0x469b7c CreatePalette
 0x469b80 CreateHalftonePalette
 0x469b84 CreateFontIndirectA
 0x469b88 CreateDIBitmap
 0x469b8c CreateDIBSection
 0x469b90 CreateCompatibleDC
 0x469b94 CreateCompatibleBitmap
 0x469b98 CreateBrushIndirect
 0x469b9c CreateBitmap
 0x469ba0 BitBlt
version.dll
 0x469ba8 VerQueryValueA
 0x469bac GetFileVersionInfoSizeA
 0x469bb0 GetFileVersionInfoA
kernel32.dll
 0x469bb8 lstrcpyA
 0x469bbc WriteFile
 0x469bc0 WaitForSingleObject
 0x469bc4 VirtualQuery
 0x469bc8 VirtualProtect
 0x469bcc VirtualAlloc
 0x469bd0 SizeofResource
 0x469bd4 SetThreadLocale
 0x469bd8 SetFilePointer
 0x469bdc SetEvent
 0x469be0 SetErrorMode
 0x469be4 SetEndOfFile
 0x469be8 ResetEvent
 0x469bec ReadFile
 0x469bf0 MultiByteToWideChar
 0x469bf4 MulDiv
 0x469bf8 LockResource
 0x469bfc LoadResource
 0x469c00 LoadLibraryW
 0x469c04 LoadLibraryA
 0x469c08 LeaveCriticalSection
 0x469c0c InitializeCriticalSection
 0x469c10 GlobalFindAtomA
 0x469c14 GlobalDeleteAtom
 0x469c18 GlobalAddAtomA
 0x469c1c GetVersionExA
 0x469c20 GetVersion
 0x469c24 GetTickCount
 0x469c28 GetThreadLocale
 0x469c2c GetStdHandle
 0x469c30 GetProcAddress
 0x469c34 GetModuleHandleA
 0x469c38 GetModuleFileNameA
 0x469c3c GetLocaleInfoA
 0x469c40 GetLocalTime
 0x469c44 GetLastError
 0x469c48 GetFullPathNameA
 0x469c4c GetDiskFreeSpaceA
 0x469c50 GetDateFormatA
 0x469c54 GetCurrentThreadId
 0x469c58 GetCurrentProcessId
 0x469c5c GetCPInfo
 0x469c60 FreeResource
 0x469c64 InterlockedExchange
 0x469c68 FreeLibrary
 0x469c6c FormatMessageA
 0x469c70 FindResourceA
 0x469c74 EnumCalendarInfoA
 0x469c78 EnterCriticalSection
 0x469c7c DeleteCriticalSection
 0x469c80 CreateThread
 0x469c84 CreateFileA
 0x469c88 CreateEventA
 0x469c8c CompareStringA
 0x469c90 CloseHandle
advapi32.dll
 0x469c98 RegQueryValueExA
 0x469c9c RegOpenKeyExA
 0x469ca0 RegFlushKey
 0x469ca4 RegCloseKey
oleaut32.dll
 0x469cac GetErrorInfo
 0x469cb0 SysFreeString
ole32.dll
 0x469cb8 CoUninitialize
 0x469cbc CoInitialize
comctl32.dll
 0x469cc4 _TrackMouseEvent
 0x469cc8 ImageList_SetIconSize
 0x469ccc ImageList_GetIconSize
 0x469cd0 ImageList_Write
 0x469cd4 ImageList_Read
 0x469cd8 ImageList_DragShowNolock
 0x469cdc ImageList_DragMove
 0x469ce0 ImageList_DragLeave
 0x469ce4 ImageList_DragEnter
 0x469ce8 ImageList_EndDrag
 0x469cec ImageList_BeginDrag
 0x469cf0 ImageList_Remove
 0x469cf4 ImageList_DrawEx
 0x469cf8 ImageList_Draw
 0x469cfc ImageList_GetBkColor
 0x469d00 ImageList_SetBkColor
 0x469d04 ImageList_Add
 0x469d08 ImageList_GetImageCount
 0x469d0c ImageList_Destroy
 0x469d10 ImageList_Create
kernel32.dll
 0x469d18 Sleep
oleaut32.dll
 0x469d20 SafeArrayPtrOfIndex
 0x469d24 SafeArrayPutElement
 0x469d28 SafeArrayGetElement
 0x469d2c SafeArrayUnaccessData
 0x469d30 SafeArrayAccessData
 0x469d34 SafeArrayGetUBound
 0x469d38 SafeArrayGetLBound
 0x469d3c SafeArrayCreate
 0x469d40 VariantChangeType
 0x469d44 VariantCopyInd
 0x469d48 VariantCopy
 0x469d4c VariantClear
 0x469d50 VariantInit
url
 0x469d58 InetIsOffline
kernel32
 0x469d60 AddAtomA

EAT(Export Address Table) is none


Similarity measure (PE file only) - Checking for service failure