ScreenShot
| Created | 2022.01.13 14:32 | Machine | s1_win7_x6402 |
| Filename | jscript9.dll | ||
| Type | PE32 executable (DLL) (console) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 131e44350f5385da5709499eca72e62b | ||
| sha256 | acae4043770a4a0410ce193c20b114acbf61abdc38ce1b25d25e7babaa1fab42 | ||
| ssdeep | 49152:XO14I8DxeTklSScVOmAQZbQA5SePbvDLpRuU+70AXVC/0uE3a6+LyZECFSWlm:XOOdfDcVVjvDLk70MVTuEq6++ | ||
| imphash | 79dcaa984b8f5c181f91f433b78262cf | ||
| impfuzzy | 192:Q4QIROsHR7gzN0pXDyg3c76wdpWohQFVmWSNWg+aGqn:7DROsHR7MN0pXGg6pW7VmHpP | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (10cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | IAmTheKing_Family | IAmTheKing Family | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ntdll.dll
0x10376488 RtlCaptureContext
msvcrt.dll
0x103762e0 __libm_sse2_asin
0x103762e4 __libm_sse2_acos
0x103762e8 qsort
0x103762ec __libm_sse2_pow
0x103762f0 isdigit
0x103762f4 isalpha
0x103762f8 _wcslwr_s
0x103762fc _wasctime_s
0x10376300 _vscwprintf
0x10376304 qsort_s
0x10376308 modf
0x1037630c _tzset
0x10376310 _ui64tow_s
0x10376314 _itow_s
0x10376318 _snwprintf_s
0x1037631c _beginthreadex
0x10376320 fwprintf
0x10376324 _flushall
0x10376328 fflush
0x1037632c __libm_sse2_exp
0x10376330 fclose
0x10376334 rand
0x10376338 srand
0x1037633c wcstok_s
0x10376340 wcsrchr
0x10376344 _wfsopen
0x10376348 __libm_sse2_atan
0x1037634c wcsstr
0x10376350 wcstoul
0x10376354 _stricmp
0x10376358 vswprintf_s
0x1037635c _i64tow_s
0x10376360 _wcsicmp
0x10376364 _set_SSE2_enable
0x10376368 _localtime32_s
0x1037636c swprintf_s
0x10376370 _ltow
0x10376374 wcscat_s
0x10376378 _vsnwprintf_s
0x1037637c _ltow_s
0x10376380 _ultow_s
0x10376384 _control87
0x10376388 _wcsnicmp
0x1037638c wcsncmp
0x10376390 wcsncpy_s
0x10376394 realloc
0x10376398 _wcsdup
0x1037639c wcschr
0x103763a0 free
0x103763a4 malloc
0x103763a8 wcscpy_s
0x103763ac memmove_s
0x103763b0 _vsnprintf_s
0x103763b4 ??0exception@@QAE@ABV0@@Z
0x103763b8 ??0exception@@QAE@XZ
0x103763bc ??1exception@@UAE@XZ
0x103763c0 __libm_sse2_log
0x103763c4 _wsplitpath_s
0x103763c8 __libm_sse2_cos
0x103763cc __libm_sse2_sin
0x103763d0 __libm_sse2_tan
0x103763d4 memcmp
0x103763d8 __libm_sse2_atan2
0x103763dc strncmp
0x103763e0 wcsncat_s
0x103763e4 iswalpha
0x103763e8 _callnewh
0x103763ec _XcptFilter
0x103763f0 _amsg_exit
0x103763f4 _initterm
0x103763f8 ?terminate@@YAXXZ
0x103763fc _lock
0x10376400 _unlock
0x10376404 __dllonexit
0x10376408 _onexit
0x1037640c ??1type_info@@UAE@XZ
0x10376410 _except_handler4_common
0x10376414 ceil
0x10376418 memcpy
0x1037641c _purecall
0x10376420 memcpy_s
0x10376424 _vsnwprintf
0x10376428 __iob_func
0x1037642c search
0x10376430 _CxxThrowException
0x10376434 memmove
0x10376438 memset
0x1037643c tolower
0x10376440 __CxxFrameHandler3
0x10376444 floor
0x10376448 fwprintf_s
0x1037644c _CIacos
0x10376450 _CIasin
0x10376454 _CIatan
0x10376458 _CIatan2
0x1037645c _CIcos
0x10376460 _CIexp
0x10376464 _CIfmod
0x10376468 _CIlog
0x1037646c _CIpow
0x10376470 _CIsin
0x10376474 _CIsqrt
0x10376478 _CItan
0x1037647c _ftol2
0x10376480 _ftol2_sse
api-ms-win-downlevel-advapi32-l1-1-0.dll
0x1037626c RegSetValueExW
0x10376270 EventRegister
0x10376274 RegCreateKeyExW
0x10376278 RegOpenKeyExW
0x1037627c EventWriteTransfer
0x10376280 RegDeleteKeyExW
0x10376284 EventUnregister
0x10376288 EventWrite
0x1037628c RegQueryValueExW
0x10376290 RegGetValueW
0x10376294 RegCloseKey
api-ms-win-downlevel-shlwapi-l1-1-0.dll
0x1037629c PathGetDriveNumberW
0x103762a0 PathIsUNCW
0x103762a4 PathIsLFNFileSpecW
0x103762a8 PathIsFileSpecW
0x103762ac PathFindFileNameW
0x103762b0 StrTrimW
0x103762b4 PathFileExistsW
0x103762b8 StrCmpLogicalW
0x103762bc PathRemoveFileSpecW
0x103762c0 StrCmpICW
api-ms-win-downlevel-version-l1-1-0.dll
0x103762c8 GetFileVersionInfoSizeExW
0x103762cc GetFileVersionInfoExW
0x103762d0 VerQueryValueW
KERNEL32.dll
0x10376008 ResumeThread
0x1037600c LoadLibraryExA
0x10376010 GetModuleHandleW
0x10376014 MapViewOfFile
0x10376018 CreateFileMappingW
0x1037601c UnmapViewOfFile
0x10376020 CreateFileW
0x10376024 GetUserDefaultUILanguage
0x10376028 GetSystemDefaultUILanguage
0x1037602c SearchPathW
0x10376030 SleepConditionVariableSRW
0x10376034 WakeAllConditionVariable
0x10376038 SetUnhandledExceptionFilter
0x1037603c LocalFree
0x10376040 LocalAlloc
0x10376044 MultiByteToWideChar
0x10376048 FlushInstructionCache
0x1037604c ResetEvent
0x10376050 SetThreadStackGuarantee
0x10376054 GetSystemTimeAdjustment
0x10376058 QueryPerformanceFrequency
0x1037605c CompareStringEx
0x10376060 GetUserDefaultLocaleName
0x10376064 ResolveLocaleName
0x10376068 QueryThreadCycleTime
0x1037606c GetProcessIoCounters
0x10376070 Sleep
0x10376074 GetNumberFormatW
0x10376078 GetTimeFormatW
0x1037607c GetDateFormatW
0x10376080 GetSystemTime
0x10376084 LCMapStringW
0x10376088 CompareStringW
0x1037608c GetTimeZoneInformation
0x10376090 GetStringTypeW
0x10376094 SizeofResource
0x10376098 LockResource
0x1037609c LoadResource
0x103760a0 FindResourceExW
0x103760a4 UnhandledExceptionFilter
0x103760a8 TerminateProcess
0x103760ac InterlockedPushEntrySList
0x103760b0 InterlockedPopEntrySList
0x103760b4 InitializeSListHead
0x103760b8 VirtualAlloc
0x103760bc VirtualFree
0x103760c0 GlobalMemoryStatusEx
0x103760c4 ResetWriteWatch
0x103760c8 FreeLibraryAndExitThread
0x103760cc GetCurrentThread
0x103760d0 SetThreadPriority
0x103760d4 WaitForMultipleObjectsEx
0x103760d8 GetWriteWatch
0x103760dc SetEvent
0x103760e0 CreateEventW
0x103760e4 SystemTimeToTzSpecificLocalTime
0x103760e8 TzSpecificLocalTimeToSystemTime
0x103760ec GetTimeZoneInformationForYear
0x103760f0 SetConsoleTextAttribute
0x103760f4 GetConsoleScreenBufferInfo
0x103760f8 GetStdHandle
0x103760fc GetVersionExW
0x10376100 GetSystemInfo
0x10376104 EncodeSystemPointer
0x10376108 QueryPerformanceCounter
0x1037610c WerGetFlags
0x10376110 VirtualProtect
0x10376114 WerSetFlags
0x10376118 LoadLibraryExW
0x1037611c GetSystemDirectoryW
0x10376120 RaiseException
0x10376124 IsValidCodePage
0x10376128 GetLocaleInfoW
0x1037612c IsValidLocale
0x10376130 VirtualQuery
0x10376134 GetEnvironmentVariableW
0x10376138 GetACP
0x1037613c GetUserDefaultLCID
0x10376140 TlsSetValue
0x10376144 TlsGetValue
0x10376148 TlsFree
0x1037614c TlsAlloc
0x10376150 GetSystemTimeAsFileTime
0x10376154 InitOnceComplete
0x10376158 InitOnceBeginInitialize
0x1037615c RaiseFailFastException
0x10376160 DeleteAtom
0x10376164 TryEnterCriticalSection
0x10376168 FreeLibrary
0x1037616c AddAtomW
0x10376170 FindAtomW
0x10376174 InitializeCriticalSectionAndSpinCount
0x10376178 GetTickCount
0x1037617c InitializeCriticalSection
0x10376180 GetModuleFileNameW
0x10376184 GetCurrentProcess
0x10376188 K32GetModuleInformation
0x1037618c IsDebuggerPresent
0x10376190 DebugBreak
0x10376194 GetProcessHeap
0x10376198 GetCurrentProcessId
0x1037619c DeleteCriticalSection
0x103761a0 AcquireSRWLockShared
0x103761a4 CreateMutexExW
0x103761a8 GetProcAddress
0x103761ac HeapAlloc
0x103761b0 CreateThreadpoolTimer
0x103761b4 ReleaseSRWLockShared
0x103761b8 SetThreadpoolTimer
0x103761bc CloseHandle
0x103761c0 OpenSemaphoreW
0x103761c4 WaitForSingleObjectEx
0x103761c8 AcquireSRWLockExclusive
0x103761cc GetModuleFileNameA
0x103761d0 CreateSemaphoreExW
0x103761d4 HeapFree
0x103761d8 SetLastError
0x103761dc EnterCriticalSection
0x103761e0 ReleaseSemaphore
0x103761e4 GetModuleHandleExW
0x103761e8 LeaveCriticalSection
0x103761ec InitializeCriticalSectionEx
0x103761f0 WaitForThreadpoolTimerCallbacks
0x103761f4 WaitForSingleObject
0x103761f8 GetCurrentThreadId
0x103761fc ReleaseMutex
0x10376200 FormatMessageW
0x10376204 GetLastError
0x10376208 ReleaseSRWLockExclusive
0x1037620c OutputDebugStringW
0x10376210 CloseThreadpoolTimer
0x10376214 DelayLoadFailureHook
crypt.dll
0x103762d8 BCryptGenRandom
RPCRT4.dll
0x1037621c CStdStubBuffer_QueryInterface
0x10376220 CStdStubBuffer_Invoke
0x10376224 IUnknown_AddRef_Proxy
0x10376228 CStdStubBuffer_DebugServerQueryInterface
0x1037622c NdrOleFree
0x10376230 CStdStubBuffer_AddRef
0x10376234 IUnknown_Release_Proxy
0x10376238 NdrDllUnregisterProxy
0x1037623c CStdStubBuffer_CountRefs
0x10376240 CStdStubBuffer_IsIIDSupported
0x10376244 NdrDllCanUnloadNow
0x10376248 CStdStubBuffer_Connect
0x1037624c NdrCStdStubBuffer_Release
0x10376250 CStdStubBuffer_Disconnect
0x10376254 NdrDllGetClassObject
0x10376258 IUnknown_QueryInterface_Proxy
0x1037625c NdrOleAllocate
0x10376260 CStdStubBuffer_DebugServerRelease
0x10376264 NdrDllRegisterProxy
ADVAPI32.dll
0x10376000 CryptReleaseContext
EAT(Export Address Table) Library
0x101e6060 DllCanUnloadNow
0x101052e0 DllGetClassObject
0x101e6110 DllRegisterServer
0x101e6190 DllUnregisterServer
0x101fa6e0 JsAddRef
0x101fa700 JsBoolToBoolean
0x101fa720 JsBooleanToBool
0x101fa740 JsCallFunction
0x101fa780 JsCollectGarbage
0x101fa7a0 JsConstructObject
0x101fa7e0 JsConvertValueToBoolean
0x101fa800 JsConvertValueToNumber
0x101fa820 JsConvertValueToObject
0x101fa840 JsConvertValueToString
0x101fa860 JsCreateArray
0x101fa880 JsCreateContext
0x101fa8c0 JsCreateError
0x101fa8e0 JsCreateExternalObject
0x101fa920 JsCreateExternalType
0x101fa940 JsCreateFunction
0x101fa980 JsCreateObject
0x101fa9a0 JsCreateRangeError
0x101fa9c0 JsCreateReferenceError
0x101fa9e0 JsCreateRuntime
0x101faa20 JsCreateSyntaxError
0x101faa40 JsCreateTypeError
0x101faa60 JsCreateTypedExternalObject
0x101faaa0 JsCreateURIError
0x101faac0 JsDefineProperty
0x101fab00 JsDeleteIndexedProperty
0x101fab20 JsDeleteProperty
0x101fab60 JsDisableRuntimeExecution
0x101fabb0 JsDisposeRuntime
0x101fabd0 JsDoubleToNumber
0x101fabf0 JsEnableRuntimeExecution
0x101fac10 JsEnumerateHeap
0x101fac70 JsEquals
0x101facb0 JsGetAndClearException
0x101fad50 JsGetCurrentContext
0x101fad80 JsGetDefaultTypeDescription
0x101fada0 JsGetExtensionAllowed
0x101fadc0 JsGetExternalData
0x101fade0 JsGetExternalType
0x101fae00 JsGetFalseValue
0x101fae20 JsGetGlobalObject
0x101fae40 JsGetIndexedProperty
0x101fae80 JsGetNullValue
0x101faea0 JsGetOwnPropertyDescriptor
0x101faee0 JsGetOwnPropertyNames
0x101faf00 JsGetProperty
0x101faf40 JsGetPropertyIdFromName
0x101faf60 JsGetPropertyNameFromId
0x101faf80 JsGetPrototype
0x101fafa0 JsGetRuntime
0x101fafe0 JsGetRuntimeMemoryLimit
0x101fb010 JsGetRuntimeMemoryUsage
0x101fb040 JsGetStringLength
0x101fb060 JsGetTrueValue
0x101fb080 JsGetUndefinedValue
0x101fb0a0 JsGetValueType
0x101fb0c0 JsHasException
0x101fb150 JsHasExternalData
0x101fb170 JsHasIndexedProperty
0x101fb1b0 JsHasProperty
0x101fb1f0 JsIdle
0x101fb210 JsIntToNumber
0x101fb230 JsIsEnumeratingHeap
0x101fb280 JsIsRuntimeExecutionDisabled
0x101fb2b0 JsNumberToDouble
0x101fb2d0 JsParseScript
0x101fb300 JsParseSerializedScript
0x101fb330 JsPointerToString
0x101fb370 JsPreventExtension
0x101fb390 JsRelease
0x101fb3b0 JsRunScript
0x101fb3e0 JsRunSerializedScript
0x101fb410 JsSerializeScript
0x101fb4c0 JsSetCurrentContext
0x101fb4e0 JsSetException
0x101fb500 JsSetExternalData
0x101fb520 JsSetIndexedProperty
0x101fb560 JsSetProperty
0x101fb5a0 JsSetPrototype
0x101fb5c0 JsSetRuntimeBeforeCollectCallback
0x101fb600 JsSetRuntimeMemoryAllocationCallback
0x101fb630 JsSetRuntimeMemoryLimit
0x101fb650 JsStartDebugging
0x101fb670 JsStartProfiling
0x101fb6b0 JsStopProfiling
0x101fb6d0 JsStrictEquals
0x101fb710 JsStringToPointer
0x101fb750 JsValueToVariant
0x100971a0 JsVarAddRef
0x101303e0 JsVarRelease
0x1012e520 JsVarToExtension
0x1020f3c0 JsVarToScriptDirect
0x101fb770 JsVariantToValue
ntdll.dll
0x10376488 RtlCaptureContext
msvcrt.dll
0x103762e0 __libm_sse2_asin
0x103762e4 __libm_sse2_acos
0x103762e8 qsort
0x103762ec __libm_sse2_pow
0x103762f0 isdigit
0x103762f4 isalpha
0x103762f8 _wcslwr_s
0x103762fc _wasctime_s
0x10376300 _vscwprintf
0x10376304 qsort_s
0x10376308 modf
0x1037630c _tzset
0x10376310 _ui64tow_s
0x10376314 _itow_s
0x10376318 _snwprintf_s
0x1037631c _beginthreadex
0x10376320 fwprintf
0x10376324 _flushall
0x10376328 fflush
0x1037632c __libm_sse2_exp
0x10376330 fclose
0x10376334 rand
0x10376338 srand
0x1037633c wcstok_s
0x10376340 wcsrchr
0x10376344 _wfsopen
0x10376348 __libm_sse2_atan
0x1037634c wcsstr
0x10376350 wcstoul
0x10376354 _stricmp
0x10376358 vswprintf_s
0x1037635c _i64tow_s
0x10376360 _wcsicmp
0x10376364 _set_SSE2_enable
0x10376368 _localtime32_s
0x1037636c swprintf_s
0x10376370 _ltow
0x10376374 wcscat_s
0x10376378 _vsnwprintf_s
0x1037637c _ltow_s
0x10376380 _ultow_s
0x10376384 _control87
0x10376388 _wcsnicmp
0x1037638c wcsncmp
0x10376390 wcsncpy_s
0x10376394 realloc
0x10376398 _wcsdup
0x1037639c wcschr
0x103763a0 free
0x103763a4 malloc
0x103763a8 wcscpy_s
0x103763ac memmove_s
0x103763b0 _vsnprintf_s
0x103763b4 ??0exception@@QAE@ABV0@@Z
0x103763b8 ??0exception@@QAE@XZ
0x103763bc ??1exception@@UAE@XZ
0x103763c0 __libm_sse2_log
0x103763c4 _wsplitpath_s
0x103763c8 __libm_sse2_cos
0x103763cc __libm_sse2_sin
0x103763d0 __libm_sse2_tan
0x103763d4 memcmp
0x103763d8 __libm_sse2_atan2
0x103763dc strncmp
0x103763e0 wcsncat_s
0x103763e4 iswalpha
0x103763e8 _callnewh
0x103763ec _XcptFilter
0x103763f0 _amsg_exit
0x103763f4 _initterm
0x103763f8 ?terminate@@YAXXZ
0x103763fc _lock
0x10376400 _unlock
0x10376404 __dllonexit
0x10376408 _onexit
0x1037640c ??1type_info@@UAE@XZ
0x10376410 _except_handler4_common
0x10376414 ceil
0x10376418 memcpy
0x1037641c _purecall
0x10376420 memcpy_s
0x10376424 _vsnwprintf
0x10376428 __iob_func
0x1037642c search
0x10376430 _CxxThrowException
0x10376434 memmove
0x10376438 memset
0x1037643c tolower
0x10376440 __CxxFrameHandler3
0x10376444 floor
0x10376448 fwprintf_s
0x1037644c _CIacos
0x10376450 _CIasin
0x10376454 _CIatan
0x10376458 _CIatan2
0x1037645c _CIcos
0x10376460 _CIexp
0x10376464 _CIfmod
0x10376468 _CIlog
0x1037646c _CIpow
0x10376470 _CIsin
0x10376474 _CIsqrt
0x10376478 _CItan
0x1037647c _ftol2
0x10376480 _ftol2_sse
api-ms-win-downlevel-advapi32-l1-1-0.dll
0x1037626c RegSetValueExW
0x10376270 EventRegister
0x10376274 RegCreateKeyExW
0x10376278 RegOpenKeyExW
0x1037627c EventWriteTransfer
0x10376280 RegDeleteKeyExW
0x10376284 EventUnregister
0x10376288 EventWrite
0x1037628c RegQueryValueExW
0x10376290 RegGetValueW
0x10376294 RegCloseKey
api-ms-win-downlevel-shlwapi-l1-1-0.dll
0x1037629c PathGetDriveNumberW
0x103762a0 PathIsUNCW
0x103762a4 PathIsLFNFileSpecW
0x103762a8 PathIsFileSpecW
0x103762ac PathFindFileNameW
0x103762b0 StrTrimW
0x103762b4 PathFileExistsW
0x103762b8 StrCmpLogicalW
0x103762bc PathRemoveFileSpecW
0x103762c0 StrCmpICW
api-ms-win-downlevel-version-l1-1-0.dll
0x103762c8 GetFileVersionInfoSizeExW
0x103762cc GetFileVersionInfoExW
0x103762d0 VerQueryValueW
KERNEL32.dll
0x10376008 ResumeThread
0x1037600c LoadLibraryExA
0x10376010 GetModuleHandleW
0x10376014 MapViewOfFile
0x10376018 CreateFileMappingW
0x1037601c UnmapViewOfFile
0x10376020 CreateFileW
0x10376024 GetUserDefaultUILanguage
0x10376028 GetSystemDefaultUILanguage
0x1037602c SearchPathW
0x10376030 SleepConditionVariableSRW
0x10376034 WakeAllConditionVariable
0x10376038 SetUnhandledExceptionFilter
0x1037603c LocalFree
0x10376040 LocalAlloc
0x10376044 MultiByteToWideChar
0x10376048 FlushInstructionCache
0x1037604c ResetEvent
0x10376050 SetThreadStackGuarantee
0x10376054 GetSystemTimeAdjustment
0x10376058 QueryPerformanceFrequency
0x1037605c CompareStringEx
0x10376060 GetUserDefaultLocaleName
0x10376064 ResolveLocaleName
0x10376068 QueryThreadCycleTime
0x1037606c GetProcessIoCounters
0x10376070 Sleep
0x10376074 GetNumberFormatW
0x10376078 GetTimeFormatW
0x1037607c GetDateFormatW
0x10376080 GetSystemTime
0x10376084 LCMapStringW
0x10376088 CompareStringW
0x1037608c GetTimeZoneInformation
0x10376090 GetStringTypeW
0x10376094 SizeofResource
0x10376098 LockResource
0x1037609c LoadResource
0x103760a0 FindResourceExW
0x103760a4 UnhandledExceptionFilter
0x103760a8 TerminateProcess
0x103760ac InterlockedPushEntrySList
0x103760b0 InterlockedPopEntrySList
0x103760b4 InitializeSListHead
0x103760b8 VirtualAlloc
0x103760bc VirtualFree
0x103760c0 GlobalMemoryStatusEx
0x103760c4 ResetWriteWatch
0x103760c8 FreeLibraryAndExitThread
0x103760cc GetCurrentThread
0x103760d0 SetThreadPriority
0x103760d4 WaitForMultipleObjectsEx
0x103760d8 GetWriteWatch
0x103760dc SetEvent
0x103760e0 CreateEventW
0x103760e4 SystemTimeToTzSpecificLocalTime
0x103760e8 TzSpecificLocalTimeToSystemTime
0x103760ec GetTimeZoneInformationForYear
0x103760f0 SetConsoleTextAttribute
0x103760f4 GetConsoleScreenBufferInfo
0x103760f8 GetStdHandle
0x103760fc GetVersionExW
0x10376100 GetSystemInfo
0x10376104 EncodeSystemPointer
0x10376108 QueryPerformanceCounter
0x1037610c WerGetFlags
0x10376110 VirtualProtect
0x10376114 WerSetFlags
0x10376118 LoadLibraryExW
0x1037611c GetSystemDirectoryW
0x10376120 RaiseException
0x10376124 IsValidCodePage
0x10376128 GetLocaleInfoW
0x1037612c IsValidLocale
0x10376130 VirtualQuery
0x10376134 GetEnvironmentVariableW
0x10376138 GetACP
0x1037613c GetUserDefaultLCID
0x10376140 TlsSetValue
0x10376144 TlsGetValue
0x10376148 TlsFree
0x1037614c TlsAlloc
0x10376150 GetSystemTimeAsFileTime
0x10376154 InitOnceComplete
0x10376158 InitOnceBeginInitialize
0x1037615c RaiseFailFastException
0x10376160 DeleteAtom
0x10376164 TryEnterCriticalSection
0x10376168 FreeLibrary
0x1037616c AddAtomW
0x10376170 FindAtomW
0x10376174 InitializeCriticalSectionAndSpinCount
0x10376178 GetTickCount
0x1037617c InitializeCriticalSection
0x10376180 GetModuleFileNameW
0x10376184 GetCurrentProcess
0x10376188 K32GetModuleInformation
0x1037618c IsDebuggerPresent
0x10376190 DebugBreak
0x10376194 GetProcessHeap
0x10376198 GetCurrentProcessId
0x1037619c DeleteCriticalSection
0x103761a0 AcquireSRWLockShared
0x103761a4 CreateMutexExW
0x103761a8 GetProcAddress
0x103761ac HeapAlloc
0x103761b0 CreateThreadpoolTimer
0x103761b4 ReleaseSRWLockShared
0x103761b8 SetThreadpoolTimer
0x103761bc CloseHandle
0x103761c0 OpenSemaphoreW
0x103761c4 WaitForSingleObjectEx
0x103761c8 AcquireSRWLockExclusive
0x103761cc GetModuleFileNameA
0x103761d0 CreateSemaphoreExW
0x103761d4 HeapFree
0x103761d8 SetLastError
0x103761dc EnterCriticalSection
0x103761e0 ReleaseSemaphore
0x103761e4 GetModuleHandleExW
0x103761e8 LeaveCriticalSection
0x103761ec InitializeCriticalSectionEx
0x103761f0 WaitForThreadpoolTimerCallbacks
0x103761f4 WaitForSingleObject
0x103761f8 GetCurrentThreadId
0x103761fc ReleaseMutex
0x10376200 FormatMessageW
0x10376204 GetLastError
0x10376208 ReleaseSRWLockExclusive
0x1037620c OutputDebugStringW
0x10376210 CloseThreadpoolTimer
0x10376214 DelayLoadFailureHook
crypt.dll
0x103762d8 BCryptGenRandom
RPCRT4.dll
0x1037621c CStdStubBuffer_QueryInterface
0x10376220 CStdStubBuffer_Invoke
0x10376224 IUnknown_AddRef_Proxy
0x10376228 CStdStubBuffer_DebugServerQueryInterface
0x1037622c NdrOleFree
0x10376230 CStdStubBuffer_AddRef
0x10376234 IUnknown_Release_Proxy
0x10376238 NdrDllUnregisterProxy
0x1037623c CStdStubBuffer_CountRefs
0x10376240 CStdStubBuffer_IsIIDSupported
0x10376244 NdrDllCanUnloadNow
0x10376248 CStdStubBuffer_Connect
0x1037624c NdrCStdStubBuffer_Release
0x10376250 CStdStubBuffer_Disconnect
0x10376254 NdrDllGetClassObject
0x10376258 IUnknown_QueryInterface_Proxy
0x1037625c NdrOleAllocate
0x10376260 CStdStubBuffer_DebugServerRelease
0x10376264 NdrDllRegisterProxy
ADVAPI32.dll
0x10376000 CryptReleaseContext
EAT(Export Address Table) Library
0x101e6060 DllCanUnloadNow
0x101052e0 DllGetClassObject
0x101e6110 DllRegisterServer
0x101e6190 DllUnregisterServer
0x101fa6e0 JsAddRef
0x101fa700 JsBoolToBoolean
0x101fa720 JsBooleanToBool
0x101fa740 JsCallFunction
0x101fa780 JsCollectGarbage
0x101fa7a0 JsConstructObject
0x101fa7e0 JsConvertValueToBoolean
0x101fa800 JsConvertValueToNumber
0x101fa820 JsConvertValueToObject
0x101fa840 JsConvertValueToString
0x101fa860 JsCreateArray
0x101fa880 JsCreateContext
0x101fa8c0 JsCreateError
0x101fa8e0 JsCreateExternalObject
0x101fa920 JsCreateExternalType
0x101fa940 JsCreateFunction
0x101fa980 JsCreateObject
0x101fa9a0 JsCreateRangeError
0x101fa9c0 JsCreateReferenceError
0x101fa9e0 JsCreateRuntime
0x101faa20 JsCreateSyntaxError
0x101faa40 JsCreateTypeError
0x101faa60 JsCreateTypedExternalObject
0x101faaa0 JsCreateURIError
0x101faac0 JsDefineProperty
0x101fab00 JsDeleteIndexedProperty
0x101fab20 JsDeleteProperty
0x101fab60 JsDisableRuntimeExecution
0x101fabb0 JsDisposeRuntime
0x101fabd0 JsDoubleToNumber
0x101fabf0 JsEnableRuntimeExecution
0x101fac10 JsEnumerateHeap
0x101fac70 JsEquals
0x101facb0 JsGetAndClearException
0x101fad50 JsGetCurrentContext
0x101fad80 JsGetDefaultTypeDescription
0x101fada0 JsGetExtensionAllowed
0x101fadc0 JsGetExternalData
0x101fade0 JsGetExternalType
0x101fae00 JsGetFalseValue
0x101fae20 JsGetGlobalObject
0x101fae40 JsGetIndexedProperty
0x101fae80 JsGetNullValue
0x101faea0 JsGetOwnPropertyDescriptor
0x101faee0 JsGetOwnPropertyNames
0x101faf00 JsGetProperty
0x101faf40 JsGetPropertyIdFromName
0x101faf60 JsGetPropertyNameFromId
0x101faf80 JsGetPrototype
0x101fafa0 JsGetRuntime
0x101fafe0 JsGetRuntimeMemoryLimit
0x101fb010 JsGetRuntimeMemoryUsage
0x101fb040 JsGetStringLength
0x101fb060 JsGetTrueValue
0x101fb080 JsGetUndefinedValue
0x101fb0a0 JsGetValueType
0x101fb0c0 JsHasException
0x101fb150 JsHasExternalData
0x101fb170 JsHasIndexedProperty
0x101fb1b0 JsHasProperty
0x101fb1f0 JsIdle
0x101fb210 JsIntToNumber
0x101fb230 JsIsEnumeratingHeap
0x101fb280 JsIsRuntimeExecutionDisabled
0x101fb2b0 JsNumberToDouble
0x101fb2d0 JsParseScript
0x101fb300 JsParseSerializedScript
0x101fb330 JsPointerToString
0x101fb370 JsPreventExtension
0x101fb390 JsRelease
0x101fb3b0 JsRunScript
0x101fb3e0 JsRunSerializedScript
0x101fb410 JsSerializeScript
0x101fb4c0 JsSetCurrentContext
0x101fb4e0 JsSetException
0x101fb500 JsSetExternalData
0x101fb520 JsSetIndexedProperty
0x101fb560 JsSetProperty
0x101fb5a0 JsSetPrototype
0x101fb5c0 JsSetRuntimeBeforeCollectCallback
0x101fb600 JsSetRuntimeMemoryAllocationCallback
0x101fb630 JsSetRuntimeMemoryLimit
0x101fb650 JsStartDebugging
0x101fb670 JsStartProfiling
0x101fb6b0 JsStopProfiling
0x101fb6d0 JsStrictEquals
0x101fb710 JsStringToPointer
0x101fb750 JsValueToVariant
0x100971a0 JsVarAddRef
0x101303e0 JsVarRelease
0x1012e520 JsVarToExtension
0x1020f3c0 JsVarToScriptDirect
0x101fb770 JsVariantToValue