ScreenShot
| Created | 2022.01.20 10:07 | Machine | s1_win7_x6402 |
| Filename | image.png | ||
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 2 detected (malicious, high confidence, Trickbot) | ||
| md5 | 4925a10905e4df9d65e87afed2d77c45 | ||
| sha256 | c4ee1c01c69af8c987dfc5f7790b3c8d2474ae1fe1771d4f2fef9720d54fd3ff | ||
| ssdeep | 12288:hMKk6ZKaLa6pxm7aOO4mKkP8UurFpRlG/34facNQB6+tiEMGZOnEP:hMA26pKaOyKFUurF3kQCcNyX | ||
| imphash | 0fa94d0596d4a5a9d544927617ad10dc | ||
| impfuzzy | 192:YH8R6n0wnsAicbLmVSrdzHRkgXcUKQ+cRcUcvlAtvWPomONQR:Km6AAicxk93ELrtaomONQR | ||
Network IP location
Signature (10cnts)
| Level | Description |
|---|---|
| warning | Generates some ICMP traffic |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | File has been identified by 2 AntiVirus engines on VirusTotal as malicious |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Uses Windows utilities for basic Windows functionality |
| info | Checks amount of memory in system |
| info | Command line console output was observed |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x18006f268 IsDebuggerPresent
0x18006f270 RtlVirtualUnwind
0x18006f278 RtlLookupFunctionEntry
0x18006f280 RtlCaptureContext
0x18006f288 FlsSetValue
0x18006f290 GetCommandLineA
0x18006f298 RtlUnwindEx
0x18006f2a0 RaiseException
0x18006f2a8 RtlPcToFileHeader
0x18006f2b0 Sleep
0x18006f2b8 ExitProcess
0x18006f2c0 HeapReAlloc
0x18006f2c8 GetSystemInfo
0x18006f2d0 HeapQueryInformation
0x18006f2d8 HeapSize
0x18006f2e0 GetStdHandle
0x18006f2e8 HeapSetInformation
0x18006f2f0 HeapCreate
0x18006f2f8 HeapDestroy
0x18006f300 EncodePointer
0x18006f308 DecodePointer
0x18006f310 FlsGetValue
0x18006f318 FlsFree
0x18006f320 FlsAlloc
0x18006f328 SetHandleCount
0x18006f330 GetFileType
0x18006f338 GetStartupInfoA
0x18006f340 GetConsoleCP
0x18006f348 SetUnhandledExceptionFilter
0x18006f350 FreeEnvironmentStringsA
0x18006f358 GetEnvironmentStrings
0x18006f360 FreeEnvironmentStringsW
0x18006f368 GetEnvironmentStringsW
0x18006f370 QueryPerformanceCounter
0x18006f378 GetSystemTimeAsFileTime
0x18006f380 GetACP
0x18006f388 IsValidCodePage
0x18006f390 InitializeCriticalSectionAndSpinCount
0x18006f398 GetStringTypeA
0x18006f3a0 GetStringTypeW
0x18006f3a8 GetTimeZoneInformation
0x18006f3b0 WriteConsoleA
0x18006f3b8 GetConsoleOutputCP
0x18006f3c0 WriteConsoleW
0x18006f3c8 SetStdHandle
0x18006f3d0 LCMapStringA
0x18006f3d8 LCMapStringW
0x18006f3e0 CompareStringW
0x18006f3e8 SetEnvironmentVariableA
0x18006f3f0 UnhandledExceptionFilter
0x18006f3f8 TerminateProcess
0x18006f400 GetFileSizeEx
0x18006f408 SystemTimeToFileTime
0x18006f410 LocalFileTimeToFileTime
0x18006f418 FileTimeToLocalFileTime
0x18006f420 FileTimeToSystemTime
0x18006f428 CreateFileA
0x18006f430 GetShortPathNameA
0x18006f438 GetVolumeInformationA
0x18006f440 FindFirstFileA
0x18006f448 FindClose
0x18006f450 GetCurrentProcess
0x18006f458 DuplicateHandle
0x18006f460 GetFileSize
0x18006f468 SetEndOfFile
0x18006f470 UnlockFile
0x18006f478 LockFile
0x18006f480 FlushFileBuffers
0x18006f488 SetFilePointer
0x18006f490 WriteFile
0x18006f498 ReadFile
0x18006f4a0 lstrcmpiA
0x18006f4a8 GetStringTypeExA
0x18006f4b0 DeleteFileA
0x18006f4b8 MoveFileA
0x18006f4c0 GetThreadLocale
0x18006f4c8 GetCurrentDirectoryA
0x18006f4d0 GetOEMCP
0x18006f4d8 GetCPInfo
0x18006f4e0 DeleteCriticalSection
0x18006f4e8 LocalReAlloc
0x18006f4f0 TlsSetValue
0x18006f4f8 GlobalHandle
0x18006f500 GlobalReAlloc
0x18006f508 TlsAlloc
0x18006f510 InitializeCriticalSection
0x18006f518 EnterCriticalSection
0x18006f520 TlsGetValue
0x18006f528 LeaveCriticalSection
0x18006f530 LocalAlloc
0x18006f538 GlobalFlags
0x18006f540 FormatMessageA
0x18006f548 LocalFree
0x18006f550 MulDiv
0x18006f558 GetDiskFreeSpaceA
0x18006f560 GetFullPathNameA
0x18006f568 GetTempFileNameA
0x18006f570 GetFileTime
0x18006f578 SetFileTime
0x18006f580 GetFileAttributesA
0x18006f588 CloseHandle
0x18006f590 GetPrivateProfileStringA
0x18006f598 WritePrivateProfileStringA
0x18006f5a0 GetPrivateProfileIntA
0x18006f5a8 GetTickCount
0x18006f5b0 GetCurrentThread
0x18006f5b8 ConvertDefaultLocale
0x18006f5c0 EnumResourceLanguagesA
0x18006f5c8 GetLocaleInfoA
0x18006f5d0 lstrcmpA
0x18006f5d8 GlobalAlloc
0x18006f5e0 lstrlenA
0x18006f5e8 GetCurrentProcessId
0x18006f5f0 GetModuleFileNameA
0x18006f5f8 GetCurrentThreadId
0x18006f600 GlobalGetAtomNameA
0x18006f608 GlobalAddAtomA
0x18006f610 GlobalFindAtomA
0x18006f618 GlobalDeleteAtom
0x18006f620 WideCharToMultiByte
0x18006f628 CompareStringA
0x18006f630 GetLastError
0x18006f638 MultiByteToWideChar
0x18006f640 lstrcmpW
0x18006f648 GetModuleHandleA
0x18006f650 GetVersionExA
0x18006f658 SizeofResource
0x18006f660 GlobalLock
0x18006f668 GlobalUnlock
0x18006f670 GlobalFree
0x18006f678 FindResourceA
0x18006f680 LoadResource
0x18006f688 LockResource
0x18006f690 FreeResource
0x18006f698 HeapFree
0x18006f6a0 GetProcessHeap
0x18006f6a8 HeapAlloc
0x18006f6b0 GetModuleHandleW
0x18006f6b8 FreeLibrary
0x18006f6c0 GetProcAddress
0x18006f6c8 LoadLibraryA
0x18006f6d0 IsBadReadPtr
0x18006f6d8 VirtualProtect
0x18006f6e0 SetLastError
0x18006f6e8 VirtualAlloc
0x18006f6f0 VirtualFree
0x18006f6f8 GetConsoleMode
0x18006f700 VirtualQuery
USER32.dll
0x18006f7f8 PostThreadMessageA
0x18006f800 CharNextA
0x18006f808 CopyAcceleratorTableA
0x18006f810 InvalidateRgn
0x18006f818 GetNextDlgGroupItem
0x18006f820 MessageBeep
0x18006f828 DestroyIcon
0x18006f830 CharUpperA
0x18006f838 ShowWindow
0x18006f840 SetWindowTextA
0x18006f848 IsDialogMessageA
0x18006f850 IsDlgButtonChecked
0x18006f858 SetMenuItemBitmaps
0x18006f860 GetMenuCheckMarkDimensions
0x18006f868 ModifyMenuA
0x18006f870 GetMenuState
0x18006f878 EnableMenuItem
0x18006f880 CheckMenuItem
0x18006f888 GetWindowThreadProcessId
0x18006f890 RegisterWindowMessageA
0x18006f898 LoadIconA
0x18006f8a0 SendDlgItemMessageA
0x18006f8a8 WinHelpA
0x18006f8b0 IsChild
0x18006f8b8 GetCapture
0x18006f8c0 SetWindowsHookExA
0x18006f8c8 CallNextHookEx
0x18006f8d0 GetClassLongA
0x18006f8d8 GetClassNameA
0x18006f8e0 GetClassLongPtrA
0x18006f8e8 SetPropA
0x18006f8f0 GetPropA
0x18006f8f8 RemovePropA
0x18006f900 GetFocus
0x18006f908 GetForegroundWindow
0x18006f910 GetLastActivePopup
0x18006f918 DispatchMessageA
0x18006f920 BeginDeferWindowPos
0x18006f928 EndDeferWindowPos
0x18006f930 GetTopWindow
0x18006f938 GetWindowLongPtrA
0x18006f940 SetWindowLongPtrA
0x18006f948 UnhookWindowsHookEx
0x18006f950 GetMessageTime
0x18006f958 GetMessagePos
0x18006f960 PeekMessageA
0x18006f968 MapWindowPoints
0x18006f970 ScrollWindow
0x18006f978 TrackPopupMenu
0x18006f980 GetKeyState
0x18006f988 SetMenu
0x18006f990 GrayStringA
0x18006f998 GetScrollRange
0x18006f9a0 SetForegroundWindow
0x18006f9a8 LockWindowUpdate
0x18006f9b0 IsWindowVisible
0x18006f9b8 GetClientRect
0x18006f9c0 PostMessageA
0x18006f9c8 GetSubMenu
0x18006f9d0 GetMenuItemID
0x18006f9d8 GetMenuItemCount
0x18006f9e0 MessageBoxA
0x18006f9e8 CreateWindowExA
0x18006f9f0 GetClassInfoExA
0x18006f9f8 GetClassInfoA
0x18006fa00 RegisterClassA
0x18006fa08 GetSysColor
0x18006fa10 AdjustWindowRectEx
0x18006fa18 ScreenToClient
0x18006fa20 EqualRect
0x18006fa28 DeferWindowPos
0x18006fa30 GetScrollInfo
0x18006fa38 SetScrollInfo
0x18006fa40 CopyRect
0x18006fa48 PtInRect
0x18006fa50 GetDlgCtrlID
0x18006fa58 DefWindowProcA
0x18006fa60 CallWindowProcA
0x18006fa68 GetMenu
0x18006fa70 SetWindowLongA
0x18006fa78 SetWindowPos
0x18006fa80 OffsetRect
0x18006fa88 IntersectRect
0x18006fa90 SystemParametersInfoA
0x18006fa98 IsIconic
0x18006faa0 GetWindowPlacement
0x18006faa8 GetWindowRect
0x18006fab0 GetSystemMetrics
0x18006fab8 GetWindowTextLengthA
0x18006fac0 GetWindowTextA
0x18006fac8 GetScrollPos
0x18006fad0 SetScrollPos
0x18006fad8 GetWindow
0x18006fae0 DrawTextExA
0x18006fae8 DrawTextA
0x18006faf0 SetFocus
0x18006faf8 GetDesktopWindow
0x18006fb00 TabbedTextOutA
0x18006fb08 InflateRect
0x18006fb10 LoadCursorA
0x18006fb18 SetCapture
0x18006fb20 GetActiveWindow
0x18006fb28 SetActiveWindow
0x18006fb30 CreateDialogIndirectParamA
0x18006fb38 DestroyWindow
0x18006fb40 IsWindow
0x18006fb48 GetWindowLongA
0x18006fb50 GetDlgItem
0x18006fb58 IsWindowEnabled
0x18006fb60 GetParent
0x18006fb68 GetNextDlgTabItem
0x18006fb70 EndDialog
0x18006fb78 LoadBitmapA
0x18006fb80 InvalidateRect
0x18006fb88 GetDC
0x18006fb90 SendMessageA
0x18006fb98 GetDCEx
0x18006fba0 WindowFromPoint
0x18006fba8 SetRect
0x18006fbb0 UpdateWindow
0x18006fbb8 EnableWindow
0x18006fbc0 GetSysColorBrush
0x18006fbc8 GetMenuItemInfoA
0x18006fbd0 EndPaint
0x18006fbd8 BeginPaint
0x18006fbe0 ShowScrollBar
0x18006fbe8 GetWindowDC
0x18006fbf0 KillTimer
0x18006fbf8 SetTimer
0x18006fc00 ClientToScreen
0x18006fc08 SetWindowRgn
0x18006fc10 DrawIcon
0x18006fc18 FillRect
0x18006fc20 GetMenuStringA
0x18006fc28 InsertMenuA
0x18006fc30 ShowOwnedPopups
0x18006fc38 GetMessageA
0x18006fc40 TranslateMessage
0x18006fc48 GetCursorPos
0x18006fc50 ValidateRect
0x18006fc58 SetWindowContextHelpId
0x18006fc60 MapDialogRect
0x18006fc68 RegisterClipboardFormatA
0x18006fc70 PostQuitMessage
0x18006fc78 SetParent
0x18006fc80 GetSystemMenu
0x18006fc88 AppendMenuA
0x18006fc90 DeleteMenu
0x18006fc98 IsRectEmpty
0x18006fca0 ReleaseDC
0x18006fca8 IsZoomed
0x18006fcb0 UnpackDDElParam
0x18006fcb8 ReuseDDElParam
0x18006fcc0 LoadMenuA
0x18006fcc8 DestroyMenu
0x18006fcd0 SetCursor
0x18006fcd8 ReleaseCapture
0x18006fce0 LoadAcceleratorsA
0x18006fce8 InsertMenuItemA
0x18006fcf0 CreatePopupMenu
0x18006fcf8 SetRectEmpty
0x18006fd00 BringWindowToTop
0x18006fd08 SetScrollRange
0x18006fd10 TranslateAcceleratorA
0x18006fd18 MoveWindow
GDI32.dll
0x18006f098 LPtoDP
0x18006f0a0 Ellipse
0x18006f0a8 ExtTextOutA
0x18006f0b0 CreateFontIndirectA
0x18006f0b8 CreateRectRgn
0x18006f0c0 CreateRectRgnIndirect
0x18006f0c8 SetRectRgn
0x18006f0d0 CombineRgn
0x18006f0d8 GetMapMode
0x18006f0e0 PatBlt
0x18006f0e8 CreatePatternBrush
0x18006f0f0 SaveDC
0x18006f0f8 RestoreDC
0x18006f100 SetBkMode
0x18006f108 SetMapMode
0x18006f110 ExcludeClipRect
0x18006f118 IntersectClipRect
0x18006f120 LineTo
0x18006f128 MoveToEx
0x18006f130 SelectClipRgn
0x18006f138 CreateEllipticRgn
0x18006f140 GetWindowExtEx
0x18006f148 BitBlt
0x18006f150 GetPixel
0x18006f158 PtVisible
0x18006f160 RectVisible
0x18006f168 TextOutA
0x18006f170 Escape
0x18006f178 SetViewportOrgEx
0x18006f180 OffsetViewportOrgEx
0x18006f188 SetViewportExtEx
0x18006f190 ScaleViewportExtEx
0x18006f198 SetWindowExtEx
0x18006f1a0 ScaleWindowExtEx
0x18006f1a8 ExtSelectClipRgn
0x18006f1b0 GetStockObject
0x18006f1b8 CreateSolidBrush
0x18006f1c0 GetBkColor
0x18006f1c8 GetTextColor
0x18006f1d0 GetRgnBox
0x18006f1d8 GetDeviceCaps
0x18006f1e0 StretchDIBits
0x18006f1e8 DeleteDC
0x18006f1f0 CreateFontA
0x18006f1f8 GetCharWidthA
0x18006f200 DeleteObject
0x18006f208 GetTextExtentPoint32A
0x18006f210 GetTextMetricsA
0x18006f218 CreateCompatibleBitmap
0x18006f220 CreateBitmap
0x18006f228 GetObjectA
0x18006f230 SetBkColor
0x18006f238 SetTextColor
0x18006f240 GetClipBox
0x18006f248 GetViewportExtEx
0x18006f250 CreateCompatibleDC
0x18006f258 SelectObject
MSIMG32.dll
0x18006f710 TransparentBlt
COMDLG32.dll
0x18006f088 GetFileTitleA
WINSPOOL.DRV
0x18006fd28 DocumentPropertiesA
0x18006fd30 ClosePrinter
0x18006fd38 OpenPrinterA
ADVAPI32.dll
0x18006f000 RegEnumKeyA
0x18006f008 RegCreateKeyA
0x18006f010 RegSetValueA
0x18006f018 GetFileSecurityA
0x18006f020 SetFileSecurityA
0x18006f028 RegQueryValueA
0x18006f030 RegOpenKeyA
0x18006f038 RegCloseKey
0x18006f040 RegDeleteKeyA
0x18006f048 RegDeleteValueA
0x18006f050 RegSetValueExA
0x18006f058 RegCreateKeyExA
0x18006f060 RegOpenKeyExA
0x18006f068 RegQueryValueExA
SHELL32.dll
0x18006f790 DragFinish
0x18006f798 DragQueryFileA
0x18006f7a0 ExtractIconA
0x18006f7a8 SHGetFileInfoA
0x18006f7b0 DragAcceptFiles
COMCTL32.dll
0x18006f078 None
SHLWAPI.dll
0x18006f7c0 PathRemoveExtensionA
0x18006f7c8 PathFindFileNameA
0x18006f7d0 PathStripToRootA
0x18006f7d8 PathIsUNCA
0x18006f7e0 PathFindExtensionA
0x18006f7e8 PathRemoveFileSpecW
oledlg.dll
0x18006fde0 None
ole32.dll
0x18006fd48 CoCreateInstance
0x18006fd50 CreateILockBytesOnHGlobal
0x18006fd58 StgCreateDocfileOnILockBytes
0x18006fd60 StgOpenStorageOnILockBytes
0x18006fd68 CoRegisterMessageFilter
0x18006fd70 OleFlushClipboard
0x18006fd78 OleIsCurrentClipboard
0x18006fd80 CoRevokeClassObject
0x18006fd88 CoGetClassObject
0x18006fd90 CoTaskMemAlloc
0x18006fd98 CoTaskMemFree
0x18006fda0 CLSIDFromString
0x18006fda8 CLSIDFromProgID
0x18006fdb0 OleInitialize
0x18006fdb8 CoFreeUnusedLibraries
0x18006fdc0 OleUninitialize
0x18006fdc8 CoUninitialize
0x18006fdd0 CoInitializeEx
OLEAUT32.dll
0x18006f720 SysAllocStringLen
0x18006f728 SysFreeString
0x18006f730 SysStringLen
0x18006f738 SysAllocStringByteLen
0x18006f740 OleCreateFontIndirect
0x18006f748 VariantTimeToSystemTime
0x18006f750 SystemTimeToVariantTime
0x18006f758 SafeArrayDestroy
0x18006f760 SysAllocString
0x18006f768 VariantCopy
0x18006f770 VariantInit
0x18006f778 VariantClear
0x18006f780 VariantChangeType
EAT(Export Address Table) Library
0x180067520 CarefullyAbout
0x1800674e0 EproyAklW
0x1800674a0 K766MrG4
0x180067460 OlPy2
0x180067420 PeopleAcross
0x1800673e0 ProgrammeSome
0x1800673a0 Yn6xc
0x180067360 n2E5g
KERNEL32.dll
0x18006f268 IsDebuggerPresent
0x18006f270 RtlVirtualUnwind
0x18006f278 RtlLookupFunctionEntry
0x18006f280 RtlCaptureContext
0x18006f288 FlsSetValue
0x18006f290 GetCommandLineA
0x18006f298 RtlUnwindEx
0x18006f2a0 RaiseException
0x18006f2a8 RtlPcToFileHeader
0x18006f2b0 Sleep
0x18006f2b8 ExitProcess
0x18006f2c0 HeapReAlloc
0x18006f2c8 GetSystemInfo
0x18006f2d0 HeapQueryInformation
0x18006f2d8 HeapSize
0x18006f2e0 GetStdHandle
0x18006f2e8 HeapSetInformation
0x18006f2f0 HeapCreate
0x18006f2f8 HeapDestroy
0x18006f300 EncodePointer
0x18006f308 DecodePointer
0x18006f310 FlsGetValue
0x18006f318 FlsFree
0x18006f320 FlsAlloc
0x18006f328 SetHandleCount
0x18006f330 GetFileType
0x18006f338 GetStartupInfoA
0x18006f340 GetConsoleCP
0x18006f348 SetUnhandledExceptionFilter
0x18006f350 FreeEnvironmentStringsA
0x18006f358 GetEnvironmentStrings
0x18006f360 FreeEnvironmentStringsW
0x18006f368 GetEnvironmentStringsW
0x18006f370 QueryPerformanceCounter
0x18006f378 GetSystemTimeAsFileTime
0x18006f380 GetACP
0x18006f388 IsValidCodePage
0x18006f390 InitializeCriticalSectionAndSpinCount
0x18006f398 GetStringTypeA
0x18006f3a0 GetStringTypeW
0x18006f3a8 GetTimeZoneInformation
0x18006f3b0 WriteConsoleA
0x18006f3b8 GetConsoleOutputCP
0x18006f3c0 WriteConsoleW
0x18006f3c8 SetStdHandle
0x18006f3d0 LCMapStringA
0x18006f3d8 LCMapStringW
0x18006f3e0 CompareStringW
0x18006f3e8 SetEnvironmentVariableA
0x18006f3f0 UnhandledExceptionFilter
0x18006f3f8 TerminateProcess
0x18006f400 GetFileSizeEx
0x18006f408 SystemTimeToFileTime
0x18006f410 LocalFileTimeToFileTime
0x18006f418 FileTimeToLocalFileTime
0x18006f420 FileTimeToSystemTime
0x18006f428 CreateFileA
0x18006f430 GetShortPathNameA
0x18006f438 GetVolumeInformationA
0x18006f440 FindFirstFileA
0x18006f448 FindClose
0x18006f450 GetCurrentProcess
0x18006f458 DuplicateHandle
0x18006f460 GetFileSize
0x18006f468 SetEndOfFile
0x18006f470 UnlockFile
0x18006f478 LockFile
0x18006f480 FlushFileBuffers
0x18006f488 SetFilePointer
0x18006f490 WriteFile
0x18006f498 ReadFile
0x18006f4a0 lstrcmpiA
0x18006f4a8 GetStringTypeExA
0x18006f4b0 DeleteFileA
0x18006f4b8 MoveFileA
0x18006f4c0 GetThreadLocale
0x18006f4c8 GetCurrentDirectoryA
0x18006f4d0 GetOEMCP
0x18006f4d8 GetCPInfo
0x18006f4e0 DeleteCriticalSection
0x18006f4e8 LocalReAlloc
0x18006f4f0 TlsSetValue
0x18006f4f8 GlobalHandle
0x18006f500 GlobalReAlloc
0x18006f508 TlsAlloc
0x18006f510 InitializeCriticalSection
0x18006f518 EnterCriticalSection
0x18006f520 TlsGetValue
0x18006f528 LeaveCriticalSection
0x18006f530 LocalAlloc
0x18006f538 GlobalFlags
0x18006f540 FormatMessageA
0x18006f548 LocalFree
0x18006f550 MulDiv
0x18006f558 GetDiskFreeSpaceA
0x18006f560 GetFullPathNameA
0x18006f568 GetTempFileNameA
0x18006f570 GetFileTime
0x18006f578 SetFileTime
0x18006f580 GetFileAttributesA
0x18006f588 CloseHandle
0x18006f590 GetPrivateProfileStringA
0x18006f598 WritePrivateProfileStringA
0x18006f5a0 GetPrivateProfileIntA
0x18006f5a8 GetTickCount
0x18006f5b0 GetCurrentThread
0x18006f5b8 ConvertDefaultLocale
0x18006f5c0 EnumResourceLanguagesA
0x18006f5c8 GetLocaleInfoA
0x18006f5d0 lstrcmpA
0x18006f5d8 GlobalAlloc
0x18006f5e0 lstrlenA
0x18006f5e8 GetCurrentProcessId
0x18006f5f0 GetModuleFileNameA
0x18006f5f8 GetCurrentThreadId
0x18006f600 GlobalGetAtomNameA
0x18006f608 GlobalAddAtomA
0x18006f610 GlobalFindAtomA
0x18006f618 GlobalDeleteAtom
0x18006f620 WideCharToMultiByte
0x18006f628 CompareStringA
0x18006f630 GetLastError
0x18006f638 MultiByteToWideChar
0x18006f640 lstrcmpW
0x18006f648 GetModuleHandleA
0x18006f650 GetVersionExA
0x18006f658 SizeofResource
0x18006f660 GlobalLock
0x18006f668 GlobalUnlock
0x18006f670 GlobalFree
0x18006f678 FindResourceA
0x18006f680 LoadResource
0x18006f688 LockResource
0x18006f690 FreeResource
0x18006f698 HeapFree
0x18006f6a0 GetProcessHeap
0x18006f6a8 HeapAlloc
0x18006f6b0 GetModuleHandleW
0x18006f6b8 FreeLibrary
0x18006f6c0 GetProcAddress
0x18006f6c8 LoadLibraryA
0x18006f6d0 IsBadReadPtr
0x18006f6d8 VirtualProtect
0x18006f6e0 SetLastError
0x18006f6e8 VirtualAlloc
0x18006f6f0 VirtualFree
0x18006f6f8 GetConsoleMode
0x18006f700 VirtualQuery
USER32.dll
0x18006f7f8 PostThreadMessageA
0x18006f800 CharNextA
0x18006f808 CopyAcceleratorTableA
0x18006f810 InvalidateRgn
0x18006f818 GetNextDlgGroupItem
0x18006f820 MessageBeep
0x18006f828 DestroyIcon
0x18006f830 CharUpperA
0x18006f838 ShowWindow
0x18006f840 SetWindowTextA
0x18006f848 IsDialogMessageA
0x18006f850 IsDlgButtonChecked
0x18006f858 SetMenuItemBitmaps
0x18006f860 GetMenuCheckMarkDimensions
0x18006f868 ModifyMenuA
0x18006f870 GetMenuState
0x18006f878 EnableMenuItem
0x18006f880 CheckMenuItem
0x18006f888 GetWindowThreadProcessId
0x18006f890 RegisterWindowMessageA
0x18006f898 LoadIconA
0x18006f8a0 SendDlgItemMessageA
0x18006f8a8 WinHelpA
0x18006f8b0 IsChild
0x18006f8b8 GetCapture
0x18006f8c0 SetWindowsHookExA
0x18006f8c8 CallNextHookEx
0x18006f8d0 GetClassLongA
0x18006f8d8 GetClassNameA
0x18006f8e0 GetClassLongPtrA
0x18006f8e8 SetPropA
0x18006f8f0 GetPropA
0x18006f8f8 RemovePropA
0x18006f900 GetFocus
0x18006f908 GetForegroundWindow
0x18006f910 GetLastActivePopup
0x18006f918 DispatchMessageA
0x18006f920 BeginDeferWindowPos
0x18006f928 EndDeferWindowPos
0x18006f930 GetTopWindow
0x18006f938 GetWindowLongPtrA
0x18006f940 SetWindowLongPtrA
0x18006f948 UnhookWindowsHookEx
0x18006f950 GetMessageTime
0x18006f958 GetMessagePos
0x18006f960 PeekMessageA
0x18006f968 MapWindowPoints
0x18006f970 ScrollWindow
0x18006f978 TrackPopupMenu
0x18006f980 GetKeyState
0x18006f988 SetMenu
0x18006f990 GrayStringA
0x18006f998 GetScrollRange
0x18006f9a0 SetForegroundWindow
0x18006f9a8 LockWindowUpdate
0x18006f9b0 IsWindowVisible
0x18006f9b8 GetClientRect
0x18006f9c0 PostMessageA
0x18006f9c8 GetSubMenu
0x18006f9d0 GetMenuItemID
0x18006f9d8 GetMenuItemCount
0x18006f9e0 MessageBoxA
0x18006f9e8 CreateWindowExA
0x18006f9f0 GetClassInfoExA
0x18006f9f8 GetClassInfoA
0x18006fa00 RegisterClassA
0x18006fa08 GetSysColor
0x18006fa10 AdjustWindowRectEx
0x18006fa18 ScreenToClient
0x18006fa20 EqualRect
0x18006fa28 DeferWindowPos
0x18006fa30 GetScrollInfo
0x18006fa38 SetScrollInfo
0x18006fa40 CopyRect
0x18006fa48 PtInRect
0x18006fa50 GetDlgCtrlID
0x18006fa58 DefWindowProcA
0x18006fa60 CallWindowProcA
0x18006fa68 GetMenu
0x18006fa70 SetWindowLongA
0x18006fa78 SetWindowPos
0x18006fa80 OffsetRect
0x18006fa88 IntersectRect
0x18006fa90 SystemParametersInfoA
0x18006fa98 IsIconic
0x18006faa0 GetWindowPlacement
0x18006faa8 GetWindowRect
0x18006fab0 GetSystemMetrics
0x18006fab8 GetWindowTextLengthA
0x18006fac0 GetWindowTextA
0x18006fac8 GetScrollPos
0x18006fad0 SetScrollPos
0x18006fad8 GetWindow
0x18006fae0 DrawTextExA
0x18006fae8 DrawTextA
0x18006faf0 SetFocus
0x18006faf8 GetDesktopWindow
0x18006fb00 TabbedTextOutA
0x18006fb08 InflateRect
0x18006fb10 LoadCursorA
0x18006fb18 SetCapture
0x18006fb20 GetActiveWindow
0x18006fb28 SetActiveWindow
0x18006fb30 CreateDialogIndirectParamA
0x18006fb38 DestroyWindow
0x18006fb40 IsWindow
0x18006fb48 GetWindowLongA
0x18006fb50 GetDlgItem
0x18006fb58 IsWindowEnabled
0x18006fb60 GetParent
0x18006fb68 GetNextDlgTabItem
0x18006fb70 EndDialog
0x18006fb78 LoadBitmapA
0x18006fb80 InvalidateRect
0x18006fb88 GetDC
0x18006fb90 SendMessageA
0x18006fb98 GetDCEx
0x18006fba0 WindowFromPoint
0x18006fba8 SetRect
0x18006fbb0 UpdateWindow
0x18006fbb8 EnableWindow
0x18006fbc0 GetSysColorBrush
0x18006fbc8 GetMenuItemInfoA
0x18006fbd0 EndPaint
0x18006fbd8 BeginPaint
0x18006fbe0 ShowScrollBar
0x18006fbe8 GetWindowDC
0x18006fbf0 KillTimer
0x18006fbf8 SetTimer
0x18006fc00 ClientToScreen
0x18006fc08 SetWindowRgn
0x18006fc10 DrawIcon
0x18006fc18 FillRect
0x18006fc20 GetMenuStringA
0x18006fc28 InsertMenuA
0x18006fc30 ShowOwnedPopups
0x18006fc38 GetMessageA
0x18006fc40 TranslateMessage
0x18006fc48 GetCursorPos
0x18006fc50 ValidateRect
0x18006fc58 SetWindowContextHelpId
0x18006fc60 MapDialogRect
0x18006fc68 RegisterClipboardFormatA
0x18006fc70 PostQuitMessage
0x18006fc78 SetParent
0x18006fc80 GetSystemMenu
0x18006fc88 AppendMenuA
0x18006fc90 DeleteMenu
0x18006fc98 IsRectEmpty
0x18006fca0 ReleaseDC
0x18006fca8 IsZoomed
0x18006fcb0 UnpackDDElParam
0x18006fcb8 ReuseDDElParam
0x18006fcc0 LoadMenuA
0x18006fcc8 DestroyMenu
0x18006fcd0 SetCursor
0x18006fcd8 ReleaseCapture
0x18006fce0 LoadAcceleratorsA
0x18006fce8 InsertMenuItemA
0x18006fcf0 CreatePopupMenu
0x18006fcf8 SetRectEmpty
0x18006fd00 BringWindowToTop
0x18006fd08 SetScrollRange
0x18006fd10 TranslateAcceleratorA
0x18006fd18 MoveWindow
GDI32.dll
0x18006f098 LPtoDP
0x18006f0a0 Ellipse
0x18006f0a8 ExtTextOutA
0x18006f0b0 CreateFontIndirectA
0x18006f0b8 CreateRectRgn
0x18006f0c0 CreateRectRgnIndirect
0x18006f0c8 SetRectRgn
0x18006f0d0 CombineRgn
0x18006f0d8 GetMapMode
0x18006f0e0 PatBlt
0x18006f0e8 CreatePatternBrush
0x18006f0f0 SaveDC
0x18006f0f8 RestoreDC
0x18006f100 SetBkMode
0x18006f108 SetMapMode
0x18006f110 ExcludeClipRect
0x18006f118 IntersectClipRect
0x18006f120 LineTo
0x18006f128 MoveToEx
0x18006f130 SelectClipRgn
0x18006f138 CreateEllipticRgn
0x18006f140 GetWindowExtEx
0x18006f148 BitBlt
0x18006f150 GetPixel
0x18006f158 PtVisible
0x18006f160 RectVisible
0x18006f168 TextOutA
0x18006f170 Escape
0x18006f178 SetViewportOrgEx
0x18006f180 OffsetViewportOrgEx
0x18006f188 SetViewportExtEx
0x18006f190 ScaleViewportExtEx
0x18006f198 SetWindowExtEx
0x18006f1a0 ScaleWindowExtEx
0x18006f1a8 ExtSelectClipRgn
0x18006f1b0 GetStockObject
0x18006f1b8 CreateSolidBrush
0x18006f1c0 GetBkColor
0x18006f1c8 GetTextColor
0x18006f1d0 GetRgnBox
0x18006f1d8 GetDeviceCaps
0x18006f1e0 StretchDIBits
0x18006f1e8 DeleteDC
0x18006f1f0 CreateFontA
0x18006f1f8 GetCharWidthA
0x18006f200 DeleteObject
0x18006f208 GetTextExtentPoint32A
0x18006f210 GetTextMetricsA
0x18006f218 CreateCompatibleBitmap
0x18006f220 CreateBitmap
0x18006f228 GetObjectA
0x18006f230 SetBkColor
0x18006f238 SetTextColor
0x18006f240 GetClipBox
0x18006f248 GetViewportExtEx
0x18006f250 CreateCompatibleDC
0x18006f258 SelectObject
MSIMG32.dll
0x18006f710 TransparentBlt
COMDLG32.dll
0x18006f088 GetFileTitleA
WINSPOOL.DRV
0x18006fd28 DocumentPropertiesA
0x18006fd30 ClosePrinter
0x18006fd38 OpenPrinterA
ADVAPI32.dll
0x18006f000 RegEnumKeyA
0x18006f008 RegCreateKeyA
0x18006f010 RegSetValueA
0x18006f018 GetFileSecurityA
0x18006f020 SetFileSecurityA
0x18006f028 RegQueryValueA
0x18006f030 RegOpenKeyA
0x18006f038 RegCloseKey
0x18006f040 RegDeleteKeyA
0x18006f048 RegDeleteValueA
0x18006f050 RegSetValueExA
0x18006f058 RegCreateKeyExA
0x18006f060 RegOpenKeyExA
0x18006f068 RegQueryValueExA
SHELL32.dll
0x18006f790 DragFinish
0x18006f798 DragQueryFileA
0x18006f7a0 ExtractIconA
0x18006f7a8 SHGetFileInfoA
0x18006f7b0 DragAcceptFiles
COMCTL32.dll
0x18006f078 None
SHLWAPI.dll
0x18006f7c0 PathRemoveExtensionA
0x18006f7c8 PathFindFileNameA
0x18006f7d0 PathStripToRootA
0x18006f7d8 PathIsUNCA
0x18006f7e0 PathFindExtensionA
0x18006f7e8 PathRemoveFileSpecW
oledlg.dll
0x18006fde0 None
ole32.dll
0x18006fd48 CoCreateInstance
0x18006fd50 CreateILockBytesOnHGlobal
0x18006fd58 StgCreateDocfileOnILockBytes
0x18006fd60 StgOpenStorageOnILockBytes
0x18006fd68 CoRegisterMessageFilter
0x18006fd70 OleFlushClipboard
0x18006fd78 OleIsCurrentClipboard
0x18006fd80 CoRevokeClassObject
0x18006fd88 CoGetClassObject
0x18006fd90 CoTaskMemAlloc
0x18006fd98 CoTaskMemFree
0x18006fda0 CLSIDFromString
0x18006fda8 CLSIDFromProgID
0x18006fdb0 OleInitialize
0x18006fdb8 CoFreeUnusedLibraries
0x18006fdc0 OleUninitialize
0x18006fdc8 CoUninitialize
0x18006fdd0 CoInitializeEx
OLEAUT32.dll
0x18006f720 SysAllocStringLen
0x18006f728 SysFreeString
0x18006f730 SysStringLen
0x18006f738 SysAllocStringByteLen
0x18006f740 OleCreateFontIndirect
0x18006f748 VariantTimeToSystemTime
0x18006f750 SystemTimeToVariantTime
0x18006f758 SafeArrayDestroy
0x18006f760 SysAllocString
0x18006f768 VariantCopy
0x18006f770 VariantInit
0x18006f778 VariantClear
0x18006f780 VariantChangeType
EAT(Export Address Table) Library
0x180067520 CarefullyAbout
0x1800674e0 EproyAklW
0x1800674a0 K766MrG4
0x180067460 OlPy2
0x180067420 PeopleAcross
0x1800673e0 ProgrammeSome
0x1800673a0 Yn6xc
0x180067360 n2E5g