ScreenShot
| Created | 2022.01.20 10:25 | Machine | s1_win7_x6401 |
| Filename | V2LD0vsK5Gg50dHb | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 12 detected (malicious, high confidence, Emotet, Eldorado, Attribute, HighConfidence, Convagent, Static AI, Malicious PE, Wacatac, score, BScope) | ||
| md5 | 397fbe9df87a5fa046c2273f3c17e38d | ||
| sha256 | b069a45f27f714faaf91cb78001fc4a4a44d793977315bd85cbf97022e769ac2 | ||
| ssdeep | 6144:LW/LM7l7777WVzQa1Cl0U1DDeialPTSjT0q//nXdzYYcIkptHMCLb2FNqVa8SAGp:lrHa5TS8gNMYcdptQfxV24k3Ayg | ||
| imphash | a408794461f4d4a932d97661330ef414 | ||
| impfuzzy | 192:GVcqwZtFMDB5Dzq0Qd8a3WnxcRcRqqvQs4:GA/QB5/vECvQs4 | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| warning | Generates some ICMP traffic |
| watch | Communicates with host for which no DNS query was performed |
| watch | File has been identified by 12 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Communication to multiple IPs on high port numbers possibly indicative of a peer-to-peer (P2P) or non-standard command and control protocol |
| notice | Expresses interest in specific running processes |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (31cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1004e100 LocalFileTimeToFileTime
0x1004e104 SystemTimeToFileTime
0x1004e108 GetFileSizeEx
0x1004e10c GetModuleHandleW
0x1004e110 GetCurrentDirectoryA
0x1004e114 RtlUnwind
0x1004e118 GetSystemTimeAsFileTime
0x1004e11c GetTimeFormatA
0x1004e120 GetDateFormatA
0x1004e124 GetCommandLineA
0x1004e128 RaiseException
0x1004e12c ExitThread
0x1004e130 CreateThread
0x1004e134 HeapReAlloc
0x1004e138 ExitProcess
0x1004e13c HeapSize
0x1004e140 TerminateProcess
0x1004e144 UnhandledExceptionFilter
0x1004e148 SetUnhandledExceptionFilter
0x1004e14c IsDebuggerPresent
0x1004e150 GetACP
0x1004e154 IsValidCodePage
0x1004e158 LCMapStringA
0x1004e15c LCMapStringW
0x1004e160 GetStringTypeA
0x1004e164 GetStringTypeW
0x1004e168 FileTimeToLocalFileTime
0x1004e16c HeapCreate
0x1004e170 HeapDestroy
0x1004e174 GetStdHandle
0x1004e178 GetTimeZoneInformation
0x1004e17c SetHandleCount
0x1004e180 GetFileType
0x1004e184 GetStartupInfoA
0x1004e188 FreeEnvironmentStringsA
0x1004e18c GetEnvironmentStrings
0x1004e190 FreeEnvironmentStringsW
0x1004e194 GetEnvironmentStringsW
0x1004e198 QueryPerformanceCounter
0x1004e19c GetTickCount
0x1004e1a0 InitializeCriticalSectionAndSpinCount
0x1004e1a4 GetConsoleCP
0x1004e1a8 GetConsoleMode
0x1004e1ac SetStdHandle
0x1004e1b0 WriteConsoleA
0x1004e1b4 GetConsoleOutputCP
0x1004e1b8 WriteConsoleW
0x1004e1bc CompareStringW
0x1004e1c0 SetEnvironmentVariableA
0x1004e1c4 FileTimeToSystemTime
0x1004e1c8 GetOEMCP
0x1004e1cc GetCPInfo
0x1004e1d0 InterlockedIncrement
0x1004e1d4 TlsFree
0x1004e1d8 DeleteCriticalSection
0x1004e1dc LocalReAlloc
0x1004e1e0 TlsSetValue
0x1004e1e4 TlsAlloc
0x1004e1e8 InitializeCriticalSection
0x1004e1ec GlobalHandle
0x1004e1f0 GlobalReAlloc
0x1004e1f4 EnterCriticalSection
0x1004e1f8 TlsGetValue
0x1004e1fc LeaveCriticalSection
0x1004e200 LocalAlloc
0x1004e204 GlobalFlags
0x1004e208 GetDiskFreeSpaceA
0x1004e20c GetFileTime
0x1004e210 SetFileTime
0x1004e214 GetFileAttributesA
0x1004e218 GetPrivateProfileStringA
0x1004e21c WritePrivateProfileStringA
0x1004e220 GetPrivateProfileIntA
0x1004e224 GetCurrentThread
0x1004e228 ConvertDefaultLocale
0x1004e22c EnumResourceLanguagesA
0x1004e230 GetLocaleInfoA
0x1004e234 InterlockedExchange
0x1004e238 GlobalFree
0x1004e23c GlobalAlloc
0x1004e240 GlobalLock
0x1004e244 GlobalUnlock
0x1004e248 FormatMessageA
0x1004e24c LocalFree
0x1004e250 MulDiv
0x1004e254 CreateEventA
0x1004e258 SuspendThread
0x1004e25c SetEvent
0x1004e260 WaitForSingleObject
0x1004e264 ResumeThread
0x1004e268 SetThreadPriority
0x1004e26c CreateFileA
0x1004e270 GetShortPathNameA
0x1004e274 GetFullPathNameA
0x1004e278 GetVolumeInformationA
0x1004e27c FindFirstFileA
0x1004e280 FindClose
0x1004e284 GetCurrentProcess
0x1004e288 DuplicateHandle
0x1004e28c CloseHandle
0x1004e290 GetFileSize
0x1004e294 SetEndOfFile
0x1004e298 UnlockFile
0x1004e29c LockFile
0x1004e2a0 FlushFileBuffers
0x1004e2a4 SetFilePointer
0x1004e2a8 WriteFile
0x1004e2ac ReadFile
0x1004e2b0 lstrcmpiA
0x1004e2b4 GetThreadLocale
0x1004e2b8 GetStringTypeExA
0x1004e2bc MoveFileA
0x1004e2c0 GetCurrentProcessId
0x1004e2c4 GetModuleFileNameA
0x1004e2c8 FreeResource
0x1004e2cc GetCurrentThreadId
0x1004e2d0 GlobalGetAtomNameA
0x1004e2d4 GlobalAddAtomA
0x1004e2d8 GlobalFindAtomA
0x1004e2dc GlobalDeleteAtom
0x1004e2e0 CompareStringA
0x1004e2e4 MultiByteToWideChar
0x1004e2e8 lstrcmpW
0x1004e2ec GetVersionExA
0x1004e2f0 HeapFree
0x1004e2f4 GetNativeSystemInfo
0x1004e2f8 GetProcessHeap
0x1004e2fc HeapAlloc
0x1004e300 FreeLibrary
0x1004e304 IsBadReadPtr
0x1004e308 VirtualProtect
0x1004e30c VirtualAlloc
0x1004e310 VirtualFree
0x1004e314 VirtualQuery
0x1004e318 InterlockedDecrement
0x1004e31c lstrcmpA
0x1004e320 LoadResource
0x1004e324 LockResource
0x1004e328 SizeofResource
0x1004e32c FindResourceA
0x1004e330 WideCharToMultiByte
0x1004e334 GetModuleHandleA
0x1004e338 LoadLibraryA
0x1004e33c GetProcAddress
0x1004e340 GetLastError
0x1004e344 SetLastError
0x1004e348 Sleep
0x1004e34c DeleteFileA
0x1004e350 GetTempPathA
0x1004e354 GetTempFileNameA
0x1004e358 lstrlenA
USER32.dll
0x1004e3b0 WindowFromPoint
0x1004e3b4 GetDCEx
0x1004e3b8 LockWindowUpdate
0x1004e3bc DestroyIcon
0x1004e3c0 TabbedTextOutA
0x1004e3c4 FillRect
0x1004e3c8 ShowOwnedPopups
0x1004e3cc PostQuitMessage
0x1004e3d0 GetMenuItemInfoA
0x1004e3d4 SetParent
0x1004e3d8 GetSystemMenu
0x1004e3dc DeleteMenu
0x1004e3e0 IsRectEmpty
0x1004e3e4 LoadCursorA
0x1004e3e8 DestroyCursor
0x1004e3ec SetCursorPos
0x1004e3f0 SetCapture
0x1004e3f4 RedrawWindow
0x1004e3f8 ClientToScreen
0x1004e3fc InflateRect
0x1004e400 IsZoomed
0x1004e404 UnpackDDElParam
0x1004e408 ReuseDDElParam
0x1004e40c DestroyMenu
0x1004e410 SetCursor
0x1004e414 ReleaseCapture
0x1004e418 LoadAcceleratorsA
0x1004e41c InsertMenuItemA
0x1004e420 CreatePopupMenu
0x1004e424 SetRectEmpty
0x1004e428 BringWindowToTop
0x1004e42c TranslateAcceleratorA
0x1004e430 GetDesktopWindow
0x1004e434 CreateDialogIndirectParamA
0x1004e438 GetNextDlgTabItem
0x1004e43c EndDialog
0x1004e440 GetMenuStringA
0x1004e444 AppendMenuA
0x1004e448 InsertMenuA
0x1004e44c GetMessageA
0x1004e450 TranslateMessage
0x1004e454 GetActiveWindow
0x1004e458 GetCursorPos
0x1004e45c ValidateRect
0x1004e460 CharUpperA
0x1004e464 GetWindowThreadProcessId
0x1004e468 IsWindowEnabled
0x1004e46c ShowWindow
0x1004e470 MoveWindow
0x1004e474 SetWindowTextA
0x1004e478 IsDialogMessageA
0x1004e47c KillTimer
0x1004e480 SetMenuItemBitmaps
0x1004e484 GetMenuCheckMarkDimensions
0x1004e488 LoadBitmapA
0x1004e48c ModifyMenuA
0x1004e490 GetMenuState
0x1004e494 EnableMenuItem
0x1004e498 CheckMenuItem
0x1004e49c RegisterWindowMessageA
0x1004e4a0 SendDlgItemMessageA
0x1004e4a4 WinHelpA
0x1004e4a8 GetCapture
0x1004e4ac SetWindowsHookExA
0x1004e4b0 CallNextHookEx
0x1004e4b4 GetClassLongA
0x1004e4b8 GetClassNameA
0x1004e4bc SetPropA
0x1004e4c0 GetPropA
0x1004e4c4 RemovePropA
0x1004e4c8 SetFocus
0x1004e4cc GetWindowTextLengthA
0x1004e4d0 GetWindowTextA
0x1004e4d4 GetForegroundWindow
0x1004e4d8 GetLastActivePopup
0x1004e4dc SetActiveWindow
0x1004e4e0 DispatchMessageA
0x1004e4e4 BeginDeferWindowPos
0x1004e4e8 EndDeferWindowPos
0x1004e4ec GetDlgItem
0x1004e4f0 GetTopWindow
0x1004e4f4 DestroyWindow
0x1004e4f8 UnhookWindowsHookEx
0x1004e4fc GetMessageTime
0x1004e500 GetMessagePos
0x1004e504 PeekMessageA
0x1004e508 MapWindowPoints
0x1004e50c TrackPopupMenu
0x1004e510 SendMessageA
0x1004e514 LoadIconA
0x1004e518 EnableWindow
0x1004e51c GetSubMenu
0x1004e520 GetKeyState
0x1004e524 SetMenu
0x1004e528 SetScrollPos
0x1004e52c GetScrollPos
0x1004e530 SetForegroundWindow
0x1004e534 IsWindowVisible
0x1004e538 PostMessageA
0x1004e53c GetMenuItemID
0x1004e540 GetMenuItemCount
0x1004e544 MessageBoxA
0x1004e548 CreateWindowExA
0x1004e54c GetClassInfoExA
0x1004e550 SetTimer
0x1004e554 SetRect
0x1004e558 GetSysColorBrush
0x1004e55c EndPaint
0x1004e560 BeginPaint
0x1004e564 GetWindowDC
0x1004e568 GrayStringA
0x1004e56c DrawTextExA
0x1004e570 DrawTextA
0x1004e574 LoadMenuA
0x1004e578 PtInRect
0x1004e57c ScreenToClient
0x1004e580 GetClientRect
0x1004e584 UpdateWindow
0x1004e588 GetWindowRect
0x1004e58c wsprintfA
0x1004e590 IsWindow
0x1004e594 CopyRect
0x1004e598 GetDC
0x1004e59c ReleaseDC
0x1004e5a0 AdjustWindowRectEx
0x1004e5a4 IsIconic
0x1004e5a8 InvalidateRect
0x1004e5ac GetParent
0x1004e5b0 IsChild
0x1004e5b4 GetFocus
0x1004e5b8 GetDlgCtrlID
0x1004e5bc GetWindow
0x1004e5c0 GetClassInfoA
0x1004e5c4 RegisterClassA
0x1004e5c8 GetSysColor
0x1004e5cc EqualRect
0x1004e5d0 DeferWindowPos
0x1004e5d4 DefWindowProcA
0x1004e5d8 CallWindowProcA
0x1004e5dc GetMenu
0x1004e5e0 GetWindowLongA
0x1004e5e4 SetWindowLongA
0x1004e5e8 SetWindowPos
0x1004e5ec OffsetRect
0x1004e5f0 IntersectRect
0x1004e5f4 SystemParametersInfoA
0x1004e5f8 GetWindowPlacement
0x1004e5fc GetSystemMetrics
GDI32.dll
0x1004e044 SetWindowExtEx
0x1004e048 ScaleWindowExtEx
0x1004e04c CreatePatternBrush
0x1004e050 GetStockObject
0x1004e054 CreateSolidBrush
0x1004e058 SetRectRgn
0x1004e05c CombineRgn
0x1004e060 GetBkColor
0x1004e064 SetViewportExtEx
0x1004e068 ScaleViewportExtEx
0x1004e06c OffsetViewportOrgEx
0x1004e070 SetViewportOrgEx
0x1004e074 Escape
0x1004e078 TextOutA
0x1004e07c RectVisible
0x1004e080 PtVisible
0x1004e084 SelectClipRgn
0x1004e088 GetPixel
0x1004e08c CreateRectRgn
0x1004e090 CreateRectRgnIndirect
0x1004e094 IntersectClipRect
0x1004e098 ExcludeClipRect
0x1004e09c SetMapMode
0x1004e0a0 SetBkMode
0x1004e0a4 RestoreDC
0x1004e0a8 SaveDC
0x1004e0ac ExtTextOutA
0x1004e0b0 BitBlt
0x1004e0b4 CreateFontIndirectA
0x1004e0b8 StretchDIBits
0x1004e0bc DeleteDC
0x1004e0c0 CreateFontA
0x1004e0c4 GetCharWidthA
0x1004e0c8 DeleteObject
0x1004e0cc GetTextExtentPoint32A
0x1004e0d0 GetTextMetricsA
0x1004e0d4 SelectObject
0x1004e0d8 CreateCompatibleDC
0x1004e0dc CreateCompatibleBitmap
0x1004e0e0 GetDeviceCaps
0x1004e0e4 CreateBitmap
0x1004e0e8 GetObjectA
0x1004e0ec SetBkColor
0x1004e0f0 SetTextColor
0x1004e0f4 GetClipBox
0x1004e0f8 PatBlt
COMDLG32.dll
0x1004e03c GetFileTitleA
WINSPOOL.DRV
0x1004e604 DocumentPropertiesA
0x1004e608 OpenPrinterA
0x1004e60c ClosePrinter
ADVAPI32.dll
0x1004e000 GetFileSecurityA
0x1004e004 SetFileSecurityA
0x1004e008 RegDeleteValueA
0x1004e00c RegSetValueExA
0x1004e010 RegCreateKeyExA
0x1004e014 RegQueryValueA
0x1004e018 RegEnumKeyA
0x1004e01c RegDeleteKeyA
0x1004e020 RegOpenKeyExA
0x1004e024 RegSetValueA
0x1004e028 RegOpenKeyA
0x1004e02c RegCloseKey
0x1004e030 RegQueryValueExA
0x1004e034 RegCreateKeyA
SHELL32.dll
0x1004e37c SHGetFileInfoA
0x1004e380 DragFinish
0x1004e384 DragQueryFileA
0x1004e388 ExtractIconA
0x1004e38c ShellExecuteA
SHLWAPI.dll
0x1004e394 PathIsUNCA
0x1004e398 PathRemoveFileSpecW
0x1004e39c PathFindExtensionA
0x1004e3a0 PathRemoveExtensionA
0x1004e3a4 PathStripToRootA
0x1004e3a8 PathFindFileNameA
ole32.dll
0x1004e614 CoInitializeEx
0x1004e618 CoTaskMemFree
0x1004e61c CoCreateInstance
0x1004e620 CoUninitialize
0x1004e624 CoInitialize
OLEAUT32.dll
0x1004e360 VariantClear
0x1004e364 VariantInit
0x1004e368 SysFreeString
0x1004e36c SysAllocString
0x1004e370 VariantChangeType
0x1004e374 SysAllocStringLen
EAT(Export Address Table) Library
0x1000b010 DllRegisterServer
KERNEL32.dll
0x1004e100 LocalFileTimeToFileTime
0x1004e104 SystemTimeToFileTime
0x1004e108 GetFileSizeEx
0x1004e10c GetModuleHandleW
0x1004e110 GetCurrentDirectoryA
0x1004e114 RtlUnwind
0x1004e118 GetSystemTimeAsFileTime
0x1004e11c GetTimeFormatA
0x1004e120 GetDateFormatA
0x1004e124 GetCommandLineA
0x1004e128 RaiseException
0x1004e12c ExitThread
0x1004e130 CreateThread
0x1004e134 HeapReAlloc
0x1004e138 ExitProcess
0x1004e13c HeapSize
0x1004e140 TerminateProcess
0x1004e144 UnhandledExceptionFilter
0x1004e148 SetUnhandledExceptionFilter
0x1004e14c IsDebuggerPresent
0x1004e150 GetACP
0x1004e154 IsValidCodePage
0x1004e158 LCMapStringA
0x1004e15c LCMapStringW
0x1004e160 GetStringTypeA
0x1004e164 GetStringTypeW
0x1004e168 FileTimeToLocalFileTime
0x1004e16c HeapCreate
0x1004e170 HeapDestroy
0x1004e174 GetStdHandle
0x1004e178 GetTimeZoneInformation
0x1004e17c SetHandleCount
0x1004e180 GetFileType
0x1004e184 GetStartupInfoA
0x1004e188 FreeEnvironmentStringsA
0x1004e18c GetEnvironmentStrings
0x1004e190 FreeEnvironmentStringsW
0x1004e194 GetEnvironmentStringsW
0x1004e198 QueryPerformanceCounter
0x1004e19c GetTickCount
0x1004e1a0 InitializeCriticalSectionAndSpinCount
0x1004e1a4 GetConsoleCP
0x1004e1a8 GetConsoleMode
0x1004e1ac SetStdHandle
0x1004e1b0 WriteConsoleA
0x1004e1b4 GetConsoleOutputCP
0x1004e1b8 WriteConsoleW
0x1004e1bc CompareStringW
0x1004e1c0 SetEnvironmentVariableA
0x1004e1c4 FileTimeToSystemTime
0x1004e1c8 GetOEMCP
0x1004e1cc GetCPInfo
0x1004e1d0 InterlockedIncrement
0x1004e1d4 TlsFree
0x1004e1d8 DeleteCriticalSection
0x1004e1dc LocalReAlloc
0x1004e1e0 TlsSetValue
0x1004e1e4 TlsAlloc
0x1004e1e8 InitializeCriticalSection
0x1004e1ec GlobalHandle
0x1004e1f0 GlobalReAlloc
0x1004e1f4 EnterCriticalSection
0x1004e1f8 TlsGetValue
0x1004e1fc LeaveCriticalSection
0x1004e200 LocalAlloc
0x1004e204 GlobalFlags
0x1004e208 GetDiskFreeSpaceA
0x1004e20c GetFileTime
0x1004e210 SetFileTime
0x1004e214 GetFileAttributesA
0x1004e218 GetPrivateProfileStringA
0x1004e21c WritePrivateProfileStringA
0x1004e220 GetPrivateProfileIntA
0x1004e224 GetCurrentThread
0x1004e228 ConvertDefaultLocale
0x1004e22c EnumResourceLanguagesA
0x1004e230 GetLocaleInfoA
0x1004e234 InterlockedExchange
0x1004e238 GlobalFree
0x1004e23c GlobalAlloc
0x1004e240 GlobalLock
0x1004e244 GlobalUnlock
0x1004e248 FormatMessageA
0x1004e24c LocalFree
0x1004e250 MulDiv
0x1004e254 CreateEventA
0x1004e258 SuspendThread
0x1004e25c SetEvent
0x1004e260 WaitForSingleObject
0x1004e264 ResumeThread
0x1004e268 SetThreadPriority
0x1004e26c CreateFileA
0x1004e270 GetShortPathNameA
0x1004e274 GetFullPathNameA
0x1004e278 GetVolumeInformationA
0x1004e27c FindFirstFileA
0x1004e280 FindClose
0x1004e284 GetCurrentProcess
0x1004e288 DuplicateHandle
0x1004e28c CloseHandle
0x1004e290 GetFileSize
0x1004e294 SetEndOfFile
0x1004e298 UnlockFile
0x1004e29c LockFile
0x1004e2a0 FlushFileBuffers
0x1004e2a4 SetFilePointer
0x1004e2a8 WriteFile
0x1004e2ac ReadFile
0x1004e2b0 lstrcmpiA
0x1004e2b4 GetThreadLocale
0x1004e2b8 GetStringTypeExA
0x1004e2bc MoveFileA
0x1004e2c0 GetCurrentProcessId
0x1004e2c4 GetModuleFileNameA
0x1004e2c8 FreeResource
0x1004e2cc GetCurrentThreadId
0x1004e2d0 GlobalGetAtomNameA
0x1004e2d4 GlobalAddAtomA
0x1004e2d8 GlobalFindAtomA
0x1004e2dc GlobalDeleteAtom
0x1004e2e0 CompareStringA
0x1004e2e4 MultiByteToWideChar
0x1004e2e8 lstrcmpW
0x1004e2ec GetVersionExA
0x1004e2f0 HeapFree
0x1004e2f4 GetNativeSystemInfo
0x1004e2f8 GetProcessHeap
0x1004e2fc HeapAlloc
0x1004e300 FreeLibrary
0x1004e304 IsBadReadPtr
0x1004e308 VirtualProtect
0x1004e30c VirtualAlloc
0x1004e310 VirtualFree
0x1004e314 VirtualQuery
0x1004e318 InterlockedDecrement
0x1004e31c lstrcmpA
0x1004e320 LoadResource
0x1004e324 LockResource
0x1004e328 SizeofResource
0x1004e32c FindResourceA
0x1004e330 WideCharToMultiByte
0x1004e334 GetModuleHandleA
0x1004e338 LoadLibraryA
0x1004e33c GetProcAddress
0x1004e340 GetLastError
0x1004e344 SetLastError
0x1004e348 Sleep
0x1004e34c DeleteFileA
0x1004e350 GetTempPathA
0x1004e354 GetTempFileNameA
0x1004e358 lstrlenA
USER32.dll
0x1004e3b0 WindowFromPoint
0x1004e3b4 GetDCEx
0x1004e3b8 LockWindowUpdate
0x1004e3bc DestroyIcon
0x1004e3c0 TabbedTextOutA
0x1004e3c4 FillRect
0x1004e3c8 ShowOwnedPopups
0x1004e3cc PostQuitMessage
0x1004e3d0 GetMenuItemInfoA
0x1004e3d4 SetParent
0x1004e3d8 GetSystemMenu
0x1004e3dc DeleteMenu
0x1004e3e0 IsRectEmpty
0x1004e3e4 LoadCursorA
0x1004e3e8 DestroyCursor
0x1004e3ec SetCursorPos
0x1004e3f0 SetCapture
0x1004e3f4 RedrawWindow
0x1004e3f8 ClientToScreen
0x1004e3fc InflateRect
0x1004e400 IsZoomed
0x1004e404 UnpackDDElParam
0x1004e408 ReuseDDElParam
0x1004e40c DestroyMenu
0x1004e410 SetCursor
0x1004e414 ReleaseCapture
0x1004e418 LoadAcceleratorsA
0x1004e41c InsertMenuItemA
0x1004e420 CreatePopupMenu
0x1004e424 SetRectEmpty
0x1004e428 BringWindowToTop
0x1004e42c TranslateAcceleratorA
0x1004e430 GetDesktopWindow
0x1004e434 CreateDialogIndirectParamA
0x1004e438 GetNextDlgTabItem
0x1004e43c EndDialog
0x1004e440 GetMenuStringA
0x1004e444 AppendMenuA
0x1004e448 InsertMenuA
0x1004e44c GetMessageA
0x1004e450 TranslateMessage
0x1004e454 GetActiveWindow
0x1004e458 GetCursorPos
0x1004e45c ValidateRect
0x1004e460 CharUpperA
0x1004e464 GetWindowThreadProcessId
0x1004e468 IsWindowEnabled
0x1004e46c ShowWindow
0x1004e470 MoveWindow
0x1004e474 SetWindowTextA
0x1004e478 IsDialogMessageA
0x1004e47c KillTimer
0x1004e480 SetMenuItemBitmaps
0x1004e484 GetMenuCheckMarkDimensions
0x1004e488 LoadBitmapA
0x1004e48c ModifyMenuA
0x1004e490 GetMenuState
0x1004e494 EnableMenuItem
0x1004e498 CheckMenuItem
0x1004e49c RegisterWindowMessageA
0x1004e4a0 SendDlgItemMessageA
0x1004e4a4 WinHelpA
0x1004e4a8 GetCapture
0x1004e4ac SetWindowsHookExA
0x1004e4b0 CallNextHookEx
0x1004e4b4 GetClassLongA
0x1004e4b8 GetClassNameA
0x1004e4bc SetPropA
0x1004e4c0 GetPropA
0x1004e4c4 RemovePropA
0x1004e4c8 SetFocus
0x1004e4cc GetWindowTextLengthA
0x1004e4d0 GetWindowTextA
0x1004e4d4 GetForegroundWindow
0x1004e4d8 GetLastActivePopup
0x1004e4dc SetActiveWindow
0x1004e4e0 DispatchMessageA
0x1004e4e4 BeginDeferWindowPos
0x1004e4e8 EndDeferWindowPos
0x1004e4ec GetDlgItem
0x1004e4f0 GetTopWindow
0x1004e4f4 DestroyWindow
0x1004e4f8 UnhookWindowsHookEx
0x1004e4fc GetMessageTime
0x1004e500 GetMessagePos
0x1004e504 PeekMessageA
0x1004e508 MapWindowPoints
0x1004e50c TrackPopupMenu
0x1004e510 SendMessageA
0x1004e514 LoadIconA
0x1004e518 EnableWindow
0x1004e51c GetSubMenu
0x1004e520 GetKeyState
0x1004e524 SetMenu
0x1004e528 SetScrollPos
0x1004e52c GetScrollPos
0x1004e530 SetForegroundWindow
0x1004e534 IsWindowVisible
0x1004e538 PostMessageA
0x1004e53c GetMenuItemID
0x1004e540 GetMenuItemCount
0x1004e544 MessageBoxA
0x1004e548 CreateWindowExA
0x1004e54c GetClassInfoExA
0x1004e550 SetTimer
0x1004e554 SetRect
0x1004e558 GetSysColorBrush
0x1004e55c EndPaint
0x1004e560 BeginPaint
0x1004e564 GetWindowDC
0x1004e568 GrayStringA
0x1004e56c DrawTextExA
0x1004e570 DrawTextA
0x1004e574 LoadMenuA
0x1004e578 PtInRect
0x1004e57c ScreenToClient
0x1004e580 GetClientRect
0x1004e584 UpdateWindow
0x1004e588 GetWindowRect
0x1004e58c wsprintfA
0x1004e590 IsWindow
0x1004e594 CopyRect
0x1004e598 GetDC
0x1004e59c ReleaseDC
0x1004e5a0 AdjustWindowRectEx
0x1004e5a4 IsIconic
0x1004e5a8 InvalidateRect
0x1004e5ac GetParent
0x1004e5b0 IsChild
0x1004e5b4 GetFocus
0x1004e5b8 GetDlgCtrlID
0x1004e5bc GetWindow
0x1004e5c0 GetClassInfoA
0x1004e5c4 RegisterClassA
0x1004e5c8 GetSysColor
0x1004e5cc EqualRect
0x1004e5d0 DeferWindowPos
0x1004e5d4 DefWindowProcA
0x1004e5d8 CallWindowProcA
0x1004e5dc GetMenu
0x1004e5e0 GetWindowLongA
0x1004e5e4 SetWindowLongA
0x1004e5e8 SetWindowPos
0x1004e5ec OffsetRect
0x1004e5f0 IntersectRect
0x1004e5f4 SystemParametersInfoA
0x1004e5f8 GetWindowPlacement
0x1004e5fc GetSystemMetrics
GDI32.dll
0x1004e044 SetWindowExtEx
0x1004e048 ScaleWindowExtEx
0x1004e04c CreatePatternBrush
0x1004e050 GetStockObject
0x1004e054 CreateSolidBrush
0x1004e058 SetRectRgn
0x1004e05c CombineRgn
0x1004e060 GetBkColor
0x1004e064 SetViewportExtEx
0x1004e068 ScaleViewportExtEx
0x1004e06c OffsetViewportOrgEx
0x1004e070 SetViewportOrgEx
0x1004e074 Escape
0x1004e078 TextOutA
0x1004e07c RectVisible
0x1004e080 PtVisible
0x1004e084 SelectClipRgn
0x1004e088 GetPixel
0x1004e08c CreateRectRgn
0x1004e090 CreateRectRgnIndirect
0x1004e094 IntersectClipRect
0x1004e098 ExcludeClipRect
0x1004e09c SetMapMode
0x1004e0a0 SetBkMode
0x1004e0a4 RestoreDC
0x1004e0a8 SaveDC
0x1004e0ac ExtTextOutA
0x1004e0b0 BitBlt
0x1004e0b4 CreateFontIndirectA
0x1004e0b8 StretchDIBits
0x1004e0bc DeleteDC
0x1004e0c0 CreateFontA
0x1004e0c4 GetCharWidthA
0x1004e0c8 DeleteObject
0x1004e0cc GetTextExtentPoint32A
0x1004e0d0 GetTextMetricsA
0x1004e0d4 SelectObject
0x1004e0d8 CreateCompatibleDC
0x1004e0dc CreateCompatibleBitmap
0x1004e0e0 GetDeviceCaps
0x1004e0e4 CreateBitmap
0x1004e0e8 GetObjectA
0x1004e0ec SetBkColor
0x1004e0f0 SetTextColor
0x1004e0f4 GetClipBox
0x1004e0f8 PatBlt
COMDLG32.dll
0x1004e03c GetFileTitleA
WINSPOOL.DRV
0x1004e604 DocumentPropertiesA
0x1004e608 OpenPrinterA
0x1004e60c ClosePrinter
ADVAPI32.dll
0x1004e000 GetFileSecurityA
0x1004e004 SetFileSecurityA
0x1004e008 RegDeleteValueA
0x1004e00c RegSetValueExA
0x1004e010 RegCreateKeyExA
0x1004e014 RegQueryValueA
0x1004e018 RegEnumKeyA
0x1004e01c RegDeleteKeyA
0x1004e020 RegOpenKeyExA
0x1004e024 RegSetValueA
0x1004e028 RegOpenKeyA
0x1004e02c RegCloseKey
0x1004e030 RegQueryValueExA
0x1004e034 RegCreateKeyA
SHELL32.dll
0x1004e37c SHGetFileInfoA
0x1004e380 DragFinish
0x1004e384 DragQueryFileA
0x1004e388 ExtractIconA
0x1004e38c ShellExecuteA
SHLWAPI.dll
0x1004e394 PathIsUNCA
0x1004e398 PathRemoveFileSpecW
0x1004e39c PathFindExtensionA
0x1004e3a0 PathRemoveExtensionA
0x1004e3a4 PathStripToRootA
0x1004e3a8 PathFindFileNameA
ole32.dll
0x1004e614 CoInitializeEx
0x1004e618 CoTaskMemFree
0x1004e61c CoCreateInstance
0x1004e620 CoUninitialize
0x1004e624 CoInitialize
OLEAUT32.dll
0x1004e360 VariantClear
0x1004e364 VariantInit
0x1004e368 SysFreeString
0x1004e36c SysAllocString
0x1004e370 VariantChangeType
0x1004e374 SysAllocStringLen
EAT(Export Address Table) Library
0x1000b010 DllRegisterServer