ScreenShot
| Created | 2022.01.21 10:14 | Machine | s1_win7_x6401 |
| Filename | HyMifM | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 6 detected (malicious, high confidence, score, Emotet, Strealer, YzY0OmNYIOKEG6Ko) | ||
| md5 | 5e0566f6d637adbd87305470aa05d9db | ||
| sha256 | eaa92e10a674a48b8f6981e9d59f5c5e66e90dc8e8af99adc589b73265890e6e | ||
| ssdeep | 12288:Td0saabmsb61ZuV3ZGuyfEgXkvPLEbsWrxD8iP29pi9NaG1DjsgqXXvhhcwEPwqh:68mi61ZuRZGuyfEgXkvPLEbsODYDYVnm | ||
| imphash | 42bfc936e90bcc6f5b01541917ef37a4 | ||
| impfuzzy | 192:6cNdk0wZ3AOm4dDskRsFeYKVmUKTactcRcy1pWPwONQR:6mdu/skhVQmEElUwONQR | ||
Network IP location
Signature (14cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| warning | Generates some ICMP traffic |
| watch | Communicates with host for which no DNS query was performed |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Communication to multiple IPs on high port numbers possibly indicative of a peer-to-peer (P2P) or non-standard command and control protocol |
| notice | Expresses interest in specific running processes |
| notice | File has been identified by 6 AntiVirus engines on VirusTotal as malicious |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (31cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1004f138 GetCommandLineA
0x1004f13c ExitProcess
0x1004f140 RtlUnwind
0x1004f144 TerminateProcess
0x1004f148 HeapReAlloc
0x1004f14c HeapSize
0x1004f150 HeapDestroy
0x1004f154 HeapCreate
0x1004f158 IsBadWritePtr
0x1004f15c SetHandleCount
0x1004f160 GetStdHandle
0x1004f164 GetFileType
0x1004f168 GetStartupInfoA
0x1004f16c FreeEnvironmentStringsA
0x1004f170 GetEnvironmentStrings
0x1004f174 FreeEnvironmentStringsW
0x1004f178 GetEnvironmentStringsW
0x1004f17c GetSystemInfo
0x1004f180 QueryPerformanceCounter
0x1004f184 GetCurrentProcessId
0x1004f188 GetSystemTimeAsFileTime
0x1004f18c SetUnhandledExceptionFilter
0x1004f190 LCMapStringA
0x1004f194 LCMapStringW
0x1004f198 GetStringTypeA
0x1004f19c GetStringTypeW
0x1004f1a0 GetTimeZoneInformation
0x1004f1a4 GetUserDefaultLCID
0x1004f1a8 EnumSystemLocalesA
0x1004f1ac IsValidLocale
0x1004f1b0 IsValidCodePage
0x1004f1b4 SetStdHandle
0x1004f1b8 IsBadCodePtr
0x1004f1bc GetLocaleInfoW
0x1004f1c0 SetEnvironmentVariableA
0x1004f1c4 SystemTimeToFileTime
0x1004f1c8 LocalFileTimeToFileTime
0x1004f1cc FileTimeToLocalFileTime
0x1004f1d0 FileTimeToSystemTime
0x1004f1d4 GetShortPathNameA
0x1004f1d8 CreateFileA
0x1004f1dc GetVolumeInformationA
0x1004f1e0 FindFirstFileA
0x1004f1e4 FindClose
0x1004f1e8 GetCurrentProcess
0x1004f1ec DuplicateHandle
0x1004f1f0 GetFileSize
0x1004f1f4 SetEndOfFile
0x1004f1f8 UnlockFile
0x1004f1fc LockFile
0x1004f200 FlushFileBuffers
0x1004f204 SetFilePointer
0x1004f208 WriteFile
0x1004f20c ReadFile
0x1004f210 DeleteFileA
0x1004f214 MoveFileA
0x1004f218 GetCurrentDirectoryA
0x1004f21c GetOEMCP
0x1004f220 GetCPInfo
0x1004f224 InterlockedIncrement
0x1004f228 TlsFree
0x1004f22c LocalReAlloc
0x1004f230 TlsSetValue
0x1004f234 TlsAlloc
0x1004f238 TlsGetValue
0x1004f23c EnterCriticalSection
0x1004f240 GlobalHandle
0x1004f244 GlobalReAlloc
0x1004f248 LeaveCriticalSection
0x1004f24c LocalAlloc
0x1004f250 GlobalFlags
0x1004f254 DeleteCriticalSection
0x1004f258 InitializeCriticalSection
0x1004f25c RaiseException
0x1004f260 InterlockedDecrement
0x1004f264 MulDiv
0x1004f268 FormatMessageA
0x1004f26c LocalFree
0x1004f270 GetDiskFreeSpaceA
0x1004f274 GetFullPathNameA
0x1004f278 GetTempFileNameA
0x1004f27c GetFileTime
0x1004f280 SetFileTime
0x1004f284 GetFileAttributesA
0x1004f288 CloseHandle
0x1004f28c GetPrivateProfileStringA
0x1004f290 WritePrivateProfileStringA
0x1004f294 GetPrivateProfileIntA
0x1004f298 GetTickCount
0x1004f29c GetCurrentThread
0x1004f2a0 GlobalAlloc
0x1004f2a4 lstrcmpA
0x1004f2a8 ConvertDefaultLocale
0x1004f2ac EnumResourceLanguagesA
0x1004f2b0 lstrcpyA
0x1004f2b4 GetModuleFileNameA
0x1004f2b8 SizeofResource
0x1004f2bc GetCurrentThreadId
0x1004f2c0 GlobalGetAtomNameA
0x1004f2c4 GlobalAddAtomA
0x1004f2c8 GlobalFindAtomA
0x1004f2cc GlobalDeleteAtom
0x1004f2d0 lstrcatA
0x1004f2d4 lstrcmpW
0x1004f2d8 lstrcpynA
0x1004f2dc GetModuleHandleA
0x1004f2e0 GlobalLock
0x1004f2e4 GlobalUnlock
0x1004f2e8 GlobalFree
0x1004f2ec FindResourceA
0x1004f2f0 LoadResource
0x1004f2f4 LockResource
0x1004f2f8 FreeResource
0x1004f2fc GetVersion
0x1004f300 GetVersionExA
0x1004f304 CompareStringA
0x1004f308 GetThreadLocale
0x1004f30c lstrcmpiA
0x1004f310 GetLastError
0x1004f314 InterlockedExchange
0x1004f318 GetStringTypeExA
0x1004f31c MultiByteToWideChar
0x1004f320 GetACP
0x1004f324 CompareStringW
0x1004f328 WideCharToMultiByte
0x1004f32c GetLocaleInfoA
0x1004f330 lstrlenA
0x1004f334 HeapFree
0x1004f338 GetProcessHeap
0x1004f33c HeapAlloc
0x1004f340 GetModuleHandleW
0x1004f344 FreeLibrary
0x1004f348 GetProcAddress
0x1004f34c LoadLibraryA
0x1004f350 IsBadReadPtr
0x1004f354 VirtualProtect
0x1004f358 SetLastError
0x1004f35c VirtualAlloc
0x1004f360 VirtualFree
0x1004f364 UnhandledExceptionFilter
0x1004f368 VirtualQuery
USER32.dll
0x1004f3dc MessageBeep
0x1004f3e0 DestroyIcon
0x1004f3e4 ReleaseCapture
0x1004f3e8 LoadAcceleratorsA
0x1004f3ec InsertMenuItemA
0x1004f3f0 CreatePopupMenu
0x1004f3f4 SetRectEmpty
0x1004f3f8 BringWindowToTop
0x1004f3fc SetMenu
0x1004f400 TranslateAcceleratorA
0x1004f404 ShowWindow
0x1004f408 MoveWindow
0x1004f40c SetWindowTextA
0x1004f410 IsDialogMessageA
0x1004f414 IsDlgButtonChecked
0x1004f418 SetMenuItemBitmaps
0x1004f41c ModifyMenuA
0x1004f420 GetMenuState
0x1004f424 EnableMenuItem
0x1004f428 CheckMenuItem
0x1004f42c GetMenuCheckMarkDimensions
0x1004f430 RegisterWindowMessageA
0x1004f434 WinHelpA
0x1004f438 GetCapture
0x1004f43c CreateWindowExA
0x1004f440 SetWindowsHookExA
0x1004f444 CallNextHookEx
0x1004f448 GetClassLongA
0x1004f44c GetClassInfoExA
0x1004f450 GetClassNameA
0x1004f454 SetPropA
0x1004f458 GetPropA
0x1004f45c RemovePropA
0x1004f460 SendDlgItemMessageA
0x1004f464 GetFocus
0x1004f468 IsChild
0x1004f46c GetForegroundWindow
0x1004f470 GetLastActivePopup
0x1004f474 DispatchMessageA
0x1004f478 BeginDeferWindowPos
0x1004f47c EndDeferWindowPos
0x1004f480 GetTopWindow
0x1004f484 UnhookWindowsHookEx
0x1004f488 GetMessageTime
0x1004f48c GetMessagePos
0x1004f490 LoadIconA
0x1004f494 PeekMessageA
0x1004f498 MapWindowPoints
0x1004f49c ScrollWindow
0x1004f4a0 MessageBoxA
0x1004f4a4 TrackPopupMenu
0x1004f4a8 GetKeyState
0x1004f4ac GetMenuItemInfoA
0x1004f4b0 GetScrollRange
0x1004f4b4 SetForegroundWindow
0x1004f4b8 ShowScrollBar
0x1004f4bc IsWindowVisible
0x1004f4c0 GetClientRect
0x1004f4c4 GetMenu
0x1004f4c8 PostMessageA
0x1004f4cc GetNextDlgGroupItem
0x1004f4d0 GetMenuItemID
0x1004f4d4 GetMenuItemCount
0x1004f4d8 GetSysColor
0x1004f4dc AdjustWindowRectEx
0x1004f4e0 ScreenToClient
0x1004f4e4 EqualRect
0x1004f4e8 DeferWindowPos
0x1004f4ec GetScrollInfo
0x1004f4f0 SetScrollInfo
0x1004f4f4 GetClassInfoA
0x1004f4f8 RegisterClassA
0x1004f4fc UnregisterClassA
0x1004f500 GetDlgCtrlID
0x1004f504 DefWindowProcA
0x1004f508 CallWindowProcA
0x1004f50c SetWindowLongA
0x1004f510 SetWindowPos
0x1004f514 OffsetRect
0x1004f518 IntersectRect
0x1004f51c SystemParametersInfoA
0x1004f520 IsIconic
0x1004f524 GetWindowPlacement
0x1004f528 GetWindowRect
0x1004f52c CopyRect
0x1004f530 PtInRect
0x1004f534 wsprintfA
0x1004f538 GetWindowTextLengthA
0x1004f53c GetWindowTextA
0x1004f540 GetSysColorBrush
0x1004f544 EndPaint
0x1004f548 BeginPaint
0x1004f54c GetWindowDC
0x1004f550 GrayStringA
0x1004f554 DrawTextExA
0x1004f558 DrawTextA
0x1004f55c TabbedTextOutA
0x1004f560 InflateRect
0x1004f564 LoadCursorA
0x1004f568 SetCapture
0x1004f56c KillTimer
0x1004f570 SetTimer
0x1004f574 ClientToScreen
0x1004f578 SetWindowRgn
0x1004f57c GetScrollPos
0x1004f580 SetScrollPos
0x1004f584 GetWindow
0x1004f588 SetFocus
0x1004f58c GetDesktopWindow
0x1004f590 GetActiveWindow
0x1004f594 SetActiveWindow
0x1004f598 GetSystemMetrics
0x1004f59c CreateDialogIndirectParamA
0x1004f5a0 DestroyWindow
0x1004f5a4 IsWindow
0x1004f5a8 GetWindowLongA
0x1004f5ac GetDlgItem
0x1004f5b0 IsWindowEnabled
0x1004f5b4 GetParent
0x1004f5b8 InvalidateRgn
0x1004f5bc CopyAcceleratorTableA
0x1004f5c0 CharNextA
0x1004f5c4 PostThreadMessageA
0x1004f5c8 LockWindowUpdate
0x1004f5cc GetDCEx
0x1004f5d0 GetNextDlgTabItem
0x1004f5d4 EndDialog
0x1004f5d8 CharUpperA
0x1004f5dc LoadBitmapA
0x1004f5e0 InvalidateRect
0x1004f5e4 GetDC
0x1004f5e8 SendMessageA
0x1004f5ec UpdateWindow
0x1004f5f0 EnableWindow
0x1004f5f4 WindowFromPoint
0x1004f5f8 SetRect
0x1004f5fc GetSubMenu
0x1004f600 DrawIcon
0x1004f604 FillRect
0x1004f608 FindWindowA
0x1004f60c GetMenuStringA
0x1004f610 InsertMenuA
0x1004f614 ShowOwnedPopups
0x1004f618 GetMessageA
0x1004f61c TranslateMessage
0x1004f620 GetCursorPos
0x1004f624 ValidateRect
0x1004f628 SetWindowContextHelpId
0x1004f62c MapDialogRect
0x1004f630 RegisterClipboardFormatA
0x1004f634 PostQuitMessage
0x1004f638 SetParent
0x1004f63c GetSystemMenu
0x1004f640 AppendMenuA
0x1004f644 DeleteMenu
0x1004f648 IsRectEmpty
0x1004f64c ReleaseDC
0x1004f650 IsZoomed
0x1004f654 LoadMenuA
0x1004f658 DestroyMenu
0x1004f65c UnpackDDElParam
0x1004f660 SetScrollRange
0x1004f664 SetCursor
0x1004f668 ReuseDDElParam
GDI32.dll
0x1004f050 CombineRgn
0x1004f054 GetMapMode
0x1004f058 PatBlt
0x1004f05c CreatePatternBrush
0x1004f060 SaveDC
0x1004f064 RestoreDC
0x1004f068 SetBkMode
0x1004f06c SetMapMode
0x1004f070 ExcludeClipRect
0x1004f074 IntersectClipRect
0x1004f078 LineTo
0x1004f07c MoveToEx
0x1004f080 SelectClipRgn
0x1004f084 GetViewportExtEx
0x1004f088 GetWindowExtEx
0x1004f08c BitBlt
0x1004f090 GetPixel
0x1004f094 PtVisible
0x1004f098 RectVisible
0x1004f09c TextOutA
0x1004f0a0 SetRectRgn
0x1004f0a4 SetViewportOrgEx
0x1004f0a8 OffsetViewportOrgEx
0x1004f0ac SetViewportExtEx
0x1004f0b0 ScaleViewportExtEx
0x1004f0b4 SetWindowExtEx
0x1004f0b8 ScaleWindowExtEx
0x1004f0bc ExtSelectClipRgn
0x1004f0c0 GetStockObject
0x1004f0c4 CreateSolidBrush
0x1004f0c8 GetBkColor
0x1004f0cc GetTextColor
0x1004f0d0 GetRgnBox
0x1004f0d4 CreateRectRgnIndirect
0x1004f0d8 CreateRectRgn
0x1004f0dc CreateFontIndirectA
0x1004f0e0 ExtTextOutA
0x1004f0e4 Ellipse
0x1004f0e8 LPtoDP
0x1004f0ec CreateEllipticRgn
0x1004f0f0 GetDeviceCaps
0x1004f0f4 CreateFontA
0x1004f0f8 GetCharWidthA
0x1004f0fc DeleteObject
0x1004f100 StretchDIBits
0x1004f104 DeleteDC
0x1004f108 GetTextExtentPoint32A
0x1004f10c GetTextMetricsA
0x1004f110 CreateCompatibleBitmap
0x1004f114 CreateBitmap
0x1004f118 GetObjectA
0x1004f11c SetBkColor
0x1004f120 SetTextColor
0x1004f124 GetClipBox
0x1004f128 Escape
0x1004f12c CreateCompatibleDC
0x1004f130 SelectObject
MSIMG32.dll
0x1004f370 TransparentBlt
comdlg32.dll
0x1004f680 GetSaveFileNameA
0x1004f684 GetFileTitleA
0x1004f688 GetOpenFileNameA
WINSPOOL.DRV
0x1004f670 OpenPrinterA
0x1004f674 DocumentPropertiesA
0x1004f678 ClosePrinter
ADVAPI32.dll
0x1004f000 RegSetValueA
0x1004f004 RegQueryValueExA
0x1004f008 RegOpenKeyExA
0x1004f00c RegCreateKeyExA
0x1004f010 RegSetValueExA
0x1004f014 RegDeleteValueA
0x1004f018 RegDeleteKeyA
0x1004f01c RegEnumKeyA
0x1004f020 RegOpenKeyA
0x1004f024 RegQueryValueA
0x1004f028 SetFileSecurityA
0x1004f02c RegCreateKeyA
0x1004f030 RegCloseKey
0x1004f034 GetFileSecurityA
SHELL32.dll
0x1004f3ac DragFinish
0x1004f3b0 DragQueryFileA
0x1004f3b4 ExtractIconA
0x1004f3b8 SHGetFileInfoA
0x1004f3bc DragAcceptFiles
COMCTL32.dll
0x1004f03c None
0x1004f040 ImageList_Draw
0x1004f044 ImageList_GetImageInfo
0x1004f048 ImageList_Destroy
SHLWAPI.dll
0x1004f3c4 PathRemoveExtensionA
0x1004f3c8 PathFindFileNameA
0x1004f3cc PathStripToRootA
0x1004f3d0 PathFindExtensionA
0x1004f3d4 PathIsUNCA
oledlg.dll
0x1004f6d0 None
ole32.dll
0x1004f690 CoTaskMemAlloc
0x1004f694 CoGetClassObject
0x1004f698 CoTaskMemFree
0x1004f69c CLSIDFromString
0x1004f6a0 CLSIDFromProgID
0x1004f6a4 OleInitialize
0x1004f6a8 CoFreeUnusedLibraries
0x1004f6ac OleUninitialize
0x1004f6b0 CoRevokeClassObject
0x1004f6b4 OleIsCurrentClipboard
0x1004f6b8 OleFlushClipboard
0x1004f6bc CreateILockBytesOnHGlobal
0x1004f6c0 StgCreateDocfileOnILockBytes
0x1004f6c4 StgOpenStorageOnILockBytes
0x1004f6c8 CoRegisterMessageFilter
OLEAUT32.dll
0x1004f378 SysAllocStringLen
0x1004f37c SysFreeString
0x1004f380 SysStringLen
0x1004f384 SysAllocStringByteLen
0x1004f388 OleCreateFontIndirect
0x1004f38c SystemTimeToVariantTime
0x1004f390 SafeArrayDestroy
0x1004f394 SysAllocString
0x1004f398 VariantCopy
0x1004f39c VariantInit
0x1004f3a0 VariantClear
0x1004f3a4 VariantChangeType
EAT(Export Address Table) Library
0x1002cf30 DllRegisterServer
KERNEL32.dll
0x1004f138 GetCommandLineA
0x1004f13c ExitProcess
0x1004f140 RtlUnwind
0x1004f144 TerminateProcess
0x1004f148 HeapReAlloc
0x1004f14c HeapSize
0x1004f150 HeapDestroy
0x1004f154 HeapCreate
0x1004f158 IsBadWritePtr
0x1004f15c SetHandleCount
0x1004f160 GetStdHandle
0x1004f164 GetFileType
0x1004f168 GetStartupInfoA
0x1004f16c FreeEnvironmentStringsA
0x1004f170 GetEnvironmentStrings
0x1004f174 FreeEnvironmentStringsW
0x1004f178 GetEnvironmentStringsW
0x1004f17c GetSystemInfo
0x1004f180 QueryPerformanceCounter
0x1004f184 GetCurrentProcessId
0x1004f188 GetSystemTimeAsFileTime
0x1004f18c SetUnhandledExceptionFilter
0x1004f190 LCMapStringA
0x1004f194 LCMapStringW
0x1004f198 GetStringTypeA
0x1004f19c GetStringTypeW
0x1004f1a0 GetTimeZoneInformation
0x1004f1a4 GetUserDefaultLCID
0x1004f1a8 EnumSystemLocalesA
0x1004f1ac IsValidLocale
0x1004f1b0 IsValidCodePage
0x1004f1b4 SetStdHandle
0x1004f1b8 IsBadCodePtr
0x1004f1bc GetLocaleInfoW
0x1004f1c0 SetEnvironmentVariableA
0x1004f1c4 SystemTimeToFileTime
0x1004f1c8 LocalFileTimeToFileTime
0x1004f1cc FileTimeToLocalFileTime
0x1004f1d0 FileTimeToSystemTime
0x1004f1d4 GetShortPathNameA
0x1004f1d8 CreateFileA
0x1004f1dc GetVolumeInformationA
0x1004f1e0 FindFirstFileA
0x1004f1e4 FindClose
0x1004f1e8 GetCurrentProcess
0x1004f1ec DuplicateHandle
0x1004f1f0 GetFileSize
0x1004f1f4 SetEndOfFile
0x1004f1f8 UnlockFile
0x1004f1fc LockFile
0x1004f200 FlushFileBuffers
0x1004f204 SetFilePointer
0x1004f208 WriteFile
0x1004f20c ReadFile
0x1004f210 DeleteFileA
0x1004f214 MoveFileA
0x1004f218 GetCurrentDirectoryA
0x1004f21c GetOEMCP
0x1004f220 GetCPInfo
0x1004f224 InterlockedIncrement
0x1004f228 TlsFree
0x1004f22c LocalReAlloc
0x1004f230 TlsSetValue
0x1004f234 TlsAlloc
0x1004f238 TlsGetValue
0x1004f23c EnterCriticalSection
0x1004f240 GlobalHandle
0x1004f244 GlobalReAlloc
0x1004f248 LeaveCriticalSection
0x1004f24c LocalAlloc
0x1004f250 GlobalFlags
0x1004f254 DeleteCriticalSection
0x1004f258 InitializeCriticalSection
0x1004f25c RaiseException
0x1004f260 InterlockedDecrement
0x1004f264 MulDiv
0x1004f268 FormatMessageA
0x1004f26c LocalFree
0x1004f270 GetDiskFreeSpaceA
0x1004f274 GetFullPathNameA
0x1004f278 GetTempFileNameA
0x1004f27c GetFileTime
0x1004f280 SetFileTime
0x1004f284 GetFileAttributesA
0x1004f288 CloseHandle
0x1004f28c GetPrivateProfileStringA
0x1004f290 WritePrivateProfileStringA
0x1004f294 GetPrivateProfileIntA
0x1004f298 GetTickCount
0x1004f29c GetCurrentThread
0x1004f2a0 GlobalAlloc
0x1004f2a4 lstrcmpA
0x1004f2a8 ConvertDefaultLocale
0x1004f2ac EnumResourceLanguagesA
0x1004f2b0 lstrcpyA
0x1004f2b4 GetModuleFileNameA
0x1004f2b8 SizeofResource
0x1004f2bc GetCurrentThreadId
0x1004f2c0 GlobalGetAtomNameA
0x1004f2c4 GlobalAddAtomA
0x1004f2c8 GlobalFindAtomA
0x1004f2cc GlobalDeleteAtom
0x1004f2d0 lstrcatA
0x1004f2d4 lstrcmpW
0x1004f2d8 lstrcpynA
0x1004f2dc GetModuleHandleA
0x1004f2e0 GlobalLock
0x1004f2e4 GlobalUnlock
0x1004f2e8 GlobalFree
0x1004f2ec FindResourceA
0x1004f2f0 LoadResource
0x1004f2f4 LockResource
0x1004f2f8 FreeResource
0x1004f2fc GetVersion
0x1004f300 GetVersionExA
0x1004f304 CompareStringA
0x1004f308 GetThreadLocale
0x1004f30c lstrcmpiA
0x1004f310 GetLastError
0x1004f314 InterlockedExchange
0x1004f318 GetStringTypeExA
0x1004f31c MultiByteToWideChar
0x1004f320 GetACP
0x1004f324 CompareStringW
0x1004f328 WideCharToMultiByte
0x1004f32c GetLocaleInfoA
0x1004f330 lstrlenA
0x1004f334 HeapFree
0x1004f338 GetProcessHeap
0x1004f33c HeapAlloc
0x1004f340 GetModuleHandleW
0x1004f344 FreeLibrary
0x1004f348 GetProcAddress
0x1004f34c LoadLibraryA
0x1004f350 IsBadReadPtr
0x1004f354 VirtualProtect
0x1004f358 SetLastError
0x1004f35c VirtualAlloc
0x1004f360 VirtualFree
0x1004f364 UnhandledExceptionFilter
0x1004f368 VirtualQuery
USER32.dll
0x1004f3dc MessageBeep
0x1004f3e0 DestroyIcon
0x1004f3e4 ReleaseCapture
0x1004f3e8 LoadAcceleratorsA
0x1004f3ec InsertMenuItemA
0x1004f3f0 CreatePopupMenu
0x1004f3f4 SetRectEmpty
0x1004f3f8 BringWindowToTop
0x1004f3fc SetMenu
0x1004f400 TranslateAcceleratorA
0x1004f404 ShowWindow
0x1004f408 MoveWindow
0x1004f40c SetWindowTextA
0x1004f410 IsDialogMessageA
0x1004f414 IsDlgButtonChecked
0x1004f418 SetMenuItemBitmaps
0x1004f41c ModifyMenuA
0x1004f420 GetMenuState
0x1004f424 EnableMenuItem
0x1004f428 CheckMenuItem
0x1004f42c GetMenuCheckMarkDimensions
0x1004f430 RegisterWindowMessageA
0x1004f434 WinHelpA
0x1004f438 GetCapture
0x1004f43c CreateWindowExA
0x1004f440 SetWindowsHookExA
0x1004f444 CallNextHookEx
0x1004f448 GetClassLongA
0x1004f44c GetClassInfoExA
0x1004f450 GetClassNameA
0x1004f454 SetPropA
0x1004f458 GetPropA
0x1004f45c RemovePropA
0x1004f460 SendDlgItemMessageA
0x1004f464 GetFocus
0x1004f468 IsChild
0x1004f46c GetForegroundWindow
0x1004f470 GetLastActivePopup
0x1004f474 DispatchMessageA
0x1004f478 BeginDeferWindowPos
0x1004f47c EndDeferWindowPos
0x1004f480 GetTopWindow
0x1004f484 UnhookWindowsHookEx
0x1004f488 GetMessageTime
0x1004f48c GetMessagePos
0x1004f490 LoadIconA
0x1004f494 PeekMessageA
0x1004f498 MapWindowPoints
0x1004f49c ScrollWindow
0x1004f4a0 MessageBoxA
0x1004f4a4 TrackPopupMenu
0x1004f4a8 GetKeyState
0x1004f4ac GetMenuItemInfoA
0x1004f4b0 GetScrollRange
0x1004f4b4 SetForegroundWindow
0x1004f4b8 ShowScrollBar
0x1004f4bc IsWindowVisible
0x1004f4c0 GetClientRect
0x1004f4c4 GetMenu
0x1004f4c8 PostMessageA
0x1004f4cc GetNextDlgGroupItem
0x1004f4d0 GetMenuItemID
0x1004f4d4 GetMenuItemCount
0x1004f4d8 GetSysColor
0x1004f4dc AdjustWindowRectEx
0x1004f4e0 ScreenToClient
0x1004f4e4 EqualRect
0x1004f4e8 DeferWindowPos
0x1004f4ec GetScrollInfo
0x1004f4f0 SetScrollInfo
0x1004f4f4 GetClassInfoA
0x1004f4f8 RegisterClassA
0x1004f4fc UnregisterClassA
0x1004f500 GetDlgCtrlID
0x1004f504 DefWindowProcA
0x1004f508 CallWindowProcA
0x1004f50c SetWindowLongA
0x1004f510 SetWindowPos
0x1004f514 OffsetRect
0x1004f518 IntersectRect
0x1004f51c SystemParametersInfoA
0x1004f520 IsIconic
0x1004f524 GetWindowPlacement
0x1004f528 GetWindowRect
0x1004f52c CopyRect
0x1004f530 PtInRect
0x1004f534 wsprintfA
0x1004f538 GetWindowTextLengthA
0x1004f53c GetWindowTextA
0x1004f540 GetSysColorBrush
0x1004f544 EndPaint
0x1004f548 BeginPaint
0x1004f54c GetWindowDC
0x1004f550 GrayStringA
0x1004f554 DrawTextExA
0x1004f558 DrawTextA
0x1004f55c TabbedTextOutA
0x1004f560 InflateRect
0x1004f564 LoadCursorA
0x1004f568 SetCapture
0x1004f56c KillTimer
0x1004f570 SetTimer
0x1004f574 ClientToScreen
0x1004f578 SetWindowRgn
0x1004f57c GetScrollPos
0x1004f580 SetScrollPos
0x1004f584 GetWindow
0x1004f588 SetFocus
0x1004f58c GetDesktopWindow
0x1004f590 GetActiveWindow
0x1004f594 SetActiveWindow
0x1004f598 GetSystemMetrics
0x1004f59c CreateDialogIndirectParamA
0x1004f5a0 DestroyWindow
0x1004f5a4 IsWindow
0x1004f5a8 GetWindowLongA
0x1004f5ac GetDlgItem
0x1004f5b0 IsWindowEnabled
0x1004f5b4 GetParent
0x1004f5b8 InvalidateRgn
0x1004f5bc CopyAcceleratorTableA
0x1004f5c0 CharNextA
0x1004f5c4 PostThreadMessageA
0x1004f5c8 LockWindowUpdate
0x1004f5cc GetDCEx
0x1004f5d0 GetNextDlgTabItem
0x1004f5d4 EndDialog
0x1004f5d8 CharUpperA
0x1004f5dc LoadBitmapA
0x1004f5e0 InvalidateRect
0x1004f5e4 GetDC
0x1004f5e8 SendMessageA
0x1004f5ec UpdateWindow
0x1004f5f0 EnableWindow
0x1004f5f4 WindowFromPoint
0x1004f5f8 SetRect
0x1004f5fc GetSubMenu
0x1004f600 DrawIcon
0x1004f604 FillRect
0x1004f608 FindWindowA
0x1004f60c GetMenuStringA
0x1004f610 InsertMenuA
0x1004f614 ShowOwnedPopups
0x1004f618 GetMessageA
0x1004f61c TranslateMessage
0x1004f620 GetCursorPos
0x1004f624 ValidateRect
0x1004f628 SetWindowContextHelpId
0x1004f62c MapDialogRect
0x1004f630 RegisterClipboardFormatA
0x1004f634 PostQuitMessage
0x1004f638 SetParent
0x1004f63c GetSystemMenu
0x1004f640 AppendMenuA
0x1004f644 DeleteMenu
0x1004f648 IsRectEmpty
0x1004f64c ReleaseDC
0x1004f650 IsZoomed
0x1004f654 LoadMenuA
0x1004f658 DestroyMenu
0x1004f65c UnpackDDElParam
0x1004f660 SetScrollRange
0x1004f664 SetCursor
0x1004f668 ReuseDDElParam
GDI32.dll
0x1004f050 CombineRgn
0x1004f054 GetMapMode
0x1004f058 PatBlt
0x1004f05c CreatePatternBrush
0x1004f060 SaveDC
0x1004f064 RestoreDC
0x1004f068 SetBkMode
0x1004f06c SetMapMode
0x1004f070 ExcludeClipRect
0x1004f074 IntersectClipRect
0x1004f078 LineTo
0x1004f07c MoveToEx
0x1004f080 SelectClipRgn
0x1004f084 GetViewportExtEx
0x1004f088 GetWindowExtEx
0x1004f08c BitBlt
0x1004f090 GetPixel
0x1004f094 PtVisible
0x1004f098 RectVisible
0x1004f09c TextOutA
0x1004f0a0 SetRectRgn
0x1004f0a4 SetViewportOrgEx
0x1004f0a8 OffsetViewportOrgEx
0x1004f0ac SetViewportExtEx
0x1004f0b0 ScaleViewportExtEx
0x1004f0b4 SetWindowExtEx
0x1004f0b8 ScaleWindowExtEx
0x1004f0bc ExtSelectClipRgn
0x1004f0c0 GetStockObject
0x1004f0c4 CreateSolidBrush
0x1004f0c8 GetBkColor
0x1004f0cc GetTextColor
0x1004f0d0 GetRgnBox
0x1004f0d4 CreateRectRgnIndirect
0x1004f0d8 CreateRectRgn
0x1004f0dc CreateFontIndirectA
0x1004f0e0 ExtTextOutA
0x1004f0e4 Ellipse
0x1004f0e8 LPtoDP
0x1004f0ec CreateEllipticRgn
0x1004f0f0 GetDeviceCaps
0x1004f0f4 CreateFontA
0x1004f0f8 GetCharWidthA
0x1004f0fc DeleteObject
0x1004f100 StretchDIBits
0x1004f104 DeleteDC
0x1004f108 GetTextExtentPoint32A
0x1004f10c GetTextMetricsA
0x1004f110 CreateCompatibleBitmap
0x1004f114 CreateBitmap
0x1004f118 GetObjectA
0x1004f11c SetBkColor
0x1004f120 SetTextColor
0x1004f124 GetClipBox
0x1004f128 Escape
0x1004f12c CreateCompatibleDC
0x1004f130 SelectObject
MSIMG32.dll
0x1004f370 TransparentBlt
comdlg32.dll
0x1004f680 GetSaveFileNameA
0x1004f684 GetFileTitleA
0x1004f688 GetOpenFileNameA
WINSPOOL.DRV
0x1004f670 OpenPrinterA
0x1004f674 DocumentPropertiesA
0x1004f678 ClosePrinter
ADVAPI32.dll
0x1004f000 RegSetValueA
0x1004f004 RegQueryValueExA
0x1004f008 RegOpenKeyExA
0x1004f00c RegCreateKeyExA
0x1004f010 RegSetValueExA
0x1004f014 RegDeleteValueA
0x1004f018 RegDeleteKeyA
0x1004f01c RegEnumKeyA
0x1004f020 RegOpenKeyA
0x1004f024 RegQueryValueA
0x1004f028 SetFileSecurityA
0x1004f02c RegCreateKeyA
0x1004f030 RegCloseKey
0x1004f034 GetFileSecurityA
SHELL32.dll
0x1004f3ac DragFinish
0x1004f3b0 DragQueryFileA
0x1004f3b4 ExtractIconA
0x1004f3b8 SHGetFileInfoA
0x1004f3bc DragAcceptFiles
COMCTL32.dll
0x1004f03c None
0x1004f040 ImageList_Draw
0x1004f044 ImageList_GetImageInfo
0x1004f048 ImageList_Destroy
SHLWAPI.dll
0x1004f3c4 PathRemoveExtensionA
0x1004f3c8 PathFindFileNameA
0x1004f3cc PathStripToRootA
0x1004f3d0 PathFindExtensionA
0x1004f3d4 PathIsUNCA
oledlg.dll
0x1004f6d0 None
ole32.dll
0x1004f690 CoTaskMemAlloc
0x1004f694 CoGetClassObject
0x1004f698 CoTaskMemFree
0x1004f69c CLSIDFromString
0x1004f6a0 CLSIDFromProgID
0x1004f6a4 OleInitialize
0x1004f6a8 CoFreeUnusedLibraries
0x1004f6ac OleUninitialize
0x1004f6b0 CoRevokeClassObject
0x1004f6b4 OleIsCurrentClipboard
0x1004f6b8 OleFlushClipboard
0x1004f6bc CreateILockBytesOnHGlobal
0x1004f6c0 StgCreateDocfileOnILockBytes
0x1004f6c4 StgOpenStorageOnILockBytes
0x1004f6c8 CoRegisterMessageFilter
OLEAUT32.dll
0x1004f378 SysAllocStringLen
0x1004f37c SysFreeString
0x1004f380 SysStringLen
0x1004f384 SysAllocStringByteLen
0x1004f388 OleCreateFontIndirect
0x1004f38c SystemTimeToVariantTime
0x1004f390 SafeArrayDestroy
0x1004f394 SysAllocString
0x1004f398 VariantCopy
0x1004f39c VariantInit
0x1004f3a0 VariantClear
0x1004f3a4 VariantChangeType
EAT(Export Address Table) Library
0x1002cf30 DllRegisterServer