ScreenShot
| Created | 2022.03.15 10:11 | Machine | s1_win7_x6401 |
| Filename | 0Z4GbaKuDTGprJ | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 3 detected (Convagent, ASCommon, Kryptik, YzY0Oh, jx0YklSUX) | ||
| md5 | a360fda890248e56436284af71abc26f | ||
| sha256 | a78d23c0918e8d9739593d8d8e46e37caff53b779b45629c3d3cac7c31551a6f | ||
| ssdeep | 24576:k8dlVJKB+nLkT3G1u6UkgKklwLBeUNKsuG31Pt8H:3dlV0EnITvwgeKsh56H | ||
| imphash | 2a986943d8440d2f00f13ad10b553808 | ||
| impfuzzy | 96:JEI5GnLro142teSauZbw4SE4yAGbpJDEucTcRcL/rVbQP1:tuuZ04SE4ynbEucTcRcrxQP1 | ||
Network IP location
Signature (12cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| watch | Communicates with host for which no DNS query was performed |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Communication to multiple IPs on high port numbers possibly indicative of a peer-to-peer (P2P) or non-standard command and control protocol |
| notice | Expresses interest in specific running processes |
| notice | File has been identified by 3 AntiVirus engines on VirusTotal as malicious |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (10cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (upload) |
Network (28cnts) ?
Suricata ids
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET INFO TLS Handshake Failure
ET CNC Feodo Tracker Reported CnC Server group 2
ET CNC Feodo Tracker Reported CnC Server group 10
ET CNC Feodo Tracker Reported CnC Server group 18
ET CNC Feodo Tracker Reported CnC Server group 13
ET INFO TLS Handshake Failure
ET CNC Feodo Tracker Reported CnC Server group 2
ET CNC Feodo Tracker Reported CnC Server group 10
ET CNC Feodo Tracker Reported CnC Server group 18
ET CNC Feodo Tracker Reported CnC Server group 13
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1008d108 HeapSize
0x1008d10c VirtualFree
0x1008d110 VirtualAlloc
0x1008d114 HeapCreate
0x1008d118 HeapDestroy
0x1008d11c GetStdHandle
0x1008d120 GetModuleFileNameA
0x1008d124 GetCPInfo
0x1008d128 GetACP
0x1008d12c GetOEMCP
0x1008d130 IsValidCodePage
0x1008d134 LCMapStringW
0x1008d138 GetConsoleCP
0x1008d13c GetConsoleMode
0x1008d140 SetHandleCount
0x1008d144 GetFileType
0x1008d148 GetStartupInfoA
0x1008d14c FreeEnvironmentStringsA
0x1008d150 GetEnvironmentStrings
0x1008d154 Sleep
0x1008d158 GetEnvironmentStringsW
0x1008d15c QueryPerformanceCounter
0x1008d160 GetSystemTimeAsFileTime
0x1008d164 InitializeCriticalSectionAndSpinCount
0x1008d168 LCMapStringA
0x1008d16c GetStringTypeA
0x1008d170 GetStringTypeW
0x1008d174 GetLocaleInfoA
0x1008d178 WriteConsoleA
0x1008d17c GetConsoleOutputCP
0x1008d180 WriteConsoleW
0x1008d184 SetStdHandle
0x1008d188 GetProcessHeap
0x1008d18c CreateFileA
0x1008d190 HeapReAlloc
0x1008d194 RaiseException
0x1008d198 RtlUnwind
0x1008d19c GetCommandLineA
0x1008d1a0 IsDebuggerPresent
0x1008d1a4 SetUnhandledExceptionFilter
0x1008d1a8 UnhandledExceptionFilter
0x1008d1ac TerminateProcess
0x1008d1b0 HeapFree
0x1008d1b4 HeapAlloc
0x1008d1b8 GetCurrentProcess
0x1008d1bc SetEndOfFile
0x1008d1c0 FlushFileBuffers
0x1008d1c4 SetFilePointer
0x1008d1c8 WritePrivateProfileStringW
0x1008d1cc GlobalFlags
0x1008d1d0 TlsFree
0x1008d1d4 DeleteCriticalSection
0x1008d1d8 LocalReAlloc
0x1008d1dc TlsSetValue
0x1008d1e0 TlsAlloc
0x1008d1e4 InitializeCriticalSection
0x1008d1e8 GlobalHandle
0x1008d1ec GlobalReAlloc
0x1008d1f0 EnterCriticalSection
0x1008d1f4 TlsGetValue
0x1008d1f8 LeaveCriticalSection
0x1008d1fc InterlockedIncrement
0x1008d200 GetCurrentThread
0x1008d204 ConvertDefaultLocale
0x1008d208 EnumResourceLanguagesW
0x1008d20c GetLocaleInfoW
0x1008d210 InterlockedExchange
0x1008d214 lstrlenA
0x1008d218 lstrcmpA
0x1008d21c InterlockedDecrement
0x1008d220 GetCurrentProcessId
0x1008d224 GetModuleHandleA
0x1008d228 GetCurrentThreadId
0x1008d22c GlobalAddAtomW
0x1008d230 GlobalFindAtomW
0x1008d234 GlobalDeleteAtom
0x1008d238 GetVersionExW
0x1008d23c CompareStringW
0x1008d240 LoadLibraryA
0x1008d244 lstrcmpW
0x1008d248 GetVersionExA
0x1008d24c FreeResource
0x1008d250 GlobalFree
0x1008d254 FormatMessageW
0x1008d258 LocalUnlock
0x1008d25c LocalFree
0x1008d260 LocalLock
0x1008d264 LocalAlloc
0x1008d268 GetModuleFileNameW
0x1008d26c ReadFile
0x1008d270 GetTickCount
0x1008d274 lstrcmpiW
0x1008d278 GetWindowsDirectoryW
0x1008d27c lstrcpyW
0x1008d280 WideCharToMultiByte
0x1008d284 WinExec
0x1008d288 lstrlenW
0x1008d28c lstrcatW
0x1008d290 FreeLibrary
0x1008d294 LoadLibraryExW
0x1008d298 ExitProcess
0x1008d29c MulDiv
0x1008d2a0 GetProcAddress
0x1008d2a4 GetModuleHandleW
0x1008d2a8 LoadLibraryW
0x1008d2ac GetLastError
0x1008d2b0 SetLastError
0x1008d2b4 GlobalAlloc
0x1008d2b8 GlobalUnlock
0x1008d2bc MultiByteToWideChar
0x1008d2c0 GlobalLock
0x1008d2c4 CloseHandle
0x1008d2c8 WriteFile
0x1008d2cc CreateFileW
0x1008d2d0 FindResourceW
0x1008d2d4 LoadResource
0x1008d2d8 LockResource
0x1008d2dc FreeEnvironmentStringsW
0x1008d2e0 SizeofResource
USER32.dll
0x1008d308 DestroyMenu
0x1008d30c GetSysColorBrush
0x1008d310 SetMenuItemBitmaps
0x1008d314 GetMenuCheckMarkDimensions
0x1008d318 LoadBitmapW
0x1008d31c ModifyMenuW
0x1008d320 CheckMenuItem
0x1008d324 SendDlgItemMessageW
0x1008d328 SendDlgItemMessageA
0x1008d32c GetCapture
0x1008d330 SetWindowsHookExW
0x1008d334 CallNextHookEx
0x1008d338 GetClassLongW
0x1008d33c SetPropW
0x1008d340 GetPropW
0x1008d344 RemovePropW
0x1008d348 GetFocus
0x1008d34c GetForegroundWindow
0x1008d350 GetTopWindow
0x1008d354 UnhookWindowsHookEx
0x1008d358 GetMessageTime
0x1008d35c PeekMessageW
0x1008d360 MapWindowPoints
0x1008d364 TrackPopupMenu
0x1008d368 SetMenu
0x1008d36c GetClassInfoExW
0x1008d370 RegisterClassW
0x1008d374 AdjustWindowRectEx
0x1008d378 GetDlgCtrlID
0x1008d37c CallWindowProcW
0x1008d380 GetMenu
0x1008d384 SystemParametersInfoA
0x1008d388 GetWindowPlacement
0x1008d38c GetWindowTextLengthW
0x1008d390 GetScrollPos
0x1008d394 SetScrollPos
0x1008d398 GetWindow
0x1008d39c GetDesktopWindow
0x1008d3a0 CreateDialogIndirectParamW
0x1008d3a4 DestroyWindow
0x1008d3a8 GetNextDlgTabItem
0x1008d3ac DialogBoxIndirectParamW
0x1008d3b0 EndDialog
0x1008d3b4 SetWindowTextW
0x1008d3b8 MoveWindow
0x1008d3bc SetForegroundWindow
0x1008d3c0 SetWindowPos
0x1008d3c4 SetFocus
0x1008d3c8 CheckDlgButton
0x1008d3cc EnableMenuItem
0x1008d3d0 GetDlgItem
0x1008d3d4 GetDialogBaseUnits
0x1008d3d8 EndPaint
0x1008d3dc BeginPaint
0x1008d3e0 MessageBoxW
0x1008d3e4 GetLastActivePopup
0x1008d3e8 GetActiveWindow
0x1008d3ec GetSubMenu
0x1008d3f0 LoadMenuW
0x1008d3f4 MessageBeep
0x1008d3f8 SetWindowLongW
0x1008d3fc TranslateAcceleratorW
0x1008d400 CreatePopupMenu
0x1008d404 IsIconic
0x1008d408 AppendMenuW
0x1008d40c GetSystemMenu
0x1008d410 LoadAcceleratorsW
0x1008d414 LoadIconW
0x1008d418 UpdateWindow
0x1008d41c DispatchMessageW
0x1008d420 TranslateMessage
0x1008d424 GetKeyState
0x1008d428 DrawTextW
0x1008d42c WindowFromDC
0x1008d430 IsWindowVisible
0x1008d434 InvalidateRect
0x1008d438 ReleaseCapture
0x1008d43c GetMessagePos
0x1008d440 SetCapture
0x1008d444 FrameRect
0x1008d448 DrawEdge
0x1008d44c InflateRect
0x1008d450 DrawFocusRect
0x1008d454 RedrawWindow
0x1008d458 DrawIcon
0x1008d45c GetClientRect
0x1008d460 GetAsyncKeyState
0x1008d464 GetMenuState
0x1008d468 GetMenuItemID
0x1008d46c GetMenuItemCount
0x1008d470 CopyRect
0x1008d474 PtInRect
0x1008d478 GetWindowTextW
0x1008d47c GetWindowLongW
0x1008d480 IsWindowEnabled
0x1008d484 ChildWindowFromPoint
0x1008d488 GetParent
0x1008d48c ClientToScreen
0x1008d490 WindowFromPoint
0x1008d494 GetMessageW
0x1008d498 ValidateRect
0x1008d49c PostQuitMessage
0x1008d4a0 GetWindowThreadProcessId
0x1008d4a4 GetWindowDC
0x1008d4a8 GrayStringW
0x1008d4ac SetWindowRgn
0x1008d4b0 OffsetRect
0x1008d4b4 SetRect
0x1008d4b8 SetTimer
0x1008d4bc EqualRect
0x1008d4c0 KillTimer
0x1008d4c4 DrawTextExW
0x1008d4c8 TabbedTextOutW
0x1008d4cc SetActiveWindow
0x1008d4d0 IsDialogMessageW
0x1008d4d4 ScreenToClient
0x1008d4d8 GetCursorPos
0x1008d4dc IsWindow
0x1008d4e0 DefWindowProcW
0x1008d4e4 GetClassInfoW
0x1008d4e8 SetRectEmpty
0x1008d4ec GetClassNameW
0x1008d4f0 LoadCursorW
0x1008d4f4 GetSystemMetrics
0x1008d4f8 SetCursor
0x1008d4fc SystemParametersInfoW
0x1008d500 LoadStringW
0x1008d504 LoadImageW
0x1008d508 DestroyCursor
0x1008d50c DestroyIcon
0x1008d510 CopyIcon
0x1008d514 FillRect
0x1008d518 CreateIconIndirect
0x1008d51c ReleaseDC
0x1008d520 GetDC
0x1008d524 GetIconInfo
0x1008d528 CreateWindowExW
0x1008d52c ShowWindow
0x1008d530 IsRectEmpty
0x1008d534 DrawFrameControl
0x1008d538 GetSysColor
0x1008d53c SetClipboardData
0x1008d540 EmptyClipboard
0x1008d544 CloseClipboard
0x1008d548 OpenClipboard
0x1008d54c PostMessageW
0x1008d550 GetWindowRect
0x1008d554 SendMessageW
0x1008d558 RegisterWindowMessageW
0x1008d55c EnableWindow
0x1008d560 WinHelpW
GDI32.dll
0x1008d038 PtVisible
0x1008d03c RectVisible
0x1008d040 ExtTextOutW
0x1008d044 Escape
0x1008d048 SetViewportOrgEx
0x1008d04c OffsetViewportOrgEx
0x1008d050 SetViewportExtEx
0x1008d054 ScaleViewportExtEx
0x1008d058 SetWindowExtEx
0x1008d05c ScaleWindowExtEx
0x1008d060 DPtoLP
0x1008d064 SaveDC
0x1008d068 SetMapMode
0x1008d06c DeleteDC
0x1008d070 GetCharWidthW
0x1008d074 GetCurrentObject
0x1008d078 GetClipBox
0x1008d07c Rectangle
0x1008d080 GetStockObject
0x1008d084 CreatePolygonRgn
0x1008d088 CreateRoundRectRgn
0x1008d08c OffsetRgn
0x1008d090 CombineRgn
0x1008d094 CreateRectRgn
0x1008d098 SelectClipRgn
0x1008d09c FillRgn
0x1008d0a0 FrameRgn
0x1008d0a4 TextOutW
0x1008d0a8 GetTextExtentPoint32W
0x1008d0ac SetTextJustification
0x1008d0b0 GetTextMetricsW
0x1008d0b4 SetBkColor
0x1008d0b8 SetBkMode
0x1008d0bc CreateFontIndirectW
0x1008d0c0 LineTo
0x1008d0c4 MoveToEx
0x1008d0c8 CreatePen
0x1008d0cc SetTextColor
0x1008d0d0 CreateSolidBrush
0x1008d0d4 StretchBlt
0x1008d0d8 CreateBitmap
0x1008d0dc GetObjectW
0x1008d0e0 GetDeviceCaps
0x1008d0e4 CreateDCW
0x1008d0e8 CreateCompatibleBitmap
0x1008d0ec BitBlt
0x1008d0f0 SelectObject
0x1008d0f4 CreateCompatibleDC
0x1008d0f8 CreateDIBSection
0x1008d0fc DeleteObject
0x1008d100 RestoreDC
WINSPOOL.DRV
0x1008d570 ClosePrinter
0x1008d574 OpenPrinterW
0x1008d578 DocumentPropertiesW
ADVAPI32.dll
0x1008d000 RegOpenKeyW
0x1008d004 RegQueryValueW
0x1008d008 RegCloseKey
0x1008d00c RegQueryValueExW
0x1008d010 RegCreateKeyExW
0x1008d014 RegOpenKeyExW
0x1008d018 RegEnumKeyW
0x1008d01c RegDeleteKeyW
0x1008d020 RegSetValueExW
SHELL32.dll
0x1008d2f8 ShellExecuteW
COMCTL32.dll
0x1008d028 ImageList_GetImageCount
0x1008d02c ImageList_GetIcon
0x1008d030 None
SHLWAPI.dll
0x1008d300 PathFindExtensionW
OLEAUT32.dll
0x1008d2e8 VariantClear
0x1008d2ec VariantChangeType
0x1008d2f0 VariantInit
WINMM.dll
0x1008d568 PlaySoundW
EAT(Export Address Table) Library
0x10079b90 DllRegisterServer
0x1006bf00 DllUnregisterServer
KERNEL32.dll
0x1008d108 HeapSize
0x1008d10c VirtualFree
0x1008d110 VirtualAlloc
0x1008d114 HeapCreate
0x1008d118 HeapDestroy
0x1008d11c GetStdHandle
0x1008d120 GetModuleFileNameA
0x1008d124 GetCPInfo
0x1008d128 GetACP
0x1008d12c GetOEMCP
0x1008d130 IsValidCodePage
0x1008d134 LCMapStringW
0x1008d138 GetConsoleCP
0x1008d13c GetConsoleMode
0x1008d140 SetHandleCount
0x1008d144 GetFileType
0x1008d148 GetStartupInfoA
0x1008d14c FreeEnvironmentStringsA
0x1008d150 GetEnvironmentStrings
0x1008d154 Sleep
0x1008d158 GetEnvironmentStringsW
0x1008d15c QueryPerformanceCounter
0x1008d160 GetSystemTimeAsFileTime
0x1008d164 InitializeCriticalSectionAndSpinCount
0x1008d168 LCMapStringA
0x1008d16c GetStringTypeA
0x1008d170 GetStringTypeW
0x1008d174 GetLocaleInfoA
0x1008d178 WriteConsoleA
0x1008d17c GetConsoleOutputCP
0x1008d180 WriteConsoleW
0x1008d184 SetStdHandle
0x1008d188 GetProcessHeap
0x1008d18c CreateFileA
0x1008d190 HeapReAlloc
0x1008d194 RaiseException
0x1008d198 RtlUnwind
0x1008d19c GetCommandLineA
0x1008d1a0 IsDebuggerPresent
0x1008d1a4 SetUnhandledExceptionFilter
0x1008d1a8 UnhandledExceptionFilter
0x1008d1ac TerminateProcess
0x1008d1b0 HeapFree
0x1008d1b4 HeapAlloc
0x1008d1b8 GetCurrentProcess
0x1008d1bc SetEndOfFile
0x1008d1c0 FlushFileBuffers
0x1008d1c4 SetFilePointer
0x1008d1c8 WritePrivateProfileStringW
0x1008d1cc GlobalFlags
0x1008d1d0 TlsFree
0x1008d1d4 DeleteCriticalSection
0x1008d1d8 LocalReAlloc
0x1008d1dc TlsSetValue
0x1008d1e0 TlsAlloc
0x1008d1e4 InitializeCriticalSection
0x1008d1e8 GlobalHandle
0x1008d1ec GlobalReAlloc
0x1008d1f0 EnterCriticalSection
0x1008d1f4 TlsGetValue
0x1008d1f8 LeaveCriticalSection
0x1008d1fc InterlockedIncrement
0x1008d200 GetCurrentThread
0x1008d204 ConvertDefaultLocale
0x1008d208 EnumResourceLanguagesW
0x1008d20c GetLocaleInfoW
0x1008d210 InterlockedExchange
0x1008d214 lstrlenA
0x1008d218 lstrcmpA
0x1008d21c InterlockedDecrement
0x1008d220 GetCurrentProcessId
0x1008d224 GetModuleHandleA
0x1008d228 GetCurrentThreadId
0x1008d22c GlobalAddAtomW
0x1008d230 GlobalFindAtomW
0x1008d234 GlobalDeleteAtom
0x1008d238 GetVersionExW
0x1008d23c CompareStringW
0x1008d240 LoadLibraryA
0x1008d244 lstrcmpW
0x1008d248 GetVersionExA
0x1008d24c FreeResource
0x1008d250 GlobalFree
0x1008d254 FormatMessageW
0x1008d258 LocalUnlock
0x1008d25c LocalFree
0x1008d260 LocalLock
0x1008d264 LocalAlloc
0x1008d268 GetModuleFileNameW
0x1008d26c ReadFile
0x1008d270 GetTickCount
0x1008d274 lstrcmpiW
0x1008d278 GetWindowsDirectoryW
0x1008d27c lstrcpyW
0x1008d280 WideCharToMultiByte
0x1008d284 WinExec
0x1008d288 lstrlenW
0x1008d28c lstrcatW
0x1008d290 FreeLibrary
0x1008d294 LoadLibraryExW
0x1008d298 ExitProcess
0x1008d29c MulDiv
0x1008d2a0 GetProcAddress
0x1008d2a4 GetModuleHandleW
0x1008d2a8 LoadLibraryW
0x1008d2ac GetLastError
0x1008d2b0 SetLastError
0x1008d2b4 GlobalAlloc
0x1008d2b8 GlobalUnlock
0x1008d2bc MultiByteToWideChar
0x1008d2c0 GlobalLock
0x1008d2c4 CloseHandle
0x1008d2c8 WriteFile
0x1008d2cc CreateFileW
0x1008d2d0 FindResourceW
0x1008d2d4 LoadResource
0x1008d2d8 LockResource
0x1008d2dc FreeEnvironmentStringsW
0x1008d2e0 SizeofResource
USER32.dll
0x1008d308 DestroyMenu
0x1008d30c GetSysColorBrush
0x1008d310 SetMenuItemBitmaps
0x1008d314 GetMenuCheckMarkDimensions
0x1008d318 LoadBitmapW
0x1008d31c ModifyMenuW
0x1008d320 CheckMenuItem
0x1008d324 SendDlgItemMessageW
0x1008d328 SendDlgItemMessageA
0x1008d32c GetCapture
0x1008d330 SetWindowsHookExW
0x1008d334 CallNextHookEx
0x1008d338 GetClassLongW
0x1008d33c SetPropW
0x1008d340 GetPropW
0x1008d344 RemovePropW
0x1008d348 GetFocus
0x1008d34c GetForegroundWindow
0x1008d350 GetTopWindow
0x1008d354 UnhookWindowsHookEx
0x1008d358 GetMessageTime
0x1008d35c PeekMessageW
0x1008d360 MapWindowPoints
0x1008d364 TrackPopupMenu
0x1008d368 SetMenu
0x1008d36c GetClassInfoExW
0x1008d370 RegisterClassW
0x1008d374 AdjustWindowRectEx
0x1008d378 GetDlgCtrlID
0x1008d37c CallWindowProcW
0x1008d380 GetMenu
0x1008d384 SystemParametersInfoA
0x1008d388 GetWindowPlacement
0x1008d38c GetWindowTextLengthW
0x1008d390 GetScrollPos
0x1008d394 SetScrollPos
0x1008d398 GetWindow
0x1008d39c GetDesktopWindow
0x1008d3a0 CreateDialogIndirectParamW
0x1008d3a4 DestroyWindow
0x1008d3a8 GetNextDlgTabItem
0x1008d3ac DialogBoxIndirectParamW
0x1008d3b0 EndDialog
0x1008d3b4 SetWindowTextW
0x1008d3b8 MoveWindow
0x1008d3bc SetForegroundWindow
0x1008d3c0 SetWindowPos
0x1008d3c4 SetFocus
0x1008d3c8 CheckDlgButton
0x1008d3cc EnableMenuItem
0x1008d3d0 GetDlgItem
0x1008d3d4 GetDialogBaseUnits
0x1008d3d8 EndPaint
0x1008d3dc BeginPaint
0x1008d3e0 MessageBoxW
0x1008d3e4 GetLastActivePopup
0x1008d3e8 GetActiveWindow
0x1008d3ec GetSubMenu
0x1008d3f0 LoadMenuW
0x1008d3f4 MessageBeep
0x1008d3f8 SetWindowLongW
0x1008d3fc TranslateAcceleratorW
0x1008d400 CreatePopupMenu
0x1008d404 IsIconic
0x1008d408 AppendMenuW
0x1008d40c GetSystemMenu
0x1008d410 LoadAcceleratorsW
0x1008d414 LoadIconW
0x1008d418 UpdateWindow
0x1008d41c DispatchMessageW
0x1008d420 TranslateMessage
0x1008d424 GetKeyState
0x1008d428 DrawTextW
0x1008d42c WindowFromDC
0x1008d430 IsWindowVisible
0x1008d434 InvalidateRect
0x1008d438 ReleaseCapture
0x1008d43c GetMessagePos
0x1008d440 SetCapture
0x1008d444 FrameRect
0x1008d448 DrawEdge
0x1008d44c InflateRect
0x1008d450 DrawFocusRect
0x1008d454 RedrawWindow
0x1008d458 DrawIcon
0x1008d45c GetClientRect
0x1008d460 GetAsyncKeyState
0x1008d464 GetMenuState
0x1008d468 GetMenuItemID
0x1008d46c GetMenuItemCount
0x1008d470 CopyRect
0x1008d474 PtInRect
0x1008d478 GetWindowTextW
0x1008d47c GetWindowLongW
0x1008d480 IsWindowEnabled
0x1008d484 ChildWindowFromPoint
0x1008d488 GetParent
0x1008d48c ClientToScreen
0x1008d490 WindowFromPoint
0x1008d494 GetMessageW
0x1008d498 ValidateRect
0x1008d49c PostQuitMessage
0x1008d4a0 GetWindowThreadProcessId
0x1008d4a4 GetWindowDC
0x1008d4a8 GrayStringW
0x1008d4ac SetWindowRgn
0x1008d4b0 OffsetRect
0x1008d4b4 SetRect
0x1008d4b8 SetTimer
0x1008d4bc EqualRect
0x1008d4c0 KillTimer
0x1008d4c4 DrawTextExW
0x1008d4c8 TabbedTextOutW
0x1008d4cc SetActiveWindow
0x1008d4d0 IsDialogMessageW
0x1008d4d4 ScreenToClient
0x1008d4d8 GetCursorPos
0x1008d4dc IsWindow
0x1008d4e0 DefWindowProcW
0x1008d4e4 GetClassInfoW
0x1008d4e8 SetRectEmpty
0x1008d4ec GetClassNameW
0x1008d4f0 LoadCursorW
0x1008d4f4 GetSystemMetrics
0x1008d4f8 SetCursor
0x1008d4fc SystemParametersInfoW
0x1008d500 LoadStringW
0x1008d504 LoadImageW
0x1008d508 DestroyCursor
0x1008d50c DestroyIcon
0x1008d510 CopyIcon
0x1008d514 FillRect
0x1008d518 CreateIconIndirect
0x1008d51c ReleaseDC
0x1008d520 GetDC
0x1008d524 GetIconInfo
0x1008d528 CreateWindowExW
0x1008d52c ShowWindow
0x1008d530 IsRectEmpty
0x1008d534 DrawFrameControl
0x1008d538 GetSysColor
0x1008d53c SetClipboardData
0x1008d540 EmptyClipboard
0x1008d544 CloseClipboard
0x1008d548 OpenClipboard
0x1008d54c PostMessageW
0x1008d550 GetWindowRect
0x1008d554 SendMessageW
0x1008d558 RegisterWindowMessageW
0x1008d55c EnableWindow
0x1008d560 WinHelpW
GDI32.dll
0x1008d038 PtVisible
0x1008d03c RectVisible
0x1008d040 ExtTextOutW
0x1008d044 Escape
0x1008d048 SetViewportOrgEx
0x1008d04c OffsetViewportOrgEx
0x1008d050 SetViewportExtEx
0x1008d054 ScaleViewportExtEx
0x1008d058 SetWindowExtEx
0x1008d05c ScaleWindowExtEx
0x1008d060 DPtoLP
0x1008d064 SaveDC
0x1008d068 SetMapMode
0x1008d06c DeleteDC
0x1008d070 GetCharWidthW
0x1008d074 GetCurrentObject
0x1008d078 GetClipBox
0x1008d07c Rectangle
0x1008d080 GetStockObject
0x1008d084 CreatePolygonRgn
0x1008d088 CreateRoundRectRgn
0x1008d08c OffsetRgn
0x1008d090 CombineRgn
0x1008d094 CreateRectRgn
0x1008d098 SelectClipRgn
0x1008d09c FillRgn
0x1008d0a0 FrameRgn
0x1008d0a4 TextOutW
0x1008d0a8 GetTextExtentPoint32W
0x1008d0ac SetTextJustification
0x1008d0b0 GetTextMetricsW
0x1008d0b4 SetBkColor
0x1008d0b8 SetBkMode
0x1008d0bc CreateFontIndirectW
0x1008d0c0 LineTo
0x1008d0c4 MoveToEx
0x1008d0c8 CreatePen
0x1008d0cc SetTextColor
0x1008d0d0 CreateSolidBrush
0x1008d0d4 StretchBlt
0x1008d0d8 CreateBitmap
0x1008d0dc GetObjectW
0x1008d0e0 GetDeviceCaps
0x1008d0e4 CreateDCW
0x1008d0e8 CreateCompatibleBitmap
0x1008d0ec BitBlt
0x1008d0f0 SelectObject
0x1008d0f4 CreateCompatibleDC
0x1008d0f8 CreateDIBSection
0x1008d0fc DeleteObject
0x1008d100 RestoreDC
WINSPOOL.DRV
0x1008d570 ClosePrinter
0x1008d574 OpenPrinterW
0x1008d578 DocumentPropertiesW
ADVAPI32.dll
0x1008d000 RegOpenKeyW
0x1008d004 RegQueryValueW
0x1008d008 RegCloseKey
0x1008d00c RegQueryValueExW
0x1008d010 RegCreateKeyExW
0x1008d014 RegOpenKeyExW
0x1008d018 RegEnumKeyW
0x1008d01c RegDeleteKeyW
0x1008d020 RegSetValueExW
SHELL32.dll
0x1008d2f8 ShellExecuteW
COMCTL32.dll
0x1008d028 ImageList_GetImageCount
0x1008d02c ImageList_GetIcon
0x1008d030 None
SHLWAPI.dll
0x1008d300 PathFindExtensionW
OLEAUT32.dll
0x1008d2e8 VariantClear
0x1008d2ec VariantChangeType
0x1008d2f0 VariantInit
WINMM.dll
0x1008d568 PlaySoundW
EAT(Export Address Table) Library
0x10079b90 DllRegisterServer
0x1006bf00 DllUnregisterServer