ScreenShot
| Created | 2022.04.27 18:32 | Machine | s1_win7_x6403 |
| Filename | vbc.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 19 detected (AIDetect, malware2, malicious, high confidence, GenericRXRY, MalPbs, gen1, GenKryptik, FTUZ, Delf, CLOUD, Wacapew, BScope, Diple, R002H06DR22, susgen, EKLE, RATX) | ||
| md5 | 15c6da72eb32ee1b8ea97d4320a39dff | ||
| sha256 | 5a116045f9e40be64ae46a63626844ed4dcc5a921485b681ebdbd217664e1342 | ||
| ssdeep | 12288:oukOZ21XK+1YAQFsmwZdGzzaMxf/nV9LXzBngWD2biibggGPX4:oukaY6XAQGm1P7lfTjBngbP | ||
| imphash | 3055fb849ae41f907ab51b691e273f53 | ||
| impfuzzy | 192:f3xnd1O4phbuuArSUvK9RqoaqEKe7CPbOQwt:f3j1fAA9LlPbOQ0 | ||
Network IP location
Signature (13cnts)
| Level | Description |
|---|---|
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Creates a thread using CreateRemoteThread in a non-child process indicative of process injection |
| watch | File has been identified by 19 AntiVirus engines on VirusTotal as malicious |
| watch | Installs itself for autorun at Windows startup |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | Network activity contains more than one unique useragent |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Foreign language identified in PE resource |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (3cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
kernel32.dll
0x488154 DeleteCriticalSection
0x488158 LeaveCriticalSection
0x48815c EnterCriticalSection
0x488160 InitializeCriticalSection
0x488164 VirtualFree
0x488168 VirtualAlloc
0x48816c LocalFree
0x488170 LocalAlloc
0x488174 GetVersion
0x488178 GetCurrentThreadId
0x48817c InterlockedDecrement
0x488180 InterlockedIncrement
0x488184 VirtualQuery
0x488188 WideCharToMultiByte
0x48818c MultiByteToWideChar
0x488190 lstrlenA
0x488194 lstrcpynA
0x488198 LoadLibraryExA
0x48819c GetThreadLocale
0x4881a0 GetStartupInfoA
0x4881a4 GetProcAddress
0x4881a8 GetModuleHandleA
0x4881ac GetModuleFileNameA
0x4881b0 GetLocaleInfoA
0x4881b4 GetCommandLineA
0x4881b8 FreeLibrary
0x4881bc FindFirstFileA
0x4881c0 FindClose
0x4881c4 ExitProcess
0x4881c8 WriteFile
0x4881cc UnhandledExceptionFilter
0x4881d0 RtlUnwind
0x4881d4 RaiseException
0x4881d8 GetStdHandle
user32.dll
0x4881e0 GetKeyboardType
0x4881e4 LoadStringA
0x4881e8 MessageBoxA
0x4881ec CharNextA
advapi32.dll
0x4881f4 RegQueryValueExA
0x4881f8 RegOpenKeyExA
0x4881fc RegCloseKey
oleaut32.dll
0x488204 SysFreeString
0x488208 SysReAllocStringLen
0x48820c SysAllocStringLen
kernel32.dll
0x488214 TlsSetValue
0x488218 TlsGetValue
0x48821c LocalAlloc
0x488220 GetModuleHandleA
advapi32.dll
0x488228 RegQueryValueExA
0x48822c RegOpenKeyExA
0x488230 RegFlushKey
0x488234 RegCreateKeyExA
0x488238 RegCloseKey
0x48823c AddAce
kernel32.dll
0x488244 lstrcpyA
0x488248 WriteFile
0x48824c WideCharToMultiByte
0x488250 WaitForSingleObject
0x488254 VirtualQuery
0x488258 VirtualProtect
0x48825c VirtualAlloc
0x488260 Sleep
0x488264 SizeofResource
0x488268 SetThreadLocale
0x48826c SetFilePointer
0x488270 SetEvent
0x488274 SetErrorMode
0x488278 SetEndOfFile
0x48827c ResetEvent
0x488280 ReadFile
0x488284 MultiByteToWideChar
0x488288 MulDiv
0x48828c LockResource
0x488290 LoadResource
0x488294 LoadLibraryA
0x488298 LeaveCriticalSection
0x48829c InitializeCriticalSection
0x4882a0 GlobalUnlock
0x4882a4 GlobalSize
0x4882a8 GlobalReAlloc
0x4882ac GlobalHandle
0x4882b0 GlobalLock
0x4882b4 GlobalFree
0x4882b8 GlobalFindAtomA
0x4882bc GlobalDeleteAtom
0x4882c0 GlobalAlloc
0x4882c4 GlobalAddAtomA
0x4882c8 GetVersionExA
0x4882cc GetVersion
0x4882d0 GetUserDefaultLCID
0x4882d4 GetTickCount
0x4882d8 GetThreadLocale
0x4882dc GetSystemInfo
0x4882e0 GetStringTypeExA
0x4882e4 GetStdHandle
0x4882e8 GetProcAddress
0x4882ec GetModuleHandleA
0x4882f0 GetModuleFileNameA
0x4882f4 GetLocaleInfoA
0x4882f8 GetLocalTime
0x4882fc GetLastError
0x488300 GetFullPathNameA
0x488304 GetDiskFreeSpaceA
0x488308 GetDateFormatA
0x48830c GetCurrentThreadId
0x488310 GetCurrentProcessId
0x488314 GetCurrentProcess
0x488318 GetComputerNameA
0x48831c GetCPInfo
0x488320 GetACP
0x488324 FreeResource
0x488328 InterlockedExchange
0x48832c FreeLibrary
0x488330 FormatMessageA
0x488334 FlushInstructionCache
0x488338 FindResourceA
0x48833c EnumCalendarInfoA
0x488340 EnterCriticalSection
0x488344 DeleteCriticalSection
0x488348 CreateThread
0x48834c CreateFileA
0x488350 CreateEventA
0x488354 CompareStringA
0x488358 CloseHandle
version.dll
0x488360 VerQueryValueA
0x488364 GetFileVersionInfoSizeA
0x488368 GetFileVersionInfoA
gdi32.dll
0x488370 UnrealizeObject
0x488374 StretchBlt
0x488378 SetWindowOrgEx
0x48837c SetWinMetaFileBits
0x488380 SetViewportOrgEx
0x488384 SetTextColor
0x488388 SetStretchBltMode
0x48838c SetROP2
0x488390 SetPixel
0x488394 SetEnhMetaFileBits
0x488398 SetDIBColorTable
0x48839c SetBrushOrgEx
0x4883a0 SetBkMode
0x4883a4 SetBkColor
0x4883a8 SelectPalette
0x4883ac SelectObject
0x4883b0 SaveDC
0x4883b4 RoundRect
0x4883b8 RestoreDC
0x4883bc Rectangle
0x4883c0 RectVisible
0x4883c4 RealizePalette
0x4883c8 PlayEnhMetaFile
0x4883cc PatBlt
0x4883d0 MoveToEx
0x4883d4 MaskBlt
0x4883d8 LineTo
0x4883dc IntersectClipRect
0x4883e0 GetWindowOrgEx
0x4883e4 GetWinMetaFileBits
0x4883e8 GetTextMetricsA
0x4883ec GetTextExtentPointA
0x4883f0 GetTextExtentPoint32A
0x4883f4 GetTextAlign
0x4883f8 GetSystemPaletteEntries
0x4883fc GetStockObject
0x488400 GetROP2
0x488404 GetPolyFillMode
0x488408 GetPixelFormat
0x48840c GetPixel
0x488410 GetPaletteEntries
0x488414 GetObjectA
0x488418 GetMapMode
0x48841c GetEnhMetaFilePaletteEntries
0x488420 GetEnhMetaFileHeader
0x488424 GetEnhMetaFileDescriptionA
0x488428 GetEnhMetaFileBits
0x48842c GetDeviceCaps
0x488430 GetDIBits
0x488434 GetDIBColorTable
0x488438 GetDCOrgEx
0x48843c GetDCPenColor
0x488440 GetCurrentPositionEx
0x488444 GetClipBox
0x488448 GetBrushOrgEx
0x48844c GetBkMode
0x488450 GetBkColor
0x488454 GetBitmapBits
0x488458 GdiFlush
0x48845c ExcludeClipRect
0x488460 Ellipse
0x488464 DeleteObject
0x488468 DeleteEnhMetaFile
0x48846c DeleteDC
0x488470 CreateSolidBrush
0x488474 CreatePenIndirect
0x488478 CreatePalette
0x48847c CreateHalftonePalette
0x488480 CreateFontIndirectA
0x488484 CreateEnhMetaFileA
0x488488 CreateDIBitmap
0x48848c CreateDIBSection
0x488490 CreateCompatibleDC
0x488494 CreateCompatibleBitmap
0x488498 CreateBrushIndirect
0x48849c CreateBitmap
0x4884a0 CopyEnhMetaFileA
0x4884a4 CloseEnhMetaFile
0x4884a8 BitBlt
user32.dll
0x4884b0 CreateWindowExA
0x4884b4 WindowFromPoint
0x4884b8 WinHelpA
0x4884bc WaitMessage
0x4884c0 UpdateWindow
0x4884c4 UnregisterClassA
0x4884c8 UnhookWindowsHookEx
0x4884cc TranslateMessage
0x4884d0 TranslateMDISysAccel
0x4884d4 TrackPopupMenu
0x4884d8 SystemParametersInfoA
0x4884dc ShowWindow
0x4884e0 ShowScrollBar
0x4884e4 ShowOwnedPopups
0x4884e8 ShowCursor
0x4884ec SetWindowsHookExA
0x4884f0 SetWindowTextA
0x4884f4 SetWindowPos
0x4884f8 SetWindowPlacement
0x4884fc SetWindowLongA
0x488500 SetTimer
0x488504 SetScrollRange
0x488508 SetScrollPos
0x48850c SetScrollInfo
0x488510 SetRect
0x488514 SetPropA
0x488518 SetParent
0x48851c SetMenuItemInfoA
0x488520 SetMenu
0x488524 SetForegroundWindow
0x488528 SetFocus
0x48852c SetCursor
0x488530 SetClassLongA
0x488534 SetCapture
0x488538 SetActiveWindow
0x48853c SendMessageA
0x488540 ScrollWindow
0x488544 ScreenToClient
0x488548 RemovePropA
0x48854c RemoveMenu
0x488550 ReleaseDC
0x488554 ReleaseCapture
0x488558 RegisterWindowMessageA
0x48855c RegisterClipboardFormatA
0x488560 RegisterClassA
0x488564 RedrawWindow
0x488568 PtInRect
0x48856c PostQuitMessage
0x488570 PostMessageA
0x488574 PeekMessageA
0x488578 OffsetRect
0x48857c OemToCharA
0x488580 MessageBoxA
0x488584 MapWindowPoints
0x488588 MapVirtualKeyA
0x48858c LoadStringA
0x488590 LoadKeyboardLayoutA
0x488594 LoadIconA
0x488598 LoadCursorA
0x48859c LoadBitmapA
0x4885a0 KillTimer
0x4885a4 IsZoomed
0x4885a8 IsWindowVisible
0x4885ac IsWindowEnabled
0x4885b0 IsWindow
0x4885b4 IsRectEmpty
0x4885b8 IsIconic
0x4885bc IsDialogMessageA
0x4885c0 IsChild
0x4885c4 InvalidateRect
0x4885c8 IntersectRect
0x4885cc InsertMenuItemA
0x4885d0 InsertMenuA
0x4885d4 InflateRect
0x4885d8 GetWindowThreadProcessId
0x4885dc GetWindowTextA
0x4885e0 GetWindowRect
0x4885e4 GetWindowPlacement
0x4885e8 GetWindowLongA
0x4885ec GetWindowDC
0x4885f0 GetTopWindow
0x4885f4 GetSystemMetrics
0x4885f8 GetSystemMenu
0x4885fc GetSysColorBrush
0x488600 GetSysColor
0x488604 GetSubMenu
0x488608 GetScrollRange
0x48860c GetScrollPos
0x488610 GetScrollInfo
0x488614 GetPropA
0x488618 GetParent
0x48861c GetWindow
0x488620 GetMessageTime
0x488624 GetMenuStringA
0x488628 GetMenuState
0x48862c GetMenuItemInfoA
0x488630 GetMenuItemID
0x488634 GetMenuItemCount
0x488638 GetMenu
0x48863c GetLastActivePopup
0x488640 GetKeyboardState
0x488644 GetKeyboardLayoutList
0x488648 GetKeyboardLayout
0x48864c GetKeyState
0x488650 GetKeyNameTextA
0x488654 GetIconInfo
0x488658 GetForegroundWindow
0x48865c GetFocus
0x488660 GetDesktopWindow
0x488664 GetDCEx
0x488668 GetDC
0x48866c GetCursorPos
0x488670 GetCursor
0x488674 GetClipboardData
0x488678 GetClientRect
0x48867c GetClassNameA
0x488680 GetClassInfoA
0x488684 GetCapture
0x488688 GetActiveWindow
0x48868c FrameRect
0x488690 FindWindowA
0x488694 FillRect
0x488698 EqualRect
0x48869c EnumWindows
0x4886a0 EnumThreadWindows
0x4886a4 EndPaint
0x4886a8 EnableWindow
0x4886ac EnableScrollBar
0x4886b0 EnableMenuItem
0x4886b4 DrawTextA
0x4886b8 DrawMenuBar
0x4886bc DrawIconEx
0x4886c0 DrawIcon
0x4886c4 DrawFrameControl
0x4886c8 DrawFocusRect
0x4886cc DrawEdge
0x4886d0 DispatchMessageA
0x4886d4 DestroyWindow
0x4886d8 DestroyMenu
0x4886dc DestroyIcon
0x4886e0 DestroyCursor
0x4886e4 DeleteMenu
0x4886e8 DefWindowProcA
0x4886ec DefMDIChildProcA
0x4886f0 DefFrameProcA
0x4886f4 CreatePopupMenu
0x4886f8 CreateMenu
0x4886fc CreateIcon
0x488700 ClientToScreen
0x488704 CheckMenuItem
0x488708 CallWindowProcA
0x48870c CallNextHookEx
0x488710 BeginPaint
0x488714 CharNextA
0x488718 CharLowerBuffA
0x48871c CharLowerA
0x488720 CharUpperBuffA
0x488724 CharToOemA
0x488728 AdjustWindowRectEx
0x48872c ActivateKeyboardLayout
kernel32.dll
0x488734 Sleep
oleaut32.dll
0x48873c SafeArrayPtrOfIndex
0x488740 SafeArrayPutElement
0x488744 SafeArrayGetElement
0x488748 SafeArrayUnaccessData
0x48874c SafeArrayAccessData
0x488750 SafeArrayGetUBound
0x488754 SafeArrayGetLBound
0x488758 SafeArrayCreate
0x48875c VariantChangeType
0x488760 VariantCopyInd
0x488764 VariantCopy
0x488768 VariantClear
0x48876c VariantInit
ole32.dll
0x488774 CreateStreamOnHGlobal
0x488778 IsAccelerator
0x48877c OleDraw
0x488780 OleSetMenuDescriptor
0x488784 CoTaskMemFree
0x488788 ProgIDFromCLSID
0x48878c StringFromCLSID
0x488790 CoCreateInstance
0x488794 CoGetClassObject
0x488798 CoUninitialize
0x48879c CoInitialize
0x4887a0 IsEqualGUID
oleaut32.dll
0x4887a8 GetErrorInfo
0x4887ac GetActiveObject
0x4887b0 SysFreeString
comctl32.dll
0x4887b8 ImageList_SetIconSize
0x4887bc ImageList_GetIconSize
0x4887c0 ImageList_Write
0x4887c4 ImageList_Read
0x4887c8 ImageList_GetDragImage
0x4887cc ImageList_DragShowNolock
0x4887d0 ImageList_SetDragCursorImage
0x4887d4 ImageList_DragMove
0x4887d8 ImageList_DragLeave
0x4887dc ImageList_DragEnter
0x4887e0 ImageList_EndDrag
0x4887e4 ImageList_BeginDrag
0x4887e8 ImageList_Remove
0x4887ec ImageList_DrawEx
0x4887f0 ImageList_Replace
0x4887f4 ImageList_Draw
0x4887f8 ImageList_GetBkColor
0x4887fc ImageList_SetBkColor
0x488800 ImageList_ReplaceIcon
0x488804 ImageList_Add
0x488808 ImageList_SetImageCount
0x48880c ImageList_GetImageCount
0x488810 ImageList_Destroy
0x488814 ImageList_Create
shell32.dll
0x48881c ShellExecuteA
EAT(Export Address Table) is none
kernel32.dll
0x488154 DeleteCriticalSection
0x488158 LeaveCriticalSection
0x48815c EnterCriticalSection
0x488160 InitializeCriticalSection
0x488164 VirtualFree
0x488168 VirtualAlloc
0x48816c LocalFree
0x488170 LocalAlloc
0x488174 GetVersion
0x488178 GetCurrentThreadId
0x48817c InterlockedDecrement
0x488180 InterlockedIncrement
0x488184 VirtualQuery
0x488188 WideCharToMultiByte
0x48818c MultiByteToWideChar
0x488190 lstrlenA
0x488194 lstrcpynA
0x488198 LoadLibraryExA
0x48819c GetThreadLocale
0x4881a0 GetStartupInfoA
0x4881a4 GetProcAddress
0x4881a8 GetModuleHandleA
0x4881ac GetModuleFileNameA
0x4881b0 GetLocaleInfoA
0x4881b4 GetCommandLineA
0x4881b8 FreeLibrary
0x4881bc FindFirstFileA
0x4881c0 FindClose
0x4881c4 ExitProcess
0x4881c8 WriteFile
0x4881cc UnhandledExceptionFilter
0x4881d0 RtlUnwind
0x4881d4 RaiseException
0x4881d8 GetStdHandle
user32.dll
0x4881e0 GetKeyboardType
0x4881e4 LoadStringA
0x4881e8 MessageBoxA
0x4881ec CharNextA
advapi32.dll
0x4881f4 RegQueryValueExA
0x4881f8 RegOpenKeyExA
0x4881fc RegCloseKey
oleaut32.dll
0x488204 SysFreeString
0x488208 SysReAllocStringLen
0x48820c SysAllocStringLen
kernel32.dll
0x488214 TlsSetValue
0x488218 TlsGetValue
0x48821c LocalAlloc
0x488220 GetModuleHandleA
advapi32.dll
0x488228 RegQueryValueExA
0x48822c RegOpenKeyExA
0x488230 RegFlushKey
0x488234 RegCreateKeyExA
0x488238 RegCloseKey
0x48823c AddAce
kernel32.dll
0x488244 lstrcpyA
0x488248 WriteFile
0x48824c WideCharToMultiByte
0x488250 WaitForSingleObject
0x488254 VirtualQuery
0x488258 VirtualProtect
0x48825c VirtualAlloc
0x488260 Sleep
0x488264 SizeofResource
0x488268 SetThreadLocale
0x48826c SetFilePointer
0x488270 SetEvent
0x488274 SetErrorMode
0x488278 SetEndOfFile
0x48827c ResetEvent
0x488280 ReadFile
0x488284 MultiByteToWideChar
0x488288 MulDiv
0x48828c LockResource
0x488290 LoadResource
0x488294 LoadLibraryA
0x488298 LeaveCriticalSection
0x48829c InitializeCriticalSection
0x4882a0 GlobalUnlock
0x4882a4 GlobalSize
0x4882a8 GlobalReAlloc
0x4882ac GlobalHandle
0x4882b0 GlobalLock
0x4882b4 GlobalFree
0x4882b8 GlobalFindAtomA
0x4882bc GlobalDeleteAtom
0x4882c0 GlobalAlloc
0x4882c4 GlobalAddAtomA
0x4882c8 GetVersionExA
0x4882cc GetVersion
0x4882d0 GetUserDefaultLCID
0x4882d4 GetTickCount
0x4882d8 GetThreadLocale
0x4882dc GetSystemInfo
0x4882e0 GetStringTypeExA
0x4882e4 GetStdHandle
0x4882e8 GetProcAddress
0x4882ec GetModuleHandleA
0x4882f0 GetModuleFileNameA
0x4882f4 GetLocaleInfoA
0x4882f8 GetLocalTime
0x4882fc GetLastError
0x488300 GetFullPathNameA
0x488304 GetDiskFreeSpaceA
0x488308 GetDateFormatA
0x48830c GetCurrentThreadId
0x488310 GetCurrentProcessId
0x488314 GetCurrentProcess
0x488318 GetComputerNameA
0x48831c GetCPInfo
0x488320 GetACP
0x488324 FreeResource
0x488328 InterlockedExchange
0x48832c FreeLibrary
0x488330 FormatMessageA
0x488334 FlushInstructionCache
0x488338 FindResourceA
0x48833c EnumCalendarInfoA
0x488340 EnterCriticalSection
0x488344 DeleteCriticalSection
0x488348 CreateThread
0x48834c CreateFileA
0x488350 CreateEventA
0x488354 CompareStringA
0x488358 CloseHandle
version.dll
0x488360 VerQueryValueA
0x488364 GetFileVersionInfoSizeA
0x488368 GetFileVersionInfoA
gdi32.dll
0x488370 UnrealizeObject
0x488374 StretchBlt
0x488378 SetWindowOrgEx
0x48837c SetWinMetaFileBits
0x488380 SetViewportOrgEx
0x488384 SetTextColor
0x488388 SetStretchBltMode
0x48838c SetROP2
0x488390 SetPixel
0x488394 SetEnhMetaFileBits
0x488398 SetDIBColorTable
0x48839c SetBrushOrgEx
0x4883a0 SetBkMode
0x4883a4 SetBkColor
0x4883a8 SelectPalette
0x4883ac SelectObject
0x4883b0 SaveDC
0x4883b4 RoundRect
0x4883b8 RestoreDC
0x4883bc Rectangle
0x4883c0 RectVisible
0x4883c4 RealizePalette
0x4883c8 PlayEnhMetaFile
0x4883cc PatBlt
0x4883d0 MoveToEx
0x4883d4 MaskBlt
0x4883d8 LineTo
0x4883dc IntersectClipRect
0x4883e0 GetWindowOrgEx
0x4883e4 GetWinMetaFileBits
0x4883e8 GetTextMetricsA
0x4883ec GetTextExtentPointA
0x4883f0 GetTextExtentPoint32A
0x4883f4 GetTextAlign
0x4883f8 GetSystemPaletteEntries
0x4883fc GetStockObject
0x488400 GetROP2
0x488404 GetPolyFillMode
0x488408 GetPixelFormat
0x48840c GetPixel
0x488410 GetPaletteEntries
0x488414 GetObjectA
0x488418 GetMapMode
0x48841c GetEnhMetaFilePaletteEntries
0x488420 GetEnhMetaFileHeader
0x488424 GetEnhMetaFileDescriptionA
0x488428 GetEnhMetaFileBits
0x48842c GetDeviceCaps
0x488430 GetDIBits
0x488434 GetDIBColorTable
0x488438 GetDCOrgEx
0x48843c GetDCPenColor
0x488440 GetCurrentPositionEx
0x488444 GetClipBox
0x488448 GetBrushOrgEx
0x48844c GetBkMode
0x488450 GetBkColor
0x488454 GetBitmapBits
0x488458 GdiFlush
0x48845c ExcludeClipRect
0x488460 Ellipse
0x488464 DeleteObject
0x488468 DeleteEnhMetaFile
0x48846c DeleteDC
0x488470 CreateSolidBrush
0x488474 CreatePenIndirect
0x488478 CreatePalette
0x48847c CreateHalftonePalette
0x488480 CreateFontIndirectA
0x488484 CreateEnhMetaFileA
0x488488 CreateDIBitmap
0x48848c CreateDIBSection
0x488490 CreateCompatibleDC
0x488494 CreateCompatibleBitmap
0x488498 CreateBrushIndirect
0x48849c CreateBitmap
0x4884a0 CopyEnhMetaFileA
0x4884a4 CloseEnhMetaFile
0x4884a8 BitBlt
user32.dll
0x4884b0 CreateWindowExA
0x4884b4 WindowFromPoint
0x4884b8 WinHelpA
0x4884bc WaitMessage
0x4884c0 UpdateWindow
0x4884c4 UnregisterClassA
0x4884c8 UnhookWindowsHookEx
0x4884cc TranslateMessage
0x4884d0 TranslateMDISysAccel
0x4884d4 TrackPopupMenu
0x4884d8 SystemParametersInfoA
0x4884dc ShowWindow
0x4884e0 ShowScrollBar
0x4884e4 ShowOwnedPopups
0x4884e8 ShowCursor
0x4884ec SetWindowsHookExA
0x4884f0 SetWindowTextA
0x4884f4 SetWindowPos
0x4884f8 SetWindowPlacement
0x4884fc SetWindowLongA
0x488500 SetTimer
0x488504 SetScrollRange
0x488508 SetScrollPos
0x48850c SetScrollInfo
0x488510 SetRect
0x488514 SetPropA
0x488518 SetParent
0x48851c SetMenuItemInfoA
0x488520 SetMenu
0x488524 SetForegroundWindow
0x488528 SetFocus
0x48852c SetCursor
0x488530 SetClassLongA
0x488534 SetCapture
0x488538 SetActiveWindow
0x48853c SendMessageA
0x488540 ScrollWindow
0x488544 ScreenToClient
0x488548 RemovePropA
0x48854c RemoveMenu
0x488550 ReleaseDC
0x488554 ReleaseCapture
0x488558 RegisterWindowMessageA
0x48855c RegisterClipboardFormatA
0x488560 RegisterClassA
0x488564 RedrawWindow
0x488568 PtInRect
0x48856c PostQuitMessage
0x488570 PostMessageA
0x488574 PeekMessageA
0x488578 OffsetRect
0x48857c OemToCharA
0x488580 MessageBoxA
0x488584 MapWindowPoints
0x488588 MapVirtualKeyA
0x48858c LoadStringA
0x488590 LoadKeyboardLayoutA
0x488594 LoadIconA
0x488598 LoadCursorA
0x48859c LoadBitmapA
0x4885a0 KillTimer
0x4885a4 IsZoomed
0x4885a8 IsWindowVisible
0x4885ac IsWindowEnabled
0x4885b0 IsWindow
0x4885b4 IsRectEmpty
0x4885b8 IsIconic
0x4885bc IsDialogMessageA
0x4885c0 IsChild
0x4885c4 InvalidateRect
0x4885c8 IntersectRect
0x4885cc InsertMenuItemA
0x4885d0 InsertMenuA
0x4885d4 InflateRect
0x4885d8 GetWindowThreadProcessId
0x4885dc GetWindowTextA
0x4885e0 GetWindowRect
0x4885e4 GetWindowPlacement
0x4885e8 GetWindowLongA
0x4885ec GetWindowDC
0x4885f0 GetTopWindow
0x4885f4 GetSystemMetrics
0x4885f8 GetSystemMenu
0x4885fc GetSysColorBrush
0x488600 GetSysColor
0x488604 GetSubMenu
0x488608 GetScrollRange
0x48860c GetScrollPos
0x488610 GetScrollInfo
0x488614 GetPropA
0x488618 GetParent
0x48861c GetWindow
0x488620 GetMessageTime
0x488624 GetMenuStringA
0x488628 GetMenuState
0x48862c GetMenuItemInfoA
0x488630 GetMenuItemID
0x488634 GetMenuItemCount
0x488638 GetMenu
0x48863c GetLastActivePopup
0x488640 GetKeyboardState
0x488644 GetKeyboardLayoutList
0x488648 GetKeyboardLayout
0x48864c GetKeyState
0x488650 GetKeyNameTextA
0x488654 GetIconInfo
0x488658 GetForegroundWindow
0x48865c GetFocus
0x488660 GetDesktopWindow
0x488664 GetDCEx
0x488668 GetDC
0x48866c GetCursorPos
0x488670 GetCursor
0x488674 GetClipboardData
0x488678 GetClientRect
0x48867c GetClassNameA
0x488680 GetClassInfoA
0x488684 GetCapture
0x488688 GetActiveWindow
0x48868c FrameRect
0x488690 FindWindowA
0x488694 FillRect
0x488698 EqualRect
0x48869c EnumWindows
0x4886a0 EnumThreadWindows
0x4886a4 EndPaint
0x4886a8 EnableWindow
0x4886ac EnableScrollBar
0x4886b0 EnableMenuItem
0x4886b4 DrawTextA
0x4886b8 DrawMenuBar
0x4886bc DrawIconEx
0x4886c0 DrawIcon
0x4886c4 DrawFrameControl
0x4886c8 DrawFocusRect
0x4886cc DrawEdge
0x4886d0 DispatchMessageA
0x4886d4 DestroyWindow
0x4886d8 DestroyMenu
0x4886dc DestroyIcon
0x4886e0 DestroyCursor
0x4886e4 DeleteMenu
0x4886e8 DefWindowProcA
0x4886ec DefMDIChildProcA
0x4886f0 DefFrameProcA
0x4886f4 CreatePopupMenu
0x4886f8 CreateMenu
0x4886fc CreateIcon
0x488700 ClientToScreen
0x488704 CheckMenuItem
0x488708 CallWindowProcA
0x48870c CallNextHookEx
0x488710 BeginPaint
0x488714 CharNextA
0x488718 CharLowerBuffA
0x48871c CharLowerA
0x488720 CharUpperBuffA
0x488724 CharToOemA
0x488728 AdjustWindowRectEx
0x48872c ActivateKeyboardLayout
kernel32.dll
0x488734 Sleep
oleaut32.dll
0x48873c SafeArrayPtrOfIndex
0x488740 SafeArrayPutElement
0x488744 SafeArrayGetElement
0x488748 SafeArrayUnaccessData
0x48874c SafeArrayAccessData
0x488750 SafeArrayGetUBound
0x488754 SafeArrayGetLBound
0x488758 SafeArrayCreate
0x48875c VariantChangeType
0x488760 VariantCopyInd
0x488764 VariantCopy
0x488768 VariantClear
0x48876c VariantInit
ole32.dll
0x488774 CreateStreamOnHGlobal
0x488778 IsAccelerator
0x48877c OleDraw
0x488780 OleSetMenuDescriptor
0x488784 CoTaskMemFree
0x488788 ProgIDFromCLSID
0x48878c StringFromCLSID
0x488790 CoCreateInstance
0x488794 CoGetClassObject
0x488798 CoUninitialize
0x48879c CoInitialize
0x4887a0 IsEqualGUID
oleaut32.dll
0x4887a8 GetErrorInfo
0x4887ac GetActiveObject
0x4887b0 SysFreeString
comctl32.dll
0x4887b8 ImageList_SetIconSize
0x4887bc ImageList_GetIconSize
0x4887c0 ImageList_Write
0x4887c4 ImageList_Read
0x4887c8 ImageList_GetDragImage
0x4887cc ImageList_DragShowNolock
0x4887d0 ImageList_SetDragCursorImage
0x4887d4 ImageList_DragMove
0x4887d8 ImageList_DragLeave
0x4887dc ImageList_DragEnter
0x4887e0 ImageList_EndDrag
0x4887e4 ImageList_BeginDrag
0x4887e8 ImageList_Remove
0x4887ec ImageList_DrawEx
0x4887f0 ImageList_Replace
0x4887f4 ImageList_Draw
0x4887f8 ImageList_GetBkColor
0x4887fc ImageList_SetBkColor
0x488800 ImageList_ReplaceIcon
0x488804 ImageList_Add
0x488808 ImageList_SetImageCount
0x48880c ImageList_GetImageCount
0x488810 ImageList_Destroy
0x488814 ImageList_Create
shell32.dll
0x48881c ShellExecuteA
EAT(Export Address Table) is none