ScreenShot
| Created | 2022.05.20 13:27 | Machine | s1_win7_x6403 |
| Filename | 7 | ||
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | a779b4298cfb967f3dad8155e41bb53c | ||
| sha256 | d5a4ba0b28cf0bbf99e4609d04aa63b141254af2c7b8135e03df467dda016792 | ||
| ssdeep | 12288:LJsMwUL89WbZz4di6gy1X+FcxhSntqYuXKw29lTxbkTi+kK:LJsMwULdN8d3gy1X+khIuXKwIlqTtkK | ||
| imphash | cef7e711f2eeb92f122893202dc2ab83 | ||
| impfuzzy | 192:rMlFHl84UxUKpcEVSrk9xxLU3TcFcncEWiPkP4NPv:IH24c63TcaVkP4NPv | ||
Network IP location
Signature (14cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| warning | Generates some ICMP traffic |
| watch | Attempts to remove evidence of file being downloaded from the Internet |
| watch | Communicates with host for which no DNS query was performed |
| watch | Created a service where a service was also not started |
| watch | Installs itself for autorun at Windows startup |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates a suspicious process |
| notice | Expresses interest in specific running processes |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | Queries for the computername |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (10cnts) ?
Suricata ids
ET CNC Feodo Tracker Reported CnC Server group 5
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET CNC Feodo Tracker Reported CnC Server group 6
ET INFO TLS Handshake Failure
ET CNC Feodo Tracker Reported CnC Server group 24
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET CNC Feodo Tracker Reported CnC Server group 6
ET INFO TLS Handshake Failure
ET CNC Feodo Tracker Reported CnC Server group 24
PE API
IAT(Import Address Table) Library
WSOCK32.dll
0x1005ba40 inet_addr
0x1005ba48 WSACleanup
0x1005ba50 gethostbyname
0x1005ba58 WSAStartup
KERNEL32.dll
0x1005b158 FileTimeToLocalFileTime
0x1005b160 GetFileAttributesA
0x1005b168 GetFileTime
0x1005b170 GetTickCount
0x1005b178 RtlLookupFunctionEntry
0x1005b180 RtlUnwindEx
0x1005b188 RaiseException
0x1005b190 RtlPcToFileHeader
0x1005b198 HeapFree
0x1005b1a0 VirtualProtect
0x1005b1a8 GetSystemInfo
0x1005b1b0 VirtualQuery
0x1005b1b8 HeapAlloc
0x1005b1c0 HeapReAlloc
0x1005b1c8 FlsSetValue
0x1005b1d0 GetCommandLineA
0x1005b1d8 GetProcessHeap
0x1005b1e0 HeapSize
0x1005b1e8 FlsGetValue
0x1005b1f0 FlsFree
0x1005b1f8 FlsAlloc
0x1005b200 Sleep
0x1005b208 TerminateProcess
0x1005b210 UnhandledExceptionFilter
0x1005b218 SetUnhandledExceptionFilter
0x1005b220 IsDebuggerPresent
0x1005b228 RtlCaptureContext
0x1005b230 HeapSetInformation
0x1005b238 HeapCreate
0x1005b240 HeapDestroy
0x1005b248 GetStdHandle
0x1005b250 SetHandleCount
0x1005b258 GetFileType
0x1005b260 GetStartupInfoA
0x1005b268 FreeEnvironmentStringsA
0x1005b270 GetEnvironmentStrings
0x1005b278 FreeEnvironmentStringsW
0x1005b280 GetEnvironmentStringsW
0x1005b288 QueryPerformanceCounter
0x1005b290 GetSystemTimeAsFileTime
0x1005b298 GetACP
0x1005b2a0 GetStringTypeA
0x1005b2a8 GetStringTypeW
0x1005b2b0 GetTimeZoneInformation
0x1005b2b8 GetLocaleInfoW
0x1005b2c0 GetConsoleCP
0x1005b2c8 GetConsoleMode
0x1005b2d0 LCMapStringA
0x1005b2d8 LCMapStringW
0x1005b2e0 GetUserDefaultLCID
0x1005b2e8 EnumSystemLocalesA
0x1005b2f0 IsValidLocale
0x1005b2f8 IsValidCodePage
0x1005b300 SetStdHandle
0x1005b308 WriteConsoleA
0x1005b310 GetConsoleOutputCP
0x1005b318 WriteConsoleW
0x1005b320 SetEnvironmentVariableA
0x1005b328 FileTimeToSystemTime
0x1005b330 GetOEMCP
0x1005b338 GetCPInfo
0x1005b340 CreateFileA
0x1005b348 GetFullPathNameA
0x1005b350 GetVolumeInformationA
0x1005b358 FindFirstFileA
0x1005b360 FindClose
0x1005b368 GetCurrentProcess
0x1005b370 DuplicateHandle
0x1005b378 GetThreadLocale
0x1005b380 GetFileSize
0x1005b388 SetEndOfFile
0x1005b390 UnlockFile
0x1005b398 LockFile
0x1005b3a0 FlushFileBuffers
0x1005b3a8 SetFilePointer
0x1005b3b0 WriteFile
0x1005b3b8 ReadFile
0x1005b3c0 TlsFree
0x1005b3c8 DeleteCriticalSection
0x1005b3d0 LocalReAlloc
0x1005b3d8 TlsSetValue
0x1005b3e0 GlobalHandle
0x1005b3e8 GlobalReAlloc
0x1005b3f0 TlsAlloc
0x1005b3f8 InitializeCriticalSection
0x1005b400 EnterCriticalSection
0x1005b408 TlsGetValue
0x1005b410 LeaveCriticalSection
0x1005b418 LocalAlloc
0x1005b420 GlobalFlags
0x1005b428 WritePrivateProfileStringA
0x1005b430 FormatMessageA
0x1005b438 LocalFree
0x1005b440 MulDiv
0x1005b448 GlobalGetAtomNameA
0x1005b450 GlobalFindAtomA
0x1005b458 lstrcmpW
0x1005b460 GetVersionExA
0x1005b468 GlobalUnlock
0x1005b470 GlobalFree
0x1005b478 FreeResource
0x1005b480 GetCurrentProcessId
0x1005b488 SetLastError
0x1005b490 GlobalAddAtomA
0x1005b498 CloseHandle
0x1005b4a0 GetCurrentThread
0x1005b4a8 GetCurrentThreadId
0x1005b4b0 ConvertDefaultLocale
0x1005b4b8 EnumResourceLanguagesA
0x1005b4c0 GetModuleFileNameA
0x1005b4c8 GetLocaleInfoA
0x1005b4d0 LoadLibraryA
0x1005b4d8 GlobalLock
0x1005b4e0 lstrcmpA
0x1005b4e8 GlobalAlloc
0x1005b4f0 FreeLibrary
0x1005b4f8 GlobalDeleteAtom
0x1005b500 GetModuleHandleA
0x1005b508 GetProcAddress
0x1005b510 GetLastError
0x1005b518 lstrlenA
0x1005b520 CompareStringA
0x1005b528 CompareStringW
0x1005b530 MultiByteToWideChar
0x1005b538 GetVersion
0x1005b540 LoadResource
0x1005b548 LockResource
0x1005b550 SizeofResource
0x1005b558 FindResourceA
0x1005b560 WideCharToMultiByte
0x1005b568 LoadLibraryW
0x1005b570 ExitProcess
0x1005b578 VirtualAlloc
0x1005b580 RtlVirtualUnwind
USER32.dll
0x1005b628 CharNextA
0x1005b630 CopyAcceleratorTableA
0x1005b638 IsRectEmpty
0x1005b640 SetRect
0x1005b648 InvalidateRect
0x1005b650 InvalidateRgn
0x1005b658 GetNextDlgGroupItem
0x1005b660 MessageBeep
0x1005b668 UnregisterClassA
0x1005b670 RegisterClipboardFormatA
0x1005b678 PostThreadMessageA
0x1005b680 GetWindowDC
0x1005b688 ReleaseDC
0x1005b690 GetDC
0x1005b698 ClientToScreen
0x1005b6a0 GrayStringA
0x1005b6a8 DrawTextExA
0x1005b6b0 DrawTextA
0x1005b6b8 TabbedTextOutA
0x1005b6c0 DestroyMenu
0x1005b6c8 ShowWindow
0x1005b6d0 MoveWindow
0x1005b6d8 SetWindowTextA
0x1005b6e0 IsDialogMessageA
0x1005b6e8 GetDlgItemTextA
0x1005b6f0 RegisterWindowMessageA
0x1005b6f8 SendDlgItemMessageA
0x1005b700 WinHelpA
0x1005b708 IsChild
0x1005b710 GetCapture
0x1005b718 GetClassLongA
0x1005b720 GetClassNameA
0x1005b728 GetClassLongPtrA
0x1005b730 SetPropA
0x1005b738 GetPropA
0x1005b740 RemovePropA
0x1005b748 SetFocus
0x1005b750 GetSysColorBrush
0x1005b758 GetForegroundWindow
0x1005b760 GetTopWindow
0x1005b768 GetWindowLongPtrA
0x1005b770 SetWindowLongPtrA
0x1005b778 UnhookWindowsHookEx
0x1005b780 GetMessageTime
0x1005b788 GetMessagePos
0x1005b790 MapWindowPoints
0x1005b798 SetForegroundWindow
0x1005b7a0 UpdateWindow
0x1005b7a8 GetSubMenu
0x1005b7b0 GetMenuItemID
0x1005b7b8 GetMenuItemCount
0x1005b7c0 CreateWindowExA
0x1005b7c8 GetClassInfoExA
0x1005b7d0 GetClassInfoA
0x1005b7d8 RegisterClassA
0x1005b7e0 GetSysColor
0x1005b7e8 AdjustWindowRectEx
0x1005b7f0 EqualRect
0x1005b7f8 CopyRect
0x1005b800 PtInRect
0x1005b808 GetDlgCtrlID
0x1005b810 DefWindowProcA
0x1005b818 CallWindowProcA
0x1005b820 SetWindowLongA
0x1005b828 OffsetRect
0x1005b830 IntersectRect
0x1005b838 SystemParametersInfoA
0x1005b840 GetWindowPlacement
0x1005b848 GetWindowRect
0x1005b850 GetWindow
0x1005b858 SetWindowContextHelpId
0x1005b860 MapDialogRect
0x1005b868 SetWindowPos
0x1005b870 GetDesktopWindow
0x1005b878 SetActiveWindow
0x1005b880 CreateDialogIndirectParamA
0x1005b888 DestroyWindow
0x1005b890 IsWindow
0x1005b898 GetDlgItem
0x1005b8a0 GetNextDlgTabItem
0x1005b8a8 EndDialog
0x1005b8b0 GetWindowThreadProcessId
0x1005b8b8 GetWindowLongA
0x1005b8c0 GetLastActivePopup
0x1005b8c8 IsWindowEnabled
0x1005b8d0 MessageBoxA
0x1005b8d8 SetCursor
0x1005b8e0 SetWindowsHookExA
0x1005b8e8 CallNextHookEx
0x1005b8f0 GetMessageA
0x1005b8f8 TranslateMessage
0x1005b900 DispatchMessageA
0x1005b908 GetActiveWindow
0x1005b910 ReleaseCapture
0x1005b918 LoadCursorA
0x1005b920 SetCapture
0x1005b928 EndPaint
0x1005b930 GetWindowTextA
0x1005b938 BeginPaint
0x1005b940 IsWindowVisible
0x1005b948 GetKeyState
0x1005b950 PeekMessageA
0x1005b958 GetCursorPos
0x1005b960 ValidateRect
0x1005b968 SetMenuItemBitmaps
0x1005b970 GetMenuCheckMarkDimensions
0x1005b978 LoadBitmapA
0x1005b980 GetFocus
0x1005b988 GetParent
0x1005b990 ModifyMenuA
0x1005b998 GetMenuState
0x1005b9a0 EnableMenuItem
0x1005b9a8 CheckMenuItem
0x1005b9b0 PostMessageA
0x1005b9b8 PostQuitMessage
0x1005b9c0 CharUpperA
0x1005b9c8 EnableWindow
0x1005b9d0 IsIconic
0x1005b9d8 GetSystemMetrics
0x1005b9e0 GetClientRect
0x1005b9e8 DrawIcon
0x1005b9f0 GetSystemMenu
0x1005b9f8 AppendMenuA
0x1005ba00 SendMessageA
0x1005ba08 LoadIconA
0x1005ba10 GetMenu
GDI32.dll
0x1005b050 SetWindowExtEx
0x1005b058 ScaleWindowExtEx
0x1005b060 ExtSelectClipRgn
0x1005b068 DeleteDC
0x1005b070 GetStockObject
0x1005b078 GetDeviceCaps
0x1005b080 ScaleViewportExtEx
0x1005b088 GetBkColor
0x1005b090 GetTextColor
0x1005b098 CreateRectRgnIndirect
0x1005b0a0 GetRgnBox
0x1005b0a8 GetMapMode
0x1005b0b0 GetWindowExtEx
0x1005b0b8 GetViewportExtEx
0x1005b0c0 SetViewportExtEx
0x1005b0c8 OffsetViewportOrgEx
0x1005b0d0 SetViewportOrgEx
0x1005b0d8 SelectObject
0x1005b0e0 Escape
0x1005b0e8 TextOutA
0x1005b0f0 RectVisible
0x1005b0f8 SetBkColor
0x1005b100 SetTextColor
0x1005b108 GetClipBox
0x1005b110 CreateBitmap
0x1005b118 DeleteObject
0x1005b120 SetMapMode
0x1005b128 RestoreDC
0x1005b130 SaveDC
0x1005b138 ExtTextOutA
0x1005b140 GetObjectA
0x1005b148 PtVisible
comdlg32.dll
0x1005ba68 GetFileTitleA
WINSPOOL.DRV
0x1005ba20 OpenPrinterA
0x1005ba28 ClosePrinter
0x1005ba30 DocumentPropertiesA
ADVAPI32.dll
0x1005b000 RegSetValueExA
0x1005b008 RegCreateKeyExA
0x1005b010 RegQueryValueA
0x1005b018 RegOpenKeyA
0x1005b020 RegEnumKeyA
0x1005b028 RegDeleteKeyA
0x1005b030 RegOpenKeyExA
0x1005b038 RegQueryValueExA
0x1005b040 RegCloseKey
SHLWAPI.dll
0x1005b600 PathFindFileNameA
0x1005b608 PathStripToRootA
0x1005b610 PathFindExtensionA
0x1005b618 PathIsUNCA
oledlg.dll
0x1005baf8 None
ole32.dll
0x1005ba78 CreateILockBytesOnHGlobal
0x1005ba80 StgCreateDocfileOnILockBytes
0x1005ba88 StgOpenStorageOnILockBytes
0x1005ba90 CoGetClassObject
0x1005ba98 OleInitialize
0x1005baa0 OleUninitialize
0x1005baa8 CLSIDFromString
0x1005bab0 CLSIDFromProgID
0x1005bab8 CoTaskMemAlloc
0x1005bac0 CoTaskMemFree
0x1005bac8 CoRevokeClassObject
0x1005bad0 CoRegisterMessageFilter
0x1005bad8 OleFlushClipboard
0x1005bae0 CoFreeUnusedLibraries
0x1005bae8 OleIsCurrentClipboard
OLEAUT32.dll
0x1005b590 SysFreeString
0x1005b598 VariantCopy
0x1005b5a0 SysAllocString
0x1005b5a8 SafeArrayDestroy
0x1005b5b0 SystemTimeToVariantTime
0x1005b5b8 VariantTimeToSystemTime
0x1005b5c0 OleCreateFontIndirect
0x1005b5c8 SysAllocStringByteLen
0x1005b5d0 SysStringLen
0x1005b5d8 VariantInit
0x1005b5e0 VariantChangeType
0x1005b5e8 VariantClear
0x1005b5f0 SysAllocStringLen
EAT(Export Address Table) Library
0x10009580 DllRegisterServer
0x100095b0 P8KN6Ry3VDViGrYu4GbA8RiNq
WSOCK32.dll
0x1005ba40 inet_addr
0x1005ba48 WSACleanup
0x1005ba50 gethostbyname
0x1005ba58 WSAStartup
KERNEL32.dll
0x1005b158 FileTimeToLocalFileTime
0x1005b160 GetFileAttributesA
0x1005b168 GetFileTime
0x1005b170 GetTickCount
0x1005b178 RtlLookupFunctionEntry
0x1005b180 RtlUnwindEx
0x1005b188 RaiseException
0x1005b190 RtlPcToFileHeader
0x1005b198 HeapFree
0x1005b1a0 VirtualProtect
0x1005b1a8 GetSystemInfo
0x1005b1b0 VirtualQuery
0x1005b1b8 HeapAlloc
0x1005b1c0 HeapReAlloc
0x1005b1c8 FlsSetValue
0x1005b1d0 GetCommandLineA
0x1005b1d8 GetProcessHeap
0x1005b1e0 HeapSize
0x1005b1e8 FlsGetValue
0x1005b1f0 FlsFree
0x1005b1f8 FlsAlloc
0x1005b200 Sleep
0x1005b208 TerminateProcess
0x1005b210 UnhandledExceptionFilter
0x1005b218 SetUnhandledExceptionFilter
0x1005b220 IsDebuggerPresent
0x1005b228 RtlCaptureContext
0x1005b230 HeapSetInformation
0x1005b238 HeapCreate
0x1005b240 HeapDestroy
0x1005b248 GetStdHandle
0x1005b250 SetHandleCount
0x1005b258 GetFileType
0x1005b260 GetStartupInfoA
0x1005b268 FreeEnvironmentStringsA
0x1005b270 GetEnvironmentStrings
0x1005b278 FreeEnvironmentStringsW
0x1005b280 GetEnvironmentStringsW
0x1005b288 QueryPerformanceCounter
0x1005b290 GetSystemTimeAsFileTime
0x1005b298 GetACP
0x1005b2a0 GetStringTypeA
0x1005b2a8 GetStringTypeW
0x1005b2b0 GetTimeZoneInformation
0x1005b2b8 GetLocaleInfoW
0x1005b2c0 GetConsoleCP
0x1005b2c8 GetConsoleMode
0x1005b2d0 LCMapStringA
0x1005b2d8 LCMapStringW
0x1005b2e0 GetUserDefaultLCID
0x1005b2e8 EnumSystemLocalesA
0x1005b2f0 IsValidLocale
0x1005b2f8 IsValidCodePage
0x1005b300 SetStdHandle
0x1005b308 WriteConsoleA
0x1005b310 GetConsoleOutputCP
0x1005b318 WriteConsoleW
0x1005b320 SetEnvironmentVariableA
0x1005b328 FileTimeToSystemTime
0x1005b330 GetOEMCP
0x1005b338 GetCPInfo
0x1005b340 CreateFileA
0x1005b348 GetFullPathNameA
0x1005b350 GetVolumeInformationA
0x1005b358 FindFirstFileA
0x1005b360 FindClose
0x1005b368 GetCurrentProcess
0x1005b370 DuplicateHandle
0x1005b378 GetThreadLocale
0x1005b380 GetFileSize
0x1005b388 SetEndOfFile
0x1005b390 UnlockFile
0x1005b398 LockFile
0x1005b3a0 FlushFileBuffers
0x1005b3a8 SetFilePointer
0x1005b3b0 WriteFile
0x1005b3b8 ReadFile
0x1005b3c0 TlsFree
0x1005b3c8 DeleteCriticalSection
0x1005b3d0 LocalReAlloc
0x1005b3d8 TlsSetValue
0x1005b3e0 GlobalHandle
0x1005b3e8 GlobalReAlloc
0x1005b3f0 TlsAlloc
0x1005b3f8 InitializeCriticalSection
0x1005b400 EnterCriticalSection
0x1005b408 TlsGetValue
0x1005b410 LeaveCriticalSection
0x1005b418 LocalAlloc
0x1005b420 GlobalFlags
0x1005b428 WritePrivateProfileStringA
0x1005b430 FormatMessageA
0x1005b438 LocalFree
0x1005b440 MulDiv
0x1005b448 GlobalGetAtomNameA
0x1005b450 GlobalFindAtomA
0x1005b458 lstrcmpW
0x1005b460 GetVersionExA
0x1005b468 GlobalUnlock
0x1005b470 GlobalFree
0x1005b478 FreeResource
0x1005b480 GetCurrentProcessId
0x1005b488 SetLastError
0x1005b490 GlobalAddAtomA
0x1005b498 CloseHandle
0x1005b4a0 GetCurrentThread
0x1005b4a8 GetCurrentThreadId
0x1005b4b0 ConvertDefaultLocale
0x1005b4b8 EnumResourceLanguagesA
0x1005b4c0 GetModuleFileNameA
0x1005b4c8 GetLocaleInfoA
0x1005b4d0 LoadLibraryA
0x1005b4d8 GlobalLock
0x1005b4e0 lstrcmpA
0x1005b4e8 GlobalAlloc
0x1005b4f0 FreeLibrary
0x1005b4f8 GlobalDeleteAtom
0x1005b500 GetModuleHandleA
0x1005b508 GetProcAddress
0x1005b510 GetLastError
0x1005b518 lstrlenA
0x1005b520 CompareStringA
0x1005b528 CompareStringW
0x1005b530 MultiByteToWideChar
0x1005b538 GetVersion
0x1005b540 LoadResource
0x1005b548 LockResource
0x1005b550 SizeofResource
0x1005b558 FindResourceA
0x1005b560 WideCharToMultiByte
0x1005b568 LoadLibraryW
0x1005b570 ExitProcess
0x1005b578 VirtualAlloc
0x1005b580 RtlVirtualUnwind
USER32.dll
0x1005b628 CharNextA
0x1005b630 CopyAcceleratorTableA
0x1005b638 IsRectEmpty
0x1005b640 SetRect
0x1005b648 InvalidateRect
0x1005b650 InvalidateRgn
0x1005b658 GetNextDlgGroupItem
0x1005b660 MessageBeep
0x1005b668 UnregisterClassA
0x1005b670 RegisterClipboardFormatA
0x1005b678 PostThreadMessageA
0x1005b680 GetWindowDC
0x1005b688 ReleaseDC
0x1005b690 GetDC
0x1005b698 ClientToScreen
0x1005b6a0 GrayStringA
0x1005b6a8 DrawTextExA
0x1005b6b0 DrawTextA
0x1005b6b8 TabbedTextOutA
0x1005b6c0 DestroyMenu
0x1005b6c8 ShowWindow
0x1005b6d0 MoveWindow
0x1005b6d8 SetWindowTextA
0x1005b6e0 IsDialogMessageA
0x1005b6e8 GetDlgItemTextA
0x1005b6f0 RegisterWindowMessageA
0x1005b6f8 SendDlgItemMessageA
0x1005b700 WinHelpA
0x1005b708 IsChild
0x1005b710 GetCapture
0x1005b718 GetClassLongA
0x1005b720 GetClassNameA
0x1005b728 GetClassLongPtrA
0x1005b730 SetPropA
0x1005b738 GetPropA
0x1005b740 RemovePropA
0x1005b748 SetFocus
0x1005b750 GetSysColorBrush
0x1005b758 GetForegroundWindow
0x1005b760 GetTopWindow
0x1005b768 GetWindowLongPtrA
0x1005b770 SetWindowLongPtrA
0x1005b778 UnhookWindowsHookEx
0x1005b780 GetMessageTime
0x1005b788 GetMessagePos
0x1005b790 MapWindowPoints
0x1005b798 SetForegroundWindow
0x1005b7a0 UpdateWindow
0x1005b7a8 GetSubMenu
0x1005b7b0 GetMenuItemID
0x1005b7b8 GetMenuItemCount
0x1005b7c0 CreateWindowExA
0x1005b7c8 GetClassInfoExA
0x1005b7d0 GetClassInfoA
0x1005b7d8 RegisterClassA
0x1005b7e0 GetSysColor
0x1005b7e8 AdjustWindowRectEx
0x1005b7f0 EqualRect
0x1005b7f8 CopyRect
0x1005b800 PtInRect
0x1005b808 GetDlgCtrlID
0x1005b810 DefWindowProcA
0x1005b818 CallWindowProcA
0x1005b820 SetWindowLongA
0x1005b828 OffsetRect
0x1005b830 IntersectRect
0x1005b838 SystemParametersInfoA
0x1005b840 GetWindowPlacement
0x1005b848 GetWindowRect
0x1005b850 GetWindow
0x1005b858 SetWindowContextHelpId
0x1005b860 MapDialogRect
0x1005b868 SetWindowPos
0x1005b870 GetDesktopWindow
0x1005b878 SetActiveWindow
0x1005b880 CreateDialogIndirectParamA
0x1005b888 DestroyWindow
0x1005b890 IsWindow
0x1005b898 GetDlgItem
0x1005b8a0 GetNextDlgTabItem
0x1005b8a8 EndDialog
0x1005b8b0 GetWindowThreadProcessId
0x1005b8b8 GetWindowLongA
0x1005b8c0 GetLastActivePopup
0x1005b8c8 IsWindowEnabled
0x1005b8d0 MessageBoxA
0x1005b8d8 SetCursor
0x1005b8e0 SetWindowsHookExA
0x1005b8e8 CallNextHookEx
0x1005b8f0 GetMessageA
0x1005b8f8 TranslateMessage
0x1005b900 DispatchMessageA
0x1005b908 GetActiveWindow
0x1005b910 ReleaseCapture
0x1005b918 LoadCursorA
0x1005b920 SetCapture
0x1005b928 EndPaint
0x1005b930 GetWindowTextA
0x1005b938 BeginPaint
0x1005b940 IsWindowVisible
0x1005b948 GetKeyState
0x1005b950 PeekMessageA
0x1005b958 GetCursorPos
0x1005b960 ValidateRect
0x1005b968 SetMenuItemBitmaps
0x1005b970 GetMenuCheckMarkDimensions
0x1005b978 LoadBitmapA
0x1005b980 GetFocus
0x1005b988 GetParent
0x1005b990 ModifyMenuA
0x1005b998 GetMenuState
0x1005b9a0 EnableMenuItem
0x1005b9a8 CheckMenuItem
0x1005b9b0 PostMessageA
0x1005b9b8 PostQuitMessage
0x1005b9c0 CharUpperA
0x1005b9c8 EnableWindow
0x1005b9d0 IsIconic
0x1005b9d8 GetSystemMetrics
0x1005b9e0 GetClientRect
0x1005b9e8 DrawIcon
0x1005b9f0 GetSystemMenu
0x1005b9f8 AppendMenuA
0x1005ba00 SendMessageA
0x1005ba08 LoadIconA
0x1005ba10 GetMenu
GDI32.dll
0x1005b050 SetWindowExtEx
0x1005b058 ScaleWindowExtEx
0x1005b060 ExtSelectClipRgn
0x1005b068 DeleteDC
0x1005b070 GetStockObject
0x1005b078 GetDeviceCaps
0x1005b080 ScaleViewportExtEx
0x1005b088 GetBkColor
0x1005b090 GetTextColor
0x1005b098 CreateRectRgnIndirect
0x1005b0a0 GetRgnBox
0x1005b0a8 GetMapMode
0x1005b0b0 GetWindowExtEx
0x1005b0b8 GetViewportExtEx
0x1005b0c0 SetViewportExtEx
0x1005b0c8 OffsetViewportOrgEx
0x1005b0d0 SetViewportOrgEx
0x1005b0d8 SelectObject
0x1005b0e0 Escape
0x1005b0e8 TextOutA
0x1005b0f0 RectVisible
0x1005b0f8 SetBkColor
0x1005b100 SetTextColor
0x1005b108 GetClipBox
0x1005b110 CreateBitmap
0x1005b118 DeleteObject
0x1005b120 SetMapMode
0x1005b128 RestoreDC
0x1005b130 SaveDC
0x1005b138 ExtTextOutA
0x1005b140 GetObjectA
0x1005b148 PtVisible
comdlg32.dll
0x1005ba68 GetFileTitleA
WINSPOOL.DRV
0x1005ba20 OpenPrinterA
0x1005ba28 ClosePrinter
0x1005ba30 DocumentPropertiesA
ADVAPI32.dll
0x1005b000 RegSetValueExA
0x1005b008 RegCreateKeyExA
0x1005b010 RegQueryValueA
0x1005b018 RegOpenKeyA
0x1005b020 RegEnumKeyA
0x1005b028 RegDeleteKeyA
0x1005b030 RegOpenKeyExA
0x1005b038 RegQueryValueExA
0x1005b040 RegCloseKey
SHLWAPI.dll
0x1005b600 PathFindFileNameA
0x1005b608 PathStripToRootA
0x1005b610 PathFindExtensionA
0x1005b618 PathIsUNCA
oledlg.dll
0x1005baf8 None
ole32.dll
0x1005ba78 CreateILockBytesOnHGlobal
0x1005ba80 StgCreateDocfileOnILockBytes
0x1005ba88 StgOpenStorageOnILockBytes
0x1005ba90 CoGetClassObject
0x1005ba98 OleInitialize
0x1005baa0 OleUninitialize
0x1005baa8 CLSIDFromString
0x1005bab0 CLSIDFromProgID
0x1005bab8 CoTaskMemAlloc
0x1005bac0 CoTaskMemFree
0x1005bac8 CoRevokeClassObject
0x1005bad0 CoRegisterMessageFilter
0x1005bad8 OleFlushClipboard
0x1005bae0 CoFreeUnusedLibraries
0x1005bae8 OleIsCurrentClipboard
OLEAUT32.dll
0x1005b590 SysFreeString
0x1005b598 VariantCopy
0x1005b5a0 SysAllocString
0x1005b5a8 SafeArrayDestroy
0x1005b5b0 SystemTimeToVariantTime
0x1005b5b8 VariantTimeToSystemTime
0x1005b5c0 OleCreateFontIndirect
0x1005b5c8 SysAllocStringByteLen
0x1005b5d0 SysStringLen
0x1005b5d8 VariantInit
0x1005b5e0 VariantChangeType
0x1005b5e8 VariantClear
0x1005b5f0 SysAllocStringLen
EAT(Export Address Table) Library
0x10009580 DllRegisterServer
0x100095b0 P8KN6Ry3VDViGrYu4GbA8RiNq