ScreenShot
| Created | 2022.05.24 18:30 | Machine | s1_win7_x6403 |
| Filename | c7crGdejW4380ORuxqR | ||
| Type | PE32+ executable (DLL) (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 8 detected (malicious, high confidence, Emotet, clud, score, YzY0OvHcOOZrZiMm, 7E7K) | ||
| md5 | d5e9618a54167e7ad174deee219e51a1 | ||
| sha256 | 90147b9c27ddb127d6ec28a45f90d2e474720f0d9a7fd14e4b0a5c60f70b5055 | ||
| ssdeep | 24576:F16TffbuFta+9ZeTKu72muEnESFZqnUZ:+ffSFtBYTKuf8U | ||
| imphash | 798e6079d39138e42206393ec3b9626d | ||
| impfuzzy | 192:fElfl+V4dS9VxtVU6/OXtkcPcwcQKMaPMzPOQw:wN+V4Mkea/oMzPOQw | ||
Network IP location
Signature (16cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| warning | Generates some ICMP traffic |
| watch | Attempts to remove evidence of file being downloaded from the Internet |
| watch | Communicates with host for which no DNS query was performed |
| watch | Created a service where a service was also not started |
| watch | Installs itself for autorun at Windows startup |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates a suspicious process |
| notice | Expresses interest in specific running processes |
| notice | File has been identified by 8 AntiVirus engines on VirusTotal as malicious |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (15cnts) ?
Suricata ids
ET INFO TLS Handshake Failure
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET CNC Feodo Tracker Reported CnC Server group 13
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET CNC Feodo Tracker Reported CnC Server group 13
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x10055158 GetFileTime
0x10055160 HeapFree
0x10055168 HeapAlloc
0x10055170 HeapReAlloc
0x10055178 FlsSetValue
0x10055180 GetCommandLineA
0x10055188 GetProcessHeap
0x10055190 VirtualProtect
0x10055198 GetSystemInfo
0x100551a0 VirtualQuery
0x100551a8 RtlLookupFunctionEntry
0x100551b0 RtlUnwindEx
0x100551b8 RtlPcToFileHeader
0x100551c0 HeapSize
0x100551c8 TerminateProcess
0x100551d0 UnhandledExceptionFilter
0x100551d8 SetUnhandledExceptionFilter
0x100551e0 IsDebuggerPresent
0x100551e8 RtlVirtualUnwind
0x100551f0 RtlCaptureContext
0x100551f8 FlsGetValue
0x10055200 FlsFree
0x10055208 FlsAlloc
0x10055210 Sleep
0x10055218 GetTimeZoneInformation
0x10055220 HeapSetInformation
0x10055228 HeapCreate
0x10055230 HeapDestroy
0x10055238 GetStdHandle
0x10055240 GetModuleFileNameA
0x10055248 GetFileAttributesW
0x10055250 GetACP
0x10055258 GetOEMCP
0x10055260 GetDateFormatA
0x10055268 GetTimeFormatA
0x10055270 SetHandleCount
0x10055278 GetFileType
0x10055280 GetStartupInfoA
0x10055288 FreeEnvironmentStringsA
0x10055290 GetEnvironmentStrings
0x10055298 FreeEnvironmentStringsW
0x100552a0 GetEnvironmentStringsW
0x100552a8 QueryPerformanceCounter
0x100552b0 GetSystemTimeAsFileTime
0x100552b8 GetConsoleCP
0x100552c0 GetConsoleMode
0x100552c8 LCMapStringA
0x100552d0 LCMapStringW
0x100552d8 GetStringTypeA
0x100552e0 GetStringTypeW
0x100552e8 GetLocaleInfoA
0x100552f0 SetStdHandle
0x100552f8 WriteConsoleA
0x10055300 GetConsoleOutputCP
0x10055308 WriteConsoleW
0x10055310 SetEnvironmentVariableA
0x10055318 CreateFileA
0x10055320 GetTickCount
0x10055328 lstrlenA
0x10055330 CreateFileW
0x10055338 GetFullPathNameW
0x10055340 GetVolumeInformationW
0x10055348 GetCurrentProcess
0x10055350 DuplicateHandle
0x10055358 GetFileSize
0x10055360 SetEndOfFile
0x10055368 UnlockFile
0x10055370 LockFile
0x10055378 FlushFileBuffers
0x10055380 SetFilePointer
0x10055388 WriteFile
0x10055390 ReadFile
0x10055398 TlsFree
0x100553a0 LocalReAlloc
0x100553a8 TlsSetValue
0x100553b0 GlobalHandle
0x100553b8 GlobalReAlloc
0x100553c0 TlsAlloc
0x100553c8 TlsGetValue
0x100553d0 LocalAlloc
0x100553d8 WritePrivateProfileStringW
0x100553e0 GetThreadLocale
0x100553e8 GlobalFlags
0x100553f0 EnterCriticalSection
0x100553f8 LeaveCriticalSection
0x10055400 DeleteCriticalSection
0x10055408 InitializeCriticalSection
0x10055410 GlobalFindAtomW
0x10055418 CompareStringW
0x10055420 LoadLibraryA
0x10055428 GetVersionExA
0x10055430 FormatMessageW
0x10055438 LocalFree
0x10055440 MulDiv
0x10055448 GetModuleHandleA
0x10055450 GlobalUnlock
0x10055458 CloseHandle
0x10055460 FreeResource
0x10055468 GlobalFree
0x10055470 GlobalAddAtomW
0x10055478 GetCurrentProcessId
0x10055480 GetLastError
0x10055488 SetLastError
0x10055490 GetCurrentThread
0x10055498 GetCurrentThreadId
0x100554a0 ConvertDefaultLocale
0x100554a8 GetVersion
0x100554b0 EnumResourceLanguagesW
0x100554b8 lstrcmpA
0x100554c0 GetLocaleInfoW
0x100554c8 LoadLibraryW
0x100554d0 WideCharToMultiByte
0x100554d8 CompareStringA
0x100554e0 MultiByteToWideChar
0x100554e8 GlobalLock
0x100554f0 lstrcmpW
0x100554f8 GlobalAlloc
0x10055500 FreeLibrary
0x10055508 GlobalDeleteAtom
0x10055510 GetModuleHandleW
0x10055518 GetProcAddress
0x10055520 GetModuleFileNameW
0x10055528 lstrlenW
0x10055530 RaiseException
0x10055538 FileTimeToLocalFileTime
0x10055540 FindNextFileW
0x10055548 SetCurrentDirectoryW
0x10055550 LockResource
0x10055558 FindClose
0x10055560 VirtualAlloc
0x10055568 GetCurrentDirectoryW
0x10055570 FileTimeToSystemTime
0x10055578 SizeofResource
0x10055580 LoadResource
0x10055588 FindResourceW
0x10055590 FindFirstFileW
0x10055598 GetCPInfo
0x100555a0 ExitProcess
USER32.dll
0x10055698 PostThreadMessageW
0x100556a0 InvalidateRect
0x100556a8 SetRect
0x100556b0 IsRectEmpty
0x100556b8 CopyAcceleratorTableW
0x100556c0 LoadCursorW
0x100556c8 GetSysColorBrush
0x100556d0 ShowWindow
0x100556d8 MoveWindow
0x100556e0 SetWindowTextW
0x100556e8 IsDialogMessageW
0x100556f0 SendDlgItemMessageA
0x100556f8 SendDlgItemMessageW
0x10055700 WinHelpW
0x10055708 IsChild
0x10055710 GetCapture
0x10055718 GetClassNameW
0x10055720 GetClassLongPtrW
0x10055728 SetPropW
0x10055730 GetPropW
0x10055738 RemovePropW
0x10055740 SetFocus
0x10055748 GetWindowTextW
0x10055750 GetForegroundWindow
0x10055758 GetTopWindow
0x10055760 GetWindowLongPtrW
0x10055768 SetWindowLongPtrW
0x10055770 GetMessageTime
0x10055778 GetMessagePos
0x10055780 MapWindowPoints
0x10055788 TrackPopupMenu
0x10055790 SetForegroundWindow
0x10055798 UpdateWindow
0x100557a0 GetMenu
0x100557a8 CreateWindowExW
0x100557b0 GetClassInfoExW
0x100557b8 GetClassInfoW
0x100557c0 RegisterClassW
0x100557c8 AdjustWindowRectEx
0x100557d0 EqualRect
0x100557d8 GetDlgCtrlID
0x100557e0 DefWindowProcW
0x100557e8 CallWindowProcW
0x100557f0 SetWindowLongW
0x100557f8 OffsetRect
0x10055800 IntersectRect
0x10055808 SystemParametersInfoA
0x10055810 GetWindowPlacement
0x10055818 GetWindowRect
0x10055820 DestroyMenu
0x10055828 CopyRect
0x10055830 GetMenuItemID
0x10055838 GetMenuItemCount
0x10055840 UnhookWindowsHookEx
0x10055848 GetSysColor
0x10055850 EndPaint
0x10055858 BeginPaint
0x10055860 GetWindowDC
0x10055868 ReleaseDC
0x10055870 GetDC
0x10055878 ClientToScreen
0x10055880 GrayStringW
0x10055888 DrawTextExW
0x10055890 DrawTextW
0x10055898 TabbedTextOutW
0x100558a0 GetDesktopWindow
0x100558a8 SetActiveWindow
0x100558b0 CreateDialogIndirectParamW
0x100558b8 DestroyWindow
0x100558c0 IsWindow
0x100558c8 GetDlgItem
0x100558d0 GetNextDlgTabItem
0x100558d8 EndDialog
0x100558e0 SetWindowsHookExW
0x100558e8 CallNextHookEx
0x100558f0 GetMessageW
0x100558f8 TranslateMessage
0x10055900 DispatchMessageW
0x10055908 GetActiveWindow
0x10055910 IsWindowVisible
0x10055918 GetKeyState
0x10055920 RegisterClipboardFormatW
0x10055928 MessageBeep
0x10055930 GetNextDlgGroupItem
0x10055938 CharUpperW
0x10055940 CharNextW
0x10055948 ReleaseCapture
0x10055950 SetCapture
0x10055958 InvalidateRgn
0x10055960 PeekMessageW
0x10055968 GetCursorPos
0x10055970 ValidateRect
0x10055978 GetWindow
0x10055980 SetWindowContextHelpId
0x10055988 MapDialogRect
0x10055990 SetWindowPos
0x10055998 GetWindowThreadProcessId
0x100559a0 GetWindowLongW
0x100559a8 GetLastActivePopup
0x100559b0 IsWindowEnabled
0x100559b8 MessageBoxW
0x100559c0 SetCursor
0x100559c8 PostQuitMessage
0x100559d0 RegisterWindowMessageW
0x100559d8 PostMessageW
0x100559e0 SetMenuItemBitmaps
0x100559e8 GetMenuCheckMarkDimensions
0x100559f0 LoadBitmapW
0x100559f8 GetFocus
0x10055a00 GetParent
0x10055a08 ModifyMenuW
0x10055a10 GetMenuState
0x10055a18 CheckMenuItem
0x10055a20 GetSystemMenu
0x10055a28 IsIconic
0x10055a30 GetSubMenu
0x10055a38 DrawIcon
0x10055a40 GetClientRect
0x10055a48 LoadIconW
0x10055a50 LoadMenuW
0x10055a58 AppendMenuW
0x10055a60 EnableMenuItem
0x10055a68 GetSystemMetrics
0x10055a70 SendMessageW
0x10055a78 EnableWindow
0x10055a80 PtInRect
0x10055a88 UnregisterClassA
GDI32.dll
0x10055050 SetViewportExtEx
0x10055058 GetStockObject
0x10055060 GetDeviceCaps
0x10055068 GetRgnBox
0x10055070 GetBkColor
0x10055078 GetTextColor
0x10055080 GetMapMode
0x10055088 OffsetViewportOrgEx
0x10055090 SetViewportOrgEx
0x10055098 SelectObject
0x100550a0 Escape
0x100550a8 ExtTextOutW
0x100550b0 TextOutW
0x100550b8 DeleteDC
0x100550c0 ExtSelectClipRgn
0x100550c8 ScaleWindowExtEx
0x100550d0 SetWindowExtEx
0x100550d8 CreateRectRgnIndirect
0x100550e0 CreateBitmap
0x100550e8 RectVisible
0x100550f0 PtVisible
0x100550f8 GetWindowExtEx
0x10055100 GetViewportExtEx
0x10055108 GetObjectW
0x10055110 DeleteObject
0x10055118 GetClipBox
0x10055120 SetMapMode
0x10055128 SetTextColor
0x10055130 SetBkColor
0x10055138 RestoreDC
0x10055140 SaveDC
0x10055148 ScaleViewportExtEx
comdlg32.dll
0x10055ab8 GetFileTitleW
WINSPOOL.DRV
0x10055a98 DocumentPropertiesW
0x10055aa0 OpenPrinterW
0x10055aa8 ClosePrinter
ADVAPI32.dll
0x10055000 RegSetValueExW
0x10055008 RegCreateKeyExW
0x10055010 RegQueryValueW
0x10055018 RegOpenKeyW
0x10055020 RegEnumKeyW
0x10055028 RegDeleteKeyW
0x10055030 RegOpenKeyExW
0x10055038 RegQueryValueExW
0x10055040 RegCloseKey
SHELL32.dll
0x10055648 SHGetMalloc
0x10055650 ShellExecuteW
0x10055658 SHGetPathFromIDListW
0x10055660 SHBrowseForFolderW
SHLWAPI.dll
0x10055670 PathFindFileNameW
0x10055678 PathStripToRootW
0x10055680 PathFindExtensionW
0x10055688 PathIsUNCW
oledlg.dll
0x10055b50 OleUIBusyW
ole32.dll
0x10055ac8 OleInitialize
0x10055ad0 CoFreeUnusedLibraries
0x10055ad8 OleUninitialize
0x10055ae0 CreateILockBytesOnHGlobal
0x10055ae8 StgCreateDocfileOnILockBytes
0x10055af0 StgOpenStorageOnILockBytes
0x10055af8 CoGetClassObject
0x10055b00 CoRevokeClassObject
0x10055b08 CLSIDFromString
0x10055b10 CLSIDFromProgID
0x10055b18 CoTaskMemAlloc
0x10055b20 CoTaskMemFree
0x10055b28 CoLoadLibrary
0x10055b30 OleIsCurrentClipboard
0x10055b38 OleFlushClipboard
0x10055b40 CoRegisterMessageFilter
OLEAUT32.dll
0x100555b0 OleCreateFontIndirect
0x100555b8 SystemTimeToVariantTime
0x100555c0 VariantTimeToSystemTime
0x100555c8 SafeArrayDestroy
0x100555d0 SafeArrayCreate
0x100555d8 SafeArrayGetElemsize
0x100555e0 SafeArrayAccessData
0x100555e8 SafeArrayUnaccessData
0x100555f0 SysStringLen
0x100555f8 LoadRegTypeLib
0x10055600 DispCallFunc
0x10055608 SysAllocStringLen
0x10055610 VariantChangeType
0x10055618 VariantCopy
0x10055620 VariantClear
0x10055628 VariantInit
0x10055630 SysAllocString
0x10055638 SysFreeString
EAT(Export Address Table) Library
0x10007a60 DllRegisterServer
KERNEL32.dll
0x10055158 GetFileTime
0x10055160 HeapFree
0x10055168 HeapAlloc
0x10055170 HeapReAlloc
0x10055178 FlsSetValue
0x10055180 GetCommandLineA
0x10055188 GetProcessHeap
0x10055190 VirtualProtect
0x10055198 GetSystemInfo
0x100551a0 VirtualQuery
0x100551a8 RtlLookupFunctionEntry
0x100551b0 RtlUnwindEx
0x100551b8 RtlPcToFileHeader
0x100551c0 HeapSize
0x100551c8 TerminateProcess
0x100551d0 UnhandledExceptionFilter
0x100551d8 SetUnhandledExceptionFilter
0x100551e0 IsDebuggerPresent
0x100551e8 RtlVirtualUnwind
0x100551f0 RtlCaptureContext
0x100551f8 FlsGetValue
0x10055200 FlsFree
0x10055208 FlsAlloc
0x10055210 Sleep
0x10055218 GetTimeZoneInformation
0x10055220 HeapSetInformation
0x10055228 HeapCreate
0x10055230 HeapDestroy
0x10055238 GetStdHandle
0x10055240 GetModuleFileNameA
0x10055248 GetFileAttributesW
0x10055250 GetACP
0x10055258 GetOEMCP
0x10055260 GetDateFormatA
0x10055268 GetTimeFormatA
0x10055270 SetHandleCount
0x10055278 GetFileType
0x10055280 GetStartupInfoA
0x10055288 FreeEnvironmentStringsA
0x10055290 GetEnvironmentStrings
0x10055298 FreeEnvironmentStringsW
0x100552a0 GetEnvironmentStringsW
0x100552a8 QueryPerformanceCounter
0x100552b0 GetSystemTimeAsFileTime
0x100552b8 GetConsoleCP
0x100552c0 GetConsoleMode
0x100552c8 LCMapStringA
0x100552d0 LCMapStringW
0x100552d8 GetStringTypeA
0x100552e0 GetStringTypeW
0x100552e8 GetLocaleInfoA
0x100552f0 SetStdHandle
0x100552f8 WriteConsoleA
0x10055300 GetConsoleOutputCP
0x10055308 WriteConsoleW
0x10055310 SetEnvironmentVariableA
0x10055318 CreateFileA
0x10055320 GetTickCount
0x10055328 lstrlenA
0x10055330 CreateFileW
0x10055338 GetFullPathNameW
0x10055340 GetVolumeInformationW
0x10055348 GetCurrentProcess
0x10055350 DuplicateHandle
0x10055358 GetFileSize
0x10055360 SetEndOfFile
0x10055368 UnlockFile
0x10055370 LockFile
0x10055378 FlushFileBuffers
0x10055380 SetFilePointer
0x10055388 WriteFile
0x10055390 ReadFile
0x10055398 TlsFree
0x100553a0 LocalReAlloc
0x100553a8 TlsSetValue
0x100553b0 GlobalHandle
0x100553b8 GlobalReAlloc
0x100553c0 TlsAlloc
0x100553c8 TlsGetValue
0x100553d0 LocalAlloc
0x100553d8 WritePrivateProfileStringW
0x100553e0 GetThreadLocale
0x100553e8 GlobalFlags
0x100553f0 EnterCriticalSection
0x100553f8 LeaveCriticalSection
0x10055400 DeleteCriticalSection
0x10055408 InitializeCriticalSection
0x10055410 GlobalFindAtomW
0x10055418 CompareStringW
0x10055420 LoadLibraryA
0x10055428 GetVersionExA
0x10055430 FormatMessageW
0x10055438 LocalFree
0x10055440 MulDiv
0x10055448 GetModuleHandleA
0x10055450 GlobalUnlock
0x10055458 CloseHandle
0x10055460 FreeResource
0x10055468 GlobalFree
0x10055470 GlobalAddAtomW
0x10055478 GetCurrentProcessId
0x10055480 GetLastError
0x10055488 SetLastError
0x10055490 GetCurrentThread
0x10055498 GetCurrentThreadId
0x100554a0 ConvertDefaultLocale
0x100554a8 GetVersion
0x100554b0 EnumResourceLanguagesW
0x100554b8 lstrcmpA
0x100554c0 GetLocaleInfoW
0x100554c8 LoadLibraryW
0x100554d0 WideCharToMultiByte
0x100554d8 CompareStringA
0x100554e0 MultiByteToWideChar
0x100554e8 GlobalLock
0x100554f0 lstrcmpW
0x100554f8 GlobalAlloc
0x10055500 FreeLibrary
0x10055508 GlobalDeleteAtom
0x10055510 GetModuleHandleW
0x10055518 GetProcAddress
0x10055520 GetModuleFileNameW
0x10055528 lstrlenW
0x10055530 RaiseException
0x10055538 FileTimeToLocalFileTime
0x10055540 FindNextFileW
0x10055548 SetCurrentDirectoryW
0x10055550 LockResource
0x10055558 FindClose
0x10055560 VirtualAlloc
0x10055568 GetCurrentDirectoryW
0x10055570 FileTimeToSystemTime
0x10055578 SizeofResource
0x10055580 LoadResource
0x10055588 FindResourceW
0x10055590 FindFirstFileW
0x10055598 GetCPInfo
0x100555a0 ExitProcess
USER32.dll
0x10055698 PostThreadMessageW
0x100556a0 InvalidateRect
0x100556a8 SetRect
0x100556b0 IsRectEmpty
0x100556b8 CopyAcceleratorTableW
0x100556c0 LoadCursorW
0x100556c8 GetSysColorBrush
0x100556d0 ShowWindow
0x100556d8 MoveWindow
0x100556e0 SetWindowTextW
0x100556e8 IsDialogMessageW
0x100556f0 SendDlgItemMessageA
0x100556f8 SendDlgItemMessageW
0x10055700 WinHelpW
0x10055708 IsChild
0x10055710 GetCapture
0x10055718 GetClassNameW
0x10055720 GetClassLongPtrW
0x10055728 SetPropW
0x10055730 GetPropW
0x10055738 RemovePropW
0x10055740 SetFocus
0x10055748 GetWindowTextW
0x10055750 GetForegroundWindow
0x10055758 GetTopWindow
0x10055760 GetWindowLongPtrW
0x10055768 SetWindowLongPtrW
0x10055770 GetMessageTime
0x10055778 GetMessagePos
0x10055780 MapWindowPoints
0x10055788 TrackPopupMenu
0x10055790 SetForegroundWindow
0x10055798 UpdateWindow
0x100557a0 GetMenu
0x100557a8 CreateWindowExW
0x100557b0 GetClassInfoExW
0x100557b8 GetClassInfoW
0x100557c0 RegisterClassW
0x100557c8 AdjustWindowRectEx
0x100557d0 EqualRect
0x100557d8 GetDlgCtrlID
0x100557e0 DefWindowProcW
0x100557e8 CallWindowProcW
0x100557f0 SetWindowLongW
0x100557f8 OffsetRect
0x10055800 IntersectRect
0x10055808 SystemParametersInfoA
0x10055810 GetWindowPlacement
0x10055818 GetWindowRect
0x10055820 DestroyMenu
0x10055828 CopyRect
0x10055830 GetMenuItemID
0x10055838 GetMenuItemCount
0x10055840 UnhookWindowsHookEx
0x10055848 GetSysColor
0x10055850 EndPaint
0x10055858 BeginPaint
0x10055860 GetWindowDC
0x10055868 ReleaseDC
0x10055870 GetDC
0x10055878 ClientToScreen
0x10055880 GrayStringW
0x10055888 DrawTextExW
0x10055890 DrawTextW
0x10055898 TabbedTextOutW
0x100558a0 GetDesktopWindow
0x100558a8 SetActiveWindow
0x100558b0 CreateDialogIndirectParamW
0x100558b8 DestroyWindow
0x100558c0 IsWindow
0x100558c8 GetDlgItem
0x100558d0 GetNextDlgTabItem
0x100558d8 EndDialog
0x100558e0 SetWindowsHookExW
0x100558e8 CallNextHookEx
0x100558f0 GetMessageW
0x100558f8 TranslateMessage
0x10055900 DispatchMessageW
0x10055908 GetActiveWindow
0x10055910 IsWindowVisible
0x10055918 GetKeyState
0x10055920 RegisterClipboardFormatW
0x10055928 MessageBeep
0x10055930 GetNextDlgGroupItem
0x10055938 CharUpperW
0x10055940 CharNextW
0x10055948 ReleaseCapture
0x10055950 SetCapture
0x10055958 InvalidateRgn
0x10055960 PeekMessageW
0x10055968 GetCursorPos
0x10055970 ValidateRect
0x10055978 GetWindow
0x10055980 SetWindowContextHelpId
0x10055988 MapDialogRect
0x10055990 SetWindowPos
0x10055998 GetWindowThreadProcessId
0x100559a0 GetWindowLongW
0x100559a8 GetLastActivePopup
0x100559b0 IsWindowEnabled
0x100559b8 MessageBoxW
0x100559c0 SetCursor
0x100559c8 PostQuitMessage
0x100559d0 RegisterWindowMessageW
0x100559d8 PostMessageW
0x100559e0 SetMenuItemBitmaps
0x100559e8 GetMenuCheckMarkDimensions
0x100559f0 LoadBitmapW
0x100559f8 GetFocus
0x10055a00 GetParent
0x10055a08 ModifyMenuW
0x10055a10 GetMenuState
0x10055a18 CheckMenuItem
0x10055a20 GetSystemMenu
0x10055a28 IsIconic
0x10055a30 GetSubMenu
0x10055a38 DrawIcon
0x10055a40 GetClientRect
0x10055a48 LoadIconW
0x10055a50 LoadMenuW
0x10055a58 AppendMenuW
0x10055a60 EnableMenuItem
0x10055a68 GetSystemMetrics
0x10055a70 SendMessageW
0x10055a78 EnableWindow
0x10055a80 PtInRect
0x10055a88 UnregisterClassA
GDI32.dll
0x10055050 SetViewportExtEx
0x10055058 GetStockObject
0x10055060 GetDeviceCaps
0x10055068 GetRgnBox
0x10055070 GetBkColor
0x10055078 GetTextColor
0x10055080 GetMapMode
0x10055088 OffsetViewportOrgEx
0x10055090 SetViewportOrgEx
0x10055098 SelectObject
0x100550a0 Escape
0x100550a8 ExtTextOutW
0x100550b0 TextOutW
0x100550b8 DeleteDC
0x100550c0 ExtSelectClipRgn
0x100550c8 ScaleWindowExtEx
0x100550d0 SetWindowExtEx
0x100550d8 CreateRectRgnIndirect
0x100550e0 CreateBitmap
0x100550e8 RectVisible
0x100550f0 PtVisible
0x100550f8 GetWindowExtEx
0x10055100 GetViewportExtEx
0x10055108 GetObjectW
0x10055110 DeleteObject
0x10055118 GetClipBox
0x10055120 SetMapMode
0x10055128 SetTextColor
0x10055130 SetBkColor
0x10055138 RestoreDC
0x10055140 SaveDC
0x10055148 ScaleViewportExtEx
comdlg32.dll
0x10055ab8 GetFileTitleW
WINSPOOL.DRV
0x10055a98 DocumentPropertiesW
0x10055aa0 OpenPrinterW
0x10055aa8 ClosePrinter
ADVAPI32.dll
0x10055000 RegSetValueExW
0x10055008 RegCreateKeyExW
0x10055010 RegQueryValueW
0x10055018 RegOpenKeyW
0x10055020 RegEnumKeyW
0x10055028 RegDeleteKeyW
0x10055030 RegOpenKeyExW
0x10055038 RegQueryValueExW
0x10055040 RegCloseKey
SHELL32.dll
0x10055648 SHGetMalloc
0x10055650 ShellExecuteW
0x10055658 SHGetPathFromIDListW
0x10055660 SHBrowseForFolderW
SHLWAPI.dll
0x10055670 PathFindFileNameW
0x10055678 PathStripToRootW
0x10055680 PathFindExtensionW
0x10055688 PathIsUNCW
oledlg.dll
0x10055b50 OleUIBusyW
ole32.dll
0x10055ac8 OleInitialize
0x10055ad0 CoFreeUnusedLibraries
0x10055ad8 OleUninitialize
0x10055ae0 CreateILockBytesOnHGlobal
0x10055ae8 StgCreateDocfileOnILockBytes
0x10055af0 StgOpenStorageOnILockBytes
0x10055af8 CoGetClassObject
0x10055b00 CoRevokeClassObject
0x10055b08 CLSIDFromString
0x10055b10 CLSIDFromProgID
0x10055b18 CoTaskMemAlloc
0x10055b20 CoTaskMemFree
0x10055b28 CoLoadLibrary
0x10055b30 OleIsCurrentClipboard
0x10055b38 OleFlushClipboard
0x10055b40 CoRegisterMessageFilter
OLEAUT32.dll
0x100555b0 OleCreateFontIndirect
0x100555b8 SystemTimeToVariantTime
0x100555c0 VariantTimeToSystemTime
0x100555c8 SafeArrayDestroy
0x100555d0 SafeArrayCreate
0x100555d8 SafeArrayGetElemsize
0x100555e0 SafeArrayAccessData
0x100555e8 SafeArrayUnaccessData
0x100555f0 SysStringLen
0x100555f8 LoadRegTypeLib
0x10055600 DispCallFunc
0x10055608 SysAllocStringLen
0x10055610 VariantChangeType
0x10055618 VariantCopy
0x10055620 VariantClear
0x10055628 VariantInit
0x10055630 SysAllocString
0x10055638 SysFreeString
EAT(Export Address Table) Library
0x10007a60 DllRegisterServer