ScreenShot
| Created | 2022.05.24 18:36 | Machine | s1_win7_x6403 |
| Filename | vbc.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 18 detected (AIDetect, malware2, malicious, moderate confidence, Artemis, confidence, ZelphiF, @GW@aqrQ4Wki, MalPbs, gen1, RATX, Static AI, Suspicious PE, BScope, Hesv, Generic@AI, RDML, Hvjy8l787Y3m9eh1r, snfw, susgen, EQPQ) | ||
| md5 | f05a460e312d90267b12335c3c86e6a8 | ||
| sha256 | 8ba4a9f7596a9e12fc82290aca608ee81f0ed4e33e388257de62b0ce1a16b514 | ||
| ssdeep | 12288:3sGDrsy7QD25IMRgmDBJzd4+vZiy80LlMXuuLp0rTXNlgPgBuLq:3sGnPIM9LpHVLspMQ4ML | ||
| imphash | 25db551bacd3e47a5827f03f30f43ecb | ||
| impfuzzy | 192:n3ZEUxk1PD1D7buuaxSUvK9y3ooqEho72POQ4g:n3fy1Phaq9/YPOQx | ||
Network IP location
Signature (33cnts)
| Level | Description |
|---|---|
| warning | Generates some ICMP traffic |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Creates a suspicious Powershell process |
| watch | Creates a thread using CreateRemoteThread in a non-child process indicative of process injection |
| watch | Deletes executed files from disk |
| watch | File has been identified by 18 AntiVirus engines on VirusTotal as malicious |
| watch | Installs itself for autorun at Windows startup |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | Network activity contains more than one unique useragent |
| watch | One or more of the buffers contains an embedded PE file |
| watch | Potential code injection by writing to the memory of another process |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Connects to a Dynamic DNS Domain |
| notice | Creates a shortcut to an executable file |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
| info | Uses Windows APIs to generate a cryptographic key |
Rules (37cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| watch | Antivirus | Contains references to security software | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Network_Downloader | File Downloader | memory |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | Code_injection | Code injection with CreateRemoteThread in a remote process | memory |
| notice | Create_Service | Create a windows service | memory |
| notice | Escalate_priviledges | Escalate priviledges | memory |
| notice | Generic_PWS_Memory_Zero | PWS Memory | memory |
| notice | KeyLogger | Run a KeyLogger | memory |
| notice | local_credential_Steal | Steal credential | memory |
| notice | Network_DGA | Communication using DGA | memory |
| notice | Network_DNS | Communications use DNS | memory |
| notice | Network_FTP | Communications over FTP | memory |
| notice | Network_HTTP | Communications over HTTP | memory |
| notice | Network_P2P_Win | Communications over P2P network | memory |
| notice | Network_TCP_Socket | Communications over RAW Socket | memory |
| notice | ScreenShot | Take ScreenShot | memory |
| notice | Sniff_Audio | Record Audio | memory |
| notice | Str_Win32_Http_API | Match Windows Http API call | memory |
| notice | Str_Win32_Internet_API | Match Windows Inet API call | memory |
| info | anti_dbg | Checks if being debugged | memory |
| info | antisb_threatExpert | Anti-Sandbox checks for ThreatExpert | memory |
| info | Check_Dlls | (no description) | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerCheck__RemoteAPI | (no description) | memory |
| info | DebuggerException__ConsoleCtrl | (no description) | memory |
| info | DebuggerException__SetConsoleCtrl | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
| info | win_hook | Affect hook table | memory |
Network (12cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
PE API
IAT(Import Address Table) Library
kernel32.dll
0x4a117c DeleteCriticalSection
0x4a1180 LeaveCriticalSection
0x4a1184 EnterCriticalSection
0x4a1188 InitializeCriticalSection
0x4a118c VirtualFree
0x4a1190 VirtualAlloc
0x4a1194 LocalFree
0x4a1198 LocalAlloc
0x4a119c GetVersion
0x4a11a0 GetCurrentThreadId
0x4a11a4 InterlockedDecrement
0x4a11a8 InterlockedIncrement
0x4a11ac VirtualQuery
0x4a11b0 WideCharToMultiByte
0x4a11b4 SetCurrentDirectoryA
0x4a11b8 MultiByteToWideChar
0x4a11bc lstrlenA
0x4a11c0 lstrcpynA
0x4a11c4 LoadLibraryExA
0x4a11c8 GetThreadLocale
0x4a11cc GetStartupInfoA
0x4a11d0 GetProcAddress
0x4a11d4 GetModuleHandleA
0x4a11d8 GetModuleFileNameA
0x4a11dc GetLocaleInfoA
0x4a11e0 GetLastError
0x4a11e4 GetCurrentDirectoryA
0x4a11e8 GetCommandLineA
0x4a11ec FreeLibrary
0x4a11f0 FindFirstFileA
0x4a11f4 FindClose
0x4a11f8 ExitProcess
0x4a11fc WriteFile
0x4a1200 UnhandledExceptionFilter
0x4a1204 RtlUnwind
0x4a1208 RaiseException
0x4a120c GetStdHandle
user32.dll
0x4a1214 GetKeyboardType
0x4a1218 LoadStringA
0x4a121c MessageBoxA
0x4a1220 CharNextA
advapi32.dll
0x4a1228 RegQueryValueExA
0x4a122c RegOpenKeyExA
0x4a1230 RegCloseKey
oleaut32.dll
0x4a1238 SysFreeString
0x4a123c SysReAllocStringLen
0x4a1240 SysAllocStringLen
kernel32.dll
0x4a1248 TlsSetValue
0x4a124c TlsGetValue
0x4a1250 LocalAlloc
0x4a1254 GetModuleHandleA
advapi32.dll
0x4a125c RegSetValueExA
0x4a1260 RegQueryValueExA
0x4a1264 RegOpenKeyExA
0x4a1268 RegFlushKey
0x4a126c RegCreateKeyExA
0x4a1270 RegCloseKey
kernel32.dll
0x4a1278 lstrcpyA
0x4a127c WriteFile
0x4a1280 WaitForSingleObject
0x4a1284 VirtualQuery
0x4a1288 VirtualAlloc
0x4a128c Sleep
0x4a1290 SizeofResource
0x4a1294 SetThreadLocale
0x4a1298 SetFilePointer
0x4a129c SetEvent
0x4a12a0 SetErrorMode
0x4a12a4 SetEndOfFile
0x4a12a8 ResetEvent
0x4a12ac ReadFile
0x4a12b0 MultiByteToWideChar
0x4a12b4 MulDiv
0x4a12b8 LockResource
0x4a12bc LoadResource
0x4a12c0 LoadLibraryA
0x4a12c4 LeaveCriticalSection
0x4a12c8 InitializeCriticalSection
0x4a12cc GlobalUnlock
0x4a12d0 GlobalReAlloc
0x4a12d4 GlobalHandle
0x4a12d8 GlobalLock
0x4a12dc GlobalFree
0x4a12e0 GlobalFindAtomA
0x4a12e4 GlobalDeleteAtom
0x4a12e8 GlobalAlloc
0x4a12ec GlobalAddAtomA
0x4a12f0 GetVolumeInformationA
0x4a12f4 GetVersionExA
0x4a12f8 GetVersion
0x4a12fc GetTickCount
0x4a1300 GetThreadLocale
0x4a1304 GetSystemInfo
0x4a1308 GetStringTypeExA
0x4a130c GetStdHandle
0x4a1310 GetProcAddress
0x4a1314 GetModuleHandleA
0x4a1318 GetModuleFileNameA
0x4a131c GetLogicalDrives
0x4a1320 GetLocaleInfoA
0x4a1324 GetLocalTime
0x4a1328 GetLastError
0x4a132c GetFullPathNameA
0x4a1330 GetFileAttributesA
0x4a1334 GetDriveTypeA
0x4a1338 GetDiskFreeSpaceA
0x4a133c GetDateFormatA
0x4a1340 GetCurrentThreadId
0x4a1344 GetCurrentProcessId
0x4a1348 GetCPInfo
0x4a134c GetACP
0x4a1350 FreeResource
0x4a1354 InterlockedExchange
0x4a1358 FreeLibrary
0x4a135c FormatMessageA
0x4a1360 FindResourceA
0x4a1364 FindNextFileA
0x4a1368 FindFirstFileA
0x4a136c FindClose
0x4a1370 FileTimeToLocalFileTime
0x4a1374 FileTimeToDosDateTime
0x4a1378 EnumCalendarInfoA
0x4a137c EnterCriticalSection
0x4a1380 DeleteFileA
0x4a1384 DeleteCriticalSection
0x4a1388 CreateThread
0x4a138c CreateFileA
0x4a1390 CreateEventA
0x4a1394 CreateDirectoryA
0x4a1398 CompareStringA
0x4a139c CloseHandle
mpr.dll
0x4a13a4 WNetGetConnectionA
version.dll
0x4a13ac VerQueryValueA
0x4a13b0 GetFileVersionInfoSizeA
0x4a13b4 GetFileVersionInfoA
gdi32.dll
0x4a13bc UnrealizeObject
0x4a13c0 StretchBlt
0x4a13c4 SetWindowOrgEx
0x4a13c8 SetWinMetaFileBits
0x4a13cc SetViewportOrgEx
0x4a13d0 SetTextColor
0x4a13d4 SetStretchBltMode
0x4a13d8 SetROP2
0x4a13dc SetPixel
0x4a13e0 SetEnhMetaFileBits
0x4a13e4 SetDIBColorTable
0x4a13e8 SetBrushOrgEx
0x4a13ec SetBkMode
0x4a13f0 SetBkColor
0x4a13f4 SelectPalette
0x4a13f8 SelectObject
0x4a13fc SaveDC
0x4a1400 RestoreDC
0x4a1404 Rectangle
0x4a1408 RectVisible
0x4a140c RealizePalette
0x4a1410 Polyline
0x4a1414 Polygon
0x4a1418 PlayEnhMetaFile
0x4a141c PatBlt
0x4a1420 MoveToEx
0x4a1424 MaskBlt
0x4a1428 LineTo
0x4a142c IntersectClipRect
0x4a1430 GetWindowOrgEx
0x4a1434 GetWinMetaFileBits
0x4a1438 GetTextMetricsA
0x4a143c GetTextExtentPointA
0x4a1440 GetTextExtentPoint32A
0x4a1444 GetTextAlign
0x4a1448 GetSystemPaletteEntries
0x4a144c GetStockObject
0x4a1450 GetPolyFillMode
0x4a1454 GetPixel
0x4a1458 GetPaletteEntries
0x4a145c GetObjectA
0x4a1460 GetMapMode
0x4a1464 GetEnhMetaFilePaletteEntries
0x4a1468 GetEnhMetaFileHeader
0x4a146c GetEnhMetaFileBits
0x4a1470 GetDeviceCaps
0x4a1474 GetDIBits
0x4a1478 GetDIBColorTable
0x4a147c GetDCOrgEx
0x4a1480 GetDCPenColor
0x4a1484 GetCurrentPositionEx
0x4a1488 GetClipBox
0x4a148c GetBrushOrgEx
0x4a1490 GetBkMode
0x4a1494 GetBkColor
0x4a1498 GetBitmapBits
0x4a149c GdiFlush
0x4a14a0 ExtTextOutA
0x4a14a4 ExcludeClipRect
0x4a14a8 DeleteObject
0x4a14ac DeleteEnhMetaFile
0x4a14b0 DeleteDC
0x4a14b4 CreateSolidBrush
0x4a14b8 CreatePenIndirect
0x4a14bc CreatePalette
0x4a14c0 CreateHalftonePalette
0x4a14c4 CreateFontIndirectA
0x4a14c8 CreateDIBitmap
0x4a14cc CreateDIBSection
0x4a14d0 CreateCompatibleDC
0x4a14d4 CreateCompatibleBitmap
0x4a14d8 CreateBrushIndirect
0x4a14dc CreateBitmap
0x4a14e0 CopyEnhMetaFileA
0x4a14e4 BitBlt
user32.dll
0x4a14ec CreateWindowExA
0x4a14f0 WindowFromPoint
0x4a14f4 WinHelpA
0x4a14f8 WaitMessage
0x4a14fc UpdateWindow
0x4a1500 UnregisterClassA
0x4a1504 UnhookWindowsHookEx
0x4a1508 TranslateMessage
0x4a150c TranslateMDISysAccel
0x4a1510 TrackPopupMenu
0x4a1514 SystemParametersInfoA
0x4a1518 ShowWindow
0x4a151c ShowScrollBar
0x4a1520 ShowOwnedPopups
0x4a1524 ShowCursor
0x4a1528 ShowCaret
0x4a152c SetWindowsHookExA
0x4a1530 SetWindowTextA
0x4a1534 SetWindowPos
0x4a1538 SetWindowPlacement
0x4a153c SetWindowLongA
0x4a1540 SetTimer
0x4a1544 SetScrollRange
0x4a1548 SetScrollPos
0x4a154c SetScrollInfo
0x4a1550 SetRect
0x4a1554 SetPropA
0x4a1558 SetParent
0x4a155c SetMenuItemInfoA
0x4a1560 SetMenu
0x4a1564 SetForegroundWindow
0x4a1568 SetFocus
0x4a156c SetCursor
0x4a1570 SetClipboardData
0x4a1574 SetClassLongA
0x4a1578 SetCapture
0x4a157c SetActiveWindow
0x4a1580 SendMessageA
0x4a1584 ScrollWindow
0x4a1588 ScreenToClient
0x4a158c RemovePropA
0x4a1590 RemoveMenu
0x4a1594 ReleaseDC
0x4a1598 ReleaseCapture
0x4a159c RegisterWindowMessageA
0x4a15a0 RegisterClipboardFormatA
0x4a15a4 RegisterClassA
0x4a15a8 RedrawWindow
0x4a15ac PtInRect
0x4a15b0 PostQuitMessage
0x4a15b4 PostMessageA
0x4a15b8 PeekMessageA
0x4a15bc OpenClipboard
0x4a15c0 OffsetRect
0x4a15c4 OemToCharA
0x4a15c8 MessageBoxA
0x4a15cc MessageBeep
0x4a15d0 MapWindowPoints
0x4a15d4 MapVirtualKeyA
0x4a15d8 LoadStringA
0x4a15dc LoadKeyboardLayoutA
0x4a15e0 LoadIconA
0x4a15e4 LoadCursorA
0x4a15e8 LoadBitmapA
0x4a15ec KillTimer
0x4a15f0 IsZoomed
0x4a15f4 IsWindowVisible
0x4a15f8 IsWindowEnabled
0x4a15fc IsWindow
0x4a1600 IsRectEmpty
0x4a1604 IsIconic
0x4a1608 IsDialogMessageA
0x4a160c IsChild
0x4a1610 InvalidateRect
0x4a1614 IntersectRect
0x4a1618 InsertMenuItemA
0x4a161c InsertMenuA
0x4a1620 InflateRect
0x4a1624 HideCaret
0x4a1628 GetWindowThreadProcessId
0x4a162c GetWindowTextA
0x4a1630 GetWindowRect
0x4a1634 GetWindowPlacement
0x4a1638 GetWindowLongA
0x4a163c GetWindowDC
0x4a1640 GetTopWindow
0x4a1644 GetSystemMetrics
0x4a1648 GetSystemMenu
0x4a164c GetSysColorBrush
0x4a1650 GetSysColor
0x4a1654 GetSubMenu
0x4a1658 GetScrollRange
0x4a165c GetScrollPos
0x4a1660 GetScrollInfo
0x4a1664 GetPropA
0x4a1668 GetParent
0x4a166c GetWindow
0x4a1670 GetMenuStringA
0x4a1674 GetMenuState
0x4a1678 GetMenuItemInfoA
0x4a167c GetMenuItemID
0x4a1680 GetMenuItemCount
0x4a1684 GetMenu
0x4a1688 GetLastActivePopup
0x4a168c GetKeyboardState
0x4a1690 GetKeyboardLayoutList
0x4a1694 GetKeyboardLayout
0x4a1698 GetKeyState
0x4a169c GetKeyNameTextA
0x4a16a0 GetIconInfo
0x4a16a4 GetForegroundWindow
0x4a16a8 GetFocus
0x4a16ac GetDesktopWindow
0x4a16b0 GetDCEx
0x4a16b4 GetDC
0x4a16b8 GetCursorPos
0x4a16bc GetCursor
0x4a16c0 GetClipboardData
0x4a16c4 GetClientRect
0x4a16c8 GetClassNameA
0x4a16cc GetClassInfoA
0x4a16d0 GetCapture
0x4a16d4 GetActiveWindow
0x4a16d8 FrameRect
0x4a16dc FindWindowA
0x4a16e0 FillRect
0x4a16e4 EqualRect
0x4a16e8 EnumWindows
0x4a16ec EnumThreadWindows
0x4a16f0 EndPaint
0x4a16f4 EnableWindow
0x4a16f8 EnableScrollBar
0x4a16fc EnableMenuItem
0x4a1700 EmptyClipboard
0x4a1704 DrawTextA
0x4a1708 DrawStateA
0x4a170c DrawMenuBar
0x4a1710 DrawIconEx
0x4a1714 DrawIcon
0x4a1718 DrawFrameControl
0x4a171c DrawFocusRect
0x4a1720 DrawEdge
0x4a1724 DispatchMessageA
0x4a1728 DestroyWindow
0x4a172c DestroyMenu
0x4a1730 DestroyIcon
0x4a1734 DestroyCursor
0x4a1738 DeleteMenu
0x4a173c DefWindowProcA
0x4a1740 DefMDIChildProcA
0x4a1744 DefFrameProcA
0x4a1748 CreatePopupMenu
0x4a174c CreateMenu
0x4a1750 CreateIcon
0x4a1754 CloseClipboard
0x4a1758 ClientToScreen
0x4a175c CheckMenuItem
0x4a1760 CallWindowProcA
0x4a1764 CallNextHookEx
0x4a1768 BeginPaint
0x4a176c CharNextA
0x4a1770 CharLowerBuffA
0x4a1774 CharLowerA
0x4a1778 CharUpperBuffA
0x4a177c CharToOemA
0x4a1780 AdjustWindowRectEx
0x4a1784 ActivateKeyboardLayout
kernel32.dll
0x4a178c Sleep
oleaut32.dll
0x4a1794 SafeArrayPtrOfIndex
0x4a1798 SafeArrayGetUBound
0x4a179c SafeArrayGetLBound
0x4a17a0 SafeArrayCreate
0x4a17a4 VariantChangeType
0x4a17a8 VariantCopy
0x4a17ac VariantClear
0x4a17b0 VariantInit
ole32.dll
0x4a17b8 CoTaskMemFree
0x4a17bc StringFromCLSID
0x4a17c0 CoCreateInstance
0x4a17c4 CoUninitialize
0x4a17c8 CoInitialize
oleaut32.dll
0x4a17d0 GetErrorInfo
0x4a17d4 SysFreeString
comctl32.dll
0x4a17dc ImageList_SetIconSize
0x4a17e0 ImageList_GetIconSize
0x4a17e4 ImageList_Write
0x4a17e8 ImageList_Read
0x4a17ec ImageList_GetDragImage
0x4a17f0 ImageList_DragShowNolock
0x4a17f4 ImageList_SetDragCursorImage
0x4a17f8 ImageList_DragMove
0x4a17fc ImageList_DragLeave
0x4a1800 ImageList_DragEnter
0x4a1804 ImageList_EndDrag
0x4a1808 ImageList_BeginDrag
0x4a180c ImageList_Remove
0x4a1810 ImageList_DrawEx
0x4a1814 ImageList_Replace
0x4a1818 ImageList_Draw
0x4a181c ImageList_GetBkColor
0x4a1820 ImageList_SetBkColor
0x4a1824 ImageList_ReplaceIcon
0x4a1828 ImageList_Add
0x4a182c ImageList_SetImageCount
0x4a1830 ImageList_GetImageCount
0x4a1834 ImageList_Destroy
0x4a1838 ImageList_Create
0x4a183c InitCommonControls
shell32.dll
0x4a1844 ShellExecuteA
winmm.dll
0x4a184c sndPlaySoundA
EAT(Export Address Table) is none
kernel32.dll
0x4a117c DeleteCriticalSection
0x4a1180 LeaveCriticalSection
0x4a1184 EnterCriticalSection
0x4a1188 InitializeCriticalSection
0x4a118c VirtualFree
0x4a1190 VirtualAlloc
0x4a1194 LocalFree
0x4a1198 LocalAlloc
0x4a119c GetVersion
0x4a11a0 GetCurrentThreadId
0x4a11a4 InterlockedDecrement
0x4a11a8 InterlockedIncrement
0x4a11ac VirtualQuery
0x4a11b0 WideCharToMultiByte
0x4a11b4 SetCurrentDirectoryA
0x4a11b8 MultiByteToWideChar
0x4a11bc lstrlenA
0x4a11c0 lstrcpynA
0x4a11c4 LoadLibraryExA
0x4a11c8 GetThreadLocale
0x4a11cc GetStartupInfoA
0x4a11d0 GetProcAddress
0x4a11d4 GetModuleHandleA
0x4a11d8 GetModuleFileNameA
0x4a11dc GetLocaleInfoA
0x4a11e0 GetLastError
0x4a11e4 GetCurrentDirectoryA
0x4a11e8 GetCommandLineA
0x4a11ec FreeLibrary
0x4a11f0 FindFirstFileA
0x4a11f4 FindClose
0x4a11f8 ExitProcess
0x4a11fc WriteFile
0x4a1200 UnhandledExceptionFilter
0x4a1204 RtlUnwind
0x4a1208 RaiseException
0x4a120c GetStdHandle
user32.dll
0x4a1214 GetKeyboardType
0x4a1218 LoadStringA
0x4a121c MessageBoxA
0x4a1220 CharNextA
advapi32.dll
0x4a1228 RegQueryValueExA
0x4a122c RegOpenKeyExA
0x4a1230 RegCloseKey
oleaut32.dll
0x4a1238 SysFreeString
0x4a123c SysReAllocStringLen
0x4a1240 SysAllocStringLen
kernel32.dll
0x4a1248 TlsSetValue
0x4a124c TlsGetValue
0x4a1250 LocalAlloc
0x4a1254 GetModuleHandleA
advapi32.dll
0x4a125c RegSetValueExA
0x4a1260 RegQueryValueExA
0x4a1264 RegOpenKeyExA
0x4a1268 RegFlushKey
0x4a126c RegCreateKeyExA
0x4a1270 RegCloseKey
kernel32.dll
0x4a1278 lstrcpyA
0x4a127c WriteFile
0x4a1280 WaitForSingleObject
0x4a1284 VirtualQuery
0x4a1288 VirtualAlloc
0x4a128c Sleep
0x4a1290 SizeofResource
0x4a1294 SetThreadLocale
0x4a1298 SetFilePointer
0x4a129c SetEvent
0x4a12a0 SetErrorMode
0x4a12a4 SetEndOfFile
0x4a12a8 ResetEvent
0x4a12ac ReadFile
0x4a12b0 MultiByteToWideChar
0x4a12b4 MulDiv
0x4a12b8 LockResource
0x4a12bc LoadResource
0x4a12c0 LoadLibraryA
0x4a12c4 LeaveCriticalSection
0x4a12c8 InitializeCriticalSection
0x4a12cc GlobalUnlock
0x4a12d0 GlobalReAlloc
0x4a12d4 GlobalHandle
0x4a12d8 GlobalLock
0x4a12dc GlobalFree
0x4a12e0 GlobalFindAtomA
0x4a12e4 GlobalDeleteAtom
0x4a12e8 GlobalAlloc
0x4a12ec GlobalAddAtomA
0x4a12f0 GetVolumeInformationA
0x4a12f4 GetVersionExA
0x4a12f8 GetVersion
0x4a12fc GetTickCount
0x4a1300 GetThreadLocale
0x4a1304 GetSystemInfo
0x4a1308 GetStringTypeExA
0x4a130c GetStdHandle
0x4a1310 GetProcAddress
0x4a1314 GetModuleHandleA
0x4a1318 GetModuleFileNameA
0x4a131c GetLogicalDrives
0x4a1320 GetLocaleInfoA
0x4a1324 GetLocalTime
0x4a1328 GetLastError
0x4a132c GetFullPathNameA
0x4a1330 GetFileAttributesA
0x4a1334 GetDriveTypeA
0x4a1338 GetDiskFreeSpaceA
0x4a133c GetDateFormatA
0x4a1340 GetCurrentThreadId
0x4a1344 GetCurrentProcessId
0x4a1348 GetCPInfo
0x4a134c GetACP
0x4a1350 FreeResource
0x4a1354 InterlockedExchange
0x4a1358 FreeLibrary
0x4a135c FormatMessageA
0x4a1360 FindResourceA
0x4a1364 FindNextFileA
0x4a1368 FindFirstFileA
0x4a136c FindClose
0x4a1370 FileTimeToLocalFileTime
0x4a1374 FileTimeToDosDateTime
0x4a1378 EnumCalendarInfoA
0x4a137c EnterCriticalSection
0x4a1380 DeleteFileA
0x4a1384 DeleteCriticalSection
0x4a1388 CreateThread
0x4a138c CreateFileA
0x4a1390 CreateEventA
0x4a1394 CreateDirectoryA
0x4a1398 CompareStringA
0x4a139c CloseHandle
mpr.dll
0x4a13a4 WNetGetConnectionA
version.dll
0x4a13ac VerQueryValueA
0x4a13b0 GetFileVersionInfoSizeA
0x4a13b4 GetFileVersionInfoA
gdi32.dll
0x4a13bc UnrealizeObject
0x4a13c0 StretchBlt
0x4a13c4 SetWindowOrgEx
0x4a13c8 SetWinMetaFileBits
0x4a13cc SetViewportOrgEx
0x4a13d0 SetTextColor
0x4a13d4 SetStretchBltMode
0x4a13d8 SetROP2
0x4a13dc SetPixel
0x4a13e0 SetEnhMetaFileBits
0x4a13e4 SetDIBColorTable
0x4a13e8 SetBrushOrgEx
0x4a13ec SetBkMode
0x4a13f0 SetBkColor
0x4a13f4 SelectPalette
0x4a13f8 SelectObject
0x4a13fc SaveDC
0x4a1400 RestoreDC
0x4a1404 Rectangle
0x4a1408 RectVisible
0x4a140c RealizePalette
0x4a1410 Polyline
0x4a1414 Polygon
0x4a1418 PlayEnhMetaFile
0x4a141c PatBlt
0x4a1420 MoveToEx
0x4a1424 MaskBlt
0x4a1428 LineTo
0x4a142c IntersectClipRect
0x4a1430 GetWindowOrgEx
0x4a1434 GetWinMetaFileBits
0x4a1438 GetTextMetricsA
0x4a143c GetTextExtentPointA
0x4a1440 GetTextExtentPoint32A
0x4a1444 GetTextAlign
0x4a1448 GetSystemPaletteEntries
0x4a144c GetStockObject
0x4a1450 GetPolyFillMode
0x4a1454 GetPixel
0x4a1458 GetPaletteEntries
0x4a145c GetObjectA
0x4a1460 GetMapMode
0x4a1464 GetEnhMetaFilePaletteEntries
0x4a1468 GetEnhMetaFileHeader
0x4a146c GetEnhMetaFileBits
0x4a1470 GetDeviceCaps
0x4a1474 GetDIBits
0x4a1478 GetDIBColorTable
0x4a147c GetDCOrgEx
0x4a1480 GetDCPenColor
0x4a1484 GetCurrentPositionEx
0x4a1488 GetClipBox
0x4a148c GetBrushOrgEx
0x4a1490 GetBkMode
0x4a1494 GetBkColor
0x4a1498 GetBitmapBits
0x4a149c GdiFlush
0x4a14a0 ExtTextOutA
0x4a14a4 ExcludeClipRect
0x4a14a8 DeleteObject
0x4a14ac DeleteEnhMetaFile
0x4a14b0 DeleteDC
0x4a14b4 CreateSolidBrush
0x4a14b8 CreatePenIndirect
0x4a14bc CreatePalette
0x4a14c0 CreateHalftonePalette
0x4a14c4 CreateFontIndirectA
0x4a14c8 CreateDIBitmap
0x4a14cc CreateDIBSection
0x4a14d0 CreateCompatibleDC
0x4a14d4 CreateCompatibleBitmap
0x4a14d8 CreateBrushIndirect
0x4a14dc CreateBitmap
0x4a14e0 CopyEnhMetaFileA
0x4a14e4 BitBlt
user32.dll
0x4a14ec CreateWindowExA
0x4a14f0 WindowFromPoint
0x4a14f4 WinHelpA
0x4a14f8 WaitMessage
0x4a14fc UpdateWindow
0x4a1500 UnregisterClassA
0x4a1504 UnhookWindowsHookEx
0x4a1508 TranslateMessage
0x4a150c TranslateMDISysAccel
0x4a1510 TrackPopupMenu
0x4a1514 SystemParametersInfoA
0x4a1518 ShowWindow
0x4a151c ShowScrollBar
0x4a1520 ShowOwnedPopups
0x4a1524 ShowCursor
0x4a1528 ShowCaret
0x4a152c SetWindowsHookExA
0x4a1530 SetWindowTextA
0x4a1534 SetWindowPos
0x4a1538 SetWindowPlacement
0x4a153c SetWindowLongA
0x4a1540 SetTimer
0x4a1544 SetScrollRange
0x4a1548 SetScrollPos
0x4a154c SetScrollInfo
0x4a1550 SetRect
0x4a1554 SetPropA
0x4a1558 SetParent
0x4a155c SetMenuItemInfoA
0x4a1560 SetMenu
0x4a1564 SetForegroundWindow
0x4a1568 SetFocus
0x4a156c SetCursor
0x4a1570 SetClipboardData
0x4a1574 SetClassLongA
0x4a1578 SetCapture
0x4a157c SetActiveWindow
0x4a1580 SendMessageA
0x4a1584 ScrollWindow
0x4a1588 ScreenToClient
0x4a158c RemovePropA
0x4a1590 RemoveMenu
0x4a1594 ReleaseDC
0x4a1598 ReleaseCapture
0x4a159c RegisterWindowMessageA
0x4a15a0 RegisterClipboardFormatA
0x4a15a4 RegisterClassA
0x4a15a8 RedrawWindow
0x4a15ac PtInRect
0x4a15b0 PostQuitMessage
0x4a15b4 PostMessageA
0x4a15b8 PeekMessageA
0x4a15bc OpenClipboard
0x4a15c0 OffsetRect
0x4a15c4 OemToCharA
0x4a15c8 MessageBoxA
0x4a15cc MessageBeep
0x4a15d0 MapWindowPoints
0x4a15d4 MapVirtualKeyA
0x4a15d8 LoadStringA
0x4a15dc LoadKeyboardLayoutA
0x4a15e0 LoadIconA
0x4a15e4 LoadCursorA
0x4a15e8 LoadBitmapA
0x4a15ec KillTimer
0x4a15f0 IsZoomed
0x4a15f4 IsWindowVisible
0x4a15f8 IsWindowEnabled
0x4a15fc IsWindow
0x4a1600 IsRectEmpty
0x4a1604 IsIconic
0x4a1608 IsDialogMessageA
0x4a160c IsChild
0x4a1610 InvalidateRect
0x4a1614 IntersectRect
0x4a1618 InsertMenuItemA
0x4a161c InsertMenuA
0x4a1620 InflateRect
0x4a1624 HideCaret
0x4a1628 GetWindowThreadProcessId
0x4a162c GetWindowTextA
0x4a1630 GetWindowRect
0x4a1634 GetWindowPlacement
0x4a1638 GetWindowLongA
0x4a163c GetWindowDC
0x4a1640 GetTopWindow
0x4a1644 GetSystemMetrics
0x4a1648 GetSystemMenu
0x4a164c GetSysColorBrush
0x4a1650 GetSysColor
0x4a1654 GetSubMenu
0x4a1658 GetScrollRange
0x4a165c GetScrollPos
0x4a1660 GetScrollInfo
0x4a1664 GetPropA
0x4a1668 GetParent
0x4a166c GetWindow
0x4a1670 GetMenuStringA
0x4a1674 GetMenuState
0x4a1678 GetMenuItemInfoA
0x4a167c GetMenuItemID
0x4a1680 GetMenuItemCount
0x4a1684 GetMenu
0x4a1688 GetLastActivePopup
0x4a168c GetKeyboardState
0x4a1690 GetKeyboardLayoutList
0x4a1694 GetKeyboardLayout
0x4a1698 GetKeyState
0x4a169c GetKeyNameTextA
0x4a16a0 GetIconInfo
0x4a16a4 GetForegroundWindow
0x4a16a8 GetFocus
0x4a16ac GetDesktopWindow
0x4a16b0 GetDCEx
0x4a16b4 GetDC
0x4a16b8 GetCursorPos
0x4a16bc GetCursor
0x4a16c0 GetClipboardData
0x4a16c4 GetClientRect
0x4a16c8 GetClassNameA
0x4a16cc GetClassInfoA
0x4a16d0 GetCapture
0x4a16d4 GetActiveWindow
0x4a16d8 FrameRect
0x4a16dc FindWindowA
0x4a16e0 FillRect
0x4a16e4 EqualRect
0x4a16e8 EnumWindows
0x4a16ec EnumThreadWindows
0x4a16f0 EndPaint
0x4a16f4 EnableWindow
0x4a16f8 EnableScrollBar
0x4a16fc EnableMenuItem
0x4a1700 EmptyClipboard
0x4a1704 DrawTextA
0x4a1708 DrawStateA
0x4a170c DrawMenuBar
0x4a1710 DrawIconEx
0x4a1714 DrawIcon
0x4a1718 DrawFrameControl
0x4a171c DrawFocusRect
0x4a1720 DrawEdge
0x4a1724 DispatchMessageA
0x4a1728 DestroyWindow
0x4a172c DestroyMenu
0x4a1730 DestroyIcon
0x4a1734 DestroyCursor
0x4a1738 DeleteMenu
0x4a173c DefWindowProcA
0x4a1740 DefMDIChildProcA
0x4a1744 DefFrameProcA
0x4a1748 CreatePopupMenu
0x4a174c CreateMenu
0x4a1750 CreateIcon
0x4a1754 CloseClipboard
0x4a1758 ClientToScreen
0x4a175c CheckMenuItem
0x4a1760 CallWindowProcA
0x4a1764 CallNextHookEx
0x4a1768 BeginPaint
0x4a176c CharNextA
0x4a1770 CharLowerBuffA
0x4a1774 CharLowerA
0x4a1778 CharUpperBuffA
0x4a177c CharToOemA
0x4a1780 AdjustWindowRectEx
0x4a1784 ActivateKeyboardLayout
kernel32.dll
0x4a178c Sleep
oleaut32.dll
0x4a1794 SafeArrayPtrOfIndex
0x4a1798 SafeArrayGetUBound
0x4a179c SafeArrayGetLBound
0x4a17a0 SafeArrayCreate
0x4a17a4 VariantChangeType
0x4a17a8 VariantCopy
0x4a17ac VariantClear
0x4a17b0 VariantInit
ole32.dll
0x4a17b8 CoTaskMemFree
0x4a17bc StringFromCLSID
0x4a17c0 CoCreateInstance
0x4a17c4 CoUninitialize
0x4a17c8 CoInitialize
oleaut32.dll
0x4a17d0 GetErrorInfo
0x4a17d4 SysFreeString
comctl32.dll
0x4a17dc ImageList_SetIconSize
0x4a17e0 ImageList_GetIconSize
0x4a17e4 ImageList_Write
0x4a17e8 ImageList_Read
0x4a17ec ImageList_GetDragImage
0x4a17f0 ImageList_DragShowNolock
0x4a17f4 ImageList_SetDragCursorImage
0x4a17f8 ImageList_DragMove
0x4a17fc ImageList_DragLeave
0x4a1800 ImageList_DragEnter
0x4a1804 ImageList_EndDrag
0x4a1808 ImageList_BeginDrag
0x4a180c ImageList_Remove
0x4a1810 ImageList_DrawEx
0x4a1814 ImageList_Replace
0x4a1818 ImageList_Draw
0x4a181c ImageList_GetBkColor
0x4a1820 ImageList_SetBkColor
0x4a1824 ImageList_ReplaceIcon
0x4a1828 ImageList_Add
0x4a182c ImageList_SetImageCount
0x4a1830 ImageList_GetImageCount
0x4a1834 ImageList_Destroy
0x4a1838 ImageList_Create
0x4a183c InitCommonControls
shell32.dll
0x4a1844 ShellExecuteA
winmm.dll
0x4a184c sndPlaySoundA
EAT(Export Address Table) is none