ScreenShot
| Created | 2022.06.19 14:24 | Machine | s1_win7_x6403 |
| Filename | bfa72b5310bd9871b38a9017be416b36.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 47 detected (Manuscrypt, GenericKD, IGENERIC, Unsafe, ABRisk, ZQAF, malicious, high confidence, R002C0WF422, jpfjng, Gencirc, GenKD, pmlwb, Sabsik, Tiggre, score, GenericRXAA, ai score=89, Generic@AI, RDML, j5e3UC6bA6sDQMcpJuPnkA, hobzcb0Jcv0, susgen, PossibleThreat, Chgt, confidence, 100%) | ||
| md5 | 8af292d4232628d615321923e8d21d75 | ||
| sha256 | ae78dfe0af564047a2557770c5500b5ae8db727b56bf0cd404b6f52cdc3c6e81 | ||
| ssdeep | 6144:ypW7afwwJWPtN8bQITbbvLfL7C+E32tGEPv:0JUtN8bHTbvz7C+E/EPv | ||
| imphash | cd8430e1ebe09a39fed57f14fe148292 | ||
| impfuzzy | 192:mTHNxyUAnKqs6Kmw9UdBVIcncccuH9PyNO6PP:mzzWndBWafByNO6PP | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 47 AntiVirus engines on VirusTotal as malicious |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Foreign language identified in PE resource |
| notice | Performs some HTTP requests |
| info | Checks amount of memory in system |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (5cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x4340b4 GetStartupInfoW
0x4340b8 ExitProcess
0x4340bc RtlUnwind
0x4340c0 HeapReAlloc
0x4340c4 RaiseException
0x4340c8 HeapSize
0x4340cc VirtualProtect
0x4340d0 VirtualAlloc
0x4340d4 GetSystemInfo
0x4340d8 VirtualQuery
0x4340dc GetStdHandle
0x4340e0 GetModuleFileNameA
0x4340e4 UnhandledExceptionFilter
0x4340e8 FreeEnvironmentStringsA
0x4340ec GetEnvironmentStrings
0x4340f0 FreeEnvironmentStringsW
0x4340f4 GetEnvironmentStringsW
0x4340f8 GetCommandLineA
0x4340fc GetCommandLineW
0x434100 SetHandleCount
0x434104 GetFileType
0x434108 GetStartupInfoA
0x43410c HeapDestroy
0x434110 HeapCreate
0x434114 VirtualFree
0x434118 QueryPerformanceCounter
0x43411c GetSystemTimeAsFileTime
0x434120 GetProcessHeap
0x434124 SetUnhandledExceptionFilter
0x434128 IsDebuggerPresent
0x43412c Sleep
0x434130 GetCPInfo
0x434134 GetACP
0x434138 GetOEMCP
0x43413c GetTimeZoneInformation
0x434140 GetLocaleInfoA
0x434144 GetConsoleCP
0x434148 GetConsoleMode
0x43414c LCMapStringA
0x434150 LCMapStringW
0x434154 GetStringTypeA
0x434158 GetStringTypeW
0x43415c SetStdHandle
0x434160 WriteConsoleA
0x434164 GetConsoleOutputCP
0x434168 WriteConsoleW
0x43416c CreateFileA
0x434170 SetEnvironmentVariableA
0x434174 HeapAlloc
0x434178 HeapFree
0x43417c GetFileTime
0x434180 GetFileAttributesW
0x434184 FileTimeToLocalFileTime
0x434188 GetTickCount
0x43418c SetErrorMode
0x434190 FileTimeToSystemTime
0x434194 CreateFileW
0x434198 GetFullPathNameW
0x43419c GetVolumeInformationW
0x4341a0 FindFirstFileW
0x4341a4 FindClose
0x4341a8 GetCurrentProcess
0x4341ac DuplicateHandle
0x4341b0 GetFileSize
0x4341b4 SetEndOfFile
0x4341b8 UnlockFile
0x4341bc LockFile
0x4341c0 FlushFileBuffers
0x4341c4 SetFilePointer
0x4341c8 WriteFile
0x4341cc ReadFile
0x4341d0 GetThreadLocale
0x4341d4 lstrlenA
0x4341d8 InterlockedIncrement
0x4341dc TlsFree
0x4341e0 DeleteCriticalSection
0x4341e4 LocalReAlloc
0x4341e8 TlsSetValue
0x4341ec TlsAlloc
0x4341f0 InitializeCriticalSection
0x4341f4 GlobalHandle
0x4341f8 GlobalReAlloc
0x4341fc EnterCriticalSection
0x434200 TlsGetValue
0x434204 LeaveCriticalSection
0x434208 LocalAlloc
0x43420c GlobalFlags
0x434210 FormatMessageW
0x434214 LocalFree
0x434218 MulDiv
0x43421c GetModuleHandleA
0x434220 GlobalFindAtomW
0x434224 CompareStringW
0x434228 LoadLibraryA
0x43422c GetVersionExA
0x434230 InterlockedDecrement
0x434234 GetCurrentProcessId
0x434238 GetLastError
0x43423c SetLastError
0x434240 GlobalAddAtomW
0x434244 CloseHandle
0x434248 GlobalUnlock
0x43424c lstrlenW
0x434250 WritePrivateProfileStringW
0x434254 FreeResource
0x434258 GlobalFree
0x43425c GetCurrentThread
0x434260 GetCurrentThreadId
0x434264 ConvertDefaultLocale
0x434268 GetModuleFileNameW
0x43426c GetVersion
0x434270 EnumResourceLanguagesW
0x434274 lstrcmpA
0x434278 GetLocaleInfoW
0x43427c LoadLibraryW
0x434280 WideCharToMultiByte
0x434284 CompareStringA
0x434288 InterlockedExchange
0x43428c GlobalLock
0x434290 lstrcmpW
0x434294 GlobalAlloc
0x434298 FreeLibrary
0x43429c GlobalDeleteAtom
0x4342a0 GetProcAddress
0x4342a4 GetModuleHandleW
0x4342a8 MultiByteToWideChar
0x4342ac FindResourceW
0x4342b0 LoadResource
0x4342b4 LockResource
0x4342b8 TerminateProcess
0x4342bc SizeofResource
USER32.dll
0x434334 RegisterClipboardFormatW
0x434338 PostThreadMessageW
0x43433c SetRect
0x434340 IsRectEmpty
0x434344 CopyAcceleratorTableW
0x434348 CharNextW
0x43434c ReleaseCapture
0x434350 LoadCursorW
0x434354 SetCapture
0x434358 ShowWindow
0x43435c MoveWindow
0x434360 SetWindowTextW
0x434364 IsDialogMessageW
0x434368 EndPaint
0x43436c BeginPaint
0x434370 GetWindowDC
0x434374 ReleaseDC
0x434378 GetDC
0x43437c ClientToScreen
0x434380 GrayStringW
0x434384 DrawTextExW
0x434388 DrawTextW
0x43438c TabbedTextOutW
0x434390 RegisterWindowMessageW
0x434394 SendDlgItemMessageW
0x434398 SendDlgItemMessageA
0x43439c WinHelpW
0x4343a0 GetCapture
0x4343a4 GetClassLongW
0x4343a8 GetClassNameW
0x4343ac SetPropW
0x4343b0 GetPropW
0x4343b4 RemovePropW
0x4343b8 SetFocus
0x4343bc GetWindowTextW
0x4343c0 GetForegroundWindow
0x4343c4 GetTopWindow
0x4343c8 GetMessageTime
0x4343cc GetMessagePos
0x4343d0 MapWindowPoints
0x4343d4 SetForegroundWindow
0x4343d8 UpdateWindow
0x4343dc GetMenu
0x4343e0 GetSubMenu
0x4343e4 GetMenuItemID
0x4343e8 GetMenuItemCount
0x4343ec CreateWindowExW
0x4343f0 GetClassInfoExW
0x4343f4 GetClassInfoW
0x4343f8 RegisterClassW
0x4343fc AdjustWindowRectEx
0x434400 EqualRect
0x434404 PtInRect
0x434408 GetDlgCtrlID
0x43440c DefWindowProcW
0x434410 CallWindowProcW
0x434414 SetWindowLongW
0x434418 OffsetRect
0x43441c IntersectRect
0x434420 SystemParametersInfoA
0x434424 GetWindowPlacement
0x434428 GetWindowRect
0x43442c GetSysColor
0x434430 LoadIconW
0x434434 GetSystemMenu
0x434438 UnregisterClassA
0x43443c AppendMenuW
0x434440 IsIconic
0x434444 SendMessageW
0x434448 DestroyMenu
0x43444c CopyRect
0x434450 UnhookWindowsHookEx
0x434454 GetWindowThreadProcessId
0x434458 GetLastActivePopup
0x43445c MessageBoxW
0x434460 SetCursor
0x434464 SetWindowsHookExW
0x434468 UnregisterClassW
0x43446c CharUpperW
0x434470 GetSysColorBrush
0x434474 CallNextHookEx
0x434478 GetMessageW
0x43447c MessageBeep
0x434480 GetNextDlgGroupItem
0x434484 InvalidateRgn
0x434488 InvalidateRect
0x43448c GetSystemMetrics
0x434490 GetClientRect
0x434494 DrawIcon
0x434498 EnableWindow
0x43449c wsprintfW
0x4344a0 PostMessageW
0x4344a4 PostQuitMessage
0x4344a8 SetWindowPos
0x4344ac MapDialogRect
0x4344b0 GetParent
0x4344b4 SetWindowContextHelpId
0x4344b8 GetWindow
0x4344bc EndDialog
0x4344c0 GetNextDlgTabItem
0x4344c4 IsWindowEnabled
0x4344c8 GetDlgItem
0x4344cc GetWindowLongW
0x4344d0 IsWindow
0x4344d4 DestroyWindow
0x4344d8 CreateDialogIndirectParamW
0x4344dc SetActiveWindow
0x4344e0 GetActiveWindow
0x4344e4 GetDesktopWindow
0x4344e8 CheckMenuItem
0x4344ec EnableMenuItem
0x4344f0 GetMenuState
0x4344f4 ModifyMenuW
0x4344f8 GetFocus
0x4344fc LoadBitmapW
0x434500 GetMenuCheckMarkDimensions
0x434504 SetMenuItemBitmaps
0x434508 ValidateRect
0x43450c GetCursorPos
0x434510 PeekMessageW
0x434514 GetKeyState
0x434518 IsWindowVisible
0x43451c DispatchMessageW
0x434520 TranslateMessage
0x434524 IsChild
GDI32.dll
0x434030 ExtSelectClipRgn
0x434034 DeleteDC
0x434038 GetStockObject
0x43403c GetDeviceCaps
0x434040 GetBkColor
0x434044 GetTextColor
0x434048 CreateRectRgnIndirect
0x43404c GetRgnBox
0x434050 GetMapMode
0x434054 ScaleWindowExtEx
0x434058 SetWindowExtEx
0x43405c ScaleViewportExtEx
0x434060 SetViewportExtEx
0x434064 OffsetViewportOrgEx
0x434068 SetViewportOrgEx
0x43406c SelectObject
0x434070 CreateBitmap
0x434074 TextOutW
0x434078 RectVisible
0x43407c PtVisible
0x434080 GetWindowExtEx
0x434084 GetViewportExtEx
0x434088 DeleteObject
0x43408c SetMapMode
0x434090 RestoreDC
0x434094 SaveDC
0x434098 SetBkColor
0x43409c SetTextColor
0x4340a0 GetClipBox
0x4340a4 ExtTextOutW
0x4340a8 GetObjectW
0x4340ac Escape
comdlg32.dll
0x43453c GetFileTitleW
WINSPOOL.DRV
0x43452c DocumentPropertiesW
0x434530 OpenPrinterW
0x434534 ClosePrinter
ADVAPI32.dll
0x434000 RegDeleteKeyW
0x434004 RegQueryValueW
0x434008 RegOpenKeyW
0x43400c RegEnumKeyW
0x434010 RegCloseKey
0x434014 RegSetValueExW
0x434018 RegCreateKeyExW
0x43401c RegOpenKeyExW
0x434020 RegQueryValueExW
SHELL32.dll
0x434318 ShellExecuteExW
COMCTL32.dll
0x434028 InitCommonControlsEx
SHLWAPI.dll
0x434320 PathFindFileNameW
0x434324 PathStripToRootW
0x434328 PathFindExtensionW
0x43432c PathIsUNCW
oledlg.dll
0x434588 OleUIBusyW
ole32.dll
0x434544 OleInitialize
0x434548 CoFreeUnusedLibraries
0x43454c OleUninitialize
0x434550 CreateILockBytesOnHGlobal
0x434554 StgCreateDocfileOnILockBytes
0x434558 StgOpenStorageOnILockBytes
0x43455c CoGetClassObject
0x434560 CoRevokeClassObject
0x434564 CoTaskMemAlloc
0x434568 CoTaskMemFree
0x43456c CLSIDFromString
0x434570 CLSIDFromProgID
0x434574 CoInitializeSecurity
0x434578 OleIsCurrentClipboard
0x43457c OleFlushClipboard
0x434580 CoRegisterMessageFilter
OLEAUT32.dll
0x4342c4 SysAllocStringByteLen
0x4342c8 SysStringByteLen
0x4342cc SysFreeString
0x4342d0 VariantInit
0x4342d4 VariantCopy
0x4342d8 VariantClear
0x4342dc SysAllocStringLen
0x4342e0 SafeArrayGetDim
0x4342e4 SafeArrayGetLBound
0x4342e8 SafeArrayGetUBound
0x4342ec SafeArrayAccessData
0x4342f0 SafeArrayUnaccessData
0x4342f4 SysStringLen
0x4342f8 VariantChangeType
0x4342fc OleCreateFontIndirect
0x434300 VariantTimeToSystemTime
0x434304 SystemTimeToVariantTime
0x434308 SafeArrayDestroy
0x43430c GetErrorInfo
0x434310 SysAllocString
EAT(Export Address Table) is none
KERNEL32.dll
0x4340b4 GetStartupInfoW
0x4340b8 ExitProcess
0x4340bc RtlUnwind
0x4340c0 HeapReAlloc
0x4340c4 RaiseException
0x4340c8 HeapSize
0x4340cc VirtualProtect
0x4340d0 VirtualAlloc
0x4340d4 GetSystemInfo
0x4340d8 VirtualQuery
0x4340dc GetStdHandle
0x4340e0 GetModuleFileNameA
0x4340e4 UnhandledExceptionFilter
0x4340e8 FreeEnvironmentStringsA
0x4340ec GetEnvironmentStrings
0x4340f0 FreeEnvironmentStringsW
0x4340f4 GetEnvironmentStringsW
0x4340f8 GetCommandLineA
0x4340fc GetCommandLineW
0x434100 SetHandleCount
0x434104 GetFileType
0x434108 GetStartupInfoA
0x43410c HeapDestroy
0x434110 HeapCreate
0x434114 VirtualFree
0x434118 QueryPerformanceCounter
0x43411c GetSystemTimeAsFileTime
0x434120 GetProcessHeap
0x434124 SetUnhandledExceptionFilter
0x434128 IsDebuggerPresent
0x43412c Sleep
0x434130 GetCPInfo
0x434134 GetACP
0x434138 GetOEMCP
0x43413c GetTimeZoneInformation
0x434140 GetLocaleInfoA
0x434144 GetConsoleCP
0x434148 GetConsoleMode
0x43414c LCMapStringA
0x434150 LCMapStringW
0x434154 GetStringTypeA
0x434158 GetStringTypeW
0x43415c SetStdHandle
0x434160 WriteConsoleA
0x434164 GetConsoleOutputCP
0x434168 WriteConsoleW
0x43416c CreateFileA
0x434170 SetEnvironmentVariableA
0x434174 HeapAlloc
0x434178 HeapFree
0x43417c GetFileTime
0x434180 GetFileAttributesW
0x434184 FileTimeToLocalFileTime
0x434188 GetTickCount
0x43418c SetErrorMode
0x434190 FileTimeToSystemTime
0x434194 CreateFileW
0x434198 GetFullPathNameW
0x43419c GetVolumeInformationW
0x4341a0 FindFirstFileW
0x4341a4 FindClose
0x4341a8 GetCurrentProcess
0x4341ac DuplicateHandle
0x4341b0 GetFileSize
0x4341b4 SetEndOfFile
0x4341b8 UnlockFile
0x4341bc LockFile
0x4341c0 FlushFileBuffers
0x4341c4 SetFilePointer
0x4341c8 WriteFile
0x4341cc ReadFile
0x4341d0 GetThreadLocale
0x4341d4 lstrlenA
0x4341d8 InterlockedIncrement
0x4341dc TlsFree
0x4341e0 DeleteCriticalSection
0x4341e4 LocalReAlloc
0x4341e8 TlsSetValue
0x4341ec TlsAlloc
0x4341f0 InitializeCriticalSection
0x4341f4 GlobalHandle
0x4341f8 GlobalReAlloc
0x4341fc EnterCriticalSection
0x434200 TlsGetValue
0x434204 LeaveCriticalSection
0x434208 LocalAlloc
0x43420c GlobalFlags
0x434210 FormatMessageW
0x434214 LocalFree
0x434218 MulDiv
0x43421c GetModuleHandleA
0x434220 GlobalFindAtomW
0x434224 CompareStringW
0x434228 LoadLibraryA
0x43422c GetVersionExA
0x434230 InterlockedDecrement
0x434234 GetCurrentProcessId
0x434238 GetLastError
0x43423c SetLastError
0x434240 GlobalAddAtomW
0x434244 CloseHandle
0x434248 GlobalUnlock
0x43424c lstrlenW
0x434250 WritePrivateProfileStringW
0x434254 FreeResource
0x434258 GlobalFree
0x43425c GetCurrentThread
0x434260 GetCurrentThreadId
0x434264 ConvertDefaultLocale
0x434268 GetModuleFileNameW
0x43426c GetVersion
0x434270 EnumResourceLanguagesW
0x434274 lstrcmpA
0x434278 GetLocaleInfoW
0x43427c LoadLibraryW
0x434280 WideCharToMultiByte
0x434284 CompareStringA
0x434288 InterlockedExchange
0x43428c GlobalLock
0x434290 lstrcmpW
0x434294 GlobalAlloc
0x434298 FreeLibrary
0x43429c GlobalDeleteAtom
0x4342a0 GetProcAddress
0x4342a4 GetModuleHandleW
0x4342a8 MultiByteToWideChar
0x4342ac FindResourceW
0x4342b0 LoadResource
0x4342b4 LockResource
0x4342b8 TerminateProcess
0x4342bc SizeofResource
USER32.dll
0x434334 RegisterClipboardFormatW
0x434338 PostThreadMessageW
0x43433c SetRect
0x434340 IsRectEmpty
0x434344 CopyAcceleratorTableW
0x434348 CharNextW
0x43434c ReleaseCapture
0x434350 LoadCursorW
0x434354 SetCapture
0x434358 ShowWindow
0x43435c MoveWindow
0x434360 SetWindowTextW
0x434364 IsDialogMessageW
0x434368 EndPaint
0x43436c BeginPaint
0x434370 GetWindowDC
0x434374 ReleaseDC
0x434378 GetDC
0x43437c ClientToScreen
0x434380 GrayStringW
0x434384 DrawTextExW
0x434388 DrawTextW
0x43438c TabbedTextOutW
0x434390 RegisterWindowMessageW
0x434394 SendDlgItemMessageW
0x434398 SendDlgItemMessageA
0x43439c WinHelpW
0x4343a0 GetCapture
0x4343a4 GetClassLongW
0x4343a8 GetClassNameW
0x4343ac SetPropW
0x4343b0 GetPropW
0x4343b4 RemovePropW
0x4343b8 SetFocus
0x4343bc GetWindowTextW
0x4343c0 GetForegroundWindow
0x4343c4 GetTopWindow
0x4343c8 GetMessageTime
0x4343cc GetMessagePos
0x4343d0 MapWindowPoints
0x4343d4 SetForegroundWindow
0x4343d8 UpdateWindow
0x4343dc GetMenu
0x4343e0 GetSubMenu
0x4343e4 GetMenuItemID
0x4343e8 GetMenuItemCount
0x4343ec CreateWindowExW
0x4343f0 GetClassInfoExW
0x4343f4 GetClassInfoW
0x4343f8 RegisterClassW
0x4343fc AdjustWindowRectEx
0x434400 EqualRect
0x434404 PtInRect
0x434408 GetDlgCtrlID
0x43440c DefWindowProcW
0x434410 CallWindowProcW
0x434414 SetWindowLongW
0x434418 OffsetRect
0x43441c IntersectRect
0x434420 SystemParametersInfoA
0x434424 GetWindowPlacement
0x434428 GetWindowRect
0x43442c GetSysColor
0x434430 LoadIconW
0x434434 GetSystemMenu
0x434438 UnregisterClassA
0x43443c AppendMenuW
0x434440 IsIconic
0x434444 SendMessageW
0x434448 DestroyMenu
0x43444c CopyRect
0x434450 UnhookWindowsHookEx
0x434454 GetWindowThreadProcessId
0x434458 GetLastActivePopup
0x43445c MessageBoxW
0x434460 SetCursor
0x434464 SetWindowsHookExW
0x434468 UnregisterClassW
0x43446c CharUpperW
0x434470 GetSysColorBrush
0x434474 CallNextHookEx
0x434478 GetMessageW
0x43447c MessageBeep
0x434480 GetNextDlgGroupItem
0x434484 InvalidateRgn
0x434488 InvalidateRect
0x43448c GetSystemMetrics
0x434490 GetClientRect
0x434494 DrawIcon
0x434498 EnableWindow
0x43449c wsprintfW
0x4344a0 PostMessageW
0x4344a4 PostQuitMessage
0x4344a8 SetWindowPos
0x4344ac MapDialogRect
0x4344b0 GetParent
0x4344b4 SetWindowContextHelpId
0x4344b8 GetWindow
0x4344bc EndDialog
0x4344c0 GetNextDlgTabItem
0x4344c4 IsWindowEnabled
0x4344c8 GetDlgItem
0x4344cc GetWindowLongW
0x4344d0 IsWindow
0x4344d4 DestroyWindow
0x4344d8 CreateDialogIndirectParamW
0x4344dc SetActiveWindow
0x4344e0 GetActiveWindow
0x4344e4 GetDesktopWindow
0x4344e8 CheckMenuItem
0x4344ec EnableMenuItem
0x4344f0 GetMenuState
0x4344f4 ModifyMenuW
0x4344f8 GetFocus
0x4344fc LoadBitmapW
0x434500 GetMenuCheckMarkDimensions
0x434504 SetMenuItemBitmaps
0x434508 ValidateRect
0x43450c GetCursorPos
0x434510 PeekMessageW
0x434514 GetKeyState
0x434518 IsWindowVisible
0x43451c DispatchMessageW
0x434520 TranslateMessage
0x434524 IsChild
GDI32.dll
0x434030 ExtSelectClipRgn
0x434034 DeleteDC
0x434038 GetStockObject
0x43403c GetDeviceCaps
0x434040 GetBkColor
0x434044 GetTextColor
0x434048 CreateRectRgnIndirect
0x43404c GetRgnBox
0x434050 GetMapMode
0x434054 ScaleWindowExtEx
0x434058 SetWindowExtEx
0x43405c ScaleViewportExtEx
0x434060 SetViewportExtEx
0x434064 OffsetViewportOrgEx
0x434068 SetViewportOrgEx
0x43406c SelectObject
0x434070 CreateBitmap
0x434074 TextOutW
0x434078 RectVisible
0x43407c PtVisible
0x434080 GetWindowExtEx
0x434084 GetViewportExtEx
0x434088 DeleteObject
0x43408c SetMapMode
0x434090 RestoreDC
0x434094 SaveDC
0x434098 SetBkColor
0x43409c SetTextColor
0x4340a0 GetClipBox
0x4340a4 ExtTextOutW
0x4340a8 GetObjectW
0x4340ac Escape
comdlg32.dll
0x43453c GetFileTitleW
WINSPOOL.DRV
0x43452c DocumentPropertiesW
0x434530 OpenPrinterW
0x434534 ClosePrinter
ADVAPI32.dll
0x434000 RegDeleteKeyW
0x434004 RegQueryValueW
0x434008 RegOpenKeyW
0x43400c RegEnumKeyW
0x434010 RegCloseKey
0x434014 RegSetValueExW
0x434018 RegCreateKeyExW
0x43401c RegOpenKeyExW
0x434020 RegQueryValueExW
SHELL32.dll
0x434318 ShellExecuteExW
COMCTL32.dll
0x434028 InitCommonControlsEx
SHLWAPI.dll
0x434320 PathFindFileNameW
0x434324 PathStripToRootW
0x434328 PathFindExtensionW
0x43432c PathIsUNCW
oledlg.dll
0x434588 OleUIBusyW
ole32.dll
0x434544 OleInitialize
0x434548 CoFreeUnusedLibraries
0x43454c OleUninitialize
0x434550 CreateILockBytesOnHGlobal
0x434554 StgCreateDocfileOnILockBytes
0x434558 StgOpenStorageOnILockBytes
0x43455c CoGetClassObject
0x434560 CoRevokeClassObject
0x434564 CoTaskMemAlloc
0x434568 CoTaskMemFree
0x43456c CLSIDFromString
0x434570 CLSIDFromProgID
0x434574 CoInitializeSecurity
0x434578 OleIsCurrentClipboard
0x43457c OleFlushClipboard
0x434580 CoRegisterMessageFilter
OLEAUT32.dll
0x4342c4 SysAllocStringByteLen
0x4342c8 SysStringByteLen
0x4342cc SysFreeString
0x4342d0 VariantInit
0x4342d4 VariantCopy
0x4342d8 VariantClear
0x4342dc SysAllocStringLen
0x4342e0 SafeArrayGetDim
0x4342e4 SafeArrayGetLBound
0x4342e8 SafeArrayGetUBound
0x4342ec SafeArrayAccessData
0x4342f0 SafeArrayUnaccessData
0x4342f4 SysStringLen
0x4342f8 VariantChangeType
0x4342fc OleCreateFontIndirect
0x434300 VariantTimeToSystemTime
0x434304 SystemTimeToVariantTime
0x434308 SafeArrayDestroy
0x43430c GetErrorInfo
0x434310 SysAllocString
EAT(Export Address Table) is none