ScreenShot
| Created | 2022.11.29 11:58 | Machine | s1_win7_x6403 |
| Filename | DS.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | |||
| VT API (file) | 39 detected (AIDetect, malware2, Artemis, Unsafe, Save, malicious, ZexaF, @tW@aC9ZBhcH, Eldorado, Attribute, HighConfidence, high confidence, FlyStudio, Trojanx, MalwareX, Generic ML PUA, OSCF@5rs7jr, Static AI, Malicious PE, Detected, kcloud, 18JA6Q4, score, BScope, R002H0CKS22, MalCert, CLASSIC, susgen, CoinMiner, confidence) | ||
| md5 | 53e334e1dc87b596d5a47fc24ecb7551 | ||
| sha256 | 8202ba56a591ceb1f3cf497f31d9da7d5d897a59656640b16a0e442ae1190e22 | ||
| ssdeep | 196608:MmZwQ5AeUu9H9qfZNvYzhsch7stnb2I34hGOCGTW4+MKX:JZwQ5A09dqfZizh3hAT34hGOCGW4 | ||
| imphash | 45d7ac4770e5299403c09d9266fec258 | ||
| impfuzzy | 192:3qAUKdYqbFoM1AA0JZKUqT0MT/2wkkL6w7z3qcSccRcjwZqAbnOQeo:3z1AASoTBFk/yEqwYAbnOQz | ||
Network IP location
Signature (13cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 39 AntiVirus engines on VirusTotal as malicious |
| watch | Attempts to create or modify system certificates |
| watch | Communicates with host for which no DNS query was performed |
| watch | Queries information on disks |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Foreign language identified in PE resource |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (upload) |
Network (10cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
iphlpapi.dll
0x6af8ec GetAdaptersInfo
WINMM.dll
0x6af7f0 midiStreamRestart
0x6af7f4 waveOutRestart
0x6af7f8 PlaySoundA
0x6af7fc midiStreamStop
0x6af800 midiOutReset
0x6af804 midiStreamClose
0x6af808 waveOutUnprepareHeader
0x6af80c waveOutPrepareHeader
0x6af810 waveOutWrite
0x6af814 waveOutPause
0x6af818 waveOutReset
0x6af81c midiStreamOut
0x6af820 midiOutPrepareHeader
0x6af824 midiStreamProperty
0x6af828 midiStreamOpen
0x6af82c midiOutUnprepareHeader
0x6af830 waveOutOpen
0x6af834 waveOutGetNumDevs
0x6af838 waveOutClose
WS2_32.dll
0x6af850 inet_ntoa
0x6af854 inet_addr
0x6af858 gethostname
0x6af85c gethostbyname
0x6af860 WSAStartup
0x6af864 WSACleanup
0x6af868 send
0x6af86c closesocket
0x6af870 WSAAsyncSelect
0x6af874 htons
0x6af878 ind
0x6af87c htonl
0x6af880 socket
0x6af884 setsockopt
0x6af888 sendto
0x6af88c recvfrom
0x6af890 ioctlsocket
0x6af894 connect
0x6af898 recv
0x6af89c listen
0x6af8a0 getpeername
0x6af8a4 accept
0x6af8a8 __WSAFDIsSet
0x6af8ac ntohs
0x6af8b0 getsockname
0x6af8b4 WSAGetLastError
0x6af8b8 ntohl
0x6af8bc select
MSVFW32.dll
0x6af4b4 DrawDibDraw
AVIFIL32.dll
0x6af028 AVIStreamInfoA
0x6af02c AVIStreamGetFrame
RASAPI32.dll
0x6af510 RasGetConnectStatusA
0x6af514 RasHangUpA
KERNEL32.dll
0x6af1f4 GetSystemDirectoryA
0x6af1f8 SetLastError
0x6af1fc QueryPerformanceFrequency
0x6af200 QueryPerformanceCounter
0x6af204 GetTimeZoneInformation
0x6af208 GetLocaleInfoA
0x6af20c GetVersion
0x6af210 TerminateThread
0x6af214 IsDBCSLeadByte
0x6af218 lstrcmpA
0x6af21c lstrcmpiA
0x6af220 lstrcpynA
0x6af224 FileTimeToSystemTime
0x6af228 FileTimeToDosDateTime
0x6af22c FileTimeToLocalFileTime
0x6af230 GetFileInformationByHandle
0x6af234 GetFileType
0x6af238 MapViewOfFile
0x6af23c CreateFileMappingA
0x6af240 DuplicateHandle
0x6af244 UnmapViewOfFile
0x6af248 SystemTimeToFileTime
0x6af24c GetLocalTime
0x6af250 DosDateTimeToFileTime
0x6af254 SetFileTime
0x6af258 LocalFree
0x6af25c FormatMessageA
0x6af260 CreateMutexA
0x6af264 ReleaseMutex
0x6af268 SuspendThread
0x6af26c InterlockedIncrement
0x6af270 InterlockedDecrement
0x6af274 FlushFileBuffers
0x6af278 LockFile
0x6af27c UnlockFile
0x6af280 SetEndOfFile
0x6af284 GlobalDeleteAtom
0x6af288 GlobalFindAtomA
0x6af28c GlobalAddAtomA
0x6af290 GlobalGetAtomNameA
0x6af294 LocalAlloc
0x6af298 TlsAlloc
0x6af29c GlobalHandle
0x6af2a0 TlsFree
0x6af2a4 TlsSetValue
0x6af2a8 LocalReAlloc
0x6af2ac TlsGetValue
0x6af2b0 GetFileTime
0x6af2b4 GetCurrentThread
0x6af2b8 GlobalFlags
0x6af2bc GetProfileIntA
0x6af2c0 SetErrorMode
0x6af2c4 GetProcessVersion
0x6af2c8 GetCPInfo
0x6af2cc GetOEMCP
0x6af2d0 GetStartupInfoA
0x6af2d4 RtlUnwind
0x6af2d8 GetSystemTime
0x6af2dc RaiseException
0x6af2e0 HeapSize
0x6af2e4 ExitThread
0x6af2e8 GetACP
0x6af2ec SetStdHandle
0x6af2f0 UnhandledExceptionFilter
0x6af2f4 FreeEnvironmentStringsA
0x6af2f8 FreeEnvironmentStringsW
0x6af2fc GetEnvironmentStrings
0x6af300 GetEnvironmentStringsW
0x6af304 SetHandleCount
0x6af308 GetStdHandle
0x6af30c GetEnvironmentVariableA
0x6af310 HeapDestroy
0x6af314 HeapCreate
0x6af318 VirtualFree
0x6af31c SetEnvironmentVariableW
0x6af320 SetEnvironmentVariableA
0x6af324 LCMapStringA
0x6af328 LCMapStringW
0x6af32c VirtualAlloc
0x6af330 IsBadWritePtr
0x6af334 SetUnhandledExceptionFilter
0x6af338 GetStringTypeA
0x6af33c GetStringTypeW
0x6af340 CompareStringA
0x6af344 CompareStringW
0x6af348 IsBadReadPtr
0x6af34c IsBadCodePtr
0x6af350 IsValidLocale
0x6af354 IsValidCodePage
0x6af358 EnumSystemLocalesA
0x6af35c GetLocaleInfoW
0x6af360 SetNamedPipeHandleState
0x6af364 WaitNamedPipeA
0x6af368 OpenFileMappingA
0x6af36c OpenEventA
0x6af370 GetWindowsDirectoryA
0x6af374 TerminateProcess
0x6af378 GetCurrentProcess
0x6af37c GetFileSize
0x6af380 SetFilePointer
0x6af384 CreateSemaphoreA
0x6af388 ResumeThread
0x6af38c ReleaseSemaphore
0x6af390 EnterCriticalSection
0x6af394 LeaveCriticalSection
0x6af398 GetProfileStringA
0x6af39c WriteFile
0x6af3a0 WaitForMultipleObjects
0x6af3a4 CreateFileA
0x6af3a8 DeviceIoControl
0x6af3ac SetEvent
0x6af3b0 FindResourceA
0x6af3b4 LoadResource
0x6af3b8 LockResource
0x6af3bc ReadFile
0x6af3c0 lstrlenW
0x6af3c4 RemoveDirectoryA
0x6af3c8 GetModuleFileNameA
0x6af3cc WideCharToMultiByte
0x6af3d0 MultiByteToWideChar
0x6af3d4 GetCurrentThreadId
0x6af3d8 ExitProcess
0x6af3dc GlobalSize
0x6af3e0 GlobalFree
0x6af3e4 DeleteCriticalSection
0x6af3e8 InitializeCriticalSection
0x6af3ec lstrcatA
0x6af3f0 lstrlenA
0x6af3f4 WinExec
0x6af3f8 lstrcpyA
0x6af3fc FindNextFileA
0x6af400 GetDriveTypeA
0x6af404 GlobalReAlloc
0x6af408 HeapFree
0x6af40c HeapReAlloc
0x6af410 GetProcessHeap
0x6af414 HeapAlloc
0x6af418 GetUserDefaultLCID
0x6af41c GetFullPathNameA
0x6af420 FreeLibrary
0x6af424 LoadLibraryA
0x6af428 GetLastError
0x6af42c GetVersionExA
0x6af430 WritePrivateProfileStringA
0x6af434 GetPrivateProfileStringA
0x6af438 CreateThread
0x6af43c CreateEventA
0x6af440 Sleep
0x6af444 GlobalAlloc
0x6af448 GlobalLock
0x6af44c GlobalUnlock
0x6af450 GetTempPathA
0x6af454 FindFirstFileA
0x6af458 FindClose
0x6af45c SetFileAttributesA
0x6af460 GetFileAttributesA
0x6af464 MoveFileA
0x6af468 DeleteFileA
0x6af46c CopyFileA
0x6af470 CreateDirectoryA
0x6af474 GetCurrentDirectoryA
0x6af478 SetCurrentDirectoryA
0x6af47c GetVolumeInformationA
0x6af480 GetModuleHandleA
0x6af484 GetProcAddress
0x6af488 MulDiv
0x6af48c GetCommandLineA
0x6af490 GetTickCount
0x6af494 CreateProcessA
0x6af498 WaitForSingleObject
0x6af49c CloseHandle
0x6af4a0 InterlockedExchange
0x6af4a4 MapViewOfFileEx
USER32.dll
0x6af52c SetMenuItemBitmaps
0x6af530 GetMenuCheckMarkDimensions
0x6af534 LoadStringA
0x6af538 GetSysColorBrush
0x6af53c LoadIconA
0x6af540 TranslateMessage
0x6af544 DrawFrameControl
0x6af548 DrawEdge
0x6af54c DrawFocusRect
0x6af550 WindowFromPoint
0x6af554 GetMessageA
0x6af558 DispatchMessageA
0x6af55c SetRectEmpty
0x6af560 RegisterClipboardFormatA
0x6af564 CreateIconFromResourceEx
0x6af568 CreateIconFromResource
0x6af56c DrawIconEx
0x6af570 CreatePopupMenu
0x6af574 AppendMenuA
0x6af578 ModifyMenuA
0x6af57c CreateMenu
0x6af580 CreateAcceleratorTableA
0x6af584 GetDlgCtrlID
0x6af588 GetSubMenu
0x6af58c EnableMenuItem
0x6af590 ClientToScreen
0x6af594 EnumDisplaySettingsA
0x6af598 LoadImageA
0x6af59c SystemParametersInfoA
0x6af5a0 ShowWindow
0x6af5a4 IsWindowEnabled
0x6af5a8 TranslateAcceleratorA
0x6af5ac GetKeyState
0x6af5b0 CopyAcceleratorTableA
0x6af5b4 PostQuitMessage
0x6af5b8 IsZoomed
0x6af5bc GetClassInfoA
0x6af5c0 DefWindowProcA
0x6af5c4 GetSystemMenu
0x6af5c8 DeleteMenu
0x6af5cc GetMenu
0x6af5d0 SetMenu
0x6af5d4 PeekMessageA
0x6af5d8 IsIconic
0x6af5dc SetFocus
0x6af5e0 GetActiveWindow
0x6af5e4 GetWindow
0x6af5e8 DestroyAcceleratorTable
0x6af5ec SetWindowRgn
0x6af5f0 GetMessagePos
0x6af5f4 CheckMenuItem
0x6af5f8 ChildWindowFromPointEx
0x6af5fc CopyRect
0x6af600 LoadBitmapA
0x6af604 KillTimer
0x6af608 SetTimer
0x6af60c ReleaseCapture
0x6af610 GetCapture
0x6af614 SetCapture
0x6af618 GetScrollRange
0x6af61c SetScrollRange
0x6af620 SetScrollPos
0x6af624 SetRect
0x6af628 InflateRect
0x6af62c IntersectRect
0x6af630 DestroyIcon
0x6af634 PtInRect
0x6af638 OffsetRect
0x6af63c IsWindowVisible
0x6af640 EnableWindow
0x6af644 GetWindowLongA
0x6af648 SetWindowLongA
0x6af64c GetSysColor
0x6af650 SetActiveWindow
0x6af654 SetCursorPos
0x6af658 LoadCursorA
0x6af65c SetCursor
0x6af660 GetDC
0x6af664 FillRect
0x6af668 InvertRect
0x6af66c IsRectEmpty
0x6af670 ReleaseDC
0x6af674 IsChild
0x6af678 TrackPopupMenu
0x6af67c DestroyMenu
0x6af680 SetForegroundWindow
0x6af684 GetWindowRect
0x6af688 EqualRect
0x6af68c UpdateWindow
0x6af690 ValidateRect
0x6af694 InvalidateRect
0x6af698 GetClientRect
0x6af69c GetFocus
0x6af6a0 GetParent
0x6af6a4 GetTopWindow
0x6af6a8 PostMessageA
0x6af6ac IsWindow
0x6af6b0 SetParent
0x6af6b4 DestroyCursor
0x6af6b8 SendMessageA
0x6af6bc SetWindowPos
0x6af6c0 MessageBeep
0x6af6c4 MessageBoxA
0x6af6c8 GetCursorPos
0x6af6cc GetSystemMetrics
0x6af6d0 IsClipboardFormatAvailable
0x6af6d4 EmptyClipboard
0x6af6d8 SetClipboardData
0x6af6dc OpenClipboard
0x6af6e0 GetClipboardData
0x6af6e4 CloseClipboard
0x6af6e8 wsprintfA
0x6af6ec WaitForInputIdle
0x6af6f0 IsDialogMessageA
0x6af6f4 ScrollWindowEx
0x6af6f8 SendDlgItemMessageA
0x6af6fc MapWindowPoints
0x6af700 AdjustWindowRectEx
0x6af704 ScrollWindow
0x6af708 GetScrollInfo
0x6af70c SetScrollInfo
0x6af710 ShowScrollBar
0x6af714 GetScrollPos
0x6af718 RegisterClassA
0x6af71c CreateWindowExA
0x6af720 GetClassLongA
0x6af724 RemovePropA
0x6af728 GetMessageTime
0x6af72c GetLastActivePopup
0x6af730 RegisterWindowMessageA
0x6af734 GetWindowPlacement
0x6af738 EndDialog
0x6af73c CreateDialogIndirectParamA
0x6af740 DestroyWindow
0x6af744 EndPaint
0x6af748 BeginPaint
0x6af74c GetWindowTextLengthA
0x6af750 wvsprintfA
0x6af754 GetForegroundWindow
0x6af758 GetNextDlgTabItem
0x6af75c CharUpperA
0x6af760 GetDoubleClickTime
0x6af764 ClipCursor
0x6af768 SetWindowTextA
0x6af76c GetMenuItemCount
0x6af770 GetMenuItemID
0x6af774 GetMenuStringA
0x6af778 GetMenuState
0x6af77c GetTabbedTextExtentA
0x6af780 DrawStateA
0x6af784 GrayStringA
0x6af788 TabbedTextOutA
0x6af78c WindowFromDC
0x6af790 EnumChildWindows
0x6af794 GetWindowDC
0x6af798 UnhookWindowsHookEx
0x6af79c CallNextHookEx
0x6af7a0 SetWindowsHookExA
0x6af7a4 FrameRect
0x6af7a8 GetPropA
0x6af7ac MoveWindow
0x6af7b0 CallWindowProcA
0x6af7b4 SetPropA
0x6af7b8 DrawTextA
0x6af7bc UnregisterClassA
0x6af7c0 GetWindowTextA
0x6af7c4 FindWindowExA
0x6af7c8 GetDlgItem
0x6af7cc GetClassNameA
0x6af7d0 ScreenToClient
0x6af7d4 GetDesktopWindow
0x6af7d8 WinHelpA
0x6af7dc RedrawWindow
0x6af7e0 GetCursor
GDI32.dll
0x6af074 GetViewportExtEx
0x6af078 ExtSelectClipRgn
0x6af07c CopyMetaFileA
0x6af080 GetCurrentObject
0x6af084 RoundRect
0x6af088 GetTextExtentPoint32A
0x6af08c DPtoLP
0x6af090 LPtoDP
0x6af094 Rectangle
0x6af098 Ellipse
0x6af09c SetPixelV
0x6af0a0 CreateCompatibleDC
0x6af0a4 GetPixel
0x6af0a8 BitBlt
0x6af0ac StartPage
0x6af0b0 StartDocA
0x6af0b4 DeleteDC
0x6af0b8 EndDoc
0x6af0bc EndPage
0x6af0c0 GetObjectA
0x6af0c4 GetStockObject
0x6af0c8 CreateFontIndirectA
0x6af0cc CreateSolidBrush
0x6af0d0 FillRgn
0x6af0d4 CreateRectRgn
0x6af0d8 CombineRgn
0x6af0dc PatBlt
0x6af0e0 CreatePen
0x6af0e4 SelectObject
0x6af0e8 CreatePatternBrush
0x6af0ec CreateBitmap
0x6af0f0 CreateBrushIndirect
0x6af0f4 CreateDCA
0x6af0f8 CreateCompatibleBitmap
0x6af0fc GetPolyFillMode
0x6af100 GetStretchBltMode
0x6af104 GetROP2
0x6af108 GetBkColor
0x6af10c GetBkMode
0x6af110 GetTextColor
0x6af114 CreateRoundRectRgn
0x6af118 CreateEllipticRgn
0x6af11c PathToRegion
0x6af120 EndPath
0x6af124 BeginPath
0x6af128 GetWindowOrgEx
0x6af12c GetViewportOrgEx
0x6af130 GetWindowExtEx
0x6af134 GetDIBits
0x6af138 RealizePalette
0x6af13c SelectPalette
0x6af140 StretchBlt
0x6af144 CreatePalette
0x6af148 GetSystemPaletteEntries
0x6af14c CreateDIBitmap
0x6af150 DeleteObject
0x6af154 SelectClipRgn
0x6af158 CreatePolygonRgn
0x6af15c GetClipRgn
0x6af160 SetStretchBltMode
0x6af164 SetPixel
0x6af168 CreateDIBSection
0x6af16c CreateRectRgnIndirect
0x6af170 SetBkColor
0x6af174 SetBkMode
0x6af178 SetTextColor
0x6af17c SetWindowOrgEx
0x6af180 SaveDC
0x6af184 RestoreDC
0x6af188 CreatePenIndirect
0x6af18c PtVisible
0x6af190 RectVisible
0x6af194 TextOutA
0x6af198 ExtTextOutA
0x6af19c Escape
0x6af1a0 GetTextMetricsA
0x6af1a4 AbortDoc
0x6af1a8 CreateFontA
0x6af1ac SetBrushOrgEx
0x6af1b0 SetDIBitsToDevice
0x6af1b4 SetPolyFillMode
0x6af1b8 SetROP2
0x6af1bc SetMapMode
0x6af1c0 SetViewportOrgEx
0x6af1c4 OffsetViewportOrgEx
0x6af1c8 SetViewportExtEx
0x6af1cc ScaleViewportExtEx
0x6af1d0 OffsetWindowOrgEx
0x6af1d4 SetWindowExtEx
0x6af1d8 ScaleWindowExtEx
0x6af1dc GetClipBox
0x6af1e0 ExcludeClipRect
0x6af1e4 MoveToEx
0x6af1e8 LineTo
0x6af1ec GetDeviceCaps
MSIMG32.dll
0x6af4ac GradientFill
WINSPOOL.DRV
0x6af840 ClosePrinter
0x6af844 DocumentPropertiesA
0x6af848 OpenPrinterA
comdlg32.dll
0x6af8d0 GetFileTitleA
0x6af8d4 PrintDlgA
0x6af8d8 GetOpenFileNameA
0x6af8dc ChooseFontA
0x6af8e0 ChooseColorA
0x6af8e4 GetSaveFileNameA
ADVAPI32.dll
0x6af000 RegCreateKeyExA
0x6af004 RegQueryValueA
0x6af008 RegDeleteKeyA
0x6af00c RegDeleteValueA
0x6af010 RegSetValueExA
0x6af014 RegOpenKeyExA
0x6af018 RegQueryValueExA
0x6af01c RegCloseKey
0x6af020 RegEnumValueA
SHELL32.dll
0x6af51c SHGetSpecialFolderPathA
0x6af520 Shell_NotifyIconA
0x6af524 ShellExecuteA
ole32.dll
0x6af8f4 CoTaskMemAlloc
0x6af8f8 OleDuplicateData
0x6af8fc RevokeDragDrop
0x6af900 CoLockObjectExternal
0x6af904 OleGetClipboard
0x6af908 OleIsCurrentClipboard
0x6af90c OleFlushClipboard
0x6af910 OleSetClipboard
0x6af914 CoTaskMemFree
0x6af918 ReleaseStgMedium
0x6af91c CLSIDFromProgID
0x6af920 OleInitialize
0x6af924 OleUninitialize
0x6af928 CLSIDFromString
0x6af92c CreateStreamOnHGlobal
0x6af930 CoCreateInstance
0x6af934 OleRun
0x6af938 DoDragDrop
OLEAUT32.dll
0x6af4bc VarDateFromStr
0x6af4c0 RegisterTypeLib
0x6af4c4 SafeArrayPutElement
0x6af4c8 LHashValOfNameSys
0x6af4cc LoadTypeLib
0x6af4d0 SafeArrayUnaccessData
0x6af4d4 SafeArrayAccessData
0x6af4d8 SafeArrayGetElement
0x6af4dc VariantCopyInd
0x6af4e0 VariantInit
0x6af4e4 SysAllocString
0x6af4e8 SafeArrayDestroy
0x6af4ec SafeArrayCreate
0x6af4f0 VariantCopy
0x6af4f4 VariantClear
0x6af4f8 VariantChangeType
0x6af4fc SafeArrayGetUBound
0x6af500 SafeArrayGetLBound
0x6af504 SafeArrayGetDim
0x6af508 UnRegisterTypeLib
COMCTL32.dll
0x6af034 ImageList_Duplicate
0x6af038 ImageList_DrawIndirect
0x6af03c ImageList_Draw
0x6af040 ImageList_Read
0x6af044 ImageList_LoadImageA
0x6af048 ImageList_Create
0x6af04c ImageList_Destroy
0x6af050 None
0x6af054 ImageList_AddMasked
0x6af058 _TrackMouseEvent
0x6af05c ImageList_ReplaceIcon
0x6af060 ImageList_GetIcon
0x6af064 ImageList_GetImageInfo
0x6af068 ImageList_GetImageCount
0x6af06c ImageList_SetBkColor
WSOCK32.dll
0x6af8c4 shutdown
0x6af8c8 getservbyname
WININET.dll
0x6af7e8 InternetCloseHandle
EAT(Export Address Table) is none
iphlpapi.dll
0x6af8ec GetAdaptersInfo
WINMM.dll
0x6af7f0 midiStreamRestart
0x6af7f4 waveOutRestart
0x6af7f8 PlaySoundA
0x6af7fc midiStreamStop
0x6af800 midiOutReset
0x6af804 midiStreamClose
0x6af808 waveOutUnprepareHeader
0x6af80c waveOutPrepareHeader
0x6af810 waveOutWrite
0x6af814 waveOutPause
0x6af818 waveOutReset
0x6af81c midiStreamOut
0x6af820 midiOutPrepareHeader
0x6af824 midiStreamProperty
0x6af828 midiStreamOpen
0x6af82c midiOutUnprepareHeader
0x6af830 waveOutOpen
0x6af834 waveOutGetNumDevs
0x6af838 waveOutClose
WS2_32.dll
0x6af850 inet_ntoa
0x6af854 inet_addr
0x6af858 gethostname
0x6af85c gethostbyname
0x6af860 WSAStartup
0x6af864 WSACleanup
0x6af868 send
0x6af86c closesocket
0x6af870 WSAAsyncSelect
0x6af874 htons
0x6af878 ind
0x6af87c htonl
0x6af880 socket
0x6af884 setsockopt
0x6af888 sendto
0x6af88c recvfrom
0x6af890 ioctlsocket
0x6af894 connect
0x6af898 recv
0x6af89c listen
0x6af8a0 getpeername
0x6af8a4 accept
0x6af8a8 __WSAFDIsSet
0x6af8ac ntohs
0x6af8b0 getsockname
0x6af8b4 WSAGetLastError
0x6af8b8 ntohl
0x6af8bc select
MSVFW32.dll
0x6af4b4 DrawDibDraw
AVIFIL32.dll
0x6af028 AVIStreamInfoA
0x6af02c AVIStreamGetFrame
RASAPI32.dll
0x6af510 RasGetConnectStatusA
0x6af514 RasHangUpA
KERNEL32.dll
0x6af1f4 GetSystemDirectoryA
0x6af1f8 SetLastError
0x6af1fc QueryPerformanceFrequency
0x6af200 QueryPerformanceCounter
0x6af204 GetTimeZoneInformation
0x6af208 GetLocaleInfoA
0x6af20c GetVersion
0x6af210 TerminateThread
0x6af214 IsDBCSLeadByte
0x6af218 lstrcmpA
0x6af21c lstrcmpiA
0x6af220 lstrcpynA
0x6af224 FileTimeToSystemTime
0x6af228 FileTimeToDosDateTime
0x6af22c FileTimeToLocalFileTime
0x6af230 GetFileInformationByHandle
0x6af234 GetFileType
0x6af238 MapViewOfFile
0x6af23c CreateFileMappingA
0x6af240 DuplicateHandle
0x6af244 UnmapViewOfFile
0x6af248 SystemTimeToFileTime
0x6af24c GetLocalTime
0x6af250 DosDateTimeToFileTime
0x6af254 SetFileTime
0x6af258 LocalFree
0x6af25c FormatMessageA
0x6af260 CreateMutexA
0x6af264 ReleaseMutex
0x6af268 SuspendThread
0x6af26c InterlockedIncrement
0x6af270 InterlockedDecrement
0x6af274 FlushFileBuffers
0x6af278 LockFile
0x6af27c UnlockFile
0x6af280 SetEndOfFile
0x6af284 GlobalDeleteAtom
0x6af288 GlobalFindAtomA
0x6af28c GlobalAddAtomA
0x6af290 GlobalGetAtomNameA
0x6af294 LocalAlloc
0x6af298 TlsAlloc
0x6af29c GlobalHandle
0x6af2a0 TlsFree
0x6af2a4 TlsSetValue
0x6af2a8 LocalReAlloc
0x6af2ac TlsGetValue
0x6af2b0 GetFileTime
0x6af2b4 GetCurrentThread
0x6af2b8 GlobalFlags
0x6af2bc GetProfileIntA
0x6af2c0 SetErrorMode
0x6af2c4 GetProcessVersion
0x6af2c8 GetCPInfo
0x6af2cc GetOEMCP
0x6af2d0 GetStartupInfoA
0x6af2d4 RtlUnwind
0x6af2d8 GetSystemTime
0x6af2dc RaiseException
0x6af2e0 HeapSize
0x6af2e4 ExitThread
0x6af2e8 GetACP
0x6af2ec SetStdHandle
0x6af2f0 UnhandledExceptionFilter
0x6af2f4 FreeEnvironmentStringsA
0x6af2f8 FreeEnvironmentStringsW
0x6af2fc GetEnvironmentStrings
0x6af300 GetEnvironmentStringsW
0x6af304 SetHandleCount
0x6af308 GetStdHandle
0x6af30c GetEnvironmentVariableA
0x6af310 HeapDestroy
0x6af314 HeapCreate
0x6af318 VirtualFree
0x6af31c SetEnvironmentVariableW
0x6af320 SetEnvironmentVariableA
0x6af324 LCMapStringA
0x6af328 LCMapStringW
0x6af32c VirtualAlloc
0x6af330 IsBadWritePtr
0x6af334 SetUnhandledExceptionFilter
0x6af338 GetStringTypeA
0x6af33c GetStringTypeW
0x6af340 CompareStringA
0x6af344 CompareStringW
0x6af348 IsBadReadPtr
0x6af34c IsBadCodePtr
0x6af350 IsValidLocale
0x6af354 IsValidCodePage
0x6af358 EnumSystemLocalesA
0x6af35c GetLocaleInfoW
0x6af360 SetNamedPipeHandleState
0x6af364 WaitNamedPipeA
0x6af368 OpenFileMappingA
0x6af36c OpenEventA
0x6af370 GetWindowsDirectoryA
0x6af374 TerminateProcess
0x6af378 GetCurrentProcess
0x6af37c GetFileSize
0x6af380 SetFilePointer
0x6af384 CreateSemaphoreA
0x6af388 ResumeThread
0x6af38c ReleaseSemaphore
0x6af390 EnterCriticalSection
0x6af394 LeaveCriticalSection
0x6af398 GetProfileStringA
0x6af39c WriteFile
0x6af3a0 WaitForMultipleObjects
0x6af3a4 CreateFileA
0x6af3a8 DeviceIoControl
0x6af3ac SetEvent
0x6af3b0 FindResourceA
0x6af3b4 LoadResource
0x6af3b8 LockResource
0x6af3bc ReadFile
0x6af3c0 lstrlenW
0x6af3c4 RemoveDirectoryA
0x6af3c8 GetModuleFileNameA
0x6af3cc WideCharToMultiByte
0x6af3d0 MultiByteToWideChar
0x6af3d4 GetCurrentThreadId
0x6af3d8 ExitProcess
0x6af3dc GlobalSize
0x6af3e0 GlobalFree
0x6af3e4 DeleteCriticalSection
0x6af3e8 InitializeCriticalSection
0x6af3ec lstrcatA
0x6af3f0 lstrlenA
0x6af3f4 WinExec
0x6af3f8 lstrcpyA
0x6af3fc FindNextFileA
0x6af400 GetDriveTypeA
0x6af404 GlobalReAlloc
0x6af408 HeapFree
0x6af40c HeapReAlloc
0x6af410 GetProcessHeap
0x6af414 HeapAlloc
0x6af418 GetUserDefaultLCID
0x6af41c GetFullPathNameA
0x6af420 FreeLibrary
0x6af424 LoadLibraryA
0x6af428 GetLastError
0x6af42c GetVersionExA
0x6af430 WritePrivateProfileStringA
0x6af434 GetPrivateProfileStringA
0x6af438 CreateThread
0x6af43c CreateEventA
0x6af440 Sleep
0x6af444 GlobalAlloc
0x6af448 GlobalLock
0x6af44c GlobalUnlock
0x6af450 GetTempPathA
0x6af454 FindFirstFileA
0x6af458 FindClose
0x6af45c SetFileAttributesA
0x6af460 GetFileAttributesA
0x6af464 MoveFileA
0x6af468 DeleteFileA
0x6af46c CopyFileA
0x6af470 CreateDirectoryA
0x6af474 GetCurrentDirectoryA
0x6af478 SetCurrentDirectoryA
0x6af47c GetVolumeInformationA
0x6af480 GetModuleHandleA
0x6af484 GetProcAddress
0x6af488 MulDiv
0x6af48c GetCommandLineA
0x6af490 GetTickCount
0x6af494 CreateProcessA
0x6af498 WaitForSingleObject
0x6af49c CloseHandle
0x6af4a0 InterlockedExchange
0x6af4a4 MapViewOfFileEx
USER32.dll
0x6af52c SetMenuItemBitmaps
0x6af530 GetMenuCheckMarkDimensions
0x6af534 LoadStringA
0x6af538 GetSysColorBrush
0x6af53c LoadIconA
0x6af540 TranslateMessage
0x6af544 DrawFrameControl
0x6af548 DrawEdge
0x6af54c DrawFocusRect
0x6af550 WindowFromPoint
0x6af554 GetMessageA
0x6af558 DispatchMessageA
0x6af55c SetRectEmpty
0x6af560 RegisterClipboardFormatA
0x6af564 CreateIconFromResourceEx
0x6af568 CreateIconFromResource
0x6af56c DrawIconEx
0x6af570 CreatePopupMenu
0x6af574 AppendMenuA
0x6af578 ModifyMenuA
0x6af57c CreateMenu
0x6af580 CreateAcceleratorTableA
0x6af584 GetDlgCtrlID
0x6af588 GetSubMenu
0x6af58c EnableMenuItem
0x6af590 ClientToScreen
0x6af594 EnumDisplaySettingsA
0x6af598 LoadImageA
0x6af59c SystemParametersInfoA
0x6af5a0 ShowWindow
0x6af5a4 IsWindowEnabled
0x6af5a8 TranslateAcceleratorA
0x6af5ac GetKeyState
0x6af5b0 CopyAcceleratorTableA
0x6af5b4 PostQuitMessage
0x6af5b8 IsZoomed
0x6af5bc GetClassInfoA
0x6af5c0 DefWindowProcA
0x6af5c4 GetSystemMenu
0x6af5c8 DeleteMenu
0x6af5cc GetMenu
0x6af5d0 SetMenu
0x6af5d4 PeekMessageA
0x6af5d8 IsIconic
0x6af5dc SetFocus
0x6af5e0 GetActiveWindow
0x6af5e4 GetWindow
0x6af5e8 DestroyAcceleratorTable
0x6af5ec SetWindowRgn
0x6af5f0 GetMessagePos
0x6af5f4 CheckMenuItem
0x6af5f8 ChildWindowFromPointEx
0x6af5fc CopyRect
0x6af600 LoadBitmapA
0x6af604 KillTimer
0x6af608 SetTimer
0x6af60c ReleaseCapture
0x6af610 GetCapture
0x6af614 SetCapture
0x6af618 GetScrollRange
0x6af61c SetScrollRange
0x6af620 SetScrollPos
0x6af624 SetRect
0x6af628 InflateRect
0x6af62c IntersectRect
0x6af630 DestroyIcon
0x6af634 PtInRect
0x6af638 OffsetRect
0x6af63c IsWindowVisible
0x6af640 EnableWindow
0x6af644 GetWindowLongA
0x6af648 SetWindowLongA
0x6af64c GetSysColor
0x6af650 SetActiveWindow
0x6af654 SetCursorPos
0x6af658 LoadCursorA
0x6af65c SetCursor
0x6af660 GetDC
0x6af664 FillRect
0x6af668 InvertRect
0x6af66c IsRectEmpty
0x6af670 ReleaseDC
0x6af674 IsChild
0x6af678 TrackPopupMenu
0x6af67c DestroyMenu
0x6af680 SetForegroundWindow
0x6af684 GetWindowRect
0x6af688 EqualRect
0x6af68c UpdateWindow
0x6af690 ValidateRect
0x6af694 InvalidateRect
0x6af698 GetClientRect
0x6af69c GetFocus
0x6af6a0 GetParent
0x6af6a4 GetTopWindow
0x6af6a8 PostMessageA
0x6af6ac IsWindow
0x6af6b0 SetParent
0x6af6b4 DestroyCursor
0x6af6b8 SendMessageA
0x6af6bc SetWindowPos
0x6af6c0 MessageBeep
0x6af6c4 MessageBoxA
0x6af6c8 GetCursorPos
0x6af6cc GetSystemMetrics
0x6af6d0 IsClipboardFormatAvailable
0x6af6d4 EmptyClipboard
0x6af6d8 SetClipboardData
0x6af6dc OpenClipboard
0x6af6e0 GetClipboardData
0x6af6e4 CloseClipboard
0x6af6e8 wsprintfA
0x6af6ec WaitForInputIdle
0x6af6f0 IsDialogMessageA
0x6af6f4 ScrollWindowEx
0x6af6f8 SendDlgItemMessageA
0x6af6fc MapWindowPoints
0x6af700 AdjustWindowRectEx
0x6af704 ScrollWindow
0x6af708 GetScrollInfo
0x6af70c SetScrollInfo
0x6af710 ShowScrollBar
0x6af714 GetScrollPos
0x6af718 RegisterClassA
0x6af71c CreateWindowExA
0x6af720 GetClassLongA
0x6af724 RemovePropA
0x6af728 GetMessageTime
0x6af72c GetLastActivePopup
0x6af730 RegisterWindowMessageA
0x6af734 GetWindowPlacement
0x6af738 EndDialog
0x6af73c CreateDialogIndirectParamA
0x6af740 DestroyWindow
0x6af744 EndPaint
0x6af748 BeginPaint
0x6af74c GetWindowTextLengthA
0x6af750 wvsprintfA
0x6af754 GetForegroundWindow
0x6af758 GetNextDlgTabItem
0x6af75c CharUpperA
0x6af760 GetDoubleClickTime
0x6af764 ClipCursor
0x6af768 SetWindowTextA
0x6af76c GetMenuItemCount
0x6af770 GetMenuItemID
0x6af774 GetMenuStringA
0x6af778 GetMenuState
0x6af77c GetTabbedTextExtentA
0x6af780 DrawStateA
0x6af784 GrayStringA
0x6af788 TabbedTextOutA
0x6af78c WindowFromDC
0x6af790 EnumChildWindows
0x6af794 GetWindowDC
0x6af798 UnhookWindowsHookEx
0x6af79c CallNextHookEx
0x6af7a0 SetWindowsHookExA
0x6af7a4 FrameRect
0x6af7a8 GetPropA
0x6af7ac MoveWindow
0x6af7b0 CallWindowProcA
0x6af7b4 SetPropA
0x6af7b8 DrawTextA
0x6af7bc UnregisterClassA
0x6af7c0 GetWindowTextA
0x6af7c4 FindWindowExA
0x6af7c8 GetDlgItem
0x6af7cc GetClassNameA
0x6af7d0 ScreenToClient
0x6af7d4 GetDesktopWindow
0x6af7d8 WinHelpA
0x6af7dc RedrawWindow
0x6af7e0 GetCursor
GDI32.dll
0x6af074 GetViewportExtEx
0x6af078 ExtSelectClipRgn
0x6af07c CopyMetaFileA
0x6af080 GetCurrentObject
0x6af084 RoundRect
0x6af088 GetTextExtentPoint32A
0x6af08c DPtoLP
0x6af090 LPtoDP
0x6af094 Rectangle
0x6af098 Ellipse
0x6af09c SetPixelV
0x6af0a0 CreateCompatibleDC
0x6af0a4 GetPixel
0x6af0a8 BitBlt
0x6af0ac StartPage
0x6af0b0 StartDocA
0x6af0b4 DeleteDC
0x6af0b8 EndDoc
0x6af0bc EndPage
0x6af0c0 GetObjectA
0x6af0c4 GetStockObject
0x6af0c8 CreateFontIndirectA
0x6af0cc CreateSolidBrush
0x6af0d0 FillRgn
0x6af0d4 CreateRectRgn
0x6af0d8 CombineRgn
0x6af0dc PatBlt
0x6af0e0 CreatePen
0x6af0e4 SelectObject
0x6af0e8 CreatePatternBrush
0x6af0ec CreateBitmap
0x6af0f0 CreateBrushIndirect
0x6af0f4 CreateDCA
0x6af0f8 CreateCompatibleBitmap
0x6af0fc GetPolyFillMode
0x6af100 GetStretchBltMode
0x6af104 GetROP2
0x6af108 GetBkColor
0x6af10c GetBkMode
0x6af110 GetTextColor
0x6af114 CreateRoundRectRgn
0x6af118 CreateEllipticRgn
0x6af11c PathToRegion
0x6af120 EndPath
0x6af124 BeginPath
0x6af128 GetWindowOrgEx
0x6af12c GetViewportOrgEx
0x6af130 GetWindowExtEx
0x6af134 GetDIBits
0x6af138 RealizePalette
0x6af13c SelectPalette
0x6af140 StretchBlt
0x6af144 CreatePalette
0x6af148 GetSystemPaletteEntries
0x6af14c CreateDIBitmap
0x6af150 DeleteObject
0x6af154 SelectClipRgn
0x6af158 CreatePolygonRgn
0x6af15c GetClipRgn
0x6af160 SetStretchBltMode
0x6af164 SetPixel
0x6af168 CreateDIBSection
0x6af16c CreateRectRgnIndirect
0x6af170 SetBkColor
0x6af174 SetBkMode
0x6af178 SetTextColor
0x6af17c SetWindowOrgEx
0x6af180 SaveDC
0x6af184 RestoreDC
0x6af188 CreatePenIndirect
0x6af18c PtVisible
0x6af190 RectVisible
0x6af194 TextOutA
0x6af198 ExtTextOutA
0x6af19c Escape
0x6af1a0 GetTextMetricsA
0x6af1a4 AbortDoc
0x6af1a8 CreateFontA
0x6af1ac SetBrushOrgEx
0x6af1b0 SetDIBitsToDevice
0x6af1b4 SetPolyFillMode
0x6af1b8 SetROP2
0x6af1bc SetMapMode
0x6af1c0 SetViewportOrgEx
0x6af1c4 OffsetViewportOrgEx
0x6af1c8 SetViewportExtEx
0x6af1cc ScaleViewportExtEx
0x6af1d0 OffsetWindowOrgEx
0x6af1d4 SetWindowExtEx
0x6af1d8 ScaleWindowExtEx
0x6af1dc GetClipBox
0x6af1e0 ExcludeClipRect
0x6af1e4 MoveToEx
0x6af1e8 LineTo
0x6af1ec GetDeviceCaps
MSIMG32.dll
0x6af4ac GradientFill
WINSPOOL.DRV
0x6af840 ClosePrinter
0x6af844 DocumentPropertiesA
0x6af848 OpenPrinterA
comdlg32.dll
0x6af8d0 GetFileTitleA
0x6af8d4 PrintDlgA
0x6af8d8 GetOpenFileNameA
0x6af8dc ChooseFontA
0x6af8e0 ChooseColorA
0x6af8e4 GetSaveFileNameA
ADVAPI32.dll
0x6af000 RegCreateKeyExA
0x6af004 RegQueryValueA
0x6af008 RegDeleteKeyA
0x6af00c RegDeleteValueA
0x6af010 RegSetValueExA
0x6af014 RegOpenKeyExA
0x6af018 RegQueryValueExA
0x6af01c RegCloseKey
0x6af020 RegEnumValueA
SHELL32.dll
0x6af51c SHGetSpecialFolderPathA
0x6af520 Shell_NotifyIconA
0x6af524 ShellExecuteA
ole32.dll
0x6af8f4 CoTaskMemAlloc
0x6af8f8 OleDuplicateData
0x6af8fc RevokeDragDrop
0x6af900 CoLockObjectExternal
0x6af904 OleGetClipboard
0x6af908 OleIsCurrentClipboard
0x6af90c OleFlushClipboard
0x6af910 OleSetClipboard
0x6af914 CoTaskMemFree
0x6af918 ReleaseStgMedium
0x6af91c CLSIDFromProgID
0x6af920 OleInitialize
0x6af924 OleUninitialize
0x6af928 CLSIDFromString
0x6af92c CreateStreamOnHGlobal
0x6af930 CoCreateInstance
0x6af934 OleRun
0x6af938 DoDragDrop
OLEAUT32.dll
0x6af4bc VarDateFromStr
0x6af4c0 RegisterTypeLib
0x6af4c4 SafeArrayPutElement
0x6af4c8 LHashValOfNameSys
0x6af4cc LoadTypeLib
0x6af4d0 SafeArrayUnaccessData
0x6af4d4 SafeArrayAccessData
0x6af4d8 SafeArrayGetElement
0x6af4dc VariantCopyInd
0x6af4e0 VariantInit
0x6af4e4 SysAllocString
0x6af4e8 SafeArrayDestroy
0x6af4ec SafeArrayCreate
0x6af4f0 VariantCopy
0x6af4f4 VariantClear
0x6af4f8 VariantChangeType
0x6af4fc SafeArrayGetUBound
0x6af500 SafeArrayGetLBound
0x6af504 SafeArrayGetDim
0x6af508 UnRegisterTypeLib
COMCTL32.dll
0x6af034 ImageList_Duplicate
0x6af038 ImageList_DrawIndirect
0x6af03c ImageList_Draw
0x6af040 ImageList_Read
0x6af044 ImageList_LoadImageA
0x6af048 ImageList_Create
0x6af04c ImageList_Destroy
0x6af050 None
0x6af054 ImageList_AddMasked
0x6af058 _TrackMouseEvent
0x6af05c ImageList_ReplaceIcon
0x6af060 ImageList_GetIcon
0x6af064 ImageList_GetImageInfo
0x6af068 ImageList_GetImageCount
0x6af06c ImageList_SetBkColor
WSOCK32.dll
0x6af8c4 shutdown
0x6af8c8 getservbyname
WININET.dll
0x6af7e8 InternetCloseHandle
EAT(Export Address Table) is none