ScreenShot
| Created | 2023.03.09 17:34 | Machine | s1_win7_x6403 |
| Filename | bcd4b93a1a85c5ba45a4f7e5980db1a4.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 42 detected (Emotet, Zusy, Manuscrypt, Vmcm, malicious, confidence, 100%, Genus, ABRisk, DXNG, Attribute, HighConfidence, high confidence, score, Adhl, Artemis, Redcap, othxq, Mikey, Detected, ai score=84, PasswordStealer, R002H07C623, 6w8qynRqnMQ, PossibleThreat, Chgt) | ||
| md5 | bf48a5cd9169a5826521a8a33b21adee | ||
| sha256 | 32e60467041b40146d87fc1c8c734f60f7e3763820e0c2a852a801c8afd1c7ab | ||
| ssdeep | 6144:bOsY+HgEiTA14Xn0Ti8v1bbFgXIQdjrfzNt1KEP3:i814Xn0Ti8tbJyIQdjrfzQEP3 | ||
| imphash | 30536483726143b4d0afeee8884fc70b | ||
| impfuzzy | 192:NQYi/EUAXKgs6DGz9ZTBVkcBcWcJveP/NOxxP:NJOQXOBqaxv/NOxxP | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 42 AntiVirus engines on VirusTotal as malicious |
| warning | Uses WMI to create a new process |
| watch | Attempts to create or modify system certificates |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | Queries for the computername |
Rules (12cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (download) |
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x4330b4 GetProcessHeap
0x4330b8 GetStartupInfoW
0x4330bc ExitProcess
0x4330c0 RtlUnwind
0x4330c4 HeapReAlloc
0x4330c8 HeapSize
0x4330cc VirtualProtect
0x4330d0 VirtualAlloc
0x4330d4 GetSystemInfo
0x4330d8 VirtualQuery
0x4330dc GetStdHandle
0x4330e0 GetModuleFileNameA
0x4330e4 UnhandledExceptionFilter
0x4330e8 FreeEnvironmentStringsA
0x4330ec GetEnvironmentStrings
0x4330f0 FreeEnvironmentStringsW
0x4330f4 GetEnvironmentStringsW
0x4330f8 GetCommandLineA
0x4330fc GetCommandLineW
0x433100 SetHandleCount
0x433104 GetFileType
0x433108 GetStartupInfoA
0x43310c HeapDestroy
0x433110 HeapCreate
0x433114 VirtualFree
0x433118 QueryPerformanceCounter
0x43311c GetSystemTimeAsFileTime
0x433120 HeapAlloc
0x433124 SetUnhandledExceptionFilter
0x433128 IsDebuggerPresent
0x43312c Sleep
0x433130 GetCPInfo
0x433134 GetACP
0x433138 GetOEMCP
0x43313c GetTimeZoneInformation
0x433140 GetLocaleInfoA
0x433144 GetConsoleCP
0x433148 GetConsoleMode
0x43314c LCMapStringA
0x433150 LCMapStringW
0x433154 GetStringTypeA
0x433158 GetStringTypeW
0x43315c SetStdHandle
0x433160 WriteConsoleA
0x433164 GetConsoleOutputCP
0x433168 WriteConsoleW
0x43316c CreateFileA
0x433170 SetEnvironmentVariableA
0x433174 HeapFree
0x433178 GetFileTime
0x43317c GetFileAttributesW
0x433180 FileTimeToLocalFileTime
0x433184 GetTickCount
0x433188 FileTimeToSystemTime
0x43318c SetErrorMode
0x433190 CreateFileW
0x433194 GetFullPathNameW
0x433198 GetVolumeInformationW
0x43319c FindFirstFileW
0x4331a0 FindClose
0x4331a4 GetCurrentProcess
0x4331a8 DuplicateHandle
0x4331ac GetFileSize
0x4331b0 SetEndOfFile
0x4331b4 UnlockFile
0x4331b8 LockFile
0x4331bc FlushFileBuffers
0x4331c0 SetFilePointer
0x4331c4 WriteFile
0x4331c8 ReadFile
0x4331cc GetThreadLocale
0x4331d0 lstrlenA
0x4331d4 InterlockedIncrement
0x4331d8 FormatMessageW
0x4331dc TlsFree
0x4331e0 DeleteCriticalSection
0x4331e4 LocalReAlloc
0x4331e8 TlsSetValue
0x4331ec TlsAlloc
0x4331f0 InitializeCriticalSection
0x4331f4 GlobalHandle
0x4331f8 GlobalReAlloc
0x4331fc EnterCriticalSection
0x433200 TlsGetValue
0x433204 LeaveCriticalSection
0x433208 LocalFree
0x43320c LocalAlloc
0x433210 GlobalFlags
0x433214 GlobalFindAtomW
0x433218 CompareStringW
0x43321c GetVersionExA
0x433220 MulDiv
0x433224 GetModuleHandleA
0x433228 GetCurrentProcessId
0x43322c GetLastError
0x433230 SetLastError
0x433234 GlobalAddAtomW
0x433238 CloseHandle
0x43323c GlobalUnlock
0x433240 lstrlenW
0x433244 WritePrivateProfileStringW
0x433248 FreeResource
0x43324c GlobalFree
0x433250 GetCurrentThread
0x433254 GetCurrentThreadId
0x433258 ConvertDefaultLocale
0x43325c GetVersion
0x433260 EnumResourceLanguagesW
0x433264 lstrcmpA
0x433268 GetLocaleInfoW
0x43326c LoadLibraryW
0x433270 WideCharToMultiByte
0x433274 CompareStringA
0x433278 MultiByteToWideChar
0x43327c FindResourceW
0x433280 LoadResource
0x433284 LockResource
0x433288 SizeofResource
0x43328c InterlockedExchange
0x433290 GlobalLock
0x433294 lstrcmpW
0x433298 GlobalAlloc
0x43329c FreeLibrary
0x4332a0 GlobalDeleteAtom
0x4332a4 GetModuleHandleW
0x4332a8 LoadLibraryA
0x4332ac RaiseException
0x4332b0 GetProcAddress
0x4332b4 GetModuleFileNameW
0x4332b8 TerminateProcess
0x4332bc InterlockedDecrement
USER32.dll
0x433310 RegisterClipboardFormatW
0x433314 PostThreadMessageW
0x433318 GetSysColorBrush
0x43331c MessageBeep
0x433320 GetNextDlgGroupItem
0x433324 InvalidateRgn
0x433328 InvalidateRect
0x43332c SetRect
0x433330 IsRectEmpty
0x433334 CopyAcceleratorTableW
0x433338 CharNextW
0x43333c ReleaseCapture
0x433340 LoadCursorW
0x433344 SetCapture
0x433348 ShowWindow
0x43334c MoveWindow
0x433350 SetWindowTextW
0x433354 IsDialogMessageW
0x433358 RegisterWindowMessageW
0x43335c SendDlgItemMessageW
0x433360 SendDlgItemMessageA
0x433364 WinHelpW
0x433368 IsChild
0x43336c GetCapture
0x433370 GetClassLongW
0x433374 GetClassNameW
0x433378 GetPropW
0x43337c RemovePropW
0x433380 SetFocus
0x433384 GetWindowTextW
0x433388 GetForegroundWindow
0x43338c GetTopWindow
0x433390 GetMessageTime
0x433394 GetMessagePos
0x433398 MapWindowPoints
0x43339c SetForegroundWindow
0x4333a0 UpdateWindow
0x4333a4 GetMenu
0x4333a8 GetSubMenu
0x4333ac GetMenuItemID
0x4333b0 GetMenuItemCount
0x4333b4 CreateWindowExW
0x4333b8 GetClassInfoExW
0x4333bc GetClassInfoW
0x4333c0 RegisterClassW
0x4333c4 AdjustWindowRectEx
0x4333c8 EqualRect
0x4333cc CopyRect
0x4333d0 PtInRect
0x4333d4 GetDlgCtrlID
0x4333d8 DefWindowProcW
0x4333dc CallWindowProcW
0x4333e0 SetWindowLongW
0x4333e4 OffsetRect
0x4333e8 IntersectRect
0x4333ec SystemParametersInfoA
0x4333f0 GetWindowPlacement
0x4333f4 GetWindowRect
0x4333f8 GetSysColor
0x4333fc EndPaint
0x433400 BeginPaint
0x433404 GetWindowDC
0x433408 LoadIconW
0x43340c IsIconic
0x433410 UnregisterClassA
0x433414 SendMessageW
0x433418 GetSystemMetrics
0x43341c GetClientRect
0x433420 ReleaseDC
0x433424 GetDC
0x433428 ClientToScreen
0x43342c GrayStringW
0x433430 DrawTextExW
0x433434 DrawTextW
0x433438 TabbedTextOutW
0x43343c UnhookWindowsHookEx
0x433440 GetWindowThreadProcessId
0x433444 GetLastActivePopup
0x433448 MessageBoxW
0x43344c DestroyMenu
0x433450 SetCursor
0x433454 UnregisterClassW
0x433458 CharUpperW
0x43345c DrawIcon
0x433460 EnableWindow
0x433464 PostMessageW
0x433468 PostQuitMessage
0x43346c SetWindowPos
0x433470 MapDialogRect
0x433474 GetParent
0x433478 SetWindowContextHelpId
0x43347c GetWindow
0x433480 EndDialog
0x433484 GetNextDlgTabItem
0x433488 IsWindowEnabled
0x43348c GetDlgItem
0x433490 GetWindowLongW
0x433494 IsWindow
0x433498 DestroyWindow
0x43349c CreateDialogIndirectParamW
0x4334a0 SetActiveWindow
0x4334a4 GetActiveWindow
0x4334a8 GetDesktopWindow
0x4334ac CheckMenuItem
0x4334b0 EnableMenuItem
0x4334b4 GetMenuState
0x4334b8 ModifyMenuW
0x4334bc GetFocus
0x4334c0 LoadBitmapW
0x4334c4 GetMenuCheckMarkDimensions
0x4334c8 SetMenuItemBitmaps
0x4334cc ValidateRect
0x4334d0 GetCursorPos
0x4334d4 PeekMessageW
0x4334d8 GetKeyState
0x4334dc IsWindowVisible
0x4334e0 DispatchMessageW
0x4334e4 TranslateMessage
0x4334e8 GetMessageW
0x4334ec SetWindowsHookExW
0x4334f0 CallNextHookEx
0x4334f4 SetPropW
GDI32.dll
0x433030 GetStockObject
0x433034 GetDeviceCaps
0x433038 GetTextColor
0x43303c CreateRectRgnIndirect
0x433040 GetRgnBox
0x433044 GetMapMode
0x433048 DeleteDC
0x43304c ExtSelectClipRgn
0x433050 ScaleWindowExtEx
0x433054 SetWindowExtEx
0x433058 ScaleViewportExtEx
0x43305c GetBkColor
0x433060 CreateBitmap
0x433064 OffsetViewportOrgEx
0x433068 SetViewportOrgEx
0x43306c SelectObject
0x433070 Escape
0x433074 ExtTextOutW
0x433078 TextOutW
0x43307c RectVisible
0x433080 PtVisible
0x433084 GetWindowExtEx
0x433088 GetViewportExtEx
0x43308c GetObjectW
0x433090 DeleteObject
0x433094 GetClipBox
0x433098 SetMapMode
0x43309c SetTextColor
0x4330a0 SetBkColor
0x4330a4 RestoreDC
0x4330a8 SaveDC
0x4330ac SetViewportExtEx
comdlg32.dll
0x43350c GetFileTitleW
WINSPOOL.DRV
0x4334fc DocumentPropertiesW
0x433500 OpenPrinterW
0x433504 ClosePrinter
ADVAPI32.dll
0x433000 RegDeleteKeyW
0x433004 RegQueryValueW
0x433008 RegOpenKeyW
0x43300c RegEnumKeyW
0x433010 RegCloseKey
0x433014 RegSetValueExW
0x433018 RegCreateKeyExW
0x43301c RegOpenKeyExW
0x433020 RegQueryValueExW
COMCTL32.dll
0x433028 InitCommonControlsEx
SHLWAPI.dll
0x4332fc PathFindFileNameW
0x433300 PathStripToRootW
0x433304 PathFindExtensionW
0x433308 PathIsUNCW
oledlg.dll
0x433554 OleUIBusyW
ole32.dll
0x433514 OleInitialize
0x433518 CoFreeUnusedLibraries
0x43351c OleUninitialize
0x433520 CreateILockBytesOnHGlobal
0x433524 StgCreateDocfileOnILockBytes
0x433528 StgOpenStorageOnILockBytes
0x43352c CoGetClassObject
0x433530 CoRevokeClassObject
0x433534 CoTaskMemAlloc
0x433538 CoTaskMemFree
0x43353c CLSIDFromString
0x433540 CLSIDFromProgID
0x433544 OleIsCurrentClipboard
0x433548 OleFlushClipboard
0x43354c CoRegisterMessageFilter
OLEAUT32.dll
0x4332c4 SysFreeString
0x4332c8 VariantInit
0x4332cc VariantCopy
0x4332d0 VariantClear
0x4332d4 SysAllocStringLen
0x4332d8 VariantChangeType
0x4332dc SysStringLen
0x4332e0 OleCreateFontIndirect
0x4332e4 VariantTimeToSystemTime
0x4332e8 SystemTimeToVariantTime
0x4332ec SafeArrayDestroy
0x4332f0 GetErrorInfo
0x4332f4 SysAllocString
EAT(Export Address Table) is none
KERNEL32.dll
0x4330b4 GetProcessHeap
0x4330b8 GetStartupInfoW
0x4330bc ExitProcess
0x4330c0 RtlUnwind
0x4330c4 HeapReAlloc
0x4330c8 HeapSize
0x4330cc VirtualProtect
0x4330d0 VirtualAlloc
0x4330d4 GetSystemInfo
0x4330d8 VirtualQuery
0x4330dc GetStdHandle
0x4330e0 GetModuleFileNameA
0x4330e4 UnhandledExceptionFilter
0x4330e8 FreeEnvironmentStringsA
0x4330ec GetEnvironmentStrings
0x4330f0 FreeEnvironmentStringsW
0x4330f4 GetEnvironmentStringsW
0x4330f8 GetCommandLineA
0x4330fc GetCommandLineW
0x433100 SetHandleCount
0x433104 GetFileType
0x433108 GetStartupInfoA
0x43310c HeapDestroy
0x433110 HeapCreate
0x433114 VirtualFree
0x433118 QueryPerformanceCounter
0x43311c GetSystemTimeAsFileTime
0x433120 HeapAlloc
0x433124 SetUnhandledExceptionFilter
0x433128 IsDebuggerPresent
0x43312c Sleep
0x433130 GetCPInfo
0x433134 GetACP
0x433138 GetOEMCP
0x43313c GetTimeZoneInformation
0x433140 GetLocaleInfoA
0x433144 GetConsoleCP
0x433148 GetConsoleMode
0x43314c LCMapStringA
0x433150 LCMapStringW
0x433154 GetStringTypeA
0x433158 GetStringTypeW
0x43315c SetStdHandle
0x433160 WriteConsoleA
0x433164 GetConsoleOutputCP
0x433168 WriteConsoleW
0x43316c CreateFileA
0x433170 SetEnvironmentVariableA
0x433174 HeapFree
0x433178 GetFileTime
0x43317c GetFileAttributesW
0x433180 FileTimeToLocalFileTime
0x433184 GetTickCount
0x433188 FileTimeToSystemTime
0x43318c SetErrorMode
0x433190 CreateFileW
0x433194 GetFullPathNameW
0x433198 GetVolumeInformationW
0x43319c FindFirstFileW
0x4331a0 FindClose
0x4331a4 GetCurrentProcess
0x4331a8 DuplicateHandle
0x4331ac GetFileSize
0x4331b0 SetEndOfFile
0x4331b4 UnlockFile
0x4331b8 LockFile
0x4331bc FlushFileBuffers
0x4331c0 SetFilePointer
0x4331c4 WriteFile
0x4331c8 ReadFile
0x4331cc GetThreadLocale
0x4331d0 lstrlenA
0x4331d4 InterlockedIncrement
0x4331d8 FormatMessageW
0x4331dc TlsFree
0x4331e0 DeleteCriticalSection
0x4331e4 LocalReAlloc
0x4331e8 TlsSetValue
0x4331ec TlsAlloc
0x4331f0 InitializeCriticalSection
0x4331f4 GlobalHandle
0x4331f8 GlobalReAlloc
0x4331fc EnterCriticalSection
0x433200 TlsGetValue
0x433204 LeaveCriticalSection
0x433208 LocalFree
0x43320c LocalAlloc
0x433210 GlobalFlags
0x433214 GlobalFindAtomW
0x433218 CompareStringW
0x43321c GetVersionExA
0x433220 MulDiv
0x433224 GetModuleHandleA
0x433228 GetCurrentProcessId
0x43322c GetLastError
0x433230 SetLastError
0x433234 GlobalAddAtomW
0x433238 CloseHandle
0x43323c GlobalUnlock
0x433240 lstrlenW
0x433244 WritePrivateProfileStringW
0x433248 FreeResource
0x43324c GlobalFree
0x433250 GetCurrentThread
0x433254 GetCurrentThreadId
0x433258 ConvertDefaultLocale
0x43325c GetVersion
0x433260 EnumResourceLanguagesW
0x433264 lstrcmpA
0x433268 GetLocaleInfoW
0x43326c LoadLibraryW
0x433270 WideCharToMultiByte
0x433274 CompareStringA
0x433278 MultiByteToWideChar
0x43327c FindResourceW
0x433280 LoadResource
0x433284 LockResource
0x433288 SizeofResource
0x43328c InterlockedExchange
0x433290 GlobalLock
0x433294 lstrcmpW
0x433298 GlobalAlloc
0x43329c FreeLibrary
0x4332a0 GlobalDeleteAtom
0x4332a4 GetModuleHandleW
0x4332a8 LoadLibraryA
0x4332ac RaiseException
0x4332b0 GetProcAddress
0x4332b4 GetModuleFileNameW
0x4332b8 TerminateProcess
0x4332bc InterlockedDecrement
USER32.dll
0x433310 RegisterClipboardFormatW
0x433314 PostThreadMessageW
0x433318 GetSysColorBrush
0x43331c MessageBeep
0x433320 GetNextDlgGroupItem
0x433324 InvalidateRgn
0x433328 InvalidateRect
0x43332c SetRect
0x433330 IsRectEmpty
0x433334 CopyAcceleratorTableW
0x433338 CharNextW
0x43333c ReleaseCapture
0x433340 LoadCursorW
0x433344 SetCapture
0x433348 ShowWindow
0x43334c MoveWindow
0x433350 SetWindowTextW
0x433354 IsDialogMessageW
0x433358 RegisterWindowMessageW
0x43335c SendDlgItemMessageW
0x433360 SendDlgItemMessageA
0x433364 WinHelpW
0x433368 IsChild
0x43336c GetCapture
0x433370 GetClassLongW
0x433374 GetClassNameW
0x433378 GetPropW
0x43337c RemovePropW
0x433380 SetFocus
0x433384 GetWindowTextW
0x433388 GetForegroundWindow
0x43338c GetTopWindow
0x433390 GetMessageTime
0x433394 GetMessagePos
0x433398 MapWindowPoints
0x43339c SetForegroundWindow
0x4333a0 UpdateWindow
0x4333a4 GetMenu
0x4333a8 GetSubMenu
0x4333ac GetMenuItemID
0x4333b0 GetMenuItemCount
0x4333b4 CreateWindowExW
0x4333b8 GetClassInfoExW
0x4333bc GetClassInfoW
0x4333c0 RegisterClassW
0x4333c4 AdjustWindowRectEx
0x4333c8 EqualRect
0x4333cc CopyRect
0x4333d0 PtInRect
0x4333d4 GetDlgCtrlID
0x4333d8 DefWindowProcW
0x4333dc CallWindowProcW
0x4333e0 SetWindowLongW
0x4333e4 OffsetRect
0x4333e8 IntersectRect
0x4333ec SystemParametersInfoA
0x4333f0 GetWindowPlacement
0x4333f4 GetWindowRect
0x4333f8 GetSysColor
0x4333fc EndPaint
0x433400 BeginPaint
0x433404 GetWindowDC
0x433408 LoadIconW
0x43340c IsIconic
0x433410 UnregisterClassA
0x433414 SendMessageW
0x433418 GetSystemMetrics
0x43341c GetClientRect
0x433420 ReleaseDC
0x433424 GetDC
0x433428 ClientToScreen
0x43342c GrayStringW
0x433430 DrawTextExW
0x433434 DrawTextW
0x433438 TabbedTextOutW
0x43343c UnhookWindowsHookEx
0x433440 GetWindowThreadProcessId
0x433444 GetLastActivePopup
0x433448 MessageBoxW
0x43344c DestroyMenu
0x433450 SetCursor
0x433454 UnregisterClassW
0x433458 CharUpperW
0x43345c DrawIcon
0x433460 EnableWindow
0x433464 PostMessageW
0x433468 PostQuitMessage
0x43346c SetWindowPos
0x433470 MapDialogRect
0x433474 GetParent
0x433478 SetWindowContextHelpId
0x43347c GetWindow
0x433480 EndDialog
0x433484 GetNextDlgTabItem
0x433488 IsWindowEnabled
0x43348c GetDlgItem
0x433490 GetWindowLongW
0x433494 IsWindow
0x433498 DestroyWindow
0x43349c CreateDialogIndirectParamW
0x4334a0 SetActiveWindow
0x4334a4 GetActiveWindow
0x4334a8 GetDesktopWindow
0x4334ac CheckMenuItem
0x4334b0 EnableMenuItem
0x4334b4 GetMenuState
0x4334b8 ModifyMenuW
0x4334bc GetFocus
0x4334c0 LoadBitmapW
0x4334c4 GetMenuCheckMarkDimensions
0x4334c8 SetMenuItemBitmaps
0x4334cc ValidateRect
0x4334d0 GetCursorPos
0x4334d4 PeekMessageW
0x4334d8 GetKeyState
0x4334dc IsWindowVisible
0x4334e0 DispatchMessageW
0x4334e4 TranslateMessage
0x4334e8 GetMessageW
0x4334ec SetWindowsHookExW
0x4334f0 CallNextHookEx
0x4334f4 SetPropW
GDI32.dll
0x433030 GetStockObject
0x433034 GetDeviceCaps
0x433038 GetTextColor
0x43303c CreateRectRgnIndirect
0x433040 GetRgnBox
0x433044 GetMapMode
0x433048 DeleteDC
0x43304c ExtSelectClipRgn
0x433050 ScaleWindowExtEx
0x433054 SetWindowExtEx
0x433058 ScaleViewportExtEx
0x43305c GetBkColor
0x433060 CreateBitmap
0x433064 OffsetViewportOrgEx
0x433068 SetViewportOrgEx
0x43306c SelectObject
0x433070 Escape
0x433074 ExtTextOutW
0x433078 TextOutW
0x43307c RectVisible
0x433080 PtVisible
0x433084 GetWindowExtEx
0x433088 GetViewportExtEx
0x43308c GetObjectW
0x433090 DeleteObject
0x433094 GetClipBox
0x433098 SetMapMode
0x43309c SetTextColor
0x4330a0 SetBkColor
0x4330a4 RestoreDC
0x4330a8 SaveDC
0x4330ac SetViewportExtEx
comdlg32.dll
0x43350c GetFileTitleW
WINSPOOL.DRV
0x4334fc DocumentPropertiesW
0x433500 OpenPrinterW
0x433504 ClosePrinter
ADVAPI32.dll
0x433000 RegDeleteKeyW
0x433004 RegQueryValueW
0x433008 RegOpenKeyW
0x43300c RegEnumKeyW
0x433010 RegCloseKey
0x433014 RegSetValueExW
0x433018 RegCreateKeyExW
0x43301c RegOpenKeyExW
0x433020 RegQueryValueExW
COMCTL32.dll
0x433028 InitCommonControlsEx
SHLWAPI.dll
0x4332fc PathFindFileNameW
0x433300 PathStripToRootW
0x433304 PathFindExtensionW
0x433308 PathIsUNCW
oledlg.dll
0x433554 OleUIBusyW
ole32.dll
0x433514 OleInitialize
0x433518 CoFreeUnusedLibraries
0x43351c OleUninitialize
0x433520 CreateILockBytesOnHGlobal
0x433524 StgCreateDocfileOnILockBytes
0x433528 StgOpenStorageOnILockBytes
0x43352c CoGetClassObject
0x433530 CoRevokeClassObject
0x433534 CoTaskMemAlloc
0x433538 CoTaskMemFree
0x43353c CLSIDFromString
0x433540 CLSIDFromProgID
0x433544 OleIsCurrentClipboard
0x433548 OleFlushClipboard
0x43354c CoRegisterMessageFilter
OLEAUT32.dll
0x4332c4 SysFreeString
0x4332c8 VariantInit
0x4332cc VariantCopy
0x4332d0 VariantClear
0x4332d4 SysAllocStringLen
0x4332d8 VariantChangeType
0x4332dc SysStringLen
0x4332e0 OleCreateFontIndirect
0x4332e4 VariantTimeToSystemTime
0x4332e8 SystemTimeToVariantTime
0x4332ec SafeArrayDestroy
0x4332f0 GetErrorInfo
0x4332f4 SysAllocString
EAT(Export Address Table) is none