ScreenShot
| Created | 2023.03.17 09:52 | Machine | s1_win7_x6401 |
| Filename | lish.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 46 detected (Manuscrypt, malicious, moderate confidence, GenericKD, Artemis, Vpxc, confidence, 100%, GenericFCA, Genus, ABRisk, RWQJ, score, jvefad, Gencirc, Packed2, R049C0PCG23, Redcap, utckv, ai score=86, OQUPP8, Detected, IwRj5swpWAI, Kryptik, ZexaF, uq0@aWhC4sfj, Chgt) | ||
| md5 | 0b39012e51e6d52ddc49dd9676ba9920 | ||
| sha256 | 6aea187ca91ea68222b4e650e2b4baa46ba11252f74763a2d2edec2924a98f10 | ||
| ssdeep | 6144:evSBanJK/5kPas8N0HEAAf1vbViarAWbd33uEPT:evjas8uHEAAtvBpkLEPT | ||
| imphash | 9ff7fcc346443f5b2bf72d44037f9a06 | ||
| impfuzzy | 192:mNVN0iFmis6KqsjBOU88Q7cncVcMePNjyNOlcPP:mTuiFYBIa0MkNOSPP | ||
Network IP location
Signature (12cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 46 AntiVirus engines on VirusTotal as malicious |
| warning | Uses WMI to create a new process |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (12cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (download) |
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x4370bc GetStartupInfoW
0x4370c0 ExitProcess
0x4370c4 RtlUnwind
0x4370c8 HeapReAlloc
0x4370cc RaiseException
0x4370d0 VirtualProtect
0x4370d4 VirtualAlloc
0x4370d8 GetSystemInfo
0x4370dc VirtualQuery
0x4370e0 HeapSize
0x4370e4 GetStdHandle
0x4370e8 GetModuleFileNameA
0x4370ec UnhandledExceptionFilter
0x4370f0 FreeEnvironmentStringsA
0x4370f4 GetEnvironmentStrings
0x4370f8 FreeEnvironmentStringsW
0x4370fc GetEnvironmentStringsW
0x437100 GetCommandLineA
0x437104 GetCommandLineW
0x437108 SetHandleCount
0x43710c GetFileType
0x437110 GetStartupInfoA
0x437114 HeapDestroy
0x437118 HeapCreate
0x43711c VirtualFree
0x437120 QueryPerformanceCounter
0x437124 GetSystemTimeAsFileTime
0x437128 GetProcessHeap
0x43712c SetUnhandledExceptionFilter
0x437130 IsDebuggerPresent
0x437134 Sleep
0x437138 GetCPInfo
0x43713c GetACP
0x437140 GetOEMCP
0x437144 GetTimeZoneInformation
0x437148 GetLocaleInfoA
0x43714c GetConsoleCP
0x437150 GetConsoleMode
0x437154 LCMapStringA
0x437158 LCMapStringW
0x43715c GetStringTypeA
0x437160 GetStringTypeW
0x437164 SetStdHandle
0x437168 WriteConsoleA
0x43716c GetConsoleOutputCP
0x437170 WriteConsoleW
0x437174 CreateFileA
0x437178 SetEnvironmentVariableA
0x43717c HeapAlloc
0x437180 HeapFree
0x437184 GetFileTime
0x437188 GetFileAttributesW
0x43718c FileTimeToLocalFileTime
0x437190 SetErrorMode
0x437194 FileTimeToSystemTime
0x437198 CreateFileW
0x43719c GetShortPathNameW
0x4371a0 GetFullPathNameW
0x4371a4 GetVolumeInformationW
0x4371a8 FindFirstFileW
0x4371ac FindClose
0x4371b0 GetCurrentProcess
0x4371b4 DuplicateHandle
0x4371b8 GetFileSize
0x4371bc SetEndOfFile
0x4371c0 UnlockFile
0x4371c4 LockFile
0x4371c8 FlushFileBuffers
0x4371cc SetFilePointer
0x4371d0 WriteFile
0x4371d4 ReadFile
0x4371d8 GetThreadLocale
0x4371dc TlsFree
0x4371e0 DeleteCriticalSection
0x4371e4 LocalReAlloc
0x4371e8 TlsSetValue
0x4371ec TlsAlloc
0x4371f0 InitializeCriticalSection
0x4371f4 GlobalHandle
0x4371f8 GlobalReAlloc
0x4371fc EnterCriticalSection
0x437200 TlsGetValue
0x437204 LeaveCriticalSection
0x437208 LocalAlloc
0x43720c GlobalFlags
0x437210 lstrlenA
0x437214 FormatMessageW
0x437218 LocalFree
0x43721c GlobalFindAtomW
0x437220 GetVersionExA
0x437224 MulDiv
0x437228 GetModuleHandleA
0x43722c GlobalAddAtomW
0x437230 CloseHandle
0x437234 GlobalUnlock
0x437238 CompareStringW
0x43723c InterlockedIncrement
0x437240 WritePrivateProfileStringW
0x437244 FreeResource
0x437248 GlobalFree
0x43724c GetCurrentProcessId
0x437250 GetLastError
0x437254 SetLastError
0x437258 lstrlenW
0x43725c GetTickCount
0x437260 GetCurrentThread
0x437264 GetCurrentThreadId
0x437268 ConvertDefaultLocale
0x43726c GetVersion
0x437270 EnumResourceLanguagesW
0x437274 lstrcmpA
0x437278 GetLocaleInfoW
0x43727c LoadLibraryW
0x437280 WideCharToMultiByte
0x437284 CompareStringA
0x437288 MultiByteToWideChar
0x43728c InterlockedExchange
0x437290 GlobalLock
0x437294 lstrcmpW
0x437298 GlobalAlloc
0x43729c FreeLibrary
0x4372a0 GlobalDeleteAtom
0x4372a4 GetModuleHandleW
0x4372a8 LoadLibraryA
0x4372ac GetProcAddress
0x4372b0 GetModuleFileNameW
0x4372b4 InterlockedDecrement
0x4372b8 FindResourceW
0x4372bc LoadResource
0x4372c0 LockResource
0x4372c4 TerminateProcess
0x4372c8 SizeofResource
USER32.dll
0x437334 InvalidateRect
0x437338 SetRect
0x43733c IsRectEmpty
0x437340 CopyAcceleratorTableW
0x437344 CharNextW
0x437348 PostThreadMessageW
0x43734c ReleaseCapture
0x437350 LoadCursorW
0x437354 SetCapture
0x437358 ShowWindow
0x43735c MoveWindow
0x437360 SetWindowTextW
0x437364 IsDialogMessageW
0x437368 RegisterWindowMessageW
0x43736c SendDlgItemMessageW
0x437370 SendDlgItemMessageA
0x437374 WinHelpW
0x437378 IsChild
0x43737c GetCapture
0x437380 GetClassLongW
0x437384 GetClassNameW
0x437388 SetPropW
0x43738c GetPropW
0x437390 RemovePropW
0x437394 SetFocus
0x437398 GetWindowTextW
0x43739c GetForegroundWindow
0x4373a0 GetTopWindow
0x4373a4 GetMessageTime
0x4373a8 GetMessagePos
0x4373ac MapWindowPoints
0x4373b0 SetForegroundWindow
0x4373b4 UpdateWindow
0x4373b8 GetMenu
0x4373bc GetSubMenu
0x4373c0 GetMenuItemID
0x4373c4 GetMenuItemCount
0x4373c8 CreateWindowExW
0x4373cc GetClassInfoExW
0x4373d0 GetClassInfoW
0x4373d4 RegisterClassW
0x4373d8 AdjustWindowRectEx
0x4373dc EqualRect
0x4373e0 PtInRect
0x4373e4 GetDlgCtrlID
0x4373e8 DefWindowProcW
0x4373ec CallWindowProcW
0x4373f0 SetWindowLongW
0x4373f4 OffsetRect
0x4373f8 IntersectRect
0x4373fc SystemParametersInfoA
0x437400 GetWindowPlacement
0x437404 GetWindowRect
0x437408 EndPaint
0x43740c BeginPaint
0x437410 GetWindowDC
0x437414 ReleaseDC
0x437418 GetDC
0x43741c ClientToScreen
0x437420 GrayStringW
0x437424 DrawTextExW
0x437428 DrawTextW
0x43742c TabbedTextOutW
0x437430 LoadIconW
0x437434 GetSystemMenu
0x437438 UnregisterClassA
0x43743c AppendMenuW
0x437440 IsIconic
0x437444 SendMessageW
0x437448 GetSysColor
0x43744c DestroyMenu
0x437450 CopyRect
0x437454 SetCursor
0x437458 SetWindowsHookExW
0x43745c CallNextHookEx
0x437460 GetMessageW
0x437464 GetSysColorBrush
0x437468 UnregisterClassW
0x43746c TranslateMessage
0x437470 DispatchMessageW
0x437474 CharUpperW
0x437478 DestroyIcon
0x43747c MessageBeep
0x437480 GetNextDlgGroupItem
0x437484 InvalidateRgn
0x437488 GetSystemMetrics
0x43748c GetClientRect
0x437490 DrawIcon
0x437494 EnableWindow
0x437498 PostMessageW
0x43749c PostQuitMessage
0x4374a0 RegisterClipboardFormatW
0x4374a4 MessageBoxW
0x4374a8 IsWindowEnabled
0x4374ac GetLastActivePopup
0x4374b0 GetWindowLongW
0x4374b4 GetParent
0x4374b8 GetWindowThreadProcessId
0x4374bc SetWindowPos
0x4374c0 MapDialogRect
0x4374c4 SetWindowContextHelpId
0x4374c8 GetWindow
0x4374cc UnhookWindowsHookEx
0x4374d0 EndDialog
0x4374d4 GetNextDlgTabItem
0x4374d8 GetDlgItem
0x4374dc IsWindow
0x4374e0 DestroyWindow
0x4374e4 CreateDialogIndirectParamW
0x4374e8 SetActiveWindow
0x4374ec GetActiveWindow
0x4374f0 GetDesktopWindow
0x4374f4 CheckMenuItem
0x4374f8 EnableMenuItem
0x4374fc GetMenuState
0x437500 ModifyMenuW
0x437504 GetFocus
0x437508 LoadBitmapW
0x43750c GetMenuCheckMarkDimensions
0x437510 SetMenuItemBitmaps
0x437514 ValidateRect
0x437518 IsWindowVisible
0x43751c GetKeyState
0x437520 PeekMessageW
0x437524 GetCursorPos
GDI32.dll
0x437038 GetStockObject
0x43703c GetDeviceCaps
0x437040 GetBkColor
0x437044 GetTextColor
0x437048 CreateRectRgnIndirect
0x43704c GetRgnBox
0x437050 GetMapMode
0x437054 DeleteDC
0x437058 ExtSelectClipRgn
0x43705c ScaleWindowExtEx
0x437060 SetWindowExtEx
0x437064 ScaleViewportExtEx
0x437068 SetViewportExtEx
0x43706c CreateBitmap
0x437070 SetViewportOrgEx
0x437074 SelectObject
0x437078 Escape
0x43707c TextOutW
0x437080 RectVisible
0x437084 PtVisible
0x437088 GetWindowExtEx
0x43708c GetViewportExtEx
0x437090 DeleteObject
0x437094 GetClipBox
0x437098 SetMapMode
0x43709c SetTextColor
0x4370a0 SetBkColor
0x4370a4 RestoreDC
0x4370a8 SaveDC
0x4370ac ExtTextOutW
0x4370b0 GetObjectW
0x4370b4 OffsetViewportOrgEx
comdlg32.dll
0x43753c GetFileTitleW
WINSPOOL.DRV
0x43752c DocumentPropertiesW
0x437530 OpenPrinterW
0x437534 ClosePrinter
ADVAPI32.dll
0x437000 RegDeleteKeyW
0x437004 RegSetValueW
0x437008 RegQueryValueW
0x43700c RegOpenKeyW
0x437010 RegEnumKeyW
0x437014 RegCloseKey
0x437018 RegDeleteValueW
0x43701c RegSetValueExW
0x437020 RegCreateKeyExW
0x437024 RegOpenKeyExW
0x437028 RegQueryValueExW
SHELL32.dll
0x437318 ExtractIconW
COMCTL32.dll
0x437030 InitCommonControlsEx
SHLWAPI.dll
0x437320 PathFindFileNameW
0x437324 PathStripToRootW
0x437328 PathFindExtensionW
0x43732c PathIsUNCW
oledlg.dll
0x437594 OleUIBusyW
ole32.dll
0x437544 StgOpenStorageOnILockBytes
0x437548 CoRegisterMessageFilter
0x43754c OleFlushClipboard
0x437550 OleIsCurrentClipboard
0x437554 CoGetClassObject
0x437558 CoTaskMemAlloc
0x43755c StgCreateDocfileOnILockBytes
0x437560 StringFromGUID2
0x437564 StringFromCLSID
0x437568 CoTaskMemFree
0x43756c CoRevokeClassObject
0x437570 CoRegisterClassObject
0x437574 CLSIDFromString
0x437578 CLSIDFromProgID
0x43757c OleInitialize
0x437580 CoFreeUnusedLibraries
0x437584 OleUninitialize
0x437588 CoDisconnectObject
0x43758c CreateILockBytesOnHGlobal
OLEAUT32.dll
0x4372d0 SysFreeString
0x4372d4 VariantInit
0x4372d8 VariantCopy
0x4372dc VariantClear
0x4372e0 SysAllocStringLen
0x4372e4 SysStringByteLen
0x4372e8 SysStringLen
0x4372ec RegisterTypeLib
0x4372f0 LoadTypeLib
0x4372f4 LoadRegTypeLib
0x4372f8 VariantChangeType
0x4372fc OleCreateFontIndirect
0x437300 VariantTimeToSystemTime
0x437304 SystemTimeToVariantTime
0x437308 SafeArrayDestroy
0x43730c GetErrorInfo
0x437310 SysAllocString
EAT(Export Address Table) is none
KERNEL32.dll
0x4370bc GetStartupInfoW
0x4370c0 ExitProcess
0x4370c4 RtlUnwind
0x4370c8 HeapReAlloc
0x4370cc RaiseException
0x4370d0 VirtualProtect
0x4370d4 VirtualAlloc
0x4370d8 GetSystemInfo
0x4370dc VirtualQuery
0x4370e0 HeapSize
0x4370e4 GetStdHandle
0x4370e8 GetModuleFileNameA
0x4370ec UnhandledExceptionFilter
0x4370f0 FreeEnvironmentStringsA
0x4370f4 GetEnvironmentStrings
0x4370f8 FreeEnvironmentStringsW
0x4370fc GetEnvironmentStringsW
0x437100 GetCommandLineA
0x437104 GetCommandLineW
0x437108 SetHandleCount
0x43710c GetFileType
0x437110 GetStartupInfoA
0x437114 HeapDestroy
0x437118 HeapCreate
0x43711c VirtualFree
0x437120 QueryPerformanceCounter
0x437124 GetSystemTimeAsFileTime
0x437128 GetProcessHeap
0x43712c SetUnhandledExceptionFilter
0x437130 IsDebuggerPresent
0x437134 Sleep
0x437138 GetCPInfo
0x43713c GetACP
0x437140 GetOEMCP
0x437144 GetTimeZoneInformation
0x437148 GetLocaleInfoA
0x43714c GetConsoleCP
0x437150 GetConsoleMode
0x437154 LCMapStringA
0x437158 LCMapStringW
0x43715c GetStringTypeA
0x437160 GetStringTypeW
0x437164 SetStdHandle
0x437168 WriteConsoleA
0x43716c GetConsoleOutputCP
0x437170 WriteConsoleW
0x437174 CreateFileA
0x437178 SetEnvironmentVariableA
0x43717c HeapAlloc
0x437180 HeapFree
0x437184 GetFileTime
0x437188 GetFileAttributesW
0x43718c FileTimeToLocalFileTime
0x437190 SetErrorMode
0x437194 FileTimeToSystemTime
0x437198 CreateFileW
0x43719c GetShortPathNameW
0x4371a0 GetFullPathNameW
0x4371a4 GetVolumeInformationW
0x4371a8 FindFirstFileW
0x4371ac FindClose
0x4371b0 GetCurrentProcess
0x4371b4 DuplicateHandle
0x4371b8 GetFileSize
0x4371bc SetEndOfFile
0x4371c0 UnlockFile
0x4371c4 LockFile
0x4371c8 FlushFileBuffers
0x4371cc SetFilePointer
0x4371d0 WriteFile
0x4371d4 ReadFile
0x4371d8 GetThreadLocale
0x4371dc TlsFree
0x4371e0 DeleteCriticalSection
0x4371e4 LocalReAlloc
0x4371e8 TlsSetValue
0x4371ec TlsAlloc
0x4371f0 InitializeCriticalSection
0x4371f4 GlobalHandle
0x4371f8 GlobalReAlloc
0x4371fc EnterCriticalSection
0x437200 TlsGetValue
0x437204 LeaveCriticalSection
0x437208 LocalAlloc
0x43720c GlobalFlags
0x437210 lstrlenA
0x437214 FormatMessageW
0x437218 LocalFree
0x43721c GlobalFindAtomW
0x437220 GetVersionExA
0x437224 MulDiv
0x437228 GetModuleHandleA
0x43722c GlobalAddAtomW
0x437230 CloseHandle
0x437234 GlobalUnlock
0x437238 CompareStringW
0x43723c InterlockedIncrement
0x437240 WritePrivateProfileStringW
0x437244 FreeResource
0x437248 GlobalFree
0x43724c GetCurrentProcessId
0x437250 GetLastError
0x437254 SetLastError
0x437258 lstrlenW
0x43725c GetTickCount
0x437260 GetCurrentThread
0x437264 GetCurrentThreadId
0x437268 ConvertDefaultLocale
0x43726c GetVersion
0x437270 EnumResourceLanguagesW
0x437274 lstrcmpA
0x437278 GetLocaleInfoW
0x43727c LoadLibraryW
0x437280 WideCharToMultiByte
0x437284 CompareStringA
0x437288 MultiByteToWideChar
0x43728c InterlockedExchange
0x437290 GlobalLock
0x437294 lstrcmpW
0x437298 GlobalAlloc
0x43729c FreeLibrary
0x4372a0 GlobalDeleteAtom
0x4372a4 GetModuleHandleW
0x4372a8 LoadLibraryA
0x4372ac GetProcAddress
0x4372b0 GetModuleFileNameW
0x4372b4 InterlockedDecrement
0x4372b8 FindResourceW
0x4372bc LoadResource
0x4372c0 LockResource
0x4372c4 TerminateProcess
0x4372c8 SizeofResource
USER32.dll
0x437334 InvalidateRect
0x437338 SetRect
0x43733c IsRectEmpty
0x437340 CopyAcceleratorTableW
0x437344 CharNextW
0x437348 PostThreadMessageW
0x43734c ReleaseCapture
0x437350 LoadCursorW
0x437354 SetCapture
0x437358 ShowWindow
0x43735c MoveWindow
0x437360 SetWindowTextW
0x437364 IsDialogMessageW
0x437368 RegisterWindowMessageW
0x43736c SendDlgItemMessageW
0x437370 SendDlgItemMessageA
0x437374 WinHelpW
0x437378 IsChild
0x43737c GetCapture
0x437380 GetClassLongW
0x437384 GetClassNameW
0x437388 SetPropW
0x43738c GetPropW
0x437390 RemovePropW
0x437394 SetFocus
0x437398 GetWindowTextW
0x43739c GetForegroundWindow
0x4373a0 GetTopWindow
0x4373a4 GetMessageTime
0x4373a8 GetMessagePos
0x4373ac MapWindowPoints
0x4373b0 SetForegroundWindow
0x4373b4 UpdateWindow
0x4373b8 GetMenu
0x4373bc GetSubMenu
0x4373c0 GetMenuItemID
0x4373c4 GetMenuItemCount
0x4373c8 CreateWindowExW
0x4373cc GetClassInfoExW
0x4373d0 GetClassInfoW
0x4373d4 RegisterClassW
0x4373d8 AdjustWindowRectEx
0x4373dc EqualRect
0x4373e0 PtInRect
0x4373e4 GetDlgCtrlID
0x4373e8 DefWindowProcW
0x4373ec CallWindowProcW
0x4373f0 SetWindowLongW
0x4373f4 OffsetRect
0x4373f8 IntersectRect
0x4373fc SystemParametersInfoA
0x437400 GetWindowPlacement
0x437404 GetWindowRect
0x437408 EndPaint
0x43740c BeginPaint
0x437410 GetWindowDC
0x437414 ReleaseDC
0x437418 GetDC
0x43741c ClientToScreen
0x437420 GrayStringW
0x437424 DrawTextExW
0x437428 DrawTextW
0x43742c TabbedTextOutW
0x437430 LoadIconW
0x437434 GetSystemMenu
0x437438 UnregisterClassA
0x43743c AppendMenuW
0x437440 IsIconic
0x437444 SendMessageW
0x437448 GetSysColor
0x43744c DestroyMenu
0x437450 CopyRect
0x437454 SetCursor
0x437458 SetWindowsHookExW
0x43745c CallNextHookEx
0x437460 GetMessageW
0x437464 GetSysColorBrush
0x437468 UnregisterClassW
0x43746c TranslateMessage
0x437470 DispatchMessageW
0x437474 CharUpperW
0x437478 DestroyIcon
0x43747c MessageBeep
0x437480 GetNextDlgGroupItem
0x437484 InvalidateRgn
0x437488 GetSystemMetrics
0x43748c GetClientRect
0x437490 DrawIcon
0x437494 EnableWindow
0x437498 PostMessageW
0x43749c PostQuitMessage
0x4374a0 RegisterClipboardFormatW
0x4374a4 MessageBoxW
0x4374a8 IsWindowEnabled
0x4374ac GetLastActivePopup
0x4374b0 GetWindowLongW
0x4374b4 GetParent
0x4374b8 GetWindowThreadProcessId
0x4374bc SetWindowPos
0x4374c0 MapDialogRect
0x4374c4 SetWindowContextHelpId
0x4374c8 GetWindow
0x4374cc UnhookWindowsHookEx
0x4374d0 EndDialog
0x4374d4 GetNextDlgTabItem
0x4374d8 GetDlgItem
0x4374dc IsWindow
0x4374e0 DestroyWindow
0x4374e4 CreateDialogIndirectParamW
0x4374e8 SetActiveWindow
0x4374ec GetActiveWindow
0x4374f0 GetDesktopWindow
0x4374f4 CheckMenuItem
0x4374f8 EnableMenuItem
0x4374fc GetMenuState
0x437500 ModifyMenuW
0x437504 GetFocus
0x437508 LoadBitmapW
0x43750c GetMenuCheckMarkDimensions
0x437510 SetMenuItemBitmaps
0x437514 ValidateRect
0x437518 IsWindowVisible
0x43751c GetKeyState
0x437520 PeekMessageW
0x437524 GetCursorPos
GDI32.dll
0x437038 GetStockObject
0x43703c GetDeviceCaps
0x437040 GetBkColor
0x437044 GetTextColor
0x437048 CreateRectRgnIndirect
0x43704c GetRgnBox
0x437050 GetMapMode
0x437054 DeleteDC
0x437058 ExtSelectClipRgn
0x43705c ScaleWindowExtEx
0x437060 SetWindowExtEx
0x437064 ScaleViewportExtEx
0x437068 SetViewportExtEx
0x43706c CreateBitmap
0x437070 SetViewportOrgEx
0x437074 SelectObject
0x437078 Escape
0x43707c TextOutW
0x437080 RectVisible
0x437084 PtVisible
0x437088 GetWindowExtEx
0x43708c GetViewportExtEx
0x437090 DeleteObject
0x437094 GetClipBox
0x437098 SetMapMode
0x43709c SetTextColor
0x4370a0 SetBkColor
0x4370a4 RestoreDC
0x4370a8 SaveDC
0x4370ac ExtTextOutW
0x4370b0 GetObjectW
0x4370b4 OffsetViewportOrgEx
comdlg32.dll
0x43753c GetFileTitleW
WINSPOOL.DRV
0x43752c DocumentPropertiesW
0x437530 OpenPrinterW
0x437534 ClosePrinter
ADVAPI32.dll
0x437000 RegDeleteKeyW
0x437004 RegSetValueW
0x437008 RegQueryValueW
0x43700c RegOpenKeyW
0x437010 RegEnumKeyW
0x437014 RegCloseKey
0x437018 RegDeleteValueW
0x43701c RegSetValueExW
0x437020 RegCreateKeyExW
0x437024 RegOpenKeyExW
0x437028 RegQueryValueExW
SHELL32.dll
0x437318 ExtractIconW
COMCTL32.dll
0x437030 InitCommonControlsEx
SHLWAPI.dll
0x437320 PathFindFileNameW
0x437324 PathStripToRootW
0x437328 PathFindExtensionW
0x43732c PathIsUNCW
oledlg.dll
0x437594 OleUIBusyW
ole32.dll
0x437544 StgOpenStorageOnILockBytes
0x437548 CoRegisterMessageFilter
0x43754c OleFlushClipboard
0x437550 OleIsCurrentClipboard
0x437554 CoGetClassObject
0x437558 CoTaskMemAlloc
0x43755c StgCreateDocfileOnILockBytes
0x437560 StringFromGUID2
0x437564 StringFromCLSID
0x437568 CoTaskMemFree
0x43756c CoRevokeClassObject
0x437570 CoRegisterClassObject
0x437574 CLSIDFromString
0x437578 CLSIDFromProgID
0x43757c OleInitialize
0x437580 CoFreeUnusedLibraries
0x437584 OleUninitialize
0x437588 CoDisconnectObject
0x43758c CreateILockBytesOnHGlobal
OLEAUT32.dll
0x4372d0 SysFreeString
0x4372d4 VariantInit
0x4372d8 VariantCopy
0x4372dc VariantClear
0x4372e0 SysAllocStringLen
0x4372e4 SysStringByteLen
0x4372e8 SysStringLen
0x4372ec RegisterTypeLib
0x4372f0 LoadTypeLib
0x4372f4 LoadRegTypeLib
0x4372f8 VariantChangeType
0x4372fc OleCreateFontIndirect
0x437300 VariantTimeToSystemTime
0x437304 SystemTimeToVariantTime
0x437308 SafeArrayDestroy
0x43730c GetErrorInfo
0x437310 SysAllocString
EAT(Export Address Table) is none