ScreenShot
| Created | 2023.05.22 16:17 | Machine | s1_win7_x6401 |
| Filename | xmrig32.exe | ||
| Type | PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 59 detected (AIDetectMalware, Convagent, malicious, high confidence, CoinMiner, GenericPMF, S19523731, Virut, FileInfector, Miner, Deepscan, Miners, ZexaF, 4N1@aWf8rqgi, CFJL, Attribute, HighConfidence, score, BtcMine, glouaq, Gencirc, AGEN, Tool, MALXMR, SMBM4, GenericRXIW, high, XMRig Miner, Static AI, Malicious PE, RiskTool, BitMiner, bznh, Bitcoinminer, Xmrig, Detected, R303119, ai score=100, BScope, unsafe, GdSda, HackTool, XMRMiner, CLASSIC, GenAsa, 13v6QG4UG2k, CryptoMiner, grayware, confidence, 100%) | ||
| md5 | cc20a54b21aac972382d5ad53f67e91b | ||
| sha256 | 223f3184613545c3afee56ade4e84e731b7cca237acfab14dbdd58cc8deb48f4 | ||
| ssdeep | 98304:2RF+GA7R+afsMveTDN6US+8B4JZZACYrsa:XGANzmTDN6UOBIZACYrs | ||
| imphash | 0dba8faa26a8f13535abbdedc90e7fa9 | ||
| impfuzzy | 96:qVQEe9H+lr0A+nm9idMs4Jxef023zXTXiX1P7jb4xDj4JGq2gov/80a+dilAidqO:fEStA9Lc0QjSFr4xDDKovkD6g0Ems | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 59 AntiVirus engines on VirusTotal as malicious |
| info | Command line console output was observed |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x864690 AdjustTokenPrivileges
0x864694 CryptAcquireContextA
0x864698 CryptGenRandom
0x86469c CryptReleaseContext
0x8646a0 GetTokenInformation
0x8646a4 GetUserNameW
0x8646a8 LookupPrivilegeValueW
0x8646ac LsaAddAccountRights
0x8646b0 LsaClose
0x8646b4 LsaOpenPolicy
0x8646b8 OpenProcessToken
0x8646bc RegCloseKey
0x8646c0 RegOpenKeyExW
0x8646c4 RegQueryValueExW
IPHLPAPI.DLL
0x8646cc GetAdaptersAddresses
KERNEL32.dll
0x8646d4 AddVectoredExceptionHandler
0x8646d8 AssignProcessToJobObject
0x8646dc CancelIo
0x8646e0 CloseHandle
0x8646e4 ConnectNamedPipe
0x8646e8 CopyFileW
0x8646ec CreateDirectoryW
0x8646f0 CreateEventA
0x8646f4 CreateFileA
0x8646f8 CreateFileW
0x8646fc CreateHardLinkW
0x864700 CreateIoCompletionPort
0x864704 CreateJobObjectW
0x864708 CreateNamedPipeA
0x86470c CreateNamedPipeW
0x864710 CreateProcessW
0x864714 CreateSemaphoreA
0x864718 CreateSemaphoreW
0x86471c CreateToolhelp32Snapshot
0x864720 DebugBreak
0x864724 DeleteCriticalSection
0x864728 DeviceIoControl
0x86472c DuplicateHandle
0x864730 EnterCriticalSection
0x864734 ExpandEnvironmentStringsA
0x864738 FileTimeToSystemTime
0x86473c FillConsoleOutputAttribute
0x864740 FillConsoleOutputCharacterW
0x864744 FindResourceW
0x864748 FlushFileBuffers
0x86474c FlushInstructionCache
0x864750 FormatMessageA
0x864754 FreeConsole
0x864758 FreeLibrary
0x86475c GetConsoleCursorInfo
0x864760 GetConsoleMode
0x864764 GetConsoleScreenBufferInfo
0x864768 GetConsoleTitleW
0x86476c GetConsoleWindow
0x864770 GetCurrentDirectoryW
0x864774 GetCurrentProcess
0x864778 GetCurrentProcessId
0x86477c GetCurrentThread
0x864780 GetCurrentThreadId
0x864784 GetEnvironmentVariableW
0x864788 GetExitCodeProcess
0x86478c GetFileAttributesA
0x864790 GetFileAttributesW
0x864794 GetFileInformationByHandle
0x864798 GetFileType
0x86479c GetHandleInformation
0x8647a0 GetLargePageMinimum
0x8647a4 GetLastError
0x8647a8 GetLongPathNameW
0x8647ac GetModuleFileNameA
0x8647b0 GetModuleFileNameW
0x8647b4 GetModuleHandleA
0x8647b8 GetModuleHandleW
0x8647bc GetNamedPipeHandleStateA
0x8647c0 GetNumberOfConsoleInputEvents
0x8647c4 GetProcAddress
0x8647c8 GetProcessAffinityMask
0x8647cc GetProcessIoCounters
0x8647d0 GetProcessTimes
0x8647d4 GetQueuedCompletionStatus
0x8647d8 GetShortPathNameW
0x8647dc GetStartupInfoA
0x8647e0 GetStartupInfoW
0x8647e4 GetStdHandle
0x8647e8 GetSystemInfo
0x8647ec GetSystemTimeAdjustment
0x8647f0 GetSystemTimeAsFileTime
0x8647f4 GetTempPathW
0x8647f8 GetThreadContext
0x8647fc GetThreadPriority
0x864800 GetThreadTimes
0x864804 GetTickCount
0x864808 GlobalMemoryStatusEx
0x86480c InitializeCriticalSection
0x864810 IsDBCSLeadByteEx
0x864814 IsDebuggerPresent
0x864818 LCMapStringW
0x86481c LeaveCriticalSection
0x864820 LoadLibraryA
0x864824 LoadLibraryExW
0x864828 LoadResource
0x86482c LocalAlloc
0x864830 LocalFree
0x864834 LockResource
0x864838 MoveFileExW
0x86483c MultiByteToWideChar
0x864840 OpenProcess
0x864844 OutputDebugStringA
0x864848 PeekNamedPipe
0x86484c PostQueuedCompletionStatus
0x864850 Process32First
0x864854 Process32Next
0x864858 QueryPerformanceCounter
0x86485c QueryPerformanceFrequency
0x864860 QueueUserWorkItem
0x864864 RaiseException
0x864868 ReadConsoleInputW
0x86486c ReadConsoleW
0x864870 ReadDirectoryChangesW
0x864874 ReadFile
0x864878 RegisterWaitForSingleObject
0x86487c ReleaseSemaphore
0x864880 RemoveDirectoryW
0x864884 RemoveVectoredExceptionHandler
0x864888 ResetEvent
0x86488c ResumeThread
0x864890 SetConsoleCtrlHandler
0x864894 SetConsoleCursorInfo
0x864898 SetConsoleCursorPosition
0x86489c SetConsoleMode
0x8648a0 SetConsoleTextAttribute
0x8648a4 SetConsoleTitleW
0x8648a8 SetCurrentDirectoryW
0x8648ac SetEnvironmentVariableW
0x8648b0 SetErrorMode
0x8648b4 SetEvent
0x8648b8 SetFilePointerEx
0x8648bc SetFileTime
0x8648c0 SetHandleInformation
0x8648c4 SetInformationJobObject
0x8648c8 SetLastError
0x8648cc SetNamedPipeHandleState
0x8648d0 SetPriorityClass
0x8648d4 SetProcessAffinityMask
0x8648d8 SetSystemTime
0x8648dc SetThreadAffinityMask
0x8648e0 SetThreadContext
0x8648e4 SetThreadPriority
0x8648e8 SetUnhandledExceptionFilter
0x8648ec SizeofResource
0x8648f0 Sleep
0x8648f4 SuspendThread
0x8648f8 SwitchToThread
0x8648fc TerminateProcess
0x864900 TlsAlloc
0x864904 TlsFree
0x864908 TlsGetValue
0x86490c TlsSetValue
0x864910 TryEnterCriticalSection
0x864914 UnhandledExceptionFilter
0x864918 UnregisterWait
0x86491c UnregisterWaitEx
0x864920 VerSetConditionMask
0x864924 VerifyVersionInfoA
0x864928 VirtualAlloc
0x86492c VirtualFree
0x864930 VirtualProtect
0x864934 VirtualQuery
0x864938 WaitForMultipleObjects
0x86493c WaitForSingleObject
0x864940 WaitNamedPipeW
0x864944 WideCharToMultiByte
0x864948 WriteConsoleInputW
0x86494c WriteConsoleW
0x864950 WriteFile
msvcrt.dll
0x864958 __argv
0x86495c __dllonexit
0x864960 __doserrno
0x864964 __getmainargs
0x864968 __initenv
0x86496c __lconv_init
0x864970 __mb_cur_max
0x864974 __pioinfo
0x864978 __set_app_type
0x86497c __setusermatherr
0x864980 _acmdln
0x864984 _aligned_free
0x864988 _aligned_malloc
0x86498c _amsg_exit
0x864990 _beginthreadex
0x864994 _cexit
0x864998 _close
0x86499c _endthreadex
0x8649a0 _errno
0x8649a4 _close
0x8649a8 _exit
0x8649ac _fdopen
0x8649b0 _filelengthi64
0x8649b4 _fileno
0x8649b8 _fileno
0x8649bc _findclose
0x8649c0 _findfirst
0x8649c4 _findnext
0x8649c8 _fmode
0x8649cc _fstat
0x8649d0 _fstat64
0x8649d4 _fullpath
0x8649d8 _get_osfhandle
0x8649dc _initterm
0x8649e0 _iob
0x8649e4 _lock
0x8649e8 _lseeki64
0x8649ec _mkdir
0x8649f0 _onexit
0x8649f4 _open
0x8649f8 _open_osfhandle
0x8649fc _read
0x864a00 _read
0x864a04 _setjmp3
0x864a08 _snwprintf
0x864a0c _stat
0x864a10 _strdup
0x864a14 _strdup
0x864a18 _stricmp
0x864a1c _strnicmp
0x864a20 _ultoa
0x864a24 _umask
0x864a28 _unlock
0x864a2c _vsnprintf
0x864a30 _wchmod
0x864a34 _wcsdup
0x864a38 _wcsnicmp
0x864a3c _wcsrev
0x864a40 _wmkdir
0x864a44 _wopen
0x864a48 _write
0x864a4c _write
0x864a50 _wrmdir
0x864a54 abort
0x864a58 atof
0x864a5c atoi
0x864a60 calloc
0x864a64 clock
0x864a68 exit
0x864a6c fclose
0x864a70 ferror
0x864a74 fflush
0x864a78 fgetpos
0x864a7c fgets
0x864a80 fopen
0x864a84 fprintf
0x864a88 fputc
0x864a8c fputs
0x864a90 fread
0x864a94 free
0x864a98 fseek
0x864a9c fsetpos
0x864aa0 fwprintf
0x864aa4 fwrite
0x864aa8 getc
0x864aac getenv
0x864ab0 getwc
0x864ab4 islower
0x864ab8 isspace
0x864abc isupper
0x864ac0 iswctype
0x864ac4 localeconv
0x864ac8 localtime
0x864acc longjmp
0x864ad0 malloc
0x864ad4 memchr
0x864ad8 memcmp
0x864adc memcpy
0x864ae0 memmove
0x864ae4 memset
0x864ae8 printf
0x864aec putc
0x864af0 putchar
0x864af4 puts
0x864af8 putwc
0x864afc qsort
0x864b00 raise
0x864b04 rand
0x864b08 realloc
0x864b0c setlocale
0x864b10 setvbuf
0x864b14 signal
0x864b18 sprintf
0x864b1c srand
0x864b20 sscanf
0x864b24 strchr
0x864b28 strcmp
0x864b2c strcoll
0x864b30 strcpy
0x864b34 strcspn
0x864b38 strerror
0x864b3c strftime
0x864b40 strlen
0x864b44 strncmp
0x864b48 strncpy
0x864b4c strrchr
0x864b50 strspn
0x864b54 strstr
0x864b58 strtol
0x864b5c strtoul
0x864b60 strxfrm
0x864b64 tolower
0x864b68 toupper
0x864b6c towlower
0x864b70 towupper
0x864b74 ungetc
0x864b78 ungetwc
0x864b7c vfprintf
0x864b80 wcschr
0x864b84 wcscoll
0x864b88 wcscpy
0x864b8c wcsftime
0x864b90 wcslen
0x864b94 wcsncmp
0x864b98 wcsncpy
0x864b9c wcspbrk
0x864ba0 wcsrchr
0x864ba4 wcstombs
0x864ba8 wcsxfrm
PSAPI.DLL
0x864bb0 GetProcessMemoryInfo
SHELL32.dll
0x864bb8 SHGetSpecialFolderPathA
USER32.dll
0x864bc0 DispatchMessageA
0x864bc4 GetMessageA
0x864bc8 MapVirtualKeyW
0x864bcc MessageBoxW
0x864bd0 SetWinEventHook
0x864bd4 ShowWindow
0x864bd8 TranslateMessage
USERENV.dll
0x864be0 GetUserProfileDirectoryW
WS2_32.dll
0x864be8 FreeAddrInfoW
0x864bec GetAddrInfoW
0x864bf0 WSADuplicateSocketW
0x864bf4 WSAGetLastError
0x864bf8 WSAIoctl
0x864bfc WSARecv
0x864c00 WSARecvFrom
0x864c04 WSASend
0x864c08 WSASendTo
0x864c0c WSASetLastError
0x864c10 WSASocketW
0x864c14 WSAStartup
0x864c18 ind
0x864c1c closesocket
0x864c20 gethostname
0x864c24 getpeername
0x864c28 getsockname
0x864c2c getsockopt
0x864c30 htonl
0x864c34 htons
0x864c38 ioctlsocket
0x864c3c listen
0x864c40 ntohs
0x864c44 select
0x864c48 setsockopt
0x864c4c shutdown
0x864c50 socket
EAT(Export Address Table) is none
ADVAPI32.dll
0x864690 AdjustTokenPrivileges
0x864694 CryptAcquireContextA
0x864698 CryptGenRandom
0x86469c CryptReleaseContext
0x8646a0 GetTokenInformation
0x8646a4 GetUserNameW
0x8646a8 LookupPrivilegeValueW
0x8646ac LsaAddAccountRights
0x8646b0 LsaClose
0x8646b4 LsaOpenPolicy
0x8646b8 OpenProcessToken
0x8646bc RegCloseKey
0x8646c0 RegOpenKeyExW
0x8646c4 RegQueryValueExW
IPHLPAPI.DLL
0x8646cc GetAdaptersAddresses
KERNEL32.dll
0x8646d4 AddVectoredExceptionHandler
0x8646d8 AssignProcessToJobObject
0x8646dc CancelIo
0x8646e0 CloseHandle
0x8646e4 ConnectNamedPipe
0x8646e8 CopyFileW
0x8646ec CreateDirectoryW
0x8646f0 CreateEventA
0x8646f4 CreateFileA
0x8646f8 CreateFileW
0x8646fc CreateHardLinkW
0x864700 CreateIoCompletionPort
0x864704 CreateJobObjectW
0x864708 CreateNamedPipeA
0x86470c CreateNamedPipeW
0x864710 CreateProcessW
0x864714 CreateSemaphoreA
0x864718 CreateSemaphoreW
0x86471c CreateToolhelp32Snapshot
0x864720 DebugBreak
0x864724 DeleteCriticalSection
0x864728 DeviceIoControl
0x86472c DuplicateHandle
0x864730 EnterCriticalSection
0x864734 ExpandEnvironmentStringsA
0x864738 FileTimeToSystemTime
0x86473c FillConsoleOutputAttribute
0x864740 FillConsoleOutputCharacterW
0x864744 FindResourceW
0x864748 FlushFileBuffers
0x86474c FlushInstructionCache
0x864750 FormatMessageA
0x864754 FreeConsole
0x864758 FreeLibrary
0x86475c GetConsoleCursorInfo
0x864760 GetConsoleMode
0x864764 GetConsoleScreenBufferInfo
0x864768 GetConsoleTitleW
0x86476c GetConsoleWindow
0x864770 GetCurrentDirectoryW
0x864774 GetCurrentProcess
0x864778 GetCurrentProcessId
0x86477c GetCurrentThread
0x864780 GetCurrentThreadId
0x864784 GetEnvironmentVariableW
0x864788 GetExitCodeProcess
0x86478c GetFileAttributesA
0x864790 GetFileAttributesW
0x864794 GetFileInformationByHandle
0x864798 GetFileType
0x86479c GetHandleInformation
0x8647a0 GetLargePageMinimum
0x8647a4 GetLastError
0x8647a8 GetLongPathNameW
0x8647ac GetModuleFileNameA
0x8647b0 GetModuleFileNameW
0x8647b4 GetModuleHandleA
0x8647b8 GetModuleHandleW
0x8647bc GetNamedPipeHandleStateA
0x8647c0 GetNumberOfConsoleInputEvents
0x8647c4 GetProcAddress
0x8647c8 GetProcessAffinityMask
0x8647cc GetProcessIoCounters
0x8647d0 GetProcessTimes
0x8647d4 GetQueuedCompletionStatus
0x8647d8 GetShortPathNameW
0x8647dc GetStartupInfoA
0x8647e0 GetStartupInfoW
0x8647e4 GetStdHandle
0x8647e8 GetSystemInfo
0x8647ec GetSystemTimeAdjustment
0x8647f0 GetSystemTimeAsFileTime
0x8647f4 GetTempPathW
0x8647f8 GetThreadContext
0x8647fc GetThreadPriority
0x864800 GetThreadTimes
0x864804 GetTickCount
0x864808 GlobalMemoryStatusEx
0x86480c InitializeCriticalSection
0x864810 IsDBCSLeadByteEx
0x864814 IsDebuggerPresent
0x864818 LCMapStringW
0x86481c LeaveCriticalSection
0x864820 LoadLibraryA
0x864824 LoadLibraryExW
0x864828 LoadResource
0x86482c LocalAlloc
0x864830 LocalFree
0x864834 LockResource
0x864838 MoveFileExW
0x86483c MultiByteToWideChar
0x864840 OpenProcess
0x864844 OutputDebugStringA
0x864848 PeekNamedPipe
0x86484c PostQueuedCompletionStatus
0x864850 Process32First
0x864854 Process32Next
0x864858 QueryPerformanceCounter
0x86485c QueryPerformanceFrequency
0x864860 QueueUserWorkItem
0x864864 RaiseException
0x864868 ReadConsoleInputW
0x86486c ReadConsoleW
0x864870 ReadDirectoryChangesW
0x864874 ReadFile
0x864878 RegisterWaitForSingleObject
0x86487c ReleaseSemaphore
0x864880 RemoveDirectoryW
0x864884 RemoveVectoredExceptionHandler
0x864888 ResetEvent
0x86488c ResumeThread
0x864890 SetConsoleCtrlHandler
0x864894 SetConsoleCursorInfo
0x864898 SetConsoleCursorPosition
0x86489c SetConsoleMode
0x8648a0 SetConsoleTextAttribute
0x8648a4 SetConsoleTitleW
0x8648a8 SetCurrentDirectoryW
0x8648ac SetEnvironmentVariableW
0x8648b0 SetErrorMode
0x8648b4 SetEvent
0x8648b8 SetFilePointerEx
0x8648bc SetFileTime
0x8648c0 SetHandleInformation
0x8648c4 SetInformationJobObject
0x8648c8 SetLastError
0x8648cc SetNamedPipeHandleState
0x8648d0 SetPriorityClass
0x8648d4 SetProcessAffinityMask
0x8648d8 SetSystemTime
0x8648dc SetThreadAffinityMask
0x8648e0 SetThreadContext
0x8648e4 SetThreadPriority
0x8648e8 SetUnhandledExceptionFilter
0x8648ec SizeofResource
0x8648f0 Sleep
0x8648f4 SuspendThread
0x8648f8 SwitchToThread
0x8648fc TerminateProcess
0x864900 TlsAlloc
0x864904 TlsFree
0x864908 TlsGetValue
0x86490c TlsSetValue
0x864910 TryEnterCriticalSection
0x864914 UnhandledExceptionFilter
0x864918 UnregisterWait
0x86491c UnregisterWaitEx
0x864920 VerSetConditionMask
0x864924 VerifyVersionInfoA
0x864928 VirtualAlloc
0x86492c VirtualFree
0x864930 VirtualProtect
0x864934 VirtualQuery
0x864938 WaitForMultipleObjects
0x86493c WaitForSingleObject
0x864940 WaitNamedPipeW
0x864944 WideCharToMultiByte
0x864948 WriteConsoleInputW
0x86494c WriteConsoleW
0x864950 WriteFile
msvcrt.dll
0x864958 __argv
0x86495c __dllonexit
0x864960 __doserrno
0x864964 __getmainargs
0x864968 __initenv
0x86496c __lconv_init
0x864970 __mb_cur_max
0x864974 __pioinfo
0x864978 __set_app_type
0x86497c __setusermatherr
0x864980 _acmdln
0x864984 _aligned_free
0x864988 _aligned_malloc
0x86498c _amsg_exit
0x864990 _beginthreadex
0x864994 _cexit
0x864998 _close
0x86499c _endthreadex
0x8649a0 _errno
0x8649a4 _close
0x8649a8 _exit
0x8649ac _fdopen
0x8649b0 _filelengthi64
0x8649b4 _fileno
0x8649b8 _fileno
0x8649bc _findclose
0x8649c0 _findfirst
0x8649c4 _findnext
0x8649c8 _fmode
0x8649cc _fstat
0x8649d0 _fstat64
0x8649d4 _fullpath
0x8649d8 _get_osfhandle
0x8649dc _initterm
0x8649e0 _iob
0x8649e4 _lock
0x8649e8 _lseeki64
0x8649ec _mkdir
0x8649f0 _onexit
0x8649f4 _open
0x8649f8 _open_osfhandle
0x8649fc _read
0x864a00 _read
0x864a04 _setjmp3
0x864a08 _snwprintf
0x864a0c _stat
0x864a10 _strdup
0x864a14 _strdup
0x864a18 _stricmp
0x864a1c _strnicmp
0x864a20 _ultoa
0x864a24 _umask
0x864a28 _unlock
0x864a2c _vsnprintf
0x864a30 _wchmod
0x864a34 _wcsdup
0x864a38 _wcsnicmp
0x864a3c _wcsrev
0x864a40 _wmkdir
0x864a44 _wopen
0x864a48 _write
0x864a4c _write
0x864a50 _wrmdir
0x864a54 abort
0x864a58 atof
0x864a5c atoi
0x864a60 calloc
0x864a64 clock
0x864a68 exit
0x864a6c fclose
0x864a70 ferror
0x864a74 fflush
0x864a78 fgetpos
0x864a7c fgets
0x864a80 fopen
0x864a84 fprintf
0x864a88 fputc
0x864a8c fputs
0x864a90 fread
0x864a94 free
0x864a98 fseek
0x864a9c fsetpos
0x864aa0 fwprintf
0x864aa4 fwrite
0x864aa8 getc
0x864aac getenv
0x864ab0 getwc
0x864ab4 islower
0x864ab8 isspace
0x864abc isupper
0x864ac0 iswctype
0x864ac4 localeconv
0x864ac8 localtime
0x864acc longjmp
0x864ad0 malloc
0x864ad4 memchr
0x864ad8 memcmp
0x864adc memcpy
0x864ae0 memmove
0x864ae4 memset
0x864ae8 printf
0x864aec putc
0x864af0 putchar
0x864af4 puts
0x864af8 putwc
0x864afc qsort
0x864b00 raise
0x864b04 rand
0x864b08 realloc
0x864b0c setlocale
0x864b10 setvbuf
0x864b14 signal
0x864b18 sprintf
0x864b1c srand
0x864b20 sscanf
0x864b24 strchr
0x864b28 strcmp
0x864b2c strcoll
0x864b30 strcpy
0x864b34 strcspn
0x864b38 strerror
0x864b3c strftime
0x864b40 strlen
0x864b44 strncmp
0x864b48 strncpy
0x864b4c strrchr
0x864b50 strspn
0x864b54 strstr
0x864b58 strtol
0x864b5c strtoul
0x864b60 strxfrm
0x864b64 tolower
0x864b68 toupper
0x864b6c towlower
0x864b70 towupper
0x864b74 ungetc
0x864b78 ungetwc
0x864b7c vfprintf
0x864b80 wcschr
0x864b84 wcscoll
0x864b88 wcscpy
0x864b8c wcsftime
0x864b90 wcslen
0x864b94 wcsncmp
0x864b98 wcsncpy
0x864b9c wcspbrk
0x864ba0 wcsrchr
0x864ba4 wcstombs
0x864ba8 wcsxfrm
PSAPI.DLL
0x864bb0 GetProcessMemoryInfo
SHELL32.dll
0x864bb8 SHGetSpecialFolderPathA
USER32.dll
0x864bc0 DispatchMessageA
0x864bc4 GetMessageA
0x864bc8 MapVirtualKeyW
0x864bcc MessageBoxW
0x864bd0 SetWinEventHook
0x864bd4 ShowWindow
0x864bd8 TranslateMessage
USERENV.dll
0x864be0 GetUserProfileDirectoryW
WS2_32.dll
0x864be8 FreeAddrInfoW
0x864bec GetAddrInfoW
0x864bf0 WSADuplicateSocketW
0x864bf4 WSAGetLastError
0x864bf8 WSAIoctl
0x864bfc WSARecv
0x864c00 WSARecvFrom
0x864c04 WSASend
0x864c08 WSASendTo
0x864c0c WSASetLastError
0x864c10 WSASocketW
0x864c14 WSAStartup
0x864c18 ind
0x864c1c closesocket
0x864c20 gethostname
0x864c24 getpeername
0x864c28 getsockname
0x864c2c getsockopt
0x864c30 htonl
0x864c34 htons
0x864c38 ioctlsocket
0x864c3c listen
0x864c40 ntohs
0x864c44 select
0x864c48 setsockopt
0x864c4c shutdown
0x864c50 socket
EAT(Export Address Table) is none