ScreenShot
| Created | 2023.05.24 09:15 | Machine | s1_win7_x6403 |
| Filename | SAW_BYDESCONNET.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 33 detected (malicious, high confidence, Artemis, KillMBR, Vbct, VFBA, Attribute, HighConfidence, juoxqy, Gencirc, Redcap, sthcy, KillDisk, Tiggre, Wacatac, 3V89P6, TScope, Delf, unsafe, Chgt, Generic@AI, RDML, qZivNsSaJy8XsQFA5FAZ3A, susgen, PossibleThreat) | ||
| md5 | 09716fd4d7ab6e6577fc038e56bec7d2 | ||
| sha256 | 0b4275e3f2d5d1189ed6e997fa4c74d35c479a9b220d5e58fab731d3df7627c1 | ||
| ssdeep | 196608:gD0BqGdgpQxUmLmER3RTsl/mfsD/eP6hcfA1f1YHY1VUX62uVDghPW:gDeJdUQpTBiNe69qeUPhe | ||
| imphash | 4976976de185ce3862fcafed1a2a81f3 | ||
| impfuzzy | 192:bcLqcGKyExe6wI1u1UPmkHIQdO7DnyXDkTFrHcu0dg8:bcGqA6wgIQdOPyXDkpTWg8 | ||
Network IP location
Signature (7cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 33 AntiVirus engines on VirusTotal as malicious |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates a suspicious process |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (9cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
winmm.dll
0x6c494c mciSendCommandW
0x6c4950 mciGetErrorStringW
winspool.drv
0x6c4958 DocumentPropertiesW
0x6c495c ClosePrinter
0x6c4960 OpenPrinterW
0x6c4964 GetDefaultPrinterW
0x6c4968 EnumPrintersW
comctl32.dll
0x6c4970 ImageList_GetImageInfo
0x6c4974 FlatSB_SetScrollInfo
0x6c4978 InitCommonControls
0x6c497c ImageList_DragMove
0x6c4980 ImageList_Destroy
0x6c4984 _TrackMouseEvent
0x6c4988 ImageList_DragShowNolock
0x6c498c ImageList_Add
0x6c4990 FlatSB_SetScrollProp
0x6c4994 ImageList_GetDragImage
0x6c4998 ImageList_Create
0x6c499c ImageList_EndDrag
0x6c49a0 ImageList_DrawEx
0x6c49a4 ImageList_SetImageCount
0x6c49a8 FlatSB_GetScrollPos
0x6c49ac FlatSB_SetScrollPos
0x6c49b0 InitializeFlatSB
0x6c49b4 ImageList_Copy
0x6c49b8 FlatSB_GetScrollInfo
0x6c49bc ImageList_Write
0x6c49c0 ImageList_SetBkColor
0x6c49c4 ImageList_GetBkColor
0x6c49c8 ImageList_BeginDrag
0x6c49cc ImageList_GetIcon
0x6c49d0 ImageList_Replace
0x6c49d4 ImageList_GetImageCount
0x6c49d8 ImageList_DragEnter
0x6c49dc ImageList_GetIconSize
0x6c49e0 ImageList_SetIconSize
0x6c49e4 ImageList_Read
0x6c49e8 ImageList_DragLeave
0x6c49ec ImageList_LoadImageW
0x6c49f0 ImageList_Draw
0x6c49f4 ImageList_Remove
0x6c49f8 ImageList_ReplaceIcon
0x6c49fc ImageList_SetOverlayImage
shell32.dll
0x6c4a04 Shell_NotifyIconW
0x6c4a08 ShellExecuteW
user32.dll
0x6c4a10 CopyImage
0x6c4a14 SetMenuItemInfoW
0x6c4a18 GetMenuItemInfoW
0x6c4a1c DefFrameProcW
0x6c4a20 GetDlgCtrlID
0x6c4a24 FrameRect
0x6c4a28 RegisterWindowMessageW
0x6c4a2c GetMenuStringW
0x6c4a30 FillRect
0x6c4a34 SendMessageA
0x6c4a38 EnumWindows
0x6c4a3c ShowOwnedPopups
0x6c4a40 GetClassInfoExW
0x6c4a44 GetClassInfoW
0x6c4a48 GetScrollRange
0x6c4a4c SetActiveWindow
0x6c4a50 GetActiveWindow
0x6c4a54 DrawEdge
0x6c4a58 GetKeyboardLayoutList
0x6c4a5c LoadBitmapW
0x6c4a60 EnumChildWindows
0x6c4a64 UnhookWindowsHookEx
0x6c4a68 SetCapture
0x6c4a6c GetCapture
0x6c4a70 ShowCaret
0x6c4a74 CreatePopupMenu
0x6c4a78 GetMenuItemID
0x6c4a7c CharLowerBuffW
0x6c4a80 PostMessageW
0x6c4a84 SetWindowLongW
0x6c4a88 IsZoomed
0x6c4a8c SetParent
0x6c4a90 DrawMenuBar
0x6c4a94 GetClientRect
0x6c4a98 IsChild
0x6c4a9c IsIconic
0x6c4aa0 CallNextHookEx
0x6c4aa4 ShowWindow
0x6c4aa8 GetWindowTextW
0x6c4aac SetForegroundWindow
0x6c4ab0 IsDialogMessageW
0x6c4ab4 DestroyWindow
0x6c4ab8 RegisterClassW
0x6c4abc EndMenu
0x6c4ac0 CharNextW
0x6c4ac4 GetFocus
0x6c4ac8 GetDC
0x6c4acc SetFocus
0x6c4ad0 ReleaseDC
0x6c4ad4 GetClassLongW
0x6c4ad8 SetScrollRange
0x6c4adc DrawTextW
0x6c4ae0 PeekMessageA
0x6c4ae4 MessageBeep
0x6c4ae8 SetClassLongW
0x6c4aec RemovePropW
0x6c4af0 GetSubMenu
0x6c4af4 DestroyIcon
0x6c4af8 IsWindowVisible
0x6c4afc PtInRect
0x6c4b00 DispatchMessageA
0x6c4b04 UnregisterClassW
0x6c4b08 GetTopWindow
0x6c4b0c SendMessageW
0x6c4b10 GetComboBoxInfo
0x6c4b14 LoadStringW
0x6c4b18 CreateMenu
0x6c4b1c CharLowerW
0x6c4b20 SetWindowPos
0x6c4b24 SetWindowRgn
0x6c4b28 GetMenuItemCount
0x6c4b2c GetSysColorBrush
0x6c4b30 GetWindowDC
0x6c4b34 DrawTextExW
0x6c4b38 GetScrollInfo
0x6c4b3c SetWindowTextW
0x6c4b40 GetMessageExtraInfo
0x6c4b44 GetSysColor
0x6c4b48 EnableScrollBar
0x6c4b4c TrackPopupMenu
0x6c4b50 DrawIconEx
0x6c4b54 GetClassNameW
0x6c4b58 GetMessagePos
0x6c4b5c GetIconInfo
0x6c4b60 SetScrollInfo
0x6c4b64 GetKeyNameTextW
0x6c4b68 GetDesktopWindow
0x6c4b6c SetCursorPos
0x6c4b70 GetCursorPos
0x6c4b74 SetMenu
0x6c4b78 GetMenuState
0x6c4b7c GetMenu
0x6c4b80 SetRect
0x6c4b84 GetKeyState
0x6c4b88 IsRectEmpty
0x6c4b8c GetCursor
0x6c4b90 KillTimer
0x6c4b94 WaitMessage
0x6c4b98 TranslateMDISysAccel
0x6c4b9c GetWindowPlacement
0x6c4ba0 GetMenuItemRect
0x6c4ba4 CreateIconIndirect
0x6c4ba8 CreateWindowExW
0x6c4bac GetDCEx
0x6c4bb0 PeekMessageW
0x6c4bb4 MonitorFromWindow
0x6c4bb8 SetTimer
0x6c4bbc WindowFromPoint
0x6c4bc0 BeginPaint
0x6c4bc4 RegisterClipboardFormatW
0x6c4bc8 MapVirtualKeyW
0x6c4bcc OffsetRect
0x6c4bd0 IsWindowUnicode
0x6c4bd4 DispatchMessageW
0x6c4bd8 CreateAcceleratorTableW
0x6c4bdc DefMDIChildProcW
0x6c4be0 GetSystemMenu
0x6c4be4 SetScrollPos
0x6c4be8 GetScrollPos
0x6c4bec InflateRect
0x6c4bf0 DrawFocusRect
0x6c4bf4 ReleaseCapture
0x6c4bf8 LoadCursorW
0x6c4bfc ScrollWindow
0x6c4c00 GetLastActivePopup
0x6c4c04 GetSystemMetrics
0x6c4c08 CharUpperBuffW
0x6c4c0c SetClipboardData
0x6c4c10 GetClipboardData
0x6c4c14 ClientToScreen
0x6c4c18 SetWindowPlacement
0x6c4c1c GetMonitorInfoW
0x6c4c20 CheckMenuItem
0x6c4c24 CharUpperW
0x6c4c28 DefWindowProcW
0x6c4c2c GetForegroundWindow
0x6c4c30 EnableWindow
0x6c4c34 GetWindowThreadProcessId
0x6c4c38 RedrawWindow
0x6c4c3c EndPaint
0x6c4c40 MsgWaitForMultipleObjectsEx
0x6c4c44 LoadKeyboardLayoutW
0x6c4c48 ActivateKeyboardLayout
0x6c4c4c GetParent
0x6c4c50 InsertMenuItemW
0x6c4c54 MonitorFromRect
0x6c4c58 GetPropW
0x6c4c5c MessageBoxW
0x6c4c60 SetPropW
0x6c4c64 UpdateWindow
0x6c4c68 MsgWaitForMultipleObjects
0x6c4c6c DestroyMenu
0x6c4c70 SetWindowsHookExW
0x6c4c74 EmptyClipboard
0x6c4c78 GetDlgItem
0x6c4c7c AdjustWindowRectEx
0x6c4c80 IsWindow
0x6c4c84 DrawIcon
0x6c4c88 EnumThreadWindows
0x6c4c8c InvalidateRect
0x6c4c90 GetKeyboardState
0x6c4c94 ScreenToClient
0x6c4c98 DrawFrameControl
0x6c4c9c SetCursor
0x6c4ca0 CreateIcon
0x6c4ca4 RemoveMenu
0x6c4ca8 GetKeyboardLayoutNameW
0x6c4cac OpenClipboard
0x6c4cb0 TranslateMessage
0x6c4cb4 MapWindowPoints
0x6c4cb8 EnumDisplayMonitors
0x6c4cbc CallWindowProcW
0x6c4cc0 CloseClipboard
0x6c4cc4 DestroyCursor
0x6c4cc8 CopyIcon
0x6c4ccc PostQuitMessage
0x6c4cd0 ShowScrollBar
0x6c4cd4 EnableMenuItem
0x6c4cd8 HideCaret
0x6c4cdc FindWindowExW
0x6c4ce0 LoadIconW
0x6c4ce4 SystemParametersInfoW
0x6c4ce8 MonitorFromPoint
0x6c4cec GetWindow
0x6c4cf0 GetWindowRect
0x6c4cf4 GetWindowLongW
0x6c4cf8 InsertMenuW
0x6c4cfc IsWindowEnabled
0x6c4d00 IsDialogMessageA
0x6c4d04 FindWindowW
0x6c4d08 GetKeyboardLayout
0x6c4d0c DeleteMenu
version.dll
0x6c4d14 GetFileVersionInfoSizeW
0x6c4d18 VerQueryValueW
0x6c4d1c GetFileVersionInfoW
oleaut32.dll
0x6c4d24 SysFreeString
0x6c4d28 VariantClear
0x6c4d2c VariantInit
0x6c4d30 GetErrorInfo
0x6c4d34 SysReAllocStringLen
0x6c4d38 SafeArrayCreate
0x6c4d3c SysAllocStringLen
0x6c4d40 SafeArrayPtrOfIndex
0x6c4d44 SafeArrayGetUBound
0x6c4d48 SafeArrayGetLBound
0x6c4d4c VariantCopy
0x6c4d50 VariantChangeType
advapi32.dll
0x6c4d58 RegSetValueExW
0x6c4d5c RegConnectRegistryW
0x6c4d60 RegEnumKeyExW
0x6c4d64 RegLoadKeyW
0x6c4d68 GetUserNameW
0x6c4d6c RegDeleteKeyW
0x6c4d70 RegOpenKeyExW
0x6c4d74 RegQueryInfoKeyW
0x6c4d78 RegUnLoadKeyW
0x6c4d7c RegSaveKeyW
0x6c4d80 RegDeleteValueW
0x6c4d84 RegReplaceKeyW
0x6c4d88 RegFlushKey
0x6c4d8c RegQueryValueExW
0x6c4d90 RegEnumValueW
0x6c4d94 RegCloseKey
0x6c4d98 RegCreateKeyExW
0x6c4d9c RegRestoreKeyW
netapi32.dll
0x6c4da4 NetWkstaGetInfo
0x6c4da8 NetApiBufferFree
msvcrt.dll
0x6c4db0 memcpy
0x6c4db4 memset
kernel32.dll
0x6c4dbc SetFileAttributesW
0x6c4dc0 QueryDosDeviceW
0x6c4dc4 GetACP
0x6c4dc8 LocalFree
0x6c4dcc CloseHandle
0x6c4dd0 GetCurrentProcessId
0x6c4dd4 SizeofResource
0x6c4dd8 VirtualProtect
0x6c4ddc QueryPerformanceFrequency
0x6c4de0 IsDebuggerPresent
0x6c4de4 FindNextFileW
0x6c4de8 GetFullPathNameW
0x6c4dec VirtualFree
0x6c4df0 ExitProcess
0x6c4df4 HeapAlloc
0x6c4df8 GetCPInfoExW
0x6c4dfc RtlUnwind
0x6c4e00 GetCPInfo
0x6c4e04 EnumSystemLocalesW
0x6c4e08 GetStdHandle
0x6c4e0c FileTimeToLocalFileTime
0x6c4e10 GetModuleHandleW
0x6c4e14 FreeLibrary
0x6c4e18 TryEnterCriticalSection
0x6c4e1c HeapDestroy
0x6c4e20 FileTimeToDosDateTime
0x6c4e24 ReadFile
0x6c4e28 HeapSize
0x6c4e2c GetLastError
0x6c4e30 GetModuleFileNameW
0x6c4e34 SetLastError
0x6c4e38 GlobalAlloc
0x6c4e3c GlobalUnlock
0x6c4e40 FindResourceW
0x6c4e44 CreateThread
0x6c4e48 CompareStringW
0x6c4e4c MapViewOfFile
0x6c4e50 LoadLibraryA
0x6c4e54 ResetEvent
0x6c4e58 GetVolumeInformationW
0x6c4e5c MulDiv
0x6c4e60 FreeResource
0x6c4e64 GetDriveTypeW
0x6c4e68 GetVersion
0x6c4e6c RaiseException
0x6c4e70 GlobalAddAtomW
0x6c4e74 FormatMessageW
0x6c4e78 OpenProcess
0x6c4e7c SwitchToThread
0x6c4e80 GetExitCodeThread
0x6c4e84 GetCurrentThread
0x6c4e88 LoadLibraryExW
0x6c4e8c TerminateProcess
0x6c4e90 LockResource
0x6c4e94 GetCurrentThreadId
0x6c4e98 UnhandledExceptionFilter
0x6c4e9c VirtualQuery
0x6c4ea0 GlobalFindAtomW
0x6c4ea4 VirtualQueryEx
0x6c4ea8 GlobalFree
0x6c4eac Sleep
0x6c4eb0 EnterCriticalSection
0x6c4eb4 SetFilePointer
0x6c4eb8 LoadResource
0x6c4ebc SuspendThread
0x6c4ec0 GetTickCount
0x6c4ec4 GetFileSize
0x6c4ec8 GetStartupInfoW
0x6c4ecc GlobalDeleteAtom
0x6c4ed0 GetFileAttributesW
0x6c4ed4 InitializeCriticalSection
0x6c4ed8 GetThreadPriority
0x6c4edc GetCurrentProcess
0x6c4ee0 SetThreadPriority
0x6c4ee4 GlobalLock
0x6c4ee8 VirtualAlloc
0x6c4eec GetSystemInfo
0x6c4ef0 GetCommandLineW
0x6c4ef4 LeaveCriticalSection
0x6c4ef8 GetProcAddress
0x6c4efc ResumeThread
0x6c4f00 GetLogicalDriveStringsW
0x6c4f04 GetVersionExW
0x6c4f08 VerifyVersionInfoW
0x6c4f0c HeapCreate
0x6c4f10 GetDiskFreeSpaceW
0x6c4f14 VerSetConditionMask
0x6c4f18 FindFirstFileW
0x6c4f1c GetUserDefaultUILanguage
0x6c4f20 UnmapViewOfFile
0x6c4f24 lstrlenW
0x6c4f28 QueryPerformanceCounter
0x6c4f2c SetEndOfFile
0x6c4f30 HeapFree
0x6c4f34 WideCharToMultiByte
0x6c4f38 FindClose
0x6c4f3c MultiByteToWideChar
0x6c4f40 LoadLibraryW
0x6c4f44 SetEvent
0x6c4f48 CreateFileW
0x6c4f4c GetLocaleInfoW
0x6c4f50 EnumResourceNamesW
0x6c4f54 DeleteFileW
0x6c4f58 GetLocalTime
0x6c4f5c WaitForSingleObject
0x6c4f60 WriteFile
0x6c4f64 CreateFileMappingW
0x6c4f68 ExitThread
0x6c4f6c DeleteCriticalSection
0x6c4f70 GetDateFormatW
0x6c4f74 TlsGetValue
0x6c4f78 SetErrorMode
0x6c4f7c IsValidLocale
0x6c4f80 TlsSetValue
0x6c4f84 GetSystemDefaultUILanguage
0x6c4f88 EnumCalendarInfoW
0x6c4f8c LocalAlloc
0x6c4f90 RemoveDirectoryW
0x6c4f94 CreateEventW
0x6c4f98 WaitForMultipleObjectsEx
0x6c4f9c SetThreadLocale
0x6c4fa0 GetThreadLocale
ole32.dll
0x6c4fa8 IsEqualGUID
0x6c4fac OleInitialize
0x6c4fb0 OleUninitialize
0x6c4fb4 CoInitialize
0x6c4fb8 CoCreateInstance
0x6c4fbc CoUninitialize
0x6c4fc0 CoTaskMemFree
0x6c4fc4 CoTaskMemAlloc
gdi32.dll
0x6c4fcc Pie
0x6c4fd0 SetBkMode
0x6c4fd4 CreateCompatibleBitmap
0x6c4fd8 GetEnhMetaFileHeader
0x6c4fdc RectVisible
0x6c4fe0 AngleArc
0x6c4fe4 ResizePalette
0x6c4fe8 SetAbortProc
0x6c4fec SetTextColor
0x6c4ff0 GetTextColor
0x6c4ff4 StretchBlt
0x6c4ff8 RoundRect
0x6c4ffc SelectClipRgn
0x6c5000 RestoreDC
0x6c5004 SetRectRgn
0x6c5008 GetTextMetricsW
0x6c500c GetWindowOrgEx
0x6c5010 CreatePalette
0x6c5014 PolyBezierTo
0x6c5018 CreateICW
0x6c501c CreateDCW
0x6c5020 GetStockObject
0x6c5024 CreateSolidBrush
0x6c5028 GetBkMode
0x6c502c Polygon
0x6c5030 MoveToEx
0x6c5034 PlayEnhMetaFile
0x6c5038 Ellipse
0x6c503c StartPage
0x6c5040 GetBitmapBits
0x6c5044 StartDocW
0x6c5048 AbortDoc
0x6c504c GetSystemPaletteEntries
0x6c5050 GetEnhMetaFileBits
0x6c5054 GetEnhMetaFilePaletteEntries
0x6c5058 CreatePenIndirect
0x6c505c CreateFontIndirectW
0x6c5060 PolyBezier
0x6c5064 EndDoc
0x6c5068 GetObjectW
0x6c506c GetCurrentObject
0x6c5070 GetWinMetaFileBits
0x6c5074 SetROP2
0x6c5078 GetEnhMetaFileDescriptionW
0x6c507c ArcTo
0x6c5080 Arc
0x6c5084 SelectPalette
0x6c5088 SetGraphicsMode
0x6c508c ExcludeClipRect
0x6c5090 MaskBlt
0x6c5094 SetWindowOrgEx
0x6c5098 EndPage
0x6c509c DeleteEnhMetaFile
0x6c50a0 Chord
0x6c50a4 SetDIBits
0x6c50a8 GetViewportOrgEx
0x6c50ac SetViewportOrgEx
0x6c50b0 CreateRectRgn
0x6c50b4 RealizePalette
0x6c50b8 SetDIBColorTable
0x6c50bc GetDIBColorTable
0x6c50c0 CreateBrushIndirect
0x6c50c4 PatBlt
0x6c50c8 SetEnhMetaFileBits
0x6c50cc Rectangle
0x6c50d0 SaveDC
0x6c50d4 DeleteDC
0x6c50d8 BitBlt
0x6c50dc SetWorldTransform
0x6c50e0 FrameRgn
0x6c50e4 GetDeviceCaps
0x6c50e8 GetTextExtentPoint32W
0x6c50ec GetClipBox
0x6c50f0 IntersectClipRect
0x6c50f4 Polyline
0x6c50f8 CreateBitmap
0x6c50fc CombineRgn
0x6c5100 SetWinMetaFileBits
0x6c5104 GetStretchBltMode
0x6c5108 CreateDIBitmap
0x6c510c SetStretchBltMode
0x6c5110 GetDIBits
0x6c5114 CreateDIBSection
0x6c5118 ExtCreateRegion
0x6c511c LineTo
0x6c5120 GetRgnBox
0x6c5124 EnumFontsW
0x6c5128 CreateHalftonePalette
0x6c512c SelectObject
0x6c5130 DeleteObject
0x6c5134 ExtFloodFill
0x6c5138 UnrealizeObject
0x6c513c CopyEnhMetaFileW
0x6c5140 SetBkColor
0x6c5144 CreateCompatibleDC
0x6c5148 GetBrushOrgEx
0x6c514c GetCurrentPositionEx
0x6c5150 GetNearestPaletteIndex
0x6c5154 CreateRoundRectRgn
0x6c5158 GetTextExtentPointW
0x6c515c ExtTextOutW
0x6c5160 SetBrushOrgEx
0x6c5164 GetPixel
0x6c5168 GdiFlush
0x6c516c SetPixel
0x6c5170 EnumFontFamiliesExW
0x6c5174 StretchDIBits
0x6c5178 GetPaletteEntries
EAT(Export Address Table) Library
0x4d9f08 TMethodImplementationIntercept
0x410754 __dbk_fcall_wrapper
0x6ac63c dbkFCallWrapperAddr
winmm.dll
0x6c494c mciSendCommandW
0x6c4950 mciGetErrorStringW
winspool.drv
0x6c4958 DocumentPropertiesW
0x6c495c ClosePrinter
0x6c4960 OpenPrinterW
0x6c4964 GetDefaultPrinterW
0x6c4968 EnumPrintersW
comctl32.dll
0x6c4970 ImageList_GetImageInfo
0x6c4974 FlatSB_SetScrollInfo
0x6c4978 InitCommonControls
0x6c497c ImageList_DragMove
0x6c4980 ImageList_Destroy
0x6c4984 _TrackMouseEvent
0x6c4988 ImageList_DragShowNolock
0x6c498c ImageList_Add
0x6c4990 FlatSB_SetScrollProp
0x6c4994 ImageList_GetDragImage
0x6c4998 ImageList_Create
0x6c499c ImageList_EndDrag
0x6c49a0 ImageList_DrawEx
0x6c49a4 ImageList_SetImageCount
0x6c49a8 FlatSB_GetScrollPos
0x6c49ac FlatSB_SetScrollPos
0x6c49b0 InitializeFlatSB
0x6c49b4 ImageList_Copy
0x6c49b8 FlatSB_GetScrollInfo
0x6c49bc ImageList_Write
0x6c49c0 ImageList_SetBkColor
0x6c49c4 ImageList_GetBkColor
0x6c49c8 ImageList_BeginDrag
0x6c49cc ImageList_GetIcon
0x6c49d0 ImageList_Replace
0x6c49d4 ImageList_GetImageCount
0x6c49d8 ImageList_DragEnter
0x6c49dc ImageList_GetIconSize
0x6c49e0 ImageList_SetIconSize
0x6c49e4 ImageList_Read
0x6c49e8 ImageList_DragLeave
0x6c49ec ImageList_LoadImageW
0x6c49f0 ImageList_Draw
0x6c49f4 ImageList_Remove
0x6c49f8 ImageList_ReplaceIcon
0x6c49fc ImageList_SetOverlayImage
shell32.dll
0x6c4a04 Shell_NotifyIconW
0x6c4a08 ShellExecuteW
user32.dll
0x6c4a10 CopyImage
0x6c4a14 SetMenuItemInfoW
0x6c4a18 GetMenuItemInfoW
0x6c4a1c DefFrameProcW
0x6c4a20 GetDlgCtrlID
0x6c4a24 FrameRect
0x6c4a28 RegisterWindowMessageW
0x6c4a2c GetMenuStringW
0x6c4a30 FillRect
0x6c4a34 SendMessageA
0x6c4a38 EnumWindows
0x6c4a3c ShowOwnedPopups
0x6c4a40 GetClassInfoExW
0x6c4a44 GetClassInfoW
0x6c4a48 GetScrollRange
0x6c4a4c SetActiveWindow
0x6c4a50 GetActiveWindow
0x6c4a54 DrawEdge
0x6c4a58 GetKeyboardLayoutList
0x6c4a5c LoadBitmapW
0x6c4a60 EnumChildWindows
0x6c4a64 UnhookWindowsHookEx
0x6c4a68 SetCapture
0x6c4a6c GetCapture
0x6c4a70 ShowCaret
0x6c4a74 CreatePopupMenu
0x6c4a78 GetMenuItemID
0x6c4a7c CharLowerBuffW
0x6c4a80 PostMessageW
0x6c4a84 SetWindowLongW
0x6c4a88 IsZoomed
0x6c4a8c SetParent
0x6c4a90 DrawMenuBar
0x6c4a94 GetClientRect
0x6c4a98 IsChild
0x6c4a9c IsIconic
0x6c4aa0 CallNextHookEx
0x6c4aa4 ShowWindow
0x6c4aa8 GetWindowTextW
0x6c4aac SetForegroundWindow
0x6c4ab0 IsDialogMessageW
0x6c4ab4 DestroyWindow
0x6c4ab8 RegisterClassW
0x6c4abc EndMenu
0x6c4ac0 CharNextW
0x6c4ac4 GetFocus
0x6c4ac8 GetDC
0x6c4acc SetFocus
0x6c4ad0 ReleaseDC
0x6c4ad4 GetClassLongW
0x6c4ad8 SetScrollRange
0x6c4adc DrawTextW
0x6c4ae0 PeekMessageA
0x6c4ae4 MessageBeep
0x6c4ae8 SetClassLongW
0x6c4aec RemovePropW
0x6c4af0 GetSubMenu
0x6c4af4 DestroyIcon
0x6c4af8 IsWindowVisible
0x6c4afc PtInRect
0x6c4b00 DispatchMessageA
0x6c4b04 UnregisterClassW
0x6c4b08 GetTopWindow
0x6c4b0c SendMessageW
0x6c4b10 GetComboBoxInfo
0x6c4b14 LoadStringW
0x6c4b18 CreateMenu
0x6c4b1c CharLowerW
0x6c4b20 SetWindowPos
0x6c4b24 SetWindowRgn
0x6c4b28 GetMenuItemCount
0x6c4b2c GetSysColorBrush
0x6c4b30 GetWindowDC
0x6c4b34 DrawTextExW
0x6c4b38 GetScrollInfo
0x6c4b3c SetWindowTextW
0x6c4b40 GetMessageExtraInfo
0x6c4b44 GetSysColor
0x6c4b48 EnableScrollBar
0x6c4b4c TrackPopupMenu
0x6c4b50 DrawIconEx
0x6c4b54 GetClassNameW
0x6c4b58 GetMessagePos
0x6c4b5c GetIconInfo
0x6c4b60 SetScrollInfo
0x6c4b64 GetKeyNameTextW
0x6c4b68 GetDesktopWindow
0x6c4b6c SetCursorPos
0x6c4b70 GetCursorPos
0x6c4b74 SetMenu
0x6c4b78 GetMenuState
0x6c4b7c GetMenu
0x6c4b80 SetRect
0x6c4b84 GetKeyState
0x6c4b88 IsRectEmpty
0x6c4b8c GetCursor
0x6c4b90 KillTimer
0x6c4b94 WaitMessage
0x6c4b98 TranslateMDISysAccel
0x6c4b9c GetWindowPlacement
0x6c4ba0 GetMenuItemRect
0x6c4ba4 CreateIconIndirect
0x6c4ba8 CreateWindowExW
0x6c4bac GetDCEx
0x6c4bb0 PeekMessageW
0x6c4bb4 MonitorFromWindow
0x6c4bb8 SetTimer
0x6c4bbc WindowFromPoint
0x6c4bc0 BeginPaint
0x6c4bc4 RegisterClipboardFormatW
0x6c4bc8 MapVirtualKeyW
0x6c4bcc OffsetRect
0x6c4bd0 IsWindowUnicode
0x6c4bd4 DispatchMessageW
0x6c4bd8 CreateAcceleratorTableW
0x6c4bdc DefMDIChildProcW
0x6c4be0 GetSystemMenu
0x6c4be4 SetScrollPos
0x6c4be8 GetScrollPos
0x6c4bec InflateRect
0x6c4bf0 DrawFocusRect
0x6c4bf4 ReleaseCapture
0x6c4bf8 LoadCursorW
0x6c4bfc ScrollWindow
0x6c4c00 GetLastActivePopup
0x6c4c04 GetSystemMetrics
0x6c4c08 CharUpperBuffW
0x6c4c0c SetClipboardData
0x6c4c10 GetClipboardData
0x6c4c14 ClientToScreen
0x6c4c18 SetWindowPlacement
0x6c4c1c GetMonitorInfoW
0x6c4c20 CheckMenuItem
0x6c4c24 CharUpperW
0x6c4c28 DefWindowProcW
0x6c4c2c GetForegroundWindow
0x6c4c30 EnableWindow
0x6c4c34 GetWindowThreadProcessId
0x6c4c38 RedrawWindow
0x6c4c3c EndPaint
0x6c4c40 MsgWaitForMultipleObjectsEx
0x6c4c44 LoadKeyboardLayoutW
0x6c4c48 ActivateKeyboardLayout
0x6c4c4c GetParent
0x6c4c50 InsertMenuItemW
0x6c4c54 MonitorFromRect
0x6c4c58 GetPropW
0x6c4c5c MessageBoxW
0x6c4c60 SetPropW
0x6c4c64 UpdateWindow
0x6c4c68 MsgWaitForMultipleObjects
0x6c4c6c DestroyMenu
0x6c4c70 SetWindowsHookExW
0x6c4c74 EmptyClipboard
0x6c4c78 GetDlgItem
0x6c4c7c AdjustWindowRectEx
0x6c4c80 IsWindow
0x6c4c84 DrawIcon
0x6c4c88 EnumThreadWindows
0x6c4c8c InvalidateRect
0x6c4c90 GetKeyboardState
0x6c4c94 ScreenToClient
0x6c4c98 DrawFrameControl
0x6c4c9c SetCursor
0x6c4ca0 CreateIcon
0x6c4ca4 RemoveMenu
0x6c4ca8 GetKeyboardLayoutNameW
0x6c4cac OpenClipboard
0x6c4cb0 TranslateMessage
0x6c4cb4 MapWindowPoints
0x6c4cb8 EnumDisplayMonitors
0x6c4cbc CallWindowProcW
0x6c4cc0 CloseClipboard
0x6c4cc4 DestroyCursor
0x6c4cc8 CopyIcon
0x6c4ccc PostQuitMessage
0x6c4cd0 ShowScrollBar
0x6c4cd4 EnableMenuItem
0x6c4cd8 HideCaret
0x6c4cdc FindWindowExW
0x6c4ce0 LoadIconW
0x6c4ce4 SystemParametersInfoW
0x6c4ce8 MonitorFromPoint
0x6c4cec GetWindow
0x6c4cf0 GetWindowRect
0x6c4cf4 GetWindowLongW
0x6c4cf8 InsertMenuW
0x6c4cfc IsWindowEnabled
0x6c4d00 IsDialogMessageA
0x6c4d04 FindWindowW
0x6c4d08 GetKeyboardLayout
0x6c4d0c DeleteMenu
version.dll
0x6c4d14 GetFileVersionInfoSizeW
0x6c4d18 VerQueryValueW
0x6c4d1c GetFileVersionInfoW
oleaut32.dll
0x6c4d24 SysFreeString
0x6c4d28 VariantClear
0x6c4d2c VariantInit
0x6c4d30 GetErrorInfo
0x6c4d34 SysReAllocStringLen
0x6c4d38 SafeArrayCreate
0x6c4d3c SysAllocStringLen
0x6c4d40 SafeArrayPtrOfIndex
0x6c4d44 SafeArrayGetUBound
0x6c4d48 SafeArrayGetLBound
0x6c4d4c VariantCopy
0x6c4d50 VariantChangeType
advapi32.dll
0x6c4d58 RegSetValueExW
0x6c4d5c RegConnectRegistryW
0x6c4d60 RegEnumKeyExW
0x6c4d64 RegLoadKeyW
0x6c4d68 GetUserNameW
0x6c4d6c RegDeleteKeyW
0x6c4d70 RegOpenKeyExW
0x6c4d74 RegQueryInfoKeyW
0x6c4d78 RegUnLoadKeyW
0x6c4d7c RegSaveKeyW
0x6c4d80 RegDeleteValueW
0x6c4d84 RegReplaceKeyW
0x6c4d88 RegFlushKey
0x6c4d8c RegQueryValueExW
0x6c4d90 RegEnumValueW
0x6c4d94 RegCloseKey
0x6c4d98 RegCreateKeyExW
0x6c4d9c RegRestoreKeyW
netapi32.dll
0x6c4da4 NetWkstaGetInfo
0x6c4da8 NetApiBufferFree
msvcrt.dll
0x6c4db0 memcpy
0x6c4db4 memset
kernel32.dll
0x6c4dbc SetFileAttributesW
0x6c4dc0 QueryDosDeviceW
0x6c4dc4 GetACP
0x6c4dc8 LocalFree
0x6c4dcc CloseHandle
0x6c4dd0 GetCurrentProcessId
0x6c4dd4 SizeofResource
0x6c4dd8 VirtualProtect
0x6c4ddc QueryPerformanceFrequency
0x6c4de0 IsDebuggerPresent
0x6c4de4 FindNextFileW
0x6c4de8 GetFullPathNameW
0x6c4dec VirtualFree
0x6c4df0 ExitProcess
0x6c4df4 HeapAlloc
0x6c4df8 GetCPInfoExW
0x6c4dfc RtlUnwind
0x6c4e00 GetCPInfo
0x6c4e04 EnumSystemLocalesW
0x6c4e08 GetStdHandle
0x6c4e0c FileTimeToLocalFileTime
0x6c4e10 GetModuleHandleW
0x6c4e14 FreeLibrary
0x6c4e18 TryEnterCriticalSection
0x6c4e1c HeapDestroy
0x6c4e20 FileTimeToDosDateTime
0x6c4e24 ReadFile
0x6c4e28 HeapSize
0x6c4e2c GetLastError
0x6c4e30 GetModuleFileNameW
0x6c4e34 SetLastError
0x6c4e38 GlobalAlloc
0x6c4e3c GlobalUnlock
0x6c4e40 FindResourceW
0x6c4e44 CreateThread
0x6c4e48 CompareStringW
0x6c4e4c MapViewOfFile
0x6c4e50 LoadLibraryA
0x6c4e54 ResetEvent
0x6c4e58 GetVolumeInformationW
0x6c4e5c MulDiv
0x6c4e60 FreeResource
0x6c4e64 GetDriveTypeW
0x6c4e68 GetVersion
0x6c4e6c RaiseException
0x6c4e70 GlobalAddAtomW
0x6c4e74 FormatMessageW
0x6c4e78 OpenProcess
0x6c4e7c SwitchToThread
0x6c4e80 GetExitCodeThread
0x6c4e84 GetCurrentThread
0x6c4e88 LoadLibraryExW
0x6c4e8c TerminateProcess
0x6c4e90 LockResource
0x6c4e94 GetCurrentThreadId
0x6c4e98 UnhandledExceptionFilter
0x6c4e9c VirtualQuery
0x6c4ea0 GlobalFindAtomW
0x6c4ea4 VirtualQueryEx
0x6c4ea8 GlobalFree
0x6c4eac Sleep
0x6c4eb0 EnterCriticalSection
0x6c4eb4 SetFilePointer
0x6c4eb8 LoadResource
0x6c4ebc SuspendThread
0x6c4ec0 GetTickCount
0x6c4ec4 GetFileSize
0x6c4ec8 GetStartupInfoW
0x6c4ecc GlobalDeleteAtom
0x6c4ed0 GetFileAttributesW
0x6c4ed4 InitializeCriticalSection
0x6c4ed8 GetThreadPriority
0x6c4edc GetCurrentProcess
0x6c4ee0 SetThreadPriority
0x6c4ee4 GlobalLock
0x6c4ee8 VirtualAlloc
0x6c4eec GetSystemInfo
0x6c4ef0 GetCommandLineW
0x6c4ef4 LeaveCriticalSection
0x6c4ef8 GetProcAddress
0x6c4efc ResumeThread
0x6c4f00 GetLogicalDriveStringsW
0x6c4f04 GetVersionExW
0x6c4f08 VerifyVersionInfoW
0x6c4f0c HeapCreate
0x6c4f10 GetDiskFreeSpaceW
0x6c4f14 VerSetConditionMask
0x6c4f18 FindFirstFileW
0x6c4f1c GetUserDefaultUILanguage
0x6c4f20 UnmapViewOfFile
0x6c4f24 lstrlenW
0x6c4f28 QueryPerformanceCounter
0x6c4f2c SetEndOfFile
0x6c4f30 HeapFree
0x6c4f34 WideCharToMultiByte
0x6c4f38 FindClose
0x6c4f3c MultiByteToWideChar
0x6c4f40 LoadLibraryW
0x6c4f44 SetEvent
0x6c4f48 CreateFileW
0x6c4f4c GetLocaleInfoW
0x6c4f50 EnumResourceNamesW
0x6c4f54 DeleteFileW
0x6c4f58 GetLocalTime
0x6c4f5c WaitForSingleObject
0x6c4f60 WriteFile
0x6c4f64 CreateFileMappingW
0x6c4f68 ExitThread
0x6c4f6c DeleteCriticalSection
0x6c4f70 GetDateFormatW
0x6c4f74 TlsGetValue
0x6c4f78 SetErrorMode
0x6c4f7c IsValidLocale
0x6c4f80 TlsSetValue
0x6c4f84 GetSystemDefaultUILanguage
0x6c4f88 EnumCalendarInfoW
0x6c4f8c LocalAlloc
0x6c4f90 RemoveDirectoryW
0x6c4f94 CreateEventW
0x6c4f98 WaitForMultipleObjectsEx
0x6c4f9c SetThreadLocale
0x6c4fa0 GetThreadLocale
ole32.dll
0x6c4fa8 IsEqualGUID
0x6c4fac OleInitialize
0x6c4fb0 OleUninitialize
0x6c4fb4 CoInitialize
0x6c4fb8 CoCreateInstance
0x6c4fbc CoUninitialize
0x6c4fc0 CoTaskMemFree
0x6c4fc4 CoTaskMemAlloc
gdi32.dll
0x6c4fcc Pie
0x6c4fd0 SetBkMode
0x6c4fd4 CreateCompatibleBitmap
0x6c4fd8 GetEnhMetaFileHeader
0x6c4fdc RectVisible
0x6c4fe0 AngleArc
0x6c4fe4 ResizePalette
0x6c4fe8 SetAbortProc
0x6c4fec SetTextColor
0x6c4ff0 GetTextColor
0x6c4ff4 StretchBlt
0x6c4ff8 RoundRect
0x6c4ffc SelectClipRgn
0x6c5000 RestoreDC
0x6c5004 SetRectRgn
0x6c5008 GetTextMetricsW
0x6c500c GetWindowOrgEx
0x6c5010 CreatePalette
0x6c5014 PolyBezierTo
0x6c5018 CreateICW
0x6c501c CreateDCW
0x6c5020 GetStockObject
0x6c5024 CreateSolidBrush
0x6c5028 GetBkMode
0x6c502c Polygon
0x6c5030 MoveToEx
0x6c5034 PlayEnhMetaFile
0x6c5038 Ellipse
0x6c503c StartPage
0x6c5040 GetBitmapBits
0x6c5044 StartDocW
0x6c5048 AbortDoc
0x6c504c GetSystemPaletteEntries
0x6c5050 GetEnhMetaFileBits
0x6c5054 GetEnhMetaFilePaletteEntries
0x6c5058 CreatePenIndirect
0x6c505c CreateFontIndirectW
0x6c5060 PolyBezier
0x6c5064 EndDoc
0x6c5068 GetObjectW
0x6c506c GetCurrentObject
0x6c5070 GetWinMetaFileBits
0x6c5074 SetROP2
0x6c5078 GetEnhMetaFileDescriptionW
0x6c507c ArcTo
0x6c5080 Arc
0x6c5084 SelectPalette
0x6c5088 SetGraphicsMode
0x6c508c ExcludeClipRect
0x6c5090 MaskBlt
0x6c5094 SetWindowOrgEx
0x6c5098 EndPage
0x6c509c DeleteEnhMetaFile
0x6c50a0 Chord
0x6c50a4 SetDIBits
0x6c50a8 GetViewportOrgEx
0x6c50ac SetViewportOrgEx
0x6c50b0 CreateRectRgn
0x6c50b4 RealizePalette
0x6c50b8 SetDIBColorTable
0x6c50bc GetDIBColorTable
0x6c50c0 CreateBrushIndirect
0x6c50c4 PatBlt
0x6c50c8 SetEnhMetaFileBits
0x6c50cc Rectangle
0x6c50d0 SaveDC
0x6c50d4 DeleteDC
0x6c50d8 BitBlt
0x6c50dc SetWorldTransform
0x6c50e0 FrameRgn
0x6c50e4 GetDeviceCaps
0x6c50e8 GetTextExtentPoint32W
0x6c50ec GetClipBox
0x6c50f0 IntersectClipRect
0x6c50f4 Polyline
0x6c50f8 CreateBitmap
0x6c50fc CombineRgn
0x6c5100 SetWinMetaFileBits
0x6c5104 GetStretchBltMode
0x6c5108 CreateDIBitmap
0x6c510c SetStretchBltMode
0x6c5110 GetDIBits
0x6c5114 CreateDIBSection
0x6c5118 ExtCreateRegion
0x6c511c LineTo
0x6c5120 GetRgnBox
0x6c5124 EnumFontsW
0x6c5128 CreateHalftonePalette
0x6c512c SelectObject
0x6c5130 DeleteObject
0x6c5134 ExtFloodFill
0x6c5138 UnrealizeObject
0x6c513c CopyEnhMetaFileW
0x6c5140 SetBkColor
0x6c5144 CreateCompatibleDC
0x6c5148 GetBrushOrgEx
0x6c514c GetCurrentPositionEx
0x6c5150 GetNearestPaletteIndex
0x6c5154 CreateRoundRectRgn
0x6c5158 GetTextExtentPointW
0x6c515c ExtTextOutW
0x6c5160 SetBrushOrgEx
0x6c5164 GetPixel
0x6c5168 GdiFlush
0x6c516c SetPixel
0x6c5170 EnumFontFamiliesExW
0x6c5174 StretchDIBits
0x6c5178 GetPaletteEntries
EAT(Export Address Table) Library
0x4d9f08 TMethodImplementationIntercept
0x410754 __dbk_fcall_wrapper
0x6ac63c dbkFCallWrapperAddr