ScreenShot
| Created | 2023.05.25 15:12 | Machine | s1_win7_x6401 |
| Filename | po-docs-may24.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 30 detected (AIDetectMalware, Androm, Malicious, score, unsafe, Va3k, high confidence, ModiLoader, AGEN, BadFile, Wacatac, Detected, Artemis, CLOUD, susgen, Formbook, ZelphiCO, YG0@aasFMLki, confidence) | ||
| md5 | 14d2501921d7cf94f36f5deb78c93982 | ||
| sha256 | 0b902145264ae6455a8d945c762dde3076642ca9447fef3828a743e714d0fb5d | ||
| ssdeep | 12288:j9Id6OrPwqTQAwBTTvY0Z3l9+P/bnqvPPOmWnADUcHvNEw3:j9XyTFwtTpZ1E32POMHm0 | ||
| imphash | 3f78a31aa8b8c7d7b7b6e3ee8e949c19 | ||
| impfuzzy | 192:P36oG1sT1/pbuucxSUvK9y6ooqERo72POQR6:P301sPcq9WGPOQM | ||
Network IP location
Signature (8cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 30 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Performs some HTTP requests |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Dbatloader_IN | Dbatloader | binaries (upload) |
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (3cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
kernel32.dll
0x4b7190 DeleteCriticalSection
0x4b7194 LeaveCriticalSection
0x4b7198 EnterCriticalSection
0x4b719c InitializeCriticalSection
0x4b71a0 VirtualFree
0x4b71a4 VirtualAlloc
0x4b71a8 LocalFree
0x4b71ac LocalAlloc
0x4b71b0 GetVersion
0x4b71b4 GetCurrentThreadId
0x4b71b8 InterlockedDecrement
0x4b71bc InterlockedIncrement
0x4b71c0 VirtualQuery
0x4b71c4 WideCharToMultiByte
0x4b71c8 MultiByteToWideChar
0x4b71cc lstrlenA
0x4b71d0 lstrcpynA
0x4b71d4 LoadLibraryExA
0x4b71d8 GetThreadLocale
0x4b71dc GetStartupInfoA
0x4b71e0 GetProcAddress
0x4b71e4 GetModuleHandleA
0x4b71e8 GetModuleFileNameA
0x4b71ec GetLocaleInfoA
0x4b71f0 GetLastError
0x4b71f4 GetCommandLineA
0x4b71f8 FreeLibrary
0x4b71fc FindFirstFileA
0x4b7200 FindClose
0x4b7204 ExitProcess
0x4b7208 WriteFile
0x4b720c UnhandledExceptionFilter
0x4b7210 SetFilePointer
0x4b7214 SetEndOfFile
0x4b7218 RtlUnwind
0x4b721c ReadFile
0x4b7220 RaiseException
0x4b7224 GetStdHandle
0x4b7228 GetFileSize
0x4b722c GetFileType
0x4b7230 CreateFileA
0x4b7234 CloseHandle
user32.dll
0x4b723c GetKeyboardType
0x4b7240 LoadStringA
0x4b7244 MessageBoxA
0x4b7248 CharNextA
advapi32.dll
0x4b7250 RegQueryValueExA
0x4b7254 RegOpenKeyExA
0x4b7258 RegCloseKey
oleaut32.dll
0x4b7260 SysFreeString
0x4b7264 SysReAllocStringLen
0x4b7268 SysAllocStringLen
kernel32.dll
0x4b7270 TlsSetValue
0x4b7274 TlsGetValue
0x4b7278 LocalAlloc
0x4b727c GetModuleHandleA
advapi32.dll
0x4b7284 RegQueryValueExA
0x4b7288 RegOpenKeyExA
0x4b728c RegFlushKey
0x4b7290 RegCloseKey
kernel32.dll
0x4b7298 lstrcpyA
0x4b729c WriteFile
0x4b72a0 WaitForSingleObject
0x4b72a4 VirtualQuery
0x4b72a8 VirtualAlloc
0x4b72ac Sleep
0x4b72b0 SizeofResource
0x4b72b4 SetThreadLocale
0x4b72b8 SetFilePointer
0x4b72bc SetEvent
0x4b72c0 SetErrorMode
0x4b72c4 SetEndOfFile
0x4b72c8 ResetEvent
0x4b72cc ReadFile
0x4b72d0 MulDiv
0x4b72d4 LockResource
0x4b72d8 LoadResource
0x4b72dc LoadLibraryA
0x4b72e0 LeaveCriticalSection
0x4b72e4 InitializeCriticalSection
0x4b72e8 GlobalUnlock
0x4b72ec GlobalReAlloc
0x4b72f0 GlobalHandle
0x4b72f4 GlobalLock
0x4b72f8 GlobalFree
0x4b72fc GlobalFindAtomA
0x4b7300 GlobalDeleteAtom
0x4b7304 GlobalAlloc
0x4b7308 GlobalAddAtomA
0x4b730c GetVersionExA
0x4b7310 GetVersion
0x4b7314 GetTickCount
0x4b7318 GetThreadLocale
0x4b731c GetSystemInfo
0x4b7320 GetStringTypeExA
0x4b7324 GetStdHandle
0x4b7328 GetProcAddress
0x4b732c GetModuleHandleA
0x4b7330 GetModuleFileNameA
0x4b7334 GetLocaleInfoA
0x4b7338 GetLocalTime
0x4b733c GetLastError
0x4b7340 GetFullPathNameA
0x4b7344 GetFileAttributesA
0x4b7348 GetDiskFreeSpaceA
0x4b734c GetDateFormatA
0x4b7350 GetCurrentThreadId
0x4b7354 GetCurrentProcessId
0x4b7358 GetCurrentProcess
0x4b735c GetCPInfo
0x4b7360 GetACP
0x4b7364 FreeResource
0x4b7368 InterlockedExchange
0x4b736c FreeLibrary
0x4b7370 FormatMessageA
0x4b7374 FindResourceA
0x4b7378 FindFirstFileA
0x4b737c FindClose
0x4b7380 FileTimeToLocalFileTime
0x4b7384 FileTimeToDosDateTime
0x4b7388 EnumCalendarInfoA
0x4b738c EnterCriticalSection
0x4b7390 DeleteFileA
0x4b7394 DeleteCriticalSection
0x4b7398 CreateThread
0x4b739c CreateFileA
0x4b73a0 CreateEventA
0x4b73a4 CompareStringA
0x4b73a8 CloseHandle
version.dll
0x4b73b0 VerQueryValueA
0x4b73b4 GetFileVersionInfoSizeA
0x4b73b8 GetFileVersionInfoA
gdi32.dll
0x4b73c0 UnrealizeObject
0x4b73c4 StretchBlt
0x4b73c8 SetWindowOrgEx
0x4b73cc SetWinMetaFileBits
0x4b73d0 SetViewportOrgEx
0x4b73d4 SetTextColor
0x4b73d8 SetStretchBltMode
0x4b73dc SetROP2
0x4b73e0 SetPixel
0x4b73e4 SetEnhMetaFileBits
0x4b73e8 SetDIBColorTable
0x4b73ec SetBrushOrgEx
0x4b73f0 SetBkMode
0x4b73f4 SetBkColor
0x4b73f8 SelectPalette
0x4b73fc SelectObject
0x4b7400 SaveDC
0x4b7404 RestoreDC
0x4b7408 Rectangle
0x4b740c RectVisible
0x4b7410 RealizePalette
0x4b7414 Polyline
0x4b7418 Polygon
0x4b741c PlayEnhMetaFile
0x4b7420 PatBlt
0x4b7424 MoveToEx
0x4b7428 MaskBlt
0x4b742c LineTo
0x4b7430 IntersectClipRect
0x4b7434 GetWindowOrgEx
0x4b7438 GetWinMetaFileBits
0x4b743c GetTextMetricsA
0x4b7440 GetTextExtentPointA
0x4b7444 GetTextExtentPoint32A
0x4b7448 GetSystemPaletteEntries
0x4b744c GetStockObject
0x4b7450 GetPixel
0x4b7454 GetPaletteEntries
0x4b7458 GetObjectA
0x4b745c GetEnhMetaFilePaletteEntries
0x4b7460 GetEnhMetaFileHeader
0x4b7464 GetEnhMetaFileBits
0x4b7468 GetDeviceCaps
0x4b746c GetDIBits
0x4b7470 GetDIBColorTable
0x4b7474 GetDCOrgEx
0x4b7478 GetCurrentPositionEx
0x4b747c GetClipBox
0x4b7480 GetBrushOrgEx
0x4b7484 GetBitmapBits
0x4b7488 GdiFlush
0x4b748c ExcludeClipRect
0x4b7490 DeleteObject
0x4b7494 DeleteEnhMetaFile
0x4b7498 DeleteDC
0x4b749c CreateSolidBrush
0x4b74a0 CreatePenIndirect
0x4b74a4 CreatePalette
0x4b74a8 CreateHalftonePalette
0x4b74ac CreateFontIndirectA
0x4b74b0 CreateDIBitmap
0x4b74b4 CreateDIBSection
0x4b74b8 CreateCompatibleDC
0x4b74bc CreateCompatibleBitmap
0x4b74c0 CreateBrushIndirect
0x4b74c4 CreateBitmap
0x4b74c8 CopyEnhMetaFileA
0x4b74cc BitBlt
user32.dll
0x4b74d4 CreateWindowExA
0x4b74d8 WindowFromPoint
0x4b74dc WinHelpA
0x4b74e0 WaitMessage
0x4b74e4 UpdateWindow
0x4b74e8 UnregisterClassA
0x4b74ec UnhookWindowsHookEx
0x4b74f0 TranslateMessage
0x4b74f4 TranslateMDISysAccel
0x4b74f8 TrackPopupMenu
0x4b74fc SystemParametersInfoA
0x4b7500 ShowWindow
0x4b7504 ShowScrollBar
0x4b7508 ShowOwnedPopups
0x4b750c ShowCursor
0x4b7510 ShowCaret
0x4b7514 SetWindowsHookExA
0x4b7518 SetWindowPos
0x4b751c SetWindowPlacement
0x4b7520 SetWindowLongA
0x4b7524 SetTimer
0x4b7528 SetScrollRange
0x4b752c SetScrollPos
0x4b7530 SetScrollInfo
0x4b7534 SetRect
0x4b7538 SetPropA
0x4b753c SetParent
0x4b7540 SetMenuItemInfoA
0x4b7544 SetMenu
0x4b7548 SetForegroundWindow
0x4b754c SetFocus
0x4b7550 SetCursor
0x4b7554 SetClipboardData
0x4b7558 SetClassLongA
0x4b755c SetCapture
0x4b7560 SetActiveWindow
0x4b7564 SendMessageA
0x4b7568 ScrollWindow
0x4b756c ScreenToClient
0x4b7570 RemovePropA
0x4b7574 RemoveMenu
0x4b7578 ReleaseDC
0x4b757c ReleaseCapture
0x4b7580 RegisterWindowMessageA
0x4b7584 RegisterClipboardFormatA
0x4b7588 RegisterClassA
0x4b758c RedrawWindow
0x4b7590 PtInRect
0x4b7594 PostQuitMessage
0x4b7598 PostMessageA
0x4b759c PeekMessageA
0x4b75a0 OpenClipboard
0x4b75a4 OffsetRect
0x4b75a8 OemToCharA
0x4b75ac MessageBoxA
0x4b75b0 MessageBeep
0x4b75b4 MapWindowPoints
0x4b75b8 MapVirtualKeyA
0x4b75bc LoadStringA
0x4b75c0 LoadKeyboardLayoutA
0x4b75c4 LoadIconA
0x4b75c8 LoadCursorA
0x4b75cc LoadBitmapA
0x4b75d0 KillTimer
0x4b75d4 IsZoomed
0x4b75d8 IsWindowVisible
0x4b75dc IsWindowEnabled
0x4b75e0 IsWindow
0x4b75e4 IsRectEmpty
0x4b75e8 IsMenu
0x4b75ec IsIconic
0x4b75f0 IsDialogMessageA
0x4b75f4 IsChild
0x4b75f8 InvalidateRect
0x4b75fc IntersectRect
0x4b7600 InsertMenuItemA
0x4b7604 InsertMenuA
0x4b7608 InflateRect
0x4b760c HideCaret
0x4b7610 GetWindowThreadProcessId
0x4b7614 GetWindowTextA
0x4b7618 GetWindowRect
0x4b761c GetWindowPlacement
0x4b7620 GetWindowLongA
0x4b7624 GetWindowDC
0x4b7628 GetTopWindow
0x4b762c GetSystemMetrics
0x4b7630 GetSystemMenu
0x4b7634 GetSysColorBrush
0x4b7638 GetSysColor
0x4b763c GetSubMenu
0x4b7640 GetScrollRange
0x4b7644 GetScrollPos
0x4b7648 GetScrollInfo
0x4b764c GetPropA
0x4b7650 GetParent
0x4b7654 GetWindow
0x4b7658 GetMenuStringA
0x4b765c GetMenuState
0x4b7660 GetMenuItemInfoA
0x4b7664 GetMenuItemID
0x4b7668 GetMenuItemCount
0x4b766c GetMenu
0x4b7670 GetLastActivePopup
0x4b7674 GetKeyboardState
0x4b7678 GetKeyboardLayoutList
0x4b767c GetKeyboardLayout
0x4b7680 GetKeyState
0x4b7684 GetKeyNameTextA
0x4b7688 GetIconInfo
0x4b768c GetForegroundWindow
0x4b7690 GetFocus
0x4b7694 GetDesktopWindow
0x4b7698 GetDCEx
0x4b769c GetDC
0x4b76a0 GetCursorPos
0x4b76a4 GetCursor
0x4b76a8 GetClipboardData
0x4b76ac GetClientRect
0x4b76b0 GetClassNameA
0x4b76b4 GetClassInfoA
0x4b76b8 GetCapture
0x4b76bc GetActiveWindow
0x4b76c0 FrameRect
0x4b76c4 FindWindowA
0x4b76c8 FillRect
0x4b76cc EqualRect
0x4b76d0 EnumWindows
0x4b76d4 EnumThreadWindows
0x4b76d8 EndPaint
0x4b76dc EnableWindow
0x4b76e0 EnableScrollBar
0x4b76e4 EnableMenuItem
0x4b76e8 EmptyClipboard
0x4b76ec DrawTextA
0x4b76f0 DrawStateA
0x4b76f4 DrawMenuBar
0x4b76f8 DrawIconEx
0x4b76fc DrawIcon
0x4b7700 DrawFrameControl
0x4b7704 DrawEdge
0x4b7708 DispatchMessageA
0x4b770c DestroyWindow
0x4b7710 DestroyMenu
0x4b7714 DestroyIcon
0x4b7718 DestroyCursor
0x4b771c DeleteMenu
0x4b7720 DefWindowProcA
0x4b7724 DefMDIChildProcA
0x4b7728 DefFrameProcA
0x4b772c CreatePopupMenu
0x4b7730 CreateMenu
0x4b7734 CreateIcon
0x4b7738 CloseClipboard
0x4b773c ClientToScreen
0x4b7740 CheckMenuItem
0x4b7744 CallWindowProcA
0x4b7748 CallNextHookEx
0x4b774c BeginPaint
0x4b7750 CharNextA
0x4b7754 CharLowerBuffA
0x4b7758 CharLowerA
0x4b775c CharUpperBuffA
0x4b7760 CharToOemA
0x4b7764 AdjustWindowRectEx
0x4b7768 ActivateKeyboardLayout
kernel32.dll
0x4b7770 Sleep
oleaut32.dll
0x4b7778 SafeArrayPtrOfIndex
0x4b777c SafeArrayGetUBound
0x4b7780 SafeArrayGetLBound
0x4b7784 SafeArrayCreate
0x4b7788 VariantChangeType
0x4b778c VariantCopy
0x4b7790 VariantClear
0x4b7794 VariantInit
comctl32.dll
0x4b779c ImageList_SetIconSize
0x4b77a0 ImageList_GetIconSize
0x4b77a4 ImageList_Write
0x4b77a8 ImageList_Read
0x4b77ac ImageList_GetDragImage
0x4b77b0 ImageList_DragShowNolock
0x4b77b4 ImageList_SetDragCursorImage
0x4b77b8 ImageList_DragMove
0x4b77bc ImageList_DragLeave
0x4b77c0 ImageList_DragEnter
0x4b77c4 ImageList_EndDrag
0x4b77c8 ImageList_BeginDrag
0x4b77cc ImageList_Remove
0x4b77d0 ImageList_DrawEx
0x4b77d4 ImageList_Replace
0x4b77d8 ImageList_Draw
0x4b77dc ImageList_GetBkColor
0x4b77e0 ImageList_SetBkColor
0x4b77e4 ImageList_ReplaceIcon
0x4b77e8 ImageList_Add
0x4b77ec ImageList_SetImageCount
0x4b77f0 ImageList_GetImageCount
0x4b77f4 ImageList_Destroy
0x4b77f8 ImageList_Create
shell32.dll
0x4b7800 SHFileOperationA
winmm.dll
0x4b7808 sndPlaySoundA
ntdll
0x4b7810 NtFlushInstructionCache
Kernel32
0x4b7818 GetModuleHandleA
0x4b781c LoadLibraryA
kernel32
0x4b7824 VirtualAlloc
uRL
0x4b782c FileProtocolHandlerA
EAT(Export Address Table) is none
kernel32.dll
0x4b7190 DeleteCriticalSection
0x4b7194 LeaveCriticalSection
0x4b7198 EnterCriticalSection
0x4b719c InitializeCriticalSection
0x4b71a0 VirtualFree
0x4b71a4 VirtualAlloc
0x4b71a8 LocalFree
0x4b71ac LocalAlloc
0x4b71b0 GetVersion
0x4b71b4 GetCurrentThreadId
0x4b71b8 InterlockedDecrement
0x4b71bc InterlockedIncrement
0x4b71c0 VirtualQuery
0x4b71c4 WideCharToMultiByte
0x4b71c8 MultiByteToWideChar
0x4b71cc lstrlenA
0x4b71d0 lstrcpynA
0x4b71d4 LoadLibraryExA
0x4b71d8 GetThreadLocale
0x4b71dc GetStartupInfoA
0x4b71e0 GetProcAddress
0x4b71e4 GetModuleHandleA
0x4b71e8 GetModuleFileNameA
0x4b71ec GetLocaleInfoA
0x4b71f0 GetLastError
0x4b71f4 GetCommandLineA
0x4b71f8 FreeLibrary
0x4b71fc FindFirstFileA
0x4b7200 FindClose
0x4b7204 ExitProcess
0x4b7208 WriteFile
0x4b720c UnhandledExceptionFilter
0x4b7210 SetFilePointer
0x4b7214 SetEndOfFile
0x4b7218 RtlUnwind
0x4b721c ReadFile
0x4b7220 RaiseException
0x4b7224 GetStdHandle
0x4b7228 GetFileSize
0x4b722c GetFileType
0x4b7230 CreateFileA
0x4b7234 CloseHandle
user32.dll
0x4b723c GetKeyboardType
0x4b7240 LoadStringA
0x4b7244 MessageBoxA
0x4b7248 CharNextA
advapi32.dll
0x4b7250 RegQueryValueExA
0x4b7254 RegOpenKeyExA
0x4b7258 RegCloseKey
oleaut32.dll
0x4b7260 SysFreeString
0x4b7264 SysReAllocStringLen
0x4b7268 SysAllocStringLen
kernel32.dll
0x4b7270 TlsSetValue
0x4b7274 TlsGetValue
0x4b7278 LocalAlloc
0x4b727c GetModuleHandleA
advapi32.dll
0x4b7284 RegQueryValueExA
0x4b7288 RegOpenKeyExA
0x4b728c RegFlushKey
0x4b7290 RegCloseKey
kernel32.dll
0x4b7298 lstrcpyA
0x4b729c WriteFile
0x4b72a0 WaitForSingleObject
0x4b72a4 VirtualQuery
0x4b72a8 VirtualAlloc
0x4b72ac Sleep
0x4b72b0 SizeofResource
0x4b72b4 SetThreadLocale
0x4b72b8 SetFilePointer
0x4b72bc SetEvent
0x4b72c0 SetErrorMode
0x4b72c4 SetEndOfFile
0x4b72c8 ResetEvent
0x4b72cc ReadFile
0x4b72d0 MulDiv
0x4b72d4 LockResource
0x4b72d8 LoadResource
0x4b72dc LoadLibraryA
0x4b72e0 LeaveCriticalSection
0x4b72e4 InitializeCriticalSection
0x4b72e8 GlobalUnlock
0x4b72ec GlobalReAlloc
0x4b72f0 GlobalHandle
0x4b72f4 GlobalLock
0x4b72f8 GlobalFree
0x4b72fc GlobalFindAtomA
0x4b7300 GlobalDeleteAtom
0x4b7304 GlobalAlloc
0x4b7308 GlobalAddAtomA
0x4b730c GetVersionExA
0x4b7310 GetVersion
0x4b7314 GetTickCount
0x4b7318 GetThreadLocale
0x4b731c GetSystemInfo
0x4b7320 GetStringTypeExA
0x4b7324 GetStdHandle
0x4b7328 GetProcAddress
0x4b732c GetModuleHandleA
0x4b7330 GetModuleFileNameA
0x4b7334 GetLocaleInfoA
0x4b7338 GetLocalTime
0x4b733c GetLastError
0x4b7340 GetFullPathNameA
0x4b7344 GetFileAttributesA
0x4b7348 GetDiskFreeSpaceA
0x4b734c GetDateFormatA
0x4b7350 GetCurrentThreadId
0x4b7354 GetCurrentProcessId
0x4b7358 GetCurrentProcess
0x4b735c GetCPInfo
0x4b7360 GetACP
0x4b7364 FreeResource
0x4b7368 InterlockedExchange
0x4b736c FreeLibrary
0x4b7370 FormatMessageA
0x4b7374 FindResourceA
0x4b7378 FindFirstFileA
0x4b737c FindClose
0x4b7380 FileTimeToLocalFileTime
0x4b7384 FileTimeToDosDateTime
0x4b7388 EnumCalendarInfoA
0x4b738c EnterCriticalSection
0x4b7390 DeleteFileA
0x4b7394 DeleteCriticalSection
0x4b7398 CreateThread
0x4b739c CreateFileA
0x4b73a0 CreateEventA
0x4b73a4 CompareStringA
0x4b73a8 CloseHandle
version.dll
0x4b73b0 VerQueryValueA
0x4b73b4 GetFileVersionInfoSizeA
0x4b73b8 GetFileVersionInfoA
gdi32.dll
0x4b73c0 UnrealizeObject
0x4b73c4 StretchBlt
0x4b73c8 SetWindowOrgEx
0x4b73cc SetWinMetaFileBits
0x4b73d0 SetViewportOrgEx
0x4b73d4 SetTextColor
0x4b73d8 SetStretchBltMode
0x4b73dc SetROP2
0x4b73e0 SetPixel
0x4b73e4 SetEnhMetaFileBits
0x4b73e8 SetDIBColorTable
0x4b73ec SetBrushOrgEx
0x4b73f0 SetBkMode
0x4b73f4 SetBkColor
0x4b73f8 SelectPalette
0x4b73fc SelectObject
0x4b7400 SaveDC
0x4b7404 RestoreDC
0x4b7408 Rectangle
0x4b740c RectVisible
0x4b7410 RealizePalette
0x4b7414 Polyline
0x4b7418 Polygon
0x4b741c PlayEnhMetaFile
0x4b7420 PatBlt
0x4b7424 MoveToEx
0x4b7428 MaskBlt
0x4b742c LineTo
0x4b7430 IntersectClipRect
0x4b7434 GetWindowOrgEx
0x4b7438 GetWinMetaFileBits
0x4b743c GetTextMetricsA
0x4b7440 GetTextExtentPointA
0x4b7444 GetTextExtentPoint32A
0x4b7448 GetSystemPaletteEntries
0x4b744c GetStockObject
0x4b7450 GetPixel
0x4b7454 GetPaletteEntries
0x4b7458 GetObjectA
0x4b745c GetEnhMetaFilePaletteEntries
0x4b7460 GetEnhMetaFileHeader
0x4b7464 GetEnhMetaFileBits
0x4b7468 GetDeviceCaps
0x4b746c GetDIBits
0x4b7470 GetDIBColorTable
0x4b7474 GetDCOrgEx
0x4b7478 GetCurrentPositionEx
0x4b747c GetClipBox
0x4b7480 GetBrushOrgEx
0x4b7484 GetBitmapBits
0x4b7488 GdiFlush
0x4b748c ExcludeClipRect
0x4b7490 DeleteObject
0x4b7494 DeleteEnhMetaFile
0x4b7498 DeleteDC
0x4b749c CreateSolidBrush
0x4b74a0 CreatePenIndirect
0x4b74a4 CreatePalette
0x4b74a8 CreateHalftonePalette
0x4b74ac CreateFontIndirectA
0x4b74b0 CreateDIBitmap
0x4b74b4 CreateDIBSection
0x4b74b8 CreateCompatibleDC
0x4b74bc CreateCompatibleBitmap
0x4b74c0 CreateBrushIndirect
0x4b74c4 CreateBitmap
0x4b74c8 CopyEnhMetaFileA
0x4b74cc BitBlt
user32.dll
0x4b74d4 CreateWindowExA
0x4b74d8 WindowFromPoint
0x4b74dc WinHelpA
0x4b74e0 WaitMessage
0x4b74e4 UpdateWindow
0x4b74e8 UnregisterClassA
0x4b74ec UnhookWindowsHookEx
0x4b74f0 TranslateMessage
0x4b74f4 TranslateMDISysAccel
0x4b74f8 TrackPopupMenu
0x4b74fc SystemParametersInfoA
0x4b7500 ShowWindow
0x4b7504 ShowScrollBar
0x4b7508 ShowOwnedPopups
0x4b750c ShowCursor
0x4b7510 ShowCaret
0x4b7514 SetWindowsHookExA
0x4b7518 SetWindowPos
0x4b751c SetWindowPlacement
0x4b7520 SetWindowLongA
0x4b7524 SetTimer
0x4b7528 SetScrollRange
0x4b752c SetScrollPos
0x4b7530 SetScrollInfo
0x4b7534 SetRect
0x4b7538 SetPropA
0x4b753c SetParent
0x4b7540 SetMenuItemInfoA
0x4b7544 SetMenu
0x4b7548 SetForegroundWindow
0x4b754c SetFocus
0x4b7550 SetCursor
0x4b7554 SetClipboardData
0x4b7558 SetClassLongA
0x4b755c SetCapture
0x4b7560 SetActiveWindow
0x4b7564 SendMessageA
0x4b7568 ScrollWindow
0x4b756c ScreenToClient
0x4b7570 RemovePropA
0x4b7574 RemoveMenu
0x4b7578 ReleaseDC
0x4b757c ReleaseCapture
0x4b7580 RegisterWindowMessageA
0x4b7584 RegisterClipboardFormatA
0x4b7588 RegisterClassA
0x4b758c RedrawWindow
0x4b7590 PtInRect
0x4b7594 PostQuitMessage
0x4b7598 PostMessageA
0x4b759c PeekMessageA
0x4b75a0 OpenClipboard
0x4b75a4 OffsetRect
0x4b75a8 OemToCharA
0x4b75ac MessageBoxA
0x4b75b0 MessageBeep
0x4b75b4 MapWindowPoints
0x4b75b8 MapVirtualKeyA
0x4b75bc LoadStringA
0x4b75c0 LoadKeyboardLayoutA
0x4b75c4 LoadIconA
0x4b75c8 LoadCursorA
0x4b75cc LoadBitmapA
0x4b75d0 KillTimer
0x4b75d4 IsZoomed
0x4b75d8 IsWindowVisible
0x4b75dc IsWindowEnabled
0x4b75e0 IsWindow
0x4b75e4 IsRectEmpty
0x4b75e8 IsMenu
0x4b75ec IsIconic
0x4b75f0 IsDialogMessageA
0x4b75f4 IsChild
0x4b75f8 InvalidateRect
0x4b75fc IntersectRect
0x4b7600 InsertMenuItemA
0x4b7604 InsertMenuA
0x4b7608 InflateRect
0x4b760c HideCaret
0x4b7610 GetWindowThreadProcessId
0x4b7614 GetWindowTextA
0x4b7618 GetWindowRect
0x4b761c GetWindowPlacement
0x4b7620 GetWindowLongA
0x4b7624 GetWindowDC
0x4b7628 GetTopWindow
0x4b762c GetSystemMetrics
0x4b7630 GetSystemMenu
0x4b7634 GetSysColorBrush
0x4b7638 GetSysColor
0x4b763c GetSubMenu
0x4b7640 GetScrollRange
0x4b7644 GetScrollPos
0x4b7648 GetScrollInfo
0x4b764c GetPropA
0x4b7650 GetParent
0x4b7654 GetWindow
0x4b7658 GetMenuStringA
0x4b765c GetMenuState
0x4b7660 GetMenuItemInfoA
0x4b7664 GetMenuItemID
0x4b7668 GetMenuItemCount
0x4b766c GetMenu
0x4b7670 GetLastActivePopup
0x4b7674 GetKeyboardState
0x4b7678 GetKeyboardLayoutList
0x4b767c GetKeyboardLayout
0x4b7680 GetKeyState
0x4b7684 GetKeyNameTextA
0x4b7688 GetIconInfo
0x4b768c GetForegroundWindow
0x4b7690 GetFocus
0x4b7694 GetDesktopWindow
0x4b7698 GetDCEx
0x4b769c GetDC
0x4b76a0 GetCursorPos
0x4b76a4 GetCursor
0x4b76a8 GetClipboardData
0x4b76ac GetClientRect
0x4b76b0 GetClassNameA
0x4b76b4 GetClassInfoA
0x4b76b8 GetCapture
0x4b76bc GetActiveWindow
0x4b76c0 FrameRect
0x4b76c4 FindWindowA
0x4b76c8 FillRect
0x4b76cc EqualRect
0x4b76d0 EnumWindows
0x4b76d4 EnumThreadWindows
0x4b76d8 EndPaint
0x4b76dc EnableWindow
0x4b76e0 EnableScrollBar
0x4b76e4 EnableMenuItem
0x4b76e8 EmptyClipboard
0x4b76ec DrawTextA
0x4b76f0 DrawStateA
0x4b76f4 DrawMenuBar
0x4b76f8 DrawIconEx
0x4b76fc DrawIcon
0x4b7700 DrawFrameControl
0x4b7704 DrawEdge
0x4b7708 DispatchMessageA
0x4b770c DestroyWindow
0x4b7710 DestroyMenu
0x4b7714 DestroyIcon
0x4b7718 DestroyCursor
0x4b771c DeleteMenu
0x4b7720 DefWindowProcA
0x4b7724 DefMDIChildProcA
0x4b7728 DefFrameProcA
0x4b772c CreatePopupMenu
0x4b7730 CreateMenu
0x4b7734 CreateIcon
0x4b7738 CloseClipboard
0x4b773c ClientToScreen
0x4b7740 CheckMenuItem
0x4b7744 CallWindowProcA
0x4b7748 CallNextHookEx
0x4b774c BeginPaint
0x4b7750 CharNextA
0x4b7754 CharLowerBuffA
0x4b7758 CharLowerA
0x4b775c CharUpperBuffA
0x4b7760 CharToOemA
0x4b7764 AdjustWindowRectEx
0x4b7768 ActivateKeyboardLayout
kernel32.dll
0x4b7770 Sleep
oleaut32.dll
0x4b7778 SafeArrayPtrOfIndex
0x4b777c SafeArrayGetUBound
0x4b7780 SafeArrayGetLBound
0x4b7784 SafeArrayCreate
0x4b7788 VariantChangeType
0x4b778c VariantCopy
0x4b7790 VariantClear
0x4b7794 VariantInit
comctl32.dll
0x4b779c ImageList_SetIconSize
0x4b77a0 ImageList_GetIconSize
0x4b77a4 ImageList_Write
0x4b77a8 ImageList_Read
0x4b77ac ImageList_GetDragImage
0x4b77b0 ImageList_DragShowNolock
0x4b77b4 ImageList_SetDragCursorImage
0x4b77b8 ImageList_DragMove
0x4b77bc ImageList_DragLeave
0x4b77c0 ImageList_DragEnter
0x4b77c4 ImageList_EndDrag
0x4b77c8 ImageList_BeginDrag
0x4b77cc ImageList_Remove
0x4b77d0 ImageList_DrawEx
0x4b77d4 ImageList_Replace
0x4b77d8 ImageList_Draw
0x4b77dc ImageList_GetBkColor
0x4b77e0 ImageList_SetBkColor
0x4b77e4 ImageList_ReplaceIcon
0x4b77e8 ImageList_Add
0x4b77ec ImageList_SetImageCount
0x4b77f0 ImageList_GetImageCount
0x4b77f4 ImageList_Destroy
0x4b77f8 ImageList_Create
shell32.dll
0x4b7800 SHFileOperationA
winmm.dll
0x4b7808 sndPlaySoundA
ntdll
0x4b7810 NtFlushInstructionCache
Kernel32
0x4b7818 GetModuleHandleA
0x4b781c LoadLibraryA
kernel32
0x4b7824 VirtualAlloc
uRL
0x4b782c FileProtocolHandlerA
EAT(Export Address Table) is none