ScreenShot
| Created | 2023.06.07 07:43 | Machine | s1_win7_x6401 |
| Filename | 88999.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 57 detected (AIDetectMalware, Doina, Farfli, Vbpn, malicious, ZexaF, tC0@amHpmRfj, ABRisk, ECGH, Malcode, high confidence, score, n1IpeG8SmSG, bzxds, ZEGOST, SM17, Infected, ai score=84, BigBadWolf, CWO@7jrzut, Detected, Artemis, BScope, unsafe, GdSda, Gencirc, susgen, CESZ, confidence, 100%) | ||
| md5 | ee9f9565049005c3fc1dfd32db706ef8 | ||
| sha256 | 41fe567d55eb7815d15fe5f3408a902f5743a42b2d6b58a6eac7455a06e52d28 | ||
| ssdeep | 3072:gIH9W+aUwWAKRpHFeyYMPg0GQx/KD9tlnZ9OrsL1z17toIhRXIB7NE4:gIHaXW3HFOMsZYM1znexE | ||
| imphash | 58c5d357101428118c079002a7efbddf | ||
| impfuzzy | 192:9HktqJUFDnCLYkZggioYN99uBcRcic7Oa:9HODCEkK9yERA | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| danger | File has been identified by 57 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| watch | Installs itself for autorun at Windows startup |
| watch | Network activity contains more than one unique useragent |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (7cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET INFO Dotted Quad Host DLL Request
ET HUNTING Rejetto HTTP File Sever Response
ET INFO Dotted Quad Host DLL Request
ET HUNTING Rejetto HTTP File Sever Response
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x444b50 DeleteFileA
0x444b54 FindClose
0x444b58 FindFirstFileA
0x444b5c GetVolumeInformationA
0x444b60 GetFullPathNameA
0x444b64 GetStringTypeExA
0x444b68 GetThreadLocale
0x444b6c GetShortPathNameA
0x444b70 GetFileAttributesA
0x444b74 GetFileTime
0x444b78 LocalFileTimeToFileTime
0x444b7c SystemTimeToFileTime
0x444b80 SetFileTime
0x444b84 SetFileAttributesA
0x444b88 FileTimeToSystemTime
0x444b8c FileTimeToLocalFileTime
0x444b90 RtlUnwind
0x444b94 HeapReAlloc
0x444b98 GetStartupInfoA
0x444b9c GetCommandLineA
0x444ba0 ExitProcess
0x444ba4 TerminateProcess
0x444ba8 CreateThread
0x444bac ExitThread
0x444bb0 RaiseException
0x444bb4 HeapSize
0x444bb8 GetACP
0x444bbc GetTimeZoneInformation
0x444bc0 GetSystemTime
0x444bc4 GetLocalTime
0x444bc8 GetEnvironmentVariableA
0x444bcc MoveFileA
0x444bd0 HeapDestroy
0x444bd4 HeapCreate
0x444bd8 IsBadWritePtr
0x444bdc FatalAppExitA
0x444be0 UnhandledExceptionFilter
0x444be4 FreeEnvironmentStringsA
0x444be8 FreeEnvironmentStringsW
0x444bec GetEnvironmentStrings
0x444bf0 GetEnvironmentStringsW
0x444bf4 SetHandleCount
0x444bf8 GetStdHandle
0x444bfc GetFileType
0x444c00 SetUnhandledExceptionFilter
0x444c04 LCMapStringA
0x444c08 LCMapStringW
0x444c0c GetStringTypeA
0x444c10 GetStringTypeW
0x444c14 IsBadReadPtr
0x444c18 IsBadCodePtr
0x444c1c IsValidLocale
0x444c20 IsValidCodePage
0x444c24 GetLocaleInfoA
0x444c28 EnumSystemLocalesA
0x444c2c GetUserDefaultLCID
0x444c30 SetConsoleCtrlHandler
0x444c34 CompareStringA
0x444c38 CompareStringW
0x444c3c SetEnvironmentVariableA
0x444c40 GetLocaleInfoW
0x444c44 SetEndOfFile
0x444c48 UnlockFile
0x444c4c LockFile
0x444c50 FlushFileBuffers
0x444c54 SetFilePointer
0x444c58 GetCurrentProcess
0x444c5c DuplicateHandle
0x444c60 SetErrorMode
0x444c64 GetOEMCP
0x444c68 GetCPInfo
0x444c6c SizeofResource
0x444c70 GetProcessVersion
0x444c74 GetLastError
0x444c78 MultiByteToWideChar
0x444c7c WideCharToMultiByte
0x444c80 InterlockedExchange
0x444c84 InterlockedIncrement
0x444c88 GetCurrentDirectoryA
0x444c8c WritePrivateProfileStringA
0x444c90 GetPrivateProfileStringA
0x444c94 GetPrivateProfileIntA
0x444c98 GlobalFlags
0x444c9c lstrlenA
0x444ca0 lstrcpynA
0x444ca4 TlsGetValue
0x444ca8 LocalReAlloc
0x444cac TlsSetValue
0x444cb0 EnterCriticalSection
0x444cb4 GlobalReAlloc
0x444cb8 LeaveCriticalSection
0x444cbc TlsFree
0x444cc0 GlobalHandle
0x444cc4 DeleteCriticalSection
0x444cc8 TlsAlloc
0x444ccc InitializeCriticalSection
0x444cd0 LocalFree
0x444cd4 LocalAlloc
0x444cd8 InterlockedDecrement
0x444cdc MulDiv
0x444ce0 SetLastError
0x444ce4 GetVersion
0x444ce8 lstrcatA
0x444cec GlobalGetAtomNameA
0x444cf0 GlobalAddAtomA
0x444cf4 GlobalFindAtomA
0x444cf8 lstrcpyA
0x444cfc GetModuleHandleA
0x444d00 GlobalUnlock
0x444d04 GlobalFree
0x444d08 LockResource
0x444d0c FindResourceA
0x444d10 LoadResource
0x444d14 CreateEventA
0x444d18 SuspendThread
0x444d1c SetThreadPriority
0x444d20 ResumeThread
0x444d24 SetEvent
0x444d28 WaitForSingleObject
0x444d2c GetModuleFileNameA
0x444d30 GlobalLock
0x444d34 GlobalAlloc
0x444d38 GlobalDeleteAtom
0x444d3c lstrcmpA
0x444d40 lstrcmpiA
0x444d44 GetCurrentThread
0x444d48 GetCurrentThreadId
0x444d4c FreeLibrary
0x444d50 HeapFree
0x444d54 LoadLibraryA
0x444d58 GetProcAddress
0x444d5c VirtualFree
0x444d60 VirtualProtect
0x444d64 VirtualAlloc
0x444d68 GetProcessHeap
0x444d6c HeapAlloc
0x444d70 GetFileSize
0x444d74 ReadFile
0x444d78 CreateFileA
0x444d7c WriteFile
0x444d80 CloseHandle
0x444d84 GetVersionExA
0x444d88 Sleep
USER32.dll
0x444e64 EndDeferWindowPos
0x444e68 CopyRect
0x444e6c BeginDeferWindowPos
0x444e70 DeferWindowPos
0x444e74 EqualRect
0x444e78 ScreenToClient
0x444e7c AdjustWindowRectEx
0x444e80 SetFocus
0x444e84 GetSysColor
0x444e88 MapWindowPoints
0x444e8c SendDlgItemMessageA
0x444e90 UpdateWindow
0x444e94 CheckDlgButton
0x444e98 CheckRadioButton
0x444e9c GetDlgItemInt
0x444ea0 GetDlgItemTextA
0x444ea4 SetDlgItemInt
0x444ea8 SetDlgItemTextA
0x444eac IsDlgButtonChecked
0x444eb0 ScrollWindowEx
0x444eb4 IsDialogMessageA
0x444eb8 SetWindowTextA
0x444ebc MoveWindow
0x444ec0 ShowWindow
0x444ec4 ClientToScreen
0x444ec8 GetDC
0x444ecc ReleaseDC
0x444ed0 GetWindowDC
0x444ed4 BeginPaint
0x444ed8 EndPaint
0x444edc TabbedTextOutA
0x444ee0 DrawTextA
0x444ee4 GrayStringA
0x444ee8 LoadCursorA
0x444eec SetCapture
0x444ef0 ReleaseCapture
0x444ef4 WaitMessage
0x444ef8 GetDesktopWindow
0x444efc GetWindowThreadProcessId
0x444f00 WindowFromPoint
0x444f04 GetClassNameA
0x444f08 PtInRect
0x444f0c InsertMenuA
0x444f10 DeleteMenu
0x444f14 GetMenuStringA
0x444f18 CharToOemA
0x444f1c OemToCharA
0x444f20 GetSysColorBrush
0x444f24 LoadStringA
0x444f28 GetDialogBaseUnits
0x444f2c DestroyMenu
0x444f30 SetRectEmpty
0x444f34 LoadAcceleratorsA
0x444f38 TranslateAcceleratorA
0x444f3c LoadMenuA
0x444f40 SetMenu
0x444f44 ReuseDDElParam
0x444f48 UnpackDDElParam
0x444f4c InvalidateRect
0x444f50 BringWindowToTop
0x444f54 CharUpperA
0x444f58 ScrollWindow
0x444f5c GetScrollInfo
0x444f60 SetScrollInfo
0x444f64 ShowScrollBar
0x444f68 GetScrollRange
0x444f6c SetScrollRange
0x444f70 GetScrollPos
0x444f74 SetScrollPos
0x444f78 GetTopWindow
0x444f7c IsChild
0x444f80 GetCapture
0x444f84 WinHelpA
0x444f88 wsprintfA
0x444f8c GetClassInfoA
0x444f90 RegisterClassA
0x444f94 GetMenu
0x444f98 GetMenuItemCount
0x444f9c GetSubMenu
0x444fa0 GetMenuItemID
0x444fa4 TrackPopupMenu
0x444fa8 SetWindowPlacement
0x444fac GetWindowTextLengthA
0x444fb0 GetWindowTextA
0x444fb4 GetDlgCtrlID
0x444fb8 CreateWindowExA
0x444fbc GetClassLongA
0x444fc0 SetPropA
0x444fc4 UnhookWindowsHookEx
0x444fc8 GetPropA
0x444fcc CallWindowProcA
0x444fd0 RemovePropA
0x444fd4 DefWindowProcA
0x444fd8 GetMessageTime
0x444fdc GetMessagePos
0x444fe0 GetForegroundWindow
0x444fe4 SetForegroundWindow
0x444fe8 GetWindow
0x444fec SetWindowLongA
0x444ff0 SetWindowPos
0x444ff4 RegisterWindowMessageA
0x444ff8 IntersectRect
0x444ffc SystemParametersInfoA
0x445000 GetWindowPlacement
0x445004 GetWindowRect
0x445008 EndDialog
0x44500c SetActiveWindow
0x445010 IsWindow
0x445014 CreateDialogIndirectParamA
0x445018 DestroyWindow
0x44501c GetDlgItem
0x445020 GetMenuCheckMarkDimensions
0x445024 LoadBitmapA
0x445028 GetMenuState
0x44502c ModifyMenuA
0x445030 SetMenuItemBitmaps
0x445034 CheckMenuItem
0x445038 EnableMenuItem
0x44503c GetFocus
0x445040 GetNextDlgTabItem
0x445044 GetMessageA
0x445048 TranslateMessage
0x44504c DispatchMessageA
0x445050 GetActiveWindow
0x445054 GetKeyState
0x445058 CallNextHookEx
0x44505c ValidateRect
0x445060 IsWindowVisible
0x445064 PeekMessageA
0x445068 GetCursorPos
0x44506c SetWindowsHookExA
0x445070 GetParent
0x445074 GetLastActivePopup
0x445078 IsWindowEnabled
0x44507c GetWindowLongA
0x445080 MessageBoxA
0x445084 SetCursor
0x445088 ShowOwnedPopups
0x44508c PostQuitMessage
0x445090 PostMessageA
0x445094 LoadIconA
0x445098 EnableWindow
0x44509c GetClientRect
0x4450a0 IsIconic
0x4450a4 SendMessageA
0x4450a8 DrawIcon
0x4450ac GetSystemMetrics
0x4450b0 OffsetRect
0x4450b4 UnregisterClassA
GDI32.dll
0x4449dc SetMapMode
0x4449e0 SetViewportOrgEx
0x4449e4 OffsetViewportOrgEx
0x4449e8 SetViewportExtEx
0x4449ec ScaleViewportExtEx
0x4449f0 SetWindowOrgEx
0x4449f4 OffsetWindowOrgEx
0x4449f8 SetWindowExtEx
0x4449fc ScaleWindowExtEx
0x444a00 SelectClipRgn
0x444a04 ExcludeClipRect
0x444a08 IntersectClipRect
0x444a0c OffsetClipRgn
0x444a10 MoveToEx
0x444a14 LineTo
0x444a18 SetTextAlign
0x444a1c SetTextJustification
0x444a20 SetTextCharacterExtra
0x444a24 SetMapperFlags
0x444a28 GetCurrentPositionEx
0x444a2c ArcTo
0x444a30 SetArcDirection
0x444a34 PolyDraw
0x444a38 GetObjectA
0x444a3c PolylineTo
0x444a40 SetColorAdjustment
0x444a44 SetStretchBltMode
0x444a48 DeleteObject
0x444a4c SetPolyFillMode
0x444a50 CreateRectRgn
0x444a54 SelectClipPath
0x444a58 ExtSelectClipRgn
0x444a5c PlayMetaFileRecord
0x444a60 GetObjectType
0x444a64 EnumMetaFile
0x444a68 PlayMetaFile
0x444a6c GetDeviceCaps
0x444a70 GetViewportExtEx
0x444a74 GetWindowExtEx
0x444a78 CreatePen
0x444a7c ExtCreatePen
0x444a80 CreateSolidBrush
0x444a84 CreateHatchBrush
0x444a88 CreatePatternBrush
0x444a8c CreateDIBPatternBrushPt
0x444a90 PtVisible
0x444a94 RectVisible
0x444a98 TextOutA
0x444a9c ExtTextOutA
0x444aa0 Escape
0x444aa4 GetTextExtentPoint32A
0x444aa8 GetTextMetricsA
0x444aac CreateFontIndirectA
0x444ab0 PolyBezierTo
0x444ab4 SetROP2
0x444ab8 SetBkColor
0x444abc SetTextColor
0x444ac0 GetClipBox
0x444ac4 SetBkMode
0x444ac8 SelectPalette
0x444acc GetStockObject
0x444ad0 SelectObject
0x444ad4 RestoreDC
0x444ad8 SaveDC
0x444adc StartDocA
0x444ae0 GetClipRgn
0x444ae4 CreateBitmap
0x444ae8 GetDCOrgEx
0x444aec DeleteDC
comdlg32.dll
0x445190 GetFileTitleA
WINSPOOL.DRV
0x445158 OpenPrinterA
0x44515c DocumentPropertiesA
0x445160 ClosePrinter
ADVAPI32.dll
0x44495c RegDeleteKeyA
0x444960 RegDeleteValueA
0x444964 RegSetValueExA
0x444968 RegQueryValueExA
0x44496c RegOpenKeyExA
0x444970 RegCreateKeyExA
0x444974 RegCloseKey
0x444978 RegOpenKeyA
SHELL32.dll
0x444e28 SHGetFileInfoA
0x444e2c DragQueryFileA
0x444e30 DragAcceptFiles
0x444e34 DragFinish
COMCTL32.dll
0x4449ac None
imagehlp.dll
0x4451c0 MakeSureDirectoryPathExists
EAT(Export Address Table) Library
0x4010f0 heiyuxhj
KERNEL32.dll
0x444b50 DeleteFileA
0x444b54 FindClose
0x444b58 FindFirstFileA
0x444b5c GetVolumeInformationA
0x444b60 GetFullPathNameA
0x444b64 GetStringTypeExA
0x444b68 GetThreadLocale
0x444b6c GetShortPathNameA
0x444b70 GetFileAttributesA
0x444b74 GetFileTime
0x444b78 LocalFileTimeToFileTime
0x444b7c SystemTimeToFileTime
0x444b80 SetFileTime
0x444b84 SetFileAttributesA
0x444b88 FileTimeToSystemTime
0x444b8c FileTimeToLocalFileTime
0x444b90 RtlUnwind
0x444b94 HeapReAlloc
0x444b98 GetStartupInfoA
0x444b9c GetCommandLineA
0x444ba0 ExitProcess
0x444ba4 TerminateProcess
0x444ba8 CreateThread
0x444bac ExitThread
0x444bb0 RaiseException
0x444bb4 HeapSize
0x444bb8 GetACP
0x444bbc GetTimeZoneInformation
0x444bc0 GetSystemTime
0x444bc4 GetLocalTime
0x444bc8 GetEnvironmentVariableA
0x444bcc MoveFileA
0x444bd0 HeapDestroy
0x444bd4 HeapCreate
0x444bd8 IsBadWritePtr
0x444bdc FatalAppExitA
0x444be0 UnhandledExceptionFilter
0x444be4 FreeEnvironmentStringsA
0x444be8 FreeEnvironmentStringsW
0x444bec GetEnvironmentStrings
0x444bf0 GetEnvironmentStringsW
0x444bf4 SetHandleCount
0x444bf8 GetStdHandle
0x444bfc GetFileType
0x444c00 SetUnhandledExceptionFilter
0x444c04 LCMapStringA
0x444c08 LCMapStringW
0x444c0c GetStringTypeA
0x444c10 GetStringTypeW
0x444c14 IsBadReadPtr
0x444c18 IsBadCodePtr
0x444c1c IsValidLocale
0x444c20 IsValidCodePage
0x444c24 GetLocaleInfoA
0x444c28 EnumSystemLocalesA
0x444c2c GetUserDefaultLCID
0x444c30 SetConsoleCtrlHandler
0x444c34 CompareStringA
0x444c38 CompareStringW
0x444c3c SetEnvironmentVariableA
0x444c40 GetLocaleInfoW
0x444c44 SetEndOfFile
0x444c48 UnlockFile
0x444c4c LockFile
0x444c50 FlushFileBuffers
0x444c54 SetFilePointer
0x444c58 GetCurrentProcess
0x444c5c DuplicateHandle
0x444c60 SetErrorMode
0x444c64 GetOEMCP
0x444c68 GetCPInfo
0x444c6c SizeofResource
0x444c70 GetProcessVersion
0x444c74 GetLastError
0x444c78 MultiByteToWideChar
0x444c7c WideCharToMultiByte
0x444c80 InterlockedExchange
0x444c84 InterlockedIncrement
0x444c88 GetCurrentDirectoryA
0x444c8c WritePrivateProfileStringA
0x444c90 GetPrivateProfileStringA
0x444c94 GetPrivateProfileIntA
0x444c98 GlobalFlags
0x444c9c lstrlenA
0x444ca0 lstrcpynA
0x444ca4 TlsGetValue
0x444ca8 LocalReAlloc
0x444cac TlsSetValue
0x444cb0 EnterCriticalSection
0x444cb4 GlobalReAlloc
0x444cb8 LeaveCriticalSection
0x444cbc TlsFree
0x444cc0 GlobalHandle
0x444cc4 DeleteCriticalSection
0x444cc8 TlsAlloc
0x444ccc InitializeCriticalSection
0x444cd0 LocalFree
0x444cd4 LocalAlloc
0x444cd8 InterlockedDecrement
0x444cdc MulDiv
0x444ce0 SetLastError
0x444ce4 GetVersion
0x444ce8 lstrcatA
0x444cec GlobalGetAtomNameA
0x444cf0 GlobalAddAtomA
0x444cf4 GlobalFindAtomA
0x444cf8 lstrcpyA
0x444cfc GetModuleHandleA
0x444d00 GlobalUnlock
0x444d04 GlobalFree
0x444d08 LockResource
0x444d0c FindResourceA
0x444d10 LoadResource
0x444d14 CreateEventA
0x444d18 SuspendThread
0x444d1c SetThreadPriority
0x444d20 ResumeThread
0x444d24 SetEvent
0x444d28 WaitForSingleObject
0x444d2c GetModuleFileNameA
0x444d30 GlobalLock
0x444d34 GlobalAlloc
0x444d38 GlobalDeleteAtom
0x444d3c lstrcmpA
0x444d40 lstrcmpiA
0x444d44 GetCurrentThread
0x444d48 GetCurrentThreadId
0x444d4c FreeLibrary
0x444d50 HeapFree
0x444d54 LoadLibraryA
0x444d58 GetProcAddress
0x444d5c VirtualFree
0x444d60 VirtualProtect
0x444d64 VirtualAlloc
0x444d68 GetProcessHeap
0x444d6c HeapAlloc
0x444d70 GetFileSize
0x444d74 ReadFile
0x444d78 CreateFileA
0x444d7c WriteFile
0x444d80 CloseHandle
0x444d84 GetVersionExA
0x444d88 Sleep
USER32.dll
0x444e64 EndDeferWindowPos
0x444e68 CopyRect
0x444e6c BeginDeferWindowPos
0x444e70 DeferWindowPos
0x444e74 EqualRect
0x444e78 ScreenToClient
0x444e7c AdjustWindowRectEx
0x444e80 SetFocus
0x444e84 GetSysColor
0x444e88 MapWindowPoints
0x444e8c SendDlgItemMessageA
0x444e90 UpdateWindow
0x444e94 CheckDlgButton
0x444e98 CheckRadioButton
0x444e9c GetDlgItemInt
0x444ea0 GetDlgItemTextA
0x444ea4 SetDlgItemInt
0x444ea8 SetDlgItemTextA
0x444eac IsDlgButtonChecked
0x444eb0 ScrollWindowEx
0x444eb4 IsDialogMessageA
0x444eb8 SetWindowTextA
0x444ebc MoveWindow
0x444ec0 ShowWindow
0x444ec4 ClientToScreen
0x444ec8 GetDC
0x444ecc ReleaseDC
0x444ed0 GetWindowDC
0x444ed4 BeginPaint
0x444ed8 EndPaint
0x444edc TabbedTextOutA
0x444ee0 DrawTextA
0x444ee4 GrayStringA
0x444ee8 LoadCursorA
0x444eec SetCapture
0x444ef0 ReleaseCapture
0x444ef4 WaitMessage
0x444ef8 GetDesktopWindow
0x444efc GetWindowThreadProcessId
0x444f00 WindowFromPoint
0x444f04 GetClassNameA
0x444f08 PtInRect
0x444f0c InsertMenuA
0x444f10 DeleteMenu
0x444f14 GetMenuStringA
0x444f18 CharToOemA
0x444f1c OemToCharA
0x444f20 GetSysColorBrush
0x444f24 LoadStringA
0x444f28 GetDialogBaseUnits
0x444f2c DestroyMenu
0x444f30 SetRectEmpty
0x444f34 LoadAcceleratorsA
0x444f38 TranslateAcceleratorA
0x444f3c LoadMenuA
0x444f40 SetMenu
0x444f44 ReuseDDElParam
0x444f48 UnpackDDElParam
0x444f4c InvalidateRect
0x444f50 BringWindowToTop
0x444f54 CharUpperA
0x444f58 ScrollWindow
0x444f5c GetScrollInfo
0x444f60 SetScrollInfo
0x444f64 ShowScrollBar
0x444f68 GetScrollRange
0x444f6c SetScrollRange
0x444f70 GetScrollPos
0x444f74 SetScrollPos
0x444f78 GetTopWindow
0x444f7c IsChild
0x444f80 GetCapture
0x444f84 WinHelpA
0x444f88 wsprintfA
0x444f8c GetClassInfoA
0x444f90 RegisterClassA
0x444f94 GetMenu
0x444f98 GetMenuItemCount
0x444f9c GetSubMenu
0x444fa0 GetMenuItemID
0x444fa4 TrackPopupMenu
0x444fa8 SetWindowPlacement
0x444fac GetWindowTextLengthA
0x444fb0 GetWindowTextA
0x444fb4 GetDlgCtrlID
0x444fb8 CreateWindowExA
0x444fbc GetClassLongA
0x444fc0 SetPropA
0x444fc4 UnhookWindowsHookEx
0x444fc8 GetPropA
0x444fcc CallWindowProcA
0x444fd0 RemovePropA
0x444fd4 DefWindowProcA
0x444fd8 GetMessageTime
0x444fdc GetMessagePos
0x444fe0 GetForegroundWindow
0x444fe4 SetForegroundWindow
0x444fe8 GetWindow
0x444fec SetWindowLongA
0x444ff0 SetWindowPos
0x444ff4 RegisterWindowMessageA
0x444ff8 IntersectRect
0x444ffc SystemParametersInfoA
0x445000 GetWindowPlacement
0x445004 GetWindowRect
0x445008 EndDialog
0x44500c SetActiveWindow
0x445010 IsWindow
0x445014 CreateDialogIndirectParamA
0x445018 DestroyWindow
0x44501c GetDlgItem
0x445020 GetMenuCheckMarkDimensions
0x445024 LoadBitmapA
0x445028 GetMenuState
0x44502c ModifyMenuA
0x445030 SetMenuItemBitmaps
0x445034 CheckMenuItem
0x445038 EnableMenuItem
0x44503c GetFocus
0x445040 GetNextDlgTabItem
0x445044 GetMessageA
0x445048 TranslateMessage
0x44504c DispatchMessageA
0x445050 GetActiveWindow
0x445054 GetKeyState
0x445058 CallNextHookEx
0x44505c ValidateRect
0x445060 IsWindowVisible
0x445064 PeekMessageA
0x445068 GetCursorPos
0x44506c SetWindowsHookExA
0x445070 GetParent
0x445074 GetLastActivePopup
0x445078 IsWindowEnabled
0x44507c GetWindowLongA
0x445080 MessageBoxA
0x445084 SetCursor
0x445088 ShowOwnedPopups
0x44508c PostQuitMessage
0x445090 PostMessageA
0x445094 LoadIconA
0x445098 EnableWindow
0x44509c GetClientRect
0x4450a0 IsIconic
0x4450a4 SendMessageA
0x4450a8 DrawIcon
0x4450ac GetSystemMetrics
0x4450b0 OffsetRect
0x4450b4 UnregisterClassA
GDI32.dll
0x4449dc SetMapMode
0x4449e0 SetViewportOrgEx
0x4449e4 OffsetViewportOrgEx
0x4449e8 SetViewportExtEx
0x4449ec ScaleViewportExtEx
0x4449f0 SetWindowOrgEx
0x4449f4 OffsetWindowOrgEx
0x4449f8 SetWindowExtEx
0x4449fc ScaleWindowExtEx
0x444a00 SelectClipRgn
0x444a04 ExcludeClipRect
0x444a08 IntersectClipRect
0x444a0c OffsetClipRgn
0x444a10 MoveToEx
0x444a14 LineTo
0x444a18 SetTextAlign
0x444a1c SetTextJustification
0x444a20 SetTextCharacterExtra
0x444a24 SetMapperFlags
0x444a28 GetCurrentPositionEx
0x444a2c ArcTo
0x444a30 SetArcDirection
0x444a34 PolyDraw
0x444a38 GetObjectA
0x444a3c PolylineTo
0x444a40 SetColorAdjustment
0x444a44 SetStretchBltMode
0x444a48 DeleteObject
0x444a4c SetPolyFillMode
0x444a50 CreateRectRgn
0x444a54 SelectClipPath
0x444a58 ExtSelectClipRgn
0x444a5c PlayMetaFileRecord
0x444a60 GetObjectType
0x444a64 EnumMetaFile
0x444a68 PlayMetaFile
0x444a6c GetDeviceCaps
0x444a70 GetViewportExtEx
0x444a74 GetWindowExtEx
0x444a78 CreatePen
0x444a7c ExtCreatePen
0x444a80 CreateSolidBrush
0x444a84 CreateHatchBrush
0x444a88 CreatePatternBrush
0x444a8c CreateDIBPatternBrushPt
0x444a90 PtVisible
0x444a94 RectVisible
0x444a98 TextOutA
0x444a9c ExtTextOutA
0x444aa0 Escape
0x444aa4 GetTextExtentPoint32A
0x444aa8 GetTextMetricsA
0x444aac CreateFontIndirectA
0x444ab0 PolyBezierTo
0x444ab4 SetROP2
0x444ab8 SetBkColor
0x444abc SetTextColor
0x444ac0 GetClipBox
0x444ac4 SetBkMode
0x444ac8 SelectPalette
0x444acc GetStockObject
0x444ad0 SelectObject
0x444ad4 RestoreDC
0x444ad8 SaveDC
0x444adc StartDocA
0x444ae0 GetClipRgn
0x444ae4 CreateBitmap
0x444ae8 GetDCOrgEx
0x444aec DeleteDC
comdlg32.dll
0x445190 GetFileTitleA
WINSPOOL.DRV
0x445158 OpenPrinterA
0x44515c DocumentPropertiesA
0x445160 ClosePrinter
ADVAPI32.dll
0x44495c RegDeleteKeyA
0x444960 RegDeleteValueA
0x444964 RegSetValueExA
0x444968 RegQueryValueExA
0x44496c RegOpenKeyExA
0x444970 RegCreateKeyExA
0x444974 RegCloseKey
0x444978 RegOpenKeyA
SHELL32.dll
0x444e28 SHGetFileInfoA
0x444e2c DragQueryFileA
0x444e30 DragAcceptFiles
0x444e34 DragFinish
COMCTL32.dll
0x4449ac None
imagehlp.dll
0x4451c0 MakeSureDirectoryPathExists
EAT(Export Address Table) Library
0x4010f0 heiyuxhj