ScreenShot
| Created | 2023.06.17 18:13 | Machine | s1_win7_x6403 |
| Filename | steamrepairnet.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 4 detected (grayware, confidence, Malicious) | ||
| md5 | 77d6c227485a414fd6676dc5a006a9cf | ||
| sha256 | 61c9a03a1d0603b58bfc58651c06825acdb62afc621d1ed9ef2c6b73d0da5cdf | ||
| ssdeep | 24576:EPjEdvLuFy/c4Ka75kH+EXGwDLzC4lt4woWYRemb3/C:Ujo2yDKa75kH+gvzz/4w9Y3 | ||
| imphash | a05aa64dd13ec249eaa19572667e46d3 | ||
| impfuzzy | 96:yRHZBdGJL0UZ8U+Um5tufpiCAEFT8sQu0eWZnQKLZ8tUfNM7tYqrwyo:4bdNc+OosQu0eWZrLatiM3rwz | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| watch | Detects the presence of Wine emulator |
| notice | Creates executable files on the filesystem |
| notice | File has been identified by 4 AntiVirus engines on VirusTotal as malicious |
| notice | Foreign language identified in PE resource |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Starts servers listening |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (12cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (6cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1400b9200 LoadLibraryExW
0x1400b9208 VerSetConditionMask
0x1400b9210 GetSystemTimeAsFileTime
0x1400b9218 FileTimeToSystemTime
0x1400b9220 ResetEvent
0x1400b9228 CreateThread
0x1400b9230 SetEvent
0x1400b9238 CreateEventW
0x1400b9240 VirtualQuery
0x1400b9248 WideCharToMultiByte
0x1400b9250 CreateProcessW
0x1400b9258 GetCurrentProcessId
0x1400b9260 GetCurrentDirectoryW
0x1400b9268 GetSystemInfo
0x1400b9270 DeleteFileW
0x1400b9278 GlobalFlags
0x1400b9280 GetFileAttributesExW
0x1400b9288 MultiByteToWideChar
0x1400b9290 WriteConsoleW
0x1400b9298 SetEndOfFile
0x1400b92a0 GetStringTypeW
0x1400b92a8 SetEnvironmentVariableW
0x1400b92b0 FreeEnvironmentStringsW
0x1400b92b8 GetEnvironmentStringsW
0x1400b92c0 GetCPInfo
0x1400b92c8 GetOEMCP
0x1400b92d0 GetACP
0x1400b92d8 GetFileAttributesW
0x1400b92e0 FindFirstFileExW
0x1400b92e8 SetStdHandle
0x1400b92f0 GetFullPathNameW
0x1400b92f8 FlushFileBuffers
0x1400b9300 GetTimeZoneInformation
0x1400b9308 LCMapStringW
0x1400b9310 CompareStringW
0x1400b9318 GetConsoleOutputCP
0x1400b9320 ReadConsoleW
0x1400b9328 GetConsoleMode
0x1400b9330 WriteFile
0x1400b9338 SetFilePointerEx
0x1400b9340 SystemTimeToTzSpecificLocalTime
0x1400b9348 GetFileInformationByHandle
0x1400b9350 GetDriveTypeW
0x1400b9358 CreateFileW
0x1400b9360 FreeLibraryAndExitThread
0x1400b9368 ExitThread
0x1400b9370 GetCommandLineA
0x1400b9378 GetModuleHandleExW
0x1400b9380 TlsFree
0x1400b9388 TlsSetValue
0x1400b9390 TlsGetValue
0x1400b9398 TlsAlloc
0x1400b93a0 RtlPcToFileHeader
0x1400b93a8 RtlUnwindEx
0x1400b93b0 GetStartupInfoW
0x1400b93b8 IsProcessorFeaturePresent
0x1400b93c0 SetUnhandledExceptionFilter
0x1400b93c8 UnhandledExceptionFilter
0x1400b93d0 RtlVirtualUnwind
0x1400b93d8 RtlLookupFunctionEntry
0x1400b93e0 RtlCaptureContext
0x1400b93e8 LoadLibraryExA
0x1400b93f0 VirtualFree
0x1400b93f8 VirtualAlloc
0x1400b9400 FlushInstructionCache
0x1400b9408 InterlockedPushEntrySList
0x1400b9410 InterlockedPopEntrySList
0x1400b9418 InitializeSListHead
0x1400b9420 EncodePointer
0x1400b9428 OutputDebugStringW
0x1400b9430 GetFileSizeEx
0x1400b9438 CreateFileA
0x1400b9440 VerifyVersionInfoA
0x1400b9448 FormatMessageW
0x1400b9450 WaitForMultipleObjects
0x1400b9458 GetFileType
0x1400b9460 GetStdHandle
0x1400b9468 GetEnvironmentVariableA
0x1400b9470 WaitForSingleObjectEx
0x1400b9478 MoveFileExA
0x1400b9480 LoadLibraryA
0x1400b9488 GetModuleHandleA
0x1400b9490 GetSystemDirectoryA
0x1400b9498 QueryPerformanceFrequency
0x1400b94a0 SleepEx
0x1400b94a8 InitializeCriticalSectionEx
0x1400b94b0 QueryPerformanceCounter
0x1400b94b8 FindClose
0x1400b94c0 PeekNamedPipe
0x1400b94c8 GetModuleFileNameW
0x1400b94d0 GetCurrentProcess
0x1400b94d8 FindNextFileW
0x1400b94e0 GetCommandLineW
0x1400b94e8 SetLastError
0x1400b94f0 ReadFile
0x1400b94f8 CreateDirectoryW
0x1400b9500 FreeLibrary
0x1400b9508 GetProcAddress
0x1400b9510 LoadLibraryW
0x1400b9518 GetTickCount
0x1400b9520 ExitProcess
0x1400b9528 FindResourceW
0x1400b9530 LoadResource
0x1400b9538 LockResource
0x1400b9540 FreeResource
0x1400b9548 SizeofResource
0x1400b9550 MulDiv
0x1400b9558 GlobalUnlock
0x1400b9560 GlobalLock
0x1400b9568 GlobalFree
0x1400b9570 GlobalAlloc
0x1400b9578 LeaveCriticalSection
0x1400b9580 RaiseException
0x1400b9588 GetCurrentThreadId
0x1400b9590 GetModuleHandleW
0x1400b9598 IsDebuggerPresent
0x1400b95a0 WritePrivateProfileStringW
0x1400b95a8 ExpandEnvironmentStringsW
0x1400b95b0 TryEnterCriticalSection
0x1400b95b8 EnterCriticalSection
0x1400b95c0 InitializeCriticalSection
0x1400b95c8 CloseHandle
0x1400b95d0 Process32NextW
0x1400b95d8 Process32FirstW
0x1400b95e0 HeapFree
0x1400b95e8 CreateToolhelp32Snapshot
0x1400b95f0 OpenProcess
0x1400b95f8 lstrcmpiW
0x1400b9600 TerminateProcess
0x1400b9608 Sleep
0x1400b9610 GetProcessHeap
0x1400b9618 DeleteCriticalSection
0x1400b9620 HeapDestroy
0x1400b9628 DecodePointer
0x1400b9630 HeapAlloc
0x1400b9638 HeapReAlloc
0x1400b9640 GetLastError
0x1400b9648 HeapSize
0x1400b9650 InitializeCriticalSectionAndSpinCount
0x1400b9658 IsValidCodePage
0x1400b9660 RtlUnwind
USER32.dll
0x1400b96b8 GetFocus
0x1400b96c0 GetDesktopWindow
0x1400b96c8 MessageBoxW
0x1400b96d0 UnregisterClassW
0x1400b96d8 GetActiveWindow
0x1400b96e0 IsWindow
0x1400b96e8 SetFocus
0x1400b96f0 GetWindowLongW
0x1400b96f8 SetWindowPos
0x1400b9700 DestroyWindow
0x1400b9708 GetTopWindow
0x1400b9710 DestroyIcon
0x1400b9718 SetWindowLongW
0x1400b9720 IsZoomed
0x1400b9728 SetRect
0x1400b9730 ScreenToClient
0x1400b9738 MessageBeep
0x1400b9740 ShowWindow
0x1400b9748 InvalidateRect
0x1400b9750 DefWindowProcW
0x1400b9758 DispatchMessageW
0x1400b9760 TranslateMessage
0x1400b9768 GetMessageW
0x1400b9770 PeekMessageW
0x1400b9778 GetWindowTextW
0x1400b9780 GetWindowTextLengthW
0x1400b9788 SetWindowTextW
0x1400b9790 SendMessageW
0x1400b9798 GetKeyState
0x1400b97a0 SetCursor
0x1400b97a8 AdjustWindowRectEx
0x1400b97b0 ReleaseDC
0x1400b97b8 GetClientRect
0x1400b97c0 GetWindowDC
0x1400b97c8 GetSystemMetrics
0x1400b97d0 GetDC
0x1400b97d8 GetWindowRect
0x1400b97e0 LoadImageW
0x1400b97e8 GetParent
0x1400b97f0 LoadCursorW
0x1400b97f8 LoadIconW
0x1400b9800 RegisterClassW
0x1400b9808 GetClassInfoW
0x1400b9810 LoadStringW
0x1400b9818 GetWindowLongPtrW
0x1400b9820 CreateWindowExW
0x1400b9828 EnumWindows
0x1400b9830 MoveWindow
0x1400b9838 GetMonitorInfoW
0x1400b9840 WaitForInputIdle
0x1400b9848 SetActiveWindow
0x1400b9850 MonitorFromWindow
0x1400b9858 GetWindowThreadProcessId
0x1400b9860 wsprintfW
0x1400b9868 CharNextW
0x1400b9870 GetClassInfoExW
0x1400b9878 PostQuitMessage
0x1400b9880 TranslateAcceleratorW
0x1400b9888 RegisterClassExW
0x1400b9890 DeleteMenu
0x1400b9898 SetWindowLongPtrW
0x1400b98a0 PostMessageW
0x1400b98a8 GetDlgItem
0x1400b98b0 GetSysColor
0x1400b98b8 IsWindowEnabled
0x1400b98c0 FillRect
0x1400b98c8 CallWindowProcW
0x1400b98d0 EnableWindow
0x1400b98d8 EndPaint
0x1400b98e0 GetNextDlgTabItem
0x1400b98e8 BeginPaint
0x1400b98f0 IsIconic
0x1400b98f8 GetClassNameW
0x1400b9900 IntersectRect
0x1400b9908 IsRectEmpty
0x1400b9910 WinHelpW
0x1400b9918 OffsetRect
0x1400b9920 RedrawWindow
0x1400b9928 ClientToScreen
0x1400b9930 SetParent
0x1400b9938 PtInRect
0x1400b9940 GetLastActivePopup
0x1400b9948 GetSystemMenu
0x1400b9950 GetWindow
0x1400b9958 IsWindowVisible
0x1400b9960 SetWindowRgn
0x1400b9968 DrawIcon
0x1400b9970 IsDialogMessageW
0x1400b9978 GetDlgCtrlID
0x1400b9980 IsChild
0x1400b9988 SetMenu
GDI32.dll
0x1400b9158 GetDeviceCaps
0x1400b9160 DeleteDC
0x1400b9168 GetObjectW
0x1400b9170 SetStretchBltMode
0x1400b9178 DeleteObject
0x1400b9180 GdiAlphaBlend
0x1400b9188 CreateCompatibleDC
0x1400b9190 SetDIBColorTable
0x1400b9198 CreateDIBSection
0x1400b91a0 SelectObject
0x1400b91a8 CreateFontIndirectW
0x1400b91b0 CreateSolidBrush
0x1400b91b8 SetBkColor
0x1400b91c0 SetTextColor
0x1400b91c8 CreateEllipticRgn
0x1400b91d0 CreateRoundRectRgn
0x1400b91d8 GetClipBox
0x1400b91e0 ExcludeClipRect
0x1400b91e8 GetTextMetricsW
0x1400b91f0 GetStockObject
ADVAPI32.dll
0x1400b9000 RegEnumKeyExW
0x1400b9008 RegDeleteValueW
0x1400b9010 RegCreateKeyExW
0x1400b9018 RegSetValueExW
0x1400b9020 RegCreateKeyW
0x1400b9028 RegCloseKey
0x1400b9030 RegQueryValueExW
0x1400b9038 RegOpenKeyExW
0x1400b9040 RegQueryInfoKeyW
0x1400b9048 CryptAcquireContextA
0x1400b9050 CryptReleaseContext
0x1400b9058 CryptGetHashParam
0x1400b9060 CryptGenRandom
0x1400b9068 CryptCreateHash
0x1400b9070 CryptHashData
0x1400b9078 CryptDestroyHash
0x1400b9080 CryptDestroyKey
0x1400b9088 CryptImportKey
0x1400b9090 CryptEncrypt
0x1400b9098 RegDeleteKeyW
SHELL32.dll
0x1400b9690 DragQueryFileW
0x1400b9698 DragFinish
0x1400b96a0 Shell_NotifyIconW
0x1400b96a8 SHGetSpecialFolderPathW
ole32.dll
0x1400b9be8 CoTaskMemRealloc
0x1400b9bf0 CoTaskMemFree
0x1400b9bf8 CoTaskMemAlloc
0x1400b9c00 CoCreateInstance
0x1400b9c08 CoInitializeEx
0x1400b9c10 CoUninitialize
0x1400b9c18 CreateStreamOnHGlobal
OLEAUT32.dll
0x1400b9670 SystemTimeToVariantTime
0x1400b9678 VariantTimeToSystemTime
0x1400b9680 VarUI4FromStr
COMCTL32.dll
0x1400b90a8 ImageList_AddMasked
0x1400b90b0 ImageList_Create
0x1400b90b8 ImageList_Destroy
0x1400b90c0 InitCommonControlsEx
WLDAP32.dll
0x1400b9998 None
0x1400b99a0 None
0x1400b99a8 None
0x1400b99b0 None
0x1400b99b8 None
0x1400b99c0 None
0x1400b99c8 None
0x1400b99d0 None
0x1400b99d8 None
0x1400b99e0 None
0x1400b99e8 None
0x1400b99f0 None
0x1400b99f8 None
0x1400b9a00 None
0x1400b9a08 None
0x1400b9a10 None
0x1400b9a18 None
WS2_32.dll
0x1400b9a28 inet_pton
0x1400b9a30 WSAGetLastError
0x1400b9a38 WSACleanup
0x1400b9a40 WSAStartup
0x1400b9a48 __WSAFDIsSet
0x1400b9a50 gethostname
0x1400b9a58 sendto
0x1400b9a60 recvfrom
0x1400b9a68 WSAEventSelect
0x1400b9a70 WSAEnumNetworkEvents
0x1400b9a78 WSACreateEvent
0x1400b9a80 WSACloseEvent
0x1400b9a88 freeaddrinfo
0x1400b9a90 getaddrinfo
0x1400b9a98 ntohl
0x1400b9aa0 ioctlsocket
0x1400b9aa8 listen
0x1400b9ab0 htonl
0x1400b9ab8 socket
0x1400b9ac0 send
0x1400b9ac8 recv
0x1400b9ad0 closesocket
0x1400b9ad8 accept
0x1400b9ae0 WSAIoctl
0x1400b9ae8 setsockopt
0x1400b9af0 select
0x1400b9af8 htons
0x1400b9b00 getsockopt
0x1400b9b08 getsockname
0x1400b9b10 getpeername
0x1400b9b18 connect
0x1400b9b20 ind
0x1400b9b28 WSASetLastError
0x1400b9b30 ntohs
gdiplus.dll
0x1400b9b40 GdipCreateBitmapFromScan0
0x1400b9b48 GdipCreateBitmapFromFile
0x1400b9b50 GdipGetImageWidth
0x1400b9b58 GdipSetCompositingMode
0x1400b9b60 GdipGetImagePalette
0x1400b9b68 GdipDeleteGraphics
0x1400b9b70 GdipGetImageGraphicsContext
0x1400b9b78 GdipBitmapLockBits
0x1400b9b80 GdipFree
0x1400b9b88 GdipGetImagePixelFormat
0x1400b9b90 GdipDrawImageRectI
0x1400b9b98 GdipAlloc
0x1400b9ba0 GdipCreateBitmapFromStream
0x1400b9ba8 GdipBitmapUnlockBits
0x1400b9bb0 GdipCloneImage
0x1400b9bb8 GdipGetImagePaletteSize
0x1400b9bc0 GdipGetImageHeight
0x1400b9bc8 GdiplusShutdown
0x1400b9bd0 GdiplusStartup
0x1400b9bd8 GdipDisposeImage
CRYPT32.dll
0x1400b90d0 CryptDecodeObjectEx
0x1400b90d8 CertAddCertificateContextToStore
0x1400b90e0 CertFindExtension
0x1400b90e8 CryptStringToBinaryA
0x1400b90f0 CryptQueryObject
0x1400b90f8 CertCreateCertificateChainEngine
0x1400b9100 CertFreeCertificateChainEngine
0x1400b9108 CertGetCertificateChain
0x1400b9110 PFXImportCertStore
0x1400b9118 CertOpenStore
0x1400b9120 CertCloseStore
0x1400b9128 CertEnumCertificatesInStore
0x1400b9130 CertGetNameStringA
0x1400b9138 CertFindCertificateInStore
0x1400b9140 CertFreeCertificateChain
0x1400b9148 CertFreeCertificateContext
EAT(Export Address Table) is none
KERNEL32.dll
0x1400b9200 LoadLibraryExW
0x1400b9208 VerSetConditionMask
0x1400b9210 GetSystemTimeAsFileTime
0x1400b9218 FileTimeToSystemTime
0x1400b9220 ResetEvent
0x1400b9228 CreateThread
0x1400b9230 SetEvent
0x1400b9238 CreateEventW
0x1400b9240 VirtualQuery
0x1400b9248 WideCharToMultiByte
0x1400b9250 CreateProcessW
0x1400b9258 GetCurrentProcessId
0x1400b9260 GetCurrentDirectoryW
0x1400b9268 GetSystemInfo
0x1400b9270 DeleteFileW
0x1400b9278 GlobalFlags
0x1400b9280 GetFileAttributesExW
0x1400b9288 MultiByteToWideChar
0x1400b9290 WriteConsoleW
0x1400b9298 SetEndOfFile
0x1400b92a0 GetStringTypeW
0x1400b92a8 SetEnvironmentVariableW
0x1400b92b0 FreeEnvironmentStringsW
0x1400b92b8 GetEnvironmentStringsW
0x1400b92c0 GetCPInfo
0x1400b92c8 GetOEMCP
0x1400b92d0 GetACP
0x1400b92d8 GetFileAttributesW
0x1400b92e0 FindFirstFileExW
0x1400b92e8 SetStdHandle
0x1400b92f0 GetFullPathNameW
0x1400b92f8 FlushFileBuffers
0x1400b9300 GetTimeZoneInformation
0x1400b9308 LCMapStringW
0x1400b9310 CompareStringW
0x1400b9318 GetConsoleOutputCP
0x1400b9320 ReadConsoleW
0x1400b9328 GetConsoleMode
0x1400b9330 WriteFile
0x1400b9338 SetFilePointerEx
0x1400b9340 SystemTimeToTzSpecificLocalTime
0x1400b9348 GetFileInformationByHandle
0x1400b9350 GetDriveTypeW
0x1400b9358 CreateFileW
0x1400b9360 FreeLibraryAndExitThread
0x1400b9368 ExitThread
0x1400b9370 GetCommandLineA
0x1400b9378 GetModuleHandleExW
0x1400b9380 TlsFree
0x1400b9388 TlsSetValue
0x1400b9390 TlsGetValue
0x1400b9398 TlsAlloc
0x1400b93a0 RtlPcToFileHeader
0x1400b93a8 RtlUnwindEx
0x1400b93b0 GetStartupInfoW
0x1400b93b8 IsProcessorFeaturePresent
0x1400b93c0 SetUnhandledExceptionFilter
0x1400b93c8 UnhandledExceptionFilter
0x1400b93d0 RtlVirtualUnwind
0x1400b93d8 RtlLookupFunctionEntry
0x1400b93e0 RtlCaptureContext
0x1400b93e8 LoadLibraryExA
0x1400b93f0 VirtualFree
0x1400b93f8 VirtualAlloc
0x1400b9400 FlushInstructionCache
0x1400b9408 InterlockedPushEntrySList
0x1400b9410 InterlockedPopEntrySList
0x1400b9418 InitializeSListHead
0x1400b9420 EncodePointer
0x1400b9428 OutputDebugStringW
0x1400b9430 GetFileSizeEx
0x1400b9438 CreateFileA
0x1400b9440 VerifyVersionInfoA
0x1400b9448 FormatMessageW
0x1400b9450 WaitForMultipleObjects
0x1400b9458 GetFileType
0x1400b9460 GetStdHandle
0x1400b9468 GetEnvironmentVariableA
0x1400b9470 WaitForSingleObjectEx
0x1400b9478 MoveFileExA
0x1400b9480 LoadLibraryA
0x1400b9488 GetModuleHandleA
0x1400b9490 GetSystemDirectoryA
0x1400b9498 QueryPerformanceFrequency
0x1400b94a0 SleepEx
0x1400b94a8 InitializeCriticalSectionEx
0x1400b94b0 QueryPerformanceCounter
0x1400b94b8 FindClose
0x1400b94c0 PeekNamedPipe
0x1400b94c8 GetModuleFileNameW
0x1400b94d0 GetCurrentProcess
0x1400b94d8 FindNextFileW
0x1400b94e0 GetCommandLineW
0x1400b94e8 SetLastError
0x1400b94f0 ReadFile
0x1400b94f8 CreateDirectoryW
0x1400b9500 FreeLibrary
0x1400b9508 GetProcAddress
0x1400b9510 LoadLibraryW
0x1400b9518 GetTickCount
0x1400b9520 ExitProcess
0x1400b9528 FindResourceW
0x1400b9530 LoadResource
0x1400b9538 LockResource
0x1400b9540 FreeResource
0x1400b9548 SizeofResource
0x1400b9550 MulDiv
0x1400b9558 GlobalUnlock
0x1400b9560 GlobalLock
0x1400b9568 GlobalFree
0x1400b9570 GlobalAlloc
0x1400b9578 LeaveCriticalSection
0x1400b9580 RaiseException
0x1400b9588 GetCurrentThreadId
0x1400b9590 GetModuleHandleW
0x1400b9598 IsDebuggerPresent
0x1400b95a0 WritePrivateProfileStringW
0x1400b95a8 ExpandEnvironmentStringsW
0x1400b95b0 TryEnterCriticalSection
0x1400b95b8 EnterCriticalSection
0x1400b95c0 InitializeCriticalSection
0x1400b95c8 CloseHandle
0x1400b95d0 Process32NextW
0x1400b95d8 Process32FirstW
0x1400b95e0 HeapFree
0x1400b95e8 CreateToolhelp32Snapshot
0x1400b95f0 OpenProcess
0x1400b95f8 lstrcmpiW
0x1400b9600 TerminateProcess
0x1400b9608 Sleep
0x1400b9610 GetProcessHeap
0x1400b9618 DeleteCriticalSection
0x1400b9620 HeapDestroy
0x1400b9628 DecodePointer
0x1400b9630 HeapAlloc
0x1400b9638 HeapReAlloc
0x1400b9640 GetLastError
0x1400b9648 HeapSize
0x1400b9650 InitializeCriticalSectionAndSpinCount
0x1400b9658 IsValidCodePage
0x1400b9660 RtlUnwind
USER32.dll
0x1400b96b8 GetFocus
0x1400b96c0 GetDesktopWindow
0x1400b96c8 MessageBoxW
0x1400b96d0 UnregisterClassW
0x1400b96d8 GetActiveWindow
0x1400b96e0 IsWindow
0x1400b96e8 SetFocus
0x1400b96f0 GetWindowLongW
0x1400b96f8 SetWindowPos
0x1400b9700 DestroyWindow
0x1400b9708 GetTopWindow
0x1400b9710 DestroyIcon
0x1400b9718 SetWindowLongW
0x1400b9720 IsZoomed
0x1400b9728 SetRect
0x1400b9730 ScreenToClient
0x1400b9738 MessageBeep
0x1400b9740 ShowWindow
0x1400b9748 InvalidateRect
0x1400b9750 DefWindowProcW
0x1400b9758 DispatchMessageW
0x1400b9760 TranslateMessage
0x1400b9768 GetMessageW
0x1400b9770 PeekMessageW
0x1400b9778 GetWindowTextW
0x1400b9780 GetWindowTextLengthW
0x1400b9788 SetWindowTextW
0x1400b9790 SendMessageW
0x1400b9798 GetKeyState
0x1400b97a0 SetCursor
0x1400b97a8 AdjustWindowRectEx
0x1400b97b0 ReleaseDC
0x1400b97b8 GetClientRect
0x1400b97c0 GetWindowDC
0x1400b97c8 GetSystemMetrics
0x1400b97d0 GetDC
0x1400b97d8 GetWindowRect
0x1400b97e0 LoadImageW
0x1400b97e8 GetParent
0x1400b97f0 LoadCursorW
0x1400b97f8 LoadIconW
0x1400b9800 RegisterClassW
0x1400b9808 GetClassInfoW
0x1400b9810 LoadStringW
0x1400b9818 GetWindowLongPtrW
0x1400b9820 CreateWindowExW
0x1400b9828 EnumWindows
0x1400b9830 MoveWindow
0x1400b9838 GetMonitorInfoW
0x1400b9840 WaitForInputIdle
0x1400b9848 SetActiveWindow
0x1400b9850 MonitorFromWindow
0x1400b9858 GetWindowThreadProcessId
0x1400b9860 wsprintfW
0x1400b9868 CharNextW
0x1400b9870 GetClassInfoExW
0x1400b9878 PostQuitMessage
0x1400b9880 TranslateAcceleratorW
0x1400b9888 RegisterClassExW
0x1400b9890 DeleteMenu
0x1400b9898 SetWindowLongPtrW
0x1400b98a0 PostMessageW
0x1400b98a8 GetDlgItem
0x1400b98b0 GetSysColor
0x1400b98b8 IsWindowEnabled
0x1400b98c0 FillRect
0x1400b98c8 CallWindowProcW
0x1400b98d0 EnableWindow
0x1400b98d8 EndPaint
0x1400b98e0 GetNextDlgTabItem
0x1400b98e8 BeginPaint
0x1400b98f0 IsIconic
0x1400b98f8 GetClassNameW
0x1400b9900 IntersectRect
0x1400b9908 IsRectEmpty
0x1400b9910 WinHelpW
0x1400b9918 OffsetRect
0x1400b9920 RedrawWindow
0x1400b9928 ClientToScreen
0x1400b9930 SetParent
0x1400b9938 PtInRect
0x1400b9940 GetLastActivePopup
0x1400b9948 GetSystemMenu
0x1400b9950 GetWindow
0x1400b9958 IsWindowVisible
0x1400b9960 SetWindowRgn
0x1400b9968 DrawIcon
0x1400b9970 IsDialogMessageW
0x1400b9978 GetDlgCtrlID
0x1400b9980 IsChild
0x1400b9988 SetMenu
GDI32.dll
0x1400b9158 GetDeviceCaps
0x1400b9160 DeleteDC
0x1400b9168 GetObjectW
0x1400b9170 SetStretchBltMode
0x1400b9178 DeleteObject
0x1400b9180 GdiAlphaBlend
0x1400b9188 CreateCompatibleDC
0x1400b9190 SetDIBColorTable
0x1400b9198 CreateDIBSection
0x1400b91a0 SelectObject
0x1400b91a8 CreateFontIndirectW
0x1400b91b0 CreateSolidBrush
0x1400b91b8 SetBkColor
0x1400b91c0 SetTextColor
0x1400b91c8 CreateEllipticRgn
0x1400b91d0 CreateRoundRectRgn
0x1400b91d8 GetClipBox
0x1400b91e0 ExcludeClipRect
0x1400b91e8 GetTextMetricsW
0x1400b91f0 GetStockObject
ADVAPI32.dll
0x1400b9000 RegEnumKeyExW
0x1400b9008 RegDeleteValueW
0x1400b9010 RegCreateKeyExW
0x1400b9018 RegSetValueExW
0x1400b9020 RegCreateKeyW
0x1400b9028 RegCloseKey
0x1400b9030 RegQueryValueExW
0x1400b9038 RegOpenKeyExW
0x1400b9040 RegQueryInfoKeyW
0x1400b9048 CryptAcquireContextA
0x1400b9050 CryptReleaseContext
0x1400b9058 CryptGetHashParam
0x1400b9060 CryptGenRandom
0x1400b9068 CryptCreateHash
0x1400b9070 CryptHashData
0x1400b9078 CryptDestroyHash
0x1400b9080 CryptDestroyKey
0x1400b9088 CryptImportKey
0x1400b9090 CryptEncrypt
0x1400b9098 RegDeleteKeyW
SHELL32.dll
0x1400b9690 DragQueryFileW
0x1400b9698 DragFinish
0x1400b96a0 Shell_NotifyIconW
0x1400b96a8 SHGetSpecialFolderPathW
ole32.dll
0x1400b9be8 CoTaskMemRealloc
0x1400b9bf0 CoTaskMemFree
0x1400b9bf8 CoTaskMemAlloc
0x1400b9c00 CoCreateInstance
0x1400b9c08 CoInitializeEx
0x1400b9c10 CoUninitialize
0x1400b9c18 CreateStreamOnHGlobal
OLEAUT32.dll
0x1400b9670 SystemTimeToVariantTime
0x1400b9678 VariantTimeToSystemTime
0x1400b9680 VarUI4FromStr
COMCTL32.dll
0x1400b90a8 ImageList_AddMasked
0x1400b90b0 ImageList_Create
0x1400b90b8 ImageList_Destroy
0x1400b90c0 InitCommonControlsEx
WLDAP32.dll
0x1400b9998 None
0x1400b99a0 None
0x1400b99a8 None
0x1400b99b0 None
0x1400b99b8 None
0x1400b99c0 None
0x1400b99c8 None
0x1400b99d0 None
0x1400b99d8 None
0x1400b99e0 None
0x1400b99e8 None
0x1400b99f0 None
0x1400b99f8 None
0x1400b9a00 None
0x1400b9a08 None
0x1400b9a10 None
0x1400b9a18 None
WS2_32.dll
0x1400b9a28 inet_pton
0x1400b9a30 WSAGetLastError
0x1400b9a38 WSACleanup
0x1400b9a40 WSAStartup
0x1400b9a48 __WSAFDIsSet
0x1400b9a50 gethostname
0x1400b9a58 sendto
0x1400b9a60 recvfrom
0x1400b9a68 WSAEventSelect
0x1400b9a70 WSAEnumNetworkEvents
0x1400b9a78 WSACreateEvent
0x1400b9a80 WSACloseEvent
0x1400b9a88 freeaddrinfo
0x1400b9a90 getaddrinfo
0x1400b9a98 ntohl
0x1400b9aa0 ioctlsocket
0x1400b9aa8 listen
0x1400b9ab0 htonl
0x1400b9ab8 socket
0x1400b9ac0 send
0x1400b9ac8 recv
0x1400b9ad0 closesocket
0x1400b9ad8 accept
0x1400b9ae0 WSAIoctl
0x1400b9ae8 setsockopt
0x1400b9af0 select
0x1400b9af8 htons
0x1400b9b00 getsockopt
0x1400b9b08 getsockname
0x1400b9b10 getpeername
0x1400b9b18 connect
0x1400b9b20 ind
0x1400b9b28 WSASetLastError
0x1400b9b30 ntohs
gdiplus.dll
0x1400b9b40 GdipCreateBitmapFromScan0
0x1400b9b48 GdipCreateBitmapFromFile
0x1400b9b50 GdipGetImageWidth
0x1400b9b58 GdipSetCompositingMode
0x1400b9b60 GdipGetImagePalette
0x1400b9b68 GdipDeleteGraphics
0x1400b9b70 GdipGetImageGraphicsContext
0x1400b9b78 GdipBitmapLockBits
0x1400b9b80 GdipFree
0x1400b9b88 GdipGetImagePixelFormat
0x1400b9b90 GdipDrawImageRectI
0x1400b9b98 GdipAlloc
0x1400b9ba0 GdipCreateBitmapFromStream
0x1400b9ba8 GdipBitmapUnlockBits
0x1400b9bb0 GdipCloneImage
0x1400b9bb8 GdipGetImagePaletteSize
0x1400b9bc0 GdipGetImageHeight
0x1400b9bc8 GdiplusShutdown
0x1400b9bd0 GdiplusStartup
0x1400b9bd8 GdipDisposeImage
CRYPT32.dll
0x1400b90d0 CryptDecodeObjectEx
0x1400b90d8 CertAddCertificateContextToStore
0x1400b90e0 CertFindExtension
0x1400b90e8 CryptStringToBinaryA
0x1400b90f0 CryptQueryObject
0x1400b90f8 CertCreateCertificateChainEngine
0x1400b9100 CertFreeCertificateChainEngine
0x1400b9108 CertGetCertificateChain
0x1400b9110 PFXImportCertStore
0x1400b9118 CertOpenStore
0x1400b9120 CertCloseStore
0x1400b9128 CertEnumCertificatesInStore
0x1400b9130 CertGetNameStringA
0x1400b9138 CertFindCertificateInStore
0x1400b9140 CertFreeCertificateChain
0x1400b9148 CertFreeCertificateContext
EAT(Export Address Table) is none