ScreenShot
| Created | 2023.06.21 16:00 | Machine | s1_win7_x6403 |
| Filename | ss41.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 4 detected (Wacatac, Fabookie, 6He1n0LJ9NN) | ||
| md5 | 91670b685d544cc5ee1ca6263dc76a53 | ||
| sha256 | da0c6336e8716fa723c97bf09aa86ec5e5407850c712633b21a6e9c59a94c241 | ||
| ssdeep | 6144:ul073J3gQx1K46tV9rSDWso3T+cbJ5JIJAbW0we3:z3JwQHKjT25oCIJ5MZ0w | ||
| imphash | d1884757532ce7b0014241f40262c929 | ||
| impfuzzy | 192:A1TSwPq8dM0GKtQhHlTtLbRQor3uXMp4LumrTHQk:/8xQFp1bRQor3uXC4LX/HQk | ||
Network IP location
Signature (14cnts)
| Level | Description |
|---|---|
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Executes one or more WMI queries |
| notice | File has been identified by 4 AntiVirus engines on VirusTotal as malicious |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| notice | Sends data using the HTTP POST Method |
| notice | Steals private information from local Internet browsers |
| notice | Uses Windows utilities for basic Windows functionality |
| info | Command line console output was observed |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | Win32_Trojan_Gen_2_0904B0_Zero | Win32 Trojan Gen | binaries (upload) |
Network (7cnts) ?
Suricata ids
ET MALWARE Win32/Fabookie.ek CnC Request M4 (GET)
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x140001000 TraceMessage
0x140001008 GetTraceLoggerHandle
0x140001010 GetTraceEnableLevel
0x140001018 GetTraceEnableFlags
0x140001020 RegisterTraceGuidsW
0x140001028 UnregisterTraceGuids
0x140001030 TraceEvent
0x140001038 RegSetValueExW
0x140001040 RegCloseKey
0x140001048 RegOpenKeyExW
0x140001050 RegQueryValueExW
0x140001058 RegCreateKeyExW
KERNEL32.dll
0x140001178 GetTickCount
0x140001180 QueryPerformanceCounter
0x140001188 GetModuleHandleW
0x140001190 SetUnhandledExceptionFilter
0x140001198 GetStartupInfoW
0x1400011a0 GetVersionExA
0x1400011a8 GetProcessHeap
0x1400011b0 HeapSize
0x1400011b8 HeapReAlloc
0x1400011c0 HeapFree
0x1400011c8 HeapAlloc
0x1400011d0 HeapDestroy
0x1400011d8 DeleteCriticalSection
0x1400011e0 InitializeCriticalSection
0x1400011e8 GetCurrentProcessId
0x1400011f0 GetSystemTimeAsFileTime
0x1400011f8 TerminateProcess
0x140001200 GetCurrentProcess
0x140001208 UnhandledExceptionFilter
0x140001210 OutputDebugStringA
0x140001218 CreateMutexW
0x140001220 lstrlenA
0x140001228 MultiByteToWideChar
0x140001230 ReleaseMutex
0x140001238 GetVersionExW
0x140001240 GetSystemDefaultUILanguage
0x140001248 Sleep
0x140001250 CloseHandle
0x140001258 WriteFile
0x140001260 lstrlenW
0x140001268 CreateFileW
0x140001270 FindResourceExW
0x140001278 FindResourceW
0x140001280 LoadResource
0x140001288 LockResource
0x140001290 SizeofResource
0x140001298 EnterCriticalSection
0x1400012a0 LeaveCriticalSection
0x1400012a8 RegisterApplicationRestart
0x1400012b0 HeapSetInformation
0x1400012b8 DeleteFileW
0x1400012c0 GetTempPathW
0x1400012c8 FreeLibrary
0x1400012d0 WideCharToMultiByte
0x1400012d8 GetProcAddress
0x1400012e0 LoadLibraryW
0x1400012e8 ExpandEnvironmentStringsW
0x1400012f0 RaiseException
0x1400012f8 GlobalDeleteAtom
0x140001300 GlobalAddAtomW
0x140001308 GetLastError
0x140001310 GetCurrentThreadId
0x140001318 SetLastError
GDI32.dll
0x1400010a0 CreateCompatibleBitmap
0x1400010a8 CreatePen
0x1400010b0 CreateRectRgnIndirect
0x1400010b8 CreateRectRgn
0x1400010c0 CombineRgn
0x1400010c8 GetStockObject
0x1400010d0 Rectangle
0x1400010d8 SelectObject
0x1400010e0 GetDeviceCaps
0x1400010e8 DeleteObject
0x1400010f0 SetTextColor
0x1400010f8 SetBkMode
0x140001100 GetLayout
0x140001108 GetClipRgn
0x140001110 SelectClipRgn
0x140001118 GetObjectW
0x140001120 CreatePolygonRgn
0x140001128 OffsetRgn
0x140001130 FillRgn
0x140001138 PatBlt
0x140001140 CreateCompatibleDC
0x140001148 DeleteDC
0x140001150 CreateDIBSection
0x140001158 BitBlt
0x140001160 SetLayout
0x140001168 CreateSolidBrush
USER32.dll
0x140001408 MapWindowPoints
0x140001410 GetMonitorInfoW
0x140001418 CopyRect
0x140001420 UnregisterClassA
0x140001428 DeferWindowPos
0x140001430 BeginDeferWindowPos
0x140001438 SetCursor
0x140001440 GetIconInfo
0x140001448 GetWindowTextW
0x140001450 CallWindowProcW
0x140001458 DrawIconEx
0x140001460 OffsetRect
0x140001468 GetWindowRgnBox
0x140001470 UnregisterHotKey
0x140001478 GetWindowLongW
0x140001480 GetForegroundWindow
0x140001488 DestroyMenu
0x140001490 CheckMenuRadioItem
0x140001498 GetSystemMetrics
0x1400014a0 IsWindowVisible
0x1400014a8 ShowWindow
0x1400014b0 ReleaseDC
0x1400014b8 LoadCursorW
0x1400014c0 RegisterClassW
0x1400014c8 GetWindowLongPtrW
0x1400014d0 SetWindowLongPtrW
0x1400014d8 BeginPaint
0x1400014e0 LoadMenuW
0x1400014e8 SetCapture
0x1400014f0 ReleaseCapture
0x1400014f8 UnionRect
0x140001500 InvalidateRect
0x140001508 GetPropW
0x140001510 SetPropW
0x140001518 IntersectRect
0x140001520 EnumDisplayMonitors
0x140001528 IsIconic
0x140001530 PtInRect
0x140001538 GetWindow
0x140001540 LogicalToPhysicalPoint
0x140001548 SetRect
0x140001550 CloseClipboard
0x140001558 OpenClipboard
0x140001560 EmptyClipboard
0x140001568 SetClipboardData
0x140001570 GetClassNameW
0x140001578 GetParent
0x140001580 LoadAcceleratorsW
0x140001588 GetWindowRect
0x140001590 TranslateAcceleratorW
0x140001598 LoadStringW
0x1400015a0 CreateWindowExW
0x1400015a8 AdjustWindowRect
0x1400015b0 RegisterHotKey
0x1400015b8 DestroyWindow
0x1400015c0 MonitorFromWindow
0x1400015c8 EndDeferWindowPos
0x1400015d0 LoadIconW
0x1400015d8 GetSubMenu
0x1400015e0 LoadImageW
0x1400015e8 SetClassLongPtrW
0x1400015f0 SetWindowTextW
0x1400015f8 IsZoomed
0x140001600 DialogBoxParamW
0x140001608 CheckDlgButton
0x140001610 IsDlgButtonChecked
0x140001618 GetClientRect
0x140001620 DrawFocusRect
0x140001628 DrawTextW
0x140001630 GetProcessDefaultLayout
0x140001638 TrackPopupMenuEx
0x140001640 SetScrollInfo
0x140001648 GetScrollInfo
0x140001650 SetFocus
0x140001658 DefWindowProcW
0x140001660 PostMessageW
0x140001668 GetMessageW
0x140001670 TranslateMessage
0x140001678 DispatchMessageW
0x140001680 EndPaint
0x140001688 AdjustWindowRectEx
0x140001690 InflateRect
0x140001698 FillRect
0x1400016a0 SendMessageW
0x1400016a8 EndDialog
0x1400016b0 GetDlgItem
0x1400016b8 GetDC
0x1400016c0 SetForegroundWindow
0x1400016c8 OpenIcon
0x1400016d0 FindWindowW
0x1400016d8 MessageBoxW
0x1400016e0 GetSysColor
0x1400016e8 SetWindowPos
0x1400016f0 GetWindowDC
0x1400016f8 GetDesktopWindow
0x140001700 PostQuitMessage
0x140001708 SystemParametersInfoW
msvcrt.dll
0x140001840 __CxxFrameHandler3
0x140001848 ??3@YAXPEAX@Z
0x140001850 ??_V@YAXPEAX@Z
0x140001858 free
0x140001860 _vsnwprintf
0x140001868 ??_U@YAPEAX_K@Z
0x140001870 ??2@YAPEAX_K@Z
0x140001878 _wcsicmp
0x140001880 memcpy_s
0x140001888 wcscspn
0x140001890 wcsspn
0x140001898 memmove_s
0x1400018a0 malloc
0x1400018a8 _resetstkoflw
0x1400018b0 strstr
0x1400018b8 _vscwprintf
0x1400018c0 _onexit
0x1400018c8 _lock
0x1400018d0 __dllonexit
0x1400018d8 _unlock
0x1400018e0 ??1type_info@@UEAA@XZ
0x1400018e8 _errno
0x1400018f0 realloc
0x1400018f8 ?terminate@@YAXXZ
0x140001900 __set_app_type
0x140001908 _fmode
0x140001910 _commode
0x140001918 __setusermatherr
0x140001920 _amsg_exit
0x140001928 _initterm
0x140001930 _acmdln
0x140001938 exit
0x140001940 _cexit
0x140001948 _ismbblead
0x140001950 _exit
0x140001958 _XcptFilter
0x140001960 __getmainargs
0x140001968 memset
0x140001970 __C_specific_handler
0x140001978 vswprintf_s
0x140001980 _CxxThrowException
ntdll.dll
0x140001990 WinSqmIncrementDWORD
0x140001998 RtlVirtualUnwind
0x1400019a0 RtlLookupFunctionEntry
0x1400019a8 RtlCaptureContext
0x1400019b0 EtwTraceMessage
0x1400019b8 WinSqmIsOptedIn
gdiplus.dll
0x140001730 GdipSaveImageToStream
0x140001738 GdipMeasureString
0x140001740 GdipSetStringFormatFlags
0x140001748 GdipSetStringFormatLineAlign
0x140001750 GdipSetStringFormatAlign
0x140001758 GdipCreateStringFormat
0x140001760 GdipCreateFontFromLogfontW
0x140001768 GdipDeleteStringFormat
0x140001770 GdipDeleteFont
0x140001778 GdipDrawString
0x140001780 GdipFillRectangle
0x140001788 GdipCreateLineBrushFromRect
0x140001790 GdipGetImageEncodersSize
0x140001798 GdipCreateBitmapFromScan0
0x1400017a0 GdipCreateBitmapFromHBITMAP
0x1400017a8 GdipCloneImage
0x1400017b0 GdipDisposeImage
0x1400017b8 GdipSaveImageToFile
0x1400017c0 GdipFillEllipseI
0x1400017c8 GdipSetSmoothingMode
0x1400017d0 GdiplusStartup
0x1400017d8 GdiplusShutdown
0x1400017e0 GdipDeleteGraphics
0x1400017e8 GdipFillRectangleI
0x1400017f0 GdipCloneBrush
0x1400017f8 GdipDeleteBrush
0x140001800 GdipCreateSolidFill
0x140001808 GdipCreateFromHDC
0x140001810 GdipFree
0x140001818 GdipAlloc
0x140001820 GdipGetImageEncoders
COMCTL32.dll
0x140001068 ImageList_Create
0x140001070 ImageList_Add
0x140001078 None
0x140001080 ImageList_Destroy
0x140001088 None
0x140001090 InitCommonControlsEx
SHLWAPI.dll
0x1400013b0 UrlCreateFromPathW
0x1400013b8 PathFindExtensionW
0x1400013c0 StrStrA
0x1400013c8 PathIsURLW
0x1400013d0 StrChrW
0x1400013d8 None
0x1400013e0 PathFindFileNameW
0x1400013e8 None
0x1400013f0 SHRegGetUSValueW
0x1400013f8 PathRemoveExtensionW
SHELL32.dll
0x140001390 ShellAboutW
0x140001398 None
0x1400013a0 SHCreateItemInKnownFolder
ole32.dll
0x1400019c8 CoTaskMemFree
0x1400019d0 StringFromCLSID
0x1400019d8 CoInitialize
0x1400019e0 CoCreateInstance
0x1400019e8 CreateStreamOnHGlobal
0x1400019f0 CoCreateGuid
0x1400019f8 CoUninitialize
OLEAUT32.dll
0x140001338 SafeArrayGetElement
0x140001340 SafeArrayGetUBound
0x140001348 VarBstrCat
0x140001350 SysAllocStringLen
0x140001358 SysStringLen
0x140001360 SysAllocString
0x140001368 VariantClear
0x140001370 VariantInit
0x140001378 SysFreeString
0x140001380 SafeArrayPutElement
UxTheme.dll
0x140001718 GetThemeSysFont
0x140001720 GetThemeSysColor
OLEACC.dll
0x140001328 AccessibleObjectFromWindow
slc.dll
0x140001a08 SLGetWindowsInformationDWORD
msdrm.dll
0x140001830 DRMIsWindowProtected
EAT(Export Address Table) is none
ADVAPI32.dll
0x140001000 TraceMessage
0x140001008 GetTraceLoggerHandle
0x140001010 GetTraceEnableLevel
0x140001018 GetTraceEnableFlags
0x140001020 RegisterTraceGuidsW
0x140001028 UnregisterTraceGuids
0x140001030 TraceEvent
0x140001038 RegSetValueExW
0x140001040 RegCloseKey
0x140001048 RegOpenKeyExW
0x140001050 RegQueryValueExW
0x140001058 RegCreateKeyExW
KERNEL32.dll
0x140001178 GetTickCount
0x140001180 QueryPerformanceCounter
0x140001188 GetModuleHandleW
0x140001190 SetUnhandledExceptionFilter
0x140001198 GetStartupInfoW
0x1400011a0 GetVersionExA
0x1400011a8 GetProcessHeap
0x1400011b0 HeapSize
0x1400011b8 HeapReAlloc
0x1400011c0 HeapFree
0x1400011c8 HeapAlloc
0x1400011d0 HeapDestroy
0x1400011d8 DeleteCriticalSection
0x1400011e0 InitializeCriticalSection
0x1400011e8 GetCurrentProcessId
0x1400011f0 GetSystemTimeAsFileTime
0x1400011f8 TerminateProcess
0x140001200 GetCurrentProcess
0x140001208 UnhandledExceptionFilter
0x140001210 OutputDebugStringA
0x140001218 CreateMutexW
0x140001220 lstrlenA
0x140001228 MultiByteToWideChar
0x140001230 ReleaseMutex
0x140001238 GetVersionExW
0x140001240 GetSystemDefaultUILanguage
0x140001248 Sleep
0x140001250 CloseHandle
0x140001258 WriteFile
0x140001260 lstrlenW
0x140001268 CreateFileW
0x140001270 FindResourceExW
0x140001278 FindResourceW
0x140001280 LoadResource
0x140001288 LockResource
0x140001290 SizeofResource
0x140001298 EnterCriticalSection
0x1400012a0 LeaveCriticalSection
0x1400012a8 RegisterApplicationRestart
0x1400012b0 HeapSetInformation
0x1400012b8 DeleteFileW
0x1400012c0 GetTempPathW
0x1400012c8 FreeLibrary
0x1400012d0 WideCharToMultiByte
0x1400012d8 GetProcAddress
0x1400012e0 LoadLibraryW
0x1400012e8 ExpandEnvironmentStringsW
0x1400012f0 RaiseException
0x1400012f8 GlobalDeleteAtom
0x140001300 GlobalAddAtomW
0x140001308 GetLastError
0x140001310 GetCurrentThreadId
0x140001318 SetLastError
GDI32.dll
0x1400010a0 CreateCompatibleBitmap
0x1400010a8 CreatePen
0x1400010b0 CreateRectRgnIndirect
0x1400010b8 CreateRectRgn
0x1400010c0 CombineRgn
0x1400010c8 GetStockObject
0x1400010d0 Rectangle
0x1400010d8 SelectObject
0x1400010e0 GetDeviceCaps
0x1400010e8 DeleteObject
0x1400010f0 SetTextColor
0x1400010f8 SetBkMode
0x140001100 GetLayout
0x140001108 GetClipRgn
0x140001110 SelectClipRgn
0x140001118 GetObjectW
0x140001120 CreatePolygonRgn
0x140001128 OffsetRgn
0x140001130 FillRgn
0x140001138 PatBlt
0x140001140 CreateCompatibleDC
0x140001148 DeleteDC
0x140001150 CreateDIBSection
0x140001158 BitBlt
0x140001160 SetLayout
0x140001168 CreateSolidBrush
USER32.dll
0x140001408 MapWindowPoints
0x140001410 GetMonitorInfoW
0x140001418 CopyRect
0x140001420 UnregisterClassA
0x140001428 DeferWindowPos
0x140001430 BeginDeferWindowPos
0x140001438 SetCursor
0x140001440 GetIconInfo
0x140001448 GetWindowTextW
0x140001450 CallWindowProcW
0x140001458 DrawIconEx
0x140001460 OffsetRect
0x140001468 GetWindowRgnBox
0x140001470 UnregisterHotKey
0x140001478 GetWindowLongW
0x140001480 GetForegroundWindow
0x140001488 DestroyMenu
0x140001490 CheckMenuRadioItem
0x140001498 GetSystemMetrics
0x1400014a0 IsWindowVisible
0x1400014a8 ShowWindow
0x1400014b0 ReleaseDC
0x1400014b8 LoadCursorW
0x1400014c0 RegisterClassW
0x1400014c8 GetWindowLongPtrW
0x1400014d0 SetWindowLongPtrW
0x1400014d8 BeginPaint
0x1400014e0 LoadMenuW
0x1400014e8 SetCapture
0x1400014f0 ReleaseCapture
0x1400014f8 UnionRect
0x140001500 InvalidateRect
0x140001508 GetPropW
0x140001510 SetPropW
0x140001518 IntersectRect
0x140001520 EnumDisplayMonitors
0x140001528 IsIconic
0x140001530 PtInRect
0x140001538 GetWindow
0x140001540 LogicalToPhysicalPoint
0x140001548 SetRect
0x140001550 CloseClipboard
0x140001558 OpenClipboard
0x140001560 EmptyClipboard
0x140001568 SetClipboardData
0x140001570 GetClassNameW
0x140001578 GetParent
0x140001580 LoadAcceleratorsW
0x140001588 GetWindowRect
0x140001590 TranslateAcceleratorW
0x140001598 LoadStringW
0x1400015a0 CreateWindowExW
0x1400015a8 AdjustWindowRect
0x1400015b0 RegisterHotKey
0x1400015b8 DestroyWindow
0x1400015c0 MonitorFromWindow
0x1400015c8 EndDeferWindowPos
0x1400015d0 LoadIconW
0x1400015d8 GetSubMenu
0x1400015e0 LoadImageW
0x1400015e8 SetClassLongPtrW
0x1400015f0 SetWindowTextW
0x1400015f8 IsZoomed
0x140001600 DialogBoxParamW
0x140001608 CheckDlgButton
0x140001610 IsDlgButtonChecked
0x140001618 GetClientRect
0x140001620 DrawFocusRect
0x140001628 DrawTextW
0x140001630 GetProcessDefaultLayout
0x140001638 TrackPopupMenuEx
0x140001640 SetScrollInfo
0x140001648 GetScrollInfo
0x140001650 SetFocus
0x140001658 DefWindowProcW
0x140001660 PostMessageW
0x140001668 GetMessageW
0x140001670 TranslateMessage
0x140001678 DispatchMessageW
0x140001680 EndPaint
0x140001688 AdjustWindowRectEx
0x140001690 InflateRect
0x140001698 FillRect
0x1400016a0 SendMessageW
0x1400016a8 EndDialog
0x1400016b0 GetDlgItem
0x1400016b8 GetDC
0x1400016c0 SetForegroundWindow
0x1400016c8 OpenIcon
0x1400016d0 FindWindowW
0x1400016d8 MessageBoxW
0x1400016e0 GetSysColor
0x1400016e8 SetWindowPos
0x1400016f0 GetWindowDC
0x1400016f8 GetDesktopWindow
0x140001700 PostQuitMessage
0x140001708 SystemParametersInfoW
msvcrt.dll
0x140001840 __CxxFrameHandler3
0x140001848 ??3@YAXPEAX@Z
0x140001850 ??_V@YAXPEAX@Z
0x140001858 free
0x140001860 _vsnwprintf
0x140001868 ??_U@YAPEAX_K@Z
0x140001870 ??2@YAPEAX_K@Z
0x140001878 _wcsicmp
0x140001880 memcpy_s
0x140001888 wcscspn
0x140001890 wcsspn
0x140001898 memmove_s
0x1400018a0 malloc
0x1400018a8 _resetstkoflw
0x1400018b0 strstr
0x1400018b8 _vscwprintf
0x1400018c0 _onexit
0x1400018c8 _lock
0x1400018d0 __dllonexit
0x1400018d8 _unlock
0x1400018e0 ??1type_info@@UEAA@XZ
0x1400018e8 _errno
0x1400018f0 realloc
0x1400018f8 ?terminate@@YAXXZ
0x140001900 __set_app_type
0x140001908 _fmode
0x140001910 _commode
0x140001918 __setusermatherr
0x140001920 _amsg_exit
0x140001928 _initterm
0x140001930 _acmdln
0x140001938 exit
0x140001940 _cexit
0x140001948 _ismbblead
0x140001950 _exit
0x140001958 _XcptFilter
0x140001960 __getmainargs
0x140001968 memset
0x140001970 __C_specific_handler
0x140001978 vswprintf_s
0x140001980 _CxxThrowException
ntdll.dll
0x140001990 WinSqmIncrementDWORD
0x140001998 RtlVirtualUnwind
0x1400019a0 RtlLookupFunctionEntry
0x1400019a8 RtlCaptureContext
0x1400019b0 EtwTraceMessage
0x1400019b8 WinSqmIsOptedIn
gdiplus.dll
0x140001730 GdipSaveImageToStream
0x140001738 GdipMeasureString
0x140001740 GdipSetStringFormatFlags
0x140001748 GdipSetStringFormatLineAlign
0x140001750 GdipSetStringFormatAlign
0x140001758 GdipCreateStringFormat
0x140001760 GdipCreateFontFromLogfontW
0x140001768 GdipDeleteStringFormat
0x140001770 GdipDeleteFont
0x140001778 GdipDrawString
0x140001780 GdipFillRectangle
0x140001788 GdipCreateLineBrushFromRect
0x140001790 GdipGetImageEncodersSize
0x140001798 GdipCreateBitmapFromScan0
0x1400017a0 GdipCreateBitmapFromHBITMAP
0x1400017a8 GdipCloneImage
0x1400017b0 GdipDisposeImage
0x1400017b8 GdipSaveImageToFile
0x1400017c0 GdipFillEllipseI
0x1400017c8 GdipSetSmoothingMode
0x1400017d0 GdiplusStartup
0x1400017d8 GdiplusShutdown
0x1400017e0 GdipDeleteGraphics
0x1400017e8 GdipFillRectangleI
0x1400017f0 GdipCloneBrush
0x1400017f8 GdipDeleteBrush
0x140001800 GdipCreateSolidFill
0x140001808 GdipCreateFromHDC
0x140001810 GdipFree
0x140001818 GdipAlloc
0x140001820 GdipGetImageEncoders
COMCTL32.dll
0x140001068 ImageList_Create
0x140001070 ImageList_Add
0x140001078 None
0x140001080 ImageList_Destroy
0x140001088 None
0x140001090 InitCommonControlsEx
SHLWAPI.dll
0x1400013b0 UrlCreateFromPathW
0x1400013b8 PathFindExtensionW
0x1400013c0 StrStrA
0x1400013c8 PathIsURLW
0x1400013d0 StrChrW
0x1400013d8 None
0x1400013e0 PathFindFileNameW
0x1400013e8 None
0x1400013f0 SHRegGetUSValueW
0x1400013f8 PathRemoveExtensionW
SHELL32.dll
0x140001390 ShellAboutW
0x140001398 None
0x1400013a0 SHCreateItemInKnownFolder
ole32.dll
0x1400019c8 CoTaskMemFree
0x1400019d0 StringFromCLSID
0x1400019d8 CoInitialize
0x1400019e0 CoCreateInstance
0x1400019e8 CreateStreamOnHGlobal
0x1400019f0 CoCreateGuid
0x1400019f8 CoUninitialize
OLEAUT32.dll
0x140001338 SafeArrayGetElement
0x140001340 SafeArrayGetUBound
0x140001348 VarBstrCat
0x140001350 SysAllocStringLen
0x140001358 SysStringLen
0x140001360 SysAllocString
0x140001368 VariantClear
0x140001370 VariantInit
0x140001378 SysFreeString
0x140001380 SafeArrayPutElement
UxTheme.dll
0x140001718 GetThemeSysFont
0x140001720 GetThemeSysColor
OLEACC.dll
0x140001328 AccessibleObjectFromWindow
slc.dll
0x140001a08 SLGetWindowsInformationDWORD
msdrm.dll
0x140001830 DRMIsWindowProtected
EAT(Export Address Table) is none