ScreenShot
| Created | 2023.06.22 10:07 | Machine | s1_win7_x6401 |
| Filename | MEMOVACATIONLIST7548100283DH4746EYHH.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 40 detected (AIDetectMalware, malicious, high confidence, Zusy, Save, Delf, LALX, Attribute, HighConfidence, ModiLoader, DropperX, Ztjl, Siggen20, Artemis, Static AI, Suspicious PE, Detected, ai score=87, AveMaria, score, BScope, Formbook, unsafe, GdSda, CLASSIC, Outbreak, susgen, ZelphiCO, SGW@aaANZlj, confidence) | ||
| md5 | 4954636fe876459d1a8654235bec6f3c | ||
| sha256 | 7cfdbb46f90befe58e3f7487c9a807328f69c223fa0fc240ce292bb7d85ef099 | ||
| ssdeep | 12288:mTlUbdpW5/5o8FF2FENOeqBWJz4RC7AptkCizoHm8gn7hQEL:mTqC/5otAqYOo8ptkCizoH9gnGE | ||
| imphash | 02d762f1aaf16e6c8e03fe60f0c9d48e | ||
| impfuzzy | 96:8cfpHYU3O0MJ4+Xxp4U8lS1W+YBbuu2DrSUvK9LVqo1GqE6nDwPOQ08Z:f3u0G1OBbuuSrSUvK9RqooqE6EPOQ0q | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 40 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
kernel32.dll
0x49f1a4 DeleteCriticalSection
0x49f1a8 LeaveCriticalSection
0x49f1ac EnterCriticalSection
0x49f1b0 InitializeCriticalSection
0x49f1b4 VirtualFree
0x49f1b8 VirtualAlloc
0x49f1bc LocalFree
0x49f1c0 LocalAlloc
0x49f1c4 GetVersion
0x49f1c8 GetCurrentThreadId
0x49f1cc InterlockedDecrement
0x49f1d0 InterlockedIncrement
0x49f1d4 VirtualQuery
0x49f1d8 WideCharToMultiByte
0x49f1dc MultiByteToWideChar
0x49f1e0 lstrlenA
0x49f1e4 lstrcpynA
0x49f1e8 LoadLibraryExA
0x49f1ec GetThreadLocale
0x49f1f0 GetStartupInfoA
0x49f1f4 GetProcAddress
0x49f1f8 GetModuleHandleA
0x49f1fc GetModuleFileNameA
0x49f200 GetLocaleInfoA
0x49f204 GetCommandLineA
0x49f208 FreeLibrary
0x49f20c FindFirstFileA
0x49f210 FindClose
0x49f214 ExitProcess
0x49f218 WriteFile
0x49f21c UnhandledExceptionFilter
0x49f220 RtlUnwind
0x49f224 RaiseException
0x49f228 GetStdHandle
user32.dll
0x49f230 GetKeyboardType
0x49f234 LoadStringA
0x49f238 MessageBoxA
0x49f23c CharNextA
advapi32.dll
0x49f244 RegQueryValueExA
0x49f248 RegOpenKeyExA
0x49f24c RegCloseKey
oleaut32.dll
0x49f254 SysFreeString
0x49f258 SysReAllocStringLen
0x49f25c SysAllocStringLen
kernel32.dll
0x49f264 TlsSetValue
0x49f268 TlsGetValue
0x49f26c LocalAlloc
0x49f270 GetModuleHandleA
advapi32.dll
0x49f278 RegQueryValueExA
0x49f27c RegOpenKeyExA
0x49f280 RegCloseKey
0x49f284 IsTextUnicode
kernel32.dll
0x49f28c lstrcpyA
0x49f290 WriteFile
0x49f294 WaitForSingleObject
0x49f298 VirtualQuery
0x49f29c VirtualProtect
0x49f2a0 VirtualAlloc
0x49f2a4 Sleep
0x49f2a8 SizeofResource
0x49f2ac SetThreadLocale
0x49f2b0 SetFilePointer
0x49f2b4 SetEvent
0x49f2b8 SetErrorMode
0x49f2bc SetEndOfFile
0x49f2c0 ResetEvent
0x49f2c4 ReadFile
0x49f2c8 MultiByteToWideChar
0x49f2cc MulDiv
0x49f2d0 LockResource
0x49f2d4 LoadResource
0x49f2d8 LoadLibraryExA
0x49f2dc LoadLibraryA
0x49f2e0 LeaveCriticalSection
0x49f2e4 InitializeCriticalSection
0x49f2e8 GlobalUnlock
0x49f2ec GlobalReAlloc
0x49f2f0 GlobalHandle
0x49f2f4 GlobalLock
0x49f2f8 GlobalFree
0x49f2fc GlobalFindAtomA
0x49f300 GlobalDeleteAtom
0x49f304 GlobalAlloc
0x49f308 GlobalAddAtomA
0x49f30c GetVersionExA
0x49f310 GetVersion
0x49f314 GetTickCount
0x49f318 GetThreadLocale
0x49f31c GetSystemInfo
0x49f320 GetStringTypeExA
0x49f324 GetStdHandle
0x49f328 GetProcAddress
0x49f32c GetModuleHandleA
0x49f330 GetModuleFileNameA
0x49f334 GetLocaleInfoA
0x49f338 GetLocalTime
0x49f33c GetLastError
0x49f340 GetFullPathNameA
0x49f344 GetDiskFreeSpaceA
0x49f348 GetDateFormatA
0x49f34c GetCurrentThreadId
0x49f350 GetCurrentProcessId
0x49f354 GetCurrentProcess
0x49f358 GetCPInfo
0x49f35c GetACP
0x49f360 FreeResource
0x49f364 InterlockedExchange
0x49f368 FreeLibrary
0x49f36c FormatMessageA
0x49f370 FlushInstructionCache
0x49f374 FindResourceA
0x49f378 EnumCalendarInfoA
0x49f37c EnterCriticalSection
0x49f380 DeleteCriticalSection
0x49f384 CreateThread
0x49f388 CreateFileA
0x49f38c CreateEventA
0x49f390 CompareStringA
0x49f394 CloseHandle
version.dll
0x49f39c VerQueryValueA
0x49f3a0 GetFileVersionInfoSizeA
0x49f3a4 GetFileVersionInfoA
gdi32.dll
0x49f3ac UnrealizeObject
0x49f3b0 StretchBlt
0x49f3b4 SetWindowOrgEx
0x49f3b8 SetViewportOrgEx
0x49f3bc SetTextColor
0x49f3c0 SetStretchBltMode
0x49f3c4 SetROP2
0x49f3c8 SetPixel
0x49f3cc SetDIBColorTable
0x49f3d0 SetBrushOrgEx
0x49f3d4 SetBkMode
0x49f3d8 SetBkColor
0x49f3dc SelectPalette
0x49f3e0 SelectObject
0x49f3e4 SaveDC
0x49f3e8 RestoreDC
0x49f3ec RectVisible
0x49f3f0 RealizePalette
0x49f3f4 PatBlt
0x49f3f8 MoveToEx
0x49f3fc MaskBlt
0x49f400 LineTo
0x49f404 IntersectClipRect
0x49f408 GetWindowOrgEx
0x49f40c GetTextMetricsA
0x49f410 GetTextExtentPoint32A
0x49f414 GetSystemPaletteEntries
0x49f418 GetStockObject
0x49f41c GetPixel
0x49f420 GetPaletteEntries
0x49f424 GetObjectA
0x49f428 GetDeviceCaps
0x49f42c GetDIBits
0x49f430 GetDIBColorTable
0x49f434 GetDCOrgEx
0x49f438 GetCurrentPositionEx
0x49f43c GetClipBox
0x49f440 GetBrushOrgEx
0x49f444 GetBitmapBits
0x49f448 ExcludeClipRect
0x49f44c DeleteObject
0x49f450 DeleteDC
0x49f454 CreateSolidBrush
0x49f458 CreatePenIndirect
0x49f45c CreatePalette
0x49f460 CreateHalftonePalette
0x49f464 CreateFontIndirectA
0x49f468 CreateDIBitmap
0x49f46c CreateDIBSection
0x49f470 CreateCompatibleDC
0x49f474 CreateCompatibleBitmap
0x49f478 CreateBrushIndirect
0x49f47c CreateBitmap
0x49f480 BitBlt
user32.dll
0x49f488 CreateWindowExA
0x49f48c WindowFromPoint
0x49f490 WinHelpA
0x49f494 WaitMessage
0x49f498 UpdateWindow
0x49f49c UnregisterClassA
0x49f4a0 UnhookWindowsHookEx
0x49f4a4 TranslateMessage
0x49f4a8 TranslateMDISysAccel
0x49f4ac TrackPopupMenu
0x49f4b0 SystemParametersInfoA
0x49f4b4 ShowWindow
0x49f4b8 ShowScrollBar
0x49f4bc ShowOwnedPopups
0x49f4c0 ShowCursor
0x49f4c4 SetWindowsHookExA
0x49f4c8 SetWindowPos
0x49f4cc SetWindowPlacement
0x49f4d0 SetWindowLongA
0x49f4d4 SetTimer
0x49f4d8 SetScrollRange
0x49f4dc SetScrollPos
0x49f4e0 SetScrollInfo
0x49f4e4 SetRect
0x49f4e8 SetPropA
0x49f4ec SetParent
0x49f4f0 SetMenuItemInfoA
0x49f4f4 SetMenu
0x49f4f8 SetForegroundWindow
0x49f4fc SetFocus
0x49f500 SetCursor
0x49f504 SetClassLongA
0x49f508 SetCapture
0x49f50c SetActiveWindow
0x49f510 SendMessageA
0x49f514 ScrollWindow
0x49f518 ScreenToClient
0x49f51c RemovePropA
0x49f520 RemoveMenu
0x49f524 ReleaseDC
0x49f528 ReleaseCapture
0x49f52c RegisterWindowMessageA
0x49f530 RegisterClipboardFormatA
0x49f534 RegisterClassA
0x49f538 RedrawWindow
0x49f53c PtInRect
0x49f540 PostQuitMessage
0x49f544 PostMessageA
0x49f548 PeekMessageA
0x49f54c OffsetRect
0x49f550 OemToCharA
0x49f554 MessageBoxA
0x49f558 MapWindowPoints
0x49f55c MapVirtualKeyA
0x49f560 LoadStringA
0x49f564 LoadKeyboardLayoutA
0x49f568 LoadIconA
0x49f56c LoadCursorA
0x49f570 LoadBitmapA
0x49f574 KillTimer
0x49f578 IsZoomed
0x49f57c IsWindowVisible
0x49f580 IsWindowEnabled
0x49f584 IsWindow
0x49f588 IsRectEmpty
0x49f58c IsIconic
0x49f590 IsDialogMessageA
0x49f594 IsChild
0x49f598 InvalidateRect
0x49f59c IntersectRect
0x49f5a0 InsertMenuItemA
0x49f5a4 InsertMenuA
0x49f5a8 InflateRect
0x49f5ac GetWindowThreadProcessId
0x49f5b0 GetWindowTextA
0x49f5b4 GetWindowRect
0x49f5b8 GetWindowPlacement
0x49f5bc GetWindowLongA
0x49f5c0 GetWindowDC
0x49f5c4 GetTopWindow
0x49f5c8 GetSystemMetrics
0x49f5cc GetSystemMenu
0x49f5d0 GetSysColorBrush
0x49f5d4 GetSysColor
0x49f5d8 GetSubMenu
0x49f5dc GetScrollRange
0x49f5e0 GetScrollPos
0x49f5e4 GetScrollInfo
0x49f5e8 GetPropA
0x49f5ec GetParent
0x49f5f0 GetWindow
0x49f5f4 GetMenuStringA
0x49f5f8 GetMenuState
0x49f5fc GetMenuItemInfoA
0x49f600 GetMenuItemID
0x49f604 GetMenuItemCount
0x49f608 GetMenu
0x49f60c GetLastActivePopup
0x49f610 GetKeyboardState
0x49f614 GetKeyboardLayoutList
0x49f618 GetKeyboardLayout
0x49f61c GetKeyState
0x49f620 GetKeyNameTextA
0x49f624 GetIconInfo
0x49f628 GetForegroundWindow
0x49f62c GetFocus
0x49f630 GetDesktopWindow
0x49f634 GetDCEx
0x49f638 GetDC
0x49f63c GetCursorPos
0x49f640 GetCursor
0x49f644 GetClientRect
0x49f648 GetClassNameA
0x49f64c GetClassInfoA
0x49f650 GetCapture
0x49f654 GetActiveWindow
0x49f658 FrameRect
0x49f65c FindWindowA
0x49f660 FillRect
0x49f664 EqualRect
0x49f668 EnumWindows
0x49f66c EnumThreadWindows
0x49f670 EndPaint
0x49f674 EnableWindow
0x49f678 EnableScrollBar
0x49f67c EnableMenuItem
0x49f680 DrawTextA
0x49f684 DrawMenuBar
0x49f688 DrawIconEx
0x49f68c DrawIcon
0x49f690 DrawFrameControl
0x49f694 DrawEdge
0x49f698 DispatchMessageA
0x49f69c DestroyWindow
0x49f6a0 DestroyMenu
0x49f6a4 DestroyIcon
0x49f6a8 DestroyCursor
0x49f6ac DeleteMenu
0x49f6b0 DefWindowProcA
0x49f6b4 DefMDIChildProcA
0x49f6b8 DefFrameProcA
0x49f6bc CreatePopupMenu
0x49f6c0 CreateMenu
0x49f6c4 CreateIcon
0x49f6c8 ClientToScreen
0x49f6cc CheckMenuItem
0x49f6d0 CallWindowProcA
0x49f6d4 CallNextHookEx
0x49f6d8 BeginPaint
0x49f6dc CharNextA
0x49f6e0 CharLowerA
0x49f6e4 CharToOemA
0x49f6e8 AdjustWindowRectEx
0x49f6ec ActivateKeyboardLayout
kernel32.dll
0x49f6f4 Sleep
oleaut32.dll
0x49f6fc SafeArrayPtrOfIndex
0x49f700 SafeArrayGetUBound
0x49f704 SafeArrayGetLBound
0x49f708 SafeArrayCreate
0x49f70c VariantChangeType
0x49f710 VariantCopy
0x49f714 VariantClear
0x49f718 VariantInit
ole32.dll
0x49f720 CoUninitialize
0x49f724 CoInitialize
oleaut32.dll
0x49f72c GetErrorInfo
0x49f730 SysFreeString
comctl32.dll
0x49f738 ImageList_SetIconSize
0x49f73c ImageList_GetIconSize
0x49f740 ImageList_Write
0x49f744 ImageList_Read
0x49f748 ImageList_GetDragImage
0x49f74c ImageList_DragShowNolock
0x49f750 ImageList_SetDragCursorImage
0x49f754 ImageList_DragMove
0x49f758 ImageList_DragLeave
0x49f75c ImageList_DragEnter
0x49f760 ImageList_EndDrag
0x49f764 ImageList_BeginDrag
0x49f768 ImageList_Remove
0x49f76c ImageList_DrawEx
0x49f770 ImageList_Draw
0x49f774 ImageList_GetBkColor
0x49f778 ImageList_SetBkColor
0x49f77c ImageList_ReplaceIcon
0x49f780 ImageList_Add
0x49f784 ImageList_SetImageCount
0x49f788 ImageList_GetImageCount
0x49f78c ImageList_Destroy
0x49f790 ImageList_Create
uRL
0x49f798 AutodialHookCallback
ntdll
0x49f7a0 NtWriteVirtualMemory
0x49f7a4 NtProtectVirtualMemory
Kernel32
0x49f7ac GetProcAddress
ntdll
0x49f7b4 NtQueryInformationFile
0x49f7b8 NtOpenFile
0x49f7bc NtClose
0x49f7c0 NtReadFile
ntdll
0x49f7c8 RtlDosPathNameToNtPathName_U
EAT(Export Address Table) is none
kernel32.dll
0x49f1a4 DeleteCriticalSection
0x49f1a8 LeaveCriticalSection
0x49f1ac EnterCriticalSection
0x49f1b0 InitializeCriticalSection
0x49f1b4 VirtualFree
0x49f1b8 VirtualAlloc
0x49f1bc LocalFree
0x49f1c0 LocalAlloc
0x49f1c4 GetVersion
0x49f1c8 GetCurrentThreadId
0x49f1cc InterlockedDecrement
0x49f1d0 InterlockedIncrement
0x49f1d4 VirtualQuery
0x49f1d8 WideCharToMultiByte
0x49f1dc MultiByteToWideChar
0x49f1e0 lstrlenA
0x49f1e4 lstrcpynA
0x49f1e8 LoadLibraryExA
0x49f1ec GetThreadLocale
0x49f1f0 GetStartupInfoA
0x49f1f4 GetProcAddress
0x49f1f8 GetModuleHandleA
0x49f1fc GetModuleFileNameA
0x49f200 GetLocaleInfoA
0x49f204 GetCommandLineA
0x49f208 FreeLibrary
0x49f20c FindFirstFileA
0x49f210 FindClose
0x49f214 ExitProcess
0x49f218 WriteFile
0x49f21c UnhandledExceptionFilter
0x49f220 RtlUnwind
0x49f224 RaiseException
0x49f228 GetStdHandle
user32.dll
0x49f230 GetKeyboardType
0x49f234 LoadStringA
0x49f238 MessageBoxA
0x49f23c CharNextA
advapi32.dll
0x49f244 RegQueryValueExA
0x49f248 RegOpenKeyExA
0x49f24c RegCloseKey
oleaut32.dll
0x49f254 SysFreeString
0x49f258 SysReAllocStringLen
0x49f25c SysAllocStringLen
kernel32.dll
0x49f264 TlsSetValue
0x49f268 TlsGetValue
0x49f26c LocalAlloc
0x49f270 GetModuleHandleA
advapi32.dll
0x49f278 RegQueryValueExA
0x49f27c RegOpenKeyExA
0x49f280 RegCloseKey
0x49f284 IsTextUnicode
kernel32.dll
0x49f28c lstrcpyA
0x49f290 WriteFile
0x49f294 WaitForSingleObject
0x49f298 VirtualQuery
0x49f29c VirtualProtect
0x49f2a0 VirtualAlloc
0x49f2a4 Sleep
0x49f2a8 SizeofResource
0x49f2ac SetThreadLocale
0x49f2b0 SetFilePointer
0x49f2b4 SetEvent
0x49f2b8 SetErrorMode
0x49f2bc SetEndOfFile
0x49f2c0 ResetEvent
0x49f2c4 ReadFile
0x49f2c8 MultiByteToWideChar
0x49f2cc MulDiv
0x49f2d0 LockResource
0x49f2d4 LoadResource
0x49f2d8 LoadLibraryExA
0x49f2dc LoadLibraryA
0x49f2e0 LeaveCriticalSection
0x49f2e4 InitializeCriticalSection
0x49f2e8 GlobalUnlock
0x49f2ec GlobalReAlloc
0x49f2f0 GlobalHandle
0x49f2f4 GlobalLock
0x49f2f8 GlobalFree
0x49f2fc GlobalFindAtomA
0x49f300 GlobalDeleteAtom
0x49f304 GlobalAlloc
0x49f308 GlobalAddAtomA
0x49f30c GetVersionExA
0x49f310 GetVersion
0x49f314 GetTickCount
0x49f318 GetThreadLocale
0x49f31c GetSystemInfo
0x49f320 GetStringTypeExA
0x49f324 GetStdHandle
0x49f328 GetProcAddress
0x49f32c GetModuleHandleA
0x49f330 GetModuleFileNameA
0x49f334 GetLocaleInfoA
0x49f338 GetLocalTime
0x49f33c GetLastError
0x49f340 GetFullPathNameA
0x49f344 GetDiskFreeSpaceA
0x49f348 GetDateFormatA
0x49f34c GetCurrentThreadId
0x49f350 GetCurrentProcessId
0x49f354 GetCurrentProcess
0x49f358 GetCPInfo
0x49f35c GetACP
0x49f360 FreeResource
0x49f364 InterlockedExchange
0x49f368 FreeLibrary
0x49f36c FormatMessageA
0x49f370 FlushInstructionCache
0x49f374 FindResourceA
0x49f378 EnumCalendarInfoA
0x49f37c EnterCriticalSection
0x49f380 DeleteCriticalSection
0x49f384 CreateThread
0x49f388 CreateFileA
0x49f38c CreateEventA
0x49f390 CompareStringA
0x49f394 CloseHandle
version.dll
0x49f39c VerQueryValueA
0x49f3a0 GetFileVersionInfoSizeA
0x49f3a4 GetFileVersionInfoA
gdi32.dll
0x49f3ac UnrealizeObject
0x49f3b0 StretchBlt
0x49f3b4 SetWindowOrgEx
0x49f3b8 SetViewportOrgEx
0x49f3bc SetTextColor
0x49f3c0 SetStretchBltMode
0x49f3c4 SetROP2
0x49f3c8 SetPixel
0x49f3cc SetDIBColorTable
0x49f3d0 SetBrushOrgEx
0x49f3d4 SetBkMode
0x49f3d8 SetBkColor
0x49f3dc SelectPalette
0x49f3e0 SelectObject
0x49f3e4 SaveDC
0x49f3e8 RestoreDC
0x49f3ec RectVisible
0x49f3f0 RealizePalette
0x49f3f4 PatBlt
0x49f3f8 MoveToEx
0x49f3fc MaskBlt
0x49f400 LineTo
0x49f404 IntersectClipRect
0x49f408 GetWindowOrgEx
0x49f40c GetTextMetricsA
0x49f410 GetTextExtentPoint32A
0x49f414 GetSystemPaletteEntries
0x49f418 GetStockObject
0x49f41c GetPixel
0x49f420 GetPaletteEntries
0x49f424 GetObjectA
0x49f428 GetDeviceCaps
0x49f42c GetDIBits
0x49f430 GetDIBColorTable
0x49f434 GetDCOrgEx
0x49f438 GetCurrentPositionEx
0x49f43c GetClipBox
0x49f440 GetBrushOrgEx
0x49f444 GetBitmapBits
0x49f448 ExcludeClipRect
0x49f44c DeleteObject
0x49f450 DeleteDC
0x49f454 CreateSolidBrush
0x49f458 CreatePenIndirect
0x49f45c CreatePalette
0x49f460 CreateHalftonePalette
0x49f464 CreateFontIndirectA
0x49f468 CreateDIBitmap
0x49f46c CreateDIBSection
0x49f470 CreateCompatibleDC
0x49f474 CreateCompatibleBitmap
0x49f478 CreateBrushIndirect
0x49f47c CreateBitmap
0x49f480 BitBlt
user32.dll
0x49f488 CreateWindowExA
0x49f48c WindowFromPoint
0x49f490 WinHelpA
0x49f494 WaitMessage
0x49f498 UpdateWindow
0x49f49c UnregisterClassA
0x49f4a0 UnhookWindowsHookEx
0x49f4a4 TranslateMessage
0x49f4a8 TranslateMDISysAccel
0x49f4ac TrackPopupMenu
0x49f4b0 SystemParametersInfoA
0x49f4b4 ShowWindow
0x49f4b8 ShowScrollBar
0x49f4bc ShowOwnedPopups
0x49f4c0 ShowCursor
0x49f4c4 SetWindowsHookExA
0x49f4c8 SetWindowPos
0x49f4cc SetWindowPlacement
0x49f4d0 SetWindowLongA
0x49f4d4 SetTimer
0x49f4d8 SetScrollRange
0x49f4dc SetScrollPos
0x49f4e0 SetScrollInfo
0x49f4e4 SetRect
0x49f4e8 SetPropA
0x49f4ec SetParent
0x49f4f0 SetMenuItemInfoA
0x49f4f4 SetMenu
0x49f4f8 SetForegroundWindow
0x49f4fc SetFocus
0x49f500 SetCursor
0x49f504 SetClassLongA
0x49f508 SetCapture
0x49f50c SetActiveWindow
0x49f510 SendMessageA
0x49f514 ScrollWindow
0x49f518 ScreenToClient
0x49f51c RemovePropA
0x49f520 RemoveMenu
0x49f524 ReleaseDC
0x49f528 ReleaseCapture
0x49f52c RegisterWindowMessageA
0x49f530 RegisterClipboardFormatA
0x49f534 RegisterClassA
0x49f538 RedrawWindow
0x49f53c PtInRect
0x49f540 PostQuitMessage
0x49f544 PostMessageA
0x49f548 PeekMessageA
0x49f54c OffsetRect
0x49f550 OemToCharA
0x49f554 MessageBoxA
0x49f558 MapWindowPoints
0x49f55c MapVirtualKeyA
0x49f560 LoadStringA
0x49f564 LoadKeyboardLayoutA
0x49f568 LoadIconA
0x49f56c LoadCursorA
0x49f570 LoadBitmapA
0x49f574 KillTimer
0x49f578 IsZoomed
0x49f57c IsWindowVisible
0x49f580 IsWindowEnabled
0x49f584 IsWindow
0x49f588 IsRectEmpty
0x49f58c IsIconic
0x49f590 IsDialogMessageA
0x49f594 IsChild
0x49f598 InvalidateRect
0x49f59c IntersectRect
0x49f5a0 InsertMenuItemA
0x49f5a4 InsertMenuA
0x49f5a8 InflateRect
0x49f5ac GetWindowThreadProcessId
0x49f5b0 GetWindowTextA
0x49f5b4 GetWindowRect
0x49f5b8 GetWindowPlacement
0x49f5bc GetWindowLongA
0x49f5c0 GetWindowDC
0x49f5c4 GetTopWindow
0x49f5c8 GetSystemMetrics
0x49f5cc GetSystemMenu
0x49f5d0 GetSysColorBrush
0x49f5d4 GetSysColor
0x49f5d8 GetSubMenu
0x49f5dc GetScrollRange
0x49f5e0 GetScrollPos
0x49f5e4 GetScrollInfo
0x49f5e8 GetPropA
0x49f5ec GetParent
0x49f5f0 GetWindow
0x49f5f4 GetMenuStringA
0x49f5f8 GetMenuState
0x49f5fc GetMenuItemInfoA
0x49f600 GetMenuItemID
0x49f604 GetMenuItemCount
0x49f608 GetMenu
0x49f60c GetLastActivePopup
0x49f610 GetKeyboardState
0x49f614 GetKeyboardLayoutList
0x49f618 GetKeyboardLayout
0x49f61c GetKeyState
0x49f620 GetKeyNameTextA
0x49f624 GetIconInfo
0x49f628 GetForegroundWindow
0x49f62c GetFocus
0x49f630 GetDesktopWindow
0x49f634 GetDCEx
0x49f638 GetDC
0x49f63c GetCursorPos
0x49f640 GetCursor
0x49f644 GetClientRect
0x49f648 GetClassNameA
0x49f64c GetClassInfoA
0x49f650 GetCapture
0x49f654 GetActiveWindow
0x49f658 FrameRect
0x49f65c FindWindowA
0x49f660 FillRect
0x49f664 EqualRect
0x49f668 EnumWindows
0x49f66c EnumThreadWindows
0x49f670 EndPaint
0x49f674 EnableWindow
0x49f678 EnableScrollBar
0x49f67c EnableMenuItem
0x49f680 DrawTextA
0x49f684 DrawMenuBar
0x49f688 DrawIconEx
0x49f68c DrawIcon
0x49f690 DrawFrameControl
0x49f694 DrawEdge
0x49f698 DispatchMessageA
0x49f69c DestroyWindow
0x49f6a0 DestroyMenu
0x49f6a4 DestroyIcon
0x49f6a8 DestroyCursor
0x49f6ac DeleteMenu
0x49f6b0 DefWindowProcA
0x49f6b4 DefMDIChildProcA
0x49f6b8 DefFrameProcA
0x49f6bc CreatePopupMenu
0x49f6c0 CreateMenu
0x49f6c4 CreateIcon
0x49f6c8 ClientToScreen
0x49f6cc CheckMenuItem
0x49f6d0 CallWindowProcA
0x49f6d4 CallNextHookEx
0x49f6d8 BeginPaint
0x49f6dc CharNextA
0x49f6e0 CharLowerA
0x49f6e4 CharToOemA
0x49f6e8 AdjustWindowRectEx
0x49f6ec ActivateKeyboardLayout
kernel32.dll
0x49f6f4 Sleep
oleaut32.dll
0x49f6fc SafeArrayPtrOfIndex
0x49f700 SafeArrayGetUBound
0x49f704 SafeArrayGetLBound
0x49f708 SafeArrayCreate
0x49f70c VariantChangeType
0x49f710 VariantCopy
0x49f714 VariantClear
0x49f718 VariantInit
ole32.dll
0x49f720 CoUninitialize
0x49f724 CoInitialize
oleaut32.dll
0x49f72c GetErrorInfo
0x49f730 SysFreeString
comctl32.dll
0x49f738 ImageList_SetIconSize
0x49f73c ImageList_GetIconSize
0x49f740 ImageList_Write
0x49f744 ImageList_Read
0x49f748 ImageList_GetDragImage
0x49f74c ImageList_DragShowNolock
0x49f750 ImageList_SetDragCursorImage
0x49f754 ImageList_DragMove
0x49f758 ImageList_DragLeave
0x49f75c ImageList_DragEnter
0x49f760 ImageList_EndDrag
0x49f764 ImageList_BeginDrag
0x49f768 ImageList_Remove
0x49f76c ImageList_DrawEx
0x49f770 ImageList_Draw
0x49f774 ImageList_GetBkColor
0x49f778 ImageList_SetBkColor
0x49f77c ImageList_ReplaceIcon
0x49f780 ImageList_Add
0x49f784 ImageList_SetImageCount
0x49f788 ImageList_GetImageCount
0x49f78c ImageList_Destroy
0x49f790 ImageList_Create
uRL
0x49f798 AutodialHookCallback
ntdll
0x49f7a0 NtWriteVirtualMemory
0x49f7a4 NtProtectVirtualMemory
Kernel32
0x49f7ac GetProcAddress
ntdll
0x49f7b4 NtQueryInformationFile
0x49f7b8 NtOpenFile
0x49f7bc NtClose
0x49f7c0 NtReadFile
ntdll
0x49f7c8 RtlDosPathNameToNtPathName_U
EAT(Export Address Table) is none