ScreenShot
| Created | 2023.07.21 13:02 | Machine | s1_win7_x6403 |
| Filename | saqoap.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | 49 detected (AIDetectMalware, Jaik, Modiloader, Vsyp, malicious, confidence, 100%, Eldorado, Attribute, HighConfidence, high confidence, score, DarkCloud, GenericKD, DropperX, DelfDownloader, wsqeh, Inject4, R002C0XGK23, Bublik, ai score=84, Remcos, Detected, R592831, Artemis, unsafe, RnkBend, CLASSIC, Static AI, Suspicious PE, susgen) | ||
| md5 | 8c1e52ac9553fab121ee950749fe1d31 | ||
| sha256 | b77daf934032129b309e2cb8b32fb54cffba2691768520d5c6190cb9ba15a059 | ||
| ssdeep | 24576:rk/A25GoqxIJs7ks3XJrPz6cDCnvMhqv9:rKAKGj7ks35rPmaCnvMsv9 | ||
| imphash | da21ccc93f3893853ed8366aca50ca61 | ||
| impfuzzy | 192:f34+G1QDmibuuArSUvK9RSoaqEseSPOQXj:f3y1CAA9zdPOQz | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 49 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
kernel32.dll
0x4b01b8 DeleteCriticalSection
0x4b01bc LeaveCriticalSection
0x4b01c0 EnterCriticalSection
0x4b01c4 InitializeCriticalSection
0x4b01c8 VirtualFree
0x4b01cc VirtualAlloc
0x4b01d0 LocalFree
0x4b01d4 LocalAlloc
0x4b01d8 GetVersion
0x4b01dc GetCurrentThreadId
0x4b01e0 InterlockedDecrement
0x4b01e4 InterlockedIncrement
0x4b01e8 VirtualQuery
0x4b01ec WideCharToMultiByte
0x4b01f0 MultiByteToWideChar
0x4b01f4 lstrlenA
0x4b01f8 lstrcpynA
0x4b01fc LoadLibraryExA
0x4b0200 GetThreadLocale
0x4b0204 GetStartupInfoA
0x4b0208 GetProcAddress
0x4b020c GetModuleHandleA
0x4b0210 GetModuleFileNameA
0x4b0214 GetLocaleInfoA
0x4b0218 GetCommandLineA
0x4b021c FreeLibrary
0x4b0220 FindFirstFileA
0x4b0224 FindClose
0x4b0228 ExitProcess
0x4b022c WriteFile
0x4b0230 UnhandledExceptionFilter
0x4b0234 RtlUnwind
0x4b0238 RaiseException
0x4b023c GetStdHandle
user32.dll
0x4b0244 GetKeyboardType
0x4b0248 LoadStringA
0x4b024c MessageBoxA
0x4b0250 CharNextA
advapi32.dll
0x4b0258 RegQueryValueExA
0x4b025c RegOpenKeyExA
0x4b0260 RegCloseKey
oleaut32.dll
0x4b0268 SysFreeString
0x4b026c SysReAllocStringLen
0x4b0270 SysAllocStringLen
kernel32.dll
0x4b0278 TlsSetValue
0x4b027c TlsGetValue
0x4b0280 LocalAlloc
0x4b0284 GetModuleHandleA
advapi32.dll
0x4b028c RegQueryValueExA
0x4b0290 RegOpenKeyExA
0x4b0294 RegCloseKey
kernel32.dll
0x4b029c lstrcpyA
0x4b02a0 WriteFile
0x4b02a4 WaitForSingleObject
0x4b02a8 VirtualQuery
0x4b02ac VirtualProtect
0x4b02b0 VirtualAlloc
0x4b02b4 Sleep
0x4b02b8 SizeofResource
0x4b02bc SetThreadLocale
0x4b02c0 SetFilePointer
0x4b02c4 SetEvent
0x4b02c8 SetErrorMode
0x4b02cc SetEndOfFile
0x4b02d0 ResetEvent
0x4b02d4 ReadFile
0x4b02d8 MultiByteToWideChar
0x4b02dc MulDiv
0x4b02e0 LockResource
0x4b02e4 LoadResource
0x4b02e8 LoadLibraryExA
0x4b02ec LoadLibraryA
0x4b02f0 LeaveCriticalSection
0x4b02f4 InitializeCriticalSection
0x4b02f8 GlobalUnlock
0x4b02fc GlobalSize
0x4b0300 GlobalReAlloc
0x4b0304 GlobalHandle
0x4b0308 GlobalLock
0x4b030c GlobalFree
0x4b0310 GlobalFindAtomA
0x4b0314 GlobalDeleteAtom
0x4b0318 GlobalAlloc
0x4b031c GlobalAddAtomA
0x4b0320 GetVersionExA
0x4b0324 GetVersion
0x4b0328 GetUserDefaultLCID
0x4b032c GetTickCount
0x4b0330 GetThreadLocale
0x4b0334 GetSystemInfo
0x4b0338 GetStringTypeExA
0x4b033c GetStdHandle
0x4b0340 GetProcAddress
0x4b0344 GetModuleHandleA
0x4b0348 GetModuleFileNameA
0x4b034c GetLocaleInfoA
0x4b0350 GetLocalTime
0x4b0354 GetLastError
0x4b0358 GetFullPathNameA
0x4b035c GetDiskFreeSpaceA
0x4b0360 GetDateFormatA
0x4b0364 GetCurrentThreadId
0x4b0368 GetCurrentProcessId
0x4b036c GetCurrentProcess
0x4b0370 GetCPInfo
0x4b0374 GetACP
0x4b0378 FreeResource
0x4b037c InterlockedExchange
0x4b0380 FreeLibrary
0x4b0384 FormatMessageA
0x4b0388 FindResourceA
0x4b038c EnumCalendarInfoA
0x4b0390 EnterCriticalSection
0x4b0394 DeleteCriticalSection
0x4b0398 CreateThread
0x4b039c CreateFileA
0x4b03a0 CreateEventA
0x4b03a4 CompareStringA
0x4b03a8 CloseHandle
version.dll
0x4b03b0 VerQueryValueA
0x4b03b4 GetFileVersionInfoSizeA
0x4b03b8 GetFileVersionInfoA
gdi32.dll
0x4b03c0 UnrealizeObject
0x4b03c4 StretchBlt
0x4b03c8 SetWindowOrgEx
0x4b03cc SetWinMetaFileBits
0x4b03d0 SetViewportOrgEx
0x4b03d4 SetTextColor
0x4b03d8 SetStretchBltMode
0x4b03dc SetROP2
0x4b03e0 SetPixel
0x4b03e4 SetEnhMetaFileBits
0x4b03e8 SetDIBColorTable
0x4b03ec SetBrushOrgEx
0x4b03f0 SetBkMode
0x4b03f4 SetBkColor
0x4b03f8 SelectPalette
0x4b03fc SelectObject
0x4b0400 SaveDC
0x4b0404 RestoreDC
0x4b0408 RectVisible
0x4b040c RealizePalette
0x4b0410 PlayEnhMetaFile
0x4b0414 PatBlt
0x4b0418 MoveToEx
0x4b041c MaskBlt
0x4b0420 LineTo
0x4b0424 IntersectClipRect
0x4b0428 GetWindowOrgEx
0x4b042c GetWinMetaFileBits
0x4b0430 GetTextMetricsA
0x4b0434 GetTextExtentPoint32A
0x4b0438 GetSystemPaletteEntries
0x4b043c GetStockObject
0x4b0440 GetPixel
0x4b0444 GetPaletteEntries
0x4b0448 GetObjectA
0x4b044c GetEnhMetaFilePaletteEntries
0x4b0450 GetEnhMetaFileHeader
0x4b0454 GetEnhMetaFileDescriptionA
0x4b0458 GetEnhMetaFileBits
0x4b045c GetDeviceCaps
0x4b0460 GetDIBits
0x4b0464 GetDIBColorTable
0x4b0468 GetDCOrgEx
0x4b046c GetCurrentPositionEx
0x4b0470 GetClipBox
0x4b0474 GetBrushOrgEx
0x4b0478 GetBitmapBits
0x4b047c GdiFlush
0x4b0480 ExcludeClipRect
0x4b0484 DeleteObject
0x4b0488 DeleteEnhMetaFile
0x4b048c DeleteDC
0x4b0490 CreateSolidBrush
0x4b0494 CreatePenIndirect
0x4b0498 CreatePalette
0x4b049c CreateHalftonePalette
0x4b04a0 CreateFontIndirectA
0x4b04a4 CreateEnhMetaFileA
0x4b04a8 CreateDIBitmap
0x4b04ac CreateDIBSection
0x4b04b0 CreateCompatibleDC
0x4b04b4 CreateCompatibleBitmap
0x4b04b8 CreateBrushIndirect
0x4b04bc CreateBitmap
0x4b04c0 CopyEnhMetaFileA
0x4b04c4 CloseEnhMetaFile
0x4b04c8 BitBlt
user32.dll
0x4b04d0 CreateWindowExA
0x4b04d4 WindowFromPoint
0x4b04d8 WinHelpA
0x4b04dc WaitMessage
0x4b04e0 UpdateWindow
0x4b04e4 UnregisterClassA
0x4b04e8 UnhookWindowsHookEx
0x4b04ec TranslateMessage
0x4b04f0 TranslateMDISysAccel
0x4b04f4 TrackPopupMenu
0x4b04f8 SystemParametersInfoA
0x4b04fc ShowWindow
0x4b0500 ShowScrollBar
0x4b0504 ShowOwnedPopups
0x4b0508 ShowCursor
0x4b050c SetWindowsHookExA
0x4b0510 SetWindowTextA
0x4b0514 SetWindowPos
0x4b0518 SetWindowPlacement
0x4b051c SetWindowLongA
0x4b0520 SetTimer
0x4b0524 SetScrollRange
0x4b0528 SetScrollPos
0x4b052c SetScrollInfo
0x4b0530 SetRect
0x4b0534 SetPropA
0x4b0538 SetParent
0x4b053c SetMenuItemInfoA
0x4b0540 SetMenu
0x4b0544 SetForegroundWindow
0x4b0548 SetFocus
0x4b054c SetCursor
0x4b0550 SetClassLongA
0x4b0554 SetCapture
0x4b0558 SetActiveWindow
0x4b055c SendMessageA
0x4b0560 ScrollWindow
0x4b0564 ScreenToClient
0x4b0568 RemovePropA
0x4b056c RemoveMenu
0x4b0570 ReleaseDC
0x4b0574 ReleaseCapture
0x4b0578 RegisterWindowMessageA
0x4b057c RegisterClipboardFormatA
0x4b0580 RegisterClassA
0x4b0584 RedrawWindow
0x4b0588 PtInRect
0x4b058c PostQuitMessage
0x4b0590 PostMessageA
0x4b0594 PeekMessageA
0x4b0598 OffsetRect
0x4b059c OemToCharA
0x4b05a0 MessageBoxA
0x4b05a4 MapWindowPoints
0x4b05a8 MapVirtualKeyA
0x4b05ac LoadStringA
0x4b05b0 LoadKeyboardLayoutA
0x4b05b4 LoadIconA
0x4b05b8 LoadCursorA
0x4b05bc LoadBitmapA
0x4b05c0 KillTimer
0x4b05c4 IsZoomed
0x4b05c8 IsWindowVisible
0x4b05cc IsWindowEnabled
0x4b05d0 IsWindow
0x4b05d4 IsRectEmpty
0x4b05d8 IsIconic
0x4b05dc IsDialogMessageA
0x4b05e0 IsChild
0x4b05e4 InvalidateRect
0x4b05e8 IntersectRect
0x4b05ec InsertMenuItemA
0x4b05f0 InsertMenuA
0x4b05f4 InflateRect
0x4b05f8 GetWindowThreadProcessId
0x4b05fc GetWindowTextA
0x4b0600 GetWindowRect
0x4b0604 GetWindowPlacement
0x4b0608 GetWindowLongA
0x4b060c GetWindowInfo
0x4b0610 GetWindowDC
0x4b0614 GetTopWindow
0x4b0618 GetSystemMetrics
0x4b061c GetSystemMenu
0x4b0620 GetSysColorBrush
0x4b0624 GetSysColor
0x4b0628 GetSubMenu
0x4b062c GetScrollRange
0x4b0630 GetScrollPos
0x4b0634 GetScrollInfo
0x4b0638 GetPropA
0x4b063c GetParent
0x4b0640 GetWindow
0x4b0644 GetMessageTime
0x4b0648 GetMenuStringA
0x4b064c GetMenuState
0x4b0650 GetMenuItemInfoA
0x4b0654 GetMenuItemID
0x4b0658 GetMenuItemCount
0x4b065c GetMenu
0x4b0660 GetLastActivePopup
0x4b0664 GetKeyboardState
0x4b0668 GetKeyboardLayoutList
0x4b066c GetKeyboardLayout
0x4b0670 GetKeyState
0x4b0674 GetKeyNameTextA
0x4b0678 GetIconInfo
0x4b067c GetForegroundWindow
0x4b0680 GetFocus
0x4b0684 GetDesktopWindow
0x4b0688 GetDCEx
0x4b068c GetDC
0x4b0690 GetCursorPos
0x4b0694 GetCursor
0x4b0698 GetClipboardData
0x4b069c GetClientRect
0x4b06a0 GetClassNameA
0x4b06a4 GetClassInfoA
0x4b06a8 GetCapture
0x4b06ac GetActiveWindow
0x4b06b0 FrameRect
0x4b06b4 FindWindowA
0x4b06b8 FillRect
0x4b06bc EqualRect
0x4b06c0 EnumWindows
0x4b06c4 EnumThreadWindows
0x4b06c8 EndPaint
0x4b06cc EnableWindow
0x4b06d0 EnableScrollBar
0x4b06d4 EnableMenuItem
0x4b06d8 DrawTextA
0x4b06dc DrawMenuBar
0x4b06e0 DrawIconEx
0x4b06e4 DrawIcon
0x4b06e8 DrawFrameControl
0x4b06ec DrawEdge
0x4b06f0 DispatchMessageA
0x4b06f4 DestroyWindow
0x4b06f8 DestroyMenu
0x4b06fc DestroyIcon
0x4b0700 DestroyCursor
0x4b0704 DeleteMenu
0x4b0708 DefWindowProcA
0x4b070c DefMDIChildProcA
0x4b0710 DefFrameProcA
0x4b0714 CreatePopupMenu
0x4b0718 CreateMenu
0x4b071c CreateIcon
0x4b0720 ClientToScreen
0x4b0724 CheckMenuItem
0x4b0728 CallWindowProcA
0x4b072c CallNextHookEx
0x4b0730 BeginPaint
0x4b0734 CharNextA
0x4b0738 CharLowerBuffA
0x4b073c CharLowerA
0x4b0740 CharToOemA
0x4b0744 AdjustWindowRectEx
0x4b0748 ActivateKeyboardLayout
kernel32.dll
0x4b0750 Sleep
oleaut32.dll
0x4b0758 SafeArrayPtrOfIndex
0x4b075c SafeArrayGetUBound
0x4b0760 SafeArrayGetLBound
0x4b0764 SafeArrayCreate
0x4b0768 VariantChangeType
0x4b076c VariantCopy
0x4b0770 VariantClear
0x4b0774 VariantInit
ole32.dll
0x4b077c CreateStreamOnHGlobal
0x4b0780 IsAccelerator
0x4b0784 OleDraw
0x4b0788 OleSetMenuDescriptor
0x4b078c CoCreateInstance
0x4b0790 CoGetClassObject
0x4b0794 CoUninitialize
0x4b0798 CoInitialize
0x4b079c IsEqualGUID
oleaut32.dll
0x4b07a4 GetErrorInfo
0x4b07a8 SysFreeString
comctl32.dll
0x4b07b0 ImageList_SetIconSize
0x4b07b4 ImageList_GetIconSize
0x4b07b8 ImageList_Write
0x4b07bc ImageList_Read
0x4b07c0 ImageList_GetDragImage
0x4b07c4 ImageList_DragShowNolock
0x4b07c8 ImageList_SetDragCursorImage
0x4b07cc ImageList_DragMove
0x4b07d0 ImageList_DragLeave
0x4b07d4 ImageList_DragEnter
0x4b07d8 ImageList_EndDrag
0x4b07dc ImageList_BeginDrag
0x4b07e0 ImageList_Remove
0x4b07e4 ImageList_DrawEx
0x4b07e8 ImageList_Draw
0x4b07ec ImageList_GetBkColor
0x4b07f0 ImageList_SetBkColor
0x4b07f4 ImageList_ReplaceIcon
0x4b07f8 ImageList_Add
0x4b07fc ImageList_SetImageCount
0x4b0800 ImageList_GetImageCount
0x4b0804 ImageList_Destroy
0x4b0808 ImageList_Create
shell32.dll
0x4b0810 ShellExecuteA
uRL
0x4b0818 AutodialHookCallback
ntdll
0x4b0820 ZwWriteVirtualMemory
Kernel32
0x4b0828 GetProcAddress
ntdll
0x4b0830 NtQueryInformationFile
0x4b0834 NtOpenFile
0x4b0838 NtClose
0x4b083c NtReadFile
ntdll
0x4b0844 RtlDosPathNameToNtPathName_U
EAT(Export Address Table) is none
kernel32.dll
0x4b01b8 DeleteCriticalSection
0x4b01bc LeaveCriticalSection
0x4b01c0 EnterCriticalSection
0x4b01c4 InitializeCriticalSection
0x4b01c8 VirtualFree
0x4b01cc VirtualAlloc
0x4b01d0 LocalFree
0x4b01d4 LocalAlloc
0x4b01d8 GetVersion
0x4b01dc GetCurrentThreadId
0x4b01e0 InterlockedDecrement
0x4b01e4 InterlockedIncrement
0x4b01e8 VirtualQuery
0x4b01ec WideCharToMultiByte
0x4b01f0 MultiByteToWideChar
0x4b01f4 lstrlenA
0x4b01f8 lstrcpynA
0x4b01fc LoadLibraryExA
0x4b0200 GetThreadLocale
0x4b0204 GetStartupInfoA
0x4b0208 GetProcAddress
0x4b020c GetModuleHandleA
0x4b0210 GetModuleFileNameA
0x4b0214 GetLocaleInfoA
0x4b0218 GetCommandLineA
0x4b021c FreeLibrary
0x4b0220 FindFirstFileA
0x4b0224 FindClose
0x4b0228 ExitProcess
0x4b022c WriteFile
0x4b0230 UnhandledExceptionFilter
0x4b0234 RtlUnwind
0x4b0238 RaiseException
0x4b023c GetStdHandle
user32.dll
0x4b0244 GetKeyboardType
0x4b0248 LoadStringA
0x4b024c MessageBoxA
0x4b0250 CharNextA
advapi32.dll
0x4b0258 RegQueryValueExA
0x4b025c RegOpenKeyExA
0x4b0260 RegCloseKey
oleaut32.dll
0x4b0268 SysFreeString
0x4b026c SysReAllocStringLen
0x4b0270 SysAllocStringLen
kernel32.dll
0x4b0278 TlsSetValue
0x4b027c TlsGetValue
0x4b0280 LocalAlloc
0x4b0284 GetModuleHandleA
advapi32.dll
0x4b028c RegQueryValueExA
0x4b0290 RegOpenKeyExA
0x4b0294 RegCloseKey
kernel32.dll
0x4b029c lstrcpyA
0x4b02a0 WriteFile
0x4b02a4 WaitForSingleObject
0x4b02a8 VirtualQuery
0x4b02ac VirtualProtect
0x4b02b0 VirtualAlloc
0x4b02b4 Sleep
0x4b02b8 SizeofResource
0x4b02bc SetThreadLocale
0x4b02c0 SetFilePointer
0x4b02c4 SetEvent
0x4b02c8 SetErrorMode
0x4b02cc SetEndOfFile
0x4b02d0 ResetEvent
0x4b02d4 ReadFile
0x4b02d8 MultiByteToWideChar
0x4b02dc MulDiv
0x4b02e0 LockResource
0x4b02e4 LoadResource
0x4b02e8 LoadLibraryExA
0x4b02ec LoadLibraryA
0x4b02f0 LeaveCriticalSection
0x4b02f4 InitializeCriticalSection
0x4b02f8 GlobalUnlock
0x4b02fc GlobalSize
0x4b0300 GlobalReAlloc
0x4b0304 GlobalHandle
0x4b0308 GlobalLock
0x4b030c GlobalFree
0x4b0310 GlobalFindAtomA
0x4b0314 GlobalDeleteAtom
0x4b0318 GlobalAlloc
0x4b031c GlobalAddAtomA
0x4b0320 GetVersionExA
0x4b0324 GetVersion
0x4b0328 GetUserDefaultLCID
0x4b032c GetTickCount
0x4b0330 GetThreadLocale
0x4b0334 GetSystemInfo
0x4b0338 GetStringTypeExA
0x4b033c GetStdHandle
0x4b0340 GetProcAddress
0x4b0344 GetModuleHandleA
0x4b0348 GetModuleFileNameA
0x4b034c GetLocaleInfoA
0x4b0350 GetLocalTime
0x4b0354 GetLastError
0x4b0358 GetFullPathNameA
0x4b035c GetDiskFreeSpaceA
0x4b0360 GetDateFormatA
0x4b0364 GetCurrentThreadId
0x4b0368 GetCurrentProcessId
0x4b036c GetCurrentProcess
0x4b0370 GetCPInfo
0x4b0374 GetACP
0x4b0378 FreeResource
0x4b037c InterlockedExchange
0x4b0380 FreeLibrary
0x4b0384 FormatMessageA
0x4b0388 FindResourceA
0x4b038c EnumCalendarInfoA
0x4b0390 EnterCriticalSection
0x4b0394 DeleteCriticalSection
0x4b0398 CreateThread
0x4b039c CreateFileA
0x4b03a0 CreateEventA
0x4b03a4 CompareStringA
0x4b03a8 CloseHandle
version.dll
0x4b03b0 VerQueryValueA
0x4b03b4 GetFileVersionInfoSizeA
0x4b03b8 GetFileVersionInfoA
gdi32.dll
0x4b03c0 UnrealizeObject
0x4b03c4 StretchBlt
0x4b03c8 SetWindowOrgEx
0x4b03cc SetWinMetaFileBits
0x4b03d0 SetViewportOrgEx
0x4b03d4 SetTextColor
0x4b03d8 SetStretchBltMode
0x4b03dc SetROP2
0x4b03e0 SetPixel
0x4b03e4 SetEnhMetaFileBits
0x4b03e8 SetDIBColorTable
0x4b03ec SetBrushOrgEx
0x4b03f0 SetBkMode
0x4b03f4 SetBkColor
0x4b03f8 SelectPalette
0x4b03fc SelectObject
0x4b0400 SaveDC
0x4b0404 RestoreDC
0x4b0408 RectVisible
0x4b040c RealizePalette
0x4b0410 PlayEnhMetaFile
0x4b0414 PatBlt
0x4b0418 MoveToEx
0x4b041c MaskBlt
0x4b0420 LineTo
0x4b0424 IntersectClipRect
0x4b0428 GetWindowOrgEx
0x4b042c GetWinMetaFileBits
0x4b0430 GetTextMetricsA
0x4b0434 GetTextExtentPoint32A
0x4b0438 GetSystemPaletteEntries
0x4b043c GetStockObject
0x4b0440 GetPixel
0x4b0444 GetPaletteEntries
0x4b0448 GetObjectA
0x4b044c GetEnhMetaFilePaletteEntries
0x4b0450 GetEnhMetaFileHeader
0x4b0454 GetEnhMetaFileDescriptionA
0x4b0458 GetEnhMetaFileBits
0x4b045c GetDeviceCaps
0x4b0460 GetDIBits
0x4b0464 GetDIBColorTable
0x4b0468 GetDCOrgEx
0x4b046c GetCurrentPositionEx
0x4b0470 GetClipBox
0x4b0474 GetBrushOrgEx
0x4b0478 GetBitmapBits
0x4b047c GdiFlush
0x4b0480 ExcludeClipRect
0x4b0484 DeleteObject
0x4b0488 DeleteEnhMetaFile
0x4b048c DeleteDC
0x4b0490 CreateSolidBrush
0x4b0494 CreatePenIndirect
0x4b0498 CreatePalette
0x4b049c CreateHalftonePalette
0x4b04a0 CreateFontIndirectA
0x4b04a4 CreateEnhMetaFileA
0x4b04a8 CreateDIBitmap
0x4b04ac CreateDIBSection
0x4b04b0 CreateCompatibleDC
0x4b04b4 CreateCompatibleBitmap
0x4b04b8 CreateBrushIndirect
0x4b04bc CreateBitmap
0x4b04c0 CopyEnhMetaFileA
0x4b04c4 CloseEnhMetaFile
0x4b04c8 BitBlt
user32.dll
0x4b04d0 CreateWindowExA
0x4b04d4 WindowFromPoint
0x4b04d8 WinHelpA
0x4b04dc WaitMessage
0x4b04e0 UpdateWindow
0x4b04e4 UnregisterClassA
0x4b04e8 UnhookWindowsHookEx
0x4b04ec TranslateMessage
0x4b04f0 TranslateMDISysAccel
0x4b04f4 TrackPopupMenu
0x4b04f8 SystemParametersInfoA
0x4b04fc ShowWindow
0x4b0500 ShowScrollBar
0x4b0504 ShowOwnedPopups
0x4b0508 ShowCursor
0x4b050c SetWindowsHookExA
0x4b0510 SetWindowTextA
0x4b0514 SetWindowPos
0x4b0518 SetWindowPlacement
0x4b051c SetWindowLongA
0x4b0520 SetTimer
0x4b0524 SetScrollRange
0x4b0528 SetScrollPos
0x4b052c SetScrollInfo
0x4b0530 SetRect
0x4b0534 SetPropA
0x4b0538 SetParent
0x4b053c SetMenuItemInfoA
0x4b0540 SetMenu
0x4b0544 SetForegroundWindow
0x4b0548 SetFocus
0x4b054c SetCursor
0x4b0550 SetClassLongA
0x4b0554 SetCapture
0x4b0558 SetActiveWindow
0x4b055c SendMessageA
0x4b0560 ScrollWindow
0x4b0564 ScreenToClient
0x4b0568 RemovePropA
0x4b056c RemoveMenu
0x4b0570 ReleaseDC
0x4b0574 ReleaseCapture
0x4b0578 RegisterWindowMessageA
0x4b057c RegisterClipboardFormatA
0x4b0580 RegisterClassA
0x4b0584 RedrawWindow
0x4b0588 PtInRect
0x4b058c PostQuitMessage
0x4b0590 PostMessageA
0x4b0594 PeekMessageA
0x4b0598 OffsetRect
0x4b059c OemToCharA
0x4b05a0 MessageBoxA
0x4b05a4 MapWindowPoints
0x4b05a8 MapVirtualKeyA
0x4b05ac LoadStringA
0x4b05b0 LoadKeyboardLayoutA
0x4b05b4 LoadIconA
0x4b05b8 LoadCursorA
0x4b05bc LoadBitmapA
0x4b05c0 KillTimer
0x4b05c4 IsZoomed
0x4b05c8 IsWindowVisible
0x4b05cc IsWindowEnabled
0x4b05d0 IsWindow
0x4b05d4 IsRectEmpty
0x4b05d8 IsIconic
0x4b05dc IsDialogMessageA
0x4b05e0 IsChild
0x4b05e4 InvalidateRect
0x4b05e8 IntersectRect
0x4b05ec InsertMenuItemA
0x4b05f0 InsertMenuA
0x4b05f4 InflateRect
0x4b05f8 GetWindowThreadProcessId
0x4b05fc GetWindowTextA
0x4b0600 GetWindowRect
0x4b0604 GetWindowPlacement
0x4b0608 GetWindowLongA
0x4b060c GetWindowInfo
0x4b0610 GetWindowDC
0x4b0614 GetTopWindow
0x4b0618 GetSystemMetrics
0x4b061c GetSystemMenu
0x4b0620 GetSysColorBrush
0x4b0624 GetSysColor
0x4b0628 GetSubMenu
0x4b062c GetScrollRange
0x4b0630 GetScrollPos
0x4b0634 GetScrollInfo
0x4b0638 GetPropA
0x4b063c GetParent
0x4b0640 GetWindow
0x4b0644 GetMessageTime
0x4b0648 GetMenuStringA
0x4b064c GetMenuState
0x4b0650 GetMenuItemInfoA
0x4b0654 GetMenuItemID
0x4b0658 GetMenuItemCount
0x4b065c GetMenu
0x4b0660 GetLastActivePopup
0x4b0664 GetKeyboardState
0x4b0668 GetKeyboardLayoutList
0x4b066c GetKeyboardLayout
0x4b0670 GetKeyState
0x4b0674 GetKeyNameTextA
0x4b0678 GetIconInfo
0x4b067c GetForegroundWindow
0x4b0680 GetFocus
0x4b0684 GetDesktopWindow
0x4b0688 GetDCEx
0x4b068c GetDC
0x4b0690 GetCursorPos
0x4b0694 GetCursor
0x4b0698 GetClipboardData
0x4b069c GetClientRect
0x4b06a0 GetClassNameA
0x4b06a4 GetClassInfoA
0x4b06a8 GetCapture
0x4b06ac GetActiveWindow
0x4b06b0 FrameRect
0x4b06b4 FindWindowA
0x4b06b8 FillRect
0x4b06bc EqualRect
0x4b06c0 EnumWindows
0x4b06c4 EnumThreadWindows
0x4b06c8 EndPaint
0x4b06cc EnableWindow
0x4b06d0 EnableScrollBar
0x4b06d4 EnableMenuItem
0x4b06d8 DrawTextA
0x4b06dc DrawMenuBar
0x4b06e0 DrawIconEx
0x4b06e4 DrawIcon
0x4b06e8 DrawFrameControl
0x4b06ec DrawEdge
0x4b06f0 DispatchMessageA
0x4b06f4 DestroyWindow
0x4b06f8 DestroyMenu
0x4b06fc DestroyIcon
0x4b0700 DestroyCursor
0x4b0704 DeleteMenu
0x4b0708 DefWindowProcA
0x4b070c DefMDIChildProcA
0x4b0710 DefFrameProcA
0x4b0714 CreatePopupMenu
0x4b0718 CreateMenu
0x4b071c CreateIcon
0x4b0720 ClientToScreen
0x4b0724 CheckMenuItem
0x4b0728 CallWindowProcA
0x4b072c CallNextHookEx
0x4b0730 BeginPaint
0x4b0734 CharNextA
0x4b0738 CharLowerBuffA
0x4b073c CharLowerA
0x4b0740 CharToOemA
0x4b0744 AdjustWindowRectEx
0x4b0748 ActivateKeyboardLayout
kernel32.dll
0x4b0750 Sleep
oleaut32.dll
0x4b0758 SafeArrayPtrOfIndex
0x4b075c SafeArrayGetUBound
0x4b0760 SafeArrayGetLBound
0x4b0764 SafeArrayCreate
0x4b0768 VariantChangeType
0x4b076c VariantCopy
0x4b0770 VariantClear
0x4b0774 VariantInit
ole32.dll
0x4b077c CreateStreamOnHGlobal
0x4b0780 IsAccelerator
0x4b0784 OleDraw
0x4b0788 OleSetMenuDescriptor
0x4b078c CoCreateInstance
0x4b0790 CoGetClassObject
0x4b0794 CoUninitialize
0x4b0798 CoInitialize
0x4b079c IsEqualGUID
oleaut32.dll
0x4b07a4 GetErrorInfo
0x4b07a8 SysFreeString
comctl32.dll
0x4b07b0 ImageList_SetIconSize
0x4b07b4 ImageList_GetIconSize
0x4b07b8 ImageList_Write
0x4b07bc ImageList_Read
0x4b07c0 ImageList_GetDragImage
0x4b07c4 ImageList_DragShowNolock
0x4b07c8 ImageList_SetDragCursorImage
0x4b07cc ImageList_DragMove
0x4b07d0 ImageList_DragLeave
0x4b07d4 ImageList_DragEnter
0x4b07d8 ImageList_EndDrag
0x4b07dc ImageList_BeginDrag
0x4b07e0 ImageList_Remove
0x4b07e4 ImageList_DrawEx
0x4b07e8 ImageList_Draw
0x4b07ec ImageList_GetBkColor
0x4b07f0 ImageList_SetBkColor
0x4b07f4 ImageList_ReplaceIcon
0x4b07f8 ImageList_Add
0x4b07fc ImageList_SetImageCount
0x4b0800 ImageList_GetImageCount
0x4b0804 ImageList_Destroy
0x4b0808 ImageList_Create
shell32.dll
0x4b0810 ShellExecuteA
uRL
0x4b0818 AutodialHookCallback
ntdll
0x4b0820 ZwWriteVirtualMemory
Kernel32
0x4b0828 GetProcAddress
ntdll
0x4b0830 NtQueryInformationFile
0x4b0834 NtOpenFile
0x4b0838 NtClose
0x4b083c NtReadFile
ntdll
0x4b0844 RtlDosPathNameToNtPathName_U
EAT(Export Address Table) is none