ScreenShot
| Created | 2023.08.02 16:56 | Machine | s1_win7_x6403 |
| Filename | Guendengf.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 38 detected (AIDetectMalware, Doina, malicious, high confidence, Siggen7, Artemis, unsafe, V7i8, Kryptik, ZexaF, @B0@aydG, Attribute, HighConfidence, multiple detections, FileRepMalware, Misc, fctwa, Static AI, Suspicious PE, Farfli, score, BScope, Casur, ai score=85, R002H09H123, NDAoF, confidence, 100%) | ||
| md5 | 6e5ca3cddbfdd665aa1789800d0963b2 | ||
| sha256 | c329a69681817bbb4d99573eb9eb47efaa0c5c20437d0b21afc2b41348de3fb5 | ||
| ssdeep | 196608:jdk7WnPzCeEnBjxQn4ir1XVZdLERR+wxpB1sTDBFmW:3GeERKnThVgR+M1sPXmW | ||
| imphash | 944aa7aabbaf12b2712a21de39e89d3c | ||
| impfuzzy | 192:LthkwIFl2EXydPMd95k7k4H+GOScncvc9SearmNlEd9ls:LPisEiFKukAaoGSNmNlwPs | ||
Network IP location
Signature (7cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 38 AntiVirus engines on VirusTotal as malicious |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates executable files on the filesystem |
| notice | Foreign language identified in PE resource |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (15cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | EnigmaProtector_IN | EnigmaProtector | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0xfbeeac GetSystemTimeAsFileTime
0xfbeeb0 ExitProcess
0xfbeeb4 RaiseException
0xfbeeb8 TerminateProcess
0xfbeebc UnhandledExceptionFilter
0xfbeec0 SetUnhandledExceptionFilter
0xfbeec4 IsDebuggerPresent
0xfbeec8 GetCommandLineA
0xfbeecc GetStartupInfoA
0xfbeed0 HeapAlloc
0xfbeed4 HeapFree
0xfbeed8 VirtualProtect
0xfbeedc VirtualAlloc
0xfbeee0 GetSystemInfo
0xfbeee4 VirtualQuery
0xfbeee8 HeapReAlloc
0xfbeeec ExitThread
0xfbeef0 CreateThread
0xfbeef4 HeapSize
0xfbeef8 GetStdHandle
0xfbeefc FatalAppExitA
0xfbef00 SetConsoleCtrlHandler
0xfbef04 InitializeCriticalSectionAndSpinCount
0xfbef08 FreeEnvironmentStringsA
0xfbef0c GetEnvironmentStrings
0xfbef10 FreeEnvironmentStringsW
0xfbef14 GetEnvironmentStringsW
0xfbef18 SetHandleCount
0xfbef1c GetFileType
0xfbef20 RtlUnwind
0xfbef24 HeapDestroy
0xfbef28 VirtualFree
0xfbef2c QueryPerformanceCounter
0xfbef30 GetTickCount
0xfbef34 GetACP
0xfbef38 IsValidCodePage
0xfbef3c GetTimeZoneInformation
0xfbef40 GetConsoleCP
0xfbef44 GetConsoleMode
0xfbef48 GetLocaleInfoW
0xfbef4c GetTimeFormatA
0xfbef50 GetDateFormatA
0xfbef54 GetUserDefaultLCID
0xfbef58 EnumSystemLocalesA
0xfbef5c IsValidLocale
0xfbef60 GetStringTypeA
0xfbef64 GetStringTypeW
0xfbef68 LCMapStringA
0xfbef6c LCMapStringW
0xfbef70 SetStdHandle
0xfbef74 WriteConsoleA
0xfbef78 GetConsoleOutputCP
0xfbef7c WriteConsoleW
0xfbef80 CompareStringW
0xfbef84 SetEnvironmentVariableA
0xfbef88 GetFileTime
0xfbef8c GetFileSizeEx
0xfbef90 CreateDirectoryA
0xfbef94 GetProcessHeap
0xfbef98 InterlockedCompareExchange
0xfbef9c GetFileAttributesA
0xfbefa0 SetFileAttributesA
0xfbefa4 SetFileTime
0xfbefa8 LocalFileTimeToFileTime
0xfbefac FileTimeToLocalFileTime
0xfbefb0 SetErrorMode
0xfbefb4 GetShortPathNameA
0xfbefb8 GetFullPathNameA
0xfbefbc GetVolumeInformationA
0xfbefc0 FindFirstFileA
0xfbefc4 FindClose
0xfbefc8 GetCurrentProcess
0xfbefcc DuplicateHandle
0xfbefd0 GetFileSize
0xfbefd4 SetEndOfFile
0xfbefd8 UnlockFile
0xfbefdc LockFile
0xfbefe0 FlushFileBuffers
0xfbefe4 SetFilePointer
0xfbefe8 ReadFile
0xfbefec lstrcmpiA
0xfbeff0 GetStringTypeExA
0xfbeff4 DeleteFileA
0xfbeff8 MoveFileA
0xfbeffc GetCurrentDirectoryA
0xfbf000 GetOEMCP
0xfbf004 GetCPInfo
0xfbf008 SystemTimeToFileTime
0xfbf00c FileTimeToSystemTime
0xfbf010 GetThreadLocale
0xfbf014 GetAtomNameA
0xfbf018 InterlockedIncrement
0xfbf01c GetModuleHandleW
0xfbf020 GlobalFlags
0xfbf024 TlsFree
0xfbf028 DeleteCriticalSection
0xfbf02c LocalReAlloc
0xfbf030 TlsSetValue
0xfbf034 TlsAlloc
0xfbf038 InitializeCriticalSection
0xfbf03c GlobalHandle
0xfbf040 GlobalReAlloc
0xfbf044 EnterCriticalSection
0xfbf048 TlsGetValue
0xfbf04c LeaveCriticalSection
0xfbf050 LocalAlloc
0xfbf054 GetPrivateProfileStringA
0xfbf058 WritePrivateProfileStringA
0xfbf05c GetPrivateProfileIntA
0xfbf060 GetCurrentThread
0xfbf064 ConvertDefaultLocale
0xfbf068 EnumResourceLanguagesA
0xfbf06c GetLocaleInfoA
0xfbf070 InterlockedExchange
0xfbf074 lstrcmpA
0xfbf078 CreateEventA
0xfbf07c SuspendThread
0xfbf080 SetEvent
0xfbf084 WaitForSingleObject
0xfbf088 ResumeThread
0xfbf08c SetThreadPriority
0xfbf090 FreeResource
0xfbf094 GetCurrentThreadId
0xfbf098 GlobalGetAtomNameA
0xfbf09c GlobalAddAtomA
0xfbf0a0 GlobalFindAtomA
0xfbf0a4 GlobalDeleteAtom
0xfbf0a8 CompareStringA
0xfbf0ac lstrcmpW
0xfbf0b0 GetVersionExA
0xfbf0b4 GlobalFree
0xfbf0b8 CopyFileA
0xfbf0bc GlobalSize
0xfbf0c0 GlobalAlloc
0xfbf0c4 FormatMessageA
0xfbf0c8 LocalFree
0xfbf0cc lstrlenW
0xfbf0d0 MultiByteToWideChar
0xfbf0d4 FreeLibrary
0xfbf0d8 GetModuleFileNameW
0xfbf0dc GetCurrentProcessId
0xfbf0e0 GlobalLock
0xfbf0e4 GlobalUnlock
0xfbf0e8 MulDiv
0xfbf0ec lstrlenA
0xfbf0f0 OpenProcess
0xfbf0f4 Sleep
0xfbf0f8 WinExec
0xfbf0fc CreateToolhelp32Snapshot
0xfbf100 Process32First
0xfbf104 Process32Next
0xfbf108 InterlockedDecrement
0xfbf10c GetModuleFileNameA
0xfbf110 CreateFileA
0xfbf114 WriteFile
0xfbf118 CloseHandle
0xfbf11c WideCharToMultiByte
0xfbf120 LoadResource
0xfbf124 LockResource
0xfbf128 SizeofResource
0xfbf12c FindResourceA
0xfbf130 GetModuleHandleA
0xfbf134 LoadLibraryA
0xfbf138 GetProcAddress
0xfbf13c GetLastError
0xfbf140 HeapCreate
0xfbf144 SetLastError
USER32.dll
0xfbf378 DeleteMenu
0xfbf37c IsRectEmpty
0xfbf380 GetMenuItemInfoA
0xfbf384 GetSysColorBrush
0xfbf388 UnregisterClassA
0xfbf38c CreateDialogIndirectParamA
0xfbf390 GetNextDlgTabItem
0xfbf394 EndDialog
0xfbf398 ShowOwnedPopups
0xfbf39c PostQuitMessage
0xfbf3a0 UnpackDDElParam
0xfbf3a4 ReuseDDElParam
0xfbf3a8 LoadMenuA
0xfbf3ac DestroyMenu
0xfbf3b0 GetMenuBarInfo
0xfbf3b4 SetCursor
0xfbf3b8 ReleaseCapture
0xfbf3bc LoadAcceleratorsA
0xfbf3c0 InvalidateRect
0xfbf3c4 InsertMenuItemA
0xfbf3c8 CreatePopupMenu
0xfbf3cc SetRectEmpty
0xfbf3d0 BringWindowToTop
0xfbf3d4 GetDesktopWindow
0xfbf3d8 TranslateAcceleratorA
0xfbf3dc GetMessageA
0xfbf3e0 TranslateMessage
0xfbf3e4 GetActiveWindow
0xfbf3e8 GetCursorPos
0xfbf3ec ValidateRect
0xfbf3f0 InflateRect
0xfbf3f4 ScrollWindowEx
0xfbf3f8 ShowWindow
0xfbf3fc MoveWindow
0xfbf400 SetWindowTextA
0xfbf404 IsDialogMessageA
0xfbf408 IsDlgButtonChecked
0xfbf40c SetDlgItemTextA
0xfbf410 SetDlgItemInt
0xfbf414 GetDlgItemTextA
0xfbf418 GetDlgItemInt
0xfbf41c CheckRadioButton
0xfbf420 CheckDlgButton
0xfbf424 SetMenuItemBitmaps
0xfbf428 GetMenuCheckMarkDimensions
0xfbf42c ModifyMenuA
0xfbf430 EnableMenuItem
0xfbf434 CheckMenuItem
0xfbf438 RegisterWindowMessageA
0xfbf43c LoadIconA
0xfbf440 SendDlgItemMessageA
0xfbf444 WinHelpA
0xfbf448 IsChild
0xfbf44c GetCapture
0xfbf450 SetWindowsHookExA
0xfbf454 GetSystemMenu
0xfbf458 GetClassNameA
0xfbf45c SetPropA
0xfbf460 GetPropA
0xfbf464 RemovePropA
0xfbf468 GetFocus
0xfbf46c SetFocus
0xfbf470 GetWindowTextLengthA
0xfbf474 GetWindowTextA
0xfbf478 GetForegroundWindow
0xfbf47c SetActiveWindow
0xfbf480 DispatchMessageA
0xfbf484 BeginDeferWindowPos
0xfbf488 EndDeferWindowPos
0xfbf48c GetDlgItem
0xfbf490 GetTopWindow
0xfbf494 DestroyWindow
0xfbf498 GetMessageTime
0xfbf49c GetMessagePos
0xfbf4a0 PeekMessageA
0xfbf4a4 MapWindowPoints
0xfbf4a8 ScrollWindow
0xfbf4ac TrackPopupMenuEx
0xfbf4b0 TrackPopupMenu
0xfbf4b4 GetKeyState
0xfbf4b8 SetMenu
0xfbf4bc SetScrollRange
0xfbf4c0 GetScrollRange
0xfbf4c4 SetScrollPos
0xfbf4c8 GetScrollPos
0xfbf4cc SetForegroundWindow
0xfbf4d0 ShowScrollBar
0xfbf4d4 IsWindowVisible
0xfbf4d8 PostMessageA
0xfbf4dc LoadBitmapA
0xfbf4e0 GetClassLongA
0xfbf4e4 LoadCursorA
0xfbf4e8 IntersectRect
0xfbf4ec CreateWindowExA
0xfbf4f0 GetClassInfoExA
0xfbf4f4 GetClassInfoA
0xfbf4f8 RegisterClassA
0xfbf4fc AdjustWindowRectEx
0xfbf500 EqualRect
0xfbf504 DeferWindowPos
0xfbf508 GetScrollInfo
0xfbf50c SetScrollInfo
0xfbf510 PtInRect
0xfbf514 SetWindowPlacement
0xfbf518 GetDlgCtrlID
0xfbf51c DefWindowProcA
0xfbf520 CallWindowProcA
0xfbf524 GetMenu
0xfbf528 SetWindowLongA
0xfbf52c SetWindowPos
0xfbf530 OffsetRect
0xfbf534 SetParent
0xfbf538 SetCapture
0xfbf53c LockWindowUpdate
0xfbf540 GetDCEx
0xfbf544 WindowFromPoint
0xfbf548 SetRect
0xfbf54c GetDialogBaseUnits
0xfbf550 CharUpperA
0xfbf554 DestroyIcon
0xfbf558 CallNextHookEx
0xfbf55c UnionRect
0xfbf560 SetTimer
0xfbf564 KillTimer
0xfbf568 EnableWindow
0xfbf56c GetSystemMetrics
0xfbf570 CopyRect
0xfbf574 UpdateWindow
0xfbf578 SendMessageA
0xfbf57c IsWindow
0xfbf580 GetClientRect
0xfbf584 GetDC
0xfbf588 ReleaseDC
0xfbf58c GetKeyNameTextA
0xfbf590 MapVirtualKeyA
0xfbf594 FillRect
0xfbf598 TabbedTextOutA
0xfbf59c DrawTextA
0xfbf5a0 DrawTextExA
0xfbf5a4 GrayStringA
0xfbf5a8 ScreenToClient
0xfbf5ac ClientToScreen
0xfbf5b0 GetWindowDC
0xfbf5b4 SystemParametersInfoA
0xfbf5b8 IsIconic
0xfbf5bc GetWindowPlacement
0xfbf5c0 GetWindowRect
0xfbf5c4 GetWindow
0xfbf5c8 GetMenuState
0xfbf5cc GetMenuStringA
0xfbf5d0 AppendMenuA
0xfbf5d4 GetMenuItemID
0xfbf5d8 InsertMenuA
0xfbf5dc GetMenuItemCount
0xfbf5e0 GetSubMenu
0xfbf5e4 RemoveMenu
0xfbf5e8 UnhookWindowsHookEx
0xfbf5ec GetWindowThreadProcessId
0xfbf5f0 GetParent
0xfbf5f4 GetWindowLongA
0xfbf5f8 GetLastActivePopup
0xfbf5fc IsWindowEnabled
0xfbf600 MessageBoxA
0xfbf604 GetSysColor
0xfbf608 EndPaint
0xfbf60c BeginPaint
GDI32.dll
0xfbecdc PlayMetaFileRecord
0xfbece0 GetObjectType
0xfbece4 EnumMetaFile
0xfbece8 PlayMetaFile
0xfbecec GetDeviceCaps
0xfbecf0 CreatePen
0xfbecf4 ExtCreatePen
0xfbecf8 CreateSolidBrush
0xfbecfc CreateHatchBrush
0xfbed00 CopyMetaFileA
0xfbed04 CreateDCA
0xfbed08 SelectPalette
0xfbed0c CreateFontIndirectA
0xfbed10 SetRectRgn
0xfbed14 CombineRgn
0xfbed18 GetMapMode
0xfbed1c DPtoLP
0xfbed20 GetTextExtentPoint32A
0xfbed24 GetCharWidthA
0xfbed28 CreateFontA
0xfbed2c StretchDIBits
0xfbed30 GetTextMetricsA
0xfbed34 GetBkColor
0xfbed38 CreateBitmap
0xfbed3c GetStockObject
0xfbed40 CreatePatternBrush
0xfbed44 CreateDIBPatternBrushPt
0xfbed48 DeleteDC
0xfbed4c ExtSelectClipRgn
0xfbed50 SetViewportOrgEx
0xfbed54 PolyBezierTo
0xfbed58 PolylineTo
0xfbed5c PolyDraw
0xfbed60 ArcTo
0xfbed64 GetCurrentPositionEx
0xfbed68 ScaleWindowExtEx
0xfbed6c SetWindowExtEx
0xfbed70 OffsetWindowOrgEx
0xfbed74 SetWindowOrgEx
0xfbed78 ScaleViewportExtEx
0xfbed7c SetViewportExtEx
0xfbed80 GetDCOrgEx
0xfbed84 CreateCompatibleBitmap
0xfbed88 SelectObject
0xfbed8c Escape
0xfbed90 ExtTextOutA
0xfbed94 TextOutA
0xfbed98 RectVisible
0xfbed9c PtVisible
0xfbeda0 StartDocA
0xfbeda4 GetPixel
0xfbeda8 GetWindowExtEx
0xfbedac GetViewportExtEx
0xfbedb0 GetObjectA
0xfbedb4 SelectClipPath
0xfbedb8 CreateRectRgn
0xfbedbc GetClipRgn
0xfbedc0 SelectClipRgn
0xfbedc4 DeleteObject
0xfbedc8 SetColorAdjustment
0xfbedcc SetArcDirection
0xfbedd0 SetMapperFlags
0xfbedd4 SetTextCharacterExtra
0xfbedd8 SetTextJustification
0xfbeddc SetTextAlign
0xfbede0 MoveToEx
0xfbede4 LineTo
0xfbede8 OffsetClipRgn
0xfbedec IntersectClipRect
0xfbedf0 ExcludeClipRect
0xfbedf4 GetClipBox
0xfbedf8 SetMapMode
0xfbedfc ModifyWorldTransform
0xfbee00 SetWorldTransform
0xfbee04 SetGraphicsMode
0xfbee08 SetTextColor
0xfbee0c SetStretchBltMode
0xfbee10 SetROP2
0xfbee14 SetPolyFillMode
0xfbee18 SetBkMode
0xfbee1c SetBkColor
0xfbee20 RestoreDC
0xfbee24 SaveDC
0xfbee28 PatBlt
0xfbee2c CreateRectRgnIndirect
0xfbee30 BitBlt
0xfbee34 CreateCompatibleDC
0xfbee38 OffsetViewportOrgEx
COMDLG32.dll
0xfbecac GetFileTitleA
WINSPOOL.DRV
0xfbf6c0 DocumentPropertiesA
0xfbf6c4 OpenPrinterA
0xfbf6c8 ClosePrinter
ADVAPI32.dll
0xfbec30 RegDeleteValueA
0xfbec34 RegSetValueExA
0xfbec38 RegCreateKeyExA
0xfbec3c RegQueryValueA
0xfbec40 RegOpenKeyA
0xfbec44 RegEnumKeyA
0xfbec48 RegDeleteKeyA
0xfbec4c RegOpenKeyExA
0xfbec50 RegQueryValueExA
0xfbec54 RegSetValueA
0xfbec58 RegCloseKey
0xfbec5c OpenProcessToken
0xfbec60 GetLengthSid
0xfbec64 SetTokenInformation
0xfbec68 LookupPrivilegeValueA
0xfbec6c AdjustTokenPrivileges
0xfbec70 RegCreateKeyA
SHELL32.dll
0xfbf2f4 DragFinish
0xfbf2f8 ExtractIconA
0xfbf2fc SHGetFileInfoA
0xfbf300 DragQueryFileA
SHLWAPI.dll
0xfbf330 PathFindFileNameA
0xfbf334 PathStripToRootA
0xfbf338 PathIsUNCA
0xfbf33c PathFindExtensionA
0xfbf340 PathRemoveExtensionA
0xfbf344 PathRemoveFileSpecW
ole32.dll
0xfbf6f8 StringFromGUID2
0xfbf6fc OleDuplicateData
0xfbf700 CoTaskMemAlloc
0xfbf704 ReleaseStgMedium
0xfbf708 CreateBindCtx
0xfbf70c CoTreatAsClass
0xfbf710 StringFromCLSID
0xfbf714 ReadClassStg
0xfbf718 CoDisconnectObject
0xfbf71c OleRegGetUserType
0xfbf720 WriteClassStg
0xfbf724 WriteFmtUserTypeStg
0xfbf728 SetConvertStg
0xfbf72c CoTaskMemFree
0xfbf730 CoInitializeEx
0xfbf734 CoInitializeSecurity
0xfbf738 CoCreateInstance
0xfbf73c CLSIDFromString
0xfbf740 CoUninitialize
0xfbf744 ReadFmtUserTypeStg
OLEAUT32.dll
0xfbf1f8 SysAllocString
0xfbf1fc SysFreeString
0xfbf200 VariantInit
0xfbf204 VariantClear
0xfbf208 SysStringLen
0xfbf20c SysAllocStringByteLen
0xfbf210 SysStringByteLen
0xfbf214 VariantChangeType
0xfbf218 SysAllocStringLen
0xfbf21c RegisterTypeLib
0xfbf220 LoadTypeLib
0xfbf224 LoadRegTypeLib
0xfbf228 SafeArrayUnaccessData
0xfbf22c SafeArrayAccessData
0xfbf230 SafeArrayGetUBound
0xfbf234 SafeArrayGetLBound
0xfbf238 SafeArrayGetElemsize
0xfbf23c SafeArrayGetDim
0xfbf240 SafeArrayCreate
0xfbf244 SafeArrayRedim
0xfbf248 VariantCopy
0xfbf24c SafeArrayAllocData
0xfbf250 SafeArrayAllocDescriptor
0xfbf254 SafeArrayCopy
0xfbf258 SafeArrayGetElement
0xfbf25c SafeArrayPtrOfIndex
0xfbf260 SafeArrayPutElement
0xfbf264 SafeArrayLock
0xfbf268 SafeArrayUnlock
0xfbf26c SafeArrayDestroy
0xfbf270 SafeArrayDestroyData
0xfbf274 SafeArrayDestroyDescriptor
0xfbf278 VariantTimeToSystemTime
0xfbf27c SystemTimeToVariantTime
0xfbf280 SysReAllocStringLen
0xfbf284 VarDateFromStr
0xfbf288 VarBstrFromCy
0xfbf28c VarBstrFromDec
0xfbf290 VarDecFromStr
0xfbf294 VarCyFromStr
0xfbf298 VarBstrFromDate
0xfbf29c GetErrorInfo
0xfbf2a0 SetErrorInfo
0xfbf2a4 CreateErrorInfo
EAT(Export Address Table) is none
KERNEL32.dll
0xfbeeac GetSystemTimeAsFileTime
0xfbeeb0 ExitProcess
0xfbeeb4 RaiseException
0xfbeeb8 TerminateProcess
0xfbeebc UnhandledExceptionFilter
0xfbeec0 SetUnhandledExceptionFilter
0xfbeec4 IsDebuggerPresent
0xfbeec8 GetCommandLineA
0xfbeecc GetStartupInfoA
0xfbeed0 HeapAlloc
0xfbeed4 HeapFree
0xfbeed8 VirtualProtect
0xfbeedc VirtualAlloc
0xfbeee0 GetSystemInfo
0xfbeee4 VirtualQuery
0xfbeee8 HeapReAlloc
0xfbeeec ExitThread
0xfbeef0 CreateThread
0xfbeef4 HeapSize
0xfbeef8 GetStdHandle
0xfbeefc FatalAppExitA
0xfbef00 SetConsoleCtrlHandler
0xfbef04 InitializeCriticalSectionAndSpinCount
0xfbef08 FreeEnvironmentStringsA
0xfbef0c GetEnvironmentStrings
0xfbef10 FreeEnvironmentStringsW
0xfbef14 GetEnvironmentStringsW
0xfbef18 SetHandleCount
0xfbef1c GetFileType
0xfbef20 RtlUnwind
0xfbef24 HeapDestroy
0xfbef28 VirtualFree
0xfbef2c QueryPerformanceCounter
0xfbef30 GetTickCount
0xfbef34 GetACP
0xfbef38 IsValidCodePage
0xfbef3c GetTimeZoneInformation
0xfbef40 GetConsoleCP
0xfbef44 GetConsoleMode
0xfbef48 GetLocaleInfoW
0xfbef4c GetTimeFormatA
0xfbef50 GetDateFormatA
0xfbef54 GetUserDefaultLCID
0xfbef58 EnumSystemLocalesA
0xfbef5c IsValidLocale
0xfbef60 GetStringTypeA
0xfbef64 GetStringTypeW
0xfbef68 LCMapStringA
0xfbef6c LCMapStringW
0xfbef70 SetStdHandle
0xfbef74 WriteConsoleA
0xfbef78 GetConsoleOutputCP
0xfbef7c WriteConsoleW
0xfbef80 CompareStringW
0xfbef84 SetEnvironmentVariableA
0xfbef88 GetFileTime
0xfbef8c GetFileSizeEx
0xfbef90 CreateDirectoryA
0xfbef94 GetProcessHeap
0xfbef98 InterlockedCompareExchange
0xfbef9c GetFileAttributesA
0xfbefa0 SetFileAttributesA
0xfbefa4 SetFileTime
0xfbefa8 LocalFileTimeToFileTime
0xfbefac FileTimeToLocalFileTime
0xfbefb0 SetErrorMode
0xfbefb4 GetShortPathNameA
0xfbefb8 GetFullPathNameA
0xfbefbc GetVolumeInformationA
0xfbefc0 FindFirstFileA
0xfbefc4 FindClose
0xfbefc8 GetCurrentProcess
0xfbefcc DuplicateHandle
0xfbefd0 GetFileSize
0xfbefd4 SetEndOfFile
0xfbefd8 UnlockFile
0xfbefdc LockFile
0xfbefe0 FlushFileBuffers
0xfbefe4 SetFilePointer
0xfbefe8 ReadFile
0xfbefec lstrcmpiA
0xfbeff0 GetStringTypeExA
0xfbeff4 DeleteFileA
0xfbeff8 MoveFileA
0xfbeffc GetCurrentDirectoryA
0xfbf000 GetOEMCP
0xfbf004 GetCPInfo
0xfbf008 SystemTimeToFileTime
0xfbf00c FileTimeToSystemTime
0xfbf010 GetThreadLocale
0xfbf014 GetAtomNameA
0xfbf018 InterlockedIncrement
0xfbf01c GetModuleHandleW
0xfbf020 GlobalFlags
0xfbf024 TlsFree
0xfbf028 DeleteCriticalSection
0xfbf02c LocalReAlloc
0xfbf030 TlsSetValue
0xfbf034 TlsAlloc
0xfbf038 InitializeCriticalSection
0xfbf03c GlobalHandle
0xfbf040 GlobalReAlloc
0xfbf044 EnterCriticalSection
0xfbf048 TlsGetValue
0xfbf04c LeaveCriticalSection
0xfbf050 LocalAlloc
0xfbf054 GetPrivateProfileStringA
0xfbf058 WritePrivateProfileStringA
0xfbf05c GetPrivateProfileIntA
0xfbf060 GetCurrentThread
0xfbf064 ConvertDefaultLocale
0xfbf068 EnumResourceLanguagesA
0xfbf06c GetLocaleInfoA
0xfbf070 InterlockedExchange
0xfbf074 lstrcmpA
0xfbf078 CreateEventA
0xfbf07c SuspendThread
0xfbf080 SetEvent
0xfbf084 WaitForSingleObject
0xfbf088 ResumeThread
0xfbf08c SetThreadPriority
0xfbf090 FreeResource
0xfbf094 GetCurrentThreadId
0xfbf098 GlobalGetAtomNameA
0xfbf09c GlobalAddAtomA
0xfbf0a0 GlobalFindAtomA
0xfbf0a4 GlobalDeleteAtom
0xfbf0a8 CompareStringA
0xfbf0ac lstrcmpW
0xfbf0b0 GetVersionExA
0xfbf0b4 GlobalFree
0xfbf0b8 CopyFileA
0xfbf0bc GlobalSize
0xfbf0c0 GlobalAlloc
0xfbf0c4 FormatMessageA
0xfbf0c8 LocalFree
0xfbf0cc lstrlenW
0xfbf0d0 MultiByteToWideChar
0xfbf0d4 FreeLibrary
0xfbf0d8 GetModuleFileNameW
0xfbf0dc GetCurrentProcessId
0xfbf0e0 GlobalLock
0xfbf0e4 GlobalUnlock
0xfbf0e8 MulDiv
0xfbf0ec lstrlenA
0xfbf0f0 OpenProcess
0xfbf0f4 Sleep
0xfbf0f8 WinExec
0xfbf0fc CreateToolhelp32Snapshot
0xfbf100 Process32First
0xfbf104 Process32Next
0xfbf108 InterlockedDecrement
0xfbf10c GetModuleFileNameA
0xfbf110 CreateFileA
0xfbf114 WriteFile
0xfbf118 CloseHandle
0xfbf11c WideCharToMultiByte
0xfbf120 LoadResource
0xfbf124 LockResource
0xfbf128 SizeofResource
0xfbf12c FindResourceA
0xfbf130 GetModuleHandleA
0xfbf134 LoadLibraryA
0xfbf138 GetProcAddress
0xfbf13c GetLastError
0xfbf140 HeapCreate
0xfbf144 SetLastError
USER32.dll
0xfbf378 DeleteMenu
0xfbf37c IsRectEmpty
0xfbf380 GetMenuItemInfoA
0xfbf384 GetSysColorBrush
0xfbf388 UnregisterClassA
0xfbf38c CreateDialogIndirectParamA
0xfbf390 GetNextDlgTabItem
0xfbf394 EndDialog
0xfbf398 ShowOwnedPopups
0xfbf39c PostQuitMessage
0xfbf3a0 UnpackDDElParam
0xfbf3a4 ReuseDDElParam
0xfbf3a8 LoadMenuA
0xfbf3ac DestroyMenu
0xfbf3b0 GetMenuBarInfo
0xfbf3b4 SetCursor
0xfbf3b8 ReleaseCapture
0xfbf3bc LoadAcceleratorsA
0xfbf3c0 InvalidateRect
0xfbf3c4 InsertMenuItemA
0xfbf3c8 CreatePopupMenu
0xfbf3cc SetRectEmpty
0xfbf3d0 BringWindowToTop
0xfbf3d4 GetDesktopWindow
0xfbf3d8 TranslateAcceleratorA
0xfbf3dc GetMessageA
0xfbf3e0 TranslateMessage
0xfbf3e4 GetActiveWindow
0xfbf3e8 GetCursorPos
0xfbf3ec ValidateRect
0xfbf3f0 InflateRect
0xfbf3f4 ScrollWindowEx
0xfbf3f8 ShowWindow
0xfbf3fc MoveWindow
0xfbf400 SetWindowTextA
0xfbf404 IsDialogMessageA
0xfbf408 IsDlgButtonChecked
0xfbf40c SetDlgItemTextA
0xfbf410 SetDlgItemInt
0xfbf414 GetDlgItemTextA
0xfbf418 GetDlgItemInt
0xfbf41c CheckRadioButton
0xfbf420 CheckDlgButton
0xfbf424 SetMenuItemBitmaps
0xfbf428 GetMenuCheckMarkDimensions
0xfbf42c ModifyMenuA
0xfbf430 EnableMenuItem
0xfbf434 CheckMenuItem
0xfbf438 RegisterWindowMessageA
0xfbf43c LoadIconA
0xfbf440 SendDlgItemMessageA
0xfbf444 WinHelpA
0xfbf448 IsChild
0xfbf44c GetCapture
0xfbf450 SetWindowsHookExA
0xfbf454 GetSystemMenu
0xfbf458 GetClassNameA
0xfbf45c SetPropA
0xfbf460 GetPropA
0xfbf464 RemovePropA
0xfbf468 GetFocus
0xfbf46c SetFocus
0xfbf470 GetWindowTextLengthA
0xfbf474 GetWindowTextA
0xfbf478 GetForegroundWindow
0xfbf47c SetActiveWindow
0xfbf480 DispatchMessageA
0xfbf484 BeginDeferWindowPos
0xfbf488 EndDeferWindowPos
0xfbf48c GetDlgItem
0xfbf490 GetTopWindow
0xfbf494 DestroyWindow
0xfbf498 GetMessageTime
0xfbf49c GetMessagePos
0xfbf4a0 PeekMessageA
0xfbf4a4 MapWindowPoints
0xfbf4a8 ScrollWindow
0xfbf4ac TrackPopupMenuEx
0xfbf4b0 TrackPopupMenu
0xfbf4b4 GetKeyState
0xfbf4b8 SetMenu
0xfbf4bc SetScrollRange
0xfbf4c0 GetScrollRange
0xfbf4c4 SetScrollPos
0xfbf4c8 GetScrollPos
0xfbf4cc SetForegroundWindow
0xfbf4d0 ShowScrollBar
0xfbf4d4 IsWindowVisible
0xfbf4d8 PostMessageA
0xfbf4dc LoadBitmapA
0xfbf4e0 GetClassLongA
0xfbf4e4 LoadCursorA
0xfbf4e8 IntersectRect
0xfbf4ec CreateWindowExA
0xfbf4f0 GetClassInfoExA
0xfbf4f4 GetClassInfoA
0xfbf4f8 RegisterClassA
0xfbf4fc AdjustWindowRectEx
0xfbf500 EqualRect
0xfbf504 DeferWindowPos
0xfbf508 GetScrollInfo
0xfbf50c SetScrollInfo
0xfbf510 PtInRect
0xfbf514 SetWindowPlacement
0xfbf518 GetDlgCtrlID
0xfbf51c DefWindowProcA
0xfbf520 CallWindowProcA
0xfbf524 GetMenu
0xfbf528 SetWindowLongA
0xfbf52c SetWindowPos
0xfbf530 OffsetRect
0xfbf534 SetParent
0xfbf538 SetCapture
0xfbf53c LockWindowUpdate
0xfbf540 GetDCEx
0xfbf544 WindowFromPoint
0xfbf548 SetRect
0xfbf54c GetDialogBaseUnits
0xfbf550 CharUpperA
0xfbf554 DestroyIcon
0xfbf558 CallNextHookEx
0xfbf55c UnionRect
0xfbf560 SetTimer
0xfbf564 KillTimer
0xfbf568 EnableWindow
0xfbf56c GetSystemMetrics
0xfbf570 CopyRect
0xfbf574 UpdateWindow
0xfbf578 SendMessageA
0xfbf57c IsWindow
0xfbf580 GetClientRect
0xfbf584 GetDC
0xfbf588 ReleaseDC
0xfbf58c GetKeyNameTextA
0xfbf590 MapVirtualKeyA
0xfbf594 FillRect
0xfbf598 TabbedTextOutA
0xfbf59c DrawTextA
0xfbf5a0 DrawTextExA
0xfbf5a4 GrayStringA
0xfbf5a8 ScreenToClient
0xfbf5ac ClientToScreen
0xfbf5b0 GetWindowDC
0xfbf5b4 SystemParametersInfoA
0xfbf5b8 IsIconic
0xfbf5bc GetWindowPlacement
0xfbf5c0 GetWindowRect
0xfbf5c4 GetWindow
0xfbf5c8 GetMenuState
0xfbf5cc GetMenuStringA
0xfbf5d0 AppendMenuA
0xfbf5d4 GetMenuItemID
0xfbf5d8 InsertMenuA
0xfbf5dc GetMenuItemCount
0xfbf5e0 GetSubMenu
0xfbf5e4 RemoveMenu
0xfbf5e8 UnhookWindowsHookEx
0xfbf5ec GetWindowThreadProcessId
0xfbf5f0 GetParent
0xfbf5f4 GetWindowLongA
0xfbf5f8 GetLastActivePopup
0xfbf5fc IsWindowEnabled
0xfbf600 MessageBoxA
0xfbf604 GetSysColor
0xfbf608 EndPaint
0xfbf60c BeginPaint
GDI32.dll
0xfbecdc PlayMetaFileRecord
0xfbece0 GetObjectType
0xfbece4 EnumMetaFile
0xfbece8 PlayMetaFile
0xfbecec GetDeviceCaps
0xfbecf0 CreatePen
0xfbecf4 ExtCreatePen
0xfbecf8 CreateSolidBrush
0xfbecfc CreateHatchBrush
0xfbed00 CopyMetaFileA
0xfbed04 CreateDCA
0xfbed08 SelectPalette
0xfbed0c CreateFontIndirectA
0xfbed10 SetRectRgn
0xfbed14 CombineRgn
0xfbed18 GetMapMode
0xfbed1c DPtoLP
0xfbed20 GetTextExtentPoint32A
0xfbed24 GetCharWidthA
0xfbed28 CreateFontA
0xfbed2c StretchDIBits
0xfbed30 GetTextMetricsA
0xfbed34 GetBkColor
0xfbed38 CreateBitmap
0xfbed3c GetStockObject
0xfbed40 CreatePatternBrush
0xfbed44 CreateDIBPatternBrushPt
0xfbed48 DeleteDC
0xfbed4c ExtSelectClipRgn
0xfbed50 SetViewportOrgEx
0xfbed54 PolyBezierTo
0xfbed58 PolylineTo
0xfbed5c PolyDraw
0xfbed60 ArcTo
0xfbed64 GetCurrentPositionEx
0xfbed68 ScaleWindowExtEx
0xfbed6c SetWindowExtEx
0xfbed70 OffsetWindowOrgEx
0xfbed74 SetWindowOrgEx
0xfbed78 ScaleViewportExtEx
0xfbed7c SetViewportExtEx
0xfbed80 GetDCOrgEx
0xfbed84 CreateCompatibleBitmap
0xfbed88 SelectObject
0xfbed8c Escape
0xfbed90 ExtTextOutA
0xfbed94 TextOutA
0xfbed98 RectVisible
0xfbed9c PtVisible
0xfbeda0 StartDocA
0xfbeda4 GetPixel
0xfbeda8 GetWindowExtEx
0xfbedac GetViewportExtEx
0xfbedb0 GetObjectA
0xfbedb4 SelectClipPath
0xfbedb8 CreateRectRgn
0xfbedbc GetClipRgn
0xfbedc0 SelectClipRgn
0xfbedc4 DeleteObject
0xfbedc8 SetColorAdjustment
0xfbedcc SetArcDirection
0xfbedd0 SetMapperFlags
0xfbedd4 SetTextCharacterExtra
0xfbedd8 SetTextJustification
0xfbeddc SetTextAlign
0xfbede0 MoveToEx
0xfbede4 LineTo
0xfbede8 OffsetClipRgn
0xfbedec IntersectClipRect
0xfbedf0 ExcludeClipRect
0xfbedf4 GetClipBox
0xfbedf8 SetMapMode
0xfbedfc ModifyWorldTransform
0xfbee00 SetWorldTransform
0xfbee04 SetGraphicsMode
0xfbee08 SetTextColor
0xfbee0c SetStretchBltMode
0xfbee10 SetROP2
0xfbee14 SetPolyFillMode
0xfbee18 SetBkMode
0xfbee1c SetBkColor
0xfbee20 RestoreDC
0xfbee24 SaveDC
0xfbee28 PatBlt
0xfbee2c CreateRectRgnIndirect
0xfbee30 BitBlt
0xfbee34 CreateCompatibleDC
0xfbee38 OffsetViewportOrgEx
COMDLG32.dll
0xfbecac GetFileTitleA
WINSPOOL.DRV
0xfbf6c0 DocumentPropertiesA
0xfbf6c4 OpenPrinterA
0xfbf6c8 ClosePrinter
ADVAPI32.dll
0xfbec30 RegDeleteValueA
0xfbec34 RegSetValueExA
0xfbec38 RegCreateKeyExA
0xfbec3c RegQueryValueA
0xfbec40 RegOpenKeyA
0xfbec44 RegEnumKeyA
0xfbec48 RegDeleteKeyA
0xfbec4c RegOpenKeyExA
0xfbec50 RegQueryValueExA
0xfbec54 RegSetValueA
0xfbec58 RegCloseKey
0xfbec5c OpenProcessToken
0xfbec60 GetLengthSid
0xfbec64 SetTokenInformation
0xfbec68 LookupPrivilegeValueA
0xfbec6c AdjustTokenPrivileges
0xfbec70 RegCreateKeyA
SHELL32.dll
0xfbf2f4 DragFinish
0xfbf2f8 ExtractIconA
0xfbf2fc SHGetFileInfoA
0xfbf300 DragQueryFileA
SHLWAPI.dll
0xfbf330 PathFindFileNameA
0xfbf334 PathStripToRootA
0xfbf338 PathIsUNCA
0xfbf33c PathFindExtensionA
0xfbf340 PathRemoveExtensionA
0xfbf344 PathRemoveFileSpecW
ole32.dll
0xfbf6f8 StringFromGUID2
0xfbf6fc OleDuplicateData
0xfbf700 CoTaskMemAlloc
0xfbf704 ReleaseStgMedium
0xfbf708 CreateBindCtx
0xfbf70c CoTreatAsClass
0xfbf710 StringFromCLSID
0xfbf714 ReadClassStg
0xfbf718 CoDisconnectObject
0xfbf71c OleRegGetUserType
0xfbf720 WriteClassStg
0xfbf724 WriteFmtUserTypeStg
0xfbf728 SetConvertStg
0xfbf72c CoTaskMemFree
0xfbf730 CoInitializeEx
0xfbf734 CoInitializeSecurity
0xfbf738 CoCreateInstance
0xfbf73c CLSIDFromString
0xfbf740 CoUninitialize
0xfbf744 ReadFmtUserTypeStg
OLEAUT32.dll
0xfbf1f8 SysAllocString
0xfbf1fc SysFreeString
0xfbf200 VariantInit
0xfbf204 VariantClear
0xfbf208 SysStringLen
0xfbf20c SysAllocStringByteLen
0xfbf210 SysStringByteLen
0xfbf214 VariantChangeType
0xfbf218 SysAllocStringLen
0xfbf21c RegisterTypeLib
0xfbf220 LoadTypeLib
0xfbf224 LoadRegTypeLib
0xfbf228 SafeArrayUnaccessData
0xfbf22c SafeArrayAccessData
0xfbf230 SafeArrayGetUBound
0xfbf234 SafeArrayGetLBound
0xfbf238 SafeArrayGetElemsize
0xfbf23c SafeArrayGetDim
0xfbf240 SafeArrayCreate
0xfbf244 SafeArrayRedim
0xfbf248 VariantCopy
0xfbf24c SafeArrayAllocData
0xfbf250 SafeArrayAllocDescriptor
0xfbf254 SafeArrayCopy
0xfbf258 SafeArrayGetElement
0xfbf25c SafeArrayPtrOfIndex
0xfbf260 SafeArrayPutElement
0xfbf264 SafeArrayLock
0xfbf268 SafeArrayUnlock
0xfbf26c SafeArrayDestroy
0xfbf270 SafeArrayDestroyData
0xfbf274 SafeArrayDestroyDescriptor
0xfbf278 VariantTimeToSystemTime
0xfbf27c SystemTimeToVariantTime
0xfbf280 SysReAllocStringLen
0xfbf284 VarDateFromStr
0xfbf288 VarBstrFromCy
0xfbf28c VarBstrFromDec
0xfbf290 VarDecFromStr
0xfbf294 VarCyFromStr
0xfbf298 VarBstrFromDate
0xfbf29c GetErrorInfo
0xfbf2a0 SetErrorInfo
0xfbf2a4 CreateErrorInfo
EAT(Export Address Table) is none