ScreenShot
| Created | 2023.09.06 07:42 | Machine | s1_win7_x6403 |
| Filename | Fnvtdhenapsfwu.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 32 detected (AIDetectMalware, Artemis, malicious, EBVR, Attribute, HighConfidence, high confidence, ModiLoader, Remcos, FileRepMalware, Infected, Outbreak, Wacatac, Detected, ZelphiF, lLW@amsC8Rpi, BScope, unsafe, Chgt, R002H0DI523, xJYR0O63t, Static AI, Suspicious PE, susgen, ESCX, confidence, 100%) | ||
| md5 | cffe529403460c6affe0f52c1e7de602 | ||
| sha256 | 56a3dc5c90ade897e349ba0fd0433770dcdda32b5bd2a1c6608b2af2f9b34c05 | ||
| ssdeep | 24576:ORTaL+A2f8Zhp8bYm1EnyWjkf0eFuPD+4m:gTaKsh | ||
| imphash | beefa6546dd4570bf21020f1082d8b97 | ||
| impfuzzy | 192:ot3MDbuupDSUvK9E+o1XEA+7RTG9eg1uTXeUPbOQH6:E3mpI9qIi1uCUPbOQa | ||
Network IP location
Signature (8cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 32 AntiVirus engines on VirusTotal as malicious |
| watch | Creates a windows hook that monitors keyboard input (keylogger) |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Performs some HTTP requests |
| info | Checks amount of memory in system |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (13cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (download) |
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (download) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | url_file_format | Microsoft Windows Internet Shortcut File Format | binaries (download) |
Network (6cnts) ?
Suricata ids
ET JA3 Hash - Remcos 3.x TLS Connection
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x513920 SysFreeString
0x513924 SysReAllocStringLen
0x513928 SysAllocStringLen
advapi32.dll
0x513930 RegQueryValueExA
0x513934 RegOpenKeyExA
0x513938 RegCloseKey
user32.dll
0x513940 GetKeyboardType
0x513944 DestroyWindow
0x513948 LoadStringA
0x51394c MessageBoxA
0x513950 CharNextA
kernel32.dll
0x513958 GetACP
0x51395c Sleep
0x513960 VirtualFree
0x513964 VirtualAlloc
0x513968 GetTickCount
0x51396c QueryPerformanceCounter
0x513970 GetCurrentThreadId
0x513974 InterlockedDecrement
0x513978 InterlockedIncrement
0x51397c VirtualQuery
0x513980 WideCharToMultiByte
0x513984 MultiByteToWideChar
0x513988 lstrlenA
0x51398c lstrcpynA
0x513990 LoadLibraryExA
0x513994 GetThreadLocale
0x513998 GetStartupInfoA
0x51399c GetProcAddress
0x5139a0 GetModuleHandleA
0x5139a4 GetModuleFileNameA
0x5139a8 GetLocaleInfoA
0x5139ac GetCommandLineA
0x5139b0 FreeLibrary
0x5139b4 FindFirstFileA
0x5139b8 FindClose
0x5139bc ExitProcess
0x5139c0 CompareStringA
0x5139c4 WriteFile
0x5139c8 UnhandledExceptionFilter
0x5139cc RtlUnwind
0x5139d0 RaiseException
0x5139d4 GetStdHandle
kernel32.dll
0x5139dc TlsSetValue
0x5139e0 TlsGetValue
0x5139e4 LocalAlloc
0x5139e8 GetModuleHandleA
user32.dll
0x5139f0 CreateWindowExA
0x5139f4 WindowFromPoint
0x5139f8 WaitMessage
0x5139fc UpdateWindow
0x513a00 UnregisterClassA
0x513a04 UnhookWindowsHookEx
0x513a08 TranslateMessage
0x513a0c TranslateMDISysAccel
0x513a10 TrackPopupMenu
0x513a14 SystemParametersInfoA
0x513a18 ShowWindow
0x513a1c ShowScrollBar
0x513a20 ShowOwnedPopups
0x513a24 ShowCursor
0x513a28 ShowCaret
0x513a2c SetWindowsHookExA
0x513a30 SetWindowPos
0x513a34 SetWindowPlacement
0x513a38 SetWindowLongW
0x513a3c SetWindowLongA
0x513a40 SetTimer
0x513a44 SetScrollRange
0x513a48 SetScrollPos
0x513a4c SetScrollInfo
0x513a50 SetRect
0x513a54 SetPropA
0x513a58 SetParent
0x513a5c SetMenuItemInfoA
0x513a60 SetMenu
0x513a64 SetForegroundWindow
0x513a68 SetFocus
0x513a6c SetCursor
0x513a70 SetClipboardData
0x513a74 SetClassLongA
0x513a78 SetCapture
0x513a7c SetActiveWindow
0x513a80 SendMessageW
0x513a84 SendMessageA
0x513a88 ScrollWindow
0x513a8c ScreenToClient
0x513a90 RemovePropA
0x513a94 RemoveMenu
0x513a98 ReleaseDC
0x513a9c ReleaseCapture
0x513aa0 RegisterWindowMessageA
0x513aa4 RegisterClipboardFormatA
0x513aa8 RegisterClassA
0x513aac RedrawWindow
0x513ab0 PtInRect
0x513ab4 PostQuitMessage
0x513ab8 PostMessageA
0x513abc PeekMessageW
0x513ac0 PeekMessageA
0x513ac4 OpenClipboard
0x513ac8 OffsetRect
0x513acc OemToCharA
0x513ad0 NotifyWinEvent
0x513ad4 MessageBoxA
0x513ad8 MessageBeep
0x513adc MapWindowPoints
0x513ae0 MapVirtualKeyA
0x513ae4 LoadStringA
0x513ae8 LoadKeyboardLayoutA
0x513aec LoadIconA
0x513af0 LoadCursorA
0x513af4 LoadBitmapA
0x513af8 KillTimer
0x513afc IsZoomed
0x513b00 IsWindowVisible
0x513b04 IsWindowUnicode
0x513b08 IsWindowEnabled
0x513b0c IsWindow
0x513b10 IsRectEmpty
0x513b14 IsMenu
0x513b18 IsIconic
0x513b1c IsDialogMessageW
0x513b20 IsDialogMessageA
0x513b24 IsChild
0x513b28 InvalidateRect
0x513b2c IntersectRect
0x513b30 InsertMenuItemA
0x513b34 InsertMenuA
0x513b38 InflateRect
0x513b3c HideCaret
0x513b40 GetWindowThreadProcessId
0x513b44 GetWindowTextA
0x513b48 GetWindowRect
0x513b4c GetWindowPlacement
0x513b50 GetWindowLongW
0x513b54 GetWindowLongA
0x513b58 GetWindowDC
0x513b5c GetTopWindow
0x513b60 GetSystemMetrics
0x513b64 GetSystemMenu
0x513b68 GetSysColorBrush
0x513b6c GetSysColor
0x513b70 GetSubMenu
0x513b74 GetScrollRange
0x513b78 GetScrollPos
0x513b7c GetScrollInfo
0x513b80 GetPropA
0x513b84 GetParent
0x513b88 GetWindow
0x513b8c GetMessagePos
0x513b90 GetMenuStringA
0x513b94 GetMenuState
0x513b98 GetMenuItemInfoA
0x513b9c GetMenuItemID
0x513ba0 GetMenuItemCount
0x513ba4 GetMenu
0x513ba8 GetLastActivePopup
0x513bac GetKeyboardState
0x513bb0 GetKeyboardLayoutNameA
0x513bb4 GetKeyboardLayoutList
0x513bb8 GetKeyboardLayout
0x513bbc GetKeyState
0x513bc0 GetKeyNameTextA
0x513bc4 GetIconInfo
0x513bc8 GetForegroundWindow
0x513bcc GetFocus
0x513bd0 GetDesktopWindow
0x513bd4 GetDCEx
0x513bd8 GetDC
0x513bdc GetCursorPos
0x513be0 GetCursor
0x513be4 GetClipboardData
0x513be8 GetClientRect
0x513bec GetClassLongA
0x513bf0 GetClassInfoA
0x513bf4 GetCapture
0x513bf8 GetActiveWindow
0x513bfc FrameRect
0x513c00 FindWindowA
0x513c04 FillRect
0x513c08 EqualRect
0x513c0c EnumWindows
0x513c10 EnumThreadWindows
0x513c14 EnumChildWindows
0x513c18 EndPaint
0x513c1c EnableWindow
0x513c20 EnableScrollBar
0x513c24 EnableMenuItem
0x513c28 EmptyClipboard
0x513c2c DrawTextA
0x513c30 DrawStateA
0x513c34 DrawMenuBar
0x513c38 DrawIconEx
0x513c3c DrawIcon
0x513c40 DrawFrameControl
0x513c44 DrawEdge
0x513c48 DispatchMessageW
0x513c4c DispatchMessageA
0x513c50 DestroyWindow
0x513c54 DestroyMenu
0x513c58 DestroyIcon
0x513c5c DestroyCursor
0x513c60 DeleteMenu
0x513c64 DefWindowProcA
0x513c68 DefMDIChildProcA
0x513c6c DefFrameProcA
0x513c70 CreatePopupMenu
0x513c74 CreateMenu
0x513c78 CreateIcon
0x513c7c CloseClipboard
0x513c80 ClientToScreen
0x513c84 CheckMenuItem
0x513c88 CharNextW
0x513c8c ChangeDisplaySettingsA
0x513c90 CallWindowProcA
0x513c94 CallNextHookEx
0x513c98 BeginPaint
0x513c9c CharNextA
0x513ca0 CharLowerBuffA
0x513ca4 CharLowerA
0x513ca8 CharUpperBuffA
0x513cac CharToOemA
0x513cb0 AdjustWindowRectEx
0x513cb4 ActivateKeyboardLayout
opengl32.dll
0x513cbc wglMakeCurrent
0x513cc0 wglDeleteContext
gdi32.dll
0x513cc8 UnrealizeObject
0x513ccc SwapBuffers
0x513cd0 StretchBlt
0x513cd4 SetWindowOrgEx
0x513cd8 SetWinMetaFileBits
0x513cdc SetViewportOrgEx
0x513ce0 SetTextColor
0x513ce4 SetStretchBltMode
0x513ce8 SetROP2
0x513cec SetPixel
0x513cf0 SetEnhMetaFileBits
0x513cf4 SetDIBColorTable
0x513cf8 SetBrushOrgEx
0x513cfc SetBkMode
0x513d00 SetBkColor
0x513d04 SelectPalette
0x513d08 SelectObject
0x513d0c SaveDC
0x513d10 RestoreDC
0x513d14 Rectangle
0x513d18 RectVisible
0x513d1c RealizePalette
0x513d20 Polyline
0x513d24 Polygon
0x513d28 PlayEnhMetaFile
0x513d2c PatBlt
0x513d30 MoveToEx
0x513d34 MaskBlt
0x513d38 LineTo
0x513d3c IntersectClipRect
0x513d40 GetWindowOrgEx
0x513d44 GetWinMetaFileBits
0x513d48 GetTextMetricsA
0x513d4c GetTextExtentPointA
0x513d50 GetTextExtentPoint32A
0x513d54 GetSystemPaletteEntries
0x513d58 GetStockObject
0x513d5c GetRgnBox
0x513d60 GetPixel
0x513d64 GetPaletteEntries
0x513d68 GetObjectA
0x513d6c GetEnhMetaFilePaletteEntries
0x513d70 GetEnhMetaFileHeader
0x513d74 GetEnhMetaFileBits
0x513d78 GetDeviceCaps
0x513d7c GetDIBits
0x513d80 GetDIBColorTable
0x513d84 GetDCOrgEx
0x513d88 GetCurrentPositionEx
0x513d8c GetClipBox
0x513d90 GetBrushOrgEx
0x513d94 GetBitmapBits
0x513d98 GdiFlush
0x513d9c ExcludeClipRect
0x513da0 DeleteObject
0x513da4 DeleteEnhMetaFile
0x513da8 DeleteDC
0x513dac CreateSolidBrush
0x513db0 CreatePenIndirect
0x513db4 CreatePalette
0x513db8 CreateHalftonePalette
0x513dbc CreateFontIndirectA
0x513dc0 CreateDIBitmap
0x513dc4 CreateDIBSection
0x513dc8 CreateCompatibleDC
0x513dcc CreateCompatibleBitmap
0x513dd0 CreateBrushIndirect
0x513dd4 CreateBitmap
0x513dd8 CopyEnhMetaFileA
0x513ddc BitBlt
version.dll
0x513de4 VerQueryValueA
0x513de8 GetFileVersionInfoSizeA
0x513dec GetFileVersionInfoA
kernel32.dll
0x513df4 lstrcpyA
0x513df8 WriteProcessMemory
0x513dfc WriteFile
0x513e00 WaitForSingleObject
0x513e04 VirtualQuery
0x513e08 VirtualProtectEx
0x513e0c VirtualProtect
0x513e10 VirtualAlloc
0x513e14 SizeofResource
0x513e18 SetThreadLocale
0x513e1c SetFilePointer
0x513e20 SetEvent
0x513e24 SetErrorMode
0x513e28 SetEndOfFile
0x513e2c ResetEvent
0x513e30 ReadFile
0x513e34 MultiByteToWideChar
0x513e38 MulDiv
0x513e3c LockResource
0x513e40 LoadResource
0x513e44 LoadLibraryExA
0x513e48 LoadLibraryA
0x513e4c LeaveCriticalSection
0x513e50 IsBadReadPtr
0x513e54 InitializeCriticalSection
0x513e58 GlobalUnlock
0x513e5c GlobalLock
0x513e60 GlobalFree
0x513e64 GlobalFindAtomA
0x513e68 GlobalDeleteAtom
0x513e6c GlobalAlloc
0x513e70 GlobalAddAtomA
0x513e74 GetVersionExA
0x513e78 GetVersion
0x513e7c GetTickCount
0x513e80 GetThreadLocale
0x513e84 GetStdHandle
0x513e88 GetProcAddress
0x513e8c GetModuleHandleW
0x513e90 GetModuleHandleA
0x513e94 GetModuleFileNameA
0x513e98 GetLocaleInfoA
0x513e9c GetLocalTime
0x513ea0 GetLastError
0x513ea4 GetFullPathNameA
0x513ea8 GetFileAttributesA
0x513eac GetDiskFreeSpaceA
0x513eb0 GetDateFormatA
0x513eb4 GetCurrentThreadId
0x513eb8 GetCurrentProcessId
0x513ebc GetCurrentProcess
0x513ec0 GetCPInfo
0x513ec4 FreeResource
0x513ec8 InterlockedExchange
0x513ecc FreeLibrary
0x513ed0 FormatMessageA
0x513ed4 FindResourceA
0x513ed8 EnumCalendarInfoA
0x513edc EnterCriticalSection
0x513ee0 DeleteFileA
0x513ee4 DeleteCriticalSection
0x513ee8 CreateThread
0x513eec CreateFileA
0x513ef0 CreateEventA
0x513ef4 CompareStringA
0x513ef8 CloseHandle
advapi32.dll
0x513f00 RegQueryValueExA
0x513f04 RegOpenKeyExA
0x513f08 RegFlushKey
0x513f0c RegCloseKey
glu32.dll
0x513f14 gluDisk
0x513f18 gluCylinder
opengl32.dll
0x513f20 glVertex3f
0x513f24 glTranslatef
0x513f28 glRotatef
0x513f2c glPushMatrix
0x513f30 glPopMatrix
0x513f34 glPolygonMode
0x513f38 glNormal3f
0x513f3c glLoadIdentity
0x513f40 glEnd
0x513f44 glEnable
0x513f48 glDisable
0x513f4c glColor3f
0x513f50 glClear
0x513f54 glCallList
0x513f58 glBegin
oleaut32.dll
0x513f60 GetErrorInfo
0x513f64 VariantInit
0x513f68 SysFreeString
ole32.dll
0x513f70 CoUninitialize
0x513f74 CoInitialize
kernel32.dll
0x513f7c Sleep
oleaut32.dll
0x513f84 SafeArrayPtrOfIndex
0x513f88 SafeArrayPutElement
0x513f8c SafeArrayGetElement
0x513f90 SafeArrayUnaccessData
0x513f94 SafeArrayAccessData
0x513f98 SafeArrayGetUBound
0x513f9c SafeArrayGetLBound
0x513fa0 SafeArrayCreate
0x513fa4 VariantChangeType
0x513fa8 VariantCopyInd
0x513fac VariantCopy
0x513fb0 VariantClear
0x513fb4 VariantInit
comctl32.dll
0x513fbc _TrackMouseEvent
0x513fc0 ImageList_SetIconSize
0x513fc4 ImageList_GetIconSize
0x513fc8 ImageList_Write
0x513fcc ImageList_Read
0x513fd0 ImageList_GetDragImage
0x513fd4 ImageList_DragShowNolock
0x513fd8 ImageList_DragMove
0x513fdc ImageList_DragLeave
0x513fe0 ImageList_DragEnter
0x513fe4 ImageList_EndDrag
0x513fe8 ImageList_BeginDrag
0x513fec ImageList_Remove
0x513ff0 ImageList_DrawEx
0x513ff4 ImageList_Replace
0x513ff8 ImageList_Draw
0x513ffc ImageList_GetBkColor
0x514000 ImageList_SetBkColor
0x514004 ImageList_Add
0x514008 ImageList_GetImageCount
0x51400c ImageList_Destroy
0x514010 ImageList_Create
ntdll
0x514018 NtAllocateVirtualMemory
oleacc.dll
0x514020 LresultFromObject
winmm.dll
0x514028 sndPlaySoundA
advapi32
0x514030 GetTokenInformation
ntdll
0x514038 NtWriteVirtualMemory
0x51403c NtProtectVirtualMemory
uRL
0x514044 TelnetProtocolHandler
EAT(Export Address Table) is none
oleaut32.dll
0x513920 SysFreeString
0x513924 SysReAllocStringLen
0x513928 SysAllocStringLen
advapi32.dll
0x513930 RegQueryValueExA
0x513934 RegOpenKeyExA
0x513938 RegCloseKey
user32.dll
0x513940 GetKeyboardType
0x513944 DestroyWindow
0x513948 LoadStringA
0x51394c MessageBoxA
0x513950 CharNextA
kernel32.dll
0x513958 GetACP
0x51395c Sleep
0x513960 VirtualFree
0x513964 VirtualAlloc
0x513968 GetTickCount
0x51396c QueryPerformanceCounter
0x513970 GetCurrentThreadId
0x513974 InterlockedDecrement
0x513978 InterlockedIncrement
0x51397c VirtualQuery
0x513980 WideCharToMultiByte
0x513984 MultiByteToWideChar
0x513988 lstrlenA
0x51398c lstrcpynA
0x513990 LoadLibraryExA
0x513994 GetThreadLocale
0x513998 GetStartupInfoA
0x51399c GetProcAddress
0x5139a0 GetModuleHandleA
0x5139a4 GetModuleFileNameA
0x5139a8 GetLocaleInfoA
0x5139ac GetCommandLineA
0x5139b0 FreeLibrary
0x5139b4 FindFirstFileA
0x5139b8 FindClose
0x5139bc ExitProcess
0x5139c0 CompareStringA
0x5139c4 WriteFile
0x5139c8 UnhandledExceptionFilter
0x5139cc RtlUnwind
0x5139d0 RaiseException
0x5139d4 GetStdHandle
kernel32.dll
0x5139dc TlsSetValue
0x5139e0 TlsGetValue
0x5139e4 LocalAlloc
0x5139e8 GetModuleHandleA
user32.dll
0x5139f0 CreateWindowExA
0x5139f4 WindowFromPoint
0x5139f8 WaitMessage
0x5139fc UpdateWindow
0x513a00 UnregisterClassA
0x513a04 UnhookWindowsHookEx
0x513a08 TranslateMessage
0x513a0c TranslateMDISysAccel
0x513a10 TrackPopupMenu
0x513a14 SystemParametersInfoA
0x513a18 ShowWindow
0x513a1c ShowScrollBar
0x513a20 ShowOwnedPopups
0x513a24 ShowCursor
0x513a28 ShowCaret
0x513a2c SetWindowsHookExA
0x513a30 SetWindowPos
0x513a34 SetWindowPlacement
0x513a38 SetWindowLongW
0x513a3c SetWindowLongA
0x513a40 SetTimer
0x513a44 SetScrollRange
0x513a48 SetScrollPos
0x513a4c SetScrollInfo
0x513a50 SetRect
0x513a54 SetPropA
0x513a58 SetParent
0x513a5c SetMenuItemInfoA
0x513a60 SetMenu
0x513a64 SetForegroundWindow
0x513a68 SetFocus
0x513a6c SetCursor
0x513a70 SetClipboardData
0x513a74 SetClassLongA
0x513a78 SetCapture
0x513a7c SetActiveWindow
0x513a80 SendMessageW
0x513a84 SendMessageA
0x513a88 ScrollWindow
0x513a8c ScreenToClient
0x513a90 RemovePropA
0x513a94 RemoveMenu
0x513a98 ReleaseDC
0x513a9c ReleaseCapture
0x513aa0 RegisterWindowMessageA
0x513aa4 RegisterClipboardFormatA
0x513aa8 RegisterClassA
0x513aac RedrawWindow
0x513ab0 PtInRect
0x513ab4 PostQuitMessage
0x513ab8 PostMessageA
0x513abc PeekMessageW
0x513ac0 PeekMessageA
0x513ac4 OpenClipboard
0x513ac8 OffsetRect
0x513acc OemToCharA
0x513ad0 NotifyWinEvent
0x513ad4 MessageBoxA
0x513ad8 MessageBeep
0x513adc MapWindowPoints
0x513ae0 MapVirtualKeyA
0x513ae4 LoadStringA
0x513ae8 LoadKeyboardLayoutA
0x513aec LoadIconA
0x513af0 LoadCursorA
0x513af4 LoadBitmapA
0x513af8 KillTimer
0x513afc IsZoomed
0x513b00 IsWindowVisible
0x513b04 IsWindowUnicode
0x513b08 IsWindowEnabled
0x513b0c IsWindow
0x513b10 IsRectEmpty
0x513b14 IsMenu
0x513b18 IsIconic
0x513b1c IsDialogMessageW
0x513b20 IsDialogMessageA
0x513b24 IsChild
0x513b28 InvalidateRect
0x513b2c IntersectRect
0x513b30 InsertMenuItemA
0x513b34 InsertMenuA
0x513b38 InflateRect
0x513b3c HideCaret
0x513b40 GetWindowThreadProcessId
0x513b44 GetWindowTextA
0x513b48 GetWindowRect
0x513b4c GetWindowPlacement
0x513b50 GetWindowLongW
0x513b54 GetWindowLongA
0x513b58 GetWindowDC
0x513b5c GetTopWindow
0x513b60 GetSystemMetrics
0x513b64 GetSystemMenu
0x513b68 GetSysColorBrush
0x513b6c GetSysColor
0x513b70 GetSubMenu
0x513b74 GetScrollRange
0x513b78 GetScrollPos
0x513b7c GetScrollInfo
0x513b80 GetPropA
0x513b84 GetParent
0x513b88 GetWindow
0x513b8c GetMessagePos
0x513b90 GetMenuStringA
0x513b94 GetMenuState
0x513b98 GetMenuItemInfoA
0x513b9c GetMenuItemID
0x513ba0 GetMenuItemCount
0x513ba4 GetMenu
0x513ba8 GetLastActivePopup
0x513bac GetKeyboardState
0x513bb0 GetKeyboardLayoutNameA
0x513bb4 GetKeyboardLayoutList
0x513bb8 GetKeyboardLayout
0x513bbc GetKeyState
0x513bc0 GetKeyNameTextA
0x513bc4 GetIconInfo
0x513bc8 GetForegroundWindow
0x513bcc GetFocus
0x513bd0 GetDesktopWindow
0x513bd4 GetDCEx
0x513bd8 GetDC
0x513bdc GetCursorPos
0x513be0 GetCursor
0x513be4 GetClipboardData
0x513be8 GetClientRect
0x513bec GetClassLongA
0x513bf0 GetClassInfoA
0x513bf4 GetCapture
0x513bf8 GetActiveWindow
0x513bfc FrameRect
0x513c00 FindWindowA
0x513c04 FillRect
0x513c08 EqualRect
0x513c0c EnumWindows
0x513c10 EnumThreadWindows
0x513c14 EnumChildWindows
0x513c18 EndPaint
0x513c1c EnableWindow
0x513c20 EnableScrollBar
0x513c24 EnableMenuItem
0x513c28 EmptyClipboard
0x513c2c DrawTextA
0x513c30 DrawStateA
0x513c34 DrawMenuBar
0x513c38 DrawIconEx
0x513c3c DrawIcon
0x513c40 DrawFrameControl
0x513c44 DrawEdge
0x513c48 DispatchMessageW
0x513c4c DispatchMessageA
0x513c50 DestroyWindow
0x513c54 DestroyMenu
0x513c58 DestroyIcon
0x513c5c DestroyCursor
0x513c60 DeleteMenu
0x513c64 DefWindowProcA
0x513c68 DefMDIChildProcA
0x513c6c DefFrameProcA
0x513c70 CreatePopupMenu
0x513c74 CreateMenu
0x513c78 CreateIcon
0x513c7c CloseClipboard
0x513c80 ClientToScreen
0x513c84 CheckMenuItem
0x513c88 CharNextW
0x513c8c ChangeDisplaySettingsA
0x513c90 CallWindowProcA
0x513c94 CallNextHookEx
0x513c98 BeginPaint
0x513c9c CharNextA
0x513ca0 CharLowerBuffA
0x513ca4 CharLowerA
0x513ca8 CharUpperBuffA
0x513cac CharToOemA
0x513cb0 AdjustWindowRectEx
0x513cb4 ActivateKeyboardLayout
opengl32.dll
0x513cbc wglMakeCurrent
0x513cc0 wglDeleteContext
gdi32.dll
0x513cc8 UnrealizeObject
0x513ccc SwapBuffers
0x513cd0 StretchBlt
0x513cd4 SetWindowOrgEx
0x513cd8 SetWinMetaFileBits
0x513cdc SetViewportOrgEx
0x513ce0 SetTextColor
0x513ce4 SetStretchBltMode
0x513ce8 SetROP2
0x513cec SetPixel
0x513cf0 SetEnhMetaFileBits
0x513cf4 SetDIBColorTable
0x513cf8 SetBrushOrgEx
0x513cfc SetBkMode
0x513d00 SetBkColor
0x513d04 SelectPalette
0x513d08 SelectObject
0x513d0c SaveDC
0x513d10 RestoreDC
0x513d14 Rectangle
0x513d18 RectVisible
0x513d1c RealizePalette
0x513d20 Polyline
0x513d24 Polygon
0x513d28 PlayEnhMetaFile
0x513d2c PatBlt
0x513d30 MoveToEx
0x513d34 MaskBlt
0x513d38 LineTo
0x513d3c IntersectClipRect
0x513d40 GetWindowOrgEx
0x513d44 GetWinMetaFileBits
0x513d48 GetTextMetricsA
0x513d4c GetTextExtentPointA
0x513d50 GetTextExtentPoint32A
0x513d54 GetSystemPaletteEntries
0x513d58 GetStockObject
0x513d5c GetRgnBox
0x513d60 GetPixel
0x513d64 GetPaletteEntries
0x513d68 GetObjectA
0x513d6c GetEnhMetaFilePaletteEntries
0x513d70 GetEnhMetaFileHeader
0x513d74 GetEnhMetaFileBits
0x513d78 GetDeviceCaps
0x513d7c GetDIBits
0x513d80 GetDIBColorTable
0x513d84 GetDCOrgEx
0x513d88 GetCurrentPositionEx
0x513d8c GetClipBox
0x513d90 GetBrushOrgEx
0x513d94 GetBitmapBits
0x513d98 GdiFlush
0x513d9c ExcludeClipRect
0x513da0 DeleteObject
0x513da4 DeleteEnhMetaFile
0x513da8 DeleteDC
0x513dac CreateSolidBrush
0x513db0 CreatePenIndirect
0x513db4 CreatePalette
0x513db8 CreateHalftonePalette
0x513dbc CreateFontIndirectA
0x513dc0 CreateDIBitmap
0x513dc4 CreateDIBSection
0x513dc8 CreateCompatibleDC
0x513dcc CreateCompatibleBitmap
0x513dd0 CreateBrushIndirect
0x513dd4 CreateBitmap
0x513dd8 CopyEnhMetaFileA
0x513ddc BitBlt
version.dll
0x513de4 VerQueryValueA
0x513de8 GetFileVersionInfoSizeA
0x513dec GetFileVersionInfoA
kernel32.dll
0x513df4 lstrcpyA
0x513df8 WriteProcessMemory
0x513dfc WriteFile
0x513e00 WaitForSingleObject
0x513e04 VirtualQuery
0x513e08 VirtualProtectEx
0x513e0c VirtualProtect
0x513e10 VirtualAlloc
0x513e14 SizeofResource
0x513e18 SetThreadLocale
0x513e1c SetFilePointer
0x513e20 SetEvent
0x513e24 SetErrorMode
0x513e28 SetEndOfFile
0x513e2c ResetEvent
0x513e30 ReadFile
0x513e34 MultiByteToWideChar
0x513e38 MulDiv
0x513e3c LockResource
0x513e40 LoadResource
0x513e44 LoadLibraryExA
0x513e48 LoadLibraryA
0x513e4c LeaveCriticalSection
0x513e50 IsBadReadPtr
0x513e54 InitializeCriticalSection
0x513e58 GlobalUnlock
0x513e5c GlobalLock
0x513e60 GlobalFree
0x513e64 GlobalFindAtomA
0x513e68 GlobalDeleteAtom
0x513e6c GlobalAlloc
0x513e70 GlobalAddAtomA
0x513e74 GetVersionExA
0x513e78 GetVersion
0x513e7c GetTickCount
0x513e80 GetThreadLocale
0x513e84 GetStdHandle
0x513e88 GetProcAddress
0x513e8c GetModuleHandleW
0x513e90 GetModuleHandleA
0x513e94 GetModuleFileNameA
0x513e98 GetLocaleInfoA
0x513e9c GetLocalTime
0x513ea0 GetLastError
0x513ea4 GetFullPathNameA
0x513ea8 GetFileAttributesA
0x513eac GetDiskFreeSpaceA
0x513eb0 GetDateFormatA
0x513eb4 GetCurrentThreadId
0x513eb8 GetCurrentProcessId
0x513ebc GetCurrentProcess
0x513ec0 GetCPInfo
0x513ec4 FreeResource
0x513ec8 InterlockedExchange
0x513ecc FreeLibrary
0x513ed0 FormatMessageA
0x513ed4 FindResourceA
0x513ed8 EnumCalendarInfoA
0x513edc EnterCriticalSection
0x513ee0 DeleteFileA
0x513ee4 DeleteCriticalSection
0x513ee8 CreateThread
0x513eec CreateFileA
0x513ef0 CreateEventA
0x513ef4 CompareStringA
0x513ef8 CloseHandle
advapi32.dll
0x513f00 RegQueryValueExA
0x513f04 RegOpenKeyExA
0x513f08 RegFlushKey
0x513f0c RegCloseKey
glu32.dll
0x513f14 gluDisk
0x513f18 gluCylinder
opengl32.dll
0x513f20 glVertex3f
0x513f24 glTranslatef
0x513f28 glRotatef
0x513f2c glPushMatrix
0x513f30 glPopMatrix
0x513f34 glPolygonMode
0x513f38 glNormal3f
0x513f3c glLoadIdentity
0x513f40 glEnd
0x513f44 glEnable
0x513f48 glDisable
0x513f4c glColor3f
0x513f50 glClear
0x513f54 glCallList
0x513f58 glBegin
oleaut32.dll
0x513f60 GetErrorInfo
0x513f64 VariantInit
0x513f68 SysFreeString
ole32.dll
0x513f70 CoUninitialize
0x513f74 CoInitialize
kernel32.dll
0x513f7c Sleep
oleaut32.dll
0x513f84 SafeArrayPtrOfIndex
0x513f88 SafeArrayPutElement
0x513f8c SafeArrayGetElement
0x513f90 SafeArrayUnaccessData
0x513f94 SafeArrayAccessData
0x513f98 SafeArrayGetUBound
0x513f9c SafeArrayGetLBound
0x513fa0 SafeArrayCreate
0x513fa4 VariantChangeType
0x513fa8 VariantCopyInd
0x513fac VariantCopy
0x513fb0 VariantClear
0x513fb4 VariantInit
comctl32.dll
0x513fbc _TrackMouseEvent
0x513fc0 ImageList_SetIconSize
0x513fc4 ImageList_GetIconSize
0x513fc8 ImageList_Write
0x513fcc ImageList_Read
0x513fd0 ImageList_GetDragImage
0x513fd4 ImageList_DragShowNolock
0x513fd8 ImageList_DragMove
0x513fdc ImageList_DragLeave
0x513fe0 ImageList_DragEnter
0x513fe4 ImageList_EndDrag
0x513fe8 ImageList_BeginDrag
0x513fec ImageList_Remove
0x513ff0 ImageList_DrawEx
0x513ff4 ImageList_Replace
0x513ff8 ImageList_Draw
0x513ffc ImageList_GetBkColor
0x514000 ImageList_SetBkColor
0x514004 ImageList_Add
0x514008 ImageList_GetImageCount
0x51400c ImageList_Destroy
0x514010 ImageList_Create
ntdll
0x514018 NtAllocateVirtualMemory
oleacc.dll
0x514020 LresultFromObject
winmm.dll
0x514028 sndPlaySoundA
advapi32
0x514030 GetTokenInformation
ntdll
0x514038 NtWriteVirtualMemory
0x51403c NtProtectVirtualMemory
uRL
0x514044 TelnetProtocolHandler
EAT(Export Address Table) is none