ScreenShot
| Created | 2023.09.15 07:52 | Machine | s1_win7_x6401 |
| Filename | desktopditor.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 297dc90d62648d3f034db5ebb2e583f7 | ||
| sha256 | bdd8f37906415bcb5b8b541376358b07517afea5cefd379b279f75155a4cdb1a | ||
| ssdeep | 49152:z8yrd6DUAUw45Id0f1uN1SMOiHxcGbNqpxDKbLT6x7HvGRZx:QyYUAUw45INZHxHkdKeG9 | ||
| imphash | b94eccd5d977b94e2c3f084d2f0a688e | ||
| impfuzzy | 192:LFAWQsmSGL/cWXYsCm7+FsUqyogcPOQ6aYjYWr27:BAnsmSMEsmzsPOQ6zjYt | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| info | Checks amount of memory in system |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x68d11c lstrcmpA
0x68d120 WriteConsoleW
0x68d124 AttachConsole
0x68d128 FreeConsole
0x68d12c MultiByteToWideChar
0x68d130 SystemTimeToFileTime
0x68d134 lstrlenW
0x68d138 SetThreadPriority
0x68d13c lstrcpyA
0x68d140 IsBadReadPtr
0x68d144 lstrcmpiW
0x68d148 LocalFree
0x68d14c LoadLibraryExW
0x68d150 GetProcAddress
0x68d154 GetModuleHandleW
0x68d158 IsBadWritePtr
0x68d15c GlobalSize
0x68d160 SetFilePointer
0x68d164 DuplicateHandle
0x68d168 SetCriticalSectionSpinCount
0x68d16c EnumSystemLocalesEx
0x68d170 LocaleNameToLCID
0x68d174 TryAcquireSRWLockShared
0x68d178 TryAcquireSRWLockExclusive
0x68d17c AcquireSRWLockShared
0x68d180 ReleaseSRWLockShared
0x68d184 CreateFileMappingW
0x68d188 MoveFileW
0x68d18c GetOverlappedResult
0x68d190 GetModuleFileNameW
0x68d194 FreeLibrary
0x68d198 GetSystemTime
0x68d19c CloseHandle
0x68d1a0 GetStdHandle
0x68d1a4 InitializeCriticalSectionEx
0x68d1a8 GetLastError
0x68d1ac RaiseException
0x68d1b0 DecodePointer
0x68d1b4 GetUserDefaultLangID
0x68d1b8 GetLocaleInfoW
0x68d1bc GlobalFree
0x68d1c0 GlobalLock
0x68d1c4 GlobalUnlock
0x68d1c8 GlobalAlloc
0x68d1cc FindResourceW
0x68d1d0 VirtualAlloc
0x68d1d4 VirtualFree
0x68d1d8 InitializeCriticalSection
0x68d1dc GetModuleHandleA
0x68d1e0 FormatMessageA
0x68d1e4 FormatMessageW
0x68d1e8 WideCharToMultiByte
0x68d1ec ReleaseMutex
0x68d1f0 WaitForSingleObject
0x68d1f4 CreateMutexA
0x68d1f8 GetCurrentProcessId
0x68d1fc GetSystemInfo
0x68d200 MapViewOfFile
0x68d204 UnmapViewOfFile
0x68d208 CreateFileMappingA
0x68d20c GetNumberFormatW
0x68d210 GetCurrentProcess
0x68d214 GetVersionExA
0x68d218 VirtualQuery
0x68d21c CreateDirectoryW
0x68d220 DeleteFileW
0x68d224 FindClose
0x68d228 FindFirstFileW
0x68d22c FindNextFileW
0x68d230 SizeofResource
0x68d234 RemoveDirectoryW
0x68d238 GetTempPathW
0x68d23c CreateMutexW
0x68d240 GetCurrentThread
0x68d244 GetSystemTimeAsFileTime
0x68d248 SystemTimeToTzSpecificLocalTime
0x68d24c FileTimeToSystemTime
0x68d250 GetTimeZoneInformation
0x68d254 GetDateFormatW
0x68d258 GetTimeFormatW
0x68d25c CompareStringW
0x68d260 QueryPerformanceCounter
0x68d264 lstrlenA
0x68d268 MulDiv
0x68d26c SetLastError
0x68d270 GetTickCount
0x68d274 FileTimeToDosDateTime
0x68d278 GetComputerNameExW
0x68d27c ExpandEnvironmentStringsW
0x68d280 SetFileAttributesW
0x68d284 Sleep
0x68d288 CopyFileExW
0x68d28c GetDiskFreeSpaceExW
0x68d290 GetFileTime
0x68d294 GetTempFileNameW
0x68d298 SetFileTime
0x68d29c CopyFileW
0x68d2a0 MoveFileExW
0x68d2a4 FileTimeToLocalFileTime
0x68d2a8 DosDateTimeToFileTime
0x68d2ac LoadLibraryW
0x68d2b0 TryEnterCriticalSection
0x68d2b4 SetEvent
0x68d2b8 ResetEvent
0x68d2bc CreateEventW
0x68d2c0 WaitForMultipleObjects
0x68d2c4 GlobalReAlloc
0x68d2c8 FindResourceExW
0x68d2cc lstrcmpW
0x68d2d0 CompareFileTime
0x68d2d4 CreateFileW
0x68d2d8 GetFileSizeEx
0x68d2dc ReadFile
0x68d2e0 SetEndOfFile
0x68d2e4 WriteFile
0x68d2e8 IsDebuggerPresent
0x68d2ec OutputDebugStringW
0x68d2f0 EncodePointer
0x68d2f4 InitializeSListHead
0x68d2f8 InterlockedPopEntrySList
0x68d2fc InterlockedPushEntrySList
0x68d300 FlushInstructionCache
0x68d304 IsProcessorFeaturePresent
0x68d308 LoadLibraryExA
0x68d30c GetStringTypeW
0x68d310 WaitForSingleObjectEx
0x68d314 InitializeSRWLock
0x68d318 ReleaseSRWLockExclusive
0x68d31c AcquireSRWLockExclusive
0x68d320 InitializeConditionVariable
0x68d324 WakeConditionVariable
0x68d328 WakeAllConditionVariable
0x68d32c SleepConditionVariableCS
0x68d330 SleepConditionVariableSRW
0x68d334 GetCPInfo
0x68d338 QueryPerformanceFrequency
0x68d33c UnhandledExceptionFilter
0x68d340 SetUnhandledExceptionFilter
0x68d344 TerminateProcess
0x68d348 GetStartupInfoW
0x68d34c RtlUnwind
0x68d350 TlsAlloc
0x68d354 TlsGetValue
0x68d358 TlsSetValue
0x68d35c TlsFree
0x68d360 CreateThread
0x68d364 ExitThread
0x68d368 FreeLibraryAndExitThread
0x68d36c GetModuleHandleExW
0x68d370 VirtualProtect
0x68d374 ExitProcess
0x68d378 GetFileType
0x68d37c LCMapStringW
0x68d380 SetFilePointerEx
0x68d384 FindFirstFileExW
0x68d388 IsValidCodePage
0x68d38c GetACP
0x68d390 GetOEMCP
0x68d394 GetCommandLineA
0x68d398 GetCommandLineW
0x68d39c GetEnvironmentStringsW
0x68d3a0 FreeEnvironmentStringsW
0x68d3a4 SetEnvironmentVariableW
0x68d3a8 SetStdHandle
0x68d3ac FlushFileBuffers
0x68d3b0 GetConsoleOutputCP
0x68d3b4 GetConsoleMode
0x68d3b8 ReadConsoleW
0x68d3bc LockResource
0x68d3c0 LoadResource
0x68d3c4 FreeResource
0x68d3c8 GetCurrentThreadId
0x68d3cc DeleteCriticalSection
0x68d3d0 InitializeCriticalSectionAndSpinCount
0x68d3d4 LeaveCriticalSection
0x68d3d8 EnterCriticalSection
0x68d3dc GetProcessHeap
0x68d3e0 HeapSize
0x68d3e4 HeapFree
0x68d3e8 HeapReAlloc
0x68d3ec HeapAlloc
0x68d3f0 GetFileAttributesW
0x68d3f4 HeapDestroy
USER32.dll
0x68d4a4 EmptyClipboard
0x68d4a8 SetClipboardData
0x68d4ac CloseClipboard
0x68d4b0 OpenClipboard
0x68d4b4 wsprintfW
0x68d4b8 PeekMessageW
0x68d4bc GetMessageW
0x68d4c0 InsertMenuW
0x68d4c4 GetSubMenu
0x68d4c8 UnregisterClassW
0x68d4cc DefWindowProcW
0x68d4d0 DestroyWindow
0x68d4d4 CharNextW
0x68d4d8 DestroyMenu
0x68d4dc CreatePopupMenu
0x68d4e0 LoadMenuW
0x68d4e4 MessageBoxW
0x68d4e8 FillRect
0x68d4ec SetCursor
0x68d4f0 GetSystemMetrics
0x68d4f4 IsWindowEnabled
0x68d4f8 ScreenToClient
0x68d4fc ClientToScreen
0x68d500 TrackPopupMenu
0x68d504 RedrawWindow
0x68d508 InvalidateRect
0x68d50c LoadCursorW
0x68d510 BeginPaint
0x68d514 ReleaseDC
0x68d518 GetWindowDC
0x68d51c GetDC
0x68d520 TrackPopupMenuEx
0x68d524 SetFocus
0x68d528 LoadImageW
0x68d52c wsprintfA
0x68d530 DialogBoxParamW
0x68d534 SetWindowLongW
0x68d538 GetDesktopWindow
0x68d53c IsWindow
0x68d540 EndDialog
0x68d544 IsWindowVisible
0x68d548 MoveWindow
0x68d54c ShowWindow
0x68d550 CreateWindowExW
0x68d554 GetClassInfoExW
0x68d558 RegisterClassExW
0x68d55c CallWindowProcW
0x68d560 PostMessageW
0x68d564 GetMonitorInfoW
0x68d568 MonitorFromWindow
0x68d56c GetWindow
0x68d570 GetParent
0x68d574 GetWindowLongW
0x68d578 MapWindowPoints
0x68d57c GetWindowRect
0x68d580 GetClientRect
0x68d584 SetWindowTextW
0x68d588 GetSysColorBrush
0x68d58c GetSysColor
0x68d590 SetMenuDefaultItem
0x68d594 GetDlgCtrlID
0x68d598 EnableWindow
0x68d59c SetForegroundWindow
0x68d5a0 MonitorFromPoint
0x68d5a4 DrawIconEx
0x68d5a8 DestroyIcon
0x68d5ac CheckMenuRadioItem
0x68d5b0 GetClassLongW
0x68d5b4 OffsetRect
0x68d5b8 IsClipboardFormatAvailable
0x68d5bc RegisterClipboardFormatW
0x68d5c0 GetClipboardData
0x68d5c4 CharLowerBuffA
0x68d5c8 InflateRect
0x68d5cc EndPaint
0x68d5d0 GetDlgItem
0x68d5d4 SetWindowPos
0x68d5d8 SendMessageW
0x68d5dc CopyRect
0x68d5e0 GetActiveWindow
0x68d5e4 IntersectRect
0x68d5e8 PostThreadMessageW
ADVAPI32.dll
0x68d000 RegEnumValueW
0x68d004 LsaLookupNames2
0x68d008 RegSetValueExW
0x68d00c RegQueryInfoKeyW
0x68d010 RegOpenKeyExW
0x68d014 RegEnumKeyExW
0x68d018 RegDeleteValueW
0x68d01c RegDeleteKeyW
0x68d020 RegCreateKeyExW
0x68d024 RegCloseKey
0x68d028 InitializeSecurityDescriptor
0x68d02c SetSecurityDescriptorDacl
0x68d030 OpenProcessToken
0x68d034 OpenThreadToken
0x68d038 GetSidIdentifierAuthority
0x68d03c GetSidSubAuthority
0x68d040 GetTokenInformation
0x68d044 RegQueryValueExW
0x68d048 RegDeleteTreeW
0x68d04c RegSetValueExA
0x68d050 GetLengthSid
0x68d054 LsaFreeMemory
0x68d058 LsaClose
0x68d05c LsaOpenPolicy
SHELL32.dll
0x68d460 SHGetFolderPathW
0x68d464 SHBrowseForFolderW
0x68d468 SHGetPathFromIDListW
0x68d46c SHFileOperationW
0x68d470 None
0x68d474 SHGetFileInfoW
0x68d478 CommandLineToArgvW
ole32.dll
0x68d680 CoTaskMemFree
0x68d684 CoInitialize
0x68d688 CoSetProxyBlanket
0x68d68c CoInitializeEx
0x68d690 IIDFromString
0x68d694 CreateStreamOnHGlobal
0x68d698 CoGetApartmentType
0x68d69c CoCreateGuid
0x68d6a0 CoInitializeSecurity
0x68d6a4 OleRun
0x68d6a8 CLSIDFromProgID
0x68d6ac GetHGlobalFromStream
0x68d6b0 CoUninitialize
0x68d6b4 CoCreateInstance
0x68d6b8 CoTaskMemAlloc
0x68d6bc StringFromGUID2
0x68d6c0 CoTaskMemRealloc
OLEAUT32.dll
0x68d3fc SafeArrayUnaccessData
0x68d400 GetErrorInfo
0x68d404 VarDecCmp
0x68d408 VarDecFromStr
0x68d40c VarDateFromStr
0x68d410 VarR8FromStr
0x68d414 VarI4FromStr
0x68d418 SysStringByteLen
0x68d41c SysAllocStringLen
0x68d420 SysAllocStringByteLen
0x68d424 LoadRegTypeLib
0x68d428 LoadTypeLib
0x68d42c VariantChangeType
0x68d430 VariantCopy
0x68d434 VariantClear
0x68d438 VariantInit
0x68d43c SysStringLen
0x68d440 SafeArrayAccessData
0x68d444 VarUI4FromStr
0x68d448 SysFreeString
0x68d44c VariantCopyInd
0x68d450 SysAllocString
SHLWAPI.dll
0x68d480 PathIsURLW
0x68d484 SHDeleteKeyW
0x68d488 StrToIntW
0x68d48c StrRChrW
0x68d490 None
0x68d494 StrStrIW
0x68d498 PathCanonicalizeW
0x68d49c StrFormatByteSizeW
COMCTL32.dll
0x68d064 _TrackMouseEvent
0x68d068 ImageList_LoadImageW
0x68d06c InitCommonControlsEx
UxTheme.dll
0x68d5f0 GetThemeInt
0x68d5f4 OpenThemeData
0x68d5f8 SetWindowTheme
0x68d5fc DrawThemeParentBackground
0x68d600 CloseThemeData
0x68d604 IsThemeActive
0x68d608 DrawThemeBackground
RPCRT4.dll
0x68d458 UuidFromStringW
WININET.dll
0x68d610 InternetAttemptConnect
0x68d614 InternetSetCookieW
0x68d618 HttpEndRequestW
0x68d61c HttpSendRequestExW
0x68d620 HttpAddRequestHeadersW
0x68d624 FtpOpenFileW
0x68d628 InternetSetStatusCallbackW
0x68d62c InternetQueryOptionW
0x68d630 InternetQueryDataAvailable
0x68d634 InternetWriteFile
0x68d638 FtpRemoveDirectoryW
0x68d63c FtpCreateDirectoryW
0x68d640 FtpRenameFileW
0x68d644 FtpDeleteFileW
0x68d648 FtpPutFileW
0x68d64c FtpFindFirstFileW
0x68d650 InternetFindNextFileW
0x68d654 InternetCrackUrlW
0x68d658 HttpQueryInfoW
0x68d65c HttpSendRequestW
0x68d660 HttpOpenRequestW
0x68d664 InternetGetLastResponseInfoW
0x68d668 InternetCloseHandle
0x68d66c InternetConnectW
0x68d670 InternetOpenW
0x68d674 InternetSetOptionW
0x68d678 InternetReadFile
GDI32.dll
0x68d084 GetMetaFileBitsEx
0x68d088 RealizePalette
0x68d08c SelectPalette
0x68d090 SetDIBitsToDevice
0x68d094 GetDeviceCaps
0x68d098 StretchDIBits
0x68d09c GetEnhMetaFileBits
0x68d0a0 GetDIBits
0x68d0a4 CreateRectRgnIndirect
0x68d0a8 BitBlt
0x68d0ac CreatePalette
0x68d0b0 StretchBlt
0x68d0b4 Polygon
0x68d0b8 CreatePen
0x68d0bc CreateCompatibleDC
0x68d0c0 CreateCompatibleBitmap
0x68d0c4 GetTextMetricsW
0x68d0c8 SelectObject
0x68d0cc GetStockObject
0x68d0d0 ExcludeClipRect
0x68d0d4 DeleteObject
0x68d0d8 DeleteDC
0x68d0dc CombineRgn
0x68d0e0 ExtTextOutW
0x68d0e4 SetBkColor
0x68d0e8 CopyEnhMetaFileW
0x68d0ec SetStretchBltMode
0x68d0f0 SetWinMetaFileBits
0x68d0f4 GetEnhMetaFileHeader
0x68d0f8 SetEnhMetaFileBits
0x68d0fc DeleteEnhMetaFile
0x68d100 GdiFlush
0x68d104 LPtoDP
0x68d108 DPtoLP
0x68d10c GetObjectW
0x68d110 CreateDIBSection
0x68d114 PlayEnhMetaFile
COMDLG32.dll
0x68d074 CommDlgExtendedError
0x68d078 GetSaveFileNameW
0x68d07c GetOpenFileNameW
EAT(Export Address Table) is none
KERNEL32.dll
0x68d11c lstrcmpA
0x68d120 WriteConsoleW
0x68d124 AttachConsole
0x68d128 FreeConsole
0x68d12c MultiByteToWideChar
0x68d130 SystemTimeToFileTime
0x68d134 lstrlenW
0x68d138 SetThreadPriority
0x68d13c lstrcpyA
0x68d140 IsBadReadPtr
0x68d144 lstrcmpiW
0x68d148 LocalFree
0x68d14c LoadLibraryExW
0x68d150 GetProcAddress
0x68d154 GetModuleHandleW
0x68d158 IsBadWritePtr
0x68d15c GlobalSize
0x68d160 SetFilePointer
0x68d164 DuplicateHandle
0x68d168 SetCriticalSectionSpinCount
0x68d16c EnumSystemLocalesEx
0x68d170 LocaleNameToLCID
0x68d174 TryAcquireSRWLockShared
0x68d178 TryAcquireSRWLockExclusive
0x68d17c AcquireSRWLockShared
0x68d180 ReleaseSRWLockShared
0x68d184 CreateFileMappingW
0x68d188 MoveFileW
0x68d18c GetOverlappedResult
0x68d190 GetModuleFileNameW
0x68d194 FreeLibrary
0x68d198 GetSystemTime
0x68d19c CloseHandle
0x68d1a0 GetStdHandle
0x68d1a4 InitializeCriticalSectionEx
0x68d1a8 GetLastError
0x68d1ac RaiseException
0x68d1b0 DecodePointer
0x68d1b4 GetUserDefaultLangID
0x68d1b8 GetLocaleInfoW
0x68d1bc GlobalFree
0x68d1c0 GlobalLock
0x68d1c4 GlobalUnlock
0x68d1c8 GlobalAlloc
0x68d1cc FindResourceW
0x68d1d0 VirtualAlloc
0x68d1d4 VirtualFree
0x68d1d8 InitializeCriticalSection
0x68d1dc GetModuleHandleA
0x68d1e0 FormatMessageA
0x68d1e4 FormatMessageW
0x68d1e8 WideCharToMultiByte
0x68d1ec ReleaseMutex
0x68d1f0 WaitForSingleObject
0x68d1f4 CreateMutexA
0x68d1f8 GetCurrentProcessId
0x68d1fc GetSystemInfo
0x68d200 MapViewOfFile
0x68d204 UnmapViewOfFile
0x68d208 CreateFileMappingA
0x68d20c GetNumberFormatW
0x68d210 GetCurrentProcess
0x68d214 GetVersionExA
0x68d218 VirtualQuery
0x68d21c CreateDirectoryW
0x68d220 DeleteFileW
0x68d224 FindClose
0x68d228 FindFirstFileW
0x68d22c FindNextFileW
0x68d230 SizeofResource
0x68d234 RemoveDirectoryW
0x68d238 GetTempPathW
0x68d23c CreateMutexW
0x68d240 GetCurrentThread
0x68d244 GetSystemTimeAsFileTime
0x68d248 SystemTimeToTzSpecificLocalTime
0x68d24c FileTimeToSystemTime
0x68d250 GetTimeZoneInformation
0x68d254 GetDateFormatW
0x68d258 GetTimeFormatW
0x68d25c CompareStringW
0x68d260 QueryPerformanceCounter
0x68d264 lstrlenA
0x68d268 MulDiv
0x68d26c SetLastError
0x68d270 GetTickCount
0x68d274 FileTimeToDosDateTime
0x68d278 GetComputerNameExW
0x68d27c ExpandEnvironmentStringsW
0x68d280 SetFileAttributesW
0x68d284 Sleep
0x68d288 CopyFileExW
0x68d28c GetDiskFreeSpaceExW
0x68d290 GetFileTime
0x68d294 GetTempFileNameW
0x68d298 SetFileTime
0x68d29c CopyFileW
0x68d2a0 MoveFileExW
0x68d2a4 FileTimeToLocalFileTime
0x68d2a8 DosDateTimeToFileTime
0x68d2ac LoadLibraryW
0x68d2b0 TryEnterCriticalSection
0x68d2b4 SetEvent
0x68d2b8 ResetEvent
0x68d2bc CreateEventW
0x68d2c0 WaitForMultipleObjects
0x68d2c4 GlobalReAlloc
0x68d2c8 FindResourceExW
0x68d2cc lstrcmpW
0x68d2d0 CompareFileTime
0x68d2d4 CreateFileW
0x68d2d8 GetFileSizeEx
0x68d2dc ReadFile
0x68d2e0 SetEndOfFile
0x68d2e4 WriteFile
0x68d2e8 IsDebuggerPresent
0x68d2ec OutputDebugStringW
0x68d2f0 EncodePointer
0x68d2f4 InitializeSListHead
0x68d2f8 InterlockedPopEntrySList
0x68d2fc InterlockedPushEntrySList
0x68d300 FlushInstructionCache
0x68d304 IsProcessorFeaturePresent
0x68d308 LoadLibraryExA
0x68d30c GetStringTypeW
0x68d310 WaitForSingleObjectEx
0x68d314 InitializeSRWLock
0x68d318 ReleaseSRWLockExclusive
0x68d31c AcquireSRWLockExclusive
0x68d320 InitializeConditionVariable
0x68d324 WakeConditionVariable
0x68d328 WakeAllConditionVariable
0x68d32c SleepConditionVariableCS
0x68d330 SleepConditionVariableSRW
0x68d334 GetCPInfo
0x68d338 QueryPerformanceFrequency
0x68d33c UnhandledExceptionFilter
0x68d340 SetUnhandledExceptionFilter
0x68d344 TerminateProcess
0x68d348 GetStartupInfoW
0x68d34c RtlUnwind
0x68d350 TlsAlloc
0x68d354 TlsGetValue
0x68d358 TlsSetValue
0x68d35c TlsFree
0x68d360 CreateThread
0x68d364 ExitThread
0x68d368 FreeLibraryAndExitThread
0x68d36c GetModuleHandleExW
0x68d370 VirtualProtect
0x68d374 ExitProcess
0x68d378 GetFileType
0x68d37c LCMapStringW
0x68d380 SetFilePointerEx
0x68d384 FindFirstFileExW
0x68d388 IsValidCodePage
0x68d38c GetACP
0x68d390 GetOEMCP
0x68d394 GetCommandLineA
0x68d398 GetCommandLineW
0x68d39c GetEnvironmentStringsW
0x68d3a0 FreeEnvironmentStringsW
0x68d3a4 SetEnvironmentVariableW
0x68d3a8 SetStdHandle
0x68d3ac FlushFileBuffers
0x68d3b0 GetConsoleOutputCP
0x68d3b4 GetConsoleMode
0x68d3b8 ReadConsoleW
0x68d3bc LockResource
0x68d3c0 LoadResource
0x68d3c4 FreeResource
0x68d3c8 GetCurrentThreadId
0x68d3cc DeleteCriticalSection
0x68d3d0 InitializeCriticalSectionAndSpinCount
0x68d3d4 LeaveCriticalSection
0x68d3d8 EnterCriticalSection
0x68d3dc GetProcessHeap
0x68d3e0 HeapSize
0x68d3e4 HeapFree
0x68d3e8 HeapReAlloc
0x68d3ec HeapAlloc
0x68d3f0 GetFileAttributesW
0x68d3f4 HeapDestroy
USER32.dll
0x68d4a4 EmptyClipboard
0x68d4a8 SetClipboardData
0x68d4ac CloseClipboard
0x68d4b0 OpenClipboard
0x68d4b4 wsprintfW
0x68d4b8 PeekMessageW
0x68d4bc GetMessageW
0x68d4c0 InsertMenuW
0x68d4c4 GetSubMenu
0x68d4c8 UnregisterClassW
0x68d4cc DefWindowProcW
0x68d4d0 DestroyWindow
0x68d4d4 CharNextW
0x68d4d8 DestroyMenu
0x68d4dc CreatePopupMenu
0x68d4e0 LoadMenuW
0x68d4e4 MessageBoxW
0x68d4e8 FillRect
0x68d4ec SetCursor
0x68d4f0 GetSystemMetrics
0x68d4f4 IsWindowEnabled
0x68d4f8 ScreenToClient
0x68d4fc ClientToScreen
0x68d500 TrackPopupMenu
0x68d504 RedrawWindow
0x68d508 InvalidateRect
0x68d50c LoadCursorW
0x68d510 BeginPaint
0x68d514 ReleaseDC
0x68d518 GetWindowDC
0x68d51c GetDC
0x68d520 TrackPopupMenuEx
0x68d524 SetFocus
0x68d528 LoadImageW
0x68d52c wsprintfA
0x68d530 DialogBoxParamW
0x68d534 SetWindowLongW
0x68d538 GetDesktopWindow
0x68d53c IsWindow
0x68d540 EndDialog
0x68d544 IsWindowVisible
0x68d548 MoveWindow
0x68d54c ShowWindow
0x68d550 CreateWindowExW
0x68d554 GetClassInfoExW
0x68d558 RegisterClassExW
0x68d55c CallWindowProcW
0x68d560 PostMessageW
0x68d564 GetMonitorInfoW
0x68d568 MonitorFromWindow
0x68d56c GetWindow
0x68d570 GetParent
0x68d574 GetWindowLongW
0x68d578 MapWindowPoints
0x68d57c GetWindowRect
0x68d580 GetClientRect
0x68d584 SetWindowTextW
0x68d588 GetSysColorBrush
0x68d58c GetSysColor
0x68d590 SetMenuDefaultItem
0x68d594 GetDlgCtrlID
0x68d598 EnableWindow
0x68d59c SetForegroundWindow
0x68d5a0 MonitorFromPoint
0x68d5a4 DrawIconEx
0x68d5a8 DestroyIcon
0x68d5ac CheckMenuRadioItem
0x68d5b0 GetClassLongW
0x68d5b4 OffsetRect
0x68d5b8 IsClipboardFormatAvailable
0x68d5bc RegisterClipboardFormatW
0x68d5c0 GetClipboardData
0x68d5c4 CharLowerBuffA
0x68d5c8 InflateRect
0x68d5cc EndPaint
0x68d5d0 GetDlgItem
0x68d5d4 SetWindowPos
0x68d5d8 SendMessageW
0x68d5dc CopyRect
0x68d5e0 GetActiveWindow
0x68d5e4 IntersectRect
0x68d5e8 PostThreadMessageW
ADVAPI32.dll
0x68d000 RegEnumValueW
0x68d004 LsaLookupNames2
0x68d008 RegSetValueExW
0x68d00c RegQueryInfoKeyW
0x68d010 RegOpenKeyExW
0x68d014 RegEnumKeyExW
0x68d018 RegDeleteValueW
0x68d01c RegDeleteKeyW
0x68d020 RegCreateKeyExW
0x68d024 RegCloseKey
0x68d028 InitializeSecurityDescriptor
0x68d02c SetSecurityDescriptorDacl
0x68d030 OpenProcessToken
0x68d034 OpenThreadToken
0x68d038 GetSidIdentifierAuthority
0x68d03c GetSidSubAuthority
0x68d040 GetTokenInformation
0x68d044 RegQueryValueExW
0x68d048 RegDeleteTreeW
0x68d04c RegSetValueExA
0x68d050 GetLengthSid
0x68d054 LsaFreeMemory
0x68d058 LsaClose
0x68d05c LsaOpenPolicy
SHELL32.dll
0x68d460 SHGetFolderPathW
0x68d464 SHBrowseForFolderW
0x68d468 SHGetPathFromIDListW
0x68d46c SHFileOperationW
0x68d470 None
0x68d474 SHGetFileInfoW
0x68d478 CommandLineToArgvW
ole32.dll
0x68d680 CoTaskMemFree
0x68d684 CoInitialize
0x68d688 CoSetProxyBlanket
0x68d68c CoInitializeEx
0x68d690 IIDFromString
0x68d694 CreateStreamOnHGlobal
0x68d698 CoGetApartmentType
0x68d69c CoCreateGuid
0x68d6a0 CoInitializeSecurity
0x68d6a4 OleRun
0x68d6a8 CLSIDFromProgID
0x68d6ac GetHGlobalFromStream
0x68d6b0 CoUninitialize
0x68d6b4 CoCreateInstance
0x68d6b8 CoTaskMemAlloc
0x68d6bc StringFromGUID2
0x68d6c0 CoTaskMemRealloc
OLEAUT32.dll
0x68d3fc SafeArrayUnaccessData
0x68d400 GetErrorInfo
0x68d404 VarDecCmp
0x68d408 VarDecFromStr
0x68d40c VarDateFromStr
0x68d410 VarR8FromStr
0x68d414 VarI4FromStr
0x68d418 SysStringByteLen
0x68d41c SysAllocStringLen
0x68d420 SysAllocStringByteLen
0x68d424 LoadRegTypeLib
0x68d428 LoadTypeLib
0x68d42c VariantChangeType
0x68d430 VariantCopy
0x68d434 VariantClear
0x68d438 VariantInit
0x68d43c SysStringLen
0x68d440 SafeArrayAccessData
0x68d444 VarUI4FromStr
0x68d448 SysFreeString
0x68d44c VariantCopyInd
0x68d450 SysAllocString
SHLWAPI.dll
0x68d480 PathIsURLW
0x68d484 SHDeleteKeyW
0x68d488 StrToIntW
0x68d48c StrRChrW
0x68d490 None
0x68d494 StrStrIW
0x68d498 PathCanonicalizeW
0x68d49c StrFormatByteSizeW
COMCTL32.dll
0x68d064 _TrackMouseEvent
0x68d068 ImageList_LoadImageW
0x68d06c InitCommonControlsEx
UxTheme.dll
0x68d5f0 GetThemeInt
0x68d5f4 OpenThemeData
0x68d5f8 SetWindowTheme
0x68d5fc DrawThemeParentBackground
0x68d600 CloseThemeData
0x68d604 IsThemeActive
0x68d608 DrawThemeBackground
RPCRT4.dll
0x68d458 UuidFromStringW
WININET.dll
0x68d610 InternetAttemptConnect
0x68d614 InternetSetCookieW
0x68d618 HttpEndRequestW
0x68d61c HttpSendRequestExW
0x68d620 HttpAddRequestHeadersW
0x68d624 FtpOpenFileW
0x68d628 InternetSetStatusCallbackW
0x68d62c InternetQueryOptionW
0x68d630 InternetQueryDataAvailable
0x68d634 InternetWriteFile
0x68d638 FtpRemoveDirectoryW
0x68d63c FtpCreateDirectoryW
0x68d640 FtpRenameFileW
0x68d644 FtpDeleteFileW
0x68d648 FtpPutFileW
0x68d64c FtpFindFirstFileW
0x68d650 InternetFindNextFileW
0x68d654 InternetCrackUrlW
0x68d658 HttpQueryInfoW
0x68d65c HttpSendRequestW
0x68d660 HttpOpenRequestW
0x68d664 InternetGetLastResponseInfoW
0x68d668 InternetCloseHandle
0x68d66c InternetConnectW
0x68d670 InternetOpenW
0x68d674 InternetSetOptionW
0x68d678 InternetReadFile
GDI32.dll
0x68d084 GetMetaFileBitsEx
0x68d088 RealizePalette
0x68d08c SelectPalette
0x68d090 SetDIBitsToDevice
0x68d094 GetDeviceCaps
0x68d098 StretchDIBits
0x68d09c GetEnhMetaFileBits
0x68d0a0 GetDIBits
0x68d0a4 CreateRectRgnIndirect
0x68d0a8 BitBlt
0x68d0ac CreatePalette
0x68d0b0 StretchBlt
0x68d0b4 Polygon
0x68d0b8 CreatePen
0x68d0bc CreateCompatibleDC
0x68d0c0 CreateCompatibleBitmap
0x68d0c4 GetTextMetricsW
0x68d0c8 SelectObject
0x68d0cc GetStockObject
0x68d0d0 ExcludeClipRect
0x68d0d4 DeleteObject
0x68d0d8 DeleteDC
0x68d0dc CombineRgn
0x68d0e0 ExtTextOutW
0x68d0e4 SetBkColor
0x68d0e8 CopyEnhMetaFileW
0x68d0ec SetStretchBltMode
0x68d0f0 SetWinMetaFileBits
0x68d0f4 GetEnhMetaFileHeader
0x68d0f8 SetEnhMetaFileBits
0x68d0fc DeleteEnhMetaFile
0x68d100 GdiFlush
0x68d104 LPtoDP
0x68d108 DPtoLP
0x68d10c GetObjectW
0x68d110 CreateDIBSection
0x68d114 PlayEnhMetaFile
COMDLG32.dll
0x68d074 CommDlgExtendedError
0x68d078 GetSaveFileNameW
0x68d07c GetOpenFileNameW
EAT(Export Address Table) is none