ScreenShot
| Created | 2023.09.23 09:41 | Machine | s1_win7_x6403 |
| Filename | Dropper1.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 5 detected (Artemis, ccmw, BScope, Remcos, susgen) | ||
| md5 | 5bdab56a23cabe2a7d38338ba91ecba3 | ||
| sha256 | 4fcf7d47d22489c1392a18592e8ed0f9387fc81cca85fde100160e9569fea0c9 | ||
| ssdeep | 49152:iN0t+V1XMFH+qJtMgASCOUBBuAZHbMYastTXintSiA98PQMDz:iNfXWHEXeAaYasRQgi3P | ||
| imphash | c1eeebbb74fe657797a1490fb8764af9 | ||
| impfuzzy | 192:oc68cLRuuNGEUhc9n8oIN/mLX8P6YyGF92d3y1x//kfPbOQOxxE9z:VcJNB9jfzXY4dC1xUPbOQOxCz | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | File has been identified by 5 AntiVirus engines on VirusTotal as malicious |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
ET INFO TLS Handshake Failure
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x738bc8 SysFreeString
0x738bcc SysReAllocStringLen
0x738bd0 SysAllocStringLen
advapi32.dll
0x738bd8 RegQueryValueExW
0x738bdc RegOpenKeyExW
0x738be0 RegCloseKey
user32.dll
0x738be8 MessageBoxA
0x738bec CharNextW
0x738bf0 LoadStringW
kernel32.dll
0x738bf8 Sleep
0x738bfc VirtualFree
0x738c00 VirtualAlloc
0x738c04 lstrlenW
0x738c08 lstrcpynW
0x738c0c VirtualQuery
0x738c10 QueryPerformanceCounter
0x738c14 GetTickCount
0x738c18 GetSystemInfo
0x738c1c GetVersion
0x738c20 CompareStringW
0x738c24 IsDBCSLeadByteEx
0x738c28 IsValidLocale
0x738c2c SetThreadLocale
0x738c30 GetSystemDefaultUILanguage
0x738c34 GetUserDefaultUILanguage
0x738c38 GetLocaleInfoW
0x738c3c WideCharToMultiByte
0x738c40 MultiByteToWideChar
0x738c44 GetConsoleOutputCP
0x738c48 GetConsoleCP
0x738c4c GetACP
0x738c50 LoadLibraryExW
0x738c54 GetStartupInfoW
0x738c58 GetProcAddress
0x738c5c GetModuleHandleW
0x738c60 GetModuleFileNameW
0x738c64 GetCommandLineW
0x738c68 FreeLibrary
0x738c6c GetLastError
0x738c70 UnhandledExceptionFilter
0x738c74 RtlUnwind
0x738c78 RaiseException
0x738c7c ExitProcess
0x738c80 ExitThread
0x738c84 SwitchToThread
0x738c88 GetCurrentThreadId
0x738c8c CreateThread
0x738c90 DeleteCriticalSection
0x738c94 LeaveCriticalSection
0x738c98 EnterCriticalSection
0x738c9c InitializeCriticalSection
0x738ca0 FindFirstFileW
0x738ca4 FindClose
0x738ca8 CreateDirectoryW
0x738cac WriteFile
0x738cb0 SetFilePointer
0x738cb4 SetEndOfFile
0x738cb8 ReadFile
0x738cbc GetFileType
0x738cc0 GetFileSize
0x738cc4 CreateFileW
0x738cc8 GetStdHandle
0x738ccc CloseHandle
kernel32.dll
0x738cd4 GetProcAddress
0x738cd8 RaiseException
0x738cdc LoadLibraryA
0x738ce0 GetLastError
0x738ce4 TlsSetValue
0x738ce8 TlsGetValue
0x738cec LocalFree
0x738cf0 LocalAlloc
0x738cf4 GetModuleHandleW
0x738cf8 FreeLibrary
user32.dll
0x738d00 SetClassLongW
0x738d04 GetClassLongW
0x738d08 SetWindowLongW
0x738d0c GetWindowLongW
0x738d10 CreateWindowExW
0x738d14 WindowFromPoint
0x738d18 WaitMessage
0x738d1c UpdateWindow
0x738d20 UnregisterClassW
0x738d24 UnhookWindowsHookEx
0x738d28 TranslateMessage
0x738d2c TranslateMDISysAccel
0x738d30 TrackPopupMenu
0x738d34 SystemParametersInfoW
0x738d38 ShowWindow
0x738d3c ShowScrollBar
0x738d40 ShowOwnedPopups
0x738d44 ShowCaret
0x738d48 SetWindowRgn
0x738d4c SetWindowsHookExW
0x738d50 SetWindowTextW
0x738d54 SetWindowPos
0x738d58 SetWindowPlacement
0x738d5c SetTimer
0x738d60 SetScrollRange
0x738d64 SetScrollPos
0x738d68 SetScrollInfo
0x738d6c SetRect
0x738d70 SetPropW
0x738d74 SetParent
0x738d78 SetMenuItemInfoW
0x738d7c SetMenu
0x738d80 SetKeyboardState
0x738d84 SetForegroundWindow
0x738d88 SetFocus
0x738d8c SetCursorPos
0x738d90 SetCursor
0x738d94 SetClipboardData
0x738d98 SetCapture
0x738d9c SetActiveWindow
0x738da0 SendMessageA
0x738da4 SendMessageW
0x738da8 ScrollWindow
0x738dac ScreenToClient
0x738db0 RemovePropW
0x738db4 RemoveMenu
0x738db8 ReleaseDC
0x738dbc ReleaseCapture
0x738dc0 RegisterWindowMessageW
0x738dc4 RegisterClipboardFormatW
0x738dc8 RegisterClassW
0x738dcc RedrawWindow
0x738dd0 PtInRect
0x738dd4 PostQuitMessage
0x738dd8 PostMessageW
0x738ddc PeekMessageA
0x738de0 PeekMessageW
0x738de4 OpenClipboard
0x738de8 OffsetRect
0x738dec MsgWaitForMultipleObjectsEx
0x738df0 MsgWaitForMultipleObjects
0x738df4 MessageBoxW
0x738df8 MessageBeep
0x738dfc MapWindowPoints
0x738e00 MapVirtualKeyW
0x738e04 LoadStringW
0x738e08 LoadKeyboardLayoutW
0x738e0c LoadIconW
0x738e10 LoadCursorW
0x738e14 LoadBitmapW
0x738e18 KillTimer
0x738e1c IsZoomed
0x738e20 IsWindowVisible
0x738e24 IsWindowUnicode
0x738e28 IsWindowEnabled
0x738e2c IsWindow
0x738e30 IsRectEmpty
0x738e34 IsIconic
0x738e38 IsDialogMessageA
0x738e3c IsDialogMessageW
0x738e40 IsClipboardFormatAvailable
0x738e44 IsChild
0x738e48 IsCharAlphaNumericW
0x738e4c IsCharAlphaW
0x738e50 InvalidateRgn
0x738e54 InvalidateRect
0x738e58 IntersectRect
0x738e5c InsertMenuItemW
0x738e60 InsertMenuW
0x738e64 InflateRect
0x738e68 HideCaret
0x738e6c GetWindowThreadProcessId
0x738e70 GetWindowTextW
0x738e74 GetWindowRect
0x738e78 GetWindowPlacement
0x738e7c GetWindowDC
0x738e80 GetTopWindow
0x738e84 GetSystemMetrics
0x738e88 GetSystemMenu
0x738e8c GetSysColorBrush
0x738e90 GetSysColor
0x738e94 GetSubMenu
0x738e98 GetScrollRange
0x738e9c GetScrollPos
0x738ea0 GetScrollInfo
0x738ea4 GetPropW
0x738ea8 GetParent
0x738eac GetWindow
0x738eb0 GetMessagePos
0x738eb4 GetMessageExtraInfo
0x738eb8 GetMenuStringW
0x738ebc GetMenuState
0x738ec0 GetMenuItemInfoW
0x738ec4 GetMenuItemID
0x738ec8 GetMenuItemCount
0x738ecc GetMenu
0x738ed0 GetLastActivePopup
0x738ed4 GetKeyboardState
0x738ed8 GetKeyboardLayoutNameW
0x738edc GetKeyboardLayoutList
0x738ee0 GetKeyboardLayout
0x738ee4 GetKeyState
0x738ee8 GetKeyNameTextW
0x738eec GetIconInfo
0x738ef0 GetForegroundWindow
0x738ef4 GetFocus
0x738ef8 GetDlgItem
0x738efc GetDlgCtrlID
0x738f00 GetDesktopWindow
0x738f04 GetDCEx
0x738f08 GetDC
0x738f0c GetCursorPos
0x738f10 GetCursor
0x738f14 GetClipboardData
0x738f18 GetClientRect
0x738f1c GetClassNameW
0x738f20 GetClassInfoExW
0x738f24 GetClassInfoW
0x738f28 GetCapture
0x738f2c GetActiveWindow
0x738f30 FrameRect
0x738f34 FindWindowExW
0x738f38 FindWindowW
0x738f3c FillRect
0x738f40 EnumWindows
0x738f44 EnumThreadWindows
0x738f48 EnumClipboardFormats
0x738f4c EnumChildWindows
0x738f50 EndPaint
0x738f54 EndMenu
0x738f58 EnableWindow
0x738f5c EnableScrollBar
0x738f60 EnableMenuItem
0x738f64 EmptyClipboard
0x738f68 DrawTextExW
0x738f6c DrawTextW
0x738f70 DrawMenuBar
0x738f74 DrawIconEx
0x738f78 DrawIcon
0x738f7c DrawFrameControl
0x738f80 DrawFocusRect
0x738f84 DrawEdge
0x738f88 DispatchMessageA
0x738f8c DispatchMessageW
0x738f90 DestroyWindow
0x738f94 DestroyMenu
0x738f98 DestroyIcon
0x738f9c DestroyCursor
0x738fa0 DeleteMenu
0x738fa4 DefWindowProcW
0x738fa8 DefMDIChildProcW
0x738fac DefFrameProcW
0x738fb0 CreatePopupMenu
0x738fb4 CreateMenu
0x738fb8 CreateIcon
0x738fbc CreateCaret
0x738fc0 CreateAcceleratorTableW
0x738fc4 CountClipboardFormats
0x738fc8 CopyImage
0x738fcc CopyIcon
0x738fd0 CloseClipboard
0x738fd4 ClientToScreen
0x738fd8 CheckMenuItem
0x738fdc CharUpperBuffW
0x738fe0 CharUpperW
0x738fe4 CharNextW
0x738fe8 CharLowerBuffW
0x738fec CharLowerW
0x738ff0 CallWindowProcW
0x738ff4 CallNextHookEx
0x738ff8 BeginPaint
0x738ffc CharLowerBuffA
0x739000 CharUpperBuffA
0x739004 AdjustWindowRectEx
0x739008 ActivateKeyboardLayout
gdi32.dll
0x739010 UnrealizeObject
0x739014 StretchDIBits
0x739018 StretchBlt
0x73901c StartPage
0x739020 StartDocW
0x739024 SetWindowOrgEx
0x739028 SetWinMetaFileBits
0x73902c SetViewportOrgEx
0x739030 SetTextColor
0x739034 SetStretchBltMode
0x739038 SetROP2
0x73903c SetPixel
0x739040 SetMapMode
0x739044 SetEnhMetaFileBits
0x739048 SetDIBits
0x73904c SetDIBColorTable
0x739050 SetBrushOrgEx
0x739054 SetBkMode
0x739058 SetBkColor
0x73905c SetAbortProc
0x739060 SelectPalette
0x739064 SelectObject
0x739068 SelectClipRgn
0x73906c SaveDC
0x739070 RoundRect
0x739074 RestoreDC
0x739078 ResizePalette
0x73907c Rectangle
0x739080 RectVisible
0x739084 RealizePalette
0x739088 Polyline
0x73908c Polygon
0x739090 PolyBezierTo
0x739094 PolyBezier
0x739098 PlayEnhMetaFile
0x73909c Pie
0x7390a0 PatBlt
0x7390a4 MoveToEx
0x7390a8 MaskBlt
0x7390ac LineTo
0x7390b0 IntersectClipRect
0x7390b4 GetWindowOrgEx
0x7390b8 GetWinMetaFileBits
0x7390bc GetViewportOrgEx
0x7390c0 GetTextMetricsW
0x7390c4 GetTextExtentPointW
0x7390c8 GetTextExtentPoint32W
0x7390cc GetTextColor
0x7390d0 GetSystemPaletteEntries
0x7390d4 GetStockObject
0x7390d8 GetRgnBox
0x7390dc GetPixel
0x7390e0 GetPaletteEntries
0x7390e4 GetObjectW
0x7390e8 GetNearestPaletteIndex
0x7390ec GetMapMode
0x7390f0 GetEnhMetaFilePaletteEntries
0x7390f4 GetEnhMetaFileHeader
0x7390f8 GetEnhMetaFileDescriptionW
0x7390fc GetEnhMetaFileBits
0x739100 GetDeviceCaps
0x739104 GetDIBits
0x739108 GetDIBColorTable
0x73910c GetCurrentPositionEx
0x739110 GetCurrentObject
0x739114 GetClipRgn
0x739118 GetClipBox
0x73911c GetBrushOrgEx
0x739120 GetBkMode
0x739124 GetBitmapBits
0x739128 GdiFlush
0x73912c FrameRgn
0x739130 ExtTextOutW
0x739134 ExtFloodFill
0x739138 ExtCreateRegion
0x73913c ExcludeClipRect
0x739140 EnumFontsW
0x739144 EnumFontFamiliesExW
0x739148 EndPage
0x73914c EndDoc
0x739150 Ellipse
0x739154 DeleteObject
0x739158 DeleteEnhMetaFile
0x73915c DeleteDC
0x739160 CreateSolidBrush
0x739164 CreateRoundRectRgn
0x739168 CreateRectRgnIndirect
0x73916c CreateRectRgn
0x739170 CreatePenIndirect
0x739174 CreatePalette
0x739178 CreateICW
0x73917c CreateHalftonePalette
0x739180 CreateFontIndirectW
0x739184 CreateDIBitmap
0x739188 CreateDIBSection
0x73918c CreateDCW
0x739190 CreateCompatibleDC
0x739194 CreateCompatibleBitmap
0x739198 CreateBrushIndirect
0x73919c CreateBitmap
0x7391a0 CopyEnhMetaFileW
0x7391a4 CombineRgn
0x7391a8 Chord
0x7391ac BitBlt
0x7391b0 ArcTo
0x7391b4 Arc
0x7391b8 AngleArc
0x7391bc AbortDoc
version.dll
0x7391c4 VerQueryValueW
0x7391c8 GetFileVersionInfoSizeW
0x7391cc GetFileVersionInfoW
kernel32.dll
0x7391d4 lstrlenA
0x7391d8 lstrlenW
0x7391dc WriteFile
0x7391e0 WideCharToMultiByte
0x7391e4 WaitForSingleObjectEx
0x7391e8 WaitForSingleObject
0x7391ec WaitForMultipleObjectsEx
0x7391f0 VirtualQueryEx
0x7391f4 VirtualQuery
0x7391f8 VirtualProtect
0x7391fc VirtualFree
0x739200 VirtualAlloc
0x739204 UnmapViewOfFile
0x739208 TryEnterCriticalSection
0x73920c SwitchToThread
0x739210 SuspendThread
0x739214 Sleep
0x739218 SizeofResource
0x73921c SignalObjectAndWait
0x739220 SetThreadPriority
0x739224 SetThreadLocale
0x739228 SetLastError
0x73922c SetFileTime
0x739230 SetFilePointer
0x739234 SetFileAttributesW
0x739238 SetEvent
0x73923c SetErrorMode
0x739240 SetEndOfFile
0x739244 ResumeThread
0x739248 ResetEvent
0x73924c RemoveDirectoryW
0x739250 ReleaseMutex
0x739254 ReadFile
0x739258 RaiseException
0x73925c QueryDosDeviceW
0x739260 IsDebuggerPresent
0x739264 OpenMutexW
0x739268 OpenFileMappingW
0x73926c MulDiv
0x739270 MapViewOfFile
0x739274 LockResource
0x739278 LocalFree
0x73927c LocalFileTimeToFileTime
0x739280 LoadResource
0x739284 LoadLibraryW
0x739288 LeaveCriticalSection
0x73928c IsValidLocale
0x739290 InitializeCriticalSection
0x739294 HeapSize
0x739298 HeapFree
0x73929c HeapDestroy
0x7392a0 HeapCreate
0x7392a4 HeapAlloc
0x7392a8 GlobalUnlock
0x7392ac GlobalSize
0x7392b0 GlobalLock
0x7392b4 GlobalFree
0x7392b8 GlobalFindAtomW
0x7392bc GlobalDeleteAtom
0x7392c0 GlobalAlloc
0x7392c4 GlobalAddAtomW
0x7392c8 GetVolumeInformationW
0x7392cc GetVersionExW
0x7392d0 GetVersion
0x7392d4 GetTimeZoneInformation
0x7392d8 GetTickCount
0x7392dc GetThreadPriority
0x7392e0 GetThreadLocale
0x7392e4 GetSystemInfo
0x7392e8 GetSystemTimes
0x7392ec GetStringTypeExA
0x7392f0 GetStringTypeExW
0x7392f4 GetStdHandle
0x7392f8 GetShortPathNameW
0x7392fc GetProcAddress
0x739300 GetModuleHandleW
0x739304 GetModuleFileNameW
0x739308 GetLogicalDriveStringsW
0x73930c GetLocaleInfoW
0x739310 GetLocalTime
0x739314 GetLastError
0x739318 GetFullPathNameW
0x73931c GetFileSize
0x739320 GetFileAttributesW
0x739324 GetExitCodeThread
0x739328 GetDriveTypeW
0x73932c GetDiskFreeSpaceW
0x739330 GetDateFormatW
0x739334 GetCurrentThreadId
0x739338 GetCurrentThread
0x73933c GetCurrentProcessId
0x739340 GetCurrentProcess
0x739344 GetCPInfoExW
0x739348 GetCPInfo
0x73934c GetACP
0x739350 FreeResource
0x739354 InterlockedIncrement
0x739358 InterlockedExchange
0x73935c InterlockedDecrement
0x739360 InterlockedCompareExchange
0x739364 FreeLibrary
0x739368 FormatMessageW
0x73936c FindResourceW
0x739370 FindNextFileW
0x739374 FindFirstFileA
0x739378 FindFirstFileW
0x73937c FindClose
0x739380 FileTimeToLocalFileTime
0x739384 EnumSystemLocalesW
0x739388 EnumResourceNamesW
0x73938c EnumCalendarInfoW
0x739390 EnterCriticalSection
0x739394 DosDateTimeToFileTime
0x739398 DeleteFileW
0x73939c DeleteCriticalSection
0x7393a0 CreateThread
0x7393a4 CreateFileMappingW
0x7393a8 CreateFileA
0x7393ac CreateFileW
0x7393b0 CreateEventW
0x7393b4 CreateDirectoryW
0x7393b8 CopyFileW
0x7393bc CompareStringA
0x7393c0 CompareStringW
0x7393c4 CloseHandle
advapi32.dll
0x7393cc RegUnLoadKeyW
0x7393d0 RegSetValueExW
0x7393d4 RegSaveKeyW
0x7393d8 RegRestoreKeyW
0x7393dc RegReplaceKeyW
0x7393e0 RegQueryValueExA
0x7393e4 RegQueryValueExW
0x7393e8 RegQueryInfoKeyW
0x7393ec RegOpenKeyExA
0x7393f0 RegOpenKeyExW
0x7393f4 RegLoadKeyW
0x7393f8 RegFlushKey
0x7393fc RegEnumValueW
0x739400 RegEnumKeyExW
0x739404 RegDeleteValueW
0x739408 RegDeleteKeyW
0x73940c RegCreateKeyExW
0x739410 RegConnectRegistryW
0x739414 RegCloseKey
kernel32.dll
0x73941c Sleep
oleaut32.dll
0x739424 SafeArrayPtrOfIndex
0x739428 SafeArrayPutElement
0x73942c SafeArrayGetElement
0x739430 SafeArrayUnaccessData
0x739434 SafeArrayAccessData
0x739438 SafeArrayGetUBound
0x73943c SafeArrayGetLBound
0x739440 SafeArrayCreate
0x739444 VariantChangeType
0x739448 VariantCopyInd
0x73944c VariantCopy
0x739450 VariantClear
0x739454 VariantInit
oleaut32.dll
0x73945c GetErrorInfo
0x739460 SysFreeString
0x739464 SysAllocString
ole32.dll
0x73946c OleUninitialize
0x739470 OleInitialize
0x739474 CoTaskMemFree
0x739478 CoTaskMemAlloc
0x73947c StringFromCLSID
0x739480 CoCreateInstance
0x739484 CoUninitialize
0x739488 CoInitialize
0x73948c IsEqualGUID
comctl32.dll
0x739494 InitializeFlatSB
0x739498 FlatSB_SetScrollProp
0x73949c FlatSB_SetScrollPos
0x7394a0 FlatSB_SetScrollInfo
0x7394a4 FlatSB_GetScrollPos
0x7394a8 FlatSB_GetScrollInfo
0x7394ac _TrackMouseEvent
0x7394b0 ImageList_GetImageInfo
0x7394b4 ImageList_SetIconSize
0x7394b8 ImageList_GetIconSize
0x7394bc ImageList_Write
0x7394c0 ImageList_Read
0x7394c4 ImageList_GetDragImage
0x7394c8 ImageList_DragShowNolock
0x7394cc ImageList_DragMove
0x7394d0 ImageList_DragLeave
0x7394d4 ImageList_DragEnter
0x7394d8 ImageList_EndDrag
0x7394dc ImageList_BeginDrag
0x7394e0 ImageList_Copy
0x7394e4 ImageList_LoadImageW
0x7394e8 ImageList_GetIcon
0x7394ec ImageList_Remove
0x7394f0 ImageList_DrawEx
0x7394f4 ImageList_Replace
0x7394f8 ImageList_Draw
0x7394fc ImageList_SetOverlayImage
0x739500 ImageList_GetBkColor
0x739504 ImageList_SetBkColor
0x739508 ImageList_ReplaceIcon
0x73950c ImageList_Add
0x739510 ImageList_SetImageCount
0x739514 ImageList_GetImageCount
0x739518 ImageList_Destroy
0x73951c ImageList_Create
0x739520 InitCommonControls
user32.dll
0x739528 EnumDisplayMonitors
0x73952c GetMonitorInfoW
0x739530 MonitorFromPoint
0x739534 MonitorFromRect
0x739538 MonitorFromWindow
msvcrt.dll
0x739540 memset
0x739544 memcpy
shell32.dll
0x73954c SHFileOperationW
0x739550 ShellExecuteW
0x739554 Shell_NotifyIconW
0x739558 DragQueryFileW
0x73955c DragFinish
0x739560 DragAcceptFiles
shell32.dll
0x739568 SHGetSpecialFolderLocation
0x73956c SHGetPathFromIDListW
0x739570 SHGetMalloc
0x739574 SHGetDesktopFolder
comdlg32.dll
0x73957c GetSaveFileNameW
0x739580 GetOpenFileNameW
winspool.drv
0x739588 OpenPrinterW
0x73958c EnumPrintersW
0x739590 DocumentPropertiesW
0x739594 ClosePrinter
winspool.drv
0x73959c GetDefaultPrinterW
kernel32.dll
0x7395a4 GetVersionExW
0x7395a8 CreateMutexW
EAT(Export Address Table) is none
oleaut32.dll
0x738bc8 SysFreeString
0x738bcc SysReAllocStringLen
0x738bd0 SysAllocStringLen
advapi32.dll
0x738bd8 RegQueryValueExW
0x738bdc RegOpenKeyExW
0x738be0 RegCloseKey
user32.dll
0x738be8 MessageBoxA
0x738bec CharNextW
0x738bf0 LoadStringW
kernel32.dll
0x738bf8 Sleep
0x738bfc VirtualFree
0x738c00 VirtualAlloc
0x738c04 lstrlenW
0x738c08 lstrcpynW
0x738c0c VirtualQuery
0x738c10 QueryPerformanceCounter
0x738c14 GetTickCount
0x738c18 GetSystemInfo
0x738c1c GetVersion
0x738c20 CompareStringW
0x738c24 IsDBCSLeadByteEx
0x738c28 IsValidLocale
0x738c2c SetThreadLocale
0x738c30 GetSystemDefaultUILanguage
0x738c34 GetUserDefaultUILanguage
0x738c38 GetLocaleInfoW
0x738c3c WideCharToMultiByte
0x738c40 MultiByteToWideChar
0x738c44 GetConsoleOutputCP
0x738c48 GetConsoleCP
0x738c4c GetACP
0x738c50 LoadLibraryExW
0x738c54 GetStartupInfoW
0x738c58 GetProcAddress
0x738c5c GetModuleHandleW
0x738c60 GetModuleFileNameW
0x738c64 GetCommandLineW
0x738c68 FreeLibrary
0x738c6c GetLastError
0x738c70 UnhandledExceptionFilter
0x738c74 RtlUnwind
0x738c78 RaiseException
0x738c7c ExitProcess
0x738c80 ExitThread
0x738c84 SwitchToThread
0x738c88 GetCurrentThreadId
0x738c8c CreateThread
0x738c90 DeleteCriticalSection
0x738c94 LeaveCriticalSection
0x738c98 EnterCriticalSection
0x738c9c InitializeCriticalSection
0x738ca0 FindFirstFileW
0x738ca4 FindClose
0x738ca8 CreateDirectoryW
0x738cac WriteFile
0x738cb0 SetFilePointer
0x738cb4 SetEndOfFile
0x738cb8 ReadFile
0x738cbc GetFileType
0x738cc0 GetFileSize
0x738cc4 CreateFileW
0x738cc8 GetStdHandle
0x738ccc CloseHandle
kernel32.dll
0x738cd4 GetProcAddress
0x738cd8 RaiseException
0x738cdc LoadLibraryA
0x738ce0 GetLastError
0x738ce4 TlsSetValue
0x738ce8 TlsGetValue
0x738cec LocalFree
0x738cf0 LocalAlloc
0x738cf4 GetModuleHandleW
0x738cf8 FreeLibrary
user32.dll
0x738d00 SetClassLongW
0x738d04 GetClassLongW
0x738d08 SetWindowLongW
0x738d0c GetWindowLongW
0x738d10 CreateWindowExW
0x738d14 WindowFromPoint
0x738d18 WaitMessage
0x738d1c UpdateWindow
0x738d20 UnregisterClassW
0x738d24 UnhookWindowsHookEx
0x738d28 TranslateMessage
0x738d2c TranslateMDISysAccel
0x738d30 TrackPopupMenu
0x738d34 SystemParametersInfoW
0x738d38 ShowWindow
0x738d3c ShowScrollBar
0x738d40 ShowOwnedPopups
0x738d44 ShowCaret
0x738d48 SetWindowRgn
0x738d4c SetWindowsHookExW
0x738d50 SetWindowTextW
0x738d54 SetWindowPos
0x738d58 SetWindowPlacement
0x738d5c SetTimer
0x738d60 SetScrollRange
0x738d64 SetScrollPos
0x738d68 SetScrollInfo
0x738d6c SetRect
0x738d70 SetPropW
0x738d74 SetParent
0x738d78 SetMenuItemInfoW
0x738d7c SetMenu
0x738d80 SetKeyboardState
0x738d84 SetForegroundWindow
0x738d88 SetFocus
0x738d8c SetCursorPos
0x738d90 SetCursor
0x738d94 SetClipboardData
0x738d98 SetCapture
0x738d9c SetActiveWindow
0x738da0 SendMessageA
0x738da4 SendMessageW
0x738da8 ScrollWindow
0x738dac ScreenToClient
0x738db0 RemovePropW
0x738db4 RemoveMenu
0x738db8 ReleaseDC
0x738dbc ReleaseCapture
0x738dc0 RegisterWindowMessageW
0x738dc4 RegisterClipboardFormatW
0x738dc8 RegisterClassW
0x738dcc RedrawWindow
0x738dd0 PtInRect
0x738dd4 PostQuitMessage
0x738dd8 PostMessageW
0x738ddc PeekMessageA
0x738de0 PeekMessageW
0x738de4 OpenClipboard
0x738de8 OffsetRect
0x738dec MsgWaitForMultipleObjectsEx
0x738df0 MsgWaitForMultipleObjects
0x738df4 MessageBoxW
0x738df8 MessageBeep
0x738dfc MapWindowPoints
0x738e00 MapVirtualKeyW
0x738e04 LoadStringW
0x738e08 LoadKeyboardLayoutW
0x738e0c LoadIconW
0x738e10 LoadCursorW
0x738e14 LoadBitmapW
0x738e18 KillTimer
0x738e1c IsZoomed
0x738e20 IsWindowVisible
0x738e24 IsWindowUnicode
0x738e28 IsWindowEnabled
0x738e2c IsWindow
0x738e30 IsRectEmpty
0x738e34 IsIconic
0x738e38 IsDialogMessageA
0x738e3c IsDialogMessageW
0x738e40 IsClipboardFormatAvailable
0x738e44 IsChild
0x738e48 IsCharAlphaNumericW
0x738e4c IsCharAlphaW
0x738e50 InvalidateRgn
0x738e54 InvalidateRect
0x738e58 IntersectRect
0x738e5c InsertMenuItemW
0x738e60 InsertMenuW
0x738e64 InflateRect
0x738e68 HideCaret
0x738e6c GetWindowThreadProcessId
0x738e70 GetWindowTextW
0x738e74 GetWindowRect
0x738e78 GetWindowPlacement
0x738e7c GetWindowDC
0x738e80 GetTopWindow
0x738e84 GetSystemMetrics
0x738e88 GetSystemMenu
0x738e8c GetSysColorBrush
0x738e90 GetSysColor
0x738e94 GetSubMenu
0x738e98 GetScrollRange
0x738e9c GetScrollPos
0x738ea0 GetScrollInfo
0x738ea4 GetPropW
0x738ea8 GetParent
0x738eac GetWindow
0x738eb0 GetMessagePos
0x738eb4 GetMessageExtraInfo
0x738eb8 GetMenuStringW
0x738ebc GetMenuState
0x738ec0 GetMenuItemInfoW
0x738ec4 GetMenuItemID
0x738ec8 GetMenuItemCount
0x738ecc GetMenu
0x738ed0 GetLastActivePopup
0x738ed4 GetKeyboardState
0x738ed8 GetKeyboardLayoutNameW
0x738edc GetKeyboardLayoutList
0x738ee0 GetKeyboardLayout
0x738ee4 GetKeyState
0x738ee8 GetKeyNameTextW
0x738eec GetIconInfo
0x738ef0 GetForegroundWindow
0x738ef4 GetFocus
0x738ef8 GetDlgItem
0x738efc GetDlgCtrlID
0x738f00 GetDesktopWindow
0x738f04 GetDCEx
0x738f08 GetDC
0x738f0c GetCursorPos
0x738f10 GetCursor
0x738f14 GetClipboardData
0x738f18 GetClientRect
0x738f1c GetClassNameW
0x738f20 GetClassInfoExW
0x738f24 GetClassInfoW
0x738f28 GetCapture
0x738f2c GetActiveWindow
0x738f30 FrameRect
0x738f34 FindWindowExW
0x738f38 FindWindowW
0x738f3c FillRect
0x738f40 EnumWindows
0x738f44 EnumThreadWindows
0x738f48 EnumClipboardFormats
0x738f4c EnumChildWindows
0x738f50 EndPaint
0x738f54 EndMenu
0x738f58 EnableWindow
0x738f5c EnableScrollBar
0x738f60 EnableMenuItem
0x738f64 EmptyClipboard
0x738f68 DrawTextExW
0x738f6c DrawTextW
0x738f70 DrawMenuBar
0x738f74 DrawIconEx
0x738f78 DrawIcon
0x738f7c DrawFrameControl
0x738f80 DrawFocusRect
0x738f84 DrawEdge
0x738f88 DispatchMessageA
0x738f8c DispatchMessageW
0x738f90 DestroyWindow
0x738f94 DestroyMenu
0x738f98 DestroyIcon
0x738f9c DestroyCursor
0x738fa0 DeleteMenu
0x738fa4 DefWindowProcW
0x738fa8 DefMDIChildProcW
0x738fac DefFrameProcW
0x738fb0 CreatePopupMenu
0x738fb4 CreateMenu
0x738fb8 CreateIcon
0x738fbc CreateCaret
0x738fc0 CreateAcceleratorTableW
0x738fc4 CountClipboardFormats
0x738fc8 CopyImage
0x738fcc CopyIcon
0x738fd0 CloseClipboard
0x738fd4 ClientToScreen
0x738fd8 CheckMenuItem
0x738fdc CharUpperBuffW
0x738fe0 CharUpperW
0x738fe4 CharNextW
0x738fe8 CharLowerBuffW
0x738fec CharLowerW
0x738ff0 CallWindowProcW
0x738ff4 CallNextHookEx
0x738ff8 BeginPaint
0x738ffc CharLowerBuffA
0x739000 CharUpperBuffA
0x739004 AdjustWindowRectEx
0x739008 ActivateKeyboardLayout
gdi32.dll
0x739010 UnrealizeObject
0x739014 StretchDIBits
0x739018 StretchBlt
0x73901c StartPage
0x739020 StartDocW
0x739024 SetWindowOrgEx
0x739028 SetWinMetaFileBits
0x73902c SetViewportOrgEx
0x739030 SetTextColor
0x739034 SetStretchBltMode
0x739038 SetROP2
0x73903c SetPixel
0x739040 SetMapMode
0x739044 SetEnhMetaFileBits
0x739048 SetDIBits
0x73904c SetDIBColorTable
0x739050 SetBrushOrgEx
0x739054 SetBkMode
0x739058 SetBkColor
0x73905c SetAbortProc
0x739060 SelectPalette
0x739064 SelectObject
0x739068 SelectClipRgn
0x73906c SaveDC
0x739070 RoundRect
0x739074 RestoreDC
0x739078 ResizePalette
0x73907c Rectangle
0x739080 RectVisible
0x739084 RealizePalette
0x739088 Polyline
0x73908c Polygon
0x739090 PolyBezierTo
0x739094 PolyBezier
0x739098 PlayEnhMetaFile
0x73909c Pie
0x7390a0 PatBlt
0x7390a4 MoveToEx
0x7390a8 MaskBlt
0x7390ac LineTo
0x7390b0 IntersectClipRect
0x7390b4 GetWindowOrgEx
0x7390b8 GetWinMetaFileBits
0x7390bc GetViewportOrgEx
0x7390c0 GetTextMetricsW
0x7390c4 GetTextExtentPointW
0x7390c8 GetTextExtentPoint32W
0x7390cc GetTextColor
0x7390d0 GetSystemPaletteEntries
0x7390d4 GetStockObject
0x7390d8 GetRgnBox
0x7390dc GetPixel
0x7390e0 GetPaletteEntries
0x7390e4 GetObjectW
0x7390e8 GetNearestPaletteIndex
0x7390ec GetMapMode
0x7390f0 GetEnhMetaFilePaletteEntries
0x7390f4 GetEnhMetaFileHeader
0x7390f8 GetEnhMetaFileDescriptionW
0x7390fc GetEnhMetaFileBits
0x739100 GetDeviceCaps
0x739104 GetDIBits
0x739108 GetDIBColorTable
0x73910c GetCurrentPositionEx
0x739110 GetCurrentObject
0x739114 GetClipRgn
0x739118 GetClipBox
0x73911c GetBrushOrgEx
0x739120 GetBkMode
0x739124 GetBitmapBits
0x739128 GdiFlush
0x73912c FrameRgn
0x739130 ExtTextOutW
0x739134 ExtFloodFill
0x739138 ExtCreateRegion
0x73913c ExcludeClipRect
0x739140 EnumFontsW
0x739144 EnumFontFamiliesExW
0x739148 EndPage
0x73914c EndDoc
0x739150 Ellipse
0x739154 DeleteObject
0x739158 DeleteEnhMetaFile
0x73915c DeleteDC
0x739160 CreateSolidBrush
0x739164 CreateRoundRectRgn
0x739168 CreateRectRgnIndirect
0x73916c CreateRectRgn
0x739170 CreatePenIndirect
0x739174 CreatePalette
0x739178 CreateICW
0x73917c CreateHalftonePalette
0x739180 CreateFontIndirectW
0x739184 CreateDIBitmap
0x739188 CreateDIBSection
0x73918c CreateDCW
0x739190 CreateCompatibleDC
0x739194 CreateCompatibleBitmap
0x739198 CreateBrushIndirect
0x73919c CreateBitmap
0x7391a0 CopyEnhMetaFileW
0x7391a4 CombineRgn
0x7391a8 Chord
0x7391ac BitBlt
0x7391b0 ArcTo
0x7391b4 Arc
0x7391b8 AngleArc
0x7391bc AbortDoc
version.dll
0x7391c4 VerQueryValueW
0x7391c8 GetFileVersionInfoSizeW
0x7391cc GetFileVersionInfoW
kernel32.dll
0x7391d4 lstrlenA
0x7391d8 lstrlenW
0x7391dc WriteFile
0x7391e0 WideCharToMultiByte
0x7391e4 WaitForSingleObjectEx
0x7391e8 WaitForSingleObject
0x7391ec WaitForMultipleObjectsEx
0x7391f0 VirtualQueryEx
0x7391f4 VirtualQuery
0x7391f8 VirtualProtect
0x7391fc VirtualFree
0x739200 VirtualAlloc
0x739204 UnmapViewOfFile
0x739208 TryEnterCriticalSection
0x73920c SwitchToThread
0x739210 SuspendThread
0x739214 Sleep
0x739218 SizeofResource
0x73921c SignalObjectAndWait
0x739220 SetThreadPriority
0x739224 SetThreadLocale
0x739228 SetLastError
0x73922c SetFileTime
0x739230 SetFilePointer
0x739234 SetFileAttributesW
0x739238 SetEvent
0x73923c SetErrorMode
0x739240 SetEndOfFile
0x739244 ResumeThread
0x739248 ResetEvent
0x73924c RemoveDirectoryW
0x739250 ReleaseMutex
0x739254 ReadFile
0x739258 RaiseException
0x73925c QueryDosDeviceW
0x739260 IsDebuggerPresent
0x739264 OpenMutexW
0x739268 OpenFileMappingW
0x73926c MulDiv
0x739270 MapViewOfFile
0x739274 LockResource
0x739278 LocalFree
0x73927c LocalFileTimeToFileTime
0x739280 LoadResource
0x739284 LoadLibraryW
0x739288 LeaveCriticalSection
0x73928c IsValidLocale
0x739290 InitializeCriticalSection
0x739294 HeapSize
0x739298 HeapFree
0x73929c HeapDestroy
0x7392a0 HeapCreate
0x7392a4 HeapAlloc
0x7392a8 GlobalUnlock
0x7392ac GlobalSize
0x7392b0 GlobalLock
0x7392b4 GlobalFree
0x7392b8 GlobalFindAtomW
0x7392bc GlobalDeleteAtom
0x7392c0 GlobalAlloc
0x7392c4 GlobalAddAtomW
0x7392c8 GetVolumeInformationW
0x7392cc GetVersionExW
0x7392d0 GetVersion
0x7392d4 GetTimeZoneInformation
0x7392d8 GetTickCount
0x7392dc GetThreadPriority
0x7392e0 GetThreadLocale
0x7392e4 GetSystemInfo
0x7392e8 GetSystemTimes
0x7392ec GetStringTypeExA
0x7392f0 GetStringTypeExW
0x7392f4 GetStdHandle
0x7392f8 GetShortPathNameW
0x7392fc GetProcAddress
0x739300 GetModuleHandleW
0x739304 GetModuleFileNameW
0x739308 GetLogicalDriveStringsW
0x73930c GetLocaleInfoW
0x739310 GetLocalTime
0x739314 GetLastError
0x739318 GetFullPathNameW
0x73931c GetFileSize
0x739320 GetFileAttributesW
0x739324 GetExitCodeThread
0x739328 GetDriveTypeW
0x73932c GetDiskFreeSpaceW
0x739330 GetDateFormatW
0x739334 GetCurrentThreadId
0x739338 GetCurrentThread
0x73933c GetCurrentProcessId
0x739340 GetCurrentProcess
0x739344 GetCPInfoExW
0x739348 GetCPInfo
0x73934c GetACP
0x739350 FreeResource
0x739354 InterlockedIncrement
0x739358 InterlockedExchange
0x73935c InterlockedDecrement
0x739360 InterlockedCompareExchange
0x739364 FreeLibrary
0x739368 FormatMessageW
0x73936c FindResourceW
0x739370 FindNextFileW
0x739374 FindFirstFileA
0x739378 FindFirstFileW
0x73937c FindClose
0x739380 FileTimeToLocalFileTime
0x739384 EnumSystemLocalesW
0x739388 EnumResourceNamesW
0x73938c EnumCalendarInfoW
0x739390 EnterCriticalSection
0x739394 DosDateTimeToFileTime
0x739398 DeleteFileW
0x73939c DeleteCriticalSection
0x7393a0 CreateThread
0x7393a4 CreateFileMappingW
0x7393a8 CreateFileA
0x7393ac CreateFileW
0x7393b0 CreateEventW
0x7393b4 CreateDirectoryW
0x7393b8 CopyFileW
0x7393bc CompareStringA
0x7393c0 CompareStringW
0x7393c4 CloseHandle
advapi32.dll
0x7393cc RegUnLoadKeyW
0x7393d0 RegSetValueExW
0x7393d4 RegSaveKeyW
0x7393d8 RegRestoreKeyW
0x7393dc RegReplaceKeyW
0x7393e0 RegQueryValueExA
0x7393e4 RegQueryValueExW
0x7393e8 RegQueryInfoKeyW
0x7393ec RegOpenKeyExA
0x7393f0 RegOpenKeyExW
0x7393f4 RegLoadKeyW
0x7393f8 RegFlushKey
0x7393fc RegEnumValueW
0x739400 RegEnumKeyExW
0x739404 RegDeleteValueW
0x739408 RegDeleteKeyW
0x73940c RegCreateKeyExW
0x739410 RegConnectRegistryW
0x739414 RegCloseKey
kernel32.dll
0x73941c Sleep
oleaut32.dll
0x739424 SafeArrayPtrOfIndex
0x739428 SafeArrayPutElement
0x73942c SafeArrayGetElement
0x739430 SafeArrayUnaccessData
0x739434 SafeArrayAccessData
0x739438 SafeArrayGetUBound
0x73943c SafeArrayGetLBound
0x739440 SafeArrayCreate
0x739444 VariantChangeType
0x739448 VariantCopyInd
0x73944c VariantCopy
0x739450 VariantClear
0x739454 VariantInit
oleaut32.dll
0x73945c GetErrorInfo
0x739460 SysFreeString
0x739464 SysAllocString
ole32.dll
0x73946c OleUninitialize
0x739470 OleInitialize
0x739474 CoTaskMemFree
0x739478 CoTaskMemAlloc
0x73947c StringFromCLSID
0x739480 CoCreateInstance
0x739484 CoUninitialize
0x739488 CoInitialize
0x73948c IsEqualGUID
comctl32.dll
0x739494 InitializeFlatSB
0x739498 FlatSB_SetScrollProp
0x73949c FlatSB_SetScrollPos
0x7394a0 FlatSB_SetScrollInfo
0x7394a4 FlatSB_GetScrollPos
0x7394a8 FlatSB_GetScrollInfo
0x7394ac _TrackMouseEvent
0x7394b0 ImageList_GetImageInfo
0x7394b4 ImageList_SetIconSize
0x7394b8 ImageList_GetIconSize
0x7394bc ImageList_Write
0x7394c0 ImageList_Read
0x7394c4 ImageList_GetDragImage
0x7394c8 ImageList_DragShowNolock
0x7394cc ImageList_DragMove
0x7394d0 ImageList_DragLeave
0x7394d4 ImageList_DragEnter
0x7394d8 ImageList_EndDrag
0x7394dc ImageList_BeginDrag
0x7394e0 ImageList_Copy
0x7394e4 ImageList_LoadImageW
0x7394e8 ImageList_GetIcon
0x7394ec ImageList_Remove
0x7394f0 ImageList_DrawEx
0x7394f4 ImageList_Replace
0x7394f8 ImageList_Draw
0x7394fc ImageList_SetOverlayImage
0x739500 ImageList_GetBkColor
0x739504 ImageList_SetBkColor
0x739508 ImageList_ReplaceIcon
0x73950c ImageList_Add
0x739510 ImageList_SetImageCount
0x739514 ImageList_GetImageCount
0x739518 ImageList_Destroy
0x73951c ImageList_Create
0x739520 InitCommonControls
user32.dll
0x739528 EnumDisplayMonitors
0x73952c GetMonitorInfoW
0x739530 MonitorFromPoint
0x739534 MonitorFromRect
0x739538 MonitorFromWindow
msvcrt.dll
0x739540 memset
0x739544 memcpy
shell32.dll
0x73954c SHFileOperationW
0x739550 ShellExecuteW
0x739554 Shell_NotifyIconW
0x739558 DragQueryFileW
0x73955c DragFinish
0x739560 DragAcceptFiles
shell32.dll
0x739568 SHGetSpecialFolderLocation
0x73956c SHGetPathFromIDListW
0x739570 SHGetMalloc
0x739574 SHGetDesktopFolder
comdlg32.dll
0x73957c GetSaveFileNameW
0x739580 GetOpenFileNameW
winspool.drv
0x739588 OpenPrinterW
0x73958c EnumPrintersW
0x739590 DocumentPropertiesW
0x739594 ClosePrinter
winspool.drv
0x73959c GetDefaultPrinterW
kernel32.dll
0x7395a4 GetVersionExW
0x7395a8 CreateMutexW
EAT(Export Address Table) is none