ScreenShot
| Created | 2023.10.02 08:39 | Machine | s1_win7_x6401 |
| Filename | Wemhwwlidxivdd.scr | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 23 detected (AIDetectMalware, Malicious, score, unsafe, Attribute, HighConfidence, high confidence, GenKryptik, GOJR, Remcos, FileRepMalware, Misc, Wacatac, Detected, Generic@AI, RDML, TqEPbrWd9gWWQMbYQQ5cXQ, susgen, ModiLoader, confidence) | ||
| md5 | af833c8bae12203ce03858314816a871 | ||
| sha256 | 0951a4a0aa2cfa91d5477895e6302d68fcddd490691787e63261e7bf9982e5cd | ||
| ssdeep | 24576:RHGmldG2kHXUt8ka/P7hl932X1Cd7DjtneA:RHcte | ||
| imphash | 5c1642c1b0f0030a3f6d28c8df4788c7 | ||
| impfuzzy | 192:ot3MDbuuaxSUvK9kroHXEpu7CvBDF1QnPbOQv:E3maq9lW1wPbOQv | ||
Network IP location
Signature (7cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 23 AntiVirus engines on VirusTotal as malicious |
| watch | Disables proxy possibly for traffic interception |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x501830 SysFreeString
0x501834 SysReAllocStringLen
0x501838 SysAllocStringLen
advapi32.dll
0x501840 RegQueryValueExA
0x501844 RegOpenKeyExA
0x501848 RegCloseKey
user32.dll
0x501850 GetKeyboardType
0x501854 DestroyWindow
0x501858 LoadStringA
0x50185c MessageBoxA
0x501860 CharNextA
kernel32.dll
0x501868 GetACP
0x50186c Sleep
0x501870 VirtualFree
0x501874 VirtualAlloc
0x501878 GetTickCount
0x50187c QueryPerformanceCounter
0x501880 GetCurrentThreadId
0x501884 InterlockedDecrement
0x501888 InterlockedIncrement
0x50188c VirtualQuery
0x501890 WideCharToMultiByte
0x501894 MultiByteToWideChar
0x501898 lstrlenA
0x50189c lstrcpynA
0x5018a0 LoadLibraryExA
0x5018a4 GetThreadLocale
0x5018a8 GetStartupInfoA
0x5018ac GetProcAddress
0x5018b0 GetModuleHandleA
0x5018b4 GetModuleFileNameA
0x5018b8 GetLocaleInfoA
0x5018bc GetCommandLineA
0x5018c0 FreeLibrary
0x5018c4 FindFirstFileA
0x5018c8 FindClose
0x5018cc ExitProcess
0x5018d0 CompareStringA
0x5018d4 WriteFile
0x5018d8 UnhandledExceptionFilter
0x5018dc RtlUnwind
0x5018e0 RaiseException
0x5018e4 GetStdHandle
kernel32.dll
0x5018ec TlsSetValue
0x5018f0 TlsGetValue
0x5018f4 LocalAlloc
0x5018f8 GetModuleHandleA
user32.dll
0x501900 CreateWindowExA
0x501904 WindowFromPoint
0x501908 WaitMessage
0x50190c UpdateWindow
0x501910 UnregisterClassA
0x501914 UnhookWindowsHookEx
0x501918 TranslateMessage
0x50191c TranslateMDISysAccel
0x501920 TrackPopupMenu
0x501924 SystemParametersInfoA
0x501928 ShowWindow
0x50192c ShowScrollBar
0x501930 ShowOwnedPopups
0x501934 SetWindowsHookExA
0x501938 SetWindowTextA
0x50193c SetWindowPos
0x501940 SetWindowPlacement
0x501944 SetWindowLongW
0x501948 SetWindowLongA
0x50194c SetTimer
0x501950 SetScrollRange
0x501954 SetScrollPos
0x501958 SetScrollInfo
0x50195c SetRect
0x501960 SetPropA
0x501964 SetParent
0x501968 SetMenuItemInfoA
0x50196c SetMenu
0x501970 SetForegroundWindow
0x501974 SetFocus
0x501978 SetCursor
0x50197c SetClassLongA
0x501980 SetCapture
0x501984 SetActiveWindow
0x501988 SendMessageW
0x50198c SendMessageA
0x501990 ScrollWindow
0x501994 ScreenToClient
0x501998 RemovePropA
0x50199c RemoveMenu
0x5019a0 ReleaseDC
0x5019a4 ReleaseCapture
0x5019a8 RegisterWindowMessageA
0x5019ac RegisterClipboardFormatA
0x5019b0 RegisterClassA
0x5019b4 RedrawWindow
0x5019b8 PtInRect
0x5019bc PostQuitMessage
0x5019c0 PostMessageA
0x5019c4 PeekMessageW
0x5019c8 PeekMessageA
0x5019cc OffsetRect
0x5019d0 OemToCharA
0x5019d4 MessageBoxA
0x5019d8 MapWindowPoints
0x5019dc MapVirtualKeyA
0x5019e0 LoadStringA
0x5019e4 LoadKeyboardLayoutA
0x5019e8 LoadIconA
0x5019ec LoadCursorA
0x5019f0 LoadBitmapA
0x5019f4 KillTimer
0x5019f8 IsZoomed
0x5019fc IsWindowVisible
0x501a00 IsWindowUnicode
0x501a04 IsWindowEnabled
0x501a08 IsWindow
0x501a0c IsRectEmpty
0x501a10 IsMenu
0x501a14 IsIconic
0x501a18 IsDialogMessageW
0x501a1c IsDialogMessageA
0x501a20 IsChild
0x501a24 InvalidateRect
0x501a28 IntersectRect
0x501a2c InsertMenuItemA
0x501a30 InsertMenuA
0x501a34 InflateRect
0x501a38 GetWindowThreadProcessId
0x501a3c GetWindowTextA
0x501a40 GetWindowRect
0x501a44 GetWindowPlacement
0x501a48 GetWindowLongW
0x501a4c GetWindowLongA
0x501a50 GetWindowDC
0x501a54 GetTopWindow
0x501a58 GetSystemMetrics
0x501a5c GetSystemMenu
0x501a60 GetSysColorBrush
0x501a64 GetSysColor
0x501a68 GetSubMenu
0x501a6c GetScrollRange
0x501a70 GetScrollPos
0x501a74 GetScrollInfo
0x501a78 GetPropA
0x501a7c GetParent
0x501a80 GetWindow
0x501a84 GetMessageTime
0x501a88 GetMessagePos
0x501a8c GetMenuStringA
0x501a90 GetMenuState
0x501a94 GetMenuItemInfoA
0x501a98 GetMenuItemID
0x501a9c GetMenuItemCount
0x501aa0 GetMenu
0x501aa4 GetLastActivePopup
0x501aa8 GetKeyboardState
0x501aac GetKeyboardLayoutNameA
0x501ab0 GetKeyboardLayoutList
0x501ab4 GetKeyboardLayout
0x501ab8 GetKeyState
0x501abc GetKeyNameTextA
0x501ac0 GetIconInfo
0x501ac4 GetForegroundWindow
0x501ac8 GetFocus
0x501acc GetDesktopWindow
0x501ad0 GetDCEx
0x501ad4 GetDC
0x501ad8 GetCursorPos
0x501adc GetCursor
0x501ae0 GetClipboardData
0x501ae4 GetClientRect
0x501ae8 GetClassLongA
0x501aec GetClassInfoA
0x501af0 GetCapture
0x501af4 GetActiveWindow
0x501af8 FrameRect
0x501afc FindWindowA
0x501b00 FillRect
0x501b04 EqualRect
0x501b08 EnumWindows
0x501b0c EnumThreadWindows
0x501b10 EnumChildWindows
0x501b14 EndPaint
0x501b18 EnableWindow
0x501b1c EnableScrollBar
0x501b20 EnableMenuItem
0x501b24 DrawTextA
0x501b28 DrawMenuBar
0x501b2c DrawIconEx
0x501b30 DrawIcon
0x501b34 DrawFrameControl
0x501b38 DrawEdge
0x501b3c DispatchMessageW
0x501b40 DispatchMessageA
0x501b44 DestroyWindow
0x501b48 DestroyMenu
0x501b4c DestroyIcon
0x501b50 DestroyCursor
0x501b54 DeleteMenu
0x501b58 DefWindowProcA
0x501b5c DefMDIChildProcA
0x501b60 DefFrameProcA
0x501b64 CreatePopupMenu
0x501b68 CreateMenu
0x501b6c CreateIcon
0x501b70 ClientToScreen
0x501b74 CheckMenuItem
0x501b78 CharNextW
0x501b7c CallWindowProcA
0x501b80 CallNextHookEx
0x501b84 BeginPaint
0x501b88 CharNextA
0x501b8c CharLowerBuffA
0x501b90 CharLowerA
0x501b94 CharUpperBuffA
0x501b98 CharToOemA
0x501b9c AdjustWindowRectEx
0x501ba0 ActivateKeyboardLayout
gdi32.dll
0x501ba8 UnrealizeObject
0x501bac StretchBlt
0x501bb0 SetWindowOrgEx
0x501bb4 SetWinMetaFileBits
0x501bb8 SetViewportOrgEx
0x501bbc SetTextColor
0x501bc0 SetStretchBltMode
0x501bc4 SetROP2
0x501bc8 SetPixel
0x501bcc SetMapMode
0x501bd0 SetEnhMetaFileBits
0x501bd4 SetDIBColorTable
0x501bd8 SetBrushOrgEx
0x501bdc SetBkMode
0x501be0 SetBkColor
0x501be4 SelectPalette
0x501be8 SelectObject
0x501bec SaveDC
0x501bf0 RestoreDC
0x501bf4 RectVisible
0x501bf8 RealizePalette
0x501bfc Polyline
0x501c00 PlayEnhMetaFile
0x501c04 PatBlt
0x501c08 MoveToEx
0x501c0c MaskBlt
0x501c10 LineTo
0x501c14 LPtoDP
0x501c18 IntersectClipRect
0x501c1c GetWindowOrgEx
0x501c20 GetWinMetaFileBits
0x501c24 GetTextMetricsA
0x501c28 GetTextExtentPoint32A
0x501c2c GetSystemPaletteEntries
0x501c30 GetStockObject
0x501c34 GetRgnBox
0x501c38 GetPixel
0x501c3c GetPaletteEntries
0x501c40 GetObjectA
0x501c44 GetEnhMetaFilePaletteEntries
0x501c48 GetEnhMetaFileHeader
0x501c4c GetEnhMetaFileDescriptionA
0x501c50 GetEnhMetaFileBits
0x501c54 GetDeviceCaps
0x501c58 GetDIBits
0x501c5c GetDIBColorTable
0x501c60 GetDCOrgEx
0x501c64 GetCurrentPositionEx
0x501c68 GetClipBox
0x501c6c GetBrushOrgEx
0x501c70 GetBitmapBits
0x501c74 ExcludeClipRect
0x501c78 DeleteObject
0x501c7c DeleteEnhMetaFile
0x501c80 DeleteDC
0x501c84 CreateSolidBrush
0x501c88 CreatePenIndirect
0x501c8c CreatePalette
0x501c90 CreateHalftonePalette
0x501c94 CreateFontIndirectA
0x501c98 CreateEnhMetaFileA
0x501c9c CreateDIBitmap
0x501ca0 CreateDIBSection
0x501ca4 CreateCompatibleDC
0x501ca8 CreateCompatibleBitmap
0x501cac CreateBrushIndirect
0x501cb0 CreateBitmap
0x501cb4 CopyEnhMetaFileA
0x501cb8 CloseEnhMetaFile
0x501cbc BitBlt
version.dll
0x501cc4 VerQueryValueA
0x501cc8 GetFileVersionInfoSizeA
0x501ccc GetFileVersionInfoA
kernel32.dll
0x501cd4 lstrcpyA
0x501cd8 WriteFile
0x501cdc WaitForSingleObject
0x501ce0 VirtualQuery
0x501ce4 VirtualProtect
0x501ce8 VirtualAlloc
0x501cec SizeofResource
0x501cf0 SetThreadLocale
0x501cf4 SetFilePointer
0x501cf8 SetEvent
0x501cfc SetErrorMode
0x501d00 SetEndOfFile
0x501d04 ResetEvent
0x501d08 ReadFile
0x501d0c MultiByteToWideChar
0x501d10 MulDiv
0x501d14 LockResource
0x501d18 LoadResource
0x501d1c LoadLibraryExA
0x501d20 LoadLibraryA
0x501d24 LeaveCriticalSection
0x501d28 InitializeCriticalSection
0x501d2c GlobalUnlock
0x501d30 GlobalSize
0x501d34 GlobalLock
0x501d38 GlobalFree
0x501d3c GlobalFindAtomA
0x501d40 GlobalDeleteAtom
0x501d44 GlobalAlloc
0x501d48 GlobalAddAtomA
0x501d4c GetVersionExA
0x501d50 GetVersion
0x501d54 GetUserDefaultLCID
0x501d58 GetTickCount
0x501d5c GetThreadLocale
0x501d60 GetStdHandle
0x501d64 GetProcAddress
0x501d68 GetModuleHandleW
0x501d6c GetModuleHandleA
0x501d70 GetModuleFileNameA
0x501d74 GetLocaleInfoA
0x501d78 GetLocalTime
0x501d7c GetLastError
0x501d80 GetFullPathNameA
0x501d84 GetDiskFreeSpaceA
0x501d88 GetDateFormatA
0x501d8c GetCurrentThreadId
0x501d90 GetCurrentProcessId
0x501d94 GetComputerNameA
0x501d98 GetCPInfo
0x501d9c FreeResource
0x501da0 InterlockedExchange
0x501da4 FreeLibrary
0x501da8 FormatMessageA
0x501dac FindResourceA
0x501db0 EnumCalendarInfoA
0x501db4 EnterCriticalSection
0x501db8 DeleteCriticalSection
0x501dbc CreateThread
0x501dc0 CreateFileA
0x501dc4 CreateEventA
0x501dc8 CompareStringA
0x501dcc CloseHandle
advapi32.dll
0x501dd4 RegQueryValueExA
0x501dd8 RegOpenKeyExA
0x501ddc RegFlushKey
0x501de0 RegCloseKey
oleaut32.dll
0x501de8 GetErrorInfo
0x501dec GetActiveObject
0x501df0 SysFreeString
ole32.dll
0x501df8 CreateStreamOnHGlobal
0x501dfc IsAccelerator
0x501e00 OleDraw
0x501e04 OleSetMenuDescriptor
0x501e08 CoTaskMemFree
0x501e0c ProgIDFromCLSID
0x501e10 StringFromCLSID
0x501e14 CoCreateInstance
0x501e18 CoGetClassObject
0x501e1c CoUninitialize
0x501e20 CoInitialize
0x501e24 IsEqualGUID
kernel32.dll
0x501e2c Sleep
oleaut32.dll
0x501e34 SafeArrayPtrOfIndex
0x501e38 SafeArrayPutElement
0x501e3c SafeArrayGetElement
0x501e40 SafeArrayUnaccessData
0x501e44 SafeArrayAccessData
0x501e48 SafeArrayGetUBound
0x501e4c SafeArrayGetLBound
0x501e50 SafeArrayCreate
0x501e54 VariantChangeType
0x501e58 VariantCopyInd
0x501e5c VariantCopy
0x501e60 VariantClear
0x501e64 VariantInit
comctl32.dll
0x501e6c _TrackMouseEvent
0x501e70 ImageList_SetIconSize
0x501e74 ImageList_GetIconSize
0x501e78 ImageList_Write
0x501e7c ImageList_Read
0x501e80 ImageList_DragShowNolock
0x501e84 ImageList_DragMove
0x501e88 ImageList_DragLeave
0x501e8c ImageList_DragEnter
0x501e90 ImageList_EndDrag
0x501e94 ImageList_BeginDrag
0x501e98 ImageList_Remove
0x501e9c ImageList_DrawEx
0x501ea0 ImageList_Draw
0x501ea4 ImageList_GetBkColor
0x501ea8 ImageList_SetBkColor
0x501eac ImageList_Add
0x501eb0 ImageList_GetImageCount
0x501eb4 ImageList_Destroy
0x501eb8 ImageList_Create
ntdll
0x501ec0 ZwWriteVirtualMemory
ntdll
0x501ec8 NtQueryInformationFile
0x501ecc NtOpenFile
0x501ed0 NtClose
0x501ed4 NtReadFile
ntdll
0x501edc RtlDosPathNameToNtPathName_U
EAT(Export Address Table) is none
oleaut32.dll
0x501830 SysFreeString
0x501834 SysReAllocStringLen
0x501838 SysAllocStringLen
advapi32.dll
0x501840 RegQueryValueExA
0x501844 RegOpenKeyExA
0x501848 RegCloseKey
user32.dll
0x501850 GetKeyboardType
0x501854 DestroyWindow
0x501858 LoadStringA
0x50185c MessageBoxA
0x501860 CharNextA
kernel32.dll
0x501868 GetACP
0x50186c Sleep
0x501870 VirtualFree
0x501874 VirtualAlloc
0x501878 GetTickCount
0x50187c QueryPerformanceCounter
0x501880 GetCurrentThreadId
0x501884 InterlockedDecrement
0x501888 InterlockedIncrement
0x50188c VirtualQuery
0x501890 WideCharToMultiByte
0x501894 MultiByteToWideChar
0x501898 lstrlenA
0x50189c lstrcpynA
0x5018a0 LoadLibraryExA
0x5018a4 GetThreadLocale
0x5018a8 GetStartupInfoA
0x5018ac GetProcAddress
0x5018b0 GetModuleHandleA
0x5018b4 GetModuleFileNameA
0x5018b8 GetLocaleInfoA
0x5018bc GetCommandLineA
0x5018c0 FreeLibrary
0x5018c4 FindFirstFileA
0x5018c8 FindClose
0x5018cc ExitProcess
0x5018d0 CompareStringA
0x5018d4 WriteFile
0x5018d8 UnhandledExceptionFilter
0x5018dc RtlUnwind
0x5018e0 RaiseException
0x5018e4 GetStdHandle
kernel32.dll
0x5018ec TlsSetValue
0x5018f0 TlsGetValue
0x5018f4 LocalAlloc
0x5018f8 GetModuleHandleA
user32.dll
0x501900 CreateWindowExA
0x501904 WindowFromPoint
0x501908 WaitMessage
0x50190c UpdateWindow
0x501910 UnregisterClassA
0x501914 UnhookWindowsHookEx
0x501918 TranslateMessage
0x50191c TranslateMDISysAccel
0x501920 TrackPopupMenu
0x501924 SystemParametersInfoA
0x501928 ShowWindow
0x50192c ShowScrollBar
0x501930 ShowOwnedPopups
0x501934 SetWindowsHookExA
0x501938 SetWindowTextA
0x50193c SetWindowPos
0x501940 SetWindowPlacement
0x501944 SetWindowLongW
0x501948 SetWindowLongA
0x50194c SetTimer
0x501950 SetScrollRange
0x501954 SetScrollPos
0x501958 SetScrollInfo
0x50195c SetRect
0x501960 SetPropA
0x501964 SetParent
0x501968 SetMenuItemInfoA
0x50196c SetMenu
0x501970 SetForegroundWindow
0x501974 SetFocus
0x501978 SetCursor
0x50197c SetClassLongA
0x501980 SetCapture
0x501984 SetActiveWindow
0x501988 SendMessageW
0x50198c SendMessageA
0x501990 ScrollWindow
0x501994 ScreenToClient
0x501998 RemovePropA
0x50199c RemoveMenu
0x5019a0 ReleaseDC
0x5019a4 ReleaseCapture
0x5019a8 RegisterWindowMessageA
0x5019ac RegisterClipboardFormatA
0x5019b0 RegisterClassA
0x5019b4 RedrawWindow
0x5019b8 PtInRect
0x5019bc PostQuitMessage
0x5019c0 PostMessageA
0x5019c4 PeekMessageW
0x5019c8 PeekMessageA
0x5019cc OffsetRect
0x5019d0 OemToCharA
0x5019d4 MessageBoxA
0x5019d8 MapWindowPoints
0x5019dc MapVirtualKeyA
0x5019e0 LoadStringA
0x5019e4 LoadKeyboardLayoutA
0x5019e8 LoadIconA
0x5019ec LoadCursorA
0x5019f0 LoadBitmapA
0x5019f4 KillTimer
0x5019f8 IsZoomed
0x5019fc IsWindowVisible
0x501a00 IsWindowUnicode
0x501a04 IsWindowEnabled
0x501a08 IsWindow
0x501a0c IsRectEmpty
0x501a10 IsMenu
0x501a14 IsIconic
0x501a18 IsDialogMessageW
0x501a1c IsDialogMessageA
0x501a20 IsChild
0x501a24 InvalidateRect
0x501a28 IntersectRect
0x501a2c InsertMenuItemA
0x501a30 InsertMenuA
0x501a34 InflateRect
0x501a38 GetWindowThreadProcessId
0x501a3c GetWindowTextA
0x501a40 GetWindowRect
0x501a44 GetWindowPlacement
0x501a48 GetWindowLongW
0x501a4c GetWindowLongA
0x501a50 GetWindowDC
0x501a54 GetTopWindow
0x501a58 GetSystemMetrics
0x501a5c GetSystemMenu
0x501a60 GetSysColorBrush
0x501a64 GetSysColor
0x501a68 GetSubMenu
0x501a6c GetScrollRange
0x501a70 GetScrollPos
0x501a74 GetScrollInfo
0x501a78 GetPropA
0x501a7c GetParent
0x501a80 GetWindow
0x501a84 GetMessageTime
0x501a88 GetMessagePos
0x501a8c GetMenuStringA
0x501a90 GetMenuState
0x501a94 GetMenuItemInfoA
0x501a98 GetMenuItemID
0x501a9c GetMenuItemCount
0x501aa0 GetMenu
0x501aa4 GetLastActivePopup
0x501aa8 GetKeyboardState
0x501aac GetKeyboardLayoutNameA
0x501ab0 GetKeyboardLayoutList
0x501ab4 GetKeyboardLayout
0x501ab8 GetKeyState
0x501abc GetKeyNameTextA
0x501ac0 GetIconInfo
0x501ac4 GetForegroundWindow
0x501ac8 GetFocus
0x501acc GetDesktopWindow
0x501ad0 GetDCEx
0x501ad4 GetDC
0x501ad8 GetCursorPos
0x501adc GetCursor
0x501ae0 GetClipboardData
0x501ae4 GetClientRect
0x501ae8 GetClassLongA
0x501aec GetClassInfoA
0x501af0 GetCapture
0x501af4 GetActiveWindow
0x501af8 FrameRect
0x501afc FindWindowA
0x501b00 FillRect
0x501b04 EqualRect
0x501b08 EnumWindows
0x501b0c EnumThreadWindows
0x501b10 EnumChildWindows
0x501b14 EndPaint
0x501b18 EnableWindow
0x501b1c EnableScrollBar
0x501b20 EnableMenuItem
0x501b24 DrawTextA
0x501b28 DrawMenuBar
0x501b2c DrawIconEx
0x501b30 DrawIcon
0x501b34 DrawFrameControl
0x501b38 DrawEdge
0x501b3c DispatchMessageW
0x501b40 DispatchMessageA
0x501b44 DestroyWindow
0x501b48 DestroyMenu
0x501b4c DestroyIcon
0x501b50 DestroyCursor
0x501b54 DeleteMenu
0x501b58 DefWindowProcA
0x501b5c DefMDIChildProcA
0x501b60 DefFrameProcA
0x501b64 CreatePopupMenu
0x501b68 CreateMenu
0x501b6c CreateIcon
0x501b70 ClientToScreen
0x501b74 CheckMenuItem
0x501b78 CharNextW
0x501b7c CallWindowProcA
0x501b80 CallNextHookEx
0x501b84 BeginPaint
0x501b88 CharNextA
0x501b8c CharLowerBuffA
0x501b90 CharLowerA
0x501b94 CharUpperBuffA
0x501b98 CharToOemA
0x501b9c AdjustWindowRectEx
0x501ba0 ActivateKeyboardLayout
gdi32.dll
0x501ba8 UnrealizeObject
0x501bac StretchBlt
0x501bb0 SetWindowOrgEx
0x501bb4 SetWinMetaFileBits
0x501bb8 SetViewportOrgEx
0x501bbc SetTextColor
0x501bc0 SetStretchBltMode
0x501bc4 SetROP2
0x501bc8 SetPixel
0x501bcc SetMapMode
0x501bd0 SetEnhMetaFileBits
0x501bd4 SetDIBColorTable
0x501bd8 SetBrushOrgEx
0x501bdc SetBkMode
0x501be0 SetBkColor
0x501be4 SelectPalette
0x501be8 SelectObject
0x501bec SaveDC
0x501bf0 RestoreDC
0x501bf4 RectVisible
0x501bf8 RealizePalette
0x501bfc Polyline
0x501c00 PlayEnhMetaFile
0x501c04 PatBlt
0x501c08 MoveToEx
0x501c0c MaskBlt
0x501c10 LineTo
0x501c14 LPtoDP
0x501c18 IntersectClipRect
0x501c1c GetWindowOrgEx
0x501c20 GetWinMetaFileBits
0x501c24 GetTextMetricsA
0x501c28 GetTextExtentPoint32A
0x501c2c GetSystemPaletteEntries
0x501c30 GetStockObject
0x501c34 GetRgnBox
0x501c38 GetPixel
0x501c3c GetPaletteEntries
0x501c40 GetObjectA
0x501c44 GetEnhMetaFilePaletteEntries
0x501c48 GetEnhMetaFileHeader
0x501c4c GetEnhMetaFileDescriptionA
0x501c50 GetEnhMetaFileBits
0x501c54 GetDeviceCaps
0x501c58 GetDIBits
0x501c5c GetDIBColorTable
0x501c60 GetDCOrgEx
0x501c64 GetCurrentPositionEx
0x501c68 GetClipBox
0x501c6c GetBrushOrgEx
0x501c70 GetBitmapBits
0x501c74 ExcludeClipRect
0x501c78 DeleteObject
0x501c7c DeleteEnhMetaFile
0x501c80 DeleteDC
0x501c84 CreateSolidBrush
0x501c88 CreatePenIndirect
0x501c8c CreatePalette
0x501c90 CreateHalftonePalette
0x501c94 CreateFontIndirectA
0x501c98 CreateEnhMetaFileA
0x501c9c CreateDIBitmap
0x501ca0 CreateDIBSection
0x501ca4 CreateCompatibleDC
0x501ca8 CreateCompatibleBitmap
0x501cac CreateBrushIndirect
0x501cb0 CreateBitmap
0x501cb4 CopyEnhMetaFileA
0x501cb8 CloseEnhMetaFile
0x501cbc BitBlt
version.dll
0x501cc4 VerQueryValueA
0x501cc8 GetFileVersionInfoSizeA
0x501ccc GetFileVersionInfoA
kernel32.dll
0x501cd4 lstrcpyA
0x501cd8 WriteFile
0x501cdc WaitForSingleObject
0x501ce0 VirtualQuery
0x501ce4 VirtualProtect
0x501ce8 VirtualAlloc
0x501cec SizeofResource
0x501cf0 SetThreadLocale
0x501cf4 SetFilePointer
0x501cf8 SetEvent
0x501cfc SetErrorMode
0x501d00 SetEndOfFile
0x501d04 ResetEvent
0x501d08 ReadFile
0x501d0c MultiByteToWideChar
0x501d10 MulDiv
0x501d14 LockResource
0x501d18 LoadResource
0x501d1c LoadLibraryExA
0x501d20 LoadLibraryA
0x501d24 LeaveCriticalSection
0x501d28 InitializeCriticalSection
0x501d2c GlobalUnlock
0x501d30 GlobalSize
0x501d34 GlobalLock
0x501d38 GlobalFree
0x501d3c GlobalFindAtomA
0x501d40 GlobalDeleteAtom
0x501d44 GlobalAlloc
0x501d48 GlobalAddAtomA
0x501d4c GetVersionExA
0x501d50 GetVersion
0x501d54 GetUserDefaultLCID
0x501d58 GetTickCount
0x501d5c GetThreadLocale
0x501d60 GetStdHandle
0x501d64 GetProcAddress
0x501d68 GetModuleHandleW
0x501d6c GetModuleHandleA
0x501d70 GetModuleFileNameA
0x501d74 GetLocaleInfoA
0x501d78 GetLocalTime
0x501d7c GetLastError
0x501d80 GetFullPathNameA
0x501d84 GetDiskFreeSpaceA
0x501d88 GetDateFormatA
0x501d8c GetCurrentThreadId
0x501d90 GetCurrentProcessId
0x501d94 GetComputerNameA
0x501d98 GetCPInfo
0x501d9c FreeResource
0x501da0 InterlockedExchange
0x501da4 FreeLibrary
0x501da8 FormatMessageA
0x501dac FindResourceA
0x501db0 EnumCalendarInfoA
0x501db4 EnterCriticalSection
0x501db8 DeleteCriticalSection
0x501dbc CreateThread
0x501dc0 CreateFileA
0x501dc4 CreateEventA
0x501dc8 CompareStringA
0x501dcc CloseHandle
advapi32.dll
0x501dd4 RegQueryValueExA
0x501dd8 RegOpenKeyExA
0x501ddc RegFlushKey
0x501de0 RegCloseKey
oleaut32.dll
0x501de8 GetErrorInfo
0x501dec GetActiveObject
0x501df0 SysFreeString
ole32.dll
0x501df8 CreateStreamOnHGlobal
0x501dfc IsAccelerator
0x501e00 OleDraw
0x501e04 OleSetMenuDescriptor
0x501e08 CoTaskMemFree
0x501e0c ProgIDFromCLSID
0x501e10 StringFromCLSID
0x501e14 CoCreateInstance
0x501e18 CoGetClassObject
0x501e1c CoUninitialize
0x501e20 CoInitialize
0x501e24 IsEqualGUID
kernel32.dll
0x501e2c Sleep
oleaut32.dll
0x501e34 SafeArrayPtrOfIndex
0x501e38 SafeArrayPutElement
0x501e3c SafeArrayGetElement
0x501e40 SafeArrayUnaccessData
0x501e44 SafeArrayAccessData
0x501e48 SafeArrayGetUBound
0x501e4c SafeArrayGetLBound
0x501e50 SafeArrayCreate
0x501e54 VariantChangeType
0x501e58 VariantCopyInd
0x501e5c VariantCopy
0x501e60 VariantClear
0x501e64 VariantInit
comctl32.dll
0x501e6c _TrackMouseEvent
0x501e70 ImageList_SetIconSize
0x501e74 ImageList_GetIconSize
0x501e78 ImageList_Write
0x501e7c ImageList_Read
0x501e80 ImageList_DragShowNolock
0x501e84 ImageList_DragMove
0x501e88 ImageList_DragLeave
0x501e8c ImageList_DragEnter
0x501e90 ImageList_EndDrag
0x501e94 ImageList_BeginDrag
0x501e98 ImageList_Remove
0x501e9c ImageList_DrawEx
0x501ea0 ImageList_Draw
0x501ea4 ImageList_GetBkColor
0x501ea8 ImageList_SetBkColor
0x501eac ImageList_Add
0x501eb0 ImageList_GetImageCount
0x501eb4 ImageList_Destroy
0x501eb8 ImageList_Create
ntdll
0x501ec0 ZwWriteVirtualMemory
ntdll
0x501ec8 NtQueryInformationFile
0x501ecc NtOpenFile
0x501ed0 NtClose
0x501ed4 NtReadFile
ntdll
0x501edc RtlDosPathNameToNtPathName_U
EAT(Export Address Table) is none