ScreenShot
| Created | 2023.10.02 09:19 | Machine | s1_win7_x6403 |
| Filename | Msvsrlgkmzkynw.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 24c8ce3fb8ef860ffbc2d6bb270e06f6 | ||
| sha256 | 8cde60f804a160f6fdaf788a4ba9a885cf178cebe4829eafbcd3fa1fb5a78185 | ||
| ssdeep | 12288:qE8C9kdWdEPv8zuVEdh9a6OLqvabdpmBkt1VEmA00P85Be2fgmv1qsM8HcZG3g55:qEPudPPOuVsaoAjlD0P83H5M8OG3 | ||
| imphash | fc431a28c58a1565c388a05232b2eadb | ||
| impfuzzy | 192:330Jd1QDmpbuuSrSUvK9RjooqEse7CPbOQv2:33c1DSA9uvPbOQe | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Attempts to create or modify system certificates |
| watch | Disables proxy possibly for traffic interception |
| watch | Manipulates memory of a non-child process indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Performs some HTTP requests |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (5cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
kernel32.dll
0x500154 DeleteCriticalSection
0x500158 LeaveCriticalSection
0x50015c EnterCriticalSection
0x500160 InitializeCriticalSection
0x500164 VirtualFree
0x500168 VirtualAlloc
0x50016c LocalFree
0x500170 LocalAlloc
0x500174 GetTickCount
0x500178 QueryPerformanceCounter
0x50017c GetVersion
0x500180 GetCurrentThreadId
0x500184 InterlockedDecrement
0x500188 InterlockedIncrement
0x50018c VirtualQuery
0x500190 WideCharToMultiByte
0x500194 MultiByteToWideChar
0x500198 lstrlenA
0x50019c lstrcpynA
0x5001a0 LoadLibraryExA
0x5001a4 GetThreadLocale
0x5001a8 GetStartupInfoA
0x5001ac GetProcAddress
0x5001b0 GetModuleHandleA
0x5001b4 GetModuleFileNameA
0x5001b8 GetLocaleInfoA
0x5001bc GetCommandLineA
0x5001c0 FreeLibrary
0x5001c4 FindFirstFileA
0x5001c8 FindClose
0x5001cc ExitProcess
0x5001d0 WriteFile
0x5001d4 UnhandledExceptionFilter
0x5001d8 RtlUnwind
0x5001dc RaiseException
0x5001e0 GetStdHandle
user32.dll
0x5001e8 GetKeyboardType
0x5001ec LoadStringA
0x5001f0 MessageBoxA
0x5001f4 CharNextA
advapi32.dll
0x5001fc RegQueryValueExA
0x500200 RegOpenKeyExA
0x500204 RegCloseKey
oleaut32.dll
0x50020c SysFreeString
0x500210 SysReAllocStringLen
0x500214 SysAllocStringLen
kernel32.dll
0x50021c TlsSetValue
0x500220 TlsGetValue
0x500224 LocalAlloc
0x500228 GetModuleHandleA
advapi32.dll
0x500230 RegQueryValueExA
0x500234 RegOpenKeyExA
0x500238 RegCloseKey
kernel32.dll
0x500240 lstrcpyA
0x500244 WriteFile
0x500248 WaitForSingleObject
0x50024c VirtualQuery
0x500250 VirtualAlloc
0x500254 Sleep
0x500258 SizeofResource
0x50025c SetThreadLocale
0x500260 SetFilePointer
0x500264 SetEvent
0x500268 SetErrorMode
0x50026c SetEndOfFile
0x500270 ResetEvent
0x500274 ReadFile
0x500278 MultiByteToWideChar
0x50027c MulDiv
0x500280 LockResource
0x500284 LoadResource
0x500288 LoadLibraryExA
0x50028c LoadLibraryA
0x500290 LeaveCriticalSection
0x500294 InitializeCriticalSection
0x500298 GlobalUnlock
0x50029c GlobalReAlloc
0x5002a0 GlobalHandle
0x5002a4 GlobalLock
0x5002a8 GlobalFree
0x5002ac GlobalFindAtomA
0x5002b0 GlobalDeleteAtom
0x5002b4 GlobalAlloc
0x5002b8 GlobalAddAtomA
0x5002bc GetVersionExA
0x5002c0 GetVersion
0x5002c4 GetTickCount
0x5002c8 GetThreadLocale
0x5002cc GetSystemInfo
0x5002d0 GetStringTypeExA
0x5002d4 GetStdHandle
0x5002d8 GetProcAddress
0x5002dc GetModuleHandleW
0x5002e0 GetModuleHandleA
0x5002e4 GetModuleFileNameA
0x5002e8 GetLocaleInfoA
0x5002ec GetLocalTime
0x5002f0 GetLastError
0x5002f4 GetFullPathNameA
0x5002f8 GetDiskFreeSpaceA
0x5002fc GetDateFormatA
0x500300 GetCurrentThreadId
0x500304 GetCurrentProcessId
0x500308 GetCurrentProcess
0x50030c GetComputerNameA
0x500310 GetCPInfo
0x500314 GetACP
0x500318 FreeResource
0x50031c InterlockedExchange
0x500320 FreeLibrary
0x500324 FormatMessageA
0x500328 FindResourceA
0x50032c EnumCalendarInfoA
0x500330 EnterCriticalSection
0x500334 DeleteCriticalSection
0x500338 CreateThread
0x50033c CreateFileA
0x500340 CreateEventA
0x500344 CompareStringA
0x500348 CloseHandle
version.dll
0x500350 VerQueryValueA
0x500354 GetFileVersionInfoSizeA
0x500358 GetFileVersionInfoA
gdi32.dll
0x500360 UnrealizeObject
0x500364 StretchBlt
0x500368 SetWindowOrgEx
0x50036c SetWinMetaFileBits
0x500370 SetViewportOrgEx
0x500374 SetTextColor
0x500378 SetStretchBltMode
0x50037c SetROP2
0x500380 SetPixel
0x500384 SetEnhMetaFileBits
0x500388 SetDIBColorTable
0x50038c SetBrushOrgEx
0x500390 SetBkMode
0x500394 SetBkColor
0x500398 SelectPalette
0x50039c SelectObject
0x5003a0 SaveDC
0x5003a4 RestoreDC
0x5003a8 RectVisible
0x5003ac RealizePalette
0x5003b0 PlayEnhMetaFile
0x5003b4 PatBlt
0x5003b8 MoveToEx
0x5003bc MaskBlt
0x5003c0 LineTo
0x5003c4 IntersectClipRect
0x5003c8 GetWindowOrgEx
0x5003cc GetWinMetaFileBits
0x5003d0 GetTextMetricsA
0x5003d4 GetTextExtentPoint32A
0x5003d8 GetSystemPaletteEntries
0x5003dc GetStockObject
0x5003e0 GetPixel
0x5003e4 GetPaletteEntries
0x5003e8 GetObjectA
0x5003ec GetEnhMetaFilePaletteEntries
0x5003f0 GetEnhMetaFileHeader
0x5003f4 GetEnhMetaFileBits
0x5003f8 GetDeviceCaps
0x5003fc GetDIBits
0x500400 GetDIBColorTable
0x500404 GetDCOrgEx
0x500408 GetCurrentPositionEx
0x50040c GetClipBox
0x500410 GetBrushOrgEx
0x500414 GetBitmapBits
0x500418 GdiFlush
0x50041c ExcludeClipRect
0x500420 DeleteObject
0x500424 DeleteEnhMetaFile
0x500428 DeleteDC
0x50042c CreateSolidBrush
0x500430 CreatePenIndirect
0x500434 CreatePalette
0x500438 CreateHalftonePalette
0x50043c CreateFontIndirectA
0x500440 CreateDIBitmap
0x500444 CreateDIBSection
0x500448 CreateCompatibleDC
0x50044c CreateCompatibleBitmap
0x500450 CreateBrushIndirect
0x500454 CreateBitmap
0x500458 CopyEnhMetaFileA
0x50045c BitBlt
user32.dll
0x500464 CreateWindowExA
0x500468 WindowFromPoint
0x50046c WinHelpA
0x500470 WaitMessage
0x500474 UpdateWindow
0x500478 UnregisterClassA
0x50047c UnhookWindowsHookEx
0x500480 TranslateMessage
0x500484 TranslateMDISysAccel
0x500488 TrackPopupMenu
0x50048c SystemParametersInfoA
0x500490 ShowWindow
0x500494 ShowScrollBar
0x500498 ShowOwnedPopups
0x50049c ShowCursor
0x5004a0 SetWindowsHookExA
0x5004a4 SetWindowPos
0x5004a8 SetWindowPlacement
0x5004ac SetWindowLongA
0x5004b0 SetTimer
0x5004b4 SetScrollRange
0x5004b8 SetScrollPos
0x5004bc SetScrollInfo
0x5004c0 SetRect
0x5004c4 SetPropA
0x5004c8 SetParent
0x5004cc SetMenuItemInfoA
0x5004d0 SetMenu
0x5004d4 SetForegroundWindow
0x5004d8 SetFocus
0x5004dc SetCursor
0x5004e0 SetClassLongA
0x5004e4 SetCapture
0x5004e8 SetActiveWindow
0x5004ec SendMessageA
0x5004f0 ScrollWindow
0x5004f4 ScreenToClient
0x5004f8 RemovePropA
0x5004fc RemoveMenu
0x500500 ReleaseDC
0x500504 ReleaseCapture
0x500508 RegisterWindowMessageA
0x50050c RegisterClipboardFormatA
0x500510 RegisterClassA
0x500514 RedrawWindow
0x500518 PtInRect
0x50051c PostQuitMessage
0x500520 PostMessageA
0x500524 PeekMessageA
0x500528 OffsetRect
0x50052c OemToCharA
0x500530 MessageBoxA
0x500534 MapWindowPoints
0x500538 MapVirtualKeyA
0x50053c LoadStringA
0x500540 LoadKeyboardLayoutA
0x500544 LoadIconA
0x500548 LoadCursorA
0x50054c LoadBitmapA
0x500550 KillTimer
0x500554 IsZoomed
0x500558 IsWindowVisible
0x50055c IsWindowEnabled
0x500560 IsWindow
0x500564 IsRectEmpty
0x500568 IsMenu
0x50056c IsIconic
0x500570 IsDlgButtonChecked
0x500574 IsDialogMessageA
0x500578 IsChild
0x50057c InvalidateRect
0x500580 IntersectRect
0x500584 InsertMenuItemA
0x500588 InsertMenuA
0x50058c InflateRect
0x500590 GetWindowThreadProcessId
0x500594 GetWindowTextA
0x500598 GetWindowRect
0x50059c GetWindowPlacement
0x5005a0 GetWindowLongA
0x5005a4 GetWindowDC
0x5005a8 GetTopWindow
0x5005ac GetSystemMetrics
0x5005b0 GetSystemMenu
0x5005b4 GetSysColorBrush
0x5005b8 GetSysColor
0x5005bc GetSubMenu
0x5005c0 GetScrollRange
0x5005c4 GetScrollPos
0x5005c8 GetScrollInfo
0x5005cc GetPropA
0x5005d0 GetParent
0x5005d4 GetWindow
0x5005d8 GetMenuStringA
0x5005dc GetMenuState
0x5005e0 GetMenuItemInfoA
0x5005e4 GetMenuItemID
0x5005e8 GetMenuItemCount
0x5005ec GetMenu
0x5005f0 GetLastActivePopup
0x5005f4 GetKeyboardState
0x5005f8 GetKeyboardLayoutList
0x5005fc GetKeyboardLayout
0x500600 GetKeyState
0x500604 GetKeyNameTextA
0x500608 GetIconInfo
0x50060c GetForegroundWindow
0x500610 GetFocus
0x500614 GetDesktopWindow
0x500618 GetDCEx
0x50061c GetDC
0x500620 GetCursorPos
0x500624 GetCursor
0x500628 GetClipboardData
0x50062c GetClientRect
0x500630 GetClassNameA
0x500634 GetClassInfoA
0x500638 GetCapture
0x50063c GetActiveWindow
0x500640 FrameRect
0x500644 FindWindowA
0x500648 FillRect
0x50064c EqualRect
0x500650 EnumWindows
0x500654 EnumThreadWindows
0x500658 EndPaint
0x50065c EnableWindow
0x500660 EnableScrollBar
0x500664 EnableMenuItem
0x500668 DrawTextA
0x50066c DrawMenuBar
0x500670 DrawIconEx
0x500674 DrawIcon
0x500678 DrawFrameControl
0x50067c DrawEdge
0x500680 DispatchMessageA
0x500684 DestroyWindow
0x500688 DestroyMenu
0x50068c DestroyIcon
0x500690 DestroyCursor
0x500694 DeleteMenu
0x500698 DefWindowProcA
0x50069c DefMDIChildProcA
0x5006a0 DefFrameProcA
0x5006a4 CreatePopupMenu
0x5006a8 CreateMenu
0x5006ac CreateIcon
0x5006b0 ClientToScreen
0x5006b4 CheckMenuItem
0x5006b8 CallWindowProcA
0x5006bc CallNextHookEx
0x5006c0 BeginPaint
0x5006c4 CharNextA
0x5006c8 CharLowerBuffA
0x5006cc CharLowerA
0x5006d0 CharUpperBuffA
0x5006d4 CharToOemA
0x5006d8 AdjustWindowRectEx
0x5006dc ActivateKeyboardLayout
kernel32.dll
0x5006e4 Sleep
oleaut32.dll
0x5006ec SafeArrayPtrOfIndex
0x5006f0 SafeArrayPutElement
0x5006f4 SafeArrayGetElement
0x5006f8 SafeArrayUnaccessData
0x5006fc SafeArrayAccessData
0x500700 SafeArrayGetUBound
0x500704 SafeArrayGetLBound
0x500708 SafeArrayCreate
0x50070c VariantChangeType
0x500710 VariantCopyInd
0x500714 VariantCopy
0x500718 VariantClear
0x50071c VariantInit
ole32.dll
0x500724 CoTaskMemFree
0x500728 ProgIDFromCLSID
0x50072c StringFromCLSID
0x500730 CoCreateInstance
0x500734 CoUninitialize
0x500738 CoInitialize
0x50073c IsEqualGUID
oleaut32.dll
0x500744 GetErrorInfo
0x500748 GetActiveObject
0x50074c SysFreeString
comctl32.dll
0x500754 ImageList_SetIconSize
0x500758 ImageList_GetIconSize
0x50075c ImageList_Write
0x500760 ImageList_Read
0x500764 ImageList_GetDragImage
0x500768 ImageList_DragShowNolock
0x50076c ImageList_SetDragCursorImage
0x500770 ImageList_DragMove
0x500774 ImageList_DragLeave
0x500778 ImageList_DragEnter
0x50077c ImageList_EndDrag
0x500780 ImageList_BeginDrag
0x500784 ImageList_Remove
0x500788 ImageList_DrawEx
0x50078c ImageList_Draw
0x500790 ImageList_GetBkColor
0x500794 ImageList_SetBkColor
0x500798 ImageList_ReplaceIcon
0x50079c ImageList_Add
0x5007a0 ImageList_SetImageCount
0x5007a4 ImageList_GetImageCount
0x5007a8 ImageList_Destroy
0x5007ac ImageList_Create
ntdll
0x5007b4 ZwWriteVirtualMemory
0x5007b8 NtProtectVirtualMemory
EAT(Export Address Table) is none
kernel32.dll
0x500154 DeleteCriticalSection
0x500158 LeaveCriticalSection
0x50015c EnterCriticalSection
0x500160 InitializeCriticalSection
0x500164 VirtualFree
0x500168 VirtualAlloc
0x50016c LocalFree
0x500170 LocalAlloc
0x500174 GetTickCount
0x500178 QueryPerformanceCounter
0x50017c GetVersion
0x500180 GetCurrentThreadId
0x500184 InterlockedDecrement
0x500188 InterlockedIncrement
0x50018c VirtualQuery
0x500190 WideCharToMultiByte
0x500194 MultiByteToWideChar
0x500198 lstrlenA
0x50019c lstrcpynA
0x5001a0 LoadLibraryExA
0x5001a4 GetThreadLocale
0x5001a8 GetStartupInfoA
0x5001ac GetProcAddress
0x5001b0 GetModuleHandleA
0x5001b4 GetModuleFileNameA
0x5001b8 GetLocaleInfoA
0x5001bc GetCommandLineA
0x5001c0 FreeLibrary
0x5001c4 FindFirstFileA
0x5001c8 FindClose
0x5001cc ExitProcess
0x5001d0 WriteFile
0x5001d4 UnhandledExceptionFilter
0x5001d8 RtlUnwind
0x5001dc RaiseException
0x5001e0 GetStdHandle
user32.dll
0x5001e8 GetKeyboardType
0x5001ec LoadStringA
0x5001f0 MessageBoxA
0x5001f4 CharNextA
advapi32.dll
0x5001fc RegQueryValueExA
0x500200 RegOpenKeyExA
0x500204 RegCloseKey
oleaut32.dll
0x50020c SysFreeString
0x500210 SysReAllocStringLen
0x500214 SysAllocStringLen
kernel32.dll
0x50021c TlsSetValue
0x500220 TlsGetValue
0x500224 LocalAlloc
0x500228 GetModuleHandleA
advapi32.dll
0x500230 RegQueryValueExA
0x500234 RegOpenKeyExA
0x500238 RegCloseKey
kernel32.dll
0x500240 lstrcpyA
0x500244 WriteFile
0x500248 WaitForSingleObject
0x50024c VirtualQuery
0x500250 VirtualAlloc
0x500254 Sleep
0x500258 SizeofResource
0x50025c SetThreadLocale
0x500260 SetFilePointer
0x500264 SetEvent
0x500268 SetErrorMode
0x50026c SetEndOfFile
0x500270 ResetEvent
0x500274 ReadFile
0x500278 MultiByteToWideChar
0x50027c MulDiv
0x500280 LockResource
0x500284 LoadResource
0x500288 LoadLibraryExA
0x50028c LoadLibraryA
0x500290 LeaveCriticalSection
0x500294 InitializeCriticalSection
0x500298 GlobalUnlock
0x50029c GlobalReAlloc
0x5002a0 GlobalHandle
0x5002a4 GlobalLock
0x5002a8 GlobalFree
0x5002ac GlobalFindAtomA
0x5002b0 GlobalDeleteAtom
0x5002b4 GlobalAlloc
0x5002b8 GlobalAddAtomA
0x5002bc GetVersionExA
0x5002c0 GetVersion
0x5002c4 GetTickCount
0x5002c8 GetThreadLocale
0x5002cc GetSystemInfo
0x5002d0 GetStringTypeExA
0x5002d4 GetStdHandle
0x5002d8 GetProcAddress
0x5002dc GetModuleHandleW
0x5002e0 GetModuleHandleA
0x5002e4 GetModuleFileNameA
0x5002e8 GetLocaleInfoA
0x5002ec GetLocalTime
0x5002f0 GetLastError
0x5002f4 GetFullPathNameA
0x5002f8 GetDiskFreeSpaceA
0x5002fc GetDateFormatA
0x500300 GetCurrentThreadId
0x500304 GetCurrentProcessId
0x500308 GetCurrentProcess
0x50030c GetComputerNameA
0x500310 GetCPInfo
0x500314 GetACP
0x500318 FreeResource
0x50031c InterlockedExchange
0x500320 FreeLibrary
0x500324 FormatMessageA
0x500328 FindResourceA
0x50032c EnumCalendarInfoA
0x500330 EnterCriticalSection
0x500334 DeleteCriticalSection
0x500338 CreateThread
0x50033c CreateFileA
0x500340 CreateEventA
0x500344 CompareStringA
0x500348 CloseHandle
version.dll
0x500350 VerQueryValueA
0x500354 GetFileVersionInfoSizeA
0x500358 GetFileVersionInfoA
gdi32.dll
0x500360 UnrealizeObject
0x500364 StretchBlt
0x500368 SetWindowOrgEx
0x50036c SetWinMetaFileBits
0x500370 SetViewportOrgEx
0x500374 SetTextColor
0x500378 SetStretchBltMode
0x50037c SetROP2
0x500380 SetPixel
0x500384 SetEnhMetaFileBits
0x500388 SetDIBColorTable
0x50038c SetBrushOrgEx
0x500390 SetBkMode
0x500394 SetBkColor
0x500398 SelectPalette
0x50039c SelectObject
0x5003a0 SaveDC
0x5003a4 RestoreDC
0x5003a8 RectVisible
0x5003ac RealizePalette
0x5003b0 PlayEnhMetaFile
0x5003b4 PatBlt
0x5003b8 MoveToEx
0x5003bc MaskBlt
0x5003c0 LineTo
0x5003c4 IntersectClipRect
0x5003c8 GetWindowOrgEx
0x5003cc GetWinMetaFileBits
0x5003d0 GetTextMetricsA
0x5003d4 GetTextExtentPoint32A
0x5003d8 GetSystemPaletteEntries
0x5003dc GetStockObject
0x5003e0 GetPixel
0x5003e4 GetPaletteEntries
0x5003e8 GetObjectA
0x5003ec GetEnhMetaFilePaletteEntries
0x5003f0 GetEnhMetaFileHeader
0x5003f4 GetEnhMetaFileBits
0x5003f8 GetDeviceCaps
0x5003fc GetDIBits
0x500400 GetDIBColorTable
0x500404 GetDCOrgEx
0x500408 GetCurrentPositionEx
0x50040c GetClipBox
0x500410 GetBrushOrgEx
0x500414 GetBitmapBits
0x500418 GdiFlush
0x50041c ExcludeClipRect
0x500420 DeleteObject
0x500424 DeleteEnhMetaFile
0x500428 DeleteDC
0x50042c CreateSolidBrush
0x500430 CreatePenIndirect
0x500434 CreatePalette
0x500438 CreateHalftonePalette
0x50043c CreateFontIndirectA
0x500440 CreateDIBitmap
0x500444 CreateDIBSection
0x500448 CreateCompatibleDC
0x50044c CreateCompatibleBitmap
0x500450 CreateBrushIndirect
0x500454 CreateBitmap
0x500458 CopyEnhMetaFileA
0x50045c BitBlt
user32.dll
0x500464 CreateWindowExA
0x500468 WindowFromPoint
0x50046c WinHelpA
0x500470 WaitMessage
0x500474 UpdateWindow
0x500478 UnregisterClassA
0x50047c UnhookWindowsHookEx
0x500480 TranslateMessage
0x500484 TranslateMDISysAccel
0x500488 TrackPopupMenu
0x50048c SystemParametersInfoA
0x500490 ShowWindow
0x500494 ShowScrollBar
0x500498 ShowOwnedPopups
0x50049c ShowCursor
0x5004a0 SetWindowsHookExA
0x5004a4 SetWindowPos
0x5004a8 SetWindowPlacement
0x5004ac SetWindowLongA
0x5004b0 SetTimer
0x5004b4 SetScrollRange
0x5004b8 SetScrollPos
0x5004bc SetScrollInfo
0x5004c0 SetRect
0x5004c4 SetPropA
0x5004c8 SetParent
0x5004cc SetMenuItemInfoA
0x5004d0 SetMenu
0x5004d4 SetForegroundWindow
0x5004d8 SetFocus
0x5004dc SetCursor
0x5004e0 SetClassLongA
0x5004e4 SetCapture
0x5004e8 SetActiveWindow
0x5004ec SendMessageA
0x5004f0 ScrollWindow
0x5004f4 ScreenToClient
0x5004f8 RemovePropA
0x5004fc RemoveMenu
0x500500 ReleaseDC
0x500504 ReleaseCapture
0x500508 RegisterWindowMessageA
0x50050c RegisterClipboardFormatA
0x500510 RegisterClassA
0x500514 RedrawWindow
0x500518 PtInRect
0x50051c PostQuitMessage
0x500520 PostMessageA
0x500524 PeekMessageA
0x500528 OffsetRect
0x50052c OemToCharA
0x500530 MessageBoxA
0x500534 MapWindowPoints
0x500538 MapVirtualKeyA
0x50053c LoadStringA
0x500540 LoadKeyboardLayoutA
0x500544 LoadIconA
0x500548 LoadCursorA
0x50054c LoadBitmapA
0x500550 KillTimer
0x500554 IsZoomed
0x500558 IsWindowVisible
0x50055c IsWindowEnabled
0x500560 IsWindow
0x500564 IsRectEmpty
0x500568 IsMenu
0x50056c IsIconic
0x500570 IsDlgButtonChecked
0x500574 IsDialogMessageA
0x500578 IsChild
0x50057c InvalidateRect
0x500580 IntersectRect
0x500584 InsertMenuItemA
0x500588 InsertMenuA
0x50058c InflateRect
0x500590 GetWindowThreadProcessId
0x500594 GetWindowTextA
0x500598 GetWindowRect
0x50059c GetWindowPlacement
0x5005a0 GetWindowLongA
0x5005a4 GetWindowDC
0x5005a8 GetTopWindow
0x5005ac GetSystemMetrics
0x5005b0 GetSystemMenu
0x5005b4 GetSysColorBrush
0x5005b8 GetSysColor
0x5005bc GetSubMenu
0x5005c0 GetScrollRange
0x5005c4 GetScrollPos
0x5005c8 GetScrollInfo
0x5005cc GetPropA
0x5005d0 GetParent
0x5005d4 GetWindow
0x5005d8 GetMenuStringA
0x5005dc GetMenuState
0x5005e0 GetMenuItemInfoA
0x5005e4 GetMenuItemID
0x5005e8 GetMenuItemCount
0x5005ec GetMenu
0x5005f0 GetLastActivePopup
0x5005f4 GetKeyboardState
0x5005f8 GetKeyboardLayoutList
0x5005fc GetKeyboardLayout
0x500600 GetKeyState
0x500604 GetKeyNameTextA
0x500608 GetIconInfo
0x50060c GetForegroundWindow
0x500610 GetFocus
0x500614 GetDesktopWindow
0x500618 GetDCEx
0x50061c GetDC
0x500620 GetCursorPos
0x500624 GetCursor
0x500628 GetClipboardData
0x50062c GetClientRect
0x500630 GetClassNameA
0x500634 GetClassInfoA
0x500638 GetCapture
0x50063c GetActiveWindow
0x500640 FrameRect
0x500644 FindWindowA
0x500648 FillRect
0x50064c EqualRect
0x500650 EnumWindows
0x500654 EnumThreadWindows
0x500658 EndPaint
0x50065c EnableWindow
0x500660 EnableScrollBar
0x500664 EnableMenuItem
0x500668 DrawTextA
0x50066c DrawMenuBar
0x500670 DrawIconEx
0x500674 DrawIcon
0x500678 DrawFrameControl
0x50067c DrawEdge
0x500680 DispatchMessageA
0x500684 DestroyWindow
0x500688 DestroyMenu
0x50068c DestroyIcon
0x500690 DestroyCursor
0x500694 DeleteMenu
0x500698 DefWindowProcA
0x50069c DefMDIChildProcA
0x5006a0 DefFrameProcA
0x5006a4 CreatePopupMenu
0x5006a8 CreateMenu
0x5006ac CreateIcon
0x5006b0 ClientToScreen
0x5006b4 CheckMenuItem
0x5006b8 CallWindowProcA
0x5006bc CallNextHookEx
0x5006c0 BeginPaint
0x5006c4 CharNextA
0x5006c8 CharLowerBuffA
0x5006cc CharLowerA
0x5006d0 CharUpperBuffA
0x5006d4 CharToOemA
0x5006d8 AdjustWindowRectEx
0x5006dc ActivateKeyboardLayout
kernel32.dll
0x5006e4 Sleep
oleaut32.dll
0x5006ec SafeArrayPtrOfIndex
0x5006f0 SafeArrayPutElement
0x5006f4 SafeArrayGetElement
0x5006f8 SafeArrayUnaccessData
0x5006fc SafeArrayAccessData
0x500700 SafeArrayGetUBound
0x500704 SafeArrayGetLBound
0x500708 SafeArrayCreate
0x50070c VariantChangeType
0x500710 VariantCopyInd
0x500714 VariantCopy
0x500718 VariantClear
0x50071c VariantInit
ole32.dll
0x500724 CoTaskMemFree
0x500728 ProgIDFromCLSID
0x50072c StringFromCLSID
0x500730 CoCreateInstance
0x500734 CoUninitialize
0x500738 CoInitialize
0x50073c IsEqualGUID
oleaut32.dll
0x500744 GetErrorInfo
0x500748 GetActiveObject
0x50074c SysFreeString
comctl32.dll
0x500754 ImageList_SetIconSize
0x500758 ImageList_GetIconSize
0x50075c ImageList_Write
0x500760 ImageList_Read
0x500764 ImageList_GetDragImage
0x500768 ImageList_DragShowNolock
0x50076c ImageList_SetDragCursorImage
0x500770 ImageList_DragMove
0x500774 ImageList_DragLeave
0x500778 ImageList_DragEnter
0x50077c ImageList_EndDrag
0x500780 ImageList_BeginDrag
0x500784 ImageList_Remove
0x500788 ImageList_DrawEx
0x50078c ImageList_Draw
0x500790 ImageList_GetBkColor
0x500794 ImageList_SetBkColor
0x500798 ImageList_ReplaceIcon
0x50079c ImageList_Add
0x5007a0 ImageList_SetImageCount
0x5007a4 ImageList_GetImageCount
0x5007a8 ImageList_Destroy
0x5007ac ImageList_Create
ntdll
0x5007b4 ZwWriteVirtualMemory
0x5007b8 NtProtectVirtualMemory
EAT(Export Address Table) is none