ScreenShot
| Created | 2023.10.08 12:02 | Machine | s1_win7_x6401 |
| Filename | ss47.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 43 detected (Common, Fabookie, malicious, high confidence, DownLoader45, GenericKD, GenKryptik, confidence, 100%, ABRisk, VDXE, Attribute, HighConfidence, GMMZ, score, kbtvtx, Dzlw, Swrort, vmdvv, ai score=89, Znyonm, Detected, unsafe, Chgt, EmnL0dJ0FNC) | ||
| md5 | 6e45986a505bed78232a8867b5860ea6 | ||
| sha256 | c957aa07aa1dd6d58aff2431b56b2139a0c2d5d6b34d20a978767e0daab58829 | ||
| ssdeep | 12288:K72HTp/D0DpEE3M51qvii3mmm6AV5Cqylkg5ZQnXlV5Za5Za5Zj:GA4JM5kRhAVdcpmt44F | ||
| imphash | de5ffdef0b7fe6105bfe44941d62fcd6 | ||
| impfuzzy | 192:VA81DcXgXBfu+dkHkFr9p1HyBUlEp4XTDFhiD9QErsc64:6Sk81zl64XTDFhiD9QEAK | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 43 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x100001000 TraceMessage
0x100001008 TraceEvent
0x100001010 RegOpenKeyExW
0x100001018 RegQueryValueExW
0x100001020 RegSetValueExW
0x100001028 RegDeleteValueW
0x100001030 RegCloseKey
0x100001038 RegQueryInfoKeyW
0x100001040 RegEnumKeyExW
0x100001048 RegCreateKeyExW
0x100001050 RegGetValueW
0x100001058 GetTraceLoggerHandle
0x100001060 GetTraceEnableLevel
0x100001068 GetTraceEnableFlags
0x100001070 RegisterTraceGuidsW
0x100001078 UnregisterTraceGuids
0x100001080 EventRegister
0x100001088 EventWrite
0x100001090 EventUnregister
KERNEL32.dll
0x100001218 LocalAlloc
0x100001220 GetSystemPowerStatus
0x100001228 FormatMessageW
0x100001230 SetEvent
0x100001238 CreateEventW
0x100001240 DeleteCriticalSection
0x100001248 InitializeCriticalSection
0x100001250 LocalFree
0x100001258 GlobalUnlock
0x100001260 GlobalLock
0x100001268 GlobalAlloc
0x100001270 SizeofResource
0x100001278 LockResource
0x100001280 LoadResource
0x100001288 FindResourceW
0x100001290 CreateProcessW
0x100001298 Sleep
0x1000012a0 InterlockedPushEntrySList
0x1000012a8 VirtualAlloc
0x1000012b0 InterlockedPopEntrySList
0x1000012b8 GetProcessHeap
0x1000012c0 VirtualFree
0x1000012c8 HeapFree
0x1000012d0 HeapAlloc
0x1000012d8 GetVersionExA
0x1000012e0 GetSystemDirectoryW
0x1000012e8 CreateThread
0x1000012f0 lstrcmpW
0x1000012f8 GetCommandLineW
0x100001300 SetLastError
0x100001308 CloseHandle
0x100001310 RegisterApplicationRestart
0x100001318 ReleaseMutex
0x100001320 CreateMutexW
0x100001328 SetUnhandledExceptionFilter
0x100001330 GetModuleHandleW
0x100001338 HeapSetInformation
0x100001340 GetCurrentThreadId
0x100001348 FlushInstructionCache
0x100001350 GetCurrentProcess
0x100001358 ExpandEnvironmentStringsW
0x100001360 LoadLibraryW
0x100001368 LeaveCriticalSection
0x100001370 EnterCriticalSection
0x100001378 WaitForSingleObject
0x100001380 GetLastError
0x100001388 QueryPerformanceCounter
0x100001390 GetTickCount
0x100001398 GetCurrentProcessId
0x1000013a0 GetSystemTimeAsFileTime
0x1000013a8 TerminateProcess
0x1000013b0 UnhandledExceptionFilter
0x1000013b8 OutputDebugStringA
0x1000013c0 MulDiv
0x1000013c8 RaiseException
0x1000013d0 GetStartupInfoW
GDI32.dll
0x100001128 GetDeviceCaps
0x100001130 SetBkColor
0x100001138 GetBkColor
0x100001140 GetTextExtentPoint32W
0x100001148 BitBlt
0x100001150 SetBrushOrgEx
0x100001158 SetViewportOrgEx
0x100001160 SetLayout
0x100001168 GetLayout
0x100001170 SelectClipRgn
0x100001178 CreateRectRgn
0x100001180 GdiGradientFill
0x100001188 LineTo
0x100001190 MoveToEx
0x100001198 SetDCPenColor
0x1000011a0 CreateDIBSection
0x1000011a8 SetTextColor
0x1000011b0 DeleteObject
0x1000011b8 CreateFontIndirectW
0x1000011c0 CreateCompatibleDC
0x1000011c8 SelectObject
0x1000011d0 GetTextMetricsW
0x1000011d8 DeleteDC
0x1000011e0 CreateSolidBrush
0x1000011e8 GetObjectW
0x1000011f0 GetStockObject
0x1000011f8 SetBkMode
0x100001200 GdiAlphaBlend
0x100001208 Polygon
USER32.dll
0x1000014d8 EnumDisplaySettingsExW
0x1000014e0 SystemParametersInfoW
0x1000014e8 GetSysColor
0x1000014f0 QueryDisplayConfig
0x1000014f8 GetDisplayConfigBufferSizes
0x100001500 EndPaint
0x100001508 DrawEdge
0x100001510 BeginPaint
0x100001518 PtInRect
0x100001520 SetRect
0x100001528 GetWindowLongW
0x100001530 ValidateRect
0x100001538 LoadStringW
0x100001540 UnregisterClassA
0x100001548 SetClassLongPtrW
0x100001550 UnhookWindowsHookEx
0x100001558 GetWindowLongPtrW
0x100001560 GetActiveWindow
0x100001568 UpdateWindow
0x100001570 ScrollWindow
0x100001578 GetScrollInfo
0x100001580 SetScrollInfo
0x100001588 SetWindowsHookExW
0x100001590 GetWindowInfo
0x100001598 CopyRect
0x1000015a0 GetWindowRect
0x1000015a8 GetMonitorInfoW
0x1000015b0 GetSysColorBrush
0x1000015b8 GetSystemMetrics
0x1000015c0 LoadCursorW
0x1000015c8 SetWindowLongPtrW
0x1000015d0 UnregisterPowerSettingNotification
0x1000015d8 RegisterPowerSettingNotification
0x1000015e0 UnregisterDeviceNotification
0x1000015e8 RegisterDeviceNotificationW
0x1000015f0 GetClassLongPtrW
0x1000015f8 FrameRect
0x100001600 MonitorFromRect
0x100001608 GetWindowPlacement
0x100001610 GetNextDlgTabItem
0x100001618 InvalidateRect
0x100001620 GetFocus
0x100001628 MapWindowPoints
0x100001630 GetClientRect
0x100001638 CreateWindowExW
0x100001640 GetParent
0x100001648 OffsetRect
0x100001650 ChangeDisplaySettingsExW
0x100001658 PostMessageW
0x100001660 GetDlgItem
0x100001668 CallWindowProcW
0x100001670 SetWindowTextW
0x100001678 EnumChildWindows
0x100001680 EnableWindow
0x100001688 GetWindowTextW
0x100001690 SetDlgItemTextW
0x100001698 KillTimer
0x1000016a0 ReleaseDC
0x1000016a8 GetDC
0x1000016b0 NotifyWinEvent
0x1000016b8 CallNextHookEx
0x1000016c0 GetDlgCtrlID
0x1000016c8 GetKeyState
0x1000016d0 DrawIconEx
0x1000016d8 InflateRect
0x1000016e0 DestroyWindow
0x1000016e8 CreateDialogParamW
0x1000016f0 SendMessageW
0x1000016f8 DestroyIcon
0x100001700 LoadImageW
0x100001708 AllowSetForegroundWindow
0x100001710 GetIconInfo
0x100001718 PostQuitMessage
0x100001720 EnumDisplayDevicesW
0x100001728 FindWindowW
0x100001730 SetForegroundWindow
0x100001738 GetForegroundWindow
0x100001740 IsIconic
0x100001748 DrawFocusRect
0x100001750 DrawTextW
0x100001758 ShowWindow
0x100001760 GetClassInfoW
0x100001768 IsWindowEnabled
0x100001770 FillRect
0x100001778 DefWindowProcW
0x100001780 SetTimer
0x100001788 SetWindowPos
0x100001790 SendDlgItemMessageW
0x100001798 MoveWindow
0x1000017a0 RegisterClassW
0x1000017a8 LoadIconW
0x1000017b0 GetMessageW
0x1000017b8 IsDialogMessageW
0x1000017c0 TranslateMessage
0x1000017c8 DispatchMessageW
0x1000017d0 UnregisterClassW
msvcrt.dll
0x1000019f8 ceilf
0x100001a00 ?terminate@@YAXXZ
0x100001a08 _onexit
0x100001a10 _lock
0x100001a18 __dllonexit
0x100001a20 _unlock
0x100001a28 _errno
0x100001a30 realloc
0x100001a38 ??1type_info@@UEAA@XZ
0x100001a40 __set_app_type
0x100001a48 _fmode
0x100001a50 _commode
0x100001a58 __setusermatherr
0x100001a60 _amsg_exit
0x100001a68 _acmdln
0x100001a70 exit
0x100001a78 _cexit
0x100001a80 _ismbblead
0x100001a88 _exit
0x100001a90 _XcptFilter
0x100001a98 __getmainargs
0x100001aa0 __C_specific_handler
0x100001aa8 memset
0x100001ab0 _purecall
0x100001ab8 __RTDynamicCast
0x100001ac0 wcstok
0x100001ac8 wcscspn
0x100001ad0 wcstol
0x100001ad8 _wcsicmp
0x100001ae0 free
0x100001ae8 memmove_s
0x100001af0 ??_U@YAPEAX_K@Z
0x100001af8 _vsnwprintf
0x100001b00 ??2@YAPEAX_K@Z
0x100001b08 ??_V@YAXPEAX@Z
0x100001b10 ??3@YAXPEAX@Z
0x100001b18 _initterm
0x100001b20 memcpy
OLEAUT32.dll
0x1000013e0 SafeArrayGetElement
0x1000013e8 SysAllocString
0x1000013f0 SysFreeString
0x1000013f8 VariantClear
0x100001400 VariantInit
POWRPROF.dll
0x100001410 PowerDeterminePlatformRole
0x100001418 PowerSettingAccessCheck
0x100001420 PowerReadDCValue
0x100001428 PowerSetActiveScheme
0x100001430 PowerGetActiveScheme
0x100001438 PowerReadFriendlyName
0x100001440 GetPwrCapabilities
BatMeter.dll
0x1000010a0 CleanupBatteryData
0x1000010a8 SubscribeBatteryUpdateNotification
0x1000010b0 CreateBatteryData
0x1000010b8 UnsubscribeBatteryUpdateNotification
0x1000010c0 BatMeterOnDeviceChange
0x1000010c8 UpdateBatteryDataAsync
0x1000010d0 QueryBatteryData
0x1000010d8 GetBatteryStatusText
0x1000010e0 SetBatteryLevel
WINMM.dll
0x100001858 waveOutGetNumDevs
0x100001860 PlaySoundW
SHELL32.dll
0x100001460 ShellExecuteW
0x100001468 None
0x100001470 SHGetKnownFolderIDList
0x100001478 None
0x100001480 DuplicateIcon
0x100001488 ShellExecuteExW
SHLWAPI.dll
0x100001498 PathFileExistsW
0x1000014a0 None
0x1000014a8 None
0x1000014b0 StrTrimW
0x1000014b8 None
0x1000014c0 PathGetArgsW
0x1000014c8 PathRemoveBlanksW
ole32.dll
0x100001b58 CLSIDFromString
0x100001b60 CoCreateInstance
0x100001b68 CoSetProxyBlanket
0x100001b70 CreateStreamOnHGlobal
0x100001b78 CoInitializeSecurity
0x100001b80 CoUninitialize
0x100001b88 CoInitialize
ntdll.dll
0x100001b30 EtwTraceMessage
0x100001b38 RtlVirtualUnwind
0x100001b40 RtlLookupFunctionEntry
0x100001b48 RtlCaptureContext
slc.dll
0x100001b98 SLGetWindowsInformationDWORD
RPCRT4.dll
0x100001450 UuidFromStringW
gdiplus.dll
0x100001920 GdipCloneImage
0x100001928 GdipDisposeImage
0x100001930 GdipAlloc
0x100001938 GdiplusShutdown
0x100001940 GdiplusStartup
0x100001948 GdipGetImageWidth
0x100001950 GdipCreateFromHDC
0x100001958 GdipDrawLine
0x100001960 GdipFillPath
0x100001968 GdipCreatePath
0x100001970 GdipCreatePen1
0x100001978 GdipBitmapUnlockBits
0x100001980 GdipBitmapLockBits
0x100001988 GdipGetImageHeight
0x100001990 GdipFillRectangle
0x100001998 GdipImageRotateFlip
0x1000019a0 GdipFree
0x1000019a8 GdipCreateBitmapFromStream
0x1000019b0 GdipCreateSolidFill
0x1000019b8 GdipDeletePath
0x1000019c0 GdipAddPathLine
0x1000019c8 GdipDeleteBrush
0x1000019d0 GdipDeleteGraphics
0x1000019d8 GdipCreateLineBrush
0x1000019e0 GdipSetSmoothingMode
0x1000019e8 GdipDeletePen
UxTheme.dll
0x1000017e0 OpenThemeData
0x1000017e8 BufferedPaintInit
0x1000017f0 BufferedPaintUnInit
0x1000017f8 BeginBufferedPaint
0x100001800 DrawThemeTextEx
0x100001808 EndBufferedPaint
0x100001810 BufferedPaintSetAlpha
0x100001818 GetThemePartSize
0x100001820 GetThemeBackgroundContentRect
0x100001828 GetThemeTextExtent
0x100001830 DrawThemeText
0x100001838 GetThemeColor
0x100001840 CloseThemeData
0x100001848 DrawThemeBackground
Wlanapi.dll
0x1000018c0 WlanCloseHandle
0x1000018c8 WlanGetInterfaceCapability
0x1000018d0 WlanSetInterface
0x1000018d8 WlanFreeMemory
0x1000018e0 WlanOpenHandle
0x1000018e8 WlanRegisterNotification
0x1000018f0 WlanQueryInterface
0x1000018f8 WlanEnumInterfaces
WMI.dll
0x100001870 WmiOpenBlock
0x100001878 WmiExecuteMethodW
0x100001880 WmiNotificationRegistrationW
0x100001888 WmiCloseBlock
0x100001890 WmiQueryAllDataW
0x100001898 WmiQuerySingleInstanceW
COMCTL32.dll
0x1000010f0 ImageList_Create
0x1000010f8 ImageList_ReplaceIcon
0x100001100 ImageList_DrawIndirect
0x100001108 ImageList_Destroy
0x100001110 None
0x100001118 None
dwmapi.dll
0x100001908 DwmIsCompositionEnabled
0x100001910 DwmExtendFrameIntoClientArea
WTSAPI32.dll
0x1000018a8 WTSUnRegisterSessionNotification
0x1000018b0 WTSRegisterSessionNotification
EAT(Export Address Table) is none
ADVAPI32.dll
0x100001000 TraceMessage
0x100001008 TraceEvent
0x100001010 RegOpenKeyExW
0x100001018 RegQueryValueExW
0x100001020 RegSetValueExW
0x100001028 RegDeleteValueW
0x100001030 RegCloseKey
0x100001038 RegQueryInfoKeyW
0x100001040 RegEnumKeyExW
0x100001048 RegCreateKeyExW
0x100001050 RegGetValueW
0x100001058 GetTraceLoggerHandle
0x100001060 GetTraceEnableLevel
0x100001068 GetTraceEnableFlags
0x100001070 RegisterTraceGuidsW
0x100001078 UnregisterTraceGuids
0x100001080 EventRegister
0x100001088 EventWrite
0x100001090 EventUnregister
KERNEL32.dll
0x100001218 LocalAlloc
0x100001220 GetSystemPowerStatus
0x100001228 FormatMessageW
0x100001230 SetEvent
0x100001238 CreateEventW
0x100001240 DeleteCriticalSection
0x100001248 InitializeCriticalSection
0x100001250 LocalFree
0x100001258 GlobalUnlock
0x100001260 GlobalLock
0x100001268 GlobalAlloc
0x100001270 SizeofResource
0x100001278 LockResource
0x100001280 LoadResource
0x100001288 FindResourceW
0x100001290 CreateProcessW
0x100001298 Sleep
0x1000012a0 InterlockedPushEntrySList
0x1000012a8 VirtualAlloc
0x1000012b0 InterlockedPopEntrySList
0x1000012b8 GetProcessHeap
0x1000012c0 VirtualFree
0x1000012c8 HeapFree
0x1000012d0 HeapAlloc
0x1000012d8 GetVersionExA
0x1000012e0 GetSystemDirectoryW
0x1000012e8 CreateThread
0x1000012f0 lstrcmpW
0x1000012f8 GetCommandLineW
0x100001300 SetLastError
0x100001308 CloseHandle
0x100001310 RegisterApplicationRestart
0x100001318 ReleaseMutex
0x100001320 CreateMutexW
0x100001328 SetUnhandledExceptionFilter
0x100001330 GetModuleHandleW
0x100001338 HeapSetInformation
0x100001340 GetCurrentThreadId
0x100001348 FlushInstructionCache
0x100001350 GetCurrentProcess
0x100001358 ExpandEnvironmentStringsW
0x100001360 LoadLibraryW
0x100001368 LeaveCriticalSection
0x100001370 EnterCriticalSection
0x100001378 WaitForSingleObject
0x100001380 GetLastError
0x100001388 QueryPerformanceCounter
0x100001390 GetTickCount
0x100001398 GetCurrentProcessId
0x1000013a0 GetSystemTimeAsFileTime
0x1000013a8 TerminateProcess
0x1000013b0 UnhandledExceptionFilter
0x1000013b8 OutputDebugStringA
0x1000013c0 MulDiv
0x1000013c8 RaiseException
0x1000013d0 GetStartupInfoW
GDI32.dll
0x100001128 GetDeviceCaps
0x100001130 SetBkColor
0x100001138 GetBkColor
0x100001140 GetTextExtentPoint32W
0x100001148 BitBlt
0x100001150 SetBrushOrgEx
0x100001158 SetViewportOrgEx
0x100001160 SetLayout
0x100001168 GetLayout
0x100001170 SelectClipRgn
0x100001178 CreateRectRgn
0x100001180 GdiGradientFill
0x100001188 LineTo
0x100001190 MoveToEx
0x100001198 SetDCPenColor
0x1000011a0 CreateDIBSection
0x1000011a8 SetTextColor
0x1000011b0 DeleteObject
0x1000011b8 CreateFontIndirectW
0x1000011c0 CreateCompatibleDC
0x1000011c8 SelectObject
0x1000011d0 GetTextMetricsW
0x1000011d8 DeleteDC
0x1000011e0 CreateSolidBrush
0x1000011e8 GetObjectW
0x1000011f0 GetStockObject
0x1000011f8 SetBkMode
0x100001200 GdiAlphaBlend
0x100001208 Polygon
USER32.dll
0x1000014d8 EnumDisplaySettingsExW
0x1000014e0 SystemParametersInfoW
0x1000014e8 GetSysColor
0x1000014f0 QueryDisplayConfig
0x1000014f8 GetDisplayConfigBufferSizes
0x100001500 EndPaint
0x100001508 DrawEdge
0x100001510 BeginPaint
0x100001518 PtInRect
0x100001520 SetRect
0x100001528 GetWindowLongW
0x100001530 ValidateRect
0x100001538 LoadStringW
0x100001540 UnregisterClassA
0x100001548 SetClassLongPtrW
0x100001550 UnhookWindowsHookEx
0x100001558 GetWindowLongPtrW
0x100001560 GetActiveWindow
0x100001568 UpdateWindow
0x100001570 ScrollWindow
0x100001578 GetScrollInfo
0x100001580 SetScrollInfo
0x100001588 SetWindowsHookExW
0x100001590 GetWindowInfo
0x100001598 CopyRect
0x1000015a0 GetWindowRect
0x1000015a8 GetMonitorInfoW
0x1000015b0 GetSysColorBrush
0x1000015b8 GetSystemMetrics
0x1000015c0 LoadCursorW
0x1000015c8 SetWindowLongPtrW
0x1000015d0 UnregisterPowerSettingNotification
0x1000015d8 RegisterPowerSettingNotification
0x1000015e0 UnregisterDeviceNotification
0x1000015e8 RegisterDeviceNotificationW
0x1000015f0 GetClassLongPtrW
0x1000015f8 FrameRect
0x100001600 MonitorFromRect
0x100001608 GetWindowPlacement
0x100001610 GetNextDlgTabItem
0x100001618 InvalidateRect
0x100001620 GetFocus
0x100001628 MapWindowPoints
0x100001630 GetClientRect
0x100001638 CreateWindowExW
0x100001640 GetParent
0x100001648 OffsetRect
0x100001650 ChangeDisplaySettingsExW
0x100001658 PostMessageW
0x100001660 GetDlgItem
0x100001668 CallWindowProcW
0x100001670 SetWindowTextW
0x100001678 EnumChildWindows
0x100001680 EnableWindow
0x100001688 GetWindowTextW
0x100001690 SetDlgItemTextW
0x100001698 KillTimer
0x1000016a0 ReleaseDC
0x1000016a8 GetDC
0x1000016b0 NotifyWinEvent
0x1000016b8 CallNextHookEx
0x1000016c0 GetDlgCtrlID
0x1000016c8 GetKeyState
0x1000016d0 DrawIconEx
0x1000016d8 InflateRect
0x1000016e0 DestroyWindow
0x1000016e8 CreateDialogParamW
0x1000016f0 SendMessageW
0x1000016f8 DestroyIcon
0x100001700 LoadImageW
0x100001708 AllowSetForegroundWindow
0x100001710 GetIconInfo
0x100001718 PostQuitMessage
0x100001720 EnumDisplayDevicesW
0x100001728 FindWindowW
0x100001730 SetForegroundWindow
0x100001738 GetForegroundWindow
0x100001740 IsIconic
0x100001748 DrawFocusRect
0x100001750 DrawTextW
0x100001758 ShowWindow
0x100001760 GetClassInfoW
0x100001768 IsWindowEnabled
0x100001770 FillRect
0x100001778 DefWindowProcW
0x100001780 SetTimer
0x100001788 SetWindowPos
0x100001790 SendDlgItemMessageW
0x100001798 MoveWindow
0x1000017a0 RegisterClassW
0x1000017a8 LoadIconW
0x1000017b0 GetMessageW
0x1000017b8 IsDialogMessageW
0x1000017c0 TranslateMessage
0x1000017c8 DispatchMessageW
0x1000017d0 UnregisterClassW
msvcrt.dll
0x1000019f8 ceilf
0x100001a00 ?terminate@@YAXXZ
0x100001a08 _onexit
0x100001a10 _lock
0x100001a18 __dllonexit
0x100001a20 _unlock
0x100001a28 _errno
0x100001a30 realloc
0x100001a38 ??1type_info@@UEAA@XZ
0x100001a40 __set_app_type
0x100001a48 _fmode
0x100001a50 _commode
0x100001a58 __setusermatherr
0x100001a60 _amsg_exit
0x100001a68 _acmdln
0x100001a70 exit
0x100001a78 _cexit
0x100001a80 _ismbblead
0x100001a88 _exit
0x100001a90 _XcptFilter
0x100001a98 __getmainargs
0x100001aa0 __C_specific_handler
0x100001aa8 memset
0x100001ab0 _purecall
0x100001ab8 __RTDynamicCast
0x100001ac0 wcstok
0x100001ac8 wcscspn
0x100001ad0 wcstol
0x100001ad8 _wcsicmp
0x100001ae0 free
0x100001ae8 memmove_s
0x100001af0 ??_U@YAPEAX_K@Z
0x100001af8 _vsnwprintf
0x100001b00 ??2@YAPEAX_K@Z
0x100001b08 ??_V@YAXPEAX@Z
0x100001b10 ??3@YAXPEAX@Z
0x100001b18 _initterm
0x100001b20 memcpy
OLEAUT32.dll
0x1000013e0 SafeArrayGetElement
0x1000013e8 SysAllocString
0x1000013f0 SysFreeString
0x1000013f8 VariantClear
0x100001400 VariantInit
POWRPROF.dll
0x100001410 PowerDeterminePlatformRole
0x100001418 PowerSettingAccessCheck
0x100001420 PowerReadDCValue
0x100001428 PowerSetActiveScheme
0x100001430 PowerGetActiveScheme
0x100001438 PowerReadFriendlyName
0x100001440 GetPwrCapabilities
BatMeter.dll
0x1000010a0 CleanupBatteryData
0x1000010a8 SubscribeBatteryUpdateNotification
0x1000010b0 CreateBatteryData
0x1000010b8 UnsubscribeBatteryUpdateNotification
0x1000010c0 BatMeterOnDeviceChange
0x1000010c8 UpdateBatteryDataAsync
0x1000010d0 QueryBatteryData
0x1000010d8 GetBatteryStatusText
0x1000010e0 SetBatteryLevel
WINMM.dll
0x100001858 waveOutGetNumDevs
0x100001860 PlaySoundW
SHELL32.dll
0x100001460 ShellExecuteW
0x100001468 None
0x100001470 SHGetKnownFolderIDList
0x100001478 None
0x100001480 DuplicateIcon
0x100001488 ShellExecuteExW
SHLWAPI.dll
0x100001498 PathFileExistsW
0x1000014a0 None
0x1000014a8 None
0x1000014b0 StrTrimW
0x1000014b8 None
0x1000014c0 PathGetArgsW
0x1000014c8 PathRemoveBlanksW
ole32.dll
0x100001b58 CLSIDFromString
0x100001b60 CoCreateInstance
0x100001b68 CoSetProxyBlanket
0x100001b70 CreateStreamOnHGlobal
0x100001b78 CoInitializeSecurity
0x100001b80 CoUninitialize
0x100001b88 CoInitialize
ntdll.dll
0x100001b30 EtwTraceMessage
0x100001b38 RtlVirtualUnwind
0x100001b40 RtlLookupFunctionEntry
0x100001b48 RtlCaptureContext
slc.dll
0x100001b98 SLGetWindowsInformationDWORD
RPCRT4.dll
0x100001450 UuidFromStringW
gdiplus.dll
0x100001920 GdipCloneImage
0x100001928 GdipDisposeImage
0x100001930 GdipAlloc
0x100001938 GdiplusShutdown
0x100001940 GdiplusStartup
0x100001948 GdipGetImageWidth
0x100001950 GdipCreateFromHDC
0x100001958 GdipDrawLine
0x100001960 GdipFillPath
0x100001968 GdipCreatePath
0x100001970 GdipCreatePen1
0x100001978 GdipBitmapUnlockBits
0x100001980 GdipBitmapLockBits
0x100001988 GdipGetImageHeight
0x100001990 GdipFillRectangle
0x100001998 GdipImageRotateFlip
0x1000019a0 GdipFree
0x1000019a8 GdipCreateBitmapFromStream
0x1000019b0 GdipCreateSolidFill
0x1000019b8 GdipDeletePath
0x1000019c0 GdipAddPathLine
0x1000019c8 GdipDeleteBrush
0x1000019d0 GdipDeleteGraphics
0x1000019d8 GdipCreateLineBrush
0x1000019e0 GdipSetSmoothingMode
0x1000019e8 GdipDeletePen
UxTheme.dll
0x1000017e0 OpenThemeData
0x1000017e8 BufferedPaintInit
0x1000017f0 BufferedPaintUnInit
0x1000017f8 BeginBufferedPaint
0x100001800 DrawThemeTextEx
0x100001808 EndBufferedPaint
0x100001810 BufferedPaintSetAlpha
0x100001818 GetThemePartSize
0x100001820 GetThemeBackgroundContentRect
0x100001828 GetThemeTextExtent
0x100001830 DrawThemeText
0x100001838 GetThemeColor
0x100001840 CloseThemeData
0x100001848 DrawThemeBackground
Wlanapi.dll
0x1000018c0 WlanCloseHandle
0x1000018c8 WlanGetInterfaceCapability
0x1000018d0 WlanSetInterface
0x1000018d8 WlanFreeMemory
0x1000018e0 WlanOpenHandle
0x1000018e8 WlanRegisterNotification
0x1000018f0 WlanQueryInterface
0x1000018f8 WlanEnumInterfaces
WMI.dll
0x100001870 WmiOpenBlock
0x100001878 WmiExecuteMethodW
0x100001880 WmiNotificationRegistrationW
0x100001888 WmiCloseBlock
0x100001890 WmiQueryAllDataW
0x100001898 WmiQuerySingleInstanceW
COMCTL32.dll
0x1000010f0 ImageList_Create
0x1000010f8 ImageList_ReplaceIcon
0x100001100 ImageList_DrawIndirect
0x100001108 ImageList_Destroy
0x100001110 None
0x100001118 None
dwmapi.dll
0x100001908 DwmIsCompositionEnabled
0x100001910 DwmExtendFrameIntoClientArea
WTSAPI32.dll
0x1000018a8 WTSUnRegisterSessionNotification
0x1000018b0 WTSRegisterSessionNotification
EAT(Export Address Table) is none