ScreenShot
| Created | 2023.10.12 10:25 | Machine | s1_win7_x6401 |
| Filename | client_x86.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 7 detected (Attribute, HighConfidence, Malicious, score, Shella, Generic ML PUA) | ||
| md5 | 2b199211ed7ddd31f0a5f0c651f44457 | ||
| sha256 | b25cdf0bf1aed73a1245c5269c800bd43728c5bcce6b75b84b9b9c4cc4e75513 | ||
| ssdeep | 49152:nXsGREfMYgHug4kAjZ1/y8HQzz2xrvrdQeCVUrJnCW2bj1gXjRR1rU4:nXorx6tNn1gbb | ||
| imphash | ec12d3219c6550199aea68d98124bde3 | ||
| impfuzzy | 96:j4hzm/MNsJ08vHLt+cfxuQ/1HfxMO4ceiB7NbmJmHdy2m0+tJRhOgu8gudQXS:Er6fuQpOOXeiB7NwR2mloudiS | ||
Network IP location
Signature (10cnts)
| Level | Description |
|---|---|
| watch | Attempts to remove evidence of file being downloaded from the Internet |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates hidden or system file |
| notice | File has been identified by 7 AntiVirus engines on VirusTotal as malicious |
| notice | One or more potentially interesting buffers were extracted |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x582120 CreateProcessW
0x582124 WaitForSingleObject
0x582128 GetTickCount
0x58212c WideCharToMultiByte
0x582130 MultiByteToWideChar
0x582134 CreateFileW
0x582138 WriteFile
0x58213c LocalAlloc
0x582140 CreateDirectoryW
0x582144 GetLastError
0x582148 LocalFree
0x58214c FindFirstFileW
0x582150 FindNextFileW
0x582154 FindClose
0x582158 GetFileSize
0x58215c GetLocaleInfoW
0x582160 GetDateFormatW
0x582164 GetTimeFormatW
0x582168 GetTimeZoneInformation
0x58216c SystemTimeToFileTime
0x582170 FileTimeToLocalFileTime
0x582174 FileTimeToSystemTime
0x582178 lstrcatW
0x58217c GetFileAttributesW
0x582180 GetCurrentDirectoryW
0x582184 SetCurrentDirectoryW
0x582188 GetFileType
0x58218c GetFileInformationByHandle
0x582190 GetSystemTime
0x582194 GetLocalTime
0x582198 SetFilePointer
0x58219c ReadFile
0x5821a0 FileTimeToDosDateTime
0x5821a4 CreateFileMappingW
0x5821a8 MapViewOfFile
0x5821ac UnmapViewOfFile
0x5821b0 DosDateTimeToFileTime
0x5821b4 SetFileTime
0x5821b8 WriteConsoleW
0x5821bc SetStdHandle
0x5821c0 SetEnvironmentVariableA
0x5821c4 FreeEnvironmentStringsW
0x5821c8 GetEnvironmentStringsW
0x5821cc GetCommandLineW
0x5821d0 GetCommandLineA
0x5821d4 GetOEMCP
0x5821d8 IsValidCodePage
0x5821dc FindNextFileA
0x5821e0 FindFirstFileExA
0x5821e4 GetProcessHeap
0x5821e8 FlushFileBuffers
0x5821ec GetConsoleCP
0x5821f0 ReadConsoleW
0x5821f4 GetConsoleMode
0x5821f8 EnumSystemLocalesW
0x5821fc GetUserDefaultLCID
0x582200 IsValidLocale
0x582204 GetACP
0x582208 GetStdHandle
0x58220c GetModuleFileNameA
0x582210 GetModuleHandleExW
0x582214 ExitProcess
0x582218 HeapFree
0x58221c HeapReAlloc
0x582220 HeapAlloc
0x582224 QueryPerformanceFrequency
0x582228 LoadLibraryExW
0x58222c RtlUnwind
0x582230 RaiseException
0x582234 FormatMessageA
0x582238 AreFileApisANSI
0x58223c MoveFileExW
0x582240 CopyFileW
0x582244 GetModuleHandleA
0x582248 DeviceIoControl
0x58224c SetFilePointerEx
0x582250 SetEndOfFile
0x582254 RemoveDirectoryW
0x582258 GetFileAttributesExW
0x58225c DeleteFileW
0x582260 InitializeSListHead
0x582264 GetCurrentThreadId
0x582268 GetCurrentProcessId
0x58226c QueryPerformanceCounter
0x582270 IsDebuggerPresent
0x582274 WaitForSingleObjectEx
0x582278 ResetEvent
0x58227c SetEvent
0x582280 IsProcessorFeaturePresent
0x582284 SetUnhandledExceptionFilter
0x582288 UnhandledExceptionFilter
0x58228c GetCPInfo
0x582290 LCMapStringW
0x582294 CompareStringW
0x582298 GetSystemTimeAsFileTime
0x58229c TlsFree
0x5822a0 TlsSetValue
0x5822a4 TlsGetValue
0x5822a8 TlsAlloc
0x5822ac CreateEventW
0x5822b0 InitializeCriticalSectionAndSpinCount
0x5822b4 SetLastError
0x5822b8 DeleteCriticalSection
0x5822bc LeaveCriticalSection
0x5822c0 EnterCriticalSection
0x5822c4 DecodePointer
0x5822c8 EncodePointer
0x5822cc GetStringTypeW
0x5822d0 GetSystemDirectoryW
0x5822d4 lstrcpyW
0x5822d8 HeapSize
0x5822dc LoadLibraryW
0x5822e0 GetModuleHandleW
0x5822e4 FreeLibrary
0x5822e8 TerminateProcess
0x5822ec GetCurrentProcess
0x5822f0 CreateThread
0x5822f4 CloseHandle
0x5822f8 Beep
0x5822fc Sleep
0x582300 MulDiv
0x582304 VerSetConditionMask
0x582308 VerifyVersionInfoW
0x58230c GetProcAddress
0x582310 _lread
0x582314 lstrlenW
0x582318 lstrcpynW
0x58231c GlobalAlloc
0x582320 GlobalLock
0x582324 GlobalUnlock
0x582328 GlobalReAlloc
0x58232c IsWow64Process
0x582330 GetModuleFileNameW
0x582334 GetStartupInfoW
USER32.dll
0x582368 ActivateKeyboardLayout
0x58236c CreateIconIndirect
0x582370 GetIconInfo
0x582374 SetRect
0x582378 SetScrollInfo
0x58237c GetScrollInfo
0x582380 GetScrollPos
0x582384 TrackPopupMenuEx
0x582388 InsertMenuW
0x58238c GetMenuState
0x582390 GetSubMenu
0x582394 GetMenuItemRect
0x582398 GetMenuItemInfoW
0x58239c GetMenuItemCount
0x5823a0 EnableMenuItem
0x5823a4 ModifyMenuW
0x5823a8 GetKeyboardLayoutList
0x5823ac LoadKeyboardLayoutW
0x5823b0 UnloadKeyboardLayout
0x5823b4 GetKeyboardLayout
0x5823b8 LoadIconW
0x5823bc ScreenToClient
0x5823c0 PtInRect
0x5823c4 DestroyIcon
0x5823c8 InflateRect
0x5823cc GetAsyncKeyState
0x5823d0 CallWindowProcW
0x5823d4 SetWindowLongW
0x5823d8 LoadCursorW
0x5823dc SetCursor
0x5823e0 KillTimer
0x5823e4 FindWindowW
0x5823e8 ShowWindow
0x5823ec SetFocus
0x5823f0 GetMessageW
0x5823f4 GetParent
0x5823f8 TranslateMessage
0x5823fc DispatchMessageW
0x582400 PostMessageW
0x582404 MessageBoxW
0x582408 GetDlgItem
0x58240c EnableWindow
0x582410 GetClientRect
0x582414 InvalidateRect
0x582418 SetScrollPos
0x58241c SendMessageW
0x582420 GetFocus
0x582424 GetMessagePos
0x582428 SendInput
0x58242c VkKeyScanW
0x582430 GetKeyboardState
0x582434 ToUnicodeEx
0x582438 MapVirtualKeyExW
0x58243c ClientToScreen
0x582440 GetKeyboardLayoutNameW
0x582444 SetTimer
0x582448 PostQuitMessage
0x58244c RegisterClassExW
0x582450 CreateWindowExW
0x582454 DialogBoxParamW
0x582458 EndDialog
0x58245c IsWindowEnabled
0x582460 SetCapture
0x582464 ReleaseCapture
0x582468 OffsetRect
0x58246c EqualRect
0x582470 SetWindowRgn
0x582474 RedrawWindow
0x582478 UnionRect
0x58247c IntersectRect
0x582480 ShowScrollBar
0x582484 LoadImageW
0x582488 DrawIconEx
0x58248c DefWindowProcW
0x582490 DestroyWindow
0x582494 MoveWindow
0x582498 MapWindowPoints
0x58249c GetClassLongW
0x5824a0 SetClassLongW
0x5824a4 GetCursor
0x5824a8 BeginPaint
0x5824ac EndPaint
0x5824b0 IsWindowVisible
0x5824b4 SetWindowTextW
0x5824b8 GetWindowTextW
0x5824bc GetClassNameW
0x5824c0 GetNextDlgTabItem
0x5824c4 GetNextDlgGroupItem
0x5824c8 CreateAcceleratorTableW
0x5824cc DestroyAcceleratorTable
0x5824d0 TranslateAcceleratorW
0x5824d4 GetWindowTextLengthW
0x5824d8 GetComboBoxInfo
0x5824dc InsertMenuItemW
0x5824e0 CreatePopupMenu
0x5824e4 GetCursorPos
0x5824e8 GetSysColorBrush
0x5824ec FillRect
0x5824f0 SetWindowPos
0x5824f4 CharNextW
0x5824f8 ReleaseDC
0x5824fc TrackPopupMenu
0x582500 GetDC
0x582504 SetForegroundWindow
0x582508 GetSysColor
0x58250c GetWindowRect
0x582510 SetMenuDefaultItem
0x582514 CreateMenu
0x582518 DestroyMenu
0x58251c GetCapture
0x582520 GetWindowLongW
0x582524 SystemParametersInfoW
0x582528 GetKeyState
GDI32.dll
0x582078 RemoveFontResourceExW
0x58207c CreateBitmap
0x582080 GetObjectW
0x582084 SetLayout
0x582088 ExtCreateRegion
0x58208c GetPixel
0x582090 AddFontResourceExW
0x582094 GetFontData
0x582098 GetOutlineTextMetricsW
0x58209c ModifyWorldTransform
0x5820a0 SetGraphicsMode
0x5820a4 SetWindowOrgEx
0x5820a8 SetPixel
0x5820ac SetViewportOrgEx
0x5820b0 BitBlt
0x5820b4 CreateCompatibleBitmap
0x5820b8 CreateSolidBrush
0x5820bc RestoreDC
0x5820c0 StretchBlt
0x5820c4 SetStretchBltMode
0x5820c8 SaveDC
0x5820cc CreateDIBSection
0x5820d0 SelectClipRgn
0x5820d4 DeleteDC
0x5820d8 GetTextExtentPoint32W
0x5820dc CreateCompatibleDC
0x5820e0 TextOutW
0x5820e4 GetObjectA
0x5820e8 CreateRectRgnIndirect
0x5820ec OffsetRgn
0x5820f0 CombineRgn
0x5820f4 CreateRectRgn
0x5820f8 SetBkColor
0x5820fc SetTextColor
0x582100 GetDeviceCaps
0x582104 GetGlyphOutlineW
0x582108 GetTextMetricsW
0x58210c GetKerningPairsW
0x582110 SelectObject
0x582114 CreateFontIndirectW
0x582118 DeleteObject
COMDLG32.dll
0x582068 GetOpenFileNameW
0x58206c ChooseColorW
0x582070 GetSaveFileNameW
ADVAPI32.dll
0x582000 SystemFunction036
0x582004 GetUserNameW
0x582008 AllocateAndInitializeSid
0x58200c SetEntriesInAclW
0x582010 InitializeSecurityDescriptor
0x582014 SetSecurityDescriptorDacl
0x582018 FreeSid
0x58201c RegEnumKeyExW
0x582020 RegQueryInfoKeyW
0x582024 RegCloseKey
0x582028 RegQueryValueExW
0x58202c RegOpenKeyExW
0x582030 AccessCheck
0x582034 MapGenericMask
0x582038 DuplicateToken
0x58203c OpenProcessToken
0x582040 GetFileSecurityW
SHELL32.dll
0x58234c SHBrowseForFolderW
0x582350 SHGetSpecialFolderPathW
0x582354 SHGetPathFromIDListW
0x582358 ShellExecuteExW
0x58235c Shell_NotifyIconW
0x582360 SHGetMalloc
gdiplus.dll
0x582564 GdipSetClipRect
0x582568 None
0x58256c GdipDrawPath
0x582570 GdipDrawEllipse
0x582574 GdipDrawLineI
0x582578 GdipSetPenStartCap
0x58257c GdipDrawRectangleI
0x582580 GdipGetImageHeight
0x582584 GdipGetImageWidth
0x582588 GdipImageRotateFlip
0x58258c GdipDrawImagePointsRectI
0x582590 GdipGetImageEncodersSize
0x582594 GdipGetImageEncoders
0x582598 GdipCreateBitmapFromHBITMAP
0x58259c GdipSaveImageToFile
0x5825a0 GdipDrawImageI
0x5825a4 GdipSetLinePresetBlend
0x5825a8 GdipDisposeImage
0x5825ac GdipCloneImage
0x5825b0 GdipCreateBitmapFromGraphics
0x5825b4 GdipDrawRectangle
0x5825b8 GdipSetSmoothingMode
0x5825bc GdipGetSolidFillColor
0x5825c0 GdipSetWorldTransform
0x5825c4 GdipScaleMatrix
0x5825c8 GdipRotateMatrix
0x5825cc GdipTranslateMatrix
0x5825d0 GdipDeleteMatrix
0x5825d4 GdipGraphicsClear
0x5825d8 GdipCreateLineBrushFromRect
0x5825dc GdipFillRectangle
0x5825e0 GdipFillEllipse
0x5825e4 GdipDrawLines
0x5825e8 GdipFillPolygon
0x5825ec GdipDrawLine
0x5825f0 GdipCreateLineBrush
0x5825f4 GdipCreatePen1
0x5825f8 GdipCreateSolidFill
0x5825fc GdipSetTextRenderingHint
0x582600 GdipDeletePen
0x582604 GdipCloneBrush
0x582608 GdipDeleteBrush
0x58260c GdipFillPath
0x582610 GdipDeleteFont
0x582614 GdipDeletePrivateFontCollection
0x582618 GdipMeasureDriverString
0x58261c GdipDeleteStringFormat
0x582620 GdipCreateStringFormat
0x582624 GdipDrawString
0x582628 GdipDrawDriverString
0x58262c GdipGetFontStyle
0x582630 GdipCreateFontFamilyFromName
0x582634 GdipGetGenericFontFamilySansSerif
0x582638 GdipCreateFont
0x58263c GdipGetFamilyName
0x582640 GdipGetFontCollectionFamilyList
0x582644 GdipCloneFontFamily
0x582648 GdipPrivateAddFontFile
0x58264c GdipNewPrivateFontCollection
0x582650 GdipFree
0x582654 GdipAlloc
0x582658 GdipDeleteFontFamily
0x58265c GdipSetStringFormatLineAlign
0x582660 GdipSetStringFormatAlign
0x582664 GdipSetStringFormatFlags
0x582668 GdipClosePathFigure
0x58266c GdipAddPathBezier
0x582670 GdipAddPathLine
0x582674 GdipDeletePath
0x582678 GdipCreatePath
0x58267c GdipSetPathFillMode
0x582680 GdipDeleteGraphics
0x582684 GdipCreateFromHDC
0x582688 GdiplusShutdown
0x58268c GdiplusStartup
0x582690 GdipSetPenDashStyle
0x582694 GdipScaleWorldTransform
0x582698 GdipResetWorldTransform
0x58269c GdipFillRectangleI
0x5826a0 GdipMeasureString
0x5826a4 GdipCreateFontFromLogfontA
0x5826a8 GdipCreateFontFromDC
0x5826ac GdipCreateHBITMAPFromBitmap
0x5826b0 GdipCreateBitmapFromFileICM
0x5826b4 GdipDrawImagePointRectI
0x5826b8 GdipTranslateWorldTransform
0x5826bc GdipGetImageGraphicsContext
0x5826c0 GdipCreateMatrix
EAT(Export Address Table) is none
KERNEL32.dll
0x582120 CreateProcessW
0x582124 WaitForSingleObject
0x582128 GetTickCount
0x58212c WideCharToMultiByte
0x582130 MultiByteToWideChar
0x582134 CreateFileW
0x582138 WriteFile
0x58213c LocalAlloc
0x582140 CreateDirectoryW
0x582144 GetLastError
0x582148 LocalFree
0x58214c FindFirstFileW
0x582150 FindNextFileW
0x582154 FindClose
0x582158 GetFileSize
0x58215c GetLocaleInfoW
0x582160 GetDateFormatW
0x582164 GetTimeFormatW
0x582168 GetTimeZoneInformation
0x58216c SystemTimeToFileTime
0x582170 FileTimeToLocalFileTime
0x582174 FileTimeToSystemTime
0x582178 lstrcatW
0x58217c GetFileAttributesW
0x582180 GetCurrentDirectoryW
0x582184 SetCurrentDirectoryW
0x582188 GetFileType
0x58218c GetFileInformationByHandle
0x582190 GetSystemTime
0x582194 GetLocalTime
0x582198 SetFilePointer
0x58219c ReadFile
0x5821a0 FileTimeToDosDateTime
0x5821a4 CreateFileMappingW
0x5821a8 MapViewOfFile
0x5821ac UnmapViewOfFile
0x5821b0 DosDateTimeToFileTime
0x5821b4 SetFileTime
0x5821b8 WriteConsoleW
0x5821bc SetStdHandle
0x5821c0 SetEnvironmentVariableA
0x5821c4 FreeEnvironmentStringsW
0x5821c8 GetEnvironmentStringsW
0x5821cc GetCommandLineW
0x5821d0 GetCommandLineA
0x5821d4 GetOEMCP
0x5821d8 IsValidCodePage
0x5821dc FindNextFileA
0x5821e0 FindFirstFileExA
0x5821e4 GetProcessHeap
0x5821e8 FlushFileBuffers
0x5821ec GetConsoleCP
0x5821f0 ReadConsoleW
0x5821f4 GetConsoleMode
0x5821f8 EnumSystemLocalesW
0x5821fc GetUserDefaultLCID
0x582200 IsValidLocale
0x582204 GetACP
0x582208 GetStdHandle
0x58220c GetModuleFileNameA
0x582210 GetModuleHandleExW
0x582214 ExitProcess
0x582218 HeapFree
0x58221c HeapReAlloc
0x582220 HeapAlloc
0x582224 QueryPerformanceFrequency
0x582228 LoadLibraryExW
0x58222c RtlUnwind
0x582230 RaiseException
0x582234 FormatMessageA
0x582238 AreFileApisANSI
0x58223c MoveFileExW
0x582240 CopyFileW
0x582244 GetModuleHandleA
0x582248 DeviceIoControl
0x58224c SetFilePointerEx
0x582250 SetEndOfFile
0x582254 RemoveDirectoryW
0x582258 GetFileAttributesExW
0x58225c DeleteFileW
0x582260 InitializeSListHead
0x582264 GetCurrentThreadId
0x582268 GetCurrentProcessId
0x58226c QueryPerformanceCounter
0x582270 IsDebuggerPresent
0x582274 WaitForSingleObjectEx
0x582278 ResetEvent
0x58227c SetEvent
0x582280 IsProcessorFeaturePresent
0x582284 SetUnhandledExceptionFilter
0x582288 UnhandledExceptionFilter
0x58228c GetCPInfo
0x582290 LCMapStringW
0x582294 CompareStringW
0x582298 GetSystemTimeAsFileTime
0x58229c TlsFree
0x5822a0 TlsSetValue
0x5822a4 TlsGetValue
0x5822a8 TlsAlloc
0x5822ac CreateEventW
0x5822b0 InitializeCriticalSectionAndSpinCount
0x5822b4 SetLastError
0x5822b8 DeleteCriticalSection
0x5822bc LeaveCriticalSection
0x5822c0 EnterCriticalSection
0x5822c4 DecodePointer
0x5822c8 EncodePointer
0x5822cc GetStringTypeW
0x5822d0 GetSystemDirectoryW
0x5822d4 lstrcpyW
0x5822d8 HeapSize
0x5822dc LoadLibraryW
0x5822e0 GetModuleHandleW
0x5822e4 FreeLibrary
0x5822e8 TerminateProcess
0x5822ec GetCurrentProcess
0x5822f0 CreateThread
0x5822f4 CloseHandle
0x5822f8 Beep
0x5822fc Sleep
0x582300 MulDiv
0x582304 VerSetConditionMask
0x582308 VerifyVersionInfoW
0x58230c GetProcAddress
0x582310 _lread
0x582314 lstrlenW
0x582318 lstrcpynW
0x58231c GlobalAlloc
0x582320 GlobalLock
0x582324 GlobalUnlock
0x582328 GlobalReAlloc
0x58232c IsWow64Process
0x582330 GetModuleFileNameW
0x582334 GetStartupInfoW
USER32.dll
0x582368 ActivateKeyboardLayout
0x58236c CreateIconIndirect
0x582370 GetIconInfo
0x582374 SetRect
0x582378 SetScrollInfo
0x58237c GetScrollInfo
0x582380 GetScrollPos
0x582384 TrackPopupMenuEx
0x582388 InsertMenuW
0x58238c GetMenuState
0x582390 GetSubMenu
0x582394 GetMenuItemRect
0x582398 GetMenuItemInfoW
0x58239c GetMenuItemCount
0x5823a0 EnableMenuItem
0x5823a4 ModifyMenuW
0x5823a8 GetKeyboardLayoutList
0x5823ac LoadKeyboardLayoutW
0x5823b0 UnloadKeyboardLayout
0x5823b4 GetKeyboardLayout
0x5823b8 LoadIconW
0x5823bc ScreenToClient
0x5823c0 PtInRect
0x5823c4 DestroyIcon
0x5823c8 InflateRect
0x5823cc GetAsyncKeyState
0x5823d0 CallWindowProcW
0x5823d4 SetWindowLongW
0x5823d8 LoadCursorW
0x5823dc SetCursor
0x5823e0 KillTimer
0x5823e4 FindWindowW
0x5823e8 ShowWindow
0x5823ec SetFocus
0x5823f0 GetMessageW
0x5823f4 GetParent
0x5823f8 TranslateMessage
0x5823fc DispatchMessageW
0x582400 PostMessageW
0x582404 MessageBoxW
0x582408 GetDlgItem
0x58240c EnableWindow
0x582410 GetClientRect
0x582414 InvalidateRect
0x582418 SetScrollPos
0x58241c SendMessageW
0x582420 GetFocus
0x582424 GetMessagePos
0x582428 SendInput
0x58242c VkKeyScanW
0x582430 GetKeyboardState
0x582434 ToUnicodeEx
0x582438 MapVirtualKeyExW
0x58243c ClientToScreen
0x582440 GetKeyboardLayoutNameW
0x582444 SetTimer
0x582448 PostQuitMessage
0x58244c RegisterClassExW
0x582450 CreateWindowExW
0x582454 DialogBoxParamW
0x582458 EndDialog
0x58245c IsWindowEnabled
0x582460 SetCapture
0x582464 ReleaseCapture
0x582468 OffsetRect
0x58246c EqualRect
0x582470 SetWindowRgn
0x582474 RedrawWindow
0x582478 UnionRect
0x58247c IntersectRect
0x582480 ShowScrollBar
0x582484 LoadImageW
0x582488 DrawIconEx
0x58248c DefWindowProcW
0x582490 DestroyWindow
0x582494 MoveWindow
0x582498 MapWindowPoints
0x58249c GetClassLongW
0x5824a0 SetClassLongW
0x5824a4 GetCursor
0x5824a8 BeginPaint
0x5824ac EndPaint
0x5824b0 IsWindowVisible
0x5824b4 SetWindowTextW
0x5824b8 GetWindowTextW
0x5824bc GetClassNameW
0x5824c0 GetNextDlgTabItem
0x5824c4 GetNextDlgGroupItem
0x5824c8 CreateAcceleratorTableW
0x5824cc DestroyAcceleratorTable
0x5824d0 TranslateAcceleratorW
0x5824d4 GetWindowTextLengthW
0x5824d8 GetComboBoxInfo
0x5824dc InsertMenuItemW
0x5824e0 CreatePopupMenu
0x5824e4 GetCursorPos
0x5824e8 GetSysColorBrush
0x5824ec FillRect
0x5824f0 SetWindowPos
0x5824f4 CharNextW
0x5824f8 ReleaseDC
0x5824fc TrackPopupMenu
0x582500 GetDC
0x582504 SetForegroundWindow
0x582508 GetSysColor
0x58250c GetWindowRect
0x582510 SetMenuDefaultItem
0x582514 CreateMenu
0x582518 DestroyMenu
0x58251c GetCapture
0x582520 GetWindowLongW
0x582524 SystemParametersInfoW
0x582528 GetKeyState
GDI32.dll
0x582078 RemoveFontResourceExW
0x58207c CreateBitmap
0x582080 GetObjectW
0x582084 SetLayout
0x582088 ExtCreateRegion
0x58208c GetPixel
0x582090 AddFontResourceExW
0x582094 GetFontData
0x582098 GetOutlineTextMetricsW
0x58209c ModifyWorldTransform
0x5820a0 SetGraphicsMode
0x5820a4 SetWindowOrgEx
0x5820a8 SetPixel
0x5820ac SetViewportOrgEx
0x5820b0 BitBlt
0x5820b4 CreateCompatibleBitmap
0x5820b8 CreateSolidBrush
0x5820bc RestoreDC
0x5820c0 StretchBlt
0x5820c4 SetStretchBltMode
0x5820c8 SaveDC
0x5820cc CreateDIBSection
0x5820d0 SelectClipRgn
0x5820d4 DeleteDC
0x5820d8 GetTextExtentPoint32W
0x5820dc CreateCompatibleDC
0x5820e0 TextOutW
0x5820e4 GetObjectA
0x5820e8 CreateRectRgnIndirect
0x5820ec OffsetRgn
0x5820f0 CombineRgn
0x5820f4 CreateRectRgn
0x5820f8 SetBkColor
0x5820fc SetTextColor
0x582100 GetDeviceCaps
0x582104 GetGlyphOutlineW
0x582108 GetTextMetricsW
0x58210c GetKerningPairsW
0x582110 SelectObject
0x582114 CreateFontIndirectW
0x582118 DeleteObject
COMDLG32.dll
0x582068 GetOpenFileNameW
0x58206c ChooseColorW
0x582070 GetSaveFileNameW
ADVAPI32.dll
0x582000 SystemFunction036
0x582004 GetUserNameW
0x582008 AllocateAndInitializeSid
0x58200c SetEntriesInAclW
0x582010 InitializeSecurityDescriptor
0x582014 SetSecurityDescriptorDacl
0x582018 FreeSid
0x58201c RegEnumKeyExW
0x582020 RegQueryInfoKeyW
0x582024 RegCloseKey
0x582028 RegQueryValueExW
0x58202c RegOpenKeyExW
0x582030 AccessCheck
0x582034 MapGenericMask
0x582038 DuplicateToken
0x58203c OpenProcessToken
0x582040 GetFileSecurityW
SHELL32.dll
0x58234c SHBrowseForFolderW
0x582350 SHGetSpecialFolderPathW
0x582354 SHGetPathFromIDListW
0x582358 ShellExecuteExW
0x58235c Shell_NotifyIconW
0x582360 SHGetMalloc
gdiplus.dll
0x582564 GdipSetClipRect
0x582568 None
0x58256c GdipDrawPath
0x582570 GdipDrawEllipse
0x582574 GdipDrawLineI
0x582578 GdipSetPenStartCap
0x58257c GdipDrawRectangleI
0x582580 GdipGetImageHeight
0x582584 GdipGetImageWidth
0x582588 GdipImageRotateFlip
0x58258c GdipDrawImagePointsRectI
0x582590 GdipGetImageEncodersSize
0x582594 GdipGetImageEncoders
0x582598 GdipCreateBitmapFromHBITMAP
0x58259c GdipSaveImageToFile
0x5825a0 GdipDrawImageI
0x5825a4 GdipSetLinePresetBlend
0x5825a8 GdipDisposeImage
0x5825ac GdipCloneImage
0x5825b0 GdipCreateBitmapFromGraphics
0x5825b4 GdipDrawRectangle
0x5825b8 GdipSetSmoothingMode
0x5825bc GdipGetSolidFillColor
0x5825c0 GdipSetWorldTransform
0x5825c4 GdipScaleMatrix
0x5825c8 GdipRotateMatrix
0x5825cc GdipTranslateMatrix
0x5825d0 GdipDeleteMatrix
0x5825d4 GdipGraphicsClear
0x5825d8 GdipCreateLineBrushFromRect
0x5825dc GdipFillRectangle
0x5825e0 GdipFillEllipse
0x5825e4 GdipDrawLines
0x5825e8 GdipFillPolygon
0x5825ec GdipDrawLine
0x5825f0 GdipCreateLineBrush
0x5825f4 GdipCreatePen1
0x5825f8 GdipCreateSolidFill
0x5825fc GdipSetTextRenderingHint
0x582600 GdipDeletePen
0x582604 GdipCloneBrush
0x582608 GdipDeleteBrush
0x58260c GdipFillPath
0x582610 GdipDeleteFont
0x582614 GdipDeletePrivateFontCollection
0x582618 GdipMeasureDriverString
0x58261c GdipDeleteStringFormat
0x582620 GdipCreateStringFormat
0x582624 GdipDrawString
0x582628 GdipDrawDriverString
0x58262c GdipGetFontStyle
0x582630 GdipCreateFontFamilyFromName
0x582634 GdipGetGenericFontFamilySansSerif
0x582638 GdipCreateFont
0x58263c GdipGetFamilyName
0x582640 GdipGetFontCollectionFamilyList
0x582644 GdipCloneFontFamily
0x582648 GdipPrivateAddFontFile
0x58264c GdipNewPrivateFontCollection
0x582650 GdipFree
0x582654 GdipAlloc
0x582658 GdipDeleteFontFamily
0x58265c GdipSetStringFormatLineAlign
0x582660 GdipSetStringFormatAlign
0x582664 GdipSetStringFormatFlags
0x582668 GdipClosePathFigure
0x58266c GdipAddPathBezier
0x582670 GdipAddPathLine
0x582674 GdipDeletePath
0x582678 GdipCreatePath
0x58267c GdipSetPathFillMode
0x582680 GdipDeleteGraphics
0x582684 GdipCreateFromHDC
0x582688 GdiplusShutdown
0x58268c GdiplusStartup
0x582690 GdipSetPenDashStyle
0x582694 GdipScaleWorldTransform
0x582698 GdipResetWorldTransform
0x58269c GdipFillRectangleI
0x5826a0 GdipMeasureString
0x5826a4 GdipCreateFontFromLogfontA
0x5826a8 GdipCreateFontFromDC
0x5826ac GdipCreateHBITMAPFromBitmap
0x5826b0 GdipCreateBitmapFromFileICM
0x5826b4 GdipDrawImagePointRectI
0x5826b8 GdipTranslateWorldTransform
0x5826bc GdipGetImageGraphicsContext
0x5826c0 GdipCreateMatrix
EAT(Export Address Table) is none