ScreenShot
| Created | 2023.10.23 09:29 | Machine | s1_win7_x6401 |
| Filename | Veeam.Backup.Service.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 7 detected (AIDetectMalware, Malicious, SGeneric, Znyonm, Generic@AI, RDML, n6PzyE72eYmM2Sojmn44pQ, susgen) | ||
| md5 | 03aa72059e81beaaf61c76488cbebd4c | ||
| sha256 | 02392dadd74d3a180bfe79b12cb1b361515a42b7aef57ddc8a76f0112fedfa7d | ||
| ssdeep | 24576:f61D2LPsIHQPLEJ8uzFkxuQRiox1J/ZLydV4gkL:nLUX9CS1/Mk | ||
| imphash | 843075fba28109153465b53d9d36a319 | ||
| impfuzzy | 192:FI7m6hFD6UcpEFuXjBAr55V95zLpX555MQLH3:FI7ZLmBpEUBQzzL4Qj3 | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| notice | File has been identified by 7 AntiVirus engines on VirusTotal as malicious |
| info | Checks amount of memory in system |
| info | One or more processes crashed |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
WSOCK32.dll
0x4ad708 WSACleanup
0x4ad70c recv
0x4ad710 socket
0x4ad714 getservbyname
0x4ad718 WSASetLastError
0x4ad71c WSAAsyncSelect
0x4ad720 closesocket
0x4ad724 gethostbyaddr
0x4ad728 gethostbyname
0x4ad72c send
0x4ad730 getservbyport
0x4ad734 gethostname
0x4ad738 inet_ntoa
0x4ad73c connect
0x4ad740 inet_addr
0x4ad744 WSAStartup
0x4ad748 ioctlsocket
0x4ad74c htonl
0x4ad750 WSAGetLastError
0x4ad754 htons
0x4ad758 ntohs
0x4ad75c shutdown
WINMM.dll
0x4ad6d4 waveOutGetVolume
0x4ad6d8 mixerGetLineInfoW
0x4ad6dc mixerSetControlDetails
0x4ad6e0 mixerGetControlDetailsW
0x4ad6e4 mixerGetLineControlsW
0x4ad6e8 mixerGetDevCapsW
0x4ad6ec waveOutSetVolume
0x4ad6f0 mixerClose
0x4ad6f4 mixerOpen
0x4ad6f8 mciSendStringW
0x4ad6fc joyGetDevCapsW
0x4ad700 joyGetPosEx
VERSION.dll
0x4ad6ac GetFileVersionInfoW
0x4ad6b0 VerQueryValueW
0x4ad6b4 GetFileVersionInfoSizeW
COMCTL32.dll
0x4ad050 ImageList_GetIconSize
0x4ad054 ImageList_Create
0x4ad058 ImageList_Destroy
0x4ad05c ImageList_AddMasked
0x4ad060 ImageList_ReplaceIcon
0x4ad064 CreateStatusWindowW
0x4ad068 InitCommonControlsEx
PSAPI.DLL
0x4ad3bc GetModuleBaseNameW
0x4ad3c0 GetModuleFileNameExW
WININET.dll
0x4ad6bc InternetReadFile
0x4ad6c0 InternetOpenUrlW
0x4ad6c4 InternetCloseHandle
0x4ad6c8 InternetReadFileExA
0x4ad6cc InternetOpenW
KERNEL32.dll
0x4ad10c GlobalFree
0x4ad110 GlobalUnlock
0x4ad114 GetEnvironmentVariableW
0x4ad118 FreeLibrary
0x4ad11c WideCharToMultiByte
0x4ad120 GetSystemDirectoryA
0x4ad124 GetProcAddress
0x4ad128 LoadLibraryA
0x4ad12c GetCurrentThreadId
0x4ad130 lstrcmpiW
0x4ad134 GetStringTypeExW
0x4ad138 CreateThread
0x4ad13c SetThreadPriority
0x4ad140 GetExitCodeThread
0x4ad144 CloseHandle
0x4ad148 CreateMutexW
0x4ad14c GetLastError
0x4ad150 LoadLibraryW
0x4ad154 GetModuleHandleW
0x4ad158 GetVersionExW
0x4ad15c DeleteCriticalSection
0x4ad160 GetModuleFileNameW
0x4ad164 GetFileAttributesW
0x4ad168 GetFullPathNameW
0x4ad16c GetSystemTimeAsFileTime
0x4ad170 LoadResource
0x4ad174 LockResource
0x4ad178 SizeofResource
0x4ad17c GetShortPathNameW
0x4ad180 FindFirstFileW
0x4ad184 FindNextFileW
0x4ad188 FindClose
0x4ad18c FileTimeToLocalFileTime
0x4ad190 SetEnvironmentVariableW
0x4ad194 Beep
0x4ad198 MoveFileW
0x4ad19c OutputDebugStringW
0x4ad1a0 CreateProcessW
0x4ad1a4 MultiByteToWideChar
0x4ad1a8 GetExitCodeProcess
0x4ad1ac WriteProcessMemory
0x4ad1b0 ReadProcessMemory
0x4ad1b4 GetCurrentProcessId
0x4ad1b8 OpenProcess
0x4ad1bc TerminateProcess
0x4ad1c0 SetPriorityClass
0x4ad1c4 GlobalAlloc
0x4ad1c8 GetLocalTime
0x4ad1cc GetDateFormatW
0x4ad1d0 GetTimeFormatW
0x4ad1d4 GetDiskFreeSpaceExW
0x4ad1d8 SetVolumeLabelW
0x4ad1dc CreateFileW
0x4ad1e0 DeviceIoControl
0x4ad1e4 GetDriveTypeW
0x4ad1e8 GetVolumeInformationW
0x4ad1ec GetDiskFreeSpaceW
0x4ad1f0 GetCurrentDirectoryW
0x4ad1f4 CreateDirectoryW
0x4ad1f8 ReadFile
0x4ad1fc WriteFile
0x4ad200 DeleteFileW
0x4ad204 CopyFileW
0x4ad208 SetFileAttributesW
0x4ad20c LocalFileTimeToFileTime
0x4ad210 SetFileTime
0x4ad214 GetFileSizeEx
0x4ad218 GetSystemTime
0x4ad21c GetSystemDefaultUILanguage
0x4ad220 GetComputerNameW
0x4ad224 GetSystemWindowsDirectoryW
0x4ad228 GetTempPathW
0x4ad22c EnterCriticalSection
0x4ad230 LeaveCriticalSection
0x4ad234 VirtualProtect
0x4ad238 QueryDosDeviceW
0x4ad23c CompareStringW
0x4ad240 RemoveDirectoryW
0x4ad244 GetCurrentProcess
0x4ad248 CreateToolhelp32Snapshot
0x4ad24c Process32FirstW
0x4ad250 Process32NextW
0x4ad254 FormatMessageW
0x4ad258 GetPrivateProfileStringW
0x4ad25c GetPrivateProfileSectionW
0x4ad260 GetPrivateProfileSectionNamesW
0x4ad264 WritePrivateProfileStringW
0x4ad268 WritePrivateProfileSectionW
0x4ad26c SetEndOfFile
0x4ad270 GetACP
0x4ad274 GetFileType
0x4ad278 GetStdHandle
0x4ad27c SetFilePointerEx
0x4ad280 SystemTimeToFileTime
0x4ad284 FileTimeToSystemTime
0x4ad288 GetFileSize
0x4ad28c VirtualAllocEx
0x4ad290 VirtualFreeEx
0x4ad294 EnumResourceNamesW
0x4ad298 LoadLibraryExW
0x4ad29c GlobalSize
0x4ad2a0 GlobalLock
0x4ad2a4 FindResourceW
0x4ad2a8 SetErrorMode
0x4ad2ac InitializeCriticalSection
0x4ad2b0 GetCPInfo
0x4ad2b4 SetCurrentDirectoryW
0x4ad2b8 Sleep
0x4ad2bc GetTickCount
0x4ad2c0 MulDiv
0x4ad2c4 ExitProcess
0x4ad2c8 HeapSize
0x4ad2cc HeapQueryInformation
0x4ad2d0 GetCommandLineW
0x4ad2d4 HeapSetInformation
0x4ad2d8 GetStartupInfoW
0x4ad2dc InterlockedIncrement
0x4ad2e0 InterlockedDecrement
0x4ad2e4 HeapAlloc
0x4ad2e8 HeapFree
0x4ad2ec HeapReAlloc
0x4ad2f0 GetOEMCP
0x4ad2f4 IsValidCodePage
0x4ad2f8 TlsAlloc
0x4ad2fc TlsGetValue
0x4ad300 TlsSetValue
0x4ad304 TlsFree
0x4ad308 UnhandledExceptionFilter
0x4ad30c SetUnhandledExceptionFilter
0x4ad310 IsDebuggerPresent
0x4ad314 GetStringTypeW
0x4ad318 HeapCreate
0x4ad31c InitializeCriticalSectionAndSpinCount
0x4ad320 RaiseException
0x4ad324 SetHandleCount
0x4ad328 IsProcessorFeaturePresent
0x4ad32c LCMapStringW
0x4ad330 RtlUnwind
0x4ad334 GetConsoleCP
0x4ad338 GetConsoleMode
0x4ad33c FreeEnvironmentStringsW
0x4ad340 GetEnvironmentStringsW
0x4ad344 QueryPerformanceCounter
0x4ad348 FlushFileBuffers
0x4ad34c SetFilePointer
0x4ad350 WriteConsoleW
0x4ad354 SetStdHandle
0x4ad358 GetProcessHeap
0x4ad35c SetLastError
0x4ad360 VirtualQuery
USER32.dll
0x4ad400 SetFocus
0x4ad404 SetWindowRgn
0x4ad408 SetWindowPos
0x4ad40c SetLayeredWindowAttributes
0x4ad410 InvalidateRect
0x4ad414 EnableWindow
0x4ad418 GetWindowTextLengthW
0x4ad41c EnumWindows
0x4ad420 IsZoomed
0x4ad424 IsIconic
0x4ad428 EnumDisplayMonitors
0x4ad42c RegisterWindowMessageW
0x4ad430 GetSysColor
0x4ad434 GetSysColorBrush
0x4ad438 DrawIconEx
0x4ad43c FillRect
0x4ad440 DefWindowProcW
0x4ad444 SetForegroundWindow
0x4ad448 DialogBoxParamW
0x4ad44c SendDlgItemMessageW
0x4ad450 GetDlgItem
0x4ad454 SetDlgItemTextW
0x4ad458 MessageBeep
0x4ad45c GetCursorInfo
0x4ad460 GetLastInputInfo
0x4ad464 GetSystemMenu
0x4ad468 GetMenuItemCount
0x4ad46c GetMenuItemID
0x4ad470 GetSubMenu
0x4ad474 GetMenuStringW
0x4ad478 ExitWindowsEx
0x4ad47c SetMenu
0x4ad480 FlashWindow
0x4ad484 GetPropW
0x4ad488 SetPropW
0x4ad48c RemovePropW
0x4ad490 MapWindowPoints
0x4ad494 RedrawWindow
0x4ad498 SetParent
0x4ad49c GetClassInfoExW
0x4ad4a0 DefDlgProcW
0x4ad4a4 GetAncestor
0x4ad4a8 UpdateWindow
0x4ad4ac GetMessagePos
0x4ad4b0 GetClassLongW
0x4ad4b4 CallWindowProcW
0x4ad4b8 CheckRadioButton
0x4ad4bc IntersectRect
0x4ad4c0 GetUpdateRect
0x4ad4c4 PtInRect
0x4ad4c8 CreateDialogIndirectParamW
0x4ad4cc CreateAcceleratorTableW
0x4ad4d0 DestroyAcceleratorTable
0x4ad4d4 InsertMenuItemW
0x4ad4d8 SetMenuDefaultItem
0x4ad4dc RemoveMenu
0x4ad4e0 SetMenuItemInfoW
0x4ad4e4 IsMenu
0x4ad4e8 GetMenuItemInfoW
0x4ad4ec CreateMenu
0x4ad4f0 CreatePopupMenu
0x4ad4f4 SetMenuInfo
0x4ad4f8 AppendMenuW
0x4ad4fc DestroyMenu
0x4ad500 TrackPopupMenuEx
0x4ad504 CopyImage
0x4ad508 SetActiveWindow
0x4ad50c CreateIconFromResourceEx
0x4ad510 EnumClipboardFormats
0x4ad514 GetWindow
0x4ad518 BringWindowToTop
0x4ad51c GetTopWindow
0x4ad520 GetQueueStatus
0x4ad524 LoadImageW
0x4ad528 ChangeClipboardChain
0x4ad52c IsWindowVisible
0x4ad530 LoadAcceleratorsW
0x4ad534 EnableMenuItem
0x4ad538 GetMenu
0x4ad53c CreateWindowExW
0x4ad540 RegisterClassExW
0x4ad544 LoadCursorW
0x4ad548 DestroyIcon
0x4ad54c DestroyWindow
0x4ad550 IsCharAlphaW
0x4ad554 MapVirtualKeyW
0x4ad558 VkKeyScanExW
0x4ad55c MapVirtualKeyExW
0x4ad560 GetKeyboardLayoutNameW
0x4ad564 ActivateKeyboardLayout
0x4ad568 GetGUIThreadInfo
0x4ad56c GetWindowTextW
0x4ad570 mouse_event
0x4ad574 WindowFromPoint
0x4ad578 GetSystemMetrics
0x4ad57c keybd_event
0x4ad580 SetKeyboardState
0x4ad584 GetKeyboardState
0x4ad588 GetCursorPos
0x4ad58c GetAsyncKeyState
0x4ad590 AttachThreadInput
0x4ad594 SendInput
0x4ad598 UnregisterHotKey
0x4ad59c PostQuitMessage
0x4ad5a0 SendMessageTimeoutW
0x4ad5a4 UnhookWindowsHookEx
0x4ad5a8 SetWindowsHookExW
0x4ad5ac PostThreadMessageW
0x4ad5b0 IsCharAlphaNumericW
0x4ad5b4 IsCharUpperW
0x4ad5b8 IsCharLowerW
0x4ad5bc ToUnicodeEx
0x4ad5c0 GetKeyboardLayout
0x4ad5c4 CallNextHookEx
0x4ad5c8 CharLowerW
0x4ad5cc ReleaseDC
0x4ad5d0 GetDC
0x4ad5d4 MessageBoxW
0x4ad5d8 OpenClipboard
0x4ad5dc GetClipboardData
0x4ad5e0 GetClipboardFormatNameW
0x4ad5e4 CloseClipboard
0x4ad5e8 SetClipboardData
0x4ad5ec EmptyClipboard
0x4ad5f0 PostMessageW
0x4ad5f4 FindWindowW
0x4ad5f8 EndDialog
0x4ad5fc IsWindow
0x4ad600 DispatchMessageW
0x4ad604 TranslateMessage
0x4ad608 ShowWindow
0x4ad60c CountClipboardFormats
0x4ad610 ClientToScreen
0x4ad614 EnumChildWindows
0x4ad618 MoveWindow
0x4ad61c GetWindowRect
0x4ad620 GetMonitorInfoW
0x4ad624 MonitorFromPoint
0x4ad628 GetClientRect
0x4ad62c SystemParametersInfoW
0x4ad630 AdjustWindowRectEx
0x4ad634 DrawTextW
0x4ad638 SetRect
0x4ad63c GetIconInfo
0x4ad640 CreateIconIndirect
0x4ad644 SetWindowTextW
0x4ad648 SetWindowLongW
0x4ad64c ScreenToClient
0x4ad650 IsDialogMessageW
0x4ad654 SendMessageW
0x4ad658 IsWindowEnabled
0x4ad65c GetWindowLongW
0x4ad660 GetKeyState
0x4ad664 TranslateAcceleratorW
0x4ad668 KillTimer
0x4ad66c PeekMessageW
0x4ad670 GetFocus
0x4ad674 GetClassNameW
0x4ad678 GetWindowThreadProcessId
0x4ad67c GetForegroundWindow
0x4ad680 GetMessageW
0x4ad684 SetTimer
0x4ad688 GetParent
0x4ad68c GetDlgCtrlID
0x4ad690 CharUpperW
0x4ad694 IsClipboardFormatAvailable
0x4ad698 BlockInput
0x4ad69c SetClipboardViewer
0x4ad6a0 CheckMenuItem
0x4ad6a4 RegisterHotKey
GDI32.dll
0x4ad080 GdiFlush
0x4ad084 CreateDIBSection
0x4ad088 EnumFontFamiliesExW
0x4ad08c SetBrushOrgEx
0x4ad090 SetBkColor
0x4ad094 GetPixel
0x4ad098 BitBlt
0x4ad09c CreatePatternBrush
0x4ad0a0 SetBkMode
0x4ad0a4 GetCharABCWidthsW
0x4ad0a8 GetClipBox
0x4ad0ac FillRgn
0x4ad0b0 GetClipRgn
0x4ad0b4 ExcludeClipRect
0x4ad0b8 GetDeviceCaps
0x4ad0bc DeleteObject
0x4ad0c0 CreateFontW
0x4ad0c4 CreateSolidBrush
0x4ad0c8 CreateCompatibleBitmap
0x4ad0cc GetSystemPaletteEntries
0x4ad0d0 GetDIBits
0x4ad0d4 CreateCompatibleDC
0x4ad0d8 CreatePolygonRgn
0x4ad0dc CreateRectRgn
0x4ad0e0 CreateRoundRectRgn
0x4ad0e4 CreateEllipticRgn
0x4ad0e8 DeleteDC
0x4ad0ec GetObjectW
0x4ad0f0 GetTextMetricsW
0x4ad0f4 GetTextFaceW
0x4ad0f8 SelectObject
0x4ad0fc GetStockObject
0x4ad100 CreateDCW
0x4ad104 SetTextColor
COMDLG32.dll
0x4ad070 CommDlgExtendedError
0x4ad074 GetOpenFileNameW
0x4ad078 GetSaveFileNameW
ADVAPI32.dll
0x4ad000 GetUserNameW
0x4ad004 LockServiceDatabase
0x4ad008 OpenSCManagerW
0x4ad00c RegEnumKeyExW
0x4ad010 RegEnumValueW
0x4ad014 RegQueryInfoKeyW
0x4ad018 RegOpenKeyExW
0x4ad01c RegCloseKey
0x4ad020 RegDeleteValueW
0x4ad024 RegDeleteKeyW
0x4ad028 RegSetValueExW
0x4ad02c RegCreateKeyExW
0x4ad030 RegQueryValueExW
0x4ad034 AdjustTokenPrivileges
0x4ad038 LookupPrivilegeValueW
0x4ad03c OpenProcessToken
0x4ad040 CloseServiceHandle
0x4ad044 RegConnectRegistryW
0x4ad048 UnlockServiceDatabase
SHELL32.dll
0x4ad3c8 DragQueryPoint
0x4ad3cc SHEmptyRecycleBinW
0x4ad3d0 SHFileOperationW
0x4ad3d4 SHGetPathFromIDListW
0x4ad3d8 SHBrowseForFolderW
0x4ad3dc SHGetDesktopFolder
0x4ad3e0 SHGetMalloc
0x4ad3e4 SHGetFolderPathW
0x4ad3e8 ShellExecuteExW
0x4ad3ec Shell_NotifyIconW
0x4ad3f0 DragFinish
0x4ad3f4 DragQueryFileW
0x4ad3f8 ExtractIconW
ole32.dll
0x4ad764 OleInitialize
0x4ad768 OleUninitialize
0x4ad76c CoCreateInstance
0x4ad770 CoInitialize
0x4ad774 CoUninitialize
0x4ad778 CLSIDFromString
0x4ad77c CLSIDFromProgID
0x4ad780 CoGetObject
0x4ad784 StringFromGUID2
0x4ad788 CreateStreamOnHGlobal
OLEAUT32.dll
0x4ad368 OleLoadPicture
0x4ad36c SafeArrayUnaccessData
0x4ad370 SafeArrayGetElemsize
0x4ad374 SafeArrayAccessData
0x4ad378 SafeArrayUnlock
0x4ad37c SafeArrayPtrOfIndex
0x4ad380 SafeArrayLock
0x4ad384 SafeArrayDestroy
0x4ad388 GetActiveObject
0x4ad38c SysStringLen
0x4ad390 SysFreeString
0x4ad394 SafeArrayCreate
0x4ad398 VariantClear
0x4ad39c VariantChangeType
0x4ad3a0 SysAllocString
0x4ad3a4 SafeArrayCopy
0x4ad3a8 VariantCopyInd
0x4ad3ac SafeArrayGetUBound
0x4ad3b0 SafeArrayGetLBound
0x4ad3b4 SafeArrayGetDim
EAT(Export Address Table) is none
WSOCK32.dll
0x4ad708 WSACleanup
0x4ad70c recv
0x4ad710 socket
0x4ad714 getservbyname
0x4ad718 WSASetLastError
0x4ad71c WSAAsyncSelect
0x4ad720 closesocket
0x4ad724 gethostbyaddr
0x4ad728 gethostbyname
0x4ad72c send
0x4ad730 getservbyport
0x4ad734 gethostname
0x4ad738 inet_ntoa
0x4ad73c connect
0x4ad740 inet_addr
0x4ad744 WSAStartup
0x4ad748 ioctlsocket
0x4ad74c htonl
0x4ad750 WSAGetLastError
0x4ad754 htons
0x4ad758 ntohs
0x4ad75c shutdown
WINMM.dll
0x4ad6d4 waveOutGetVolume
0x4ad6d8 mixerGetLineInfoW
0x4ad6dc mixerSetControlDetails
0x4ad6e0 mixerGetControlDetailsW
0x4ad6e4 mixerGetLineControlsW
0x4ad6e8 mixerGetDevCapsW
0x4ad6ec waveOutSetVolume
0x4ad6f0 mixerClose
0x4ad6f4 mixerOpen
0x4ad6f8 mciSendStringW
0x4ad6fc joyGetDevCapsW
0x4ad700 joyGetPosEx
VERSION.dll
0x4ad6ac GetFileVersionInfoW
0x4ad6b0 VerQueryValueW
0x4ad6b4 GetFileVersionInfoSizeW
COMCTL32.dll
0x4ad050 ImageList_GetIconSize
0x4ad054 ImageList_Create
0x4ad058 ImageList_Destroy
0x4ad05c ImageList_AddMasked
0x4ad060 ImageList_ReplaceIcon
0x4ad064 CreateStatusWindowW
0x4ad068 InitCommonControlsEx
PSAPI.DLL
0x4ad3bc GetModuleBaseNameW
0x4ad3c0 GetModuleFileNameExW
WININET.dll
0x4ad6bc InternetReadFile
0x4ad6c0 InternetOpenUrlW
0x4ad6c4 InternetCloseHandle
0x4ad6c8 InternetReadFileExA
0x4ad6cc InternetOpenW
KERNEL32.dll
0x4ad10c GlobalFree
0x4ad110 GlobalUnlock
0x4ad114 GetEnvironmentVariableW
0x4ad118 FreeLibrary
0x4ad11c WideCharToMultiByte
0x4ad120 GetSystemDirectoryA
0x4ad124 GetProcAddress
0x4ad128 LoadLibraryA
0x4ad12c GetCurrentThreadId
0x4ad130 lstrcmpiW
0x4ad134 GetStringTypeExW
0x4ad138 CreateThread
0x4ad13c SetThreadPriority
0x4ad140 GetExitCodeThread
0x4ad144 CloseHandle
0x4ad148 CreateMutexW
0x4ad14c GetLastError
0x4ad150 LoadLibraryW
0x4ad154 GetModuleHandleW
0x4ad158 GetVersionExW
0x4ad15c DeleteCriticalSection
0x4ad160 GetModuleFileNameW
0x4ad164 GetFileAttributesW
0x4ad168 GetFullPathNameW
0x4ad16c GetSystemTimeAsFileTime
0x4ad170 LoadResource
0x4ad174 LockResource
0x4ad178 SizeofResource
0x4ad17c GetShortPathNameW
0x4ad180 FindFirstFileW
0x4ad184 FindNextFileW
0x4ad188 FindClose
0x4ad18c FileTimeToLocalFileTime
0x4ad190 SetEnvironmentVariableW
0x4ad194 Beep
0x4ad198 MoveFileW
0x4ad19c OutputDebugStringW
0x4ad1a0 CreateProcessW
0x4ad1a4 MultiByteToWideChar
0x4ad1a8 GetExitCodeProcess
0x4ad1ac WriteProcessMemory
0x4ad1b0 ReadProcessMemory
0x4ad1b4 GetCurrentProcessId
0x4ad1b8 OpenProcess
0x4ad1bc TerminateProcess
0x4ad1c0 SetPriorityClass
0x4ad1c4 GlobalAlloc
0x4ad1c8 GetLocalTime
0x4ad1cc GetDateFormatW
0x4ad1d0 GetTimeFormatW
0x4ad1d4 GetDiskFreeSpaceExW
0x4ad1d8 SetVolumeLabelW
0x4ad1dc CreateFileW
0x4ad1e0 DeviceIoControl
0x4ad1e4 GetDriveTypeW
0x4ad1e8 GetVolumeInformationW
0x4ad1ec GetDiskFreeSpaceW
0x4ad1f0 GetCurrentDirectoryW
0x4ad1f4 CreateDirectoryW
0x4ad1f8 ReadFile
0x4ad1fc WriteFile
0x4ad200 DeleteFileW
0x4ad204 CopyFileW
0x4ad208 SetFileAttributesW
0x4ad20c LocalFileTimeToFileTime
0x4ad210 SetFileTime
0x4ad214 GetFileSizeEx
0x4ad218 GetSystemTime
0x4ad21c GetSystemDefaultUILanguage
0x4ad220 GetComputerNameW
0x4ad224 GetSystemWindowsDirectoryW
0x4ad228 GetTempPathW
0x4ad22c EnterCriticalSection
0x4ad230 LeaveCriticalSection
0x4ad234 VirtualProtect
0x4ad238 QueryDosDeviceW
0x4ad23c CompareStringW
0x4ad240 RemoveDirectoryW
0x4ad244 GetCurrentProcess
0x4ad248 CreateToolhelp32Snapshot
0x4ad24c Process32FirstW
0x4ad250 Process32NextW
0x4ad254 FormatMessageW
0x4ad258 GetPrivateProfileStringW
0x4ad25c GetPrivateProfileSectionW
0x4ad260 GetPrivateProfileSectionNamesW
0x4ad264 WritePrivateProfileStringW
0x4ad268 WritePrivateProfileSectionW
0x4ad26c SetEndOfFile
0x4ad270 GetACP
0x4ad274 GetFileType
0x4ad278 GetStdHandle
0x4ad27c SetFilePointerEx
0x4ad280 SystemTimeToFileTime
0x4ad284 FileTimeToSystemTime
0x4ad288 GetFileSize
0x4ad28c VirtualAllocEx
0x4ad290 VirtualFreeEx
0x4ad294 EnumResourceNamesW
0x4ad298 LoadLibraryExW
0x4ad29c GlobalSize
0x4ad2a0 GlobalLock
0x4ad2a4 FindResourceW
0x4ad2a8 SetErrorMode
0x4ad2ac InitializeCriticalSection
0x4ad2b0 GetCPInfo
0x4ad2b4 SetCurrentDirectoryW
0x4ad2b8 Sleep
0x4ad2bc GetTickCount
0x4ad2c0 MulDiv
0x4ad2c4 ExitProcess
0x4ad2c8 HeapSize
0x4ad2cc HeapQueryInformation
0x4ad2d0 GetCommandLineW
0x4ad2d4 HeapSetInformation
0x4ad2d8 GetStartupInfoW
0x4ad2dc InterlockedIncrement
0x4ad2e0 InterlockedDecrement
0x4ad2e4 HeapAlloc
0x4ad2e8 HeapFree
0x4ad2ec HeapReAlloc
0x4ad2f0 GetOEMCP
0x4ad2f4 IsValidCodePage
0x4ad2f8 TlsAlloc
0x4ad2fc TlsGetValue
0x4ad300 TlsSetValue
0x4ad304 TlsFree
0x4ad308 UnhandledExceptionFilter
0x4ad30c SetUnhandledExceptionFilter
0x4ad310 IsDebuggerPresent
0x4ad314 GetStringTypeW
0x4ad318 HeapCreate
0x4ad31c InitializeCriticalSectionAndSpinCount
0x4ad320 RaiseException
0x4ad324 SetHandleCount
0x4ad328 IsProcessorFeaturePresent
0x4ad32c LCMapStringW
0x4ad330 RtlUnwind
0x4ad334 GetConsoleCP
0x4ad338 GetConsoleMode
0x4ad33c FreeEnvironmentStringsW
0x4ad340 GetEnvironmentStringsW
0x4ad344 QueryPerformanceCounter
0x4ad348 FlushFileBuffers
0x4ad34c SetFilePointer
0x4ad350 WriteConsoleW
0x4ad354 SetStdHandle
0x4ad358 GetProcessHeap
0x4ad35c SetLastError
0x4ad360 VirtualQuery
USER32.dll
0x4ad400 SetFocus
0x4ad404 SetWindowRgn
0x4ad408 SetWindowPos
0x4ad40c SetLayeredWindowAttributes
0x4ad410 InvalidateRect
0x4ad414 EnableWindow
0x4ad418 GetWindowTextLengthW
0x4ad41c EnumWindows
0x4ad420 IsZoomed
0x4ad424 IsIconic
0x4ad428 EnumDisplayMonitors
0x4ad42c RegisterWindowMessageW
0x4ad430 GetSysColor
0x4ad434 GetSysColorBrush
0x4ad438 DrawIconEx
0x4ad43c FillRect
0x4ad440 DefWindowProcW
0x4ad444 SetForegroundWindow
0x4ad448 DialogBoxParamW
0x4ad44c SendDlgItemMessageW
0x4ad450 GetDlgItem
0x4ad454 SetDlgItemTextW
0x4ad458 MessageBeep
0x4ad45c GetCursorInfo
0x4ad460 GetLastInputInfo
0x4ad464 GetSystemMenu
0x4ad468 GetMenuItemCount
0x4ad46c GetMenuItemID
0x4ad470 GetSubMenu
0x4ad474 GetMenuStringW
0x4ad478 ExitWindowsEx
0x4ad47c SetMenu
0x4ad480 FlashWindow
0x4ad484 GetPropW
0x4ad488 SetPropW
0x4ad48c RemovePropW
0x4ad490 MapWindowPoints
0x4ad494 RedrawWindow
0x4ad498 SetParent
0x4ad49c GetClassInfoExW
0x4ad4a0 DefDlgProcW
0x4ad4a4 GetAncestor
0x4ad4a8 UpdateWindow
0x4ad4ac GetMessagePos
0x4ad4b0 GetClassLongW
0x4ad4b4 CallWindowProcW
0x4ad4b8 CheckRadioButton
0x4ad4bc IntersectRect
0x4ad4c0 GetUpdateRect
0x4ad4c4 PtInRect
0x4ad4c8 CreateDialogIndirectParamW
0x4ad4cc CreateAcceleratorTableW
0x4ad4d0 DestroyAcceleratorTable
0x4ad4d4 InsertMenuItemW
0x4ad4d8 SetMenuDefaultItem
0x4ad4dc RemoveMenu
0x4ad4e0 SetMenuItemInfoW
0x4ad4e4 IsMenu
0x4ad4e8 GetMenuItemInfoW
0x4ad4ec CreateMenu
0x4ad4f0 CreatePopupMenu
0x4ad4f4 SetMenuInfo
0x4ad4f8 AppendMenuW
0x4ad4fc DestroyMenu
0x4ad500 TrackPopupMenuEx
0x4ad504 CopyImage
0x4ad508 SetActiveWindow
0x4ad50c CreateIconFromResourceEx
0x4ad510 EnumClipboardFormats
0x4ad514 GetWindow
0x4ad518 BringWindowToTop
0x4ad51c GetTopWindow
0x4ad520 GetQueueStatus
0x4ad524 LoadImageW
0x4ad528 ChangeClipboardChain
0x4ad52c IsWindowVisible
0x4ad530 LoadAcceleratorsW
0x4ad534 EnableMenuItem
0x4ad538 GetMenu
0x4ad53c CreateWindowExW
0x4ad540 RegisterClassExW
0x4ad544 LoadCursorW
0x4ad548 DestroyIcon
0x4ad54c DestroyWindow
0x4ad550 IsCharAlphaW
0x4ad554 MapVirtualKeyW
0x4ad558 VkKeyScanExW
0x4ad55c MapVirtualKeyExW
0x4ad560 GetKeyboardLayoutNameW
0x4ad564 ActivateKeyboardLayout
0x4ad568 GetGUIThreadInfo
0x4ad56c GetWindowTextW
0x4ad570 mouse_event
0x4ad574 WindowFromPoint
0x4ad578 GetSystemMetrics
0x4ad57c keybd_event
0x4ad580 SetKeyboardState
0x4ad584 GetKeyboardState
0x4ad588 GetCursorPos
0x4ad58c GetAsyncKeyState
0x4ad590 AttachThreadInput
0x4ad594 SendInput
0x4ad598 UnregisterHotKey
0x4ad59c PostQuitMessage
0x4ad5a0 SendMessageTimeoutW
0x4ad5a4 UnhookWindowsHookEx
0x4ad5a8 SetWindowsHookExW
0x4ad5ac PostThreadMessageW
0x4ad5b0 IsCharAlphaNumericW
0x4ad5b4 IsCharUpperW
0x4ad5b8 IsCharLowerW
0x4ad5bc ToUnicodeEx
0x4ad5c0 GetKeyboardLayout
0x4ad5c4 CallNextHookEx
0x4ad5c8 CharLowerW
0x4ad5cc ReleaseDC
0x4ad5d0 GetDC
0x4ad5d4 MessageBoxW
0x4ad5d8 OpenClipboard
0x4ad5dc GetClipboardData
0x4ad5e0 GetClipboardFormatNameW
0x4ad5e4 CloseClipboard
0x4ad5e8 SetClipboardData
0x4ad5ec EmptyClipboard
0x4ad5f0 PostMessageW
0x4ad5f4 FindWindowW
0x4ad5f8 EndDialog
0x4ad5fc IsWindow
0x4ad600 DispatchMessageW
0x4ad604 TranslateMessage
0x4ad608 ShowWindow
0x4ad60c CountClipboardFormats
0x4ad610 ClientToScreen
0x4ad614 EnumChildWindows
0x4ad618 MoveWindow
0x4ad61c GetWindowRect
0x4ad620 GetMonitorInfoW
0x4ad624 MonitorFromPoint
0x4ad628 GetClientRect
0x4ad62c SystemParametersInfoW
0x4ad630 AdjustWindowRectEx
0x4ad634 DrawTextW
0x4ad638 SetRect
0x4ad63c GetIconInfo
0x4ad640 CreateIconIndirect
0x4ad644 SetWindowTextW
0x4ad648 SetWindowLongW
0x4ad64c ScreenToClient
0x4ad650 IsDialogMessageW
0x4ad654 SendMessageW
0x4ad658 IsWindowEnabled
0x4ad65c GetWindowLongW
0x4ad660 GetKeyState
0x4ad664 TranslateAcceleratorW
0x4ad668 KillTimer
0x4ad66c PeekMessageW
0x4ad670 GetFocus
0x4ad674 GetClassNameW
0x4ad678 GetWindowThreadProcessId
0x4ad67c GetForegroundWindow
0x4ad680 GetMessageW
0x4ad684 SetTimer
0x4ad688 GetParent
0x4ad68c GetDlgCtrlID
0x4ad690 CharUpperW
0x4ad694 IsClipboardFormatAvailable
0x4ad698 BlockInput
0x4ad69c SetClipboardViewer
0x4ad6a0 CheckMenuItem
0x4ad6a4 RegisterHotKey
GDI32.dll
0x4ad080 GdiFlush
0x4ad084 CreateDIBSection
0x4ad088 EnumFontFamiliesExW
0x4ad08c SetBrushOrgEx
0x4ad090 SetBkColor
0x4ad094 GetPixel
0x4ad098 BitBlt
0x4ad09c CreatePatternBrush
0x4ad0a0 SetBkMode
0x4ad0a4 GetCharABCWidthsW
0x4ad0a8 GetClipBox
0x4ad0ac FillRgn
0x4ad0b0 GetClipRgn
0x4ad0b4 ExcludeClipRect
0x4ad0b8 GetDeviceCaps
0x4ad0bc DeleteObject
0x4ad0c0 CreateFontW
0x4ad0c4 CreateSolidBrush
0x4ad0c8 CreateCompatibleBitmap
0x4ad0cc GetSystemPaletteEntries
0x4ad0d0 GetDIBits
0x4ad0d4 CreateCompatibleDC
0x4ad0d8 CreatePolygonRgn
0x4ad0dc CreateRectRgn
0x4ad0e0 CreateRoundRectRgn
0x4ad0e4 CreateEllipticRgn
0x4ad0e8 DeleteDC
0x4ad0ec GetObjectW
0x4ad0f0 GetTextMetricsW
0x4ad0f4 GetTextFaceW
0x4ad0f8 SelectObject
0x4ad0fc GetStockObject
0x4ad100 CreateDCW
0x4ad104 SetTextColor
COMDLG32.dll
0x4ad070 CommDlgExtendedError
0x4ad074 GetOpenFileNameW
0x4ad078 GetSaveFileNameW
ADVAPI32.dll
0x4ad000 GetUserNameW
0x4ad004 LockServiceDatabase
0x4ad008 OpenSCManagerW
0x4ad00c RegEnumKeyExW
0x4ad010 RegEnumValueW
0x4ad014 RegQueryInfoKeyW
0x4ad018 RegOpenKeyExW
0x4ad01c RegCloseKey
0x4ad020 RegDeleteValueW
0x4ad024 RegDeleteKeyW
0x4ad028 RegSetValueExW
0x4ad02c RegCreateKeyExW
0x4ad030 RegQueryValueExW
0x4ad034 AdjustTokenPrivileges
0x4ad038 LookupPrivilegeValueW
0x4ad03c OpenProcessToken
0x4ad040 CloseServiceHandle
0x4ad044 RegConnectRegistryW
0x4ad048 UnlockServiceDatabase
SHELL32.dll
0x4ad3c8 DragQueryPoint
0x4ad3cc SHEmptyRecycleBinW
0x4ad3d0 SHFileOperationW
0x4ad3d4 SHGetPathFromIDListW
0x4ad3d8 SHBrowseForFolderW
0x4ad3dc SHGetDesktopFolder
0x4ad3e0 SHGetMalloc
0x4ad3e4 SHGetFolderPathW
0x4ad3e8 ShellExecuteExW
0x4ad3ec Shell_NotifyIconW
0x4ad3f0 DragFinish
0x4ad3f4 DragQueryFileW
0x4ad3f8 ExtractIconW
ole32.dll
0x4ad764 OleInitialize
0x4ad768 OleUninitialize
0x4ad76c CoCreateInstance
0x4ad770 CoInitialize
0x4ad774 CoUninitialize
0x4ad778 CLSIDFromString
0x4ad77c CLSIDFromProgID
0x4ad780 CoGetObject
0x4ad784 StringFromGUID2
0x4ad788 CreateStreamOnHGlobal
OLEAUT32.dll
0x4ad368 OleLoadPicture
0x4ad36c SafeArrayUnaccessData
0x4ad370 SafeArrayGetElemsize
0x4ad374 SafeArrayAccessData
0x4ad378 SafeArrayUnlock
0x4ad37c SafeArrayPtrOfIndex
0x4ad380 SafeArrayLock
0x4ad384 SafeArrayDestroy
0x4ad388 GetActiveObject
0x4ad38c SysStringLen
0x4ad390 SysFreeString
0x4ad394 SafeArrayCreate
0x4ad398 VariantClear
0x4ad39c VariantChangeType
0x4ad3a0 SysAllocString
0x4ad3a4 SafeArrayCopy
0x4ad3a8 VariantCopyInd
0x4ad3ac SafeArrayGetUBound
0x4ad3b0 SafeArrayGetLBound
0x4ad3b4 SafeArrayGetDim
EAT(Export Address Table) is none