ScreenShot
| Created | 2023.11.01 09:37 | Machine | s1_win7_x6401 |
| Filename | jli.txt.exe | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 19 detected (Zusy, Attribute, HighConfidence, Delf, Malicious, yd8ycbgTrqB, Invader, ai score=82, Wacapew, Detected, MalwareX, R617211, susgen) | ||
| md5 | 4a0d3c937e2ecb5ddc198d431901efef | ||
| sha256 | 102b43ea7b83116c620bddd913ac316721994f42024ab598614c572cef559916 | ||
| ssdeep | 98304:7T3tnikBztFCTSD0i1npDYMe5bSewalZLCwpokCFCxJD9LKI:7xfBztFCTSD0cDW59 | ||
| imphash | 9ae4e704dd1aa70a978955e190abb04a | ||
| impfuzzy | 192:occFcURuuNwEUh99KSoIN5TUEgXF9Vek1behnPOQHxxTB:SccN+9OBV3T1b2POQHxFB | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 19 AntiVirus engines on VirusTotal as malicious |
| watch | The process powershell.exe wrote an executable file to disk |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a shortcut to an executable file |
| notice | Creates a suspicious process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | Uses Windows APIs to generate a cryptographic key |
Rules (10cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| watch | Antivirus | Contains references to security software | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x5e6a80 SysFreeString
0x5e6a84 SysReAllocStringLen
0x5e6a88 SysAllocStringLen
advapi32.dll
0x5e6a90 RegQueryValueExW
0x5e6a94 RegOpenKeyExW
0x5e6a98 RegCloseKey
user32.dll
0x5e6aa0 CharNextW
0x5e6aa4 LoadStringW
kernel32.dll
0x5e6aac Sleep
0x5e6ab0 VirtualFree
0x5e6ab4 VirtualAlloc
0x5e6ab8 lstrlenW
0x5e6abc VirtualQuery
0x5e6ac0 QueryPerformanceCounter
0x5e6ac4 GetTickCount
0x5e6ac8 GetSystemInfo
0x5e6acc GetVersion
0x5e6ad0 CompareStringW
0x5e6ad4 IsValidLocale
0x5e6ad8 SetThreadLocale
0x5e6adc GetSystemDefaultUILanguage
0x5e6ae0 GetUserDefaultUILanguage
0x5e6ae4 GetLocaleInfoW
0x5e6ae8 WideCharToMultiByte
0x5e6aec MultiByteToWideChar
0x5e6af0 GetACP
0x5e6af4 LoadLibraryExW
0x5e6af8 GetStartupInfoW
0x5e6afc GetProcAddress
0x5e6b00 GetModuleHandleW
0x5e6b04 GetModuleFileNameW
0x5e6b08 GetCommandLineW
0x5e6b0c FreeLibrary
0x5e6b10 GetLastError
0x5e6b14 UnhandledExceptionFilter
0x5e6b18 RtlUnwind
0x5e6b1c RaiseException
0x5e6b20 ExitProcess
0x5e6b24 ExitThread
0x5e6b28 SwitchToThread
0x5e6b2c GetCurrentThreadId
0x5e6b30 CreateThread
0x5e6b34 DeleteCriticalSection
0x5e6b38 LeaveCriticalSection
0x5e6b3c EnterCriticalSection
0x5e6b40 InitializeCriticalSection
0x5e6b44 FindFirstFileW
0x5e6b48 FindClose
0x5e6b4c WriteFile
0x5e6b50 GetStdHandle
0x5e6b54 CloseHandle
kernel32.dll
0x5e6b5c GetProcAddress
0x5e6b60 RaiseException
0x5e6b64 LoadLibraryA
0x5e6b68 GetLastError
0x5e6b6c TlsSetValue
0x5e6b70 TlsGetValue
0x5e6b74 TlsFree
0x5e6b78 TlsAlloc
0x5e6b7c LocalFree
0x5e6b80 LocalAlloc
0x5e6b84 FreeLibrary
user32.dll
0x5e6b8c SetClassLongW
0x5e6b90 GetClassLongW
0x5e6b94 SetWindowLongW
0x5e6b98 GetWindowLongW
0x5e6b9c CreateWindowExW
0x5e6ba0 WindowFromPoint
0x5e6ba4 WaitMessage
0x5e6ba8 UpdateWindow
0x5e6bac UnregisterClassW
0x5e6bb0 UnhookWindowsHookEx
0x5e6bb4 TranslateMessage
0x5e6bb8 TranslateMDISysAccel
0x5e6bbc TrackPopupMenu
0x5e6bc0 SystemParametersInfoW
0x5e6bc4 ShowWindow
0x5e6bc8 ShowScrollBar
0x5e6bcc ShowOwnedPopups
0x5e6bd0 ShowCaret
0x5e6bd4 SetWindowRgn
0x5e6bd8 SetWindowsHookExW
0x5e6bdc SetWindowTextW
0x5e6be0 SetWindowPos
0x5e6be4 SetWindowPlacement
0x5e6be8 SetTimer
0x5e6bec SetScrollRange
0x5e6bf0 SetScrollPos
0x5e6bf4 SetScrollInfo
0x5e6bf8 SetRect
0x5e6bfc SetPropW
0x5e6c00 SetParent
0x5e6c04 SetMenuItemInfoW
0x5e6c08 SetMenu
0x5e6c0c SetForegroundWindow
0x5e6c10 SetFocus
0x5e6c14 SetCursorPos
0x5e6c18 SetCursor
0x5e6c1c SetClipboardData
0x5e6c20 SetCapture
0x5e6c24 SetActiveWindow
0x5e6c28 SendMessageA
0x5e6c2c SendMessageW
0x5e6c30 ScrollWindow
0x5e6c34 ScreenToClient
0x5e6c38 RemovePropW
0x5e6c3c RemoveMenu
0x5e6c40 ReleaseDC
0x5e6c44 ReleaseCapture
0x5e6c48 RegisterWindowMessageW
0x5e6c4c RegisterClipboardFormatW
0x5e6c50 RegisterClassW
0x5e6c54 RedrawWindow
0x5e6c58 PostQuitMessage
0x5e6c5c PostMessageW
0x5e6c60 PeekMessageA
0x5e6c64 PeekMessageW
0x5e6c68 OpenClipboard
0x5e6c6c MsgWaitForMultipleObjectsEx
0x5e6c70 MsgWaitForMultipleObjects
0x5e6c74 MessageBoxW
0x5e6c78 MessageBeep
0x5e6c7c MapWindowPoints
0x5e6c80 MapVirtualKeyW
0x5e6c84 LoadStringW
0x5e6c88 LoadKeyboardLayoutW
0x5e6c8c LoadIconW
0x5e6c90 LoadCursorW
0x5e6c94 LoadBitmapW
0x5e6c98 KillTimer
0x5e6c9c IsZoomed
0x5e6ca0 IsWindowVisible
0x5e6ca4 IsWindowUnicode
0x5e6ca8 IsWindowEnabled
0x5e6cac IsWindow
0x5e6cb0 IsIconic
0x5e6cb4 IsDialogMessageA
0x5e6cb8 IsDialogMessageW
0x5e6cbc IsChild
0x5e6cc0 InvalidateRect
0x5e6cc4 InsertMenuItemW
0x5e6cc8 InsertMenuW
0x5e6ccc HideCaret
0x5e6cd0 GetWindowThreadProcessId
0x5e6cd4 GetWindowTextW
0x5e6cd8 GetWindowRect
0x5e6cdc GetWindowPlacement
0x5e6ce0 GetWindowDC
0x5e6ce4 GetTopWindow
0x5e6ce8 GetSystemMetrics
0x5e6cec GetSystemMenu
0x5e6cf0 GetSysColorBrush
0x5e6cf4 GetSysColor
0x5e6cf8 GetSubMenu
0x5e6cfc GetScrollRange
0x5e6d00 GetScrollPos
0x5e6d04 GetScrollInfo
0x5e6d08 GetPropW
0x5e6d0c GetParent
0x5e6d10 GetWindow
0x5e6d14 GetMessagePos
0x5e6d18 GetMessageExtraInfo
0x5e6d1c GetMenuStringW
0x5e6d20 GetMenuState
0x5e6d24 GetMenuItemInfoW
0x5e6d28 GetMenuItemID
0x5e6d2c GetMenuItemCount
0x5e6d30 GetMenu
0x5e6d34 GetLastActivePopup
0x5e6d38 GetKeyboardState
0x5e6d3c GetKeyboardLayoutNameW
0x5e6d40 GetKeyboardLayoutList
0x5e6d44 GetKeyboardLayout
0x5e6d48 GetKeyState
0x5e6d4c GetKeyNameTextW
0x5e6d50 GetIconInfo
0x5e6d54 GetForegroundWindow
0x5e6d58 GetFocus
0x5e6d5c GetDlgCtrlID
0x5e6d60 GetDesktopWindow
0x5e6d64 GetDCEx
0x5e6d68 GetDC
0x5e6d6c GetCursorPos
0x5e6d70 GetCursor
0x5e6d74 GetClipboardData
0x5e6d78 GetClientRect
0x5e6d7c GetClassNameW
0x5e6d80 GetClassInfoExW
0x5e6d84 GetClassInfoW
0x5e6d88 GetCapture
0x5e6d8c GetActiveWindow
0x5e6d90 FrameRect
0x5e6d94 FindWindowExW
0x5e6d98 FindWindowW
0x5e6d9c FillRect
0x5e6da0 EnumWindows
0x5e6da4 EnumThreadWindows
0x5e6da8 EnumChildWindows
0x5e6dac EndPaint
0x5e6db0 EndMenu
0x5e6db4 EnableWindow
0x5e6db8 EnableScrollBar
0x5e6dbc EnableMenuItem
0x5e6dc0 EmptyClipboard
0x5e6dc4 DrawTextExW
0x5e6dc8 DrawTextW
0x5e6dcc DrawMenuBar
0x5e6dd0 DrawIconEx
0x5e6dd4 DrawIcon
0x5e6dd8 DrawFrameControl
0x5e6ddc DrawFocusRect
0x5e6de0 DrawEdge
0x5e6de4 DispatchMessageA
0x5e6de8 DispatchMessageW
0x5e6dec DestroyWindow
0x5e6df0 DestroyMenu
0x5e6df4 DestroyIcon
0x5e6df8 DestroyCursor
0x5e6dfc DeleteMenu
0x5e6e00 DefWindowProcW
0x5e6e04 DefMDIChildProcW
0x5e6e08 DefFrameProcW
0x5e6e0c CreatePopupMenu
0x5e6e10 CreateMenu
0x5e6e14 CreateIcon
0x5e6e18 CreateAcceleratorTableW
0x5e6e1c CopyImage
0x5e6e20 CopyIcon
0x5e6e24 CloseClipboard
0x5e6e28 ClientToScreen
0x5e6e2c CheckMenuItem
0x5e6e30 CharUpperBuffW
0x5e6e34 CharUpperW
0x5e6e38 CharNextW
0x5e6e3c CharLowerBuffW
0x5e6e40 CharLowerW
0x5e6e44 CallWindowProcW
0x5e6e48 CallNextHookEx
0x5e6e4c BeginPaint
0x5e6e50 AdjustWindowRectEx
0x5e6e54 ActivateKeyboardLayout
gdi32.dll
0x5e6e5c UnrealizeObject
0x5e6e60 StretchDIBits
0x5e6e64 StretchBlt
0x5e6e68 StartPage
0x5e6e6c StartDocW
0x5e6e70 SetWindowOrgEx
0x5e6e74 SetWinMetaFileBits
0x5e6e78 SetViewportOrgEx
0x5e6e7c SetTextColor
0x5e6e80 SetStretchBltMode
0x5e6e84 SetRectRgn
0x5e6e88 SetROP2
0x5e6e8c SetPixel
0x5e6e90 SetEnhMetaFileBits
0x5e6e94 SetDIBits
0x5e6e98 SetDIBColorTable
0x5e6e9c SetBrushOrgEx
0x5e6ea0 SetBkMode
0x5e6ea4 SetBkColor
0x5e6ea8 SetAbortProc
0x5e6eac SelectPalette
0x5e6eb0 SelectObject
0x5e6eb4 SaveDC
0x5e6eb8 RoundRect
0x5e6ebc RestoreDC
0x5e6ec0 Rectangle
0x5e6ec4 RectVisible
0x5e6ec8 RealizePalette
0x5e6ecc Polyline
0x5e6ed0 Polygon
0x5e6ed4 PolyBezierTo
0x5e6ed8 PolyBezier
0x5e6edc PlayEnhMetaFile
0x5e6ee0 Pie
0x5e6ee4 PatBlt
0x5e6ee8 MoveToEx
0x5e6eec MaskBlt
0x5e6ef0 LineTo
0x5e6ef4 IntersectClipRect
0x5e6ef8 GetWindowOrgEx
0x5e6efc GetWinMetaFileBits
0x5e6f00 GetTextMetricsW
0x5e6f04 GetTextExtentPointW
0x5e6f08 GetTextExtentPoint32W
0x5e6f0c GetSystemPaletteEntries
0x5e6f10 GetStretchBltMode
0x5e6f14 GetStockObject
0x5e6f18 GetRgnBox
0x5e6f1c GetPixel
0x5e6f20 GetPaletteEntries
0x5e6f24 GetObjectW
0x5e6f28 GetEnhMetaFilePaletteEntries
0x5e6f2c GetEnhMetaFileHeader
0x5e6f30 GetEnhMetaFileDescriptionW
0x5e6f34 GetEnhMetaFileBits
0x5e6f38 GetDeviceCaps
0x5e6f3c GetDIBits
0x5e6f40 GetDIBColorTable
0x5e6f44 GetCurrentPositionEx
0x5e6f48 GetClipBox
0x5e6f4c GetBrushOrgEx
0x5e6f50 GetBitmapBits
0x5e6f54 GdiFlush
0x5e6f58 FrameRgn
0x5e6f5c ExtTextOutW
0x5e6f60 ExtFloodFill
0x5e6f64 ExcludeClipRect
0x5e6f68 EnumFontsW
0x5e6f6c EnumFontFamiliesExW
0x5e6f70 EndPage
0x5e6f74 EndDoc
0x5e6f78 Ellipse
0x5e6f7c DeleteObject
0x5e6f80 DeleteEnhMetaFile
0x5e6f84 DeleteDC
0x5e6f88 CreateSolidBrush
0x5e6f8c CreateRectRgn
0x5e6f90 CreatePenIndirect
0x5e6f94 CreatePalette
0x5e6f98 CreateICW
0x5e6f9c CreateHalftonePalette
0x5e6fa0 CreateFontIndirectW
0x5e6fa4 CreateDIBitmap
0x5e6fa8 CreateDIBSection
0x5e6fac CreateDCW
0x5e6fb0 CreateCompatibleDC
0x5e6fb4 CreateCompatibleBitmap
0x5e6fb8 CreateBrushIndirect
0x5e6fbc CreateBitmap
0x5e6fc0 CopyEnhMetaFileW
0x5e6fc4 Chord
0x5e6fc8 BitBlt
0x5e6fcc ArcTo
0x5e6fd0 Arc
0x5e6fd4 AngleArc
0x5e6fd8 AbortDoc
version.dll
0x5e6fe0 VerQueryValueW
0x5e6fe4 GetFileVersionInfoSizeW
0x5e6fe8 GetFileVersionInfoW
kernel32.dll
0x5e6ff0 WriteFile
0x5e6ff4 WideCharToMultiByte
0x5e6ff8 WaitForSingleObject
0x5e6ffc WaitForMultipleObjectsEx
0x5e7000 VirtualQueryEx
0x5e7004 VirtualQuery
0x5e7008 VirtualProtect
0x5e700c VirtualFree
0x5e7010 VirtualAlloc
0x5e7014 VerSetConditionMask
0x5e7018 VerifyVersionInfoW
0x5e701c TryEnterCriticalSection
0x5e7020 SwitchToThread
0x5e7024 SuspendThread
0x5e7028 Sleep
0x5e702c SizeofResource
0x5e7030 SetThreadPriority
0x5e7034 SetThreadLocale
0x5e7038 SetLastError
0x5e703c SetFilePointer
0x5e7040 SetEvent
0x5e7044 SetErrorMode
0x5e7048 SetEndOfFile
0x5e704c ResumeThread
0x5e7050 ResetEvent
0x5e7054 RemoveDirectoryW
0x5e7058 ReadFile
0x5e705c RaiseException
0x5e7060 QueryPerformanceFrequency
0x5e7064 QueryPerformanceCounter
0x5e7068 IsDebuggerPresent
0x5e706c MulDiv
0x5e7070 MoveFileW
0x5e7074 LockResource
0x5e7078 LocalFree
0x5e707c LoadResource
0x5e7080 LoadLibraryW
0x5e7084 LeaveCriticalSection
0x5e7088 IsValidLocale
0x5e708c InitializeCriticalSection
0x5e7090 HeapSize
0x5e7094 HeapFree
0x5e7098 HeapDestroy
0x5e709c HeapCreate
0x5e70a0 HeapAlloc
0x5e70a4 GlobalUnlock
0x5e70a8 GlobalLock
0x5e70ac GlobalFree
0x5e70b0 GlobalFindAtomW
0x5e70b4 GlobalDeleteAtom
0x5e70b8 GlobalAlloc
0x5e70bc GlobalAddAtomW
0x5e70c0 GetVersionExW
0x5e70c4 GetVersion
0x5e70c8 GetTickCount
0x5e70cc GetThreadPriority
0x5e70d0 GetThreadLocale
0x5e70d4 GetStdHandle
0x5e70d8 GetProcAddress
0x5e70dc GetModuleHandleW
0x5e70e0 GetModuleFileNameW
0x5e70e4 GetLocaleInfoW
0x5e70e8 GetLocalTime
0x5e70ec GetLastError
0x5e70f0 GetFullPathNameW
0x5e70f4 GetFileAttributesW
0x5e70f8 GetExitCodeThread
0x5e70fc GetDiskFreeSpaceW
0x5e7100 GetDateFormatW
0x5e7104 GetCurrentThreadId
0x5e7108 GetCurrentThread
0x5e710c GetCurrentProcessId
0x5e7110 GetCurrentProcess
0x5e7114 GetCPInfoExW
0x5e7118 GetCPInfo
0x5e711c GetACP
0x5e7120 FreeResource
0x5e7124 InterlockedExchange
0x5e7128 InterlockedCompareExchange
0x5e712c FreeLibrary
0x5e7130 FormatMessageW
0x5e7134 FindResourceW
0x5e7138 FindFirstFileW
0x5e713c FindClose
0x5e7140 EnumSystemLocalesW
0x5e7144 EnumResourceNamesW
0x5e7148 EnumCalendarInfoW
0x5e714c EnterCriticalSection
0x5e7150 DeleteFileW
0x5e7154 DeleteCriticalSection
0x5e7158 CreateThread
0x5e715c CreateFileW
0x5e7160 CreateEventW
0x5e7164 CompareStringW
0x5e7168 CloseHandle
advapi32.dll
0x5e7170 RegUnLoadKeyW
0x5e7174 RegSetValueExW
0x5e7178 RegSaveKeyW
0x5e717c RegRestoreKeyW
0x5e7180 RegReplaceKeyW
0x5e7184 RegQueryValueExW
0x5e7188 RegQueryInfoKeyW
0x5e718c RegOpenKeyExW
0x5e7190 RegLoadKeyW
0x5e7194 RegFlushKey
0x5e7198 RegEnumValueW
0x5e719c RegEnumKeyExW
0x5e71a0 RegDeleteValueW
0x5e71a4 RegDeleteKeyW
0x5e71a8 RegCreateKeyExW
0x5e71ac RegConnectRegistryW
0x5e71b0 RegCloseKey
kernel32.dll
0x5e71b8 Sleep
netapi32.dll
0x5e71c0 NetWkstaGetInfo
oleaut32.dll
0x5e71c8 SafeArrayPtrOfIndex
0x5e71cc SafeArrayGetUBound
0x5e71d0 SafeArrayGetLBound
0x5e71d4 SafeArrayCreate
0x5e71d8 VariantChangeType
0x5e71dc VariantCopy
0x5e71e0 VariantClear
0x5e71e4 VariantInit
oleaut32.dll
0x5e71ec GetErrorInfo
0x5e71f0 SysFreeString
ole32.dll
0x5e71f8 OleUninitialize
0x5e71fc OleInitialize
0x5e7200 CoTaskMemFree
0x5e7204 CoTaskMemAlloc
0x5e7208 CoCreateInstance
0x5e720c CoUninitialize
0x5e7210 CoInitialize
0x5e7214 IsEqualGUID
comctl32.dll
0x5e721c InitializeFlatSB
0x5e7220 FlatSB_SetScrollProp
0x5e7224 FlatSB_SetScrollPos
0x5e7228 FlatSB_SetScrollInfo
0x5e722c FlatSB_GetScrollPos
0x5e7230 FlatSB_GetScrollInfo
0x5e7234 _TrackMouseEvent
0x5e7238 ImageList_GetImageInfo
0x5e723c ImageList_SetIconSize
0x5e7240 ImageList_GetIconSize
0x5e7244 ImageList_Write
0x5e7248 ImageList_Read
0x5e724c ImageList_GetDragImage
0x5e7250 ImageList_DragShowNolock
0x5e7254 ImageList_DragMove
0x5e7258 ImageList_DragLeave
0x5e725c ImageList_DragEnter
0x5e7260 ImageList_EndDrag
0x5e7264 ImageList_BeginDrag
0x5e7268 ImageList_Copy
0x5e726c ImageList_LoadImageW
0x5e7270 ImageList_GetIcon
0x5e7274 ImageList_Remove
0x5e7278 ImageList_DrawEx
0x5e727c ImageList_Replace
0x5e7280 ImageList_Draw
0x5e7284 ImageList_SetOverlayImage
0x5e7288 ImageList_GetBkColor
0x5e728c ImageList_SetBkColor
0x5e7290 ImageList_ReplaceIcon
0x5e7294 ImageList_Add
0x5e7298 ImageList_SetImageCount
0x5e729c ImageList_GetImageCount
0x5e72a0 ImageList_Destroy
0x5e72a4 ImageList_Create
user32.dll
0x5e72ac EnumDisplayMonitors
0x5e72b0 GetMonitorInfoW
0x5e72b4 MonitorFromPoint
0x5e72b8 MonitorFromRect
0x5e72bc MonitorFromWindow
shell32.dll
0x5e72c4 ShellExecuteExW
0x5e72c8 Shell_NotifyIconW
shell32.dll
0x5e72d0 SHGetFolderPathW
winspool.drv
0x5e72d8 OpenPrinterW
0x5e72dc EnumPrintersW
0x5e72e0 DocumentPropertiesW
0x5e72e4 ClosePrinter
winspool.drv
0x5e72ec GetDefaultPrinterW
shell32.dll
0x5e72f4 IsUserAnAdmin
kernel32.dll
0x5e72fc GetConsoleWindow
kernel32.dll
0x5e7304 GetConsoleWindow
EAT(Export Address Table) Library
0x5cf88c JLI_CmdToArgs
0x5cfc6c JLI_GetStdArgc
0x5cfc80 JLI_GetStdArgs
0x5cfc94 JLI_Launch
0x5cfca8 JLI_MemAlloc
0x5cfcbc JLI_ReportErrorMessage
0x5cfcd0 JLI_ReportErrorMessageSys
0x5cfce4 JLI_ReportMessage
0x5cfcf8 JLI_SetTraceLauncher
0x460a0c TMethodImplementationIntercept
0x4102b8 __dbk_fcall_wrapper
0x5e25ac dbkFCallWrapperAddr
oleaut32.dll
0x5e6a80 SysFreeString
0x5e6a84 SysReAllocStringLen
0x5e6a88 SysAllocStringLen
advapi32.dll
0x5e6a90 RegQueryValueExW
0x5e6a94 RegOpenKeyExW
0x5e6a98 RegCloseKey
user32.dll
0x5e6aa0 CharNextW
0x5e6aa4 LoadStringW
kernel32.dll
0x5e6aac Sleep
0x5e6ab0 VirtualFree
0x5e6ab4 VirtualAlloc
0x5e6ab8 lstrlenW
0x5e6abc VirtualQuery
0x5e6ac0 QueryPerformanceCounter
0x5e6ac4 GetTickCount
0x5e6ac8 GetSystemInfo
0x5e6acc GetVersion
0x5e6ad0 CompareStringW
0x5e6ad4 IsValidLocale
0x5e6ad8 SetThreadLocale
0x5e6adc GetSystemDefaultUILanguage
0x5e6ae0 GetUserDefaultUILanguage
0x5e6ae4 GetLocaleInfoW
0x5e6ae8 WideCharToMultiByte
0x5e6aec MultiByteToWideChar
0x5e6af0 GetACP
0x5e6af4 LoadLibraryExW
0x5e6af8 GetStartupInfoW
0x5e6afc GetProcAddress
0x5e6b00 GetModuleHandleW
0x5e6b04 GetModuleFileNameW
0x5e6b08 GetCommandLineW
0x5e6b0c FreeLibrary
0x5e6b10 GetLastError
0x5e6b14 UnhandledExceptionFilter
0x5e6b18 RtlUnwind
0x5e6b1c RaiseException
0x5e6b20 ExitProcess
0x5e6b24 ExitThread
0x5e6b28 SwitchToThread
0x5e6b2c GetCurrentThreadId
0x5e6b30 CreateThread
0x5e6b34 DeleteCriticalSection
0x5e6b38 LeaveCriticalSection
0x5e6b3c EnterCriticalSection
0x5e6b40 InitializeCriticalSection
0x5e6b44 FindFirstFileW
0x5e6b48 FindClose
0x5e6b4c WriteFile
0x5e6b50 GetStdHandle
0x5e6b54 CloseHandle
kernel32.dll
0x5e6b5c GetProcAddress
0x5e6b60 RaiseException
0x5e6b64 LoadLibraryA
0x5e6b68 GetLastError
0x5e6b6c TlsSetValue
0x5e6b70 TlsGetValue
0x5e6b74 TlsFree
0x5e6b78 TlsAlloc
0x5e6b7c LocalFree
0x5e6b80 LocalAlloc
0x5e6b84 FreeLibrary
user32.dll
0x5e6b8c SetClassLongW
0x5e6b90 GetClassLongW
0x5e6b94 SetWindowLongW
0x5e6b98 GetWindowLongW
0x5e6b9c CreateWindowExW
0x5e6ba0 WindowFromPoint
0x5e6ba4 WaitMessage
0x5e6ba8 UpdateWindow
0x5e6bac UnregisterClassW
0x5e6bb0 UnhookWindowsHookEx
0x5e6bb4 TranslateMessage
0x5e6bb8 TranslateMDISysAccel
0x5e6bbc TrackPopupMenu
0x5e6bc0 SystemParametersInfoW
0x5e6bc4 ShowWindow
0x5e6bc8 ShowScrollBar
0x5e6bcc ShowOwnedPopups
0x5e6bd0 ShowCaret
0x5e6bd4 SetWindowRgn
0x5e6bd8 SetWindowsHookExW
0x5e6bdc SetWindowTextW
0x5e6be0 SetWindowPos
0x5e6be4 SetWindowPlacement
0x5e6be8 SetTimer
0x5e6bec SetScrollRange
0x5e6bf0 SetScrollPos
0x5e6bf4 SetScrollInfo
0x5e6bf8 SetRect
0x5e6bfc SetPropW
0x5e6c00 SetParent
0x5e6c04 SetMenuItemInfoW
0x5e6c08 SetMenu
0x5e6c0c SetForegroundWindow
0x5e6c10 SetFocus
0x5e6c14 SetCursorPos
0x5e6c18 SetCursor
0x5e6c1c SetClipboardData
0x5e6c20 SetCapture
0x5e6c24 SetActiveWindow
0x5e6c28 SendMessageA
0x5e6c2c SendMessageW
0x5e6c30 ScrollWindow
0x5e6c34 ScreenToClient
0x5e6c38 RemovePropW
0x5e6c3c RemoveMenu
0x5e6c40 ReleaseDC
0x5e6c44 ReleaseCapture
0x5e6c48 RegisterWindowMessageW
0x5e6c4c RegisterClipboardFormatW
0x5e6c50 RegisterClassW
0x5e6c54 RedrawWindow
0x5e6c58 PostQuitMessage
0x5e6c5c PostMessageW
0x5e6c60 PeekMessageA
0x5e6c64 PeekMessageW
0x5e6c68 OpenClipboard
0x5e6c6c MsgWaitForMultipleObjectsEx
0x5e6c70 MsgWaitForMultipleObjects
0x5e6c74 MessageBoxW
0x5e6c78 MessageBeep
0x5e6c7c MapWindowPoints
0x5e6c80 MapVirtualKeyW
0x5e6c84 LoadStringW
0x5e6c88 LoadKeyboardLayoutW
0x5e6c8c LoadIconW
0x5e6c90 LoadCursorW
0x5e6c94 LoadBitmapW
0x5e6c98 KillTimer
0x5e6c9c IsZoomed
0x5e6ca0 IsWindowVisible
0x5e6ca4 IsWindowUnicode
0x5e6ca8 IsWindowEnabled
0x5e6cac IsWindow
0x5e6cb0 IsIconic
0x5e6cb4 IsDialogMessageA
0x5e6cb8 IsDialogMessageW
0x5e6cbc IsChild
0x5e6cc0 InvalidateRect
0x5e6cc4 InsertMenuItemW
0x5e6cc8 InsertMenuW
0x5e6ccc HideCaret
0x5e6cd0 GetWindowThreadProcessId
0x5e6cd4 GetWindowTextW
0x5e6cd8 GetWindowRect
0x5e6cdc GetWindowPlacement
0x5e6ce0 GetWindowDC
0x5e6ce4 GetTopWindow
0x5e6ce8 GetSystemMetrics
0x5e6cec GetSystemMenu
0x5e6cf0 GetSysColorBrush
0x5e6cf4 GetSysColor
0x5e6cf8 GetSubMenu
0x5e6cfc GetScrollRange
0x5e6d00 GetScrollPos
0x5e6d04 GetScrollInfo
0x5e6d08 GetPropW
0x5e6d0c GetParent
0x5e6d10 GetWindow
0x5e6d14 GetMessagePos
0x5e6d18 GetMessageExtraInfo
0x5e6d1c GetMenuStringW
0x5e6d20 GetMenuState
0x5e6d24 GetMenuItemInfoW
0x5e6d28 GetMenuItemID
0x5e6d2c GetMenuItemCount
0x5e6d30 GetMenu
0x5e6d34 GetLastActivePopup
0x5e6d38 GetKeyboardState
0x5e6d3c GetKeyboardLayoutNameW
0x5e6d40 GetKeyboardLayoutList
0x5e6d44 GetKeyboardLayout
0x5e6d48 GetKeyState
0x5e6d4c GetKeyNameTextW
0x5e6d50 GetIconInfo
0x5e6d54 GetForegroundWindow
0x5e6d58 GetFocus
0x5e6d5c GetDlgCtrlID
0x5e6d60 GetDesktopWindow
0x5e6d64 GetDCEx
0x5e6d68 GetDC
0x5e6d6c GetCursorPos
0x5e6d70 GetCursor
0x5e6d74 GetClipboardData
0x5e6d78 GetClientRect
0x5e6d7c GetClassNameW
0x5e6d80 GetClassInfoExW
0x5e6d84 GetClassInfoW
0x5e6d88 GetCapture
0x5e6d8c GetActiveWindow
0x5e6d90 FrameRect
0x5e6d94 FindWindowExW
0x5e6d98 FindWindowW
0x5e6d9c FillRect
0x5e6da0 EnumWindows
0x5e6da4 EnumThreadWindows
0x5e6da8 EnumChildWindows
0x5e6dac EndPaint
0x5e6db0 EndMenu
0x5e6db4 EnableWindow
0x5e6db8 EnableScrollBar
0x5e6dbc EnableMenuItem
0x5e6dc0 EmptyClipboard
0x5e6dc4 DrawTextExW
0x5e6dc8 DrawTextW
0x5e6dcc DrawMenuBar
0x5e6dd0 DrawIconEx
0x5e6dd4 DrawIcon
0x5e6dd8 DrawFrameControl
0x5e6ddc DrawFocusRect
0x5e6de0 DrawEdge
0x5e6de4 DispatchMessageA
0x5e6de8 DispatchMessageW
0x5e6dec DestroyWindow
0x5e6df0 DestroyMenu
0x5e6df4 DestroyIcon
0x5e6df8 DestroyCursor
0x5e6dfc DeleteMenu
0x5e6e00 DefWindowProcW
0x5e6e04 DefMDIChildProcW
0x5e6e08 DefFrameProcW
0x5e6e0c CreatePopupMenu
0x5e6e10 CreateMenu
0x5e6e14 CreateIcon
0x5e6e18 CreateAcceleratorTableW
0x5e6e1c CopyImage
0x5e6e20 CopyIcon
0x5e6e24 CloseClipboard
0x5e6e28 ClientToScreen
0x5e6e2c CheckMenuItem
0x5e6e30 CharUpperBuffW
0x5e6e34 CharUpperW
0x5e6e38 CharNextW
0x5e6e3c CharLowerBuffW
0x5e6e40 CharLowerW
0x5e6e44 CallWindowProcW
0x5e6e48 CallNextHookEx
0x5e6e4c BeginPaint
0x5e6e50 AdjustWindowRectEx
0x5e6e54 ActivateKeyboardLayout
gdi32.dll
0x5e6e5c UnrealizeObject
0x5e6e60 StretchDIBits
0x5e6e64 StretchBlt
0x5e6e68 StartPage
0x5e6e6c StartDocW
0x5e6e70 SetWindowOrgEx
0x5e6e74 SetWinMetaFileBits
0x5e6e78 SetViewportOrgEx
0x5e6e7c SetTextColor
0x5e6e80 SetStretchBltMode
0x5e6e84 SetRectRgn
0x5e6e88 SetROP2
0x5e6e8c SetPixel
0x5e6e90 SetEnhMetaFileBits
0x5e6e94 SetDIBits
0x5e6e98 SetDIBColorTable
0x5e6e9c SetBrushOrgEx
0x5e6ea0 SetBkMode
0x5e6ea4 SetBkColor
0x5e6ea8 SetAbortProc
0x5e6eac SelectPalette
0x5e6eb0 SelectObject
0x5e6eb4 SaveDC
0x5e6eb8 RoundRect
0x5e6ebc RestoreDC
0x5e6ec0 Rectangle
0x5e6ec4 RectVisible
0x5e6ec8 RealizePalette
0x5e6ecc Polyline
0x5e6ed0 Polygon
0x5e6ed4 PolyBezierTo
0x5e6ed8 PolyBezier
0x5e6edc PlayEnhMetaFile
0x5e6ee0 Pie
0x5e6ee4 PatBlt
0x5e6ee8 MoveToEx
0x5e6eec MaskBlt
0x5e6ef0 LineTo
0x5e6ef4 IntersectClipRect
0x5e6ef8 GetWindowOrgEx
0x5e6efc GetWinMetaFileBits
0x5e6f00 GetTextMetricsW
0x5e6f04 GetTextExtentPointW
0x5e6f08 GetTextExtentPoint32W
0x5e6f0c GetSystemPaletteEntries
0x5e6f10 GetStretchBltMode
0x5e6f14 GetStockObject
0x5e6f18 GetRgnBox
0x5e6f1c GetPixel
0x5e6f20 GetPaletteEntries
0x5e6f24 GetObjectW
0x5e6f28 GetEnhMetaFilePaletteEntries
0x5e6f2c GetEnhMetaFileHeader
0x5e6f30 GetEnhMetaFileDescriptionW
0x5e6f34 GetEnhMetaFileBits
0x5e6f38 GetDeviceCaps
0x5e6f3c GetDIBits
0x5e6f40 GetDIBColorTable
0x5e6f44 GetCurrentPositionEx
0x5e6f48 GetClipBox
0x5e6f4c GetBrushOrgEx
0x5e6f50 GetBitmapBits
0x5e6f54 GdiFlush
0x5e6f58 FrameRgn
0x5e6f5c ExtTextOutW
0x5e6f60 ExtFloodFill
0x5e6f64 ExcludeClipRect
0x5e6f68 EnumFontsW
0x5e6f6c EnumFontFamiliesExW
0x5e6f70 EndPage
0x5e6f74 EndDoc
0x5e6f78 Ellipse
0x5e6f7c DeleteObject
0x5e6f80 DeleteEnhMetaFile
0x5e6f84 DeleteDC
0x5e6f88 CreateSolidBrush
0x5e6f8c CreateRectRgn
0x5e6f90 CreatePenIndirect
0x5e6f94 CreatePalette
0x5e6f98 CreateICW
0x5e6f9c CreateHalftonePalette
0x5e6fa0 CreateFontIndirectW
0x5e6fa4 CreateDIBitmap
0x5e6fa8 CreateDIBSection
0x5e6fac CreateDCW
0x5e6fb0 CreateCompatibleDC
0x5e6fb4 CreateCompatibleBitmap
0x5e6fb8 CreateBrushIndirect
0x5e6fbc CreateBitmap
0x5e6fc0 CopyEnhMetaFileW
0x5e6fc4 Chord
0x5e6fc8 BitBlt
0x5e6fcc ArcTo
0x5e6fd0 Arc
0x5e6fd4 AngleArc
0x5e6fd8 AbortDoc
version.dll
0x5e6fe0 VerQueryValueW
0x5e6fe4 GetFileVersionInfoSizeW
0x5e6fe8 GetFileVersionInfoW
kernel32.dll
0x5e6ff0 WriteFile
0x5e6ff4 WideCharToMultiByte
0x5e6ff8 WaitForSingleObject
0x5e6ffc WaitForMultipleObjectsEx
0x5e7000 VirtualQueryEx
0x5e7004 VirtualQuery
0x5e7008 VirtualProtect
0x5e700c VirtualFree
0x5e7010 VirtualAlloc
0x5e7014 VerSetConditionMask
0x5e7018 VerifyVersionInfoW
0x5e701c TryEnterCriticalSection
0x5e7020 SwitchToThread
0x5e7024 SuspendThread
0x5e7028 Sleep
0x5e702c SizeofResource
0x5e7030 SetThreadPriority
0x5e7034 SetThreadLocale
0x5e7038 SetLastError
0x5e703c SetFilePointer
0x5e7040 SetEvent
0x5e7044 SetErrorMode
0x5e7048 SetEndOfFile
0x5e704c ResumeThread
0x5e7050 ResetEvent
0x5e7054 RemoveDirectoryW
0x5e7058 ReadFile
0x5e705c RaiseException
0x5e7060 QueryPerformanceFrequency
0x5e7064 QueryPerformanceCounter
0x5e7068 IsDebuggerPresent
0x5e706c MulDiv
0x5e7070 MoveFileW
0x5e7074 LockResource
0x5e7078 LocalFree
0x5e707c LoadResource
0x5e7080 LoadLibraryW
0x5e7084 LeaveCriticalSection
0x5e7088 IsValidLocale
0x5e708c InitializeCriticalSection
0x5e7090 HeapSize
0x5e7094 HeapFree
0x5e7098 HeapDestroy
0x5e709c HeapCreate
0x5e70a0 HeapAlloc
0x5e70a4 GlobalUnlock
0x5e70a8 GlobalLock
0x5e70ac GlobalFree
0x5e70b0 GlobalFindAtomW
0x5e70b4 GlobalDeleteAtom
0x5e70b8 GlobalAlloc
0x5e70bc GlobalAddAtomW
0x5e70c0 GetVersionExW
0x5e70c4 GetVersion
0x5e70c8 GetTickCount
0x5e70cc GetThreadPriority
0x5e70d0 GetThreadLocale
0x5e70d4 GetStdHandle
0x5e70d8 GetProcAddress
0x5e70dc GetModuleHandleW
0x5e70e0 GetModuleFileNameW
0x5e70e4 GetLocaleInfoW
0x5e70e8 GetLocalTime
0x5e70ec GetLastError
0x5e70f0 GetFullPathNameW
0x5e70f4 GetFileAttributesW
0x5e70f8 GetExitCodeThread
0x5e70fc GetDiskFreeSpaceW
0x5e7100 GetDateFormatW
0x5e7104 GetCurrentThreadId
0x5e7108 GetCurrentThread
0x5e710c GetCurrentProcessId
0x5e7110 GetCurrentProcess
0x5e7114 GetCPInfoExW
0x5e7118 GetCPInfo
0x5e711c GetACP
0x5e7120 FreeResource
0x5e7124 InterlockedExchange
0x5e7128 InterlockedCompareExchange
0x5e712c FreeLibrary
0x5e7130 FormatMessageW
0x5e7134 FindResourceW
0x5e7138 FindFirstFileW
0x5e713c FindClose
0x5e7140 EnumSystemLocalesW
0x5e7144 EnumResourceNamesW
0x5e7148 EnumCalendarInfoW
0x5e714c EnterCriticalSection
0x5e7150 DeleteFileW
0x5e7154 DeleteCriticalSection
0x5e7158 CreateThread
0x5e715c CreateFileW
0x5e7160 CreateEventW
0x5e7164 CompareStringW
0x5e7168 CloseHandle
advapi32.dll
0x5e7170 RegUnLoadKeyW
0x5e7174 RegSetValueExW
0x5e7178 RegSaveKeyW
0x5e717c RegRestoreKeyW
0x5e7180 RegReplaceKeyW
0x5e7184 RegQueryValueExW
0x5e7188 RegQueryInfoKeyW
0x5e718c RegOpenKeyExW
0x5e7190 RegLoadKeyW
0x5e7194 RegFlushKey
0x5e7198 RegEnumValueW
0x5e719c RegEnumKeyExW
0x5e71a0 RegDeleteValueW
0x5e71a4 RegDeleteKeyW
0x5e71a8 RegCreateKeyExW
0x5e71ac RegConnectRegistryW
0x5e71b0 RegCloseKey
kernel32.dll
0x5e71b8 Sleep
netapi32.dll
0x5e71c0 NetWkstaGetInfo
oleaut32.dll
0x5e71c8 SafeArrayPtrOfIndex
0x5e71cc SafeArrayGetUBound
0x5e71d0 SafeArrayGetLBound
0x5e71d4 SafeArrayCreate
0x5e71d8 VariantChangeType
0x5e71dc VariantCopy
0x5e71e0 VariantClear
0x5e71e4 VariantInit
oleaut32.dll
0x5e71ec GetErrorInfo
0x5e71f0 SysFreeString
ole32.dll
0x5e71f8 OleUninitialize
0x5e71fc OleInitialize
0x5e7200 CoTaskMemFree
0x5e7204 CoTaskMemAlloc
0x5e7208 CoCreateInstance
0x5e720c CoUninitialize
0x5e7210 CoInitialize
0x5e7214 IsEqualGUID
comctl32.dll
0x5e721c InitializeFlatSB
0x5e7220 FlatSB_SetScrollProp
0x5e7224 FlatSB_SetScrollPos
0x5e7228 FlatSB_SetScrollInfo
0x5e722c FlatSB_GetScrollPos
0x5e7230 FlatSB_GetScrollInfo
0x5e7234 _TrackMouseEvent
0x5e7238 ImageList_GetImageInfo
0x5e723c ImageList_SetIconSize
0x5e7240 ImageList_GetIconSize
0x5e7244 ImageList_Write
0x5e7248 ImageList_Read
0x5e724c ImageList_GetDragImage
0x5e7250 ImageList_DragShowNolock
0x5e7254 ImageList_DragMove
0x5e7258 ImageList_DragLeave
0x5e725c ImageList_DragEnter
0x5e7260 ImageList_EndDrag
0x5e7264 ImageList_BeginDrag
0x5e7268 ImageList_Copy
0x5e726c ImageList_LoadImageW
0x5e7270 ImageList_GetIcon
0x5e7274 ImageList_Remove
0x5e7278 ImageList_DrawEx
0x5e727c ImageList_Replace
0x5e7280 ImageList_Draw
0x5e7284 ImageList_SetOverlayImage
0x5e7288 ImageList_GetBkColor
0x5e728c ImageList_SetBkColor
0x5e7290 ImageList_ReplaceIcon
0x5e7294 ImageList_Add
0x5e7298 ImageList_SetImageCount
0x5e729c ImageList_GetImageCount
0x5e72a0 ImageList_Destroy
0x5e72a4 ImageList_Create
user32.dll
0x5e72ac EnumDisplayMonitors
0x5e72b0 GetMonitorInfoW
0x5e72b4 MonitorFromPoint
0x5e72b8 MonitorFromRect
0x5e72bc MonitorFromWindow
shell32.dll
0x5e72c4 ShellExecuteExW
0x5e72c8 Shell_NotifyIconW
shell32.dll
0x5e72d0 SHGetFolderPathW
winspool.drv
0x5e72d8 OpenPrinterW
0x5e72dc EnumPrintersW
0x5e72e0 DocumentPropertiesW
0x5e72e4 ClosePrinter
winspool.drv
0x5e72ec GetDefaultPrinterW
shell32.dll
0x5e72f4 IsUserAnAdmin
kernel32.dll
0x5e72fc GetConsoleWindow
kernel32.dll
0x5e7304 GetConsoleWindow
EAT(Export Address Table) Library
0x5cf88c JLI_CmdToArgs
0x5cfc6c JLI_GetStdArgc
0x5cfc80 JLI_GetStdArgs
0x5cfc94 JLI_Launch
0x5cfca8 JLI_MemAlloc
0x5cfcbc JLI_ReportErrorMessage
0x5cfcd0 JLI_ReportErrorMessageSys
0x5cfce4 JLI_ReportMessage
0x5cfcf8 JLI_SetTraceLauncher
0x460a0c TMethodImplementationIntercept
0x4102b8 __dbk_fcall_wrapper
0x5e25ac dbkFCallWrapperAddr