ScreenShot
| Created | 2023.11.08 17:38 | Machine | s1_win7_x6403 |
| Filename | bet365.exe | ||
| Type | PE32 executable (console) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | |||
| md5 | 90427a600ba896346dca58a43f4cc77f | ||
| sha256 | a8a172e5e99b940b86720dfffa4a822a486b4a7334c420cdefae80fca5ce2638 | ||
| ssdeep | 98304:KEjAuvLZidHg42wcN3zhgDsZvIkZXiCIc42sLFhaRhZ:KzYWHg4FcN3zBZvbIc42Esh | ||
| imphash | 6e9b3e1bda3c0f68dc16d377339cf3e1 | ||
| impfuzzy | 192:oF3MDbuuaxSUvK9kso1XhJeiLeRxv1qZPOQH5E:G3maq9uSN1uPOQZE | ||
Network IP location
Signature (23cnts)
| Level | Description |
|---|---|
| danger | Executed a process and injected code into it |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Expresses interest in specific running processes |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | One or more of the buffers contains an embedded PE file |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| watch | Used NtSetContextThread to modify a thread in a remote process indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Executes one or more WMI queries |
| notice | One or more potentially interesting buffers were extracted |
| notice | Potentially malicious URLs were found in the process memory dump |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (29cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | Code_injection | Code injection with CreateRemoteThread in a remote process | memory |
| notice | Escalate_priviledges | Escalate priviledges | memory |
| notice | Generic_PWS_Memory_Zero | PWS Memory | memory |
| notice | KeyLogger | Run a KeyLogger | memory |
| notice | Network_DNS | Communications use DNS | memory |
| notice | Network_HTTP | Communications over HTTP | memory |
| notice | Network_TCP_Socket | Communications over RAW Socket | memory |
| notice | ScreenShot | Take ScreenShot | memory |
| notice | Str_Win32_Http_API | Match Windows Http API call | memory |
| notice | Str_Win32_Internet_API | Match Windows Inet API call | memory |
| info | anti_dbg | Checks if being debugged | memory |
| info | antisb_threatExpert | Anti-Sandbox checks for ThreatExpert | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (download) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x500f8760 SysFreeString
0x500f8764 SysReAllocStringLen
0x500f8768 SysAllocStringLen
advapi32.dll
0x500f8770 RegQueryValueExA
0x500f8774 RegOpenKeyExA
0x500f8778 RegCloseKey
user32.dll
0x500f8780 GetKeyboardType
0x500f8784 DestroyWindow
0x500f8788 LoadStringA
0x500f878c MessageBoxA
0x500f8790 CharNextA
kernel32.dll
0x500f8798 GetACP
0x500f879c Sleep
0x500f87a0 VirtualFree
0x500f87a4 VirtualAlloc
0x500f87a8 GetCurrentThreadId
0x500f87ac InterlockedDecrement
0x500f87b0 InterlockedIncrement
0x500f87b4 VirtualQuery
0x500f87b8 WideCharToMultiByte
0x500f87bc SetCurrentDirectoryA
0x500f87c0 MultiByteToWideChar
0x500f87c4 lstrlenA
0x500f87c8 lstrcpynA
0x500f87cc LoadLibraryExA
0x500f87d0 GetThreadLocale
0x500f87d4 GetStartupInfoA
0x500f87d8 GetProcAddress
0x500f87dc GetModuleHandleA
0x500f87e0 GetModuleFileNameA
0x500f87e4 GetLocaleInfoA
0x500f87e8 GetLastError
0x500f87ec GetCurrentDirectoryA
0x500f87f0 GetCommandLineA
0x500f87f4 FreeLibrary
0x500f87f8 FindFirstFileA
0x500f87fc FindClose
0x500f8800 ExitProcess
0x500f8804 CompareStringA
0x500f8808 WriteFile
0x500f880c UnhandledExceptionFilter
0x500f8810 RtlUnwind
0x500f8814 RaiseException
0x500f8818 GetStdHandle
kernel32.dll
0x500f8820 TlsSetValue
0x500f8824 TlsGetValue
0x500f8828 LocalAlloc
0x500f882c GetModuleHandleA
user32.dll
0x500f8834 CreateWindowExA
0x500f8838 WindowFromPoint
0x500f883c WaitMessage
0x500f8840 UpdateWindow
0x500f8844 UnregisterClassA
0x500f8848 UnhookWindowsHookEx
0x500f884c TranslateMessage
0x500f8850 TranslateMDISysAccel
0x500f8854 TrackPopupMenu
0x500f8858 SystemParametersInfoA
0x500f885c ShowWindow
0x500f8860 ShowScrollBar
0x500f8864 ShowOwnedPopups
0x500f8868 SetWindowsHookExA
0x500f886c SetWindowTextA
0x500f8870 SetWindowPos
0x500f8874 SetWindowPlacement
0x500f8878 SetWindowLongW
0x500f887c SetWindowLongA
0x500f8880 SetTimer
0x500f8884 SetScrollRange
0x500f8888 SetScrollPos
0x500f888c SetScrollInfo
0x500f8890 SetRect
0x500f8894 SetPropA
0x500f8898 SetParent
0x500f889c SetMenuItemInfoA
0x500f88a0 SetMenu
0x500f88a4 SetForegroundWindow
0x500f88a8 SetFocus
0x500f88ac SetCursor
0x500f88b0 SetClassLongA
0x500f88b4 SetCapture
0x500f88b8 SetActiveWindow
0x500f88bc SendMessageW
0x500f88c0 SendMessageA
0x500f88c4 ScrollWindow
0x500f88c8 ScreenToClient
0x500f88cc RemovePropA
0x500f88d0 RemoveMenu
0x500f88d4 ReleaseDC
0x500f88d8 ReleaseCapture
0x500f88dc RegisterWindowMessageA
0x500f88e0 RegisterClipboardFormatA
0x500f88e4 RegisterClassA
0x500f88e8 RedrawWindow
0x500f88ec PtInRect
0x500f88f0 PostQuitMessage
0x500f88f4 PostMessageA
0x500f88f8 PeekMessageW
0x500f88fc PeekMessageA
0x500f8900 OffsetRect
0x500f8904 OemToCharA
0x500f8908 MessageBoxA
0x500f890c MapWindowPoints
0x500f8910 MapVirtualKeyA
0x500f8914 LoadStringA
0x500f8918 LoadKeyboardLayoutA
0x500f891c LoadIconA
0x500f8920 LoadCursorA
0x500f8924 LoadBitmapA
0x500f8928 KillTimer
0x500f892c IsZoomed
0x500f8930 IsWindowVisible
0x500f8934 IsWindowUnicode
0x500f8938 IsWindowEnabled
0x500f893c IsWindow
0x500f8940 IsRectEmpty
0x500f8944 IsIconic
0x500f8948 IsDialogMessageW
0x500f894c IsDialogMessageA
0x500f8950 IsChild
0x500f8954 InvalidateRect
0x500f8958 IntersectRect
0x500f895c InsertMenuItemA
0x500f8960 InsertMenuA
0x500f8964 InflateRect
0x500f8968 GetWindowThreadProcessId
0x500f896c GetWindowTextA
0x500f8970 GetWindowRect
0x500f8974 GetWindowPlacement
0x500f8978 GetWindowLongW
0x500f897c GetWindowLongA
0x500f8980 GetWindowDC
0x500f8984 GetTopWindow
0x500f8988 GetSystemMetrics
0x500f898c GetSystemMenu
0x500f8990 GetSysColorBrush
0x500f8994 GetSysColor
0x500f8998 GetSubMenu
0x500f899c GetScrollRange
0x500f89a0 GetScrollPos
0x500f89a4 GetScrollInfo
0x500f89a8 GetPropA
0x500f89ac GetParent
0x500f89b0 GetWindow
0x500f89b4 GetMessagePos
0x500f89b8 GetMenuStringA
0x500f89bc GetMenuState
0x500f89c0 GetMenuItemInfoA
0x500f89c4 GetMenuItemID
0x500f89c8 GetMenuItemCount
0x500f89cc GetMenu
0x500f89d0 GetLastActivePopup
0x500f89d4 GetKeyboardState
0x500f89d8 GetKeyboardLayoutNameA
0x500f89dc GetKeyboardLayoutList
0x500f89e0 GetKeyboardLayout
0x500f89e4 GetKeyState
0x500f89e8 GetKeyNameTextA
0x500f89ec GetKBCodePage
0x500f89f0 GetIconInfo
0x500f89f4 GetForegroundWindow
0x500f89f8 GetFocus
0x500f89fc GetDesktopWindow
0x500f8a00 GetDCEx
0x500f8a04 GetDC
0x500f8a08 GetCursorPos
0x500f8a0c GetCursor
0x500f8a10 GetClipboardData
0x500f8a14 GetClientRect
0x500f8a18 GetClassLongA
0x500f8a1c GetClassInfoA
0x500f8a20 GetCapture
0x500f8a24 GetActiveWindow
0x500f8a28 FrameRect
0x500f8a2c FindWindowA
0x500f8a30 FillRect
0x500f8a34 EqualRect
0x500f8a38 EnumWindows
0x500f8a3c EnumThreadWindows
0x500f8a40 EnumChildWindows
0x500f8a44 EndPaint
0x500f8a48 EnableWindow
0x500f8a4c EnableScrollBar
0x500f8a50 EnableMenuItem
0x500f8a54 DrawTextA
0x500f8a58 DrawMenuBar
0x500f8a5c DrawIconEx
0x500f8a60 DrawIcon
0x500f8a64 DrawFrameControl
0x500f8a68 DrawFocusRect
0x500f8a6c DrawEdge
0x500f8a70 DispatchMessageW
0x500f8a74 DispatchMessageA
0x500f8a78 DestroyWindow
0x500f8a7c DestroyMenu
0x500f8a80 DestroyIcon
0x500f8a84 DestroyCursor
0x500f8a88 DeleteMenu
0x500f8a8c DefWindowProcA
0x500f8a90 DefMDIChildProcA
0x500f8a94 DefFrameProcA
0x500f8a98 CreatePopupMenu
0x500f8a9c CreateMenu
0x500f8aa0 CreateIcon
0x500f8aa4 ClientToScreen
0x500f8aa8 CheckMenuItem
0x500f8aac CallWindowProcA
0x500f8ab0 CallNextHookEx
0x500f8ab4 BeginPaint
0x500f8ab8 CharNextA
0x500f8abc CharLowerBuffA
0x500f8ac0 CharLowerA
0x500f8ac4 CharToOemA
0x500f8ac8 AdjustWindowRectEx
0x500f8acc ActivateKeyboardLayout
gdi32.dll
0x500f8ad4 UnrealizeObject
0x500f8ad8 StretchBlt
0x500f8adc SetWindowOrgEx
0x500f8ae0 SetWinMetaFileBits
0x500f8ae4 SetViewportOrgEx
0x500f8ae8 SetTextColor
0x500f8aec SetStretchBltMode
0x500f8af0 SetROP2
0x500f8af4 SetPixel
0x500f8af8 SetEnhMetaFileBits
0x500f8afc SetDIBColorTable
0x500f8b00 SetBrushOrgEx
0x500f8b04 SetBkMode
0x500f8b08 SetBkColor
0x500f8b0c SelectPalette
0x500f8b10 SelectObject
0x500f8b14 SaveDC
0x500f8b18 RestoreDC
0x500f8b1c Rectangle
0x500f8b20 RectVisible
0x500f8b24 RealizePalette
0x500f8b28 Polyline
0x500f8b2c PlayEnhMetaFile
0x500f8b30 PatBlt
0x500f8b34 MoveToEx
0x500f8b38 MaskBlt
0x500f8b3c LineTo
0x500f8b40 IntersectClipRect
0x500f8b44 GetWindowOrgEx
0x500f8b48 GetWinMetaFileBits
0x500f8b4c GetTextMetricsA
0x500f8b50 GetTextExtentPoint32A
0x500f8b54 GetSystemPaletteEntries
0x500f8b58 GetStockObject
0x500f8b5c GetRgnBox
0x500f8b60 GetPixel
0x500f8b64 GetPaletteEntries
0x500f8b68 GetObjectA
0x500f8b6c GetEnhMetaFilePaletteEntries
0x500f8b70 GetEnhMetaFileHeader
0x500f8b74 GetEnhMetaFileBits
0x500f8b78 GetDeviceCaps
0x500f8b7c GetDIBits
0x500f8b80 GetDIBColorTable
0x500f8b84 GetDCOrgEx
0x500f8b88 GetCurrentPositionEx
0x500f8b8c GetClipBox
0x500f8b90 GetBrushOrgEx
0x500f8b94 GetBitmapBits
0x500f8b98 ExtTextOutA
0x500f8b9c ExcludeClipRect
0x500f8ba0 DeleteObject
0x500f8ba4 DeleteEnhMetaFile
0x500f8ba8 DeleteDC
0x500f8bac CreateSolidBrush
0x500f8bb0 CreatePenIndirect
0x500f8bb4 CreatePalette
0x500f8bb8 CreateHalftonePalette
0x500f8bbc CreateFontIndirectA
0x500f8bc0 CreateDIBitmap
0x500f8bc4 CreateDIBSection
0x500f8bc8 CreateCompatibleDC
0x500f8bcc CreateCompatibleBitmap
0x500f8bd0 CreateBrushIndirect
0x500f8bd4 CreateBitmap
0x500f8bd8 CopyEnhMetaFileA
0x500f8bdc BitBlt
version.dll
0x500f8be4 VerQueryValueA
0x500f8be8 GetFileVersionInfoSizeA
0x500f8bec GetFileVersionInfoA
kernel32.dll
0x500f8bf4 lstrcpyA
0x500f8bf8 WriteFile
0x500f8bfc WaitForSingleObject
0x500f8c00 VirtualQuery
0x500f8c04 VirtualAlloc
0x500f8c08 SizeofResource
0x500f8c0c SetThreadLocale
0x500f8c10 SetFilePointer
0x500f8c14 SetEvent
0x500f8c18 SetErrorMode
0x500f8c1c SetEndOfFile
0x500f8c20 ResetEvent
0x500f8c24 ReadFile
0x500f8c28 MulDiv
0x500f8c2c LockResource
0x500f8c30 LoadResource
0x500f8c34 LoadLibraryA
0x500f8c38 LeaveCriticalSection
0x500f8c3c InitializeCriticalSection
0x500f8c40 GlobalFindAtomA
0x500f8c44 GlobalDeleteAtom
0x500f8c48 GlobalAddAtomA
0x500f8c4c GetVersionExA
0x500f8c50 GetVersion
0x500f8c54 GetUserDefaultLCID
0x500f8c58 GetTickCount
0x500f8c5c GetThreadLocale
0x500f8c60 GetStdHandle
0x500f8c64 GetProcAddress
0x500f8c68 GetModuleHandleA
0x500f8c6c GetModuleFileNameA
0x500f8c70 GetLocaleInfoA
0x500f8c74 GetLocalTime
0x500f8c78 GetLastError
0x500f8c7c GetFullPathNameA
0x500f8c80 GetFileAttributesA
0x500f8c84 GetDriveTypeA
0x500f8c88 GetDiskFreeSpaceA
0x500f8c8c GetDateFormatA
0x500f8c90 GetCurrentThreadId
0x500f8c94 GetCurrentThread
0x500f8c98 GetCurrentProcessId
0x500f8c9c GetCPInfo
0x500f8ca0 FreeResource
0x500f8ca4 InterlockedExchange
0x500f8ca8 FreeLibrary
0x500f8cac FormatMessageA
0x500f8cb0 FlushConsoleInputBuffer
0x500f8cb4 FindResourceA
0x500f8cb8 FindNextFileA
0x500f8cbc FindFirstFileA
0x500f8cc0 FindClose
0x500f8cc4 FileTimeToLocalFileTime
0x500f8cc8 FileTimeToDosDateTime
0x500f8ccc EnumCalendarInfoA
0x500f8cd0 EnterCriticalSection
0x500f8cd4 DeleteCriticalSection
0x500f8cd8 CreateThread
0x500f8cdc CreateFileA
0x500f8ce0 CreateEventA
0x500f8ce4 CompareStringA
0x500f8ce8 CloseHandle
0x500f8cec AddAtomA
advapi32.dll
0x500f8cf4 RegQueryValueExA
0x500f8cf8 RegOpenKeyExA
0x500f8cfc RegFlushKey
0x500f8d00 RegCloseKey
kernel32.dll
0x500f8d08 Sleep
oleaut32.dll
0x500f8d10 SafeArrayPtrOfIndex
0x500f8d14 SafeArrayGetUBound
0x500f8d18 SafeArrayGetLBound
0x500f8d1c SafeArrayCreate
0x500f8d20 VariantChangeType
0x500f8d24 VariantCopy
0x500f8d28 VariantClear
0x500f8d2c VariantInit
comctl32.dll
0x500f8d34 _TrackMouseEvent
0x500f8d38 ImageList_SetIconSize
0x500f8d3c ImageList_GetIconSize
0x500f8d40 ImageList_Write
0x500f8d44 ImageList_Read
0x500f8d48 ImageList_GetDragImage
0x500f8d4c ImageList_DragShowNolock
0x500f8d50 ImageList_DragMove
0x500f8d54 ImageList_DragLeave
0x500f8d58 ImageList_DragEnter
0x500f8d5c ImageList_EndDrag
0x500f8d60 ImageList_BeginDrag
0x500f8d64 ImageList_Remove
0x500f8d68 ImageList_DrawEx
0x500f8d6c ImageList_Draw
0x500f8d70 ImageList_GetBkColor
0x500f8d74 ImageList_SetBkColor
0x500f8d78 ImageList_Add
0x500f8d7c ImageList_GetImageCount
0x500f8d80 ImageList_Destroy
0x500f8d84 ImageList_Create
comdlg32.dll
0x500f8d8c ChooseColorA
EAT(Export Address Table) is none
oleaut32.dll
0x500f8760 SysFreeString
0x500f8764 SysReAllocStringLen
0x500f8768 SysAllocStringLen
advapi32.dll
0x500f8770 RegQueryValueExA
0x500f8774 RegOpenKeyExA
0x500f8778 RegCloseKey
user32.dll
0x500f8780 GetKeyboardType
0x500f8784 DestroyWindow
0x500f8788 LoadStringA
0x500f878c MessageBoxA
0x500f8790 CharNextA
kernel32.dll
0x500f8798 GetACP
0x500f879c Sleep
0x500f87a0 VirtualFree
0x500f87a4 VirtualAlloc
0x500f87a8 GetCurrentThreadId
0x500f87ac InterlockedDecrement
0x500f87b0 InterlockedIncrement
0x500f87b4 VirtualQuery
0x500f87b8 WideCharToMultiByte
0x500f87bc SetCurrentDirectoryA
0x500f87c0 MultiByteToWideChar
0x500f87c4 lstrlenA
0x500f87c8 lstrcpynA
0x500f87cc LoadLibraryExA
0x500f87d0 GetThreadLocale
0x500f87d4 GetStartupInfoA
0x500f87d8 GetProcAddress
0x500f87dc GetModuleHandleA
0x500f87e0 GetModuleFileNameA
0x500f87e4 GetLocaleInfoA
0x500f87e8 GetLastError
0x500f87ec GetCurrentDirectoryA
0x500f87f0 GetCommandLineA
0x500f87f4 FreeLibrary
0x500f87f8 FindFirstFileA
0x500f87fc FindClose
0x500f8800 ExitProcess
0x500f8804 CompareStringA
0x500f8808 WriteFile
0x500f880c UnhandledExceptionFilter
0x500f8810 RtlUnwind
0x500f8814 RaiseException
0x500f8818 GetStdHandle
kernel32.dll
0x500f8820 TlsSetValue
0x500f8824 TlsGetValue
0x500f8828 LocalAlloc
0x500f882c GetModuleHandleA
user32.dll
0x500f8834 CreateWindowExA
0x500f8838 WindowFromPoint
0x500f883c WaitMessage
0x500f8840 UpdateWindow
0x500f8844 UnregisterClassA
0x500f8848 UnhookWindowsHookEx
0x500f884c TranslateMessage
0x500f8850 TranslateMDISysAccel
0x500f8854 TrackPopupMenu
0x500f8858 SystemParametersInfoA
0x500f885c ShowWindow
0x500f8860 ShowScrollBar
0x500f8864 ShowOwnedPopups
0x500f8868 SetWindowsHookExA
0x500f886c SetWindowTextA
0x500f8870 SetWindowPos
0x500f8874 SetWindowPlacement
0x500f8878 SetWindowLongW
0x500f887c SetWindowLongA
0x500f8880 SetTimer
0x500f8884 SetScrollRange
0x500f8888 SetScrollPos
0x500f888c SetScrollInfo
0x500f8890 SetRect
0x500f8894 SetPropA
0x500f8898 SetParent
0x500f889c SetMenuItemInfoA
0x500f88a0 SetMenu
0x500f88a4 SetForegroundWindow
0x500f88a8 SetFocus
0x500f88ac SetCursor
0x500f88b0 SetClassLongA
0x500f88b4 SetCapture
0x500f88b8 SetActiveWindow
0x500f88bc SendMessageW
0x500f88c0 SendMessageA
0x500f88c4 ScrollWindow
0x500f88c8 ScreenToClient
0x500f88cc RemovePropA
0x500f88d0 RemoveMenu
0x500f88d4 ReleaseDC
0x500f88d8 ReleaseCapture
0x500f88dc RegisterWindowMessageA
0x500f88e0 RegisterClipboardFormatA
0x500f88e4 RegisterClassA
0x500f88e8 RedrawWindow
0x500f88ec PtInRect
0x500f88f0 PostQuitMessage
0x500f88f4 PostMessageA
0x500f88f8 PeekMessageW
0x500f88fc PeekMessageA
0x500f8900 OffsetRect
0x500f8904 OemToCharA
0x500f8908 MessageBoxA
0x500f890c MapWindowPoints
0x500f8910 MapVirtualKeyA
0x500f8914 LoadStringA
0x500f8918 LoadKeyboardLayoutA
0x500f891c LoadIconA
0x500f8920 LoadCursorA
0x500f8924 LoadBitmapA
0x500f8928 KillTimer
0x500f892c IsZoomed
0x500f8930 IsWindowVisible
0x500f8934 IsWindowUnicode
0x500f8938 IsWindowEnabled
0x500f893c IsWindow
0x500f8940 IsRectEmpty
0x500f8944 IsIconic
0x500f8948 IsDialogMessageW
0x500f894c IsDialogMessageA
0x500f8950 IsChild
0x500f8954 InvalidateRect
0x500f8958 IntersectRect
0x500f895c InsertMenuItemA
0x500f8960 InsertMenuA
0x500f8964 InflateRect
0x500f8968 GetWindowThreadProcessId
0x500f896c GetWindowTextA
0x500f8970 GetWindowRect
0x500f8974 GetWindowPlacement
0x500f8978 GetWindowLongW
0x500f897c GetWindowLongA
0x500f8980 GetWindowDC
0x500f8984 GetTopWindow
0x500f8988 GetSystemMetrics
0x500f898c GetSystemMenu
0x500f8990 GetSysColorBrush
0x500f8994 GetSysColor
0x500f8998 GetSubMenu
0x500f899c GetScrollRange
0x500f89a0 GetScrollPos
0x500f89a4 GetScrollInfo
0x500f89a8 GetPropA
0x500f89ac GetParent
0x500f89b0 GetWindow
0x500f89b4 GetMessagePos
0x500f89b8 GetMenuStringA
0x500f89bc GetMenuState
0x500f89c0 GetMenuItemInfoA
0x500f89c4 GetMenuItemID
0x500f89c8 GetMenuItemCount
0x500f89cc GetMenu
0x500f89d0 GetLastActivePopup
0x500f89d4 GetKeyboardState
0x500f89d8 GetKeyboardLayoutNameA
0x500f89dc GetKeyboardLayoutList
0x500f89e0 GetKeyboardLayout
0x500f89e4 GetKeyState
0x500f89e8 GetKeyNameTextA
0x500f89ec GetKBCodePage
0x500f89f0 GetIconInfo
0x500f89f4 GetForegroundWindow
0x500f89f8 GetFocus
0x500f89fc GetDesktopWindow
0x500f8a00 GetDCEx
0x500f8a04 GetDC
0x500f8a08 GetCursorPos
0x500f8a0c GetCursor
0x500f8a10 GetClipboardData
0x500f8a14 GetClientRect
0x500f8a18 GetClassLongA
0x500f8a1c GetClassInfoA
0x500f8a20 GetCapture
0x500f8a24 GetActiveWindow
0x500f8a28 FrameRect
0x500f8a2c FindWindowA
0x500f8a30 FillRect
0x500f8a34 EqualRect
0x500f8a38 EnumWindows
0x500f8a3c EnumThreadWindows
0x500f8a40 EnumChildWindows
0x500f8a44 EndPaint
0x500f8a48 EnableWindow
0x500f8a4c EnableScrollBar
0x500f8a50 EnableMenuItem
0x500f8a54 DrawTextA
0x500f8a58 DrawMenuBar
0x500f8a5c DrawIconEx
0x500f8a60 DrawIcon
0x500f8a64 DrawFrameControl
0x500f8a68 DrawFocusRect
0x500f8a6c DrawEdge
0x500f8a70 DispatchMessageW
0x500f8a74 DispatchMessageA
0x500f8a78 DestroyWindow
0x500f8a7c DestroyMenu
0x500f8a80 DestroyIcon
0x500f8a84 DestroyCursor
0x500f8a88 DeleteMenu
0x500f8a8c DefWindowProcA
0x500f8a90 DefMDIChildProcA
0x500f8a94 DefFrameProcA
0x500f8a98 CreatePopupMenu
0x500f8a9c CreateMenu
0x500f8aa0 CreateIcon
0x500f8aa4 ClientToScreen
0x500f8aa8 CheckMenuItem
0x500f8aac CallWindowProcA
0x500f8ab0 CallNextHookEx
0x500f8ab4 BeginPaint
0x500f8ab8 CharNextA
0x500f8abc CharLowerBuffA
0x500f8ac0 CharLowerA
0x500f8ac4 CharToOemA
0x500f8ac8 AdjustWindowRectEx
0x500f8acc ActivateKeyboardLayout
gdi32.dll
0x500f8ad4 UnrealizeObject
0x500f8ad8 StretchBlt
0x500f8adc SetWindowOrgEx
0x500f8ae0 SetWinMetaFileBits
0x500f8ae4 SetViewportOrgEx
0x500f8ae8 SetTextColor
0x500f8aec SetStretchBltMode
0x500f8af0 SetROP2
0x500f8af4 SetPixel
0x500f8af8 SetEnhMetaFileBits
0x500f8afc SetDIBColorTable
0x500f8b00 SetBrushOrgEx
0x500f8b04 SetBkMode
0x500f8b08 SetBkColor
0x500f8b0c SelectPalette
0x500f8b10 SelectObject
0x500f8b14 SaveDC
0x500f8b18 RestoreDC
0x500f8b1c Rectangle
0x500f8b20 RectVisible
0x500f8b24 RealizePalette
0x500f8b28 Polyline
0x500f8b2c PlayEnhMetaFile
0x500f8b30 PatBlt
0x500f8b34 MoveToEx
0x500f8b38 MaskBlt
0x500f8b3c LineTo
0x500f8b40 IntersectClipRect
0x500f8b44 GetWindowOrgEx
0x500f8b48 GetWinMetaFileBits
0x500f8b4c GetTextMetricsA
0x500f8b50 GetTextExtentPoint32A
0x500f8b54 GetSystemPaletteEntries
0x500f8b58 GetStockObject
0x500f8b5c GetRgnBox
0x500f8b60 GetPixel
0x500f8b64 GetPaletteEntries
0x500f8b68 GetObjectA
0x500f8b6c GetEnhMetaFilePaletteEntries
0x500f8b70 GetEnhMetaFileHeader
0x500f8b74 GetEnhMetaFileBits
0x500f8b78 GetDeviceCaps
0x500f8b7c GetDIBits
0x500f8b80 GetDIBColorTable
0x500f8b84 GetDCOrgEx
0x500f8b88 GetCurrentPositionEx
0x500f8b8c GetClipBox
0x500f8b90 GetBrushOrgEx
0x500f8b94 GetBitmapBits
0x500f8b98 ExtTextOutA
0x500f8b9c ExcludeClipRect
0x500f8ba0 DeleteObject
0x500f8ba4 DeleteEnhMetaFile
0x500f8ba8 DeleteDC
0x500f8bac CreateSolidBrush
0x500f8bb0 CreatePenIndirect
0x500f8bb4 CreatePalette
0x500f8bb8 CreateHalftonePalette
0x500f8bbc CreateFontIndirectA
0x500f8bc0 CreateDIBitmap
0x500f8bc4 CreateDIBSection
0x500f8bc8 CreateCompatibleDC
0x500f8bcc CreateCompatibleBitmap
0x500f8bd0 CreateBrushIndirect
0x500f8bd4 CreateBitmap
0x500f8bd8 CopyEnhMetaFileA
0x500f8bdc BitBlt
version.dll
0x500f8be4 VerQueryValueA
0x500f8be8 GetFileVersionInfoSizeA
0x500f8bec GetFileVersionInfoA
kernel32.dll
0x500f8bf4 lstrcpyA
0x500f8bf8 WriteFile
0x500f8bfc WaitForSingleObject
0x500f8c00 VirtualQuery
0x500f8c04 VirtualAlloc
0x500f8c08 SizeofResource
0x500f8c0c SetThreadLocale
0x500f8c10 SetFilePointer
0x500f8c14 SetEvent
0x500f8c18 SetErrorMode
0x500f8c1c SetEndOfFile
0x500f8c20 ResetEvent
0x500f8c24 ReadFile
0x500f8c28 MulDiv
0x500f8c2c LockResource
0x500f8c30 LoadResource
0x500f8c34 LoadLibraryA
0x500f8c38 LeaveCriticalSection
0x500f8c3c InitializeCriticalSection
0x500f8c40 GlobalFindAtomA
0x500f8c44 GlobalDeleteAtom
0x500f8c48 GlobalAddAtomA
0x500f8c4c GetVersionExA
0x500f8c50 GetVersion
0x500f8c54 GetUserDefaultLCID
0x500f8c58 GetTickCount
0x500f8c5c GetThreadLocale
0x500f8c60 GetStdHandle
0x500f8c64 GetProcAddress
0x500f8c68 GetModuleHandleA
0x500f8c6c GetModuleFileNameA
0x500f8c70 GetLocaleInfoA
0x500f8c74 GetLocalTime
0x500f8c78 GetLastError
0x500f8c7c GetFullPathNameA
0x500f8c80 GetFileAttributesA
0x500f8c84 GetDriveTypeA
0x500f8c88 GetDiskFreeSpaceA
0x500f8c8c GetDateFormatA
0x500f8c90 GetCurrentThreadId
0x500f8c94 GetCurrentThread
0x500f8c98 GetCurrentProcessId
0x500f8c9c GetCPInfo
0x500f8ca0 FreeResource
0x500f8ca4 InterlockedExchange
0x500f8ca8 FreeLibrary
0x500f8cac FormatMessageA
0x500f8cb0 FlushConsoleInputBuffer
0x500f8cb4 FindResourceA
0x500f8cb8 FindNextFileA
0x500f8cbc FindFirstFileA
0x500f8cc0 FindClose
0x500f8cc4 FileTimeToLocalFileTime
0x500f8cc8 FileTimeToDosDateTime
0x500f8ccc EnumCalendarInfoA
0x500f8cd0 EnterCriticalSection
0x500f8cd4 DeleteCriticalSection
0x500f8cd8 CreateThread
0x500f8cdc CreateFileA
0x500f8ce0 CreateEventA
0x500f8ce4 CompareStringA
0x500f8ce8 CloseHandle
0x500f8cec AddAtomA
advapi32.dll
0x500f8cf4 RegQueryValueExA
0x500f8cf8 RegOpenKeyExA
0x500f8cfc RegFlushKey
0x500f8d00 RegCloseKey
kernel32.dll
0x500f8d08 Sleep
oleaut32.dll
0x500f8d10 SafeArrayPtrOfIndex
0x500f8d14 SafeArrayGetUBound
0x500f8d18 SafeArrayGetLBound
0x500f8d1c SafeArrayCreate
0x500f8d20 VariantChangeType
0x500f8d24 VariantCopy
0x500f8d28 VariantClear
0x500f8d2c VariantInit
comctl32.dll
0x500f8d34 _TrackMouseEvent
0x500f8d38 ImageList_SetIconSize
0x500f8d3c ImageList_GetIconSize
0x500f8d40 ImageList_Write
0x500f8d44 ImageList_Read
0x500f8d48 ImageList_GetDragImage
0x500f8d4c ImageList_DragShowNolock
0x500f8d50 ImageList_DragMove
0x500f8d54 ImageList_DragLeave
0x500f8d58 ImageList_DragEnter
0x500f8d5c ImageList_EndDrag
0x500f8d60 ImageList_BeginDrag
0x500f8d64 ImageList_Remove
0x500f8d68 ImageList_DrawEx
0x500f8d6c ImageList_Draw
0x500f8d70 ImageList_GetBkColor
0x500f8d74 ImageList_SetBkColor
0x500f8d78 ImageList_Add
0x500f8d7c ImageList_GetImageCount
0x500f8d80 ImageList_Destroy
0x500f8d84 ImageList_Create
comdlg32.dll
0x500f8d8c ChooseColorA
EAT(Export Address Table) is none