ScreenShot
| Created | 2023.11.11 16:50 | Machine | s1_win7_x6403 |
| Filename | system12.exe | ||
| Type | PE32 executable (console) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | |||
| md5 | 76237495f1127cd3e1506ef3cdac3fbb | ||
| sha256 | 4fb56fc91b2d13afeb1ace4a5dfc6cca15ae7da40669e059650563e24bfac063 | ||
| ssdeep | 24576:lobNy5HZN1AXQdGRZEb4zaqfaadDe+DfKjC9pxctSYBAiRalfw:lobQPOQdVqaadDeSfK8rDl | ||
| imphash | 3a3f63e5f4b01f8ec17b0d524c5d7c52 | ||
| impfuzzy | 192:oF3MDbuuaxSUvK93sosqXEcelRxG13ZPOQrE:G3maq9jW01pPOQrE | ||
Network IP location
Signature (24cnts)
| Level | Description |
|---|---|
| danger | Executed a process and injected code into it |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Expresses interest in specific running processes |
| watch | Installs itself for autorun at Windows startup |
| watch | One or more of the buffers contains an embedded PE file |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| watch | Uses Sysinternals tools in order to add additional command line functionality |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Drops a binary and executes it |
| notice | Drops an executable to the user AppData folder |
| notice | Executes one or more WMI queries |
| notice | One or more potentially interesting buffers were extracted |
| notice | Potentially malicious URLs were found in the process memory dump |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | Uses Windows utilities for basic Windows functionality |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (20cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | anti_dbg | Checks if being debugged | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerCheck__RemoteAPI | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | ftp_command | ftp command | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x215c774c SysFreeString
0x215c7750 SysReAllocStringLen
0x215c7754 SysAllocStringLen
advapi32.dll
0x215c775c RegQueryValueExA
0x215c7760 RegOpenKeyExA
0x215c7764 RegCloseKey
user32.dll
0x215c776c GetKeyboardType
0x215c7770 DestroyWindow
0x215c7774 LoadStringA
0x215c7778 MessageBoxA
0x215c777c CharNextA
kernel32.dll
0x215c7784 GetACP
0x215c7788 Sleep
0x215c778c VirtualFree
0x215c7790 VirtualAlloc
0x215c7794 GetCurrentThreadId
0x215c7798 InterlockedDecrement
0x215c779c InterlockedIncrement
0x215c77a0 VirtualQuery
0x215c77a4 WideCharToMultiByte
0x215c77a8 SetCurrentDirectoryA
0x215c77ac MultiByteToWideChar
0x215c77b0 lstrlenA
0x215c77b4 lstrcpynA
0x215c77b8 LoadLibraryExA
0x215c77bc GetThreadLocale
0x215c77c0 GetStartupInfoA
0x215c77c4 GetProcAddress
0x215c77c8 GetModuleHandleA
0x215c77cc GetModuleFileNameA
0x215c77d0 GetLocaleInfoA
0x215c77d4 GetLastError
0x215c77d8 GetCurrentDirectoryA
0x215c77dc GetCommandLineA
0x215c77e0 FreeLibrary
0x215c77e4 FindFirstFileA
0x215c77e8 FindClose
0x215c77ec ExitProcess
0x215c77f0 CompareStringA
0x215c77f4 WriteFile
0x215c77f8 UnhandledExceptionFilter
0x215c77fc RtlUnwind
0x215c7800 RaiseException
0x215c7804 GetStdHandle
kernel32.dll
0x215c780c TlsSetValue
0x215c7810 TlsGetValue
0x215c7814 LocalAlloc
0x215c7818 GetModuleHandleA
user32.dll
0x215c7820 CreateWindowExA
0x215c7824 WindowFromPoint
0x215c7828 WaitMessage
0x215c782c UpdateWindow
0x215c7830 UnregisterClassA
0x215c7834 UnhookWindowsHookEx
0x215c7838 TranslateMessage
0x215c783c TranslateMDISysAccel
0x215c7840 TrackPopupMenu
0x215c7844 SystemParametersInfoA
0x215c7848 ShowWindow
0x215c784c ShowScrollBar
0x215c7850 ShowOwnedPopups
0x215c7854 SetWindowsHookExA
0x215c7858 SetWindowTextA
0x215c785c SetWindowPos
0x215c7860 SetWindowPlacement
0x215c7864 SetWindowLongW
0x215c7868 SetWindowLongA
0x215c786c SetTimer
0x215c7870 SetScrollRange
0x215c7874 SetScrollPos
0x215c7878 SetScrollInfo
0x215c787c SetRect
0x215c7880 SetPropA
0x215c7884 SetParent
0x215c7888 SetMenuItemInfoA
0x215c788c SetMenu
0x215c7890 SetForegroundWindow
0x215c7894 SetFocus
0x215c7898 SetCursor
0x215c789c SetClassLongA
0x215c78a0 SetCapture
0x215c78a4 SetActiveWindow
0x215c78a8 SendMessageW
0x215c78ac SendMessageA
0x215c78b0 ScrollWindow
0x215c78b4 ScreenToClient
0x215c78b8 RemovePropA
0x215c78bc RemoveMenu
0x215c78c0 ReleaseDC
0x215c78c4 ReleaseCapture
0x215c78c8 RegisterWindowMessageA
0x215c78cc RegisterClipboardFormatA
0x215c78d0 RegisterClassA
0x215c78d4 RedrawWindow
0x215c78d8 PtInRect
0x215c78dc PostQuitMessage
0x215c78e0 PostMessageA
0x215c78e4 PeekMessageW
0x215c78e8 PeekMessageA
0x215c78ec OpenIcon
0x215c78f0 OffsetRect
0x215c78f4 OemToCharA
0x215c78f8 MessageBoxA
0x215c78fc MapWindowPoints
0x215c7900 MapVirtualKeyA
0x215c7904 LoadStringA
0x215c7908 LoadKeyboardLayoutA
0x215c790c LoadIconA
0x215c7910 LoadCursorA
0x215c7914 LoadBitmapA
0x215c7918 KillTimer
0x215c791c IsZoomed
0x215c7920 IsWindowVisible
0x215c7924 IsWindowUnicode
0x215c7928 IsWindowEnabled
0x215c792c IsWindow
0x215c7930 IsRectEmpty
0x215c7934 IsIconic
0x215c7938 IsDialogMessageW
0x215c793c IsDialogMessageA
0x215c7940 IsChild
0x215c7944 InvalidateRect
0x215c7948 IntersectRect
0x215c794c InsertMenuItemA
0x215c7950 InsertMenuA
0x215c7954 InflateRect
0x215c7958 GetWindowThreadProcessId
0x215c795c GetWindowTextA
0x215c7960 GetWindowRect
0x215c7964 GetWindowPlacement
0x215c7968 GetWindowLongW
0x215c796c GetWindowLongA
0x215c7970 GetWindowDC
0x215c7974 GetTopWindow
0x215c7978 GetSystemMetrics
0x215c797c GetSystemMenu
0x215c7980 GetSysColorBrush
0x215c7984 GetSysColor
0x215c7988 GetSubMenu
0x215c798c GetScrollRange
0x215c7990 GetScrollPos
0x215c7994 GetScrollInfo
0x215c7998 GetPropA
0x215c799c GetParent
0x215c79a0 GetWindow
0x215c79a4 GetMessagePos
0x215c79a8 GetMenuStringA
0x215c79ac GetMenuState
0x215c79b0 GetMenuItemInfoA
0x215c79b4 GetMenuItemID
0x215c79b8 GetMenuItemCount
0x215c79bc GetMenuContextHelpId
0x215c79c0 GetMenu
0x215c79c4 GetLastActivePopup
0x215c79c8 GetKeyboardState
0x215c79cc GetKeyboardLayoutNameA
0x215c79d0 GetKeyboardLayoutList
0x215c79d4 GetKeyboardLayout
0x215c79d8 GetKeyState
0x215c79dc GetKeyNameTextA
0x215c79e0 GetIconInfo
0x215c79e4 GetForegroundWindow
0x215c79e8 GetFocus
0x215c79ec GetDesktopWindow
0x215c79f0 GetDCEx
0x215c79f4 GetDC
0x215c79f8 GetCursorPos
0x215c79fc GetCursor
0x215c7a00 GetClientRect
0x215c7a04 GetClassLongA
0x215c7a08 GetClassInfoA
0x215c7a0c GetCapture
0x215c7a10 GetActiveWindow
0x215c7a14 FrameRect
0x215c7a18 FindWindowA
0x215c7a1c FillRect
0x215c7a20 EqualRect
0x215c7a24 EnumWindows
0x215c7a28 EnumThreadWindows
0x215c7a2c EnumChildWindows
0x215c7a30 EndPaint
0x215c7a34 EnableWindow
0x215c7a38 EnableScrollBar
0x215c7a3c EnableMenuItem
0x215c7a40 DrawTextA
0x215c7a44 DrawMenuBar
0x215c7a48 DrawIconEx
0x215c7a4c DrawIcon
0x215c7a50 DrawFrameControl
0x215c7a54 DrawFocusRect
0x215c7a58 DrawEdge
0x215c7a5c DispatchMessageW
0x215c7a60 DispatchMessageA
0x215c7a64 DestroyWindow
0x215c7a68 DestroyMenu
0x215c7a6c DestroyIcon
0x215c7a70 DestroyCursor
0x215c7a74 DestroyCaret
0x215c7a78 DeleteMenu
0x215c7a7c DefWindowProcA
0x215c7a80 DefMDIChildProcA
0x215c7a84 DefFrameProcA
0x215c7a88 CreatePopupMenu
0x215c7a8c CreateMenu
0x215c7a90 CreateIcon
0x215c7a94 ClientToScreen
0x215c7a98 CheckMenuItem
0x215c7a9c CallWindowProcA
0x215c7aa0 CallNextHookEx
0x215c7aa4 BeginPaint
0x215c7aa8 CharNextA
0x215c7aac CharLowerBuffA
0x215c7ab0 CharLowerA
0x215c7ab4 CharToOemA
0x215c7ab8 AdjustWindowRectEx
0x215c7abc ActivateKeyboardLayout
gdi32.dll
0x215c7ac4 UnrealizeObject
0x215c7ac8 StretchBlt
0x215c7acc SetWindowOrgEx
0x215c7ad0 SetViewportOrgEx
0x215c7ad4 SetTextColor
0x215c7ad8 SetStretchBltMode
0x215c7adc SetROP2
0x215c7ae0 SetPixel
0x215c7ae4 SetDIBColorTable
0x215c7ae8 SetBrushOrgEx
0x215c7aec SetBkMode
0x215c7af0 SetBkColor
0x215c7af4 SelectPalette
0x215c7af8 SelectObject
0x215c7afc SaveDC
0x215c7b00 RoundRect
0x215c7b04 RestoreDC
0x215c7b08 Rectangle
0x215c7b0c RectVisible
0x215c7b10 RealizePalette
0x215c7b14 Polyline
0x215c7b18 PatBlt
0x215c7b1c MoveToEx
0x215c7b20 MaskBlt
0x215c7b24 LineTo
0x215c7b28 IntersectClipRect
0x215c7b2c GetWindowOrgEx
0x215c7b30 GetTextMetricsA
0x215c7b34 GetTextExtentPoint32A
0x215c7b38 GetSystemPaletteEntries
0x215c7b3c GetStockObject
0x215c7b40 GetRgnBox
0x215c7b44 GetPixel
0x215c7b48 GetPaletteEntries
0x215c7b4c GetObjectType
0x215c7b50 GetObjectA
0x215c7b54 GetDeviceCaps
0x215c7b58 GetDIBits
0x215c7b5c GetDIBColorTable
0x215c7b60 GetDCOrgEx
0x215c7b64 GetCurrentPositionEx
0x215c7b68 GetClipBox
0x215c7b6c GetBrushOrgEx
0x215c7b70 GetBitmapBits
0x215c7b74 ExtTextOutA
0x215c7b78 ExcludeClipRect
0x215c7b7c EndDoc
0x215c7b80 Ellipse
0x215c7b84 DeleteObject
0x215c7b88 DeleteDC
0x215c7b8c DeleteColorSpace
0x215c7b90 CreateSolidBrush
0x215c7b94 CreatePenIndirect
0x215c7b98 CreatePalette
0x215c7b9c CreateHalftonePalette
0x215c7ba0 CreateFontIndirectA
0x215c7ba4 CreateDIBitmap
0x215c7ba8 CreateDIBSection
0x215c7bac CreateCompatibleDC
0x215c7bb0 CreateCompatibleBitmap
0x215c7bb4 CreateBrushIndirect
0x215c7bb8 CreateBitmap
0x215c7bbc BitBlt
0x215c7bc0 AbortDoc
version.dll
0x215c7bc8 VerQueryValueA
0x215c7bcc GetFileVersionInfoSizeA
0x215c7bd0 GetFileVersionInfoA
kernel32.dll
0x215c7bd8 lstrcpyA
0x215c7bdc WriteFile
0x215c7be0 WaitForSingleObject
0x215c7be4 VirtualQuery
0x215c7be8 VirtualAlloc
0x215c7bec SizeofResource
0x215c7bf0 SetThreadLocale
0x215c7bf4 SetFilePointer
0x215c7bf8 SetEvent
0x215c7bfc SetErrorMode
0x215c7c00 SetEndOfFile
0x215c7c04 ResetEvent
0x215c7c08 ReadFile
0x215c7c0c MulDiv
0x215c7c10 LockResource
0x215c7c14 LoadResource
0x215c7c18 LoadLibraryA
0x215c7c1c LeaveCriticalSection
0x215c7c20 InitializeCriticalSection
0x215c7c24 GlobalFindAtomA
0x215c7c28 GlobalDeleteAtom
0x215c7c2c GlobalAddAtomA
0x215c7c30 GetVersionExA
0x215c7c34 GetVersion
0x215c7c38 GetUserDefaultLCID
0x215c7c3c GetTickCount
0x215c7c40 GetThreadLocale
0x215c7c44 GetStdHandle
0x215c7c48 GetProcAddress
0x215c7c4c GetModuleHandleA
0x215c7c50 GetModuleFileNameA
0x215c7c54 GetLocaleInfoA
0x215c7c58 GetLocalTime
0x215c7c5c GetLastError
0x215c7c60 GetFullPathNameA
0x215c7c64 GetFileAttributesA
0x215c7c68 GetDriveTypeA
0x215c7c6c GetDiskFreeSpaceA
0x215c7c70 GetDateFormatA
0x215c7c74 GetCurrentThreadId
0x215c7c78 GetCurrentProcessId
0x215c7c7c GetCPInfo
0x215c7c80 FreeResource
0x215c7c84 InterlockedExchange
0x215c7c88 FreeLibrary
0x215c7c8c FormatMessageA
0x215c7c90 FindResourceA
0x215c7c94 FindNextFileA
0x215c7c98 FindFirstFileA
0x215c7c9c FindClose
0x215c7ca0 FileTimeToLocalFileTime
0x215c7ca4 FileTimeToDosDateTime
0x215c7ca8 EnumCalendarInfoA
0x215c7cac EnterCriticalSection
0x215c7cb0 DeleteCriticalSection
0x215c7cb4 CreateThread
0x215c7cb8 CreateFileA
0x215c7cbc CreateEventA
0x215c7cc0 CompareStringA
0x215c7cc4 CloseHandle
0x215c7cc8 AddAtomA
advapi32.dll
0x215c7cd0 RegQueryValueExA
0x215c7cd4 RegOpenKeyExA
0x215c7cd8 RegFlushKey
0x215c7cdc RegCloseKey
kernel32.dll
0x215c7ce4 Sleep
oleaut32.dll
0x215c7cec SafeArrayPtrOfIndex
0x215c7cf0 SafeArrayGetUBound
0x215c7cf4 SafeArrayGetLBound
0x215c7cf8 SafeArrayCreate
0x215c7cfc VariantChangeType
0x215c7d00 VariantCopy
0x215c7d04 VariantClear
0x215c7d08 VariantInit
comctl32.dll
0x215c7d10 _TrackMouseEvent
0x215c7d14 ImageList_SetIconSize
0x215c7d18 ImageList_GetIconSize
0x215c7d1c ImageList_Write
0x215c7d20 ImageList_Read
0x215c7d24 ImageList_DragShowNolock
0x215c7d28 ImageList_DragMove
0x215c7d2c ImageList_DragLeave
0x215c7d30 ImageList_DragEnter
0x215c7d34 ImageList_EndDrag
0x215c7d38 ImageList_BeginDrag
0x215c7d3c ImageList_Remove
0x215c7d40 ImageList_DrawEx
0x215c7d44 ImageList_Draw
0x215c7d48 ImageList_GetBkColor
0x215c7d4c ImageList_SetBkColor
0x215c7d50 ImageList_Add
0x215c7d54 ImageList_GetImageCount
0x215c7d58 ImageList_Destroy
0x215c7d5c ImageList_Create
comdlg32.dll
0x215c7d64 ChooseColorA
EAT(Export Address Table) is none
oleaut32.dll
0x215c774c SysFreeString
0x215c7750 SysReAllocStringLen
0x215c7754 SysAllocStringLen
advapi32.dll
0x215c775c RegQueryValueExA
0x215c7760 RegOpenKeyExA
0x215c7764 RegCloseKey
user32.dll
0x215c776c GetKeyboardType
0x215c7770 DestroyWindow
0x215c7774 LoadStringA
0x215c7778 MessageBoxA
0x215c777c CharNextA
kernel32.dll
0x215c7784 GetACP
0x215c7788 Sleep
0x215c778c VirtualFree
0x215c7790 VirtualAlloc
0x215c7794 GetCurrentThreadId
0x215c7798 InterlockedDecrement
0x215c779c InterlockedIncrement
0x215c77a0 VirtualQuery
0x215c77a4 WideCharToMultiByte
0x215c77a8 SetCurrentDirectoryA
0x215c77ac MultiByteToWideChar
0x215c77b0 lstrlenA
0x215c77b4 lstrcpynA
0x215c77b8 LoadLibraryExA
0x215c77bc GetThreadLocale
0x215c77c0 GetStartupInfoA
0x215c77c4 GetProcAddress
0x215c77c8 GetModuleHandleA
0x215c77cc GetModuleFileNameA
0x215c77d0 GetLocaleInfoA
0x215c77d4 GetLastError
0x215c77d8 GetCurrentDirectoryA
0x215c77dc GetCommandLineA
0x215c77e0 FreeLibrary
0x215c77e4 FindFirstFileA
0x215c77e8 FindClose
0x215c77ec ExitProcess
0x215c77f0 CompareStringA
0x215c77f4 WriteFile
0x215c77f8 UnhandledExceptionFilter
0x215c77fc RtlUnwind
0x215c7800 RaiseException
0x215c7804 GetStdHandle
kernel32.dll
0x215c780c TlsSetValue
0x215c7810 TlsGetValue
0x215c7814 LocalAlloc
0x215c7818 GetModuleHandleA
user32.dll
0x215c7820 CreateWindowExA
0x215c7824 WindowFromPoint
0x215c7828 WaitMessage
0x215c782c UpdateWindow
0x215c7830 UnregisterClassA
0x215c7834 UnhookWindowsHookEx
0x215c7838 TranslateMessage
0x215c783c TranslateMDISysAccel
0x215c7840 TrackPopupMenu
0x215c7844 SystemParametersInfoA
0x215c7848 ShowWindow
0x215c784c ShowScrollBar
0x215c7850 ShowOwnedPopups
0x215c7854 SetWindowsHookExA
0x215c7858 SetWindowTextA
0x215c785c SetWindowPos
0x215c7860 SetWindowPlacement
0x215c7864 SetWindowLongW
0x215c7868 SetWindowLongA
0x215c786c SetTimer
0x215c7870 SetScrollRange
0x215c7874 SetScrollPos
0x215c7878 SetScrollInfo
0x215c787c SetRect
0x215c7880 SetPropA
0x215c7884 SetParent
0x215c7888 SetMenuItemInfoA
0x215c788c SetMenu
0x215c7890 SetForegroundWindow
0x215c7894 SetFocus
0x215c7898 SetCursor
0x215c789c SetClassLongA
0x215c78a0 SetCapture
0x215c78a4 SetActiveWindow
0x215c78a8 SendMessageW
0x215c78ac SendMessageA
0x215c78b0 ScrollWindow
0x215c78b4 ScreenToClient
0x215c78b8 RemovePropA
0x215c78bc RemoveMenu
0x215c78c0 ReleaseDC
0x215c78c4 ReleaseCapture
0x215c78c8 RegisterWindowMessageA
0x215c78cc RegisterClipboardFormatA
0x215c78d0 RegisterClassA
0x215c78d4 RedrawWindow
0x215c78d8 PtInRect
0x215c78dc PostQuitMessage
0x215c78e0 PostMessageA
0x215c78e4 PeekMessageW
0x215c78e8 PeekMessageA
0x215c78ec OpenIcon
0x215c78f0 OffsetRect
0x215c78f4 OemToCharA
0x215c78f8 MessageBoxA
0x215c78fc MapWindowPoints
0x215c7900 MapVirtualKeyA
0x215c7904 LoadStringA
0x215c7908 LoadKeyboardLayoutA
0x215c790c LoadIconA
0x215c7910 LoadCursorA
0x215c7914 LoadBitmapA
0x215c7918 KillTimer
0x215c791c IsZoomed
0x215c7920 IsWindowVisible
0x215c7924 IsWindowUnicode
0x215c7928 IsWindowEnabled
0x215c792c IsWindow
0x215c7930 IsRectEmpty
0x215c7934 IsIconic
0x215c7938 IsDialogMessageW
0x215c793c IsDialogMessageA
0x215c7940 IsChild
0x215c7944 InvalidateRect
0x215c7948 IntersectRect
0x215c794c InsertMenuItemA
0x215c7950 InsertMenuA
0x215c7954 InflateRect
0x215c7958 GetWindowThreadProcessId
0x215c795c GetWindowTextA
0x215c7960 GetWindowRect
0x215c7964 GetWindowPlacement
0x215c7968 GetWindowLongW
0x215c796c GetWindowLongA
0x215c7970 GetWindowDC
0x215c7974 GetTopWindow
0x215c7978 GetSystemMetrics
0x215c797c GetSystemMenu
0x215c7980 GetSysColorBrush
0x215c7984 GetSysColor
0x215c7988 GetSubMenu
0x215c798c GetScrollRange
0x215c7990 GetScrollPos
0x215c7994 GetScrollInfo
0x215c7998 GetPropA
0x215c799c GetParent
0x215c79a0 GetWindow
0x215c79a4 GetMessagePos
0x215c79a8 GetMenuStringA
0x215c79ac GetMenuState
0x215c79b0 GetMenuItemInfoA
0x215c79b4 GetMenuItemID
0x215c79b8 GetMenuItemCount
0x215c79bc GetMenuContextHelpId
0x215c79c0 GetMenu
0x215c79c4 GetLastActivePopup
0x215c79c8 GetKeyboardState
0x215c79cc GetKeyboardLayoutNameA
0x215c79d0 GetKeyboardLayoutList
0x215c79d4 GetKeyboardLayout
0x215c79d8 GetKeyState
0x215c79dc GetKeyNameTextA
0x215c79e0 GetIconInfo
0x215c79e4 GetForegroundWindow
0x215c79e8 GetFocus
0x215c79ec GetDesktopWindow
0x215c79f0 GetDCEx
0x215c79f4 GetDC
0x215c79f8 GetCursorPos
0x215c79fc GetCursor
0x215c7a00 GetClientRect
0x215c7a04 GetClassLongA
0x215c7a08 GetClassInfoA
0x215c7a0c GetCapture
0x215c7a10 GetActiveWindow
0x215c7a14 FrameRect
0x215c7a18 FindWindowA
0x215c7a1c FillRect
0x215c7a20 EqualRect
0x215c7a24 EnumWindows
0x215c7a28 EnumThreadWindows
0x215c7a2c EnumChildWindows
0x215c7a30 EndPaint
0x215c7a34 EnableWindow
0x215c7a38 EnableScrollBar
0x215c7a3c EnableMenuItem
0x215c7a40 DrawTextA
0x215c7a44 DrawMenuBar
0x215c7a48 DrawIconEx
0x215c7a4c DrawIcon
0x215c7a50 DrawFrameControl
0x215c7a54 DrawFocusRect
0x215c7a58 DrawEdge
0x215c7a5c DispatchMessageW
0x215c7a60 DispatchMessageA
0x215c7a64 DestroyWindow
0x215c7a68 DestroyMenu
0x215c7a6c DestroyIcon
0x215c7a70 DestroyCursor
0x215c7a74 DestroyCaret
0x215c7a78 DeleteMenu
0x215c7a7c DefWindowProcA
0x215c7a80 DefMDIChildProcA
0x215c7a84 DefFrameProcA
0x215c7a88 CreatePopupMenu
0x215c7a8c CreateMenu
0x215c7a90 CreateIcon
0x215c7a94 ClientToScreen
0x215c7a98 CheckMenuItem
0x215c7a9c CallWindowProcA
0x215c7aa0 CallNextHookEx
0x215c7aa4 BeginPaint
0x215c7aa8 CharNextA
0x215c7aac CharLowerBuffA
0x215c7ab0 CharLowerA
0x215c7ab4 CharToOemA
0x215c7ab8 AdjustWindowRectEx
0x215c7abc ActivateKeyboardLayout
gdi32.dll
0x215c7ac4 UnrealizeObject
0x215c7ac8 StretchBlt
0x215c7acc SetWindowOrgEx
0x215c7ad0 SetViewportOrgEx
0x215c7ad4 SetTextColor
0x215c7ad8 SetStretchBltMode
0x215c7adc SetROP2
0x215c7ae0 SetPixel
0x215c7ae4 SetDIBColorTable
0x215c7ae8 SetBrushOrgEx
0x215c7aec SetBkMode
0x215c7af0 SetBkColor
0x215c7af4 SelectPalette
0x215c7af8 SelectObject
0x215c7afc SaveDC
0x215c7b00 RoundRect
0x215c7b04 RestoreDC
0x215c7b08 Rectangle
0x215c7b0c RectVisible
0x215c7b10 RealizePalette
0x215c7b14 Polyline
0x215c7b18 PatBlt
0x215c7b1c MoveToEx
0x215c7b20 MaskBlt
0x215c7b24 LineTo
0x215c7b28 IntersectClipRect
0x215c7b2c GetWindowOrgEx
0x215c7b30 GetTextMetricsA
0x215c7b34 GetTextExtentPoint32A
0x215c7b38 GetSystemPaletteEntries
0x215c7b3c GetStockObject
0x215c7b40 GetRgnBox
0x215c7b44 GetPixel
0x215c7b48 GetPaletteEntries
0x215c7b4c GetObjectType
0x215c7b50 GetObjectA
0x215c7b54 GetDeviceCaps
0x215c7b58 GetDIBits
0x215c7b5c GetDIBColorTable
0x215c7b60 GetDCOrgEx
0x215c7b64 GetCurrentPositionEx
0x215c7b68 GetClipBox
0x215c7b6c GetBrushOrgEx
0x215c7b70 GetBitmapBits
0x215c7b74 ExtTextOutA
0x215c7b78 ExcludeClipRect
0x215c7b7c EndDoc
0x215c7b80 Ellipse
0x215c7b84 DeleteObject
0x215c7b88 DeleteDC
0x215c7b8c DeleteColorSpace
0x215c7b90 CreateSolidBrush
0x215c7b94 CreatePenIndirect
0x215c7b98 CreatePalette
0x215c7b9c CreateHalftonePalette
0x215c7ba0 CreateFontIndirectA
0x215c7ba4 CreateDIBitmap
0x215c7ba8 CreateDIBSection
0x215c7bac CreateCompatibleDC
0x215c7bb0 CreateCompatibleBitmap
0x215c7bb4 CreateBrushIndirect
0x215c7bb8 CreateBitmap
0x215c7bbc BitBlt
0x215c7bc0 AbortDoc
version.dll
0x215c7bc8 VerQueryValueA
0x215c7bcc GetFileVersionInfoSizeA
0x215c7bd0 GetFileVersionInfoA
kernel32.dll
0x215c7bd8 lstrcpyA
0x215c7bdc WriteFile
0x215c7be0 WaitForSingleObject
0x215c7be4 VirtualQuery
0x215c7be8 VirtualAlloc
0x215c7bec SizeofResource
0x215c7bf0 SetThreadLocale
0x215c7bf4 SetFilePointer
0x215c7bf8 SetEvent
0x215c7bfc SetErrorMode
0x215c7c00 SetEndOfFile
0x215c7c04 ResetEvent
0x215c7c08 ReadFile
0x215c7c0c MulDiv
0x215c7c10 LockResource
0x215c7c14 LoadResource
0x215c7c18 LoadLibraryA
0x215c7c1c LeaveCriticalSection
0x215c7c20 InitializeCriticalSection
0x215c7c24 GlobalFindAtomA
0x215c7c28 GlobalDeleteAtom
0x215c7c2c GlobalAddAtomA
0x215c7c30 GetVersionExA
0x215c7c34 GetVersion
0x215c7c38 GetUserDefaultLCID
0x215c7c3c GetTickCount
0x215c7c40 GetThreadLocale
0x215c7c44 GetStdHandle
0x215c7c48 GetProcAddress
0x215c7c4c GetModuleHandleA
0x215c7c50 GetModuleFileNameA
0x215c7c54 GetLocaleInfoA
0x215c7c58 GetLocalTime
0x215c7c5c GetLastError
0x215c7c60 GetFullPathNameA
0x215c7c64 GetFileAttributesA
0x215c7c68 GetDriveTypeA
0x215c7c6c GetDiskFreeSpaceA
0x215c7c70 GetDateFormatA
0x215c7c74 GetCurrentThreadId
0x215c7c78 GetCurrentProcessId
0x215c7c7c GetCPInfo
0x215c7c80 FreeResource
0x215c7c84 InterlockedExchange
0x215c7c88 FreeLibrary
0x215c7c8c FormatMessageA
0x215c7c90 FindResourceA
0x215c7c94 FindNextFileA
0x215c7c98 FindFirstFileA
0x215c7c9c FindClose
0x215c7ca0 FileTimeToLocalFileTime
0x215c7ca4 FileTimeToDosDateTime
0x215c7ca8 EnumCalendarInfoA
0x215c7cac EnterCriticalSection
0x215c7cb0 DeleteCriticalSection
0x215c7cb4 CreateThread
0x215c7cb8 CreateFileA
0x215c7cbc CreateEventA
0x215c7cc0 CompareStringA
0x215c7cc4 CloseHandle
0x215c7cc8 AddAtomA
advapi32.dll
0x215c7cd0 RegQueryValueExA
0x215c7cd4 RegOpenKeyExA
0x215c7cd8 RegFlushKey
0x215c7cdc RegCloseKey
kernel32.dll
0x215c7ce4 Sleep
oleaut32.dll
0x215c7cec SafeArrayPtrOfIndex
0x215c7cf0 SafeArrayGetUBound
0x215c7cf4 SafeArrayGetLBound
0x215c7cf8 SafeArrayCreate
0x215c7cfc VariantChangeType
0x215c7d00 VariantCopy
0x215c7d04 VariantClear
0x215c7d08 VariantInit
comctl32.dll
0x215c7d10 _TrackMouseEvent
0x215c7d14 ImageList_SetIconSize
0x215c7d18 ImageList_GetIconSize
0x215c7d1c ImageList_Write
0x215c7d20 ImageList_Read
0x215c7d24 ImageList_DragShowNolock
0x215c7d28 ImageList_DragMove
0x215c7d2c ImageList_DragLeave
0x215c7d30 ImageList_DragEnter
0x215c7d34 ImageList_EndDrag
0x215c7d38 ImageList_BeginDrag
0x215c7d3c ImageList_Remove
0x215c7d40 ImageList_DrawEx
0x215c7d44 ImageList_Draw
0x215c7d48 ImageList_GetBkColor
0x215c7d4c ImageList_SetBkColor
0x215c7d50 ImageList_Add
0x215c7d54 ImageList_GetImageCount
0x215c7d58 ImageList_Destroy
0x215c7d5c ImageList_Create
comdlg32.dll
0x215c7d64 ChooseColorA
EAT(Export Address Table) is none