ScreenShot
| Created | 2023.12.08 18:36 | Machine | s1_win7_x6401 |
| Filename | chrome.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 41 detected (AIDetectMalware, GenericKD, unsafe, Save, malicious, Remcos, Attribute, HighConfidence, high confidence, ModiLoader, MalwareX, CLASSIC, AGEN, moderate, score, Detected, Wacatac, QUN8GH, ai score=85, Chgt, Static AI, Suspicious PE, susgen, confidence) | ||
| md5 | c0af31044fcaa756f32f13007d50724f | ||
| sha256 | 59446c75c678dcd9b9ab8c5f7e5d9566c2a5137ef7c128732f6ffcc5340e44e8 | ||
| ssdeep | 24576:g90C4/05Xhq/4dB6E8oqGQCbPEzbjvy27wPtmQ4Xl+gWeq9X9VxHfg8IitnJ0MTp:g94MN91+vzwPtmQA+qq/H48htnOM1 | ||
| imphash | abc60a961f44f20bb90ac61654a21120 | ||
| impfuzzy | 192:334Yd1QjddbuuSrSUvK9RqoaqEseSPOQwN:33/1cSA9LdPOQu | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 41 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| watch | Creates a windows hook that monitors keyboard input (keylogger) |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Uses Windows utilities for basic Windows functionality |
| info | Checks amount of memory in system |
| info | Command line console output was observed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (17cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| watch | Antivirus | Contains references to security software | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (download) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (download) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | url_file_format | Microsoft Windows Internet Shortcut File Format | binaries (download) |
Network (6cnts) ?
Suricata ids
ET JA3 Hash - Remcos 3.x TLS Connection
PE API
IAT(Import Address Table) Library
kernel32.dll
0x595140 DeleteCriticalSection
0x595144 LeaveCriticalSection
0x595148 EnterCriticalSection
0x59514c InitializeCriticalSection
0x595150 VirtualFree
0x595154 VirtualAlloc
0x595158 LocalFree
0x59515c LocalAlloc
0x595160 GetTickCount
0x595164 QueryPerformanceCounter
0x595168 GetVersion
0x59516c GetCurrentThreadId
0x595170 InterlockedDecrement
0x595174 InterlockedIncrement
0x595178 VirtualQuery
0x59517c WideCharToMultiByte
0x595180 MultiByteToWideChar
0x595184 lstrlenA
0x595188 lstrcpynA
0x59518c LoadLibraryExA
0x595190 GetThreadLocale
0x595194 GetStartupInfoA
0x595198 GetProcAddress
0x59519c GetModuleHandleA
0x5951a0 GetModuleFileNameA
0x5951a4 GetLocaleInfoA
0x5951a8 GetCommandLineA
0x5951ac FreeLibrary
0x5951b0 FindFirstFileA
0x5951b4 FindClose
0x5951b8 ExitProcess
0x5951bc WriteFile
0x5951c0 UnhandledExceptionFilter
0x5951c4 RtlUnwind
0x5951c8 RaiseException
0x5951cc GetStdHandle
user32.dll
0x5951d4 GetKeyboardType
0x5951d8 LoadStringA
0x5951dc MessageBoxA
0x5951e0 CharNextA
advapi32.dll
0x5951e8 RegQueryValueExA
0x5951ec RegOpenKeyExA
0x5951f0 RegCloseKey
oleaut32.dll
0x5951f8 SysFreeString
0x5951fc SysReAllocStringLen
0x595200 SysAllocStringLen
kernel32.dll
0x595208 TlsSetValue
0x59520c TlsGetValue
0x595210 LocalAlloc
0x595214 GetModuleHandleA
advapi32.dll
0x59521c RegQueryValueExA
0x595220 RegOpenKeyExA
0x595224 RegCloseKey
kernel32.dll
0x59522c lstrcpyA
0x595230 WriteFile
0x595234 WaitForSingleObject
0x595238 VirtualQuery
0x59523c VirtualProtect
0x595240 VirtualAlloc
0x595244 Sleep
0x595248 SizeofResource
0x59524c SetThreadLocale
0x595250 SetFilePointer
0x595254 SetEvent
0x595258 SetErrorMode
0x59525c SetEndOfFile
0x595260 ResetEvent
0x595264 ReadFile
0x595268 MultiByteToWideChar
0x59526c MulDiv
0x595270 LockResource
0x595274 LoadResource
0x595278 LoadLibraryW
0x59527c LoadLibraryA
0x595280 LeaveCriticalSection
0x595284 InitializeCriticalSection
0x595288 GlobalUnlock
0x59528c GlobalSize
0x595290 GlobalReAlloc
0x595294 GlobalHandle
0x595298 GlobalLock
0x59529c GlobalFree
0x5952a0 GlobalFindAtomA
0x5952a4 GlobalDeleteAtom
0x5952a8 GlobalAlloc
0x5952ac GlobalAddAtomA
0x5952b0 GetVersionExA
0x5952b4 GetVersion
0x5952b8 GetUserDefaultLCID
0x5952bc GetTickCount
0x5952c0 GetThreadLocale
0x5952c4 GetSystemInfo
0x5952c8 GetStringTypeExA
0x5952cc GetStdHandle
0x5952d0 GetProcAddress
0x5952d4 GetModuleHandleW
0x5952d8 GetModuleHandleA
0x5952dc GetModuleFileNameA
0x5952e0 GetLocaleInfoA
0x5952e4 GetLocalTime
0x5952e8 GetLastError
0x5952ec GetFullPathNameA
0x5952f0 GetDiskFreeSpaceA
0x5952f4 GetDateFormatA
0x5952f8 GetCurrentThreadId
0x5952fc GetCurrentProcessId
0x595300 GetCurrentProcess
0x595304 GetComputerNameA
0x595308 GetCPInfo
0x59530c GetACP
0x595310 FreeResource
0x595314 InterlockedExchange
0x595318 FreeLibrary
0x59531c FormatMessageA
0x595320 FindResourceA
0x595324 EnumCalendarInfoA
0x595328 EnterCriticalSection
0x59532c DeleteCriticalSection
0x595330 CreateThread
0x595334 CreateFileA
0x595338 CreateEventA
0x59533c CompareStringA
0x595340 CloseHandle
version.dll
0x595348 VerQueryValueA
0x59534c GetFileVersionInfoSizeA
0x595350 GetFileVersionInfoA
gdi32.dll
0x595358 UnrealizeObject
0x59535c StretchBlt
0x595360 SetWindowOrgEx
0x595364 SetWinMetaFileBits
0x595368 SetViewportOrgEx
0x59536c SetTextColor
0x595370 SetStretchBltMode
0x595374 SetROP2
0x595378 SetPixel
0x59537c SetEnhMetaFileBits
0x595380 SetDIBColorTable
0x595384 SetBrushOrgEx
0x595388 SetBkMode
0x59538c SetBkColor
0x595390 SelectPalette
0x595394 SelectObject
0x595398 SelectClipRgn
0x59539c SaveDC
0x5953a0 RestoreDC
0x5953a4 RectVisible
0x5953a8 RealizePalette
0x5953ac PlayEnhMetaFile
0x5953b0 PatBlt
0x5953b4 MoveToEx
0x5953b8 MaskBlt
0x5953bc LineTo
0x5953c0 IntersectClipRect
0x5953c4 GetWindowOrgEx
0x5953c8 GetWinMetaFileBits
0x5953cc GetTextMetricsA
0x5953d0 GetTextExtentPoint32A
0x5953d4 GetSystemPaletteEntries
0x5953d8 GetStockObject
0x5953dc GetPolyFillMode
0x5953e0 GetPixelFormat
0x5953e4 GetPixel
0x5953e8 GetPaletteEntries
0x5953ec GetObjectA
0x5953f0 GetEnhMetaFilePaletteEntries
0x5953f4 GetEnhMetaFileHeader
0x5953f8 GetEnhMetaFileDescriptionA
0x5953fc GetEnhMetaFileBits
0x595400 GetDeviceCaps
0x595404 GetDIBits
0x595408 GetDIBColorTable
0x59540c GetDCOrgEx
0x595410 GetCurrentPositionEx
0x595414 GetClipBox
0x595418 GetBrushOrgEx
0x59541c GetBitmapBits
0x595420 ExcludeClipRect
0x595424 DeleteObject
0x595428 DeleteEnhMetaFile
0x59542c DeleteDC
0x595430 CreateSolidBrush
0x595434 CreatePenIndirect
0x595438 CreatePalette
0x59543c CreateHalftonePalette
0x595440 CreateFontIndirectA
0x595444 CreateEnhMetaFileA
0x595448 CreateDIBitmap
0x59544c CreateDIBSection
0x595450 CreateCompatibleDC
0x595454 CreateCompatibleBitmap
0x595458 CreateBrushIndirect
0x59545c CreateBitmap
0x595460 CopyEnhMetaFileA
0x595464 CloseEnhMetaFile
0x595468 BitBlt
user32.dll
0x595470 CreateWindowExA
0x595474 WindowFromPoint
0x595478 WinHelpA
0x59547c WaitMessage
0x595480 UpdateWindow
0x595484 UnregisterClassA
0x595488 UnhookWindowsHookEx
0x59548c TranslateMessage
0x595490 TranslateMDISysAccel
0x595494 TrackPopupMenu
0x595498 SystemParametersInfoA
0x59549c ShowWindow
0x5954a0 ShowScrollBar
0x5954a4 ShowOwnedPopups
0x5954a8 ShowCursor
0x5954ac SetWindowsHookExA
0x5954b0 SetWindowPos
0x5954b4 SetWindowPlacement
0x5954b8 SetWindowLongA
0x5954bc SetTimer
0x5954c0 SetScrollRange
0x5954c4 SetScrollPos
0x5954c8 SetScrollInfo
0x5954cc SetRect
0x5954d0 SetPropA
0x5954d4 SetParent
0x5954d8 SetMenuItemInfoA
0x5954dc SetMenu
0x5954e0 SetForegroundWindow
0x5954e4 SetFocus
0x5954e8 SetCursor
0x5954ec SetClassLongA
0x5954f0 SetCapture
0x5954f4 SetActiveWindow
0x5954f8 SendMessageA
0x5954fc ScrollWindow
0x595500 ScreenToClient
0x595504 RemovePropA
0x595508 RemoveMenu
0x59550c ReleaseDC
0x595510 ReleaseCapture
0x595514 RegisterWindowMessageA
0x595518 RegisterClipboardFormatA
0x59551c RegisterClassA
0x595520 RedrawWindow
0x595524 PtInRect
0x595528 PostQuitMessage
0x59552c PostMessageA
0x595530 PeekMessageA
0x595534 OffsetRect
0x595538 OemToCharA
0x59553c MessageBoxA
0x595540 MapWindowPoints
0x595544 MapVirtualKeyA
0x595548 LoadStringA
0x59554c LoadKeyboardLayoutA
0x595550 LoadIconA
0x595554 LoadCursorA
0x595558 LoadBitmapA
0x59555c KillTimer
0x595560 IsZoomed
0x595564 IsWindowVisible
0x595568 IsWindowEnabled
0x59556c IsWindow
0x595570 IsRectEmpty
0x595574 IsIconic
0x595578 IsDialogMessageA
0x59557c IsChild
0x595580 InvalidateRect
0x595584 IntersectRect
0x595588 InsertMenuItemA
0x59558c InsertMenuA
0x595590 InflateRect
0x595594 GetWindowThreadProcessId
0x595598 GetWindowTextA
0x59559c GetWindowRect
0x5955a0 GetWindowPlacement
0x5955a4 GetWindowLongA
0x5955a8 GetWindowDC
0x5955ac GetTopWindow
0x5955b0 GetSystemMetrics
0x5955b4 GetSystemMenu
0x5955b8 GetSysColorBrush
0x5955bc GetSysColor
0x5955c0 GetSubMenu
0x5955c4 GetScrollRange
0x5955c8 GetScrollPos
0x5955cc GetScrollInfo
0x5955d0 GetPropA
0x5955d4 GetParent
0x5955d8 GetWindow
0x5955dc GetMessageTime
0x5955e0 GetMenuStringA
0x5955e4 GetMenuState
0x5955e8 GetMenuItemInfoA
0x5955ec GetMenuItemID
0x5955f0 GetMenuItemCount
0x5955f4 GetMenu
0x5955f8 GetLastActivePopup
0x5955fc GetKeyboardState
0x595600 GetKeyboardLayoutList
0x595604 GetKeyboardLayout
0x595608 GetKeyState
0x59560c GetKeyNameTextA
0x595610 GetIconInfo
0x595614 GetForegroundWindow
0x595618 GetFocus
0x59561c GetDesktopWindow
0x595620 GetDCEx
0x595624 GetDC
0x595628 GetCursorPos
0x59562c GetCursor
0x595630 GetClipboardData
0x595634 GetClientRect
0x595638 GetClassNameA
0x59563c GetClassInfoA
0x595640 GetCapture
0x595644 GetActiveWindow
0x595648 FrameRect
0x59564c FindWindowA
0x595650 FillRect
0x595654 EqualRect
0x595658 EnumWindows
0x59565c EnumThreadWindows
0x595660 EndPaint
0x595664 EnableWindow
0x595668 EnableScrollBar
0x59566c EnableMenuItem
0x595670 DrawTextA
0x595674 DrawMenuBar
0x595678 DrawIconEx
0x59567c DrawIcon
0x595680 DrawFrameControl
0x595684 DrawEdge
0x595688 DispatchMessageA
0x59568c DestroyWindow
0x595690 DestroyMenu
0x595694 DestroyIcon
0x595698 DestroyCursor
0x59569c DeleteMenu
0x5956a0 DefWindowProcA
0x5956a4 DefMDIChildProcA
0x5956a8 DefFrameProcA
0x5956ac CreatePopupMenu
0x5956b0 CreateMenu
0x5956b4 CreateIcon
0x5956b8 ClientToScreen
0x5956bc CheckMenuItem
0x5956c0 CallWindowProcA
0x5956c4 CallNextHookEx
0x5956c8 BeginPaint
0x5956cc CharNextA
0x5956d0 CharLowerBuffA
0x5956d4 CharLowerA
0x5956d8 CharToOemA
0x5956dc AdjustWindowRectEx
0x5956e0 ActivateKeyboardLayout
kernel32.dll
0x5956e8 Sleep
oleaut32.dll
0x5956f0 SafeArrayPtrOfIndex
0x5956f4 SafeArrayGetUBound
0x5956f8 SafeArrayGetLBound
0x5956fc SafeArrayCreate
0x595700 VariantChangeType
0x595704 VariantCopy
0x595708 VariantClear
0x59570c VariantInit
ole32.dll
0x595714 CreateStreamOnHGlobal
0x595718 IsAccelerator
0x59571c OleDraw
0x595720 OleSetMenuDescriptor
0x595724 CoTaskMemFree
0x595728 ProgIDFromCLSID
0x59572c StringFromCLSID
0x595730 CoCreateInstance
0x595734 CoGetClassObject
0x595738 CoUninitialize
0x59573c CoInitialize
0x595740 IsEqualGUID
oleaut32.dll
0x595748 GetErrorInfo
0x59574c GetActiveObject
0x595750 SysFreeString
comctl32.dll
0x595758 ImageList_SetIconSize
0x59575c ImageList_GetIconSize
0x595760 ImageList_Write
0x595764 ImageList_Read
0x595768 ImageList_GetDragImage
0x59576c ImageList_DragShowNolock
0x595770 ImageList_SetDragCursorImage
0x595774 ImageList_DragMove
0x595778 ImageList_DragLeave
0x59577c ImageList_DragEnter
0x595780 ImageList_EndDrag
0x595784 ImageList_BeginDrag
0x595788 ImageList_Remove
0x59578c ImageList_DrawEx
0x595790 ImageList_Draw
0x595794 ImageList_GetBkColor
0x595798 ImageList_SetBkColor
0x59579c ImageList_ReplaceIcon
0x5957a0 ImageList_Add
0x5957a4 ImageList_SetImageCount
0x5957a8 ImageList_GetImageCount
0x5957ac ImageList_Destroy
0x5957b0 ImageList_Create
EAT(Export Address Table) is none
kernel32.dll
0x595140 DeleteCriticalSection
0x595144 LeaveCriticalSection
0x595148 EnterCriticalSection
0x59514c InitializeCriticalSection
0x595150 VirtualFree
0x595154 VirtualAlloc
0x595158 LocalFree
0x59515c LocalAlloc
0x595160 GetTickCount
0x595164 QueryPerformanceCounter
0x595168 GetVersion
0x59516c GetCurrentThreadId
0x595170 InterlockedDecrement
0x595174 InterlockedIncrement
0x595178 VirtualQuery
0x59517c WideCharToMultiByte
0x595180 MultiByteToWideChar
0x595184 lstrlenA
0x595188 lstrcpynA
0x59518c LoadLibraryExA
0x595190 GetThreadLocale
0x595194 GetStartupInfoA
0x595198 GetProcAddress
0x59519c GetModuleHandleA
0x5951a0 GetModuleFileNameA
0x5951a4 GetLocaleInfoA
0x5951a8 GetCommandLineA
0x5951ac FreeLibrary
0x5951b0 FindFirstFileA
0x5951b4 FindClose
0x5951b8 ExitProcess
0x5951bc WriteFile
0x5951c0 UnhandledExceptionFilter
0x5951c4 RtlUnwind
0x5951c8 RaiseException
0x5951cc GetStdHandle
user32.dll
0x5951d4 GetKeyboardType
0x5951d8 LoadStringA
0x5951dc MessageBoxA
0x5951e0 CharNextA
advapi32.dll
0x5951e8 RegQueryValueExA
0x5951ec RegOpenKeyExA
0x5951f0 RegCloseKey
oleaut32.dll
0x5951f8 SysFreeString
0x5951fc SysReAllocStringLen
0x595200 SysAllocStringLen
kernel32.dll
0x595208 TlsSetValue
0x59520c TlsGetValue
0x595210 LocalAlloc
0x595214 GetModuleHandleA
advapi32.dll
0x59521c RegQueryValueExA
0x595220 RegOpenKeyExA
0x595224 RegCloseKey
kernel32.dll
0x59522c lstrcpyA
0x595230 WriteFile
0x595234 WaitForSingleObject
0x595238 VirtualQuery
0x59523c VirtualProtect
0x595240 VirtualAlloc
0x595244 Sleep
0x595248 SizeofResource
0x59524c SetThreadLocale
0x595250 SetFilePointer
0x595254 SetEvent
0x595258 SetErrorMode
0x59525c SetEndOfFile
0x595260 ResetEvent
0x595264 ReadFile
0x595268 MultiByteToWideChar
0x59526c MulDiv
0x595270 LockResource
0x595274 LoadResource
0x595278 LoadLibraryW
0x59527c LoadLibraryA
0x595280 LeaveCriticalSection
0x595284 InitializeCriticalSection
0x595288 GlobalUnlock
0x59528c GlobalSize
0x595290 GlobalReAlloc
0x595294 GlobalHandle
0x595298 GlobalLock
0x59529c GlobalFree
0x5952a0 GlobalFindAtomA
0x5952a4 GlobalDeleteAtom
0x5952a8 GlobalAlloc
0x5952ac GlobalAddAtomA
0x5952b0 GetVersionExA
0x5952b4 GetVersion
0x5952b8 GetUserDefaultLCID
0x5952bc GetTickCount
0x5952c0 GetThreadLocale
0x5952c4 GetSystemInfo
0x5952c8 GetStringTypeExA
0x5952cc GetStdHandle
0x5952d0 GetProcAddress
0x5952d4 GetModuleHandleW
0x5952d8 GetModuleHandleA
0x5952dc GetModuleFileNameA
0x5952e0 GetLocaleInfoA
0x5952e4 GetLocalTime
0x5952e8 GetLastError
0x5952ec GetFullPathNameA
0x5952f0 GetDiskFreeSpaceA
0x5952f4 GetDateFormatA
0x5952f8 GetCurrentThreadId
0x5952fc GetCurrentProcessId
0x595300 GetCurrentProcess
0x595304 GetComputerNameA
0x595308 GetCPInfo
0x59530c GetACP
0x595310 FreeResource
0x595314 InterlockedExchange
0x595318 FreeLibrary
0x59531c FormatMessageA
0x595320 FindResourceA
0x595324 EnumCalendarInfoA
0x595328 EnterCriticalSection
0x59532c DeleteCriticalSection
0x595330 CreateThread
0x595334 CreateFileA
0x595338 CreateEventA
0x59533c CompareStringA
0x595340 CloseHandle
version.dll
0x595348 VerQueryValueA
0x59534c GetFileVersionInfoSizeA
0x595350 GetFileVersionInfoA
gdi32.dll
0x595358 UnrealizeObject
0x59535c StretchBlt
0x595360 SetWindowOrgEx
0x595364 SetWinMetaFileBits
0x595368 SetViewportOrgEx
0x59536c SetTextColor
0x595370 SetStretchBltMode
0x595374 SetROP2
0x595378 SetPixel
0x59537c SetEnhMetaFileBits
0x595380 SetDIBColorTable
0x595384 SetBrushOrgEx
0x595388 SetBkMode
0x59538c SetBkColor
0x595390 SelectPalette
0x595394 SelectObject
0x595398 SelectClipRgn
0x59539c SaveDC
0x5953a0 RestoreDC
0x5953a4 RectVisible
0x5953a8 RealizePalette
0x5953ac PlayEnhMetaFile
0x5953b0 PatBlt
0x5953b4 MoveToEx
0x5953b8 MaskBlt
0x5953bc LineTo
0x5953c0 IntersectClipRect
0x5953c4 GetWindowOrgEx
0x5953c8 GetWinMetaFileBits
0x5953cc GetTextMetricsA
0x5953d0 GetTextExtentPoint32A
0x5953d4 GetSystemPaletteEntries
0x5953d8 GetStockObject
0x5953dc GetPolyFillMode
0x5953e0 GetPixelFormat
0x5953e4 GetPixel
0x5953e8 GetPaletteEntries
0x5953ec GetObjectA
0x5953f0 GetEnhMetaFilePaletteEntries
0x5953f4 GetEnhMetaFileHeader
0x5953f8 GetEnhMetaFileDescriptionA
0x5953fc GetEnhMetaFileBits
0x595400 GetDeviceCaps
0x595404 GetDIBits
0x595408 GetDIBColorTable
0x59540c GetDCOrgEx
0x595410 GetCurrentPositionEx
0x595414 GetClipBox
0x595418 GetBrushOrgEx
0x59541c GetBitmapBits
0x595420 ExcludeClipRect
0x595424 DeleteObject
0x595428 DeleteEnhMetaFile
0x59542c DeleteDC
0x595430 CreateSolidBrush
0x595434 CreatePenIndirect
0x595438 CreatePalette
0x59543c CreateHalftonePalette
0x595440 CreateFontIndirectA
0x595444 CreateEnhMetaFileA
0x595448 CreateDIBitmap
0x59544c CreateDIBSection
0x595450 CreateCompatibleDC
0x595454 CreateCompatibleBitmap
0x595458 CreateBrushIndirect
0x59545c CreateBitmap
0x595460 CopyEnhMetaFileA
0x595464 CloseEnhMetaFile
0x595468 BitBlt
user32.dll
0x595470 CreateWindowExA
0x595474 WindowFromPoint
0x595478 WinHelpA
0x59547c WaitMessage
0x595480 UpdateWindow
0x595484 UnregisterClassA
0x595488 UnhookWindowsHookEx
0x59548c TranslateMessage
0x595490 TranslateMDISysAccel
0x595494 TrackPopupMenu
0x595498 SystemParametersInfoA
0x59549c ShowWindow
0x5954a0 ShowScrollBar
0x5954a4 ShowOwnedPopups
0x5954a8 ShowCursor
0x5954ac SetWindowsHookExA
0x5954b0 SetWindowPos
0x5954b4 SetWindowPlacement
0x5954b8 SetWindowLongA
0x5954bc SetTimer
0x5954c0 SetScrollRange
0x5954c4 SetScrollPos
0x5954c8 SetScrollInfo
0x5954cc SetRect
0x5954d0 SetPropA
0x5954d4 SetParent
0x5954d8 SetMenuItemInfoA
0x5954dc SetMenu
0x5954e0 SetForegroundWindow
0x5954e4 SetFocus
0x5954e8 SetCursor
0x5954ec SetClassLongA
0x5954f0 SetCapture
0x5954f4 SetActiveWindow
0x5954f8 SendMessageA
0x5954fc ScrollWindow
0x595500 ScreenToClient
0x595504 RemovePropA
0x595508 RemoveMenu
0x59550c ReleaseDC
0x595510 ReleaseCapture
0x595514 RegisterWindowMessageA
0x595518 RegisterClipboardFormatA
0x59551c RegisterClassA
0x595520 RedrawWindow
0x595524 PtInRect
0x595528 PostQuitMessage
0x59552c PostMessageA
0x595530 PeekMessageA
0x595534 OffsetRect
0x595538 OemToCharA
0x59553c MessageBoxA
0x595540 MapWindowPoints
0x595544 MapVirtualKeyA
0x595548 LoadStringA
0x59554c LoadKeyboardLayoutA
0x595550 LoadIconA
0x595554 LoadCursorA
0x595558 LoadBitmapA
0x59555c KillTimer
0x595560 IsZoomed
0x595564 IsWindowVisible
0x595568 IsWindowEnabled
0x59556c IsWindow
0x595570 IsRectEmpty
0x595574 IsIconic
0x595578 IsDialogMessageA
0x59557c IsChild
0x595580 InvalidateRect
0x595584 IntersectRect
0x595588 InsertMenuItemA
0x59558c InsertMenuA
0x595590 InflateRect
0x595594 GetWindowThreadProcessId
0x595598 GetWindowTextA
0x59559c GetWindowRect
0x5955a0 GetWindowPlacement
0x5955a4 GetWindowLongA
0x5955a8 GetWindowDC
0x5955ac GetTopWindow
0x5955b0 GetSystemMetrics
0x5955b4 GetSystemMenu
0x5955b8 GetSysColorBrush
0x5955bc GetSysColor
0x5955c0 GetSubMenu
0x5955c4 GetScrollRange
0x5955c8 GetScrollPos
0x5955cc GetScrollInfo
0x5955d0 GetPropA
0x5955d4 GetParent
0x5955d8 GetWindow
0x5955dc GetMessageTime
0x5955e0 GetMenuStringA
0x5955e4 GetMenuState
0x5955e8 GetMenuItemInfoA
0x5955ec GetMenuItemID
0x5955f0 GetMenuItemCount
0x5955f4 GetMenu
0x5955f8 GetLastActivePopup
0x5955fc GetKeyboardState
0x595600 GetKeyboardLayoutList
0x595604 GetKeyboardLayout
0x595608 GetKeyState
0x59560c GetKeyNameTextA
0x595610 GetIconInfo
0x595614 GetForegroundWindow
0x595618 GetFocus
0x59561c GetDesktopWindow
0x595620 GetDCEx
0x595624 GetDC
0x595628 GetCursorPos
0x59562c GetCursor
0x595630 GetClipboardData
0x595634 GetClientRect
0x595638 GetClassNameA
0x59563c GetClassInfoA
0x595640 GetCapture
0x595644 GetActiveWindow
0x595648 FrameRect
0x59564c FindWindowA
0x595650 FillRect
0x595654 EqualRect
0x595658 EnumWindows
0x59565c EnumThreadWindows
0x595660 EndPaint
0x595664 EnableWindow
0x595668 EnableScrollBar
0x59566c EnableMenuItem
0x595670 DrawTextA
0x595674 DrawMenuBar
0x595678 DrawIconEx
0x59567c DrawIcon
0x595680 DrawFrameControl
0x595684 DrawEdge
0x595688 DispatchMessageA
0x59568c DestroyWindow
0x595690 DestroyMenu
0x595694 DestroyIcon
0x595698 DestroyCursor
0x59569c DeleteMenu
0x5956a0 DefWindowProcA
0x5956a4 DefMDIChildProcA
0x5956a8 DefFrameProcA
0x5956ac CreatePopupMenu
0x5956b0 CreateMenu
0x5956b4 CreateIcon
0x5956b8 ClientToScreen
0x5956bc CheckMenuItem
0x5956c0 CallWindowProcA
0x5956c4 CallNextHookEx
0x5956c8 BeginPaint
0x5956cc CharNextA
0x5956d0 CharLowerBuffA
0x5956d4 CharLowerA
0x5956d8 CharToOemA
0x5956dc AdjustWindowRectEx
0x5956e0 ActivateKeyboardLayout
kernel32.dll
0x5956e8 Sleep
oleaut32.dll
0x5956f0 SafeArrayPtrOfIndex
0x5956f4 SafeArrayGetUBound
0x5956f8 SafeArrayGetLBound
0x5956fc SafeArrayCreate
0x595700 VariantChangeType
0x595704 VariantCopy
0x595708 VariantClear
0x59570c VariantInit
ole32.dll
0x595714 CreateStreamOnHGlobal
0x595718 IsAccelerator
0x59571c OleDraw
0x595720 OleSetMenuDescriptor
0x595724 CoTaskMemFree
0x595728 ProgIDFromCLSID
0x59572c StringFromCLSID
0x595730 CoCreateInstance
0x595734 CoGetClassObject
0x595738 CoUninitialize
0x59573c CoInitialize
0x595740 IsEqualGUID
oleaut32.dll
0x595748 GetErrorInfo
0x59574c GetActiveObject
0x595750 SysFreeString
comctl32.dll
0x595758 ImageList_SetIconSize
0x59575c ImageList_GetIconSize
0x595760 ImageList_Write
0x595764 ImageList_Read
0x595768 ImageList_GetDragImage
0x59576c ImageList_DragShowNolock
0x595770 ImageList_SetDragCursorImage
0x595774 ImageList_DragMove
0x595778 ImageList_DragLeave
0x59577c ImageList_DragEnter
0x595780 ImageList_EndDrag
0x595784 ImageList_BeginDrag
0x595788 ImageList_Remove
0x59578c ImageList_DrawEx
0x595790 ImageList_Draw
0x595794 ImageList_GetBkColor
0x595798 ImageList_SetBkColor
0x59579c ImageList_ReplaceIcon
0x5957a0 ImageList_Add
0x5957a4 ImageList_SetImageCount
0x5957a8 ImageList_GetImageCount
0x5957ac ImageList_Destroy
0x5957b0 ImageList_Create
EAT(Export Address Table) is none