ScreenShot
| Created | 2023.12.11 19:39 | Machine | s1_win7_x6401 |
| Filename | scan-docs.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 43 detected (AIDetectMalware, Shella, tsuI, GenericKD, unsafe, Attribute, HighConfidence, AGBK, TrojanX, Gencirc, aaysu, SMOKELOADER, YXDLGZ, ABRisk, MHEX, Fragtor, Malware@#1cwxb4kivt4d2, Detected, ai score=88, BScope, Chgt, CLOUD, susgen, MALICIOUS, confidence, 100%) | ||
| md5 | 03727c8d3165d315b14dc409305c2693 | ||
| sha256 | c4f182c69e3f8cfbf4f6b61741ad0112487d76c84ffe70f65c93591d3a1c7b67 | ||
| ssdeep | 49152:qV6wycJOSI86L8kE4dMIXQSgOOOMAiBlBdmL/4+4La+kM/WiGHi8o0jJC32Sar2p:qV6wTkEFu4La+T8o0jJW2l8dFfjnEix | ||
| imphash | 569d95634422bbf7f6916f8e0ccd7e88 | ||
| impfuzzy | 192:NWlUhW/y5x166wIFunUzmdjO5QTOOhxdOoTFQshhbRzxcr:NMi664RO5QTOOdOop3Vzxo | ||
Network IP location
Signature (13cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 43 AntiVirus engines on VirusTotal as malicious |
| danger | Executed a process and injected code into it |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Harvests credentials from local email clients |
| watch | Potential code injection by writing to the memory of another process |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Foreign language identified in PE resource |
| notice | One or more potentially interesting buffers were extracted |
| notice | Queries for potentially installed applications |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
winspool.drv
0x955a14 DocumentPropertiesW
0x955a18 ClosePrinter
0x955a1c OpenPrinterW
0x955a20 GetDefaultPrinterW
0x955a24 EnumPrintersW
comdlg32.dll
0x955a2c GetSaveFileNameW
0x955a30 GetOpenFileNameW
0x955a34 PrintDlgW
shell32.dll
0x955ad0 SHBrowseForFolderW
0x955ad4 SHGetMalloc
0x955ad8 SHGetFolderPathW
0x955adc SHGetDesktopFolder
0x955ae0 Shell_NotifyIconW
0x955ae4 ShellExecuteW
0x955ae8 SHGetPathFromIDListW
0x955aec ShellExecuteExW
user32.dll
0x955af4 CopyImage
0x955af8 SetMenuItemInfoW
0x955afc GetMenuItemInfoW
0x955b00 SetCaretPos
0x955b04 GetCaretPos
0x955b08 DefFrameProcW
0x955b0c ScrollWindowEx
0x955b10 GetDlgCtrlID
0x955b14 FrameRect
0x955b18 RegisterWindowMessageW
0x955b1c GetMenuStringW
0x955b20 FillRect
0x955b24 SendMessageA
0x955b28 IsClipboardFormatAvailable
0x955b2c EnumWindows
0x955b30 ShowOwnedPopups
0x955b34 GetClassInfoW
0x955b38 GetScrollRange
0x955b3c SetActiveWindow
0x955b40 GetActiveWindow
0x955b44 DrawEdge
0x955b48 GetKeyboardLayoutList
0x955b4c LoadBitmapW
0x955b50 EnumChildWindows
0x955b54 GetScrollBarInfo
0x955b58 UnhookWindowsHookEx
0x955b5c SetCapture
0x955b60 GetCapture
0x955b64 ShowCaret
0x955b68 CreatePopupMenu
0x955b6c GetMenuItemID
0x955b70 DestroyCaret
0x955b74 CharLowerBuffW
0x955b78 PostMessageW
0x955b7c SetWindowLongW
0x955b80 IsZoomed
0x955b84 SetParent
0x955b88 DrawMenuBar
0x955b8c GetClientRect
0x955b90 IsChild
0x955b94 IsIconic
0x955b98 CallNextHookEx
0x955b9c ShowWindow
0x955ba0 GetWindowTextW
0x955ba4 SetForegroundWindow
0x955ba8 IsDialogMessageW
0x955bac DestroyWindow
0x955bb0 RegisterClassW
0x955bb4 EndMenu
0x955bb8 CharNextW
0x955bbc GetFocus
0x955bc0 GetDC
0x955bc4 SetFocus
0x955bc8 ReleaseDC
0x955bcc ExitWindowsEx
0x955bd0 GetClassLongW
0x955bd4 SetScrollRange
0x955bd8 DrawTextW
0x955bdc PeekMessageA
0x955be0 MessageBeep
0x955be4 SetClassLongW
0x955be8 RemovePropW
0x955bec GetSubMenu
0x955bf0 DestroyIcon
0x955bf4 IsWindowVisible
0x955bf8 DispatchMessageA
0x955bfc UnregisterClassW
0x955c00 GetTopWindow
0x955c04 SendMessageW
0x955c08 GetMessageTime
0x955c0c LoadStringW
0x955c10 CreateMenu
0x955c14 CharLowerW
0x955c18 SetWindowRgn
0x955c1c SetWindowPos
0x955c20 GetMenuItemCount
0x955c24 GetSysColorBrush
0x955c28 GetWindowDC
0x955c2c DrawTextExW
0x955c30 EnumClipboardFormats
0x955c34 GetScrollInfo
0x955c38 SetWindowTextW
0x955c3c GetMessageExtraInfo
0x955c40 GetSysColor
0x955c44 EnableScrollBar
0x955c48 TrackPopupMenu
0x955c4c DrawIconEx
0x955c50 GetClassNameW
0x955c54 GetMessagePos
0x955c58 GetIconInfo
0x955c5c SetScrollInfo
0x955c60 GetKeyNameTextW
0x955c64 GetDesktopWindow
0x955c68 SetCursorPos
0x955c6c GetCursorPos
0x955c70 SetMenu
0x955c74 GetMenuState
0x955c78 GetMenu
0x955c7c SetRect
0x955c80 GetKeyState
0x955c84 ValidateRect
0x955c88 IsCharAlphaW
0x955c8c GetCursor
0x955c90 KillTimer
0x955c94 WaitMessage
0x955c98 TranslateMDISysAccel
0x955c9c GetWindowPlacement
0x955ca0 CreateWindowExW
0x955ca4 GetDCEx
0x955ca8 PeekMessageW
0x955cac MonitorFromWindow
0x955cb0 GetUpdateRect
0x955cb4 SetTimer
0x955cb8 WindowFromPoint
0x955cbc BeginPaint
0x955cc0 RegisterClipboardFormatW
0x955cc4 MapVirtualKeyW
0x955cc8 IsWindowUnicode
0x955ccc DispatchMessageW
0x955cd0 CreateAcceleratorTableW
0x955cd4 DefMDIChildProcW
0x955cd8 GetSystemMenu
0x955cdc SetScrollPos
0x955ce0 GetScrollPos
0x955ce4 DrawFocusRect
0x955ce8 ReleaseCapture
0x955cec LoadCursorW
0x955cf0 ScrollWindow
0x955cf4 GetLastActivePopup
0x955cf8 GetSystemMetrics
0x955cfc CharUpperBuffW
0x955d00 SetClipboardData
0x955d04 GetClipboardData
0x955d08 ClientToScreen
0x955d0c SetWindowPlacement
0x955d10 GetMonitorInfoW
0x955d14 CheckMenuItem
0x955d18 CharUpperW
0x955d1c DefWindowProcW
0x955d20 GetForegroundWindow
0x955d24 EnableWindow
0x955d28 GetWindowThreadProcessId
0x955d2c RedrawWindow
0x955d30 EndPaint
0x955d34 MsgWaitForMultipleObjectsEx
0x955d38 LoadKeyboardLayoutW
0x955d3c ActivateKeyboardLayout
0x955d40 GetParent
0x955d44 CreateCaret
0x955d48 MonitorFromRect
0x955d4c InsertMenuItemW
0x955d50 GetPropW
0x955d54 MessageBoxW
0x955d58 SetPropW
0x955d5c UpdateWindow
0x955d60 MsgWaitForMultipleObjects
0x955d64 DestroyMenu
0x955d68 SetWindowsHookExW
0x955d6c GetDoubleClickTime
0x955d70 EmptyClipboard
0x955d74 GetDlgItem
0x955d78 AdjustWindowRectEx
0x955d7c IsWindow
0x955d80 DrawIcon
0x955d84 EnumThreadWindows
0x955d88 InvalidateRect
0x955d8c SetKeyboardState
0x955d90 GetKeyboardState
0x955d94 ScreenToClient
0x955d98 DrawFrameControl
0x955d9c IsCharAlphaNumericW
0x955da0 SetCursor
0x955da4 CreateIcon
0x955da8 RemoveMenu
0x955dac GetKeyboardLayoutNameW
0x955db0 OpenClipboard
0x955db4 TranslateMessage
0x955db8 MapWindowPoints
0x955dbc EnumDisplayMonitors
0x955dc0 CountClipboardFormats
0x955dc4 CallWindowProcW
0x955dc8 CloseClipboard
0x955dcc DestroyCursor
0x955dd0 CopyIcon
0x955dd4 PostQuitMessage
0x955dd8 ShowScrollBar
0x955ddc EnableMenuItem
0x955de0 HideCaret
0x955de4 FindWindowExW
0x955de8 MonitorFromPoint
0x955dec LoadIconW
0x955df0 SystemParametersInfoW
0x955df4 GetWindow
0x955df8 GetWindowRect
0x955dfc GetWindowLongW
0x955e00 InsertMenuW
0x955e04 IsWindowEnabled
0x955e08 IsDialogMessageA
0x955e0c FindWindowW
0x955e10 GetKeyboardLayout
0x955e14 DeleteMenu
version.dll
0x955e1c GetFileVersionInfoSizeW
0x955e20 VerQueryValueW
0x955e24 GetFileVersionInfoW
oleaut32.dll
0x955e2c GetErrorInfo
0x955e30 SysFreeString
0x955e34 VariantClear
0x955e38 VariantInit
0x955e3c SysReAllocStringLen
0x955e40 SafeArrayCreate
0x955e44 SafeArrayGetElement
0x955e48 SysAllocStringLen
0x955e4c SafeArrayPtrOfIndex
0x955e50 SafeArrayGetUBound
0x955e54 SafeArrayGetLBound
0x955e58 VariantCopy
0x955e5c VariantChangeType
advapi32.dll
0x955e64 CloseServiceHandle
0x955e68 RegSetValueExW
0x955e6c RegConnectRegistryW
0x955e70 RegEnumKeyExW
0x955e74 RegLoadKeyW
0x955e78 AdjustTokenPrivileges
0x955e7c RegDeleteKeyW
0x955e80 LookupPrivilegeValueW
0x955e84 OpenSCManagerW
0x955e88 OpenProcessToken
0x955e8c RegOpenKeyExW
0x955e90 RegQueryInfoKeyW
0x955e94 RegUnLoadKeyW
0x955e98 RegSaveKeyW
0x955e9c RegDeleteValueW
0x955ea0 RegReplaceKeyW
0x955ea4 RegFlushKey
0x955ea8 RegQueryValueExW
0x955eac RegEnumValueW
0x955eb0 RegCloseKey
0x955eb4 RegCreateKeyExW
0x955eb8 RegRestoreKeyW
msvcrt.dll
0x955ecc memcpy
0x955ed0 memset
kernel32.dll
0x955f28 GetACP
0x955f2c LocalFree
0x955f30 CloseHandle
0x955f34 GetCurrentProcessId
0x955f38 SizeofResource
0x955f3c VirtualProtect
0x955f40 TerminateThread
0x955f44 QueryPerformanceFrequency
0x955f48 IsDebuggerPresent
0x955f4c FindNextFileW
0x955f50 GetFullPathNameW
0x955f54 VirtualFree
0x955f58 ExitProcess
0x955f5c HeapAlloc
0x955f60 GetCPInfoExW
0x955f64 GlobalSize
0x955f68 RtlUnwind
0x955f6c GetCPInfo
0x955f70 EnumSystemLocalesW
0x955f74 GetStdHandle
0x955f78 GetTimeZoneInformation
0x955f7c FileTimeToLocalFileTime
0x955f80 GetModuleHandleW
0x955f84 FreeLibrary
0x955f88 TryEnterCriticalSection
0x955f8c HeapDestroy
0x955f90 FileTimeToDosDateTime
0x955f94 ReadFile
0x955f98 HeapSize
0x955f9c GetLastError
0x955fa0 GetModuleFileNameW
0x955fa4 SetLastError
0x955fa8 GlobalAlloc
0x955fac GlobalUnlock
0x955fb0 FindResourceW
0x955fb4 CreateThread
0x955fb8 CompareStringW
0x955fbc CopyFileW
0x955fc0 LoadLibraryA
0x955fc4 ResetEvent
0x955fc8 GetVolumeInformationW
0x955fcc MulDiv
0x955fd0 FreeResource
0x955fd4 GetVersion
0x955fd8 RaiseException
0x955fdc MoveFileW
0x955fe0 GlobalAddAtomW
0x955fe4 FormatMessageW
0x955fe8 SwitchToThread
0x955fec GetExitCodeThread
0x955ff0 OutputDebugStringW
0x955ff4 GetCurrentThread
0x955ff8 LoadLibraryExW
0x955ffc LockResource
0x956000 FileTimeToSystemTime
0x956004 GetCurrentThreadId
0x956008 UnhandledExceptionFilter
0x95600c VirtualQuery
0x956010 GlobalFindAtomW
0x956014 VirtualQueryEx
0x956018 GlobalFree
0x95601c Sleep
0x956020 EnterCriticalSection
0x956024 SetFilePointer
0x956028 LoadResource
0x95602c SuspendThread
0x956030 GetTickCount
0x956034 GetStartupInfoW
0x956038 GlobalDeleteAtom
0x95603c GetFileAttributesW
0x956040 InitializeCriticalSection
0x956044 GetThreadPriority
0x956048 GetCurrentProcess
0x95604c SetThreadPriority
0x956050 GlobalLock
0x956054 VirtualAlloc
0x956058 GetSystemInfo
0x95605c GetCommandLineW
0x956060 GetTempPathW
0x956064 LeaveCriticalSection
0x956068 GetProcAddress
0x95606c ResumeThread
0x956070 GetVersionExW
0x956074 VerifyVersionInfoW
0x956078 HeapCreate
0x95607c LCMapStringW
0x956080 GetDiskFreeSpaceW
0x956084 VerSetConditionMask
0x956088 FindFirstFileW
0x95608c GetUserDefaultUILanguage
0x956090 lstrlenW
0x956094 QueryPerformanceCounter
0x956098 SetEndOfFile
0x95609c HeapFree
0x9560a0 WideCharToMultiByte
0x9560a4 FindClose
0x9560a8 MultiByteToWideChar
0x9560ac LoadLibraryW
0x9560b0 SetEvent
0x9560b4 CreateFileW
0x9560b8 GetLocaleInfoW
0x9560bc EnumResourceNamesW
0x9560c0 DeleteFileW
0x9560c4 GetEnvironmentVariableW
0x9560c8 GetLocalTime
0x9560cc WaitForSingleObject
0x9560d0 WriteFile
0x9560d4 ExitThread
0x9560d8 DeleteCriticalSection
0x9560dc GetDateFormatW
0x9560e0 TlsGetValue
0x9560e4 SetErrorMode
0x9560e8 IsValidLocale
0x9560ec TlsSetValue
0x9560f0 CreateDirectoryW
0x9560f4 GetSystemDefaultUILanguage
0x9560f8 EnumCalendarInfoW
0x9560fc LocalAlloc
0x956100 RemoveDirectoryW
0x956104 CreateEventW
0x956108 WaitForMultipleObjectsEx
0x95610c SetThreadLocale
0x956110 GetThreadLocale
ole32.dll
0x956118 IsEqualGUID
0x95611c OleInitialize
0x956120 CLSIDFromProgID
0x956124 OleUninitialize
0x956128 CoInitialize
0x95612c CoCreateInstance
0x956130 CoUninitialize
0x956134 CoTaskMemFree
0x956138 CoTaskMemAlloc
0x95613c StringFromCLSID
gdi32.dll
0x956144 Pie
0x956148 SetBkMode
0x95614c CreateCompatibleBitmap
0x956150 BeginPath
0x956154 GetEnhMetaFileHeader
0x956158 CloseEnhMetaFile
0x95615c RectVisible
0x956160 AngleArc
0x956164 StrokeAndFillPath
0x956168 ResizePalette
0x95616c SetAbortProc
0x956170 SetTextColor
0x956174 StretchBlt
0x956178 RoundRect
0x95617c SelectClipRgn
0x956180 RestoreDC
0x956184 SetRectRgn
0x956188 GetTextMetricsW
0x95618c GetWindowOrgEx
0x956190 CreatePalette
0x956194 PolyBezierTo
0x956198 CreateICW
0x95619c CreateDCW
0x9561a0 GetStockObject
0x9561a4 CreateSolidBrush
0x9561a8 Polygon
0x9561ac MoveToEx
0x9561b0 PlayEnhMetaFile
0x9561b4 Ellipse
0x9561b8 StartPage
0x9561bc GetBitmapBits
0x9561c0 StartDocW
0x9561c4 AbortDoc
0x9561c8 GetSystemPaletteEntries
0x9561cc GetEnhMetaFileBits
0x9561d0 GetEnhMetaFilePaletteEntries
0x9561d4 CreatePenIndirect
0x9561d8 SetMapMode
0x9561dc CreateFontIndirectW
0x9561e0 PolyBezier
0x9561e4 ExtCreatePen
0x9561e8 EndDoc
0x9561ec GetObjectW
0x9561f0 GetWinMetaFileBits
0x9561f4 SetROP2
0x9561f8 GetEnhMetaFileDescriptionW
0x9561fc ArcTo
0x956200 CreateEnhMetaFileW
0x956204 Arc
0x956208 SelectPalette
0x95620c ExcludeClipRect
0x956210 MaskBlt
0x956214 SetWindowOrgEx
0x956218 EndPath
0x95621c EndPage
0x956220 DeleteEnhMetaFile
0x956224 Chord
0x956228 SetDIBits
0x95622c SetViewportOrgEx
0x956230 CreateRectRgn
0x956234 RealizePalette
0x956238 SetDIBColorTable
0x95623c GetDIBColorTable
0x956240 CreateBrushIndirect
0x956244 PatBlt
0x956248 SetEnhMetaFileBits
0x95624c Rectangle
0x956250 SaveDC
0x956254 DeleteDC
0x956258 BitBlt
0x95625c FrameRgn
0x956260 GetDeviceCaps
0x956264 GetTextExtentPoint32W
0x956268 GetClipBox
0x95626c IntersectClipRect
0x956270 Polyline
0x956274 CreateBitmap
0x956278 SetWinMetaFileBits
0x95627c GetStretchBltMode
0x956280 CreateDIBitmap
0x956284 SetStretchBltMode
0x956288 GetDIBits
0x95628c CreateDIBSection
0x956290 LineTo
0x956294 GetRgnBox
0x956298 EnumFontsW
0x95629c SetWindowExtEx
0x9562a0 CreateHalftonePalette
0x9562a4 SelectObject
0x9562a8 DeleteObject
0x9562ac ExtFloodFill
0x9562b0 UnrealizeObject
0x9562b4 CopyEnhMetaFileW
0x9562b8 SetBkColor
0x9562bc CreateCompatibleDC
0x9562c0 GetBrushOrgEx
0x9562c4 GetCurrentPositionEx
0x9562c8 GetNearestPaletteIndex
0x9562cc GetTextExtentPointW
0x9562d0 ExtTextOutW
0x9562d4 SetBrushOrgEx
0x9562d8 GetPixel
0x9562dc GdiFlush
0x9562e0 SetViewportExtEx
0x9562e4 SetPixel
0x9562e8 PolyPolyline
0x9562ec EnumFontFamiliesExW
0x9562f0 StretchDIBits
0x9562f4 GetPaletteEntries
EAT(Export Address Table) Library
0x4da454 TMethodImplementationIntercept
0x411328 __dbk_fcall_wrapper
0x8a6640 dbkFCallWrapperAddr
winspool.drv
0x955a14 DocumentPropertiesW
0x955a18 ClosePrinter
0x955a1c OpenPrinterW
0x955a20 GetDefaultPrinterW
0x955a24 EnumPrintersW
comdlg32.dll
0x955a2c GetSaveFileNameW
0x955a30 GetOpenFileNameW
0x955a34 PrintDlgW
shell32.dll
0x955ad0 SHBrowseForFolderW
0x955ad4 SHGetMalloc
0x955ad8 SHGetFolderPathW
0x955adc SHGetDesktopFolder
0x955ae0 Shell_NotifyIconW
0x955ae4 ShellExecuteW
0x955ae8 SHGetPathFromIDListW
0x955aec ShellExecuteExW
user32.dll
0x955af4 CopyImage
0x955af8 SetMenuItemInfoW
0x955afc GetMenuItemInfoW
0x955b00 SetCaretPos
0x955b04 GetCaretPos
0x955b08 DefFrameProcW
0x955b0c ScrollWindowEx
0x955b10 GetDlgCtrlID
0x955b14 FrameRect
0x955b18 RegisterWindowMessageW
0x955b1c GetMenuStringW
0x955b20 FillRect
0x955b24 SendMessageA
0x955b28 IsClipboardFormatAvailable
0x955b2c EnumWindows
0x955b30 ShowOwnedPopups
0x955b34 GetClassInfoW
0x955b38 GetScrollRange
0x955b3c SetActiveWindow
0x955b40 GetActiveWindow
0x955b44 DrawEdge
0x955b48 GetKeyboardLayoutList
0x955b4c LoadBitmapW
0x955b50 EnumChildWindows
0x955b54 GetScrollBarInfo
0x955b58 UnhookWindowsHookEx
0x955b5c SetCapture
0x955b60 GetCapture
0x955b64 ShowCaret
0x955b68 CreatePopupMenu
0x955b6c GetMenuItemID
0x955b70 DestroyCaret
0x955b74 CharLowerBuffW
0x955b78 PostMessageW
0x955b7c SetWindowLongW
0x955b80 IsZoomed
0x955b84 SetParent
0x955b88 DrawMenuBar
0x955b8c GetClientRect
0x955b90 IsChild
0x955b94 IsIconic
0x955b98 CallNextHookEx
0x955b9c ShowWindow
0x955ba0 GetWindowTextW
0x955ba4 SetForegroundWindow
0x955ba8 IsDialogMessageW
0x955bac DestroyWindow
0x955bb0 RegisterClassW
0x955bb4 EndMenu
0x955bb8 CharNextW
0x955bbc GetFocus
0x955bc0 GetDC
0x955bc4 SetFocus
0x955bc8 ReleaseDC
0x955bcc ExitWindowsEx
0x955bd0 GetClassLongW
0x955bd4 SetScrollRange
0x955bd8 DrawTextW
0x955bdc PeekMessageA
0x955be0 MessageBeep
0x955be4 SetClassLongW
0x955be8 RemovePropW
0x955bec GetSubMenu
0x955bf0 DestroyIcon
0x955bf4 IsWindowVisible
0x955bf8 DispatchMessageA
0x955bfc UnregisterClassW
0x955c00 GetTopWindow
0x955c04 SendMessageW
0x955c08 GetMessageTime
0x955c0c LoadStringW
0x955c10 CreateMenu
0x955c14 CharLowerW
0x955c18 SetWindowRgn
0x955c1c SetWindowPos
0x955c20 GetMenuItemCount
0x955c24 GetSysColorBrush
0x955c28 GetWindowDC
0x955c2c DrawTextExW
0x955c30 EnumClipboardFormats
0x955c34 GetScrollInfo
0x955c38 SetWindowTextW
0x955c3c GetMessageExtraInfo
0x955c40 GetSysColor
0x955c44 EnableScrollBar
0x955c48 TrackPopupMenu
0x955c4c DrawIconEx
0x955c50 GetClassNameW
0x955c54 GetMessagePos
0x955c58 GetIconInfo
0x955c5c SetScrollInfo
0x955c60 GetKeyNameTextW
0x955c64 GetDesktopWindow
0x955c68 SetCursorPos
0x955c6c GetCursorPos
0x955c70 SetMenu
0x955c74 GetMenuState
0x955c78 GetMenu
0x955c7c SetRect
0x955c80 GetKeyState
0x955c84 ValidateRect
0x955c88 IsCharAlphaW
0x955c8c GetCursor
0x955c90 KillTimer
0x955c94 WaitMessage
0x955c98 TranslateMDISysAccel
0x955c9c GetWindowPlacement
0x955ca0 CreateWindowExW
0x955ca4 GetDCEx
0x955ca8 PeekMessageW
0x955cac MonitorFromWindow
0x955cb0 GetUpdateRect
0x955cb4 SetTimer
0x955cb8 WindowFromPoint
0x955cbc BeginPaint
0x955cc0 RegisterClipboardFormatW
0x955cc4 MapVirtualKeyW
0x955cc8 IsWindowUnicode
0x955ccc DispatchMessageW
0x955cd0 CreateAcceleratorTableW
0x955cd4 DefMDIChildProcW
0x955cd8 GetSystemMenu
0x955cdc SetScrollPos
0x955ce0 GetScrollPos
0x955ce4 DrawFocusRect
0x955ce8 ReleaseCapture
0x955cec LoadCursorW
0x955cf0 ScrollWindow
0x955cf4 GetLastActivePopup
0x955cf8 GetSystemMetrics
0x955cfc CharUpperBuffW
0x955d00 SetClipboardData
0x955d04 GetClipboardData
0x955d08 ClientToScreen
0x955d0c SetWindowPlacement
0x955d10 GetMonitorInfoW
0x955d14 CheckMenuItem
0x955d18 CharUpperW
0x955d1c DefWindowProcW
0x955d20 GetForegroundWindow
0x955d24 EnableWindow
0x955d28 GetWindowThreadProcessId
0x955d2c RedrawWindow
0x955d30 EndPaint
0x955d34 MsgWaitForMultipleObjectsEx
0x955d38 LoadKeyboardLayoutW
0x955d3c ActivateKeyboardLayout
0x955d40 GetParent
0x955d44 CreateCaret
0x955d48 MonitorFromRect
0x955d4c InsertMenuItemW
0x955d50 GetPropW
0x955d54 MessageBoxW
0x955d58 SetPropW
0x955d5c UpdateWindow
0x955d60 MsgWaitForMultipleObjects
0x955d64 DestroyMenu
0x955d68 SetWindowsHookExW
0x955d6c GetDoubleClickTime
0x955d70 EmptyClipboard
0x955d74 GetDlgItem
0x955d78 AdjustWindowRectEx
0x955d7c IsWindow
0x955d80 DrawIcon
0x955d84 EnumThreadWindows
0x955d88 InvalidateRect
0x955d8c SetKeyboardState
0x955d90 GetKeyboardState
0x955d94 ScreenToClient
0x955d98 DrawFrameControl
0x955d9c IsCharAlphaNumericW
0x955da0 SetCursor
0x955da4 CreateIcon
0x955da8 RemoveMenu
0x955dac GetKeyboardLayoutNameW
0x955db0 OpenClipboard
0x955db4 TranslateMessage
0x955db8 MapWindowPoints
0x955dbc EnumDisplayMonitors
0x955dc0 CountClipboardFormats
0x955dc4 CallWindowProcW
0x955dc8 CloseClipboard
0x955dcc DestroyCursor
0x955dd0 CopyIcon
0x955dd4 PostQuitMessage
0x955dd8 ShowScrollBar
0x955ddc EnableMenuItem
0x955de0 HideCaret
0x955de4 FindWindowExW
0x955de8 MonitorFromPoint
0x955dec LoadIconW
0x955df0 SystemParametersInfoW
0x955df4 GetWindow
0x955df8 GetWindowRect
0x955dfc GetWindowLongW
0x955e00 InsertMenuW
0x955e04 IsWindowEnabled
0x955e08 IsDialogMessageA
0x955e0c FindWindowW
0x955e10 GetKeyboardLayout
0x955e14 DeleteMenu
version.dll
0x955e1c GetFileVersionInfoSizeW
0x955e20 VerQueryValueW
0x955e24 GetFileVersionInfoW
oleaut32.dll
0x955e2c GetErrorInfo
0x955e30 SysFreeString
0x955e34 VariantClear
0x955e38 VariantInit
0x955e3c SysReAllocStringLen
0x955e40 SafeArrayCreate
0x955e44 SafeArrayGetElement
0x955e48 SysAllocStringLen
0x955e4c SafeArrayPtrOfIndex
0x955e50 SafeArrayGetUBound
0x955e54 SafeArrayGetLBound
0x955e58 VariantCopy
0x955e5c VariantChangeType
advapi32.dll
0x955e64 CloseServiceHandle
0x955e68 RegSetValueExW
0x955e6c RegConnectRegistryW
0x955e70 RegEnumKeyExW
0x955e74 RegLoadKeyW
0x955e78 AdjustTokenPrivileges
0x955e7c RegDeleteKeyW
0x955e80 LookupPrivilegeValueW
0x955e84 OpenSCManagerW
0x955e88 OpenProcessToken
0x955e8c RegOpenKeyExW
0x955e90 RegQueryInfoKeyW
0x955e94 RegUnLoadKeyW
0x955e98 RegSaveKeyW
0x955e9c RegDeleteValueW
0x955ea0 RegReplaceKeyW
0x955ea4 RegFlushKey
0x955ea8 RegQueryValueExW
0x955eac RegEnumValueW
0x955eb0 RegCloseKey
0x955eb4 RegCreateKeyExW
0x955eb8 RegRestoreKeyW
msvcrt.dll
0x955ecc memcpy
0x955ed0 memset
kernel32.dll
0x955f28 GetACP
0x955f2c LocalFree
0x955f30 CloseHandle
0x955f34 GetCurrentProcessId
0x955f38 SizeofResource
0x955f3c VirtualProtect
0x955f40 TerminateThread
0x955f44 QueryPerformanceFrequency
0x955f48 IsDebuggerPresent
0x955f4c FindNextFileW
0x955f50 GetFullPathNameW
0x955f54 VirtualFree
0x955f58 ExitProcess
0x955f5c HeapAlloc
0x955f60 GetCPInfoExW
0x955f64 GlobalSize
0x955f68 RtlUnwind
0x955f6c GetCPInfo
0x955f70 EnumSystemLocalesW
0x955f74 GetStdHandle
0x955f78 GetTimeZoneInformation
0x955f7c FileTimeToLocalFileTime
0x955f80 GetModuleHandleW
0x955f84 FreeLibrary
0x955f88 TryEnterCriticalSection
0x955f8c HeapDestroy
0x955f90 FileTimeToDosDateTime
0x955f94 ReadFile
0x955f98 HeapSize
0x955f9c GetLastError
0x955fa0 GetModuleFileNameW
0x955fa4 SetLastError
0x955fa8 GlobalAlloc
0x955fac GlobalUnlock
0x955fb0 FindResourceW
0x955fb4 CreateThread
0x955fb8 CompareStringW
0x955fbc CopyFileW
0x955fc0 LoadLibraryA
0x955fc4 ResetEvent
0x955fc8 GetVolumeInformationW
0x955fcc MulDiv
0x955fd0 FreeResource
0x955fd4 GetVersion
0x955fd8 RaiseException
0x955fdc MoveFileW
0x955fe0 GlobalAddAtomW
0x955fe4 FormatMessageW
0x955fe8 SwitchToThread
0x955fec GetExitCodeThread
0x955ff0 OutputDebugStringW
0x955ff4 GetCurrentThread
0x955ff8 LoadLibraryExW
0x955ffc LockResource
0x956000 FileTimeToSystemTime
0x956004 GetCurrentThreadId
0x956008 UnhandledExceptionFilter
0x95600c VirtualQuery
0x956010 GlobalFindAtomW
0x956014 VirtualQueryEx
0x956018 GlobalFree
0x95601c Sleep
0x956020 EnterCriticalSection
0x956024 SetFilePointer
0x956028 LoadResource
0x95602c SuspendThread
0x956030 GetTickCount
0x956034 GetStartupInfoW
0x956038 GlobalDeleteAtom
0x95603c GetFileAttributesW
0x956040 InitializeCriticalSection
0x956044 GetThreadPriority
0x956048 GetCurrentProcess
0x95604c SetThreadPriority
0x956050 GlobalLock
0x956054 VirtualAlloc
0x956058 GetSystemInfo
0x95605c GetCommandLineW
0x956060 GetTempPathW
0x956064 LeaveCriticalSection
0x956068 GetProcAddress
0x95606c ResumeThread
0x956070 GetVersionExW
0x956074 VerifyVersionInfoW
0x956078 HeapCreate
0x95607c LCMapStringW
0x956080 GetDiskFreeSpaceW
0x956084 VerSetConditionMask
0x956088 FindFirstFileW
0x95608c GetUserDefaultUILanguage
0x956090 lstrlenW
0x956094 QueryPerformanceCounter
0x956098 SetEndOfFile
0x95609c HeapFree
0x9560a0 WideCharToMultiByte
0x9560a4 FindClose
0x9560a8 MultiByteToWideChar
0x9560ac LoadLibraryW
0x9560b0 SetEvent
0x9560b4 CreateFileW
0x9560b8 GetLocaleInfoW
0x9560bc EnumResourceNamesW
0x9560c0 DeleteFileW
0x9560c4 GetEnvironmentVariableW
0x9560c8 GetLocalTime
0x9560cc WaitForSingleObject
0x9560d0 WriteFile
0x9560d4 ExitThread
0x9560d8 DeleteCriticalSection
0x9560dc GetDateFormatW
0x9560e0 TlsGetValue
0x9560e4 SetErrorMode
0x9560e8 IsValidLocale
0x9560ec TlsSetValue
0x9560f0 CreateDirectoryW
0x9560f4 GetSystemDefaultUILanguage
0x9560f8 EnumCalendarInfoW
0x9560fc LocalAlloc
0x956100 RemoveDirectoryW
0x956104 CreateEventW
0x956108 WaitForMultipleObjectsEx
0x95610c SetThreadLocale
0x956110 GetThreadLocale
ole32.dll
0x956118 IsEqualGUID
0x95611c OleInitialize
0x956120 CLSIDFromProgID
0x956124 OleUninitialize
0x956128 CoInitialize
0x95612c CoCreateInstance
0x956130 CoUninitialize
0x956134 CoTaskMemFree
0x956138 CoTaskMemAlloc
0x95613c StringFromCLSID
gdi32.dll
0x956144 Pie
0x956148 SetBkMode
0x95614c CreateCompatibleBitmap
0x956150 BeginPath
0x956154 GetEnhMetaFileHeader
0x956158 CloseEnhMetaFile
0x95615c RectVisible
0x956160 AngleArc
0x956164 StrokeAndFillPath
0x956168 ResizePalette
0x95616c SetAbortProc
0x956170 SetTextColor
0x956174 StretchBlt
0x956178 RoundRect
0x95617c SelectClipRgn
0x956180 RestoreDC
0x956184 SetRectRgn
0x956188 GetTextMetricsW
0x95618c GetWindowOrgEx
0x956190 CreatePalette
0x956194 PolyBezierTo
0x956198 CreateICW
0x95619c CreateDCW
0x9561a0 GetStockObject
0x9561a4 CreateSolidBrush
0x9561a8 Polygon
0x9561ac MoveToEx
0x9561b0 PlayEnhMetaFile
0x9561b4 Ellipse
0x9561b8 StartPage
0x9561bc GetBitmapBits
0x9561c0 StartDocW
0x9561c4 AbortDoc
0x9561c8 GetSystemPaletteEntries
0x9561cc GetEnhMetaFileBits
0x9561d0 GetEnhMetaFilePaletteEntries
0x9561d4 CreatePenIndirect
0x9561d8 SetMapMode
0x9561dc CreateFontIndirectW
0x9561e0 PolyBezier
0x9561e4 ExtCreatePen
0x9561e8 EndDoc
0x9561ec GetObjectW
0x9561f0 GetWinMetaFileBits
0x9561f4 SetROP2
0x9561f8 GetEnhMetaFileDescriptionW
0x9561fc ArcTo
0x956200 CreateEnhMetaFileW
0x956204 Arc
0x956208 SelectPalette
0x95620c ExcludeClipRect
0x956210 MaskBlt
0x956214 SetWindowOrgEx
0x956218 EndPath
0x95621c EndPage
0x956220 DeleteEnhMetaFile
0x956224 Chord
0x956228 SetDIBits
0x95622c SetViewportOrgEx
0x956230 CreateRectRgn
0x956234 RealizePalette
0x956238 SetDIBColorTable
0x95623c GetDIBColorTable
0x956240 CreateBrushIndirect
0x956244 PatBlt
0x956248 SetEnhMetaFileBits
0x95624c Rectangle
0x956250 SaveDC
0x956254 DeleteDC
0x956258 BitBlt
0x95625c FrameRgn
0x956260 GetDeviceCaps
0x956264 GetTextExtentPoint32W
0x956268 GetClipBox
0x95626c IntersectClipRect
0x956270 Polyline
0x956274 CreateBitmap
0x956278 SetWinMetaFileBits
0x95627c GetStretchBltMode
0x956280 CreateDIBitmap
0x956284 SetStretchBltMode
0x956288 GetDIBits
0x95628c CreateDIBSection
0x956290 LineTo
0x956294 GetRgnBox
0x956298 EnumFontsW
0x95629c SetWindowExtEx
0x9562a0 CreateHalftonePalette
0x9562a4 SelectObject
0x9562a8 DeleteObject
0x9562ac ExtFloodFill
0x9562b0 UnrealizeObject
0x9562b4 CopyEnhMetaFileW
0x9562b8 SetBkColor
0x9562bc CreateCompatibleDC
0x9562c0 GetBrushOrgEx
0x9562c4 GetCurrentPositionEx
0x9562c8 GetNearestPaletteIndex
0x9562cc GetTextExtentPointW
0x9562d0 ExtTextOutW
0x9562d4 SetBrushOrgEx
0x9562d8 GetPixel
0x9562dc GdiFlush
0x9562e0 SetViewportExtEx
0x9562e4 SetPixel
0x9562e8 PolyPolyline
0x9562ec EnumFontFamiliesExW
0x9562f0 StretchDIBits
0x9562f4 GetPaletteEntries
EAT(Export Address Table) Library
0x4da454 TMethodImplementationIntercept
0x411328 __dbk_fcall_wrapper
0x8a6640 dbkFCallWrapperAddr