ScreenShot
| Created | 2024.01.12 08:01 | Machine | s1_win7_x6401 |
| Filename | 11.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 27 detected (AIDetectMalware, malicious, moderate confidence, score, Artemis, unsafe, V99r, Attribute, HighConfidence, FileRepMalware, dinehq, Generic@AI, RDML, iTy7jic+F6yKT4aJH9hvzg, MulDrop8, Qhost, Zenpak, Sabsik, HYBK, MulDrop, ERQG) | ||
| md5 | 2f1d3f866fde60fc8337a92dce82e15b | ||
| sha256 | b86925369c2833010ca7b6d0f0b6711ab2c9ab6b54ab9742e56865e6217acf37 | ||
| ssdeep | 196608:+WC1nvP5zdP5zwxtqabDz+i771WCXnGmFCh1wv5fmz0S:on5d5z4Dz+iX7nFsh1+TS | ||
| imphash | 4e7ce0c2d4e287e33f0a421844d1f889 | ||
| impfuzzy | 192:FjVpy/sJFVRxsLjv3k4TTYkWcUsxKcRcock63vPO6q5N7:5C/4VRGL9k8KENKO6q5N7 | ||
Network IP location
Signature (16cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 27 AntiVirus engines on VirusTotal as malicious |
| watch | Expresses interest in specific running processes |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Creates a shortcut to an executable file |
| notice | Creates executable files on the filesystem |
| notice | Foreign language identified in PE resource |
| notice | Performs some HTTP requests |
| notice | Queries for potentially installed applications |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| info | Checks amount of memory in system |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (15cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | bmp_file_format | bmp file format | binaries (download) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
SURICATA Applayer Protocol detection skipped
ET HUNTING Suspicious Empty User-Agent
ET HUNTING Rejetto HTTP File Sever Response
ET HUNTING Suspicious Empty User-Agent
ET HUNTING Rejetto HTTP File Sever Response
PE API
IAT(Import Address Table) Library
WINMM.dll
0x472638 mciSendCommandA
0x47263c mciGetErrorStringA
KERNEL32.dll
0x472134 GetVolumeInformationA
0x472138 GetFullPathNameA
0x47213c SetErrorMode
0x472140 GetFileSizeEx
0x472144 GetTickCount
0x472148 RtlUnwind
0x47214c HeapFree
0x472150 HeapAlloc
0x472154 GetCommandLineA
0x472158 GetStartupInfoA
0x47215c RaiseException
0x472160 VirtualProtect
0x472164 VirtualAlloc
0x472168 GetSystemInfo
0x47216c VirtualQuery
0x472170 HeapReAlloc
0x472174 ExitProcess
0x472178 HeapSize
0x47217c TerminateProcess
0x472180 UnhandledExceptionFilter
0x472184 SetUnhandledExceptionFilter
0x472188 IsDebuggerPresent
0x47218c GetACP
0x472190 IsValidCodePage
0x472194 LCMapStringA
0x472198 LCMapStringW
0x47219c DuplicateHandle
0x4721a0 VirtualFree
0x4721a4 GetStdHandle
0x4721a8 SetHandleCount
0x4721ac GetFileType
0x4721b0 FreeEnvironmentStringsA
0x4721b4 GetEnvironmentStrings
0x4721b8 FreeEnvironmentStringsW
0x4721bc GetEnvironmentStringsW
0x4721c0 QueryPerformanceCounter
0x4721c4 GetSystemTimeAsFileTime
0x4721c8 InitializeCriticalSectionAndSpinCount
0x4721cc GetTimeZoneInformation
0x4721d0 GetStringTypeA
0x4721d4 GetStringTypeW
0x4721d8 GetConsoleCP
0x4721dc GetConsoleMode
0x4721e0 SetStdHandle
0x4721e4 WriteConsoleA
0x4721e8 GetConsoleOutputCP
0x4721ec WriteConsoleW
0x4721f0 GetProcessHeap
0x4721f4 CompareStringW
0x4721f8 SetEnvironmentVariableA
0x4721fc SetEndOfFile
0x472200 UnlockFile
0x472204 LockFile
0x472208 FlushFileBuffers
0x47220c GetCurrentDirectoryA
0x472210 WritePrivateProfileStringA
0x472214 GetModuleHandleW
0x472218 GetOEMCP
0x47221c GetCPInfo
0x472220 TlsFree
0x472224 DeleteCriticalSection
0x472228 LocalReAlloc
0x47222c TlsSetValue
0x472230 TlsAlloc
0x472234 InitializeCriticalSection
0x472238 GlobalHandle
0x47223c EnterCriticalSection
0x472240 TlsGetValue
0x472244 LeaveCriticalSection
0x472248 GlobalFlags
0x47224c InterlockedIncrement
0x472250 InterlockedDecrement
0x472254 GetModuleFileNameW
0x472258 GetThreadLocale
0x47225c GetCurrentThread
0x472260 ConvertDefaultLocale
0x472264 EnumResourceLanguagesA
0x472268 GetLocaleInfoA
0x47226c LoadLibraryExA
0x472270 InterlockedExchange
0x472274 lstrcmpA
0x472278 GetCurrentProcessId
0x47227c FormatMessageA
0x472280 lstrlenA
0x472284 GetCurrentThreadId
0x472288 GlobalGetAtomNameA
0x47228c GlobalAddAtomA
0x472290 GlobalFindAtomA
0x472294 GlobalDeleteAtom
0x472298 FreeLibrary
0x47229c CompareStringA
0x4722a0 LoadLibraryA
0x4722a4 MultiByteToWideChar
0x4722a8 lstrcmpW
0x4722ac MulDiv
0x4722b0 GetModuleHandleA
0x4722b4 GetProcAddress
0x4722b8 SetLastError
0x4722bc FreeResource
0x4722c0 FindFirstFileA
0x4722c4 GetFileAttributesA
0x4722c8 FindNextFileA
0x4722cc FindClose
0x4722d0 GetShortPathNameA
0x4722d4 CreateThread
0x4722d8 SetThreadPriority
0x4722dc SystemTimeToFileTime
0x4722e0 LocalFileTimeToFileTime
0x4722e4 SetFileTime
0x4722e8 WriteFile
0x4722ec ReadFile
0x4722f0 SetFilePointer
0x4722f4 GetFileSize
0x4722f8 GetLastError
0x4722fc CreateFileA
0x472300 GetFileTime
0x472304 FileTimeToLocalFileTime
0x472308 FileTimeToSystemTime
0x47230c OpenFile
0x472310 _lclose
0x472314 GlobalReAlloc
0x472318 _llseek
0x47231c LocalAlloc
0x472320 LocalFree
0x472324 GlobalAlloc
0x472328 GlobalFree
0x47232c GlobalLock
0x472330 GlobalUnlock
0x472334 _lread
0x472338 GetCurrentProcess
0x47233c CloseHandle
0x472340 RemoveDirectoryA
0x472344 GetComputerNameA
0x472348 Sleep
0x47234c SetFileAttributesA
0x472350 WinExec
0x472354 GetModuleFileNameA
0x472358 CopyFileA
0x47235c DeleteFileA
0x472360 GetWindowsDirectoryA
0x472364 GetSystemDirectoryA
0x472368 GetTempPathA
0x47236c CreateDirectoryA
0x472370 SetCurrentDirectoryA
0x472374 CreateProcessA
0x472378 WaitForSingleObject
0x47237c GetExitCodeProcess
0x472380 GetSystemDefaultLCID
0x472384 GetLocalTime
0x472388 GetLogicalDriveStringsA
0x47238c GetDriveTypeA
0x472390 GetDiskFreeSpaceExA
0x472394 GetVersion
0x472398 GetVersionExA
0x47239c WideCharToMultiByte
0x4723a0 LoadResource
0x4723a4 LockResource
0x4723a8 SizeofResource
0x4723ac FindResourceA
0x4723b0 HeapCreate
USER32.dll
0x472424 MessageBeep
0x472428 GetNextDlgGroupItem
0x47242c InvalidateRgn
0x472430 IsRectEmpty
0x472434 CopyAcceleratorTableA
0x472438 CharUpperA
0x47243c ReleaseCapture
0x472440 SetCapture
0x472444 LoadCursorA
0x472448 GetSysColorBrush
0x47244c DestroyMenu
0x472450 CharNextA
0x472454 SetWindowContextHelpId
0x472458 MapDialogRect
0x47245c SetCursor
0x472460 GetMessageA
0x472464 TranslateMessage
0x472468 GetCursorPos
0x47246c ValidateRect
0x472470 GetWindowThreadProcessId
0x472474 ShowWindow
0x472478 MoveWindow
0x47247c SetWindowTextA
0x472480 IsDialogMessageA
0x472484 SetDlgItemTextA
0x472488 CheckRadioButton
0x47248c SetMenuItemBitmaps
0x472490 GetMenuCheckMarkDimensions
0x472494 LoadBitmapA
0x472498 ModifyMenuA
0x47249c GetMenuState
0x4724a0 EnableMenuItem
0x4724a4 CheckMenuItem
0x4724a8 RegisterWindowMessageA
0x4724ac SendDlgItemMessageA
0x4724b0 WinHelpA
0x4724b4 IsChild
0x4724b8 GetCapture
0x4724bc SetWindowsHookExA
0x4724c0 CallNextHookEx
0x4724c4 GetClassLongA
0x4724c8 GetClassNameA
0x4724cc SetPropA
0x4724d0 GetPropA
0x4724d4 UnregisterClassA
0x4724d8 GetFocus
0x4724dc SetFocus
0x4724e0 GetWindowTextLengthA
0x4724e4 GetWindowTextA
0x4724e8 GetForegroundWindow
0x4724ec GetLastActivePopup
0x4724f0 DispatchMessageA
0x4724f4 GetTopWindow
0x4724f8 UnhookWindowsHookEx
0x4724fc GetMessagePos
0x472500 PeekMessageA
0x472504 MapWindowPoints
0x472508 GetKeyState
0x47250c SetMenu
0x472510 SetForegroundWindow
0x472514 IsWindowVisible
0x472518 UpdateWindow
0x47251c PostMessageA
0x472520 GetSubMenu
0x472524 GetMenuItemID
0x472528 GetMenuItemCount
0x47252c CreateWindowExA
0x472530 GetClassInfoExA
0x472534 GetClassInfoA
0x472538 RegisterClassA
0x47253c AdjustWindowRectEx
0x472540 EqualRect
0x472544 PtInRect
0x472548 GetDlgCtrlID
0x47254c DefWindowProcA
0x472550 CallWindowProcA
0x472554 GetMenu
0x472558 SetWindowPos
0x47255c OffsetRect
0x472560 SystemParametersInfoA
0x472564 GetWindowPlacement
0x472568 GetWindow
0x47256c GetSysColor
0x472570 EndPaint
0x472574 BeginPaint
0x472578 GetWindowDC
0x47257c ClientToScreen
0x472580 ScreenToClient
0x472584 GrayStringA
0x472588 DrawTextExA
0x47258c DrawTextA
0x472590 TabbedTextOutA
0x472594 PostThreadMessageA
0x472598 RegisterClipboardFormatA
0x47259c GetDesktopWindow
0x4725a0 GetActiveWindow
0x4725a4 RemovePropA
0x4725a8 SetActiveWindow
0x4725ac CreateDialogIndirectParamA
0x4725b0 DestroyWindow
0x4725b4 IsWindow
0x4725b8 GetWindowLongA
0x4725bc GetDlgItem
0x4725c0 IsWindowEnabled
0x4725c4 GetNextDlgTabItem
0x4725c8 EndDialog
0x4725cc SetWindowRgn
0x4725d0 IntersectRect
0x4725d4 CopyRect
0x4725d8 SetRect
0x4725dc DestroyIcon
0x4725e0 GetDC
0x4725e4 ReleaseDC
0x4725e8 ExitWindowsEx
0x4725ec MessageBoxW
0x4725f0 SetWindowLongA
0x4725f4 GetSystemMetrics
0x4725f8 LoadIconA
0x4725fc KillTimer
0x472600 SetTimer
0x472604 IsIconic
0x472608 DrawIcon
0x47260c PostQuitMessage
0x472610 LoadImageA
0x472614 InvalidateRect
0x472618 MessageBoxA
0x47261c GetParent
0x472620 EnableWindow
0x472624 GetClientRect
0x472628 GetWindowRect
0x47262c SendMessageA
0x472630 GetMessageTime
GDI32.dll
0x472054 ExtTextOutA
0x472058 Escape
0x47205c SetViewportOrgEx
0x472060 OffsetViewportOrgEx
0x472064 SetViewportExtEx
0x472068 ScaleViewportExtEx
0x47206c SetWindowExtEx
0x472070 ScaleWindowExtEx
0x472074 ExtSelectClipRgn
0x472078 TextOutA
0x47207c PtVisible
0x472080 CreatePen
0x472084 CreateSolidBrush
0x472088 CreateRectRgnIndirect
0x47208c GetBkColor
0x472090 GetTextColor
0x472094 GetMapMode
0x472098 GetRgnBox
0x47209c RectVisible
0x4720a0 GetClipBox
0x4720a4 SetMapMode
0x4720a8 GetWindowExtEx
0x4720ac MoveToEx
0x4720b0 LineTo
0x4720b4 CreateFontIndirectA
0x4720b8 GetObjectA
0x4720bc GetStockObject
0x4720c0 SetTextColor
0x4720c4 RestoreDC
0x4720c8 SaveDC
0x4720cc GetTextExtentPoint32A
0x4720d0 Rectangle
0x4720d4 FrameRgn
0x4720d8 FillRgn
0x4720dc CreateRoundRectRgn
0x4720e0 SetPixel
0x4720e4 GetViewportExtEx
0x4720e8 PatBlt
0x4720ec SetDIBitsToDevice
0x4720f0 CreatePalette
0x4720f4 SetBkMode
0x4720f8 SetBkColor
0x4720fc CreateBitmap
0x472100 DeleteObject
0x472104 SelectPalette
0x472108 RealizePalette
0x47210c CreateCompatibleBitmap
0x472110 SelectObject
0x472114 BitBlt
0x472118 DeleteDC
0x47211c AddFontResourceA
0x472120 GetDeviceCaps
0x472124 CreateICA
0x472128 StretchBlt
0x47212c CreateCompatibleDC
COMDLG32.dll
0x47204c GetFileTitleA
WINSPOOL.DRV
0x472644 OpenPrinterA
0x472648 DocumentPropertiesA
0x47264c ClosePrinter
ADVAPI32.dll
0x472000 LookupPrivilegeValueA
0x472004 RegSetValueExA
0x472008 RegCreateKeyExA
0x47200c RegQueryValueA
0x472010 RegDeleteValueA
0x472014 RegDeleteKeyA
0x472018 OpenProcessToken
0x47201c RegCloseKey
0x472020 AdjustTokenPrivileges
0x472024 RegEnumKeyA
0x472028 GetUserNameA
0x47202c RegQueryValueExA
0x472030 RegOpenKeyExA
0x472034 RegOpenKeyA
0x472038 RegCreateKeyA
SHELL32.dll
0x4723f0 SHGetPathFromIDListA
0x4723f4 SHBrowseForFolderA
0x4723f8 SHGetSpecialFolderPathA
0x4723fc SHGetSpecialFolderLocation
0x472400 ShellExecuteA
0x472404 SHGetMalloc
0x472408 SHGetFileInfoA
COMCTL32.dll
0x472040 None
0x472044 _TrackMouseEvent
SHLWAPI.dll
0x472410 PathFindExtensionA
0x472414 PathStripToRootA
0x472418 PathIsUNCA
0x47241c PathFindFileNameA
oledlg.dll
0x4726a0 None
ole32.dll
0x472654 OleInitialize
0x472658 CoFreeUnusedLibraries
0x47265c OleUninitialize
0x472660 CreateILockBytesOnHGlobal
0x472664 StgCreateDocfileOnILockBytes
0x472668 StgOpenStorageOnILockBytes
0x47266c CoGetClassObject
0x472670 CLSIDFromProgID
0x472674 CLSIDFromString
0x472678 CoRevokeClassObject
0x47267c CoTaskMemAlloc
0x472680 CoTaskMemFree
0x472684 CoUninitialize
0x472688 CoInitialize
0x47268c CoCreateInstance
0x472690 OleIsCurrentClipboard
0x472694 OleFlushClipboard
0x472698 CoRegisterMessageFilter
OLEAUT32.dll
0x4723b8 VariantClear
0x4723bc OleCreateFontIndirect
0x4723c0 SystemTimeToVariantTime
0x4723c4 VariantTimeToSystemTime
0x4723c8 SafeArrayDestroy
0x4723cc VariantCopy
0x4723d0 SysAllocStringByteLen
0x4723d4 SysFreeString
0x4723d8 SysStringLen
0x4723dc SysAllocStringLen
0x4723e0 VariantInit
0x4723e4 VariantChangeType
0x4723e8 SysAllocString
EAT(Export Address Table) is none
WINMM.dll
0x472638 mciSendCommandA
0x47263c mciGetErrorStringA
KERNEL32.dll
0x472134 GetVolumeInformationA
0x472138 GetFullPathNameA
0x47213c SetErrorMode
0x472140 GetFileSizeEx
0x472144 GetTickCount
0x472148 RtlUnwind
0x47214c HeapFree
0x472150 HeapAlloc
0x472154 GetCommandLineA
0x472158 GetStartupInfoA
0x47215c RaiseException
0x472160 VirtualProtect
0x472164 VirtualAlloc
0x472168 GetSystemInfo
0x47216c VirtualQuery
0x472170 HeapReAlloc
0x472174 ExitProcess
0x472178 HeapSize
0x47217c TerminateProcess
0x472180 UnhandledExceptionFilter
0x472184 SetUnhandledExceptionFilter
0x472188 IsDebuggerPresent
0x47218c GetACP
0x472190 IsValidCodePage
0x472194 LCMapStringA
0x472198 LCMapStringW
0x47219c DuplicateHandle
0x4721a0 VirtualFree
0x4721a4 GetStdHandle
0x4721a8 SetHandleCount
0x4721ac GetFileType
0x4721b0 FreeEnvironmentStringsA
0x4721b4 GetEnvironmentStrings
0x4721b8 FreeEnvironmentStringsW
0x4721bc GetEnvironmentStringsW
0x4721c0 QueryPerformanceCounter
0x4721c4 GetSystemTimeAsFileTime
0x4721c8 InitializeCriticalSectionAndSpinCount
0x4721cc GetTimeZoneInformation
0x4721d0 GetStringTypeA
0x4721d4 GetStringTypeW
0x4721d8 GetConsoleCP
0x4721dc GetConsoleMode
0x4721e0 SetStdHandle
0x4721e4 WriteConsoleA
0x4721e8 GetConsoleOutputCP
0x4721ec WriteConsoleW
0x4721f0 GetProcessHeap
0x4721f4 CompareStringW
0x4721f8 SetEnvironmentVariableA
0x4721fc SetEndOfFile
0x472200 UnlockFile
0x472204 LockFile
0x472208 FlushFileBuffers
0x47220c GetCurrentDirectoryA
0x472210 WritePrivateProfileStringA
0x472214 GetModuleHandleW
0x472218 GetOEMCP
0x47221c GetCPInfo
0x472220 TlsFree
0x472224 DeleteCriticalSection
0x472228 LocalReAlloc
0x47222c TlsSetValue
0x472230 TlsAlloc
0x472234 InitializeCriticalSection
0x472238 GlobalHandle
0x47223c EnterCriticalSection
0x472240 TlsGetValue
0x472244 LeaveCriticalSection
0x472248 GlobalFlags
0x47224c InterlockedIncrement
0x472250 InterlockedDecrement
0x472254 GetModuleFileNameW
0x472258 GetThreadLocale
0x47225c GetCurrentThread
0x472260 ConvertDefaultLocale
0x472264 EnumResourceLanguagesA
0x472268 GetLocaleInfoA
0x47226c LoadLibraryExA
0x472270 InterlockedExchange
0x472274 lstrcmpA
0x472278 GetCurrentProcessId
0x47227c FormatMessageA
0x472280 lstrlenA
0x472284 GetCurrentThreadId
0x472288 GlobalGetAtomNameA
0x47228c GlobalAddAtomA
0x472290 GlobalFindAtomA
0x472294 GlobalDeleteAtom
0x472298 FreeLibrary
0x47229c CompareStringA
0x4722a0 LoadLibraryA
0x4722a4 MultiByteToWideChar
0x4722a8 lstrcmpW
0x4722ac MulDiv
0x4722b0 GetModuleHandleA
0x4722b4 GetProcAddress
0x4722b8 SetLastError
0x4722bc FreeResource
0x4722c0 FindFirstFileA
0x4722c4 GetFileAttributesA
0x4722c8 FindNextFileA
0x4722cc FindClose
0x4722d0 GetShortPathNameA
0x4722d4 CreateThread
0x4722d8 SetThreadPriority
0x4722dc SystemTimeToFileTime
0x4722e0 LocalFileTimeToFileTime
0x4722e4 SetFileTime
0x4722e8 WriteFile
0x4722ec ReadFile
0x4722f0 SetFilePointer
0x4722f4 GetFileSize
0x4722f8 GetLastError
0x4722fc CreateFileA
0x472300 GetFileTime
0x472304 FileTimeToLocalFileTime
0x472308 FileTimeToSystemTime
0x47230c OpenFile
0x472310 _lclose
0x472314 GlobalReAlloc
0x472318 _llseek
0x47231c LocalAlloc
0x472320 LocalFree
0x472324 GlobalAlloc
0x472328 GlobalFree
0x47232c GlobalLock
0x472330 GlobalUnlock
0x472334 _lread
0x472338 GetCurrentProcess
0x47233c CloseHandle
0x472340 RemoveDirectoryA
0x472344 GetComputerNameA
0x472348 Sleep
0x47234c SetFileAttributesA
0x472350 WinExec
0x472354 GetModuleFileNameA
0x472358 CopyFileA
0x47235c DeleteFileA
0x472360 GetWindowsDirectoryA
0x472364 GetSystemDirectoryA
0x472368 GetTempPathA
0x47236c CreateDirectoryA
0x472370 SetCurrentDirectoryA
0x472374 CreateProcessA
0x472378 WaitForSingleObject
0x47237c GetExitCodeProcess
0x472380 GetSystemDefaultLCID
0x472384 GetLocalTime
0x472388 GetLogicalDriveStringsA
0x47238c GetDriveTypeA
0x472390 GetDiskFreeSpaceExA
0x472394 GetVersion
0x472398 GetVersionExA
0x47239c WideCharToMultiByte
0x4723a0 LoadResource
0x4723a4 LockResource
0x4723a8 SizeofResource
0x4723ac FindResourceA
0x4723b0 HeapCreate
USER32.dll
0x472424 MessageBeep
0x472428 GetNextDlgGroupItem
0x47242c InvalidateRgn
0x472430 IsRectEmpty
0x472434 CopyAcceleratorTableA
0x472438 CharUpperA
0x47243c ReleaseCapture
0x472440 SetCapture
0x472444 LoadCursorA
0x472448 GetSysColorBrush
0x47244c DestroyMenu
0x472450 CharNextA
0x472454 SetWindowContextHelpId
0x472458 MapDialogRect
0x47245c SetCursor
0x472460 GetMessageA
0x472464 TranslateMessage
0x472468 GetCursorPos
0x47246c ValidateRect
0x472470 GetWindowThreadProcessId
0x472474 ShowWindow
0x472478 MoveWindow
0x47247c SetWindowTextA
0x472480 IsDialogMessageA
0x472484 SetDlgItemTextA
0x472488 CheckRadioButton
0x47248c SetMenuItemBitmaps
0x472490 GetMenuCheckMarkDimensions
0x472494 LoadBitmapA
0x472498 ModifyMenuA
0x47249c GetMenuState
0x4724a0 EnableMenuItem
0x4724a4 CheckMenuItem
0x4724a8 RegisterWindowMessageA
0x4724ac SendDlgItemMessageA
0x4724b0 WinHelpA
0x4724b4 IsChild
0x4724b8 GetCapture
0x4724bc SetWindowsHookExA
0x4724c0 CallNextHookEx
0x4724c4 GetClassLongA
0x4724c8 GetClassNameA
0x4724cc SetPropA
0x4724d0 GetPropA
0x4724d4 UnregisterClassA
0x4724d8 GetFocus
0x4724dc SetFocus
0x4724e0 GetWindowTextLengthA
0x4724e4 GetWindowTextA
0x4724e8 GetForegroundWindow
0x4724ec GetLastActivePopup
0x4724f0 DispatchMessageA
0x4724f4 GetTopWindow
0x4724f8 UnhookWindowsHookEx
0x4724fc GetMessagePos
0x472500 PeekMessageA
0x472504 MapWindowPoints
0x472508 GetKeyState
0x47250c SetMenu
0x472510 SetForegroundWindow
0x472514 IsWindowVisible
0x472518 UpdateWindow
0x47251c PostMessageA
0x472520 GetSubMenu
0x472524 GetMenuItemID
0x472528 GetMenuItemCount
0x47252c CreateWindowExA
0x472530 GetClassInfoExA
0x472534 GetClassInfoA
0x472538 RegisterClassA
0x47253c AdjustWindowRectEx
0x472540 EqualRect
0x472544 PtInRect
0x472548 GetDlgCtrlID
0x47254c DefWindowProcA
0x472550 CallWindowProcA
0x472554 GetMenu
0x472558 SetWindowPos
0x47255c OffsetRect
0x472560 SystemParametersInfoA
0x472564 GetWindowPlacement
0x472568 GetWindow
0x47256c GetSysColor
0x472570 EndPaint
0x472574 BeginPaint
0x472578 GetWindowDC
0x47257c ClientToScreen
0x472580 ScreenToClient
0x472584 GrayStringA
0x472588 DrawTextExA
0x47258c DrawTextA
0x472590 TabbedTextOutA
0x472594 PostThreadMessageA
0x472598 RegisterClipboardFormatA
0x47259c GetDesktopWindow
0x4725a0 GetActiveWindow
0x4725a4 RemovePropA
0x4725a8 SetActiveWindow
0x4725ac CreateDialogIndirectParamA
0x4725b0 DestroyWindow
0x4725b4 IsWindow
0x4725b8 GetWindowLongA
0x4725bc GetDlgItem
0x4725c0 IsWindowEnabled
0x4725c4 GetNextDlgTabItem
0x4725c8 EndDialog
0x4725cc SetWindowRgn
0x4725d0 IntersectRect
0x4725d4 CopyRect
0x4725d8 SetRect
0x4725dc DestroyIcon
0x4725e0 GetDC
0x4725e4 ReleaseDC
0x4725e8 ExitWindowsEx
0x4725ec MessageBoxW
0x4725f0 SetWindowLongA
0x4725f4 GetSystemMetrics
0x4725f8 LoadIconA
0x4725fc KillTimer
0x472600 SetTimer
0x472604 IsIconic
0x472608 DrawIcon
0x47260c PostQuitMessage
0x472610 LoadImageA
0x472614 InvalidateRect
0x472618 MessageBoxA
0x47261c GetParent
0x472620 EnableWindow
0x472624 GetClientRect
0x472628 GetWindowRect
0x47262c SendMessageA
0x472630 GetMessageTime
GDI32.dll
0x472054 ExtTextOutA
0x472058 Escape
0x47205c SetViewportOrgEx
0x472060 OffsetViewportOrgEx
0x472064 SetViewportExtEx
0x472068 ScaleViewportExtEx
0x47206c SetWindowExtEx
0x472070 ScaleWindowExtEx
0x472074 ExtSelectClipRgn
0x472078 TextOutA
0x47207c PtVisible
0x472080 CreatePen
0x472084 CreateSolidBrush
0x472088 CreateRectRgnIndirect
0x47208c GetBkColor
0x472090 GetTextColor
0x472094 GetMapMode
0x472098 GetRgnBox
0x47209c RectVisible
0x4720a0 GetClipBox
0x4720a4 SetMapMode
0x4720a8 GetWindowExtEx
0x4720ac MoveToEx
0x4720b0 LineTo
0x4720b4 CreateFontIndirectA
0x4720b8 GetObjectA
0x4720bc GetStockObject
0x4720c0 SetTextColor
0x4720c4 RestoreDC
0x4720c8 SaveDC
0x4720cc GetTextExtentPoint32A
0x4720d0 Rectangle
0x4720d4 FrameRgn
0x4720d8 FillRgn
0x4720dc CreateRoundRectRgn
0x4720e0 SetPixel
0x4720e4 GetViewportExtEx
0x4720e8 PatBlt
0x4720ec SetDIBitsToDevice
0x4720f0 CreatePalette
0x4720f4 SetBkMode
0x4720f8 SetBkColor
0x4720fc CreateBitmap
0x472100 DeleteObject
0x472104 SelectPalette
0x472108 RealizePalette
0x47210c CreateCompatibleBitmap
0x472110 SelectObject
0x472114 BitBlt
0x472118 DeleteDC
0x47211c AddFontResourceA
0x472120 GetDeviceCaps
0x472124 CreateICA
0x472128 StretchBlt
0x47212c CreateCompatibleDC
COMDLG32.dll
0x47204c GetFileTitleA
WINSPOOL.DRV
0x472644 OpenPrinterA
0x472648 DocumentPropertiesA
0x47264c ClosePrinter
ADVAPI32.dll
0x472000 LookupPrivilegeValueA
0x472004 RegSetValueExA
0x472008 RegCreateKeyExA
0x47200c RegQueryValueA
0x472010 RegDeleteValueA
0x472014 RegDeleteKeyA
0x472018 OpenProcessToken
0x47201c RegCloseKey
0x472020 AdjustTokenPrivileges
0x472024 RegEnumKeyA
0x472028 GetUserNameA
0x47202c RegQueryValueExA
0x472030 RegOpenKeyExA
0x472034 RegOpenKeyA
0x472038 RegCreateKeyA
SHELL32.dll
0x4723f0 SHGetPathFromIDListA
0x4723f4 SHBrowseForFolderA
0x4723f8 SHGetSpecialFolderPathA
0x4723fc SHGetSpecialFolderLocation
0x472400 ShellExecuteA
0x472404 SHGetMalloc
0x472408 SHGetFileInfoA
COMCTL32.dll
0x472040 None
0x472044 _TrackMouseEvent
SHLWAPI.dll
0x472410 PathFindExtensionA
0x472414 PathStripToRootA
0x472418 PathIsUNCA
0x47241c PathFindFileNameA
oledlg.dll
0x4726a0 None
ole32.dll
0x472654 OleInitialize
0x472658 CoFreeUnusedLibraries
0x47265c OleUninitialize
0x472660 CreateILockBytesOnHGlobal
0x472664 StgCreateDocfileOnILockBytes
0x472668 StgOpenStorageOnILockBytes
0x47266c CoGetClassObject
0x472670 CLSIDFromProgID
0x472674 CLSIDFromString
0x472678 CoRevokeClassObject
0x47267c CoTaskMemAlloc
0x472680 CoTaskMemFree
0x472684 CoUninitialize
0x472688 CoInitialize
0x47268c CoCreateInstance
0x472690 OleIsCurrentClipboard
0x472694 OleFlushClipboard
0x472698 CoRegisterMessageFilter
OLEAUT32.dll
0x4723b8 VariantClear
0x4723bc OleCreateFontIndirect
0x4723c0 SystemTimeToVariantTime
0x4723c4 VariantTimeToSystemTime
0x4723c8 SafeArrayDestroy
0x4723cc VariantCopy
0x4723d0 SysAllocStringByteLen
0x4723d4 SysFreeString
0x4723d8 SysStringLen
0x4723dc SysAllocStringLen
0x4723e0 VariantInit
0x4723e4 VariantChangeType
0x4723e8 SysAllocString
EAT(Export Address Table) is none