ScreenShot
| Created | 2024.01.31 15:56 | Machine | s1_win7_x6401 |
| Filename | config.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 45 detected (malicious, high confidence, score, GenericKD, unsafe, Attribute, HighConfidence, Artemis, PWSX, TrojanPSW, Redcap, yzbvu, R011C0XA424, GenKD, Detected, ai score=88, Casdet, ABRisk, KPXQ, Chgt, Gencirc, susgen, PossibleThreat, confidence) | ||
| md5 | f92cabc07a676ab522160b08b604683a | ||
| sha256 | 90bd78de6f692255a95c7cf07d7547dd783c3580cda0d95a515f25b564f8fe43 | ||
| ssdeep | 24576:ETk1nzHm9FFsMuQxS4ZEe2eqvYKQ3RSESYtp4jOULrbDX6gCVVg+UjDNdqYHQdqj:EI1GFrO9SShjOyaVQlwD/kJ8VM | ||
| imphash | 1e6e931cdb0dfdde5dbc6639c3cbc8b1 | ||
| impfuzzy | 96:aQJJGtpexta7Ytf12WX8Hcg07OyJULi0LUvHA60KcBt/fecWOKVOI3j:nGkta7AkWNF7FO2vyt7KVT3j | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 45 AntiVirus engines on VirusTotal as malicious |
| watch | Queries information on disks |
| info | Checks amount of memory in system |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | This executable has a PDB path |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | PhysicalDrive_20181001 | (no description) | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x140228118 GetStdHandle
0x140228120 GetEnvironmentVariableA
0x140228128 MultiByteToWideChar
0x140228130 GetConsoleMode
0x140228138 ReadConsoleW
0x140228140 WriteConsoleW
0x140228148 SystemTimeToFileTime
0x140228150 GetFileType
0x140228158 GetSystemTime
0x140228160 AreFileApisANSI
0x140228168 ReadFile
0x140228170 TryEnterCriticalSection
0x140228178 HeapCreate
0x140228180 HeapFree
0x140228188 EnterCriticalSection
0x140228190 WriteFile
0x140228198 GetDiskFreeSpaceW
0x1402281a0 OutputDebugStringA
0x1402281a8 LockFile
0x1402281b0 LeaveCriticalSection
0x1402281b8 InitializeCriticalSection
0x1402281c0 SetFilePointer
0x1402281c8 GetFullPathNameA
0x1402281d0 SetEndOfFile
0x1402281d8 UnlockFileEx
0x1402281e0 GetTempPathW
0x1402281e8 CreateMutexW
0x1402281f0 WaitForSingleObject
0x1402281f8 GetFileAttributesW
0x140228200 GetCurrentThreadId
0x140228208 UnmapViewOfFile
0x140228210 HeapValidate
0x140228218 HeapSize
0x140228220 GetTempPathA
0x140228228 FormatMessageW
0x140228230 GetDiskFreeSpaceA
0x140228238 GetFileAttributesA
0x140228240 GetFileAttributesExW
0x140228248 OutputDebugStringW
0x140228250 FlushViewOfFile
0x140228258 CreateFileA
0x140228260 LoadLibraryA
0x140228268 WaitForSingleObjectEx
0x140228270 DeleteFileA
0x140228278 DeleteFileW
0x140228280 HeapReAlloc
0x140228288 RaiseException
0x140228290 HeapAlloc
0x140228298 HeapCompact
0x1402282a0 HeapDestroy
0x1402282a8 UnlockFile
0x1402282b0 LockFileEx
0x1402282b8 GetFileSize
0x1402282c0 DeleteCriticalSection
0x1402282c8 GetProcessHeap
0x1402282d0 GetSystemTimeAsFileTime
0x1402282d8 FormatMessageA
0x1402282e0 CreateFileMappingW
0x1402282e8 MapViewOfFile
0x1402282f0 QueryPerformanceCounter
0x1402282f8 GetTickCount
0x140228300 FlushFileBuffers
0x140228308 MoveFileExW
0x140228310 SetFileAttributesW
0x140228318 GetFileTime
0x140228320 SetFilePointerEx
0x140228328 ReleaseSRWLockExclusive
0x140228330 AcquireSRWLockExclusive
0x140228338 SetLastError
0x140228340 InitializeCriticalSectionEx
0x140228348 QueryPerformanceFrequency
0x140228350 GetSystemDirectoryA
0x140228358 GetModuleHandleA
0x140228360 MoveFileExA
0x140228368 PeekNamedPipe
0x140228370 WaitForMultipleObjects
0x140228378 SleepEx
0x140228380 FreeEnvironmentStringsW
0x140228388 GetEnvironmentStringsW
0x140228390 GetOEMCP
0x140228398 GetACP
0x1402283a0 IsValidCodePage
0x1402283a8 GetTimeZoneInformation
0x1402283b0 GetExitCodeProcess
0x1402283b8 EnumSystemLocalesW
0x1402283c0 GetUserDefaultLCID
0x1402283c8 IsValidLocale
0x1402283d0 GetLocaleInfoW
0x1402283d8 LCMapStringW
0x1402283e0 FindFirstFileW
0x1402283e8 GetComputerNameA
0x1402283f0 QueryFullProcessImageNameW
0x1402283f8 VerifyVersionInfoW
0x140228400 GetConsoleWindow
0x140228408 WideCharToMultiByte
0x140228410 FreeLibrary
0x140228418 GetModuleHandleW
0x140228420 GlobalMemoryStatusEx
0x140228428 GetCurrentProcessId
0x140228430 VerSetConditionMask
0x140228438 ExitProcess
0x140228440 LocalFree
0x140228448 GetProcAddress
0x140228450 K32EnumProcesses
0x140228458 LoadLibraryW
0x140228460 GetSystemInfo
0x140228468 CloseHandle
0x140228470 Process32FirstW
0x140228478 CompareStringW
0x140228480 GetTimeFormatW
0x140228488 GetDateFormatW
0x140228490 GetConsoleOutputCP
0x140228498 GetModuleFileNameW
0x1402284a0 CreateProcessW
0x1402284a8 SetStdHandle
0x1402284b0 GetCommandLineW
0x1402284b8 GetCommandLineA
0x1402284c0 FileTimeToSystemTime
0x1402284c8 SystemTimeToTzSpecificLocalTime
0x1402284d0 GetDriveTypeW
0x1402284d8 GetModuleHandleExW
0x1402284e0 FreeLibraryAndExitThread
0x1402284e8 ExitThread
0x1402284f0 CreateThread
0x1402284f8 RtlUnwind
0x140228500 LoadLibraryExW
0x140228508 TlsFree
0x140228510 TlsSetValue
0x140228518 SetEnvironmentVariableW
0x140228520 TlsGetValue
0x140228528 TlsAlloc
0x140228530 RtlPcToFileHeader
0x140228538 InterlockedPushEntrySList
0x140228540 RtlUnwindEx
0x140228548 GetStartupInfoW
0x140228550 IsDebuggerPresent
0x140228558 CreateEventW
0x140228560 ResetEvent
0x140228568 SetEvent
0x140228570 InitializeCriticalSectionAndSpinCount
0x140228578 IsProcessorFeaturePresent
0x140228580 SetUnhandledExceptionFilter
0x140228588 UnhandledExceptionFilter
0x140228590 RtlVirtualUnwind
0x140228598 RtlLookupFunctionEntry
0x1402285a0 RtlCaptureContext
0x1402285a8 K32GetModuleBaseNameW
0x1402285b0 Process32NextW
0x1402285b8 GetLastError
0x1402285c0 Sleep
0x1402285c8 CreateToolhelp32Snapshot
0x1402285d0 OpenProcess
0x1402285d8 CreateFileW
0x1402285e0 FindClose
0x1402285e8 TerminateProcess
0x1402285f0 DeviceIoControl
0x1402285f8 lstrlenW
0x140228600 GetCurrentProcess
0x140228608 FindNextFileW
0x140228610 GetFullPathNameW
0x140228618 FindFirstFileExW
0x140228620 GetFileSizeEx
0x140228628 CreateDirectoryW
0x140228630 InitializeSListHead
0x140228638 GetStringTypeW
0x140228640 GetCPInfo
0x140228648 CompareStringEx
0x140228650 FlsFree
0x140228658 FlsSetValue
0x140228660 FlsGetValue
0x140228668 FlsAlloc
0x140228670 LCMapStringEx
0x140228678 DecodePointer
0x140228680 EncodePointer
0x140228688 GetLocaleInfoEx
0x140228690 GetCurrentDirectoryW
0x140228698 GetFileInformationByHandle
0x1402286a0 GetFinalPathNameByHandleW
0x1402286a8 CopyFileW
0x1402286b0 GetFileInformationByHandleEx
0x1402286b8 GetExitCodeThread
USER32.dll
0x1402286f0 ShowWindow
0x1402286f8 GetSystemMetrics
0x140228700 CallNextHookEx
0x140228708 CharUpperW
0x140228710 GetMessageW
0x140228718 DispatchMessageW
0x140228720 UnhookWindowsHookEx
0x140228728 SetWindowsHookExW
0x140228730 TranslateMessage
ADVAPI32.dll
0x140228000 CryptImportKey
0x140228008 RegEnumKeyExA
0x140228010 RegOpenKeyExA
0x140228018 RegSetValueExW
0x140228020 RegCreateKeyExW
0x140228028 GetUserNameA
0x140228030 RegQueryValueExA
0x140228038 RegCloseKey
0x140228040 GetSecurityInfo
0x140228048 CryptAcquireContextA
0x140228050 CryptReleaseContext
0x140228058 CryptGetHashParam
0x140228060 CryptCreateHash
0x140228068 CryptHashData
0x140228070 CryptDestroyHash
0x140228078 CryptEncrypt
0x140228080 CryptDestroyKey
SHELL32.dll
0x1402286e0 SHGetKnownFolderPath
ole32.dll
0x140228960 CoTaskMemFree
WS2_32.dll
0x1402287d8 getpeername
0x1402287e0 ioctlsocket
0x1402287e8 recvfrom
0x1402287f0 freeaddrinfo
0x1402287f8 getaddrinfo
0x140228800 recv
0x140228808 htons
0x140228810 gethostname
0x140228818 getsockname
0x140228820 connect
0x140228828 ind
0x140228830 accept
0x140228838 select
0x140228840 __WSAFDIsSet
0x140228848 socket
0x140228850 WSAIoctl
0x140228858 setsockopt
0x140228860 WSACleanup
0x140228868 WSAStartup
0x140228870 WSASetLastError
0x140228878 ntohs
0x140228880 WSAGetLastError
0x140228888 closesocket
0x140228890 WSAWaitForMultipleEvents
0x140228898 WSAResetEvent
0x1402288a0 WSAEventSelect
0x1402288a8 WSAEnumNetworkEvents
0x1402288b0 WSACreateEvent
0x1402288b8 WSACloseEvent
0x1402288c0 send
0x1402288c8 getsockopt
0x1402288d0 htonl
0x1402288d8 sendto
0x1402288e0 listen
CRYPT32.dll
0x140228090 CertOpenStore
0x140228098 CertCloseStore
0x1402280a0 CertEnumCertificatesInStore
0x1402280a8 CertFindCertificateInStore
0x1402280b0 CertFreeCertificateContext
0x1402280b8 CryptStringToBinaryA
0x1402280c0 PFXImportCertStore
0x1402280c8 CryptDecodeObjectEx
0x1402280d0 CertAddCertificateContextToStore
0x1402280d8 CertFindExtension
0x1402280e0 CertGetNameStringA
0x1402280e8 CryptQueryObject
0x1402280f0 CertCreateCertificateChainEngine
0x1402280f8 CertFreeCertificateChainEngine
0x140228100 CertGetCertificateChain
0x140228108 CertFreeCertificateChain
WLDAP32.dll
0x140228740 None
0x140228748 None
0x140228750 None
0x140228758 None
0x140228760 None
0x140228768 None
0x140228770 None
0x140228778 None
0x140228780 None
0x140228788 None
0x140228790 None
0x140228798 None
0x1402287a0 None
0x1402287a8 None
0x1402287b0 None
0x1402287b8 None
0x1402287c0 None
0x1402287c8 None
Normaliz.dll
0x1402286c8 IdnToAscii
0x1402286d0 IdnToUnicode
crypt.dll
0x1402288f0 BCryptDeriveKeyPBKDF2
0x1402288f8 BCryptEncrypt
0x140228900 BCryptOpenAlgorithmProvider
0x140228908 BCryptGetProperty
0x140228910 BCryptSetProperty
0x140228918 BCryptCloseAlgorithmProvider
0x140228920 BCryptGenerateSymmetricKey
0x140228928 BCryptDestroyHash
0x140228930 BCryptDestroyKey
0x140228938 BCryptCreateHash
0x140228940 BCryptHashData
0x140228948 BCryptFinishHash
0x140228950 BCryptGenRandom
EAT(Export Address Table) is none
KERNEL32.dll
0x140228118 GetStdHandle
0x140228120 GetEnvironmentVariableA
0x140228128 MultiByteToWideChar
0x140228130 GetConsoleMode
0x140228138 ReadConsoleW
0x140228140 WriteConsoleW
0x140228148 SystemTimeToFileTime
0x140228150 GetFileType
0x140228158 GetSystemTime
0x140228160 AreFileApisANSI
0x140228168 ReadFile
0x140228170 TryEnterCriticalSection
0x140228178 HeapCreate
0x140228180 HeapFree
0x140228188 EnterCriticalSection
0x140228190 WriteFile
0x140228198 GetDiskFreeSpaceW
0x1402281a0 OutputDebugStringA
0x1402281a8 LockFile
0x1402281b0 LeaveCriticalSection
0x1402281b8 InitializeCriticalSection
0x1402281c0 SetFilePointer
0x1402281c8 GetFullPathNameA
0x1402281d0 SetEndOfFile
0x1402281d8 UnlockFileEx
0x1402281e0 GetTempPathW
0x1402281e8 CreateMutexW
0x1402281f0 WaitForSingleObject
0x1402281f8 GetFileAttributesW
0x140228200 GetCurrentThreadId
0x140228208 UnmapViewOfFile
0x140228210 HeapValidate
0x140228218 HeapSize
0x140228220 GetTempPathA
0x140228228 FormatMessageW
0x140228230 GetDiskFreeSpaceA
0x140228238 GetFileAttributesA
0x140228240 GetFileAttributesExW
0x140228248 OutputDebugStringW
0x140228250 FlushViewOfFile
0x140228258 CreateFileA
0x140228260 LoadLibraryA
0x140228268 WaitForSingleObjectEx
0x140228270 DeleteFileA
0x140228278 DeleteFileW
0x140228280 HeapReAlloc
0x140228288 RaiseException
0x140228290 HeapAlloc
0x140228298 HeapCompact
0x1402282a0 HeapDestroy
0x1402282a8 UnlockFile
0x1402282b0 LockFileEx
0x1402282b8 GetFileSize
0x1402282c0 DeleteCriticalSection
0x1402282c8 GetProcessHeap
0x1402282d0 GetSystemTimeAsFileTime
0x1402282d8 FormatMessageA
0x1402282e0 CreateFileMappingW
0x1402282e8 MapViewOfFile
0x1402282f0 QueryPerformanceCounter
0x1402282f8 GetTickCount
0x140228300 FlushFileBuffers
0x140228308 MoveFileExW
0x140228310 SetFileAttributesW
0x140228318 GetFileTime
0x140228320 SetFilePointerEx
0x140228328 ReleaseSRWLockExclusive
0x140228330 AcquireSRWLockExclusive
0x140228338 SetLastError
0x140228340 InitializeCriticalSectionEx
0x140228348 QueryPerformanceFrequency
0x140228350 GetSystemDirectoryA
0x140228358 GetModuleHandleA
0x140228360 MoveFileExA
0x140228368 PeekNamedPipe
0x140228370 WaitForMultipleObjects
0x140228378 SleepEx
0x140228380 FreeEnvironmentStringsW
0x140228388 GetEnvironmentStringsW
0x140228390 GetOEMCP
0x140228398 GetACP
0x1402283a0 IsValidCodePage
0x1402283a8 GetTimeZoneInformation
0x1402283b0 GetExitCodeProcess
0x1402283b8 EnumSystemLocalesW
0x1402283c0 GetUserDefaultLCID
0x1402283c8 IsValidLocale
0x1402283d0 GetLocaleInfoW
0x1402283d8 LCMapStringW
0x1402283e0 FindFirstFileW
0x1402283e8 GetComputerNameA
0x1402283f0 QueryFullProcessImageNameW
0x1402283f8 VerifyVersionInfoW
0x140228400 GetConsoleWindow
0x140228408 WideCharToMultiByte
0x140228410 FreeLibrary
0x140228418 GetModuleHandleW
0x140228420 GlobalMemoryStatusEx
0x140228428 GetCurrentProcessId
0x140228430 VerSetConditionMask
0x140228438 ExitProcess
0x140228440 LocalFree
0x140228448 GetProcAddress
0x140228450 K32EnumProcesses
0x140228458 LoadLibraryW
0x140228460 GetSystemInfo
0x140228468 CloseHandle
0x140228470 Process32FirstW
0x140228478 CompareStringW
0x140228480 GetTimeFormatW
0x140228488 GetDateFormatW
0x140228490 GetConsoleOutputCP
0x140228498 GetModuleFileNameW
0x1402284a0 CreateProcessW
0x1402284a8 SetStdHandle
0x1402284b0 GetCommandLineW
0x1402284b8 GetCommandLineA
0x1402284c0 FileTimeToSystemTime
0x1402284c8 SystemTimeToTzSpecificLocalTime
0x1402284d0 GetDriveTypeW
0x1402284d8 GetModuleHandleExW
0x1402284e0 FreeLibraryAndExitThread
0x1402284e8 ExitThread
0x1402284f0 CreateThread
0x1402284f8 RtlUnwind
0x140228500 LoadLibraryExW
0x140228508 TlsFree
0x140228510 TlsSetValue
0x140228518 SetEnvironmentVariableW
0x140228520 TlsGetValue
0x140228528 TlsAlloc
0x140228530 RtlPcToFileHeader
0x140228538 InterlockedPushEntrySList
0x140228540 RtlUnwindEx
0x140228548 GetStartupInfoW
0x140228550 IsDebuggerPresent
0x140228558 CreateEventW
0x140228560 ResetEvent
0x140228568 SetEvent
0x140228570 InitializeCriticalSectionAndSpinCount
0x140228578 IsProcessorFeaturePresent
0x140228580 SetUnhandledExceptionFilter
0x140228588 UnhandledExceptionFilter
0x140228590 RtlVirtualUnwind
0x140228598 RtlLookupFunctionEntry
0x1402285a0 RtlCaptureContext
0x1402285a8 K32GetModuleBaseNameW
0x1402285b0 Process32NextW
0x1402285b8 GetLastError
0x1402285c0 Sleep
0x1402285c8 CreateToolhelp32Snapshot
0x1402285d0 OpenProcess
0x1402285d8 CreateFileW
0x1402285e0 FindClose
0x1402285e8 TerminateProcess
0x1402285f0 DeviceIoControl
0x1402285f8 lstrlenW
0x140228600 GetCurrentProcess
0x140228608 FindNextFileW
0x140228610 GetFullPathNameW
0x140228618 FindFirstFileExW
0x140228620 GetFileSizeEx
0x140228628 CreateDirectoryW
0x140228630 InitializeSListHead
0x140228638 GetStringTypeW
0x140228640 GetCPInfo
0x140228648 CompareStringEx
0x140228650 FlsFree
0x140228658 FlsSetValue
0x140228660 FlsGetValue
0x140228668 FlsAlloc
0x140228670 LCMapStringEx
0x140228678 DecodePointer
0x140228680 EncodePointer
0x140228688 GetLocaleInfoEx
0x140228690 GetCurrentDirectoryW
0x140228698 GetFileInformationByHandle
0x1402286a0 GetFinalPathNameByHandleW
0x1402286a8 CopyFileW
0x1402286b0 GetFileInformationByHandleEx
0x1402286b8 GetExitCodeThread
USER32.dll
0x1402286f0 ShowWindow
0x1402286f8 GetSystemMetrics
0x140228700 CallNextHookEx
0x140228708 CharUpperW
0x140228710 GetMessageW
0x140228718 DispatchMessageW
0x140228720 UnhookWindowsHookEx
0x140228728 SetWindowsHookExW
0x140228730 TranslateMessage
ADVAPI32.dll
0x140228000 CryptImportKey
0x140228008 RegEnumKeyExA
0x140228010 RegOpenKeyExA
0x140228018 RegSetValueExW
0x140228020 RegCreateKeyExW
0x140228028 GetUserNameA
0x140228030 RegQueryValueExA
0x140228038 RegCloseKey
0x140228040 GetSecurityInfo
0x140228048 CryptAcquireContextA
0x140228050 CryptReleaseContext
0x140228058 CryptGetHashParam
0x140228060 CryptCreateHash
0x140228068 CryptHashData
0x140228070 CryptDestroyHash
0x140228078 CryptEncrypt
0x140228080 CryptDestroyKey
SHELL32.dll
0x1402286e0 SHGetKnownFolderPath
ole32.dll
0x140228960 CoTaskMemFree
WS2_32.dll
0x1402287d8 getpeername
0x1402287e0 ioctlsocket
0x1402287e8 recvfrom
0x1402287f0 freeaddrinfo
0x1402287f8 getaddrinfo
0x140228800 recv
0x140228808 htons
0x140228810 gethostname
0x140228818 getsockname
0x140228820 connect
0x140228828 ind
0x140228830 accept
0x140228838 select
0x140228840 __WSAFDIsSet
0x140228848 socket
0x140228850 WSAIoctl
0x140228858 setsockopt
0x140228860 WSACleanup
0x140228868 WSAStartup
0x140228870 WSASetLastError
0x140228878 ntohs
0x140228880 WSAGetLastError
0x140228888 closesocket
0x140228890 WSAWaitForMultipleEvents
0x140228898 WSAResetEvent
0x1402288a0 WSAEventSelect
0x1402288a8 WSAEnumNetworkEvents
0x1402288b0 WSACreateEvent
0x1402288b8 WSACloseEvent
0x1402288c0 send
0x1402288c8 getsockopt
0x1402288d0 htonl
0x1402288d8 sendto
0x1402288e0 listen
CRYPT32.dll
0x140228090 CertOpenStore
0x140228098 CertCloseStore
0x1402280a0 CertEnumCertificatesInStore
0x1402280a8 CertFindCertificateInStore
0x1402280b0 CertFreeCertificateContext
0x1402280b8 CryptStringToBinaryA
0x1402280c0 PFXImportCertStore
0x1402280c8 CryptDecodeObjectEx
0x1402280d0 CertAddCertificateContextToStore
0x1402280d8 CertFindExtension
0x1402280e0 CertGetNameStringA
0x1402280e8 CryptQueryObject
0x1402280f0 CertCreateCertificateChainEngine
0x1402280f8 CertFreeCertificateChainEngine
0x140228100 CertGetCertificateChain
0x140228108 CertFreeCertificateChain
WLDAP32.dll
0x140228740 None
0x140228748 None
0x140228750 None
0x140228758 None
0x140228760 None
0x140228768 None
0x140228770 None
0x140228778 None
0x140228780 None
0x140228788 None
0x140228790 None
0x140228798 None
0x1402287a0 None
0x1402287a8 None
0x1402287b0 None
0x1402287b8 None
0x1402287c0 None
0x1402287c8 None
Normaliz.dll
0x1402286c8 IdnToAscii
0x1402286d0 IdnToUnicode
crypt.dll
0x1402288f0 BCryptDeriveKeyPBKDF2
0x1402288f8 BCryptEncrypt
0x140228900 BCryptOpenAlgorithmProvider
0x140228908 BCryptGetProperty
0x140228910 BCryptSetProperty
0x140228918 BCryptCloseAlgorithmProvider
0x140228920 BCryptGenerateSymmetricKey
0x140228928 BCryptDestroyHash
0x140228930 BCryptDestroyKey
0x140228938 BCryptCreateHash
0x140228940 BCryptHashData
0x140228948 BCryptFinishHash
0x140228950 BCryptGenRandom
EAT(Export Address Table) is none