ScreenShot
| Created | 2024.02.28 07:58 | Machine | s1_win7_x6401 |
| Filename | cmd.exe | ||
| Type | PE32+ executable (console) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | |||
| md5 | 8a2122e8162dbef04694b9c3e0b6cdee | ||
| sha256 | b99d61d874728edc0918ca0eb10eab93d381e7367e377406e65963366c874450 | ||
| ssdeep | 6144:k4WA1B9BxDfQWKORSqY4zOcmpdlc3gJdmtolSm:H1BhkWvSqY4zvmjOwJIT | ||
| imphash | 272245e2988e1e430500b852c4fb5e18 | ||
| impfuzzy | 192:rl1alBlvoKpXlqYHBf2xMx4PbXCOm3kC8cfsIBCFM32D:R1alXvoKpXlqYHBf2tCOm3kC8MsIBCFn | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
msvcrt.dll
0x140033af8 _setmode
0x140033b00 exit
0x140033b08 iswxdigit
0x140033b10 time
0x140033b18 srand
0x140033b20 _wtol
0x140033b28 fflush
0x140033b30 wcsstr
0x140033b38 iswalpha
0x140033b40 wcstoul
0x140033b48 _errno
0x140033b50 printf
0x140033b58 rand
0x140033b60 fprintf
0x140033b68 wcsncmp
0x140033b70 _pipe
0x140033b78 _commode
0x140033b80 _lock
0x140033b88 wcsrchr
0x140033b90 realloc
0x140033b98 towlower
0x140033ba0 _initterm
0x140033ba8 __setusermatherr
0x140033bb0 setlocale
0x140033bb8 _wcsupr
0x140033bc0 iswdigit
0x140033bc8 _ultoa
0x140033bd0 _cexit
0x140033bd8 _unlock
0x140033be0 _exit
0x140033be8 __dllonexit
0x140033bf0 _wcsicmp
0x140033bf8 iswspace
0x140033c00 wcschr
0x140033c08 fgets
0x140033c10 ??_V@YAXPEAX@Z
0x140033c18 _pclose
0x140033c20 ferror
0x140033c28 _onexit
0x140033c30 __CxxFrameHandler3
0x140033c38 _open_osfhandle
0x140033c40 _close
0x140033c48 feof
0x140033c50 _dup
0x140033c58 _wpopen
0x140033c60 _wcsnicmp
0x140033c68 ?terminate@@YAXXZ
0x140033c70 memset
0x140033c78 wcstol
0x140033c80 _get_osfhandle
0x140033c88 _dup2
0x140033c90 _getch
0x140033c98 towupper
0x140033ca0 memcmp
0x140033ca8 _setjmp
0x140033cb0 wcsspn
0x140033cb8 _fmode
0x140033cc0 qsort
0x140033cc8 __set_app_type
0x140033cd0 _tell
0x140033cd8 _wcslwr
0x140033ce0 longjmp
0x140033ce8 _local_unwind
0x140033cf0 _purecall
0x140033cf8 __C_specific_handler
0x140033d00 ??3@YAXPEAX@Z
0x140033d08 memcpy_s
0x140033d10 free
0x140033d18 calloc
0x140033d20 __getmainargs
0x140033d28 _XcptFilter
0x140033d30 _amsg_exit
0x140033d38 ??1type_info@@UEAA@XZ
0x140033d40 memmove
0x140033d48 memcpy
0x140033d50 _CxxThrowException
0x140033d58 _vsnwprintf
0x140033d60 swscanf
0x140033d68 __iob_func
0x140033d70 malloc
0x140033d78 _callnewh
0x140033d80 ??0exception@@QEAA@AEBQEBD@Z
0x140033d88 ??0exception@@QEAA@AEBQEBDH@Z
0x140033d90 ??0exception@@QEAA@AEBV0@@Z
0x140033d98 ??1exception@@UEAA@XZ
0x140033da0 ?what@exception@@UEBAPEBDXZ
0x140033da8 wcscmp
ntdll.dll
0x140033db8 RtlLookupFunctionEntry
0x140033dc0 RtlCaptureContext
0x140033dc8 NtOpenProcessToken
0x140033dd0 NtQueryInformationToken
0x140033dd8 NtClose
0x140033de0 NtOpenThreadToken
0x140033de8 RtlFreeHeap
0x140033df0 NtFsControlFile
0x140033df8 RtlDosPathNameToNtPathName_U
0x140033e00 RtlVirtualUnwind
0x140033e08 RtlFreeUnicodeString
0x140033e10 RtlReleaseRelativeName
0x140033e18 NtOpenFile
0x140033e20 RtlDosPathNameToRelativeNtPathName_U_WithStatus
0x140033e28 NtSetInformationFile
0x140033e30 NtQueryVolumeInformationFile
0x140033e38 NtSetInformationProcess
0x140033e40 NtQueryInformationProcess
0x140033e48 RtlNtStatusToDosError
0x140033e50 NtCancelSynchronousIoFile
0x140033e58 RtlCreateUnicodeStringFromAsciiz
0x140033e60 RtlFindLeastSignificantBit
api-ms-win-core-kernel32-legacy-l1-1-0.dll
0x140033788 CopyFileW
0x140033790 GetConsoleWindow
api-ms-win-core-libraryloader-l1-2-0.dll
0x1400337a0 GetModuleHandleW
0x1400337a8 GetModuleFileNameA
0x1400337b0 LoadLibraryExW
0x1400337b8 GetProcAddress
0x1400337c0 GetModuleFileNameW
0x1400337c8 GetModuleHandleExW
api-ms-win-core-synch-l1-1-0.dll
0x1400339c8 CreateSemaphoreExW
0x1400339d0 InitializeCriticalSection
0x1400339d8 WaitForSingleObject
0x1400339e0 ReleaseSemaphore
0x1400339e8 TryAcquireSRWLockExclusive
0x1400339f0 WaitForSingleObjectEx
0x1400339f8 ReleaseMutex
0x140033a00 ReleaseSRWLockShared
0x140033a08 AcquireSRWLockShared
0x140033a10 LeaveCriticalSection
0x140033a18 CreateMutexExW
0x140033a20 EnterCriticalSection
0x140033a28 ReleaseSRWLockExclusive
0x140033a30 OpenSemaphoreW
api-ms-win-core-heap-l1-1-0.dll
0x140033720 HeapFree
0x140033728 HeapAlloc
0x140033730 GetProcessHeap
0x140033738 HeapSetInformation
0x140033740 HeapReAlloc
0x140033748 HeapSize
api-ms-win-core-errorhandling-l1-1-0.dll
0x1400335c8 SetLastError
0x1400335d0 UnhandledExceptionFilter
0x1400335d8 GetLastError
0x1400335e0 SetErrorMode
0x1400335e8 SetUnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-0.dll
0x1400338b0 InitializeProcThreadAttributeList
0x1400338b8 GetCurrentThreadId
0x1400338c0 UpdateProcThreadAttribute
0x1400338c8 DeleteProcThreadAttributeList
0x1400338d0 GetStartupInfoW
0x1400338d8 CreateProcessAsUserW
0x1400338e0 OpenThread
0x1400338e8 CreateProcessW
0x1400338f0 ResumeThread
0x1400338f8 TerminateProcess
0x140033900 GetExitCodeProcess
0x140033908 GetCurrentProcess
0x140033910 GetCurrentProcessId
api-ms-win-core-localization-l1-2-0.dll
0x1400337d8 GetThreadLocale
0x1400337e0 SetThreadLocale
0x1400337e8 FormatMessageW
0x1400337f0 GetLocaleInfoW
0x1400337f8 GetCPInfo
0x140033800 GetACP
0x140033808 GetUserDefaultLCID
api-ms-win-core-debug-l1-1-0.dll
0x140033588 OutputDebugStringW
0x140033590 DebugBreak
0x140033598 IsDebuggerPresent
api-ms-win-core-handle-l1-1-0.dll
0x140033708 DuplicateHandle
0x140033710 CloseHandle
api-ms-win-core-memory-l1-1-0.dll
0x140033818 VirtualAlloc
0x140033820 VirtualQuery
0x140033828 VirtualFree
0x140033830 ReadProcessMemory
api-ms-win-core-console-l1-1-0.dll
0x1400334e0 ReadConsoleW
0x1400334e8 SetConsoleCtrlHandler
0x1400334f0 SetConsoleMode
0x1400334f8 WriteConsoleW
0x140033500 GetConsoleMode
0x140033508 GetConsoleOutputCP
api-ms-win-core-file-l1-1-0.dll
0x1400335f8 CreateFileW
0x140033600 FlushFileBuffers
0x140033608 GetFileAttributesExW
0x140033610 GetDriveTypeW
0x140033618 FindClose
0x140033620 FindNextFileW
0x140033628 CreateDirectoryW
0x140033630 GetVolumeInformationW
0x140033638 SetFileAttributesW
0x140033640 SetEndOfFile
0x140033648 SetFilePointerEx
0x140033650 WriteFile
0x140033658 DeleteFileW
0x140033660 SetFileTime
0x140033668 GetVolumePathNameW
0x140033670 SetFilePointer
0x140033678 ReadFile
0x140033680 GetFileAttributesW
0x140033688 GetFileType
0x140033690 RemoveDirectoryW
0x140033698 FindFirstFileExW
0x1400336a0 CompareFileTime
0x1400336a8 GetFullPathNameW
0x1400336b0 GetDiskFreeSpaceExW
0x1400336b8 FileTimeToLocalFileTime
0x1400336c0 GetFileSize
0x1400336c8 FindFirstFileW
api-ms-win-core-string-l1-1-0.dll
0x140033998 WideCharToMultiByte
0x1400339a0 MultiByteToWideChar
api-ms-win-core-processenvironment-l1-1-0.dll
0x140033840 GetCommandLineW
0x140033848 GetEnvironmentStringsW
0x140033850 ExpandEnvironmentStringsW
0x140033858 FreeEnvironmentStringsW
0x140033860 SetEnvironmentVariableW
0x140033868 SearchPathW
0x140033870 SetCurrentDirectoryW
0x140033878 GetCurrentDirectoryW
0x140033880 GetEnvironmentVariableW
0x140033888 SetEnvironmentStringsW
0x140033890 GetStdHandle
api-ms-win-core-console-l2-1-0.dll
0x140033518 SetConsoleCursorPosition
0x140033520 GetConsoleScreenBufferInfo
0x140033528 ScrollConsoleScreenBufferW
0x140033530 FillConsoleOutputAttribute
0x140033538 FillConsoleOutputCharacterW
0x140033540 FlushConsoleInputBuffer
0x140033548 SetConsoleTextAttribute
api-ms-win-security-base-l1-1-0.dll
0x140033ad8 GetFileSecurityW
0x140033ae0 RevertToSelf
0x140033ae8 GetSecurityDescriptorOwner
api-ms-win-core-sysinfo-l1-1-0.dll
0x140033a50 GetSystemTime
0x140033a58 SetLocalTime
0x140033a60 GetSystemTimeAsFileTime
0x140033a68 GetTickCount
0x140033a70 GetWindowsDirectoryW
0x140033a78 GetLocalTime
0x140033a80 GetVersion
api-ms-win-core-timezone-l1-1-0.dll
0x140033aa8 SystemTimeToFileTime
0x140033ab0 FileTimeToSystemTime
api-ms-win-core-datetime-l1-1-0.dll
0x140033570 GetDateFormatW
0x140033578 GetTimeFormatW
api-ms-win-core-systemtopology-l1-1-0.dll
0x140033a90 GetNumaNodeProcessorMaskEx
0x140033a98 GetNumaHighestNodeNumber
api-ms-win-core-console-l2-2-0.dll
0x140033558 SetConsoleTitleW
0x140033560 GetConsoleTitleW
api-ms-win-core-processenvironment-l1-2-0.dll
0x1400338a0 NeedCurrentDirectoryForExePathW
api-ms-win-core-registry-l1-1-0.dll
0x140033950 RegCloseKey
0x140033958 RegSetValueExW
0x140033960 RegOpenKeyExW
0x140033968 RegCreateKeyExW
0x140033970 RegEnumKeyExW
0x140033978 RegDeleteKeyExW
0x140033980 RegDeleteValueW
0x140033988 RegQueryValueExW
api-ms-win-core-file-l2-1-0.dll
0x1400336d8 MoveFileExW
0x1400336e0 CreateSymbolicLinkW
0x1400336e8 CreateHardLinkW
0x1400336f0 MoveFileWithProgressW
0x1400336f8 GetFileInformationByHandleEx
api-ms-win-core-heap-l2-1-0.dll
0x140033758 GlobalAlloc
0x140033760 GlobalFree
0x140033768 LocalFree
api-ms-win-core-io-l1-1-0.dll
0x140033778 DeviceIoControl
api-ms-win-core-winrt-l1-1-0.dll
0x140033ac0 RoInitialize
0x140033ac8 RoUninitialize
api-ms-win-core-processtopology-l1-1-0.dll
0x140033920 GetThreadGroupAffinity
api-ms-win-core-synch-l1-2-0.dll
0x140033a40 Sleep
api-ms-win-core-profile-l1-1-0.dll
0x140033940 QueryPerformanceCounter
api-ms-win-core-string-obsolete-l1-1-0.dll
0x1400339b0 lstrcmpW
0x1400339b8 lstrcmpiW
api-ms-win-core-processtopology-obsolete-l1-1-0.dll
0x140033930 SetProcessAffinityMask
api-ms-win-core-apiquery-l1-1-0.dll
0x1400334d0 ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1.dll
0x1400335b8 ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0.dll
0x1400335a8 DelayLoadFailureHook
EAT(Export Address Table) is none
msvcrt.dll
0x140033af8 _setmode
0x140033b00 exit
0x140033b08 iswxdigit
0x140033b10 time
0x140033b18 srand
0x140033b20 _wtol
0x140033b28 fflush
0x140033b30 wcsstr
0x140033b38 iswalpha
0x140033b40 wcstoul
0x140033b48 _errno
0x140033b50 printf
0x140033b58 rand
0x140033b60 fprintf
0x140033b68 wcsncmp
0x140033b70 _pipe
0x140033b78 _commode
0x140033b80 _lock
0x140033b88 wcsrchr
0x140033b90 realloc
0x140033b98 towlower
0x140033ba0 _initterm
0x140033ba8 __setusermatherr
0x140033bb0 setlocale
0x140033bb8 _wcsupr
0x140033bc0 iswdigit
0x140033bc8 _ultoa
0x140033bd0 _cexit
0x140033bd8 _unlock
0x140033be0 _exit
0x140033be8 __dllonexit
0x140033bf0 _wcsicmp
0x140033bf8 iswspace
0x140033c00 wcschr
0x140033c08 fgets
0x140033c10 ??_V@YAXPEAX@Z
0x140033c18 _pclose
0x140033c20 ferror
0x140033c28 _onexit
0x140033c30 __CxxFrameHandler3
0x140033c38 _open_osfhandle
0x140033c40 _close
0x140033c48 feof
0x140033c50 _dup
0x140033c58 _wpopen
0x140033c60 _wcsnicmp
0x140033c68 ?terminate@@YAXXZ
0x140033c70 memset
0x140033c78 wcstol
0x140033c80 _get_osfhandle
0x140033c88 _dup2
0x140033c90 _getch
0x140033c98 towupper
0x140033ca0 memcmp
0x140033ca8 _setjmp
0x140033cb0 wcsspn
0x140033cb8 _fmode
0x140033cc0 qsort
0x140033cc8 __set_app_type
0x140033cd0 _tell
0x140033cd8 _wcslwr
0x140033ce0 longjmp
0x140033ce8 _local_unwind
0x140033cf0 _purecall
0x140033cf8 __C_specific_handler
0x140033d00 ??3@YAXPEAX@Z
0x140033d08 memcpy_s
0x140033d10 free
0x140033d18 calloc
0x140033d20 __getmainargs
0x140033d28 _XcptFilter
0x140033d30 _amsg_exit
0x140033d38 ??1type_info@@UEAA@XZ
0x140033d40 memmove
0x140033d48 memcpy
0x140033d50 _CxxThrowException
0x140033d58 _vsnwprintf
0x140033d60 swscanf
0x140033d68 __iob_func
0x140033d70 malloc
0x140033d78 _callnewh
0x140033d80 ??0exception@@QEAA@AEBQEBD@Z
0x140033d88 ??0exception@@QEAA@AEBQEBDH@Z
0x140033d90 ??0exception@@QEAA@AEBV0@@Z
0x140033d98 ??1exception@@UEAA@XZ
0x140033da0 ?what@exception@@UEBAPEBDXZ
0x140033da8 wcscmp
ntdll.dll
0x140033db8 RtlLookupFunctionEntry
0x140033dc0 RtlCaptureContext
0x140033dc8 NtOpenProcessToken
0x140033dd0 NtQueryInformationToken
0x140033dd8 NtClose
0x140033de0 NtOpenThreadToken
0x140033de8 RtlFreeHeap
0x140033df0 NtFsControlFile
0x140033df8 RtlDosPathNameToNtPathName_U
0x140033e00 RtlVirtualUnwind
0x140033e08 RtlFreeUnicodeString
0x140033e10 RtlReleaseRelativeName
0x140033e18 NtOpenFile
0x140033e20 RtlDosPathNameToRelativeNtPathName_U_WithStatus
0x140033e28 NtSetInformationFile
0x140033e30 NtQueryVolumeInformationFile
0x140033e38 NtSetInformationProcess
0x140033e40 NtQueryInformationProcess
0x140033e48 RtlNtStatusToDosError
0x140033e50 NtCancelSynchronousIoFile
0x140033e58 RtlCreateUnicodeStringFromAsciiz
0x140033e60 RtlFindLeastSignificantBit
api-ms-win-core-kernel32-legacy-l1-1-0.dll
0x140033788 CopyFileW
0x140033790 GetConsoleWindow
api-ms-win-core-libraryloader-l1-2-0.dll
0x1400337a0 GetModuleHandleW
0x1400337a8 GetModuleFileNameA
0x1400337b0 LoadLibraryExW
0x1400337b8 GetProcAddress
0x1400337c0 GetModuleFileNameW
0x1400337c8 GetModuleHandleExW
api-ms-win-core-synch-l1-1-0.dll
0x1400339c8 CreateSemaphoreExW
0x1400339d0 InitializeCriticalSection
0x1400339d8 WaitForSingleObject
0x1400339e0 ReleaseSemaphore
0x1400339e8 TryAcquireSRWLockExclusive
0x1400339f0 WaitForSingleObjectEx
0x1400339f8 ReleaseMutex
0x140033a00 ReleaseSRWLockShared
0x140033a08 AcquireSRWLockShared
0x140033a10 LeaveCriticalSection
0x140033a18 CreateMutexExW
0x140033a20 EnterCriticalSection
0x140033a28 ReleaseSRWLockExclusive
0x140033a30 OpenSemaphoreW
api-ms-win-core-heap-l1-1-0.dll
0x140033720 HeapFree
0x140033728 HeapAlloc
0x140033730 GetProcessHeap
0x140033738 HeapSetInformation
0x140033740 HeapReAlloc
0x140033748 HeapSize
api-ms-win-core-errorhandling-l1-1-0.dll
0x1400335c8 SetLastError
0x1400335d0 UnhandledExceptionFilter
0x1400335d8 GetLastError
0x1400335e0 SetErrorMode
0x1400335e8 SetUnhandledExceptionFilter
api-ms-win-core-processthreads-l1-1-0.dll
0x1400338b0 InitializeProcThreadAttributeList
0x1400338b8 GetCurrentThreadId
0x1400338c0 UpdateProcThreadAttribute
0x1400338c8 DeleteProcThreadAttributeList
0x1400338d0 GetStartupInfoW
0x1400338d8 CreateProcessAsUserW
0x1400338e0 OpenThread
0x1400338e8 CreateProcessW
0x1400338f0 ResumeThread
0x1400338f8 TerminateProcess
0x140033900 GetExitCodeProcess
0x140033908 GetCurrentProcess
0x140033910 GetCurrentProcessId
api-ms-win-core-localization-l1-2-0.dll
0x1400337d8 GetThreadLocale
0x1400337e0 SetThreadLocale
0x1400337e8 FormatMessageW
0x1400337f0 GetLocaleInfoW
0x1400337f8 GetCPInfo
0x140033800 GetACP
0x140033808 GetUserDefaultLCID
api-ms-win-core-debug-l1-1-0.dll
0x140033588 OutputDebugStringW
0x140033590 DebugBreak
0x140033598 IsDebuggerPresent
api-ms-win-core-handle-l1-1-0.dll
0x140033708 DuplicateHandle
0x140033710 CloseHandle
api-ms-win-core-memory-l1-1-0.dll
0x140033818 VirtualAlloc
0x140033820 VirtualQuery
0x140033828 VirtualFree
0x140033830 ReadProcessMemory
api-ms-win-core-console-l1-1-0.dll
0x1400334e0 ReadConsoleW
0x1400334e8 SetConsoleCtrlHandler
0x1400334f0 SetConsoleMode
0x1400334f8 WriteConsoleW
0x140033500 GetConsoleMode
0x140033508 GetConsoleOutputCP
api-ms-win-core-file-l1-1-0.dll
0x1400335f8 CreateFileW
0x140033600 FlushFileBuffers
0x140033608 GetFileAttributesExW
0x140033610 GetDriveTypeW
0x140033618 FindClose
0x140033620 FindNextFileW
0x140033628 CreateDirectoryW
0x140033630 GetVolumeInformationW
0x140033638 SetFileAttributesW
0x140033640 SetEndOfFile
0x140033648 SetFilePointerEx
0x140033650 WriteFile
0x140033658 DeleteFileW
0x140033660 SetFileTime
0x140033668 GetVolumePathNameW
0x140033670 SetFilePointer
0x140033678 ReadFile
0x140033680 GetFileAttributesW
0x140033688 GetFileType
0x140033690 RemoveDirectoryW
0x140033698 FindFirstFileExW
0x1400336a0 CompareFileTime
0x1400336a8 GetFullPathNameW
0x1400336b0 GetDiskFreeSpaceExW
0x1400336b8 FileTimeToLocalFileTime
0x1400336c0 GetFileSize
0x1400336c8 FindFirstFileW
api-ms-win-core-string-l1-1-0.dll
0x140033998 WideCharToMultiByte
0x1400339a0 MultiByteToWideChar
api-ms-win-core-processenvironment-l1-1-0.dll
0x140033840 GetCommandLineW
0x140033848 GetEnvironmentStringsW
0x140033850 ExpandEnvironmentStringsW
0x140033858 FreeEnvironmentStringsW
0x140033860 SetEnvironmentVariableW
0x140033868 SearchPathW
0x140033870 SetCurrentDirectoryW
0x140033878 GetCurrentDirectoryW
0x140033880 GetEnvironmentVariableW
0x140033888 SetEnvironmentStringsW
0x140033890 GetStdHandle
api-ms-win-core-console-l2-1-0.dll
0x140033518 SetConsoleCursorPosition
0x140033520 GetConsoleScreenBufferInfo
0x140033528 ScrollConsoleScreenBufferW
0x140033530 FillConsoleOutputAttribute
0x140033538 FillConsoleOutputCharacterW
0x140033540 FlushConsoleInputBuffer
0x140033548 SetConsoleTextAttribute
api-ms-win-security-base-l1-1-0.dll
0x140033ad8 GetFileSecurityW
0x140033ae0 RevertToSelf
0x140033ae8 GetSecurityDescriptorOwner
api-ms-win-core-sysinfo-l1-1-0.dll
0x140033a50 GetSystemTime
0x140033a58 SetLocalTime
0x140033a60 GetSystemTimeAsFileTime
0x140033a68 GetTickCount
0x140033a70 GetWindowsDirectoryW
0x140033a78 GetLocalTime
0x140033a80 GetVersion
api-ms-win-core-timezone-l1-1-0.dll
0x140033aa8 SystemTimeToFileTime
0x140033ab0 FileTimeToSystemTime
api-ms-win-core-datetime-l1-1-0.dll
0x140033570 GetDateFormatW
0x140033578 GetTimeFormatW
api-ms-win-core-systemtopology-l1-1-0.dll
0x140033a90 GetNumaNodeProcessorMaskEx
0x140033a98 GetNumaHighestNodeNumber
api-ms-win-core-console-l2-2-0.dll
0x140033558 SetConsoleTitleW
0x140033560 GetConsoleTitleW
api-ms-win-core-processenvironment-l1-2-0.dll
0x1400338a0 NeedCurrentDirectoryForExePathW
api-ms-win-core-registry-l1-1-0.dll
0x140033950 RegCloseKey
0x140033958 RegSetValueExW
0x140033960 RegOpenKeyExW
0x140033968 RegCreateKeyExW
0x140033970 RegEnumKeyExW
0x140033978 RegDeleteKeyExW
0x140033980 RegDeleteValueW
0x140033988 RegQueryValueExW
api-ms-win-core-file-l2-1-0.dll
0x1400336d8 MoveFileExW
0x1400336e0 CreateSymbolicLinkW
0x1400336e8 CreateHardLinkW
0x1400336f0 MoveFileWithProgressW
0x1400336f8 GetFileInformationByHandleEx
api-ms-win-core-heap-l2-1-0.dll
0x140033758 GlobalAlloc
0x140033760 GlobalFree
0x140033768 LocalFree
api-ms-win-core-io-l1-1-0.dll
0x140033778 DeviceIoControl
api-ms-win-core-winrt-l1-1-0.dll
0x140033ac0 RoInitialize
0x140033ac8 RoUninitialize
api-ms-win-core-processtopology-l1-1-0.dll
0x140033920 GetThreadGroupAffinity
api-ms-win-core-synch-l1-2-0.dll
0x140033a40 Sleep
api-ms-win-core-profile-l1-1-0.dll
0x140033940 QueryPerformanceCounter
api-ms-win-core-string-obsolete-l1-1-0.dll
0x1400339b0 lstrcmpW
0x1400339b8 lstrcmpiW
api-ms-win-core-processtopology-obsolete-l1-1-0.dll
0x140033930 SetProcessAffinityMask
api-ms-win-core-apiquery-l1-1-0.dll
0x1400334d0 ApiSetQueryApiSetPresence
api-ms-win-core-delayload-l1-1-1.dll
0x1400335b8 ResolveDelayLoadedAPI
api-ms-win-core-delayload-l1-1-0.dll
0x1400335a8 DelayLoadFailureHook
EAT(Export Address Table) is none