ScreenShot
| Created | 2024.04.30 07:43 | Machine | s1_win7_x6401 |
| Filename | procexp64.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | |||
| md5 | 7e7eaa8aebc4026be3b56b965b0d8947 | ||
| sha256 | aac11d3ff8661e14a6d7073e44f0d6ccabc436856af5faf10e761c57e8b42f71 | ||
| ssdeep | 24576:qK8dbhH8s48SH3nc3zaBzz1pr+kAUXs8g/xEndP:qj5j/gXYWZz1gXU8rw | ||
| imphash | 5661df91e0adea62bc4b6df68cc4048e | ||
| impfuzzy | 192:fwDsDz7NUDjpuBzzPort3bNGmkylgHr1IUdGNQcVW:fwgquBzzPoBrwmkBRGNQcVW | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (9cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
SHLWAPI.dll
0x1400dbbd8 ColorHLSToRGB
0x1400dbbe0 ColorRGBToHLS
0x1400dbbe8 UrlUnescapeW
0x1400dbbf0 SHAutoComplete
0x1400dbbf8 None
IPHLPAPI.DLL
0x1400db498 GetExtendedTcpTable
0x1400db4a0 GetExtendedUdpTable
WS2_32.dll
0x1400dc1a0 WSAStartup
0x1400dc1a8 ntohs
0x1400dc1b0 htonl
0x1400dc1b8 ntohl
0x1400dc1c0 htons
0x1400dc1c8 gethostbyaddr
0x1400dc1d0 getservbyport
MPR.dll
0x1400dba90 WNetGetConnectionW
COMCTL32.dll
0x1400db288 ImageList_ReplaceIcon
0x1400db290 ImageList_Add
0x1400db298 InitCommonControlsEx
0x1400db2a0 ImageList_Destroy
0x1400db2a8 ImageList_DrawEx
0x1400db2b0 None
0x1400db2b8 PropertySheetW
0x1400db2c0 ImageList_Create
0x1400db2c8 CreateStatusWindowW
0x1400db2d0 CreatePropertySheetPageW
0x1400db2d8 ImageList_GetIcon
0x1400db2e0 None
0x1400db2e8 None
VERSION.dll
0x1400dc118 GetFileVersionInfoSizeW
0x1400dc120 VerQueryValueW
0x1400dc128 GetFileVersionInfoW
credui.dll
0x1400dc218 CredUIPromptForCredentialsW
SETUPAPI.dll
0x1400dbb60 SetupDiGetDeviceInterfaceDetailW
0x1400dbb68 SetupDiEnumDeviceInterfaces
0x1400dbb70 SetupDiDestroyDeviceInfoList
0x1400dbb78 SetupDiGetClassDevsW
CRYPT32.dll
0x1400db338 CryptDecodeObject
0x1400db340 CertDuplicateCertificateContext
0x1400db348 CertGetNameStringW
ACLUI.dll
0x1400db000 None
POWRPROF.dll
0x1400dbb20 SetSuspendState
0x1400dbb28 IsPwrHibernateAllowed
0x1400dbb30 IsPwrSuspendAllowed
WTSAPI32.dll
0x1400dc1e0 WTSFreeMemory
0x1400dc1e8 WTSDisconnectSession
0x1400dc1f0 WTSSendMessageW
0x1400dc1f8 WTSQuerySessionInformationW
0x1400dc200 WTSEnumerateSessionsW
0x1400dc208 WTSLogoffSession
UxTheme.dll
0x1400dc108 EnableThemeDialogTexture
ntdll.dll
0x1400dc228 RtlUnwind
0x1400dc230 NtQueryMutant
0x1400dc238 NtQueryEvent
0x1400dc240 NtQuerySection
0x1400dc248 NtQuerySymbolicLinkObject
0x1400dc250 NtQueryObject
0x1400dc258 NtOpenSymbolicLinkObject
0x1400dc260 NtQuerySystemInformation
0x1400dc268 NtSetInformationProcess
0x1400dc270 NtLoadDriver
0x1400dc278 NtCreateKey
0x1400dc280 NtOpenKey
0x1400dc288 NtResumeThread
0x1400dc290 NtResumeProcess
0x1400dc298 NtOpenThread
0x1400dc2a0 RtlCreateQueryDebugBuffer
0x1400dc2a8 RtlQueryProcessDebugInformation
0x1400dc2b0 RtlDestroyQueryDebugBuffer
0x1400dc2b8 RtlPcToFileHeader
0x1400dc2c0 RtlUnwindEx
0x1400dc2c8 RtlVirtualUnwind
0x1400dc2d0 RtlLookupFunctionEntry
0x1400dc2d8 RtlCaptureContext
0x1400dc2e0 NtQueryInformationThread
0x1400dc2e8 NtQuerySemaphore
0x1400dc2f0 NtSuspendThread
0x1400dc2f8 NtSuspendProcess
0x1400dc300 NtQueryInformationProcess
GDI32.dll
0x1400db358 SelectObject
0x1400db360 SetBkColor
0x1400db368 SetBkMode
0x1400db370 SetTextColor
0x1400db378 GetTextMetricsW
0x1400db380 RectInRegion
0x1400db388 SetMapMode
0x1400db390 StartDocW
0x1400db398 EndDoc
0x1400db3a0 StartPage
0x1400db3a8 EndPage
0x1400db3b0 CreateFontIndirectW
0x1400db3b8 GetTextExtentPoint32W
0x1400db3c0 SetTextAlign
0x1400db3c8 ExtTextOutW
0x1400db3d0 LineTo
0x1400db3d8 Rectangle
0x1400db3e0 RestoreDC
0x1400db3e8 SaveDC
0x1400db3f0 SetROP2
0x1400db3f8 MoveToEx
0x1400db400 CreateBitmap
0x1400db408 SelectClipRgn
0x1400db410 GetStockObject
0x1400db418 GetDeviceCaps
0x1400db420 GetBkMode
0x1400db428 GetBkColor
0x1400db430 DeleteDC
0x1400db438 CreateSolidBrush
0x1400db440 CreateRectRgnIndirect
0x1400db448 CreateRectRgn
0x1400db450 CreatePen
0x1400db458 CreateCompatibleDC
0x1400db460 CreateCompatibleBitmap
0x1400db468 BitBlt
0x1400db470 DeleteObject
0x1400db478 GetObjectW
0x1400db480 CreateDIBSection
0x1400db488 Polyline
COMDLG32.dll
0x1400db2f8 GetSaveFileNameW
0x1400db300 ChooseColorW
0x1400db308 GetOpenFileNameW
0x1400db310 ChooseFontW
0x1400db318 PrintDlgW
0x1400db320 CommDlgExtendedError
0x1400db328 FindTextW
KERNEL32.dll
0x1400db4b0 WriteFile
0x1400db4b8 GetFileTime
0x1400db4c0 CloseHandle
0x1400db4c8 FileTimeToLocalFileTime
0x1400db4d0 FileTimeToSystemTime
0x1400db4d8 FormatMessageA
0x1400db4e0 MapViewOfFile
0x1400db4e8 UnmapViewOfFile
0x1400db4f0 lstrlenW
0x1400db4f8 TlsAlloc
0x1400db500 TlsSetValue
0x1400db508 CreateFileMappingW
0x1400db510 GetModuleFileNameW
0x1400db518 GetModuleHandleW
0x1400db520 CreateProcessW
0x1400db528 SetEnvironmentVariableW
0x1400db530 ExpandEnvironmentStringsW
0x1400db538 GetSystemWindowsDirectoryW
0x1400db540 GetSystemWow64DirectoryW
0x1400db548 GetFullPathNameW
0x1400db550 InitializeSListHead
0x1400db558 IsWow64Process
0x1400db560 GetLocaleInfoW
0x1400db568 GetTimeFormatW
0x1400db570 GetDateFormatW
0x1400db578 GetNumberFormatW
0x1400db580 CreateToolhelp32Snapshot
0x1400db588 Process32FirstW
0x1400db590 Process32NextW
0x1400db598 GetFileAttributesW
0x1400db5a0 FindFirstFileW
0x1400db5a8 GetPrivateProfileStringW
0x1400db5b0 FreeLibrary
0x1400db5b8 LoadLibraryExW
0x1400db5c0 ReadFile
0x1400db5c8 MultiByteToWideChar
0x1400db5d0 FindClose
0x1400db5d8 FindNextFileW
0x1400db5e0 LeaveCriticalSection
0x1400db5e8 GetCurrentThread
0x1400db5f0 EnterCriticalSection
0x1400db5f8 SetEvent
0x1400db600 WaitForSingleObject
0x1400db608 WaitForMultipleObjects
0x1400db610 CreateEventW
0x1400db618 CreateThread
0x1400db620 GetExitCodeThread
0x1400db628 SetLastError
0x1400db630 GetVersionExW
0x1400db638 GetFileSizeEx
0x1400db640 MulDiv
0x1400db648 GetTickCount
0x1400db650 LoadLibraryW
0x1400db658 GlobalAddAtomW
0x1400db660 FormatMessageW
0x1400db668 LocalAlloc
0x1400db670 GetFileSize
0x1400db678 GetCommandLineW
0x1400db680 LockResource
0x1400db688 HeapDestroy
0x1400db690 HeapAlloc
0x1400db698 HeapReAlloc
0x1400db6a0 HeapFree
0x1400db6a8 HeapSize
0x1400db6b0 GetProcessHeap
0x1400db6b8 LoadResource
0x1400db6c0 SizeofResource
0x1400db6c8 FindResourceW
0x1400db6d0 FindResourceExW
0x1400db6d8 GlobalAlloc
0x1400db6e0 GlobalReAlloc
0x1400db6e8 GlobalLock
0x1400db6f0 GlobalUnlock
0x1400db6f8 TerminateThread
0x1400db700 Module32FirstW
0x1400db708 Module32NextW
0x1400db710 DeleteCriticalSection
0x1400db718 GetSystemTime
0x1400db720 GetSystemTimeAsFileTime
0x1400db728 SystemTimeToFileTime
0x1400db730 IsBadStringPtrW
0x1400db738 OpenEventW
0x1400db740 ReadProcessMemory
0x1400db748 lstrcmpiW
0x1400db750 GetEnvironmentVariableW
0x1400db758 VirtualQueryEx
0x1400db760 GetCurrentProcessId
0x1400db768 SetFilePointer
0x1400db770 GetSystemDirectoryW
0x1400db778 SearchPathW
0x1400db780 OpenThread
0x1400db788 GetThreadContext
0x1400db790 SuspendThread
0x1400db798 ResumeThread
0x1400db7a0 Thread32First
0x1400db7a8 Thread32Next
0x1400db7b0 ResetEvent
0x1400db7b8 QueryPerformanceCounter
0x1400db7c0 QueryPerformanceFrequency
0x1400db7c8 IsBadReadPtr
0x1400db7d0 GlobalFree
0x1400db7d8 GlobalMemoryStatusEx
0x1400db7e0 SetProcessWorkingSetSize
0x1400db7e8 TerminateProcess
0x1400db7f0 GetProcessId
0x1400db7f8 PulseEvent
0x1400db800 DeleteFileW
0x1400db808 SetPriorityClass
0x1400db810 GetComputerNameW
0x1400db818 ProcessIdToSessionId
0x1400db820 WTSGetActiveConsoleSessionId
0x1400db828 GetLogicalProcessorInformation
0x1400db830 GlobalMemoryStatus
0x1400db838 VirtualAlloc
0x1400db840 VirtualFree
0x1400db848 GetProcessAffinityMask
0x1400db850 SetProcessAffinityMask
0x1400db858 GetProcessWorkingSetSize
0x1400db860 DeviceIoControl
0x1400db868 DuplicateHandle
0x1400db870 OutputDebugStringW
0x1400db878 GetDriveTypeW
0x1400db880 GetCurrentDirectoryW
0x1400db888 CreateJobObjectW
0x1400db890 IsProcessInJob
0x1400db898 WideCharToMultiByte
0x1400db8a0 DecodePointer
0x1400db8a8 RaiseException
0x1400db8b0 InitializeCriticalSectionAndSpinCount
0x1400db8b8 GetNativeSystemInfo
0x1400db8c0 LoadLibraryA
0x1400db8c8 ExpandEnvironmentStringsA
0x1400db8d0 FreeLibraryAndExitThread
0x1400db8d8 GetStringTypeW
0x1400db8e0 Sleep
0x1400db8e8 GetModuleHandleExW
0x1400db8f0 ExitProcess
0x1400db8f8 GetConsoleMode
0x1400db900 ReadConsoleInputA
0x1400db908 SetConsoleMode
0x1400db910 GetACP
0x1400db918 IsValidLocale
0x1400db920 GetUserDefaultLCID
0x1400db928 EnumSystemLocalesW
0x1400db930 FlushFileBuffers
0x1400db938 GetConsoleCP
0x1400db940 GetTimeZoneInformation
0x1400db948 FindFirstFileExW
0x1400db950 IsValidCodePage
0x1400db958 InitializeCriticalSection
0x1400db960 SetErrorMode
0x1400db968 GetLastError
0x1400db970 ExitThread
0x1400db978 GetCurrentProcess
0x1400db980 OpenProcess
0x1400db988 GetLongPathNameW
0x1400db990 LocalFree
0x1400db998 GetOEMCP
0x1400db9a0 GetCommandLineA
0x1400db9a8 GetEnvironmentStringsW
0x1400db9b0 FreeEnvironmentStringsW
0x1400db9b8 SetEnvironmentVariableA
0x1400db9c0 GetVersion
0x1400db9c8 GetProcAddress
0x1400db9d0 TlsGetValue
0x1400db9d8 SwitchToThread
0x1400db9e0 TlsFree
0x1400db9e8 CompareStringW
0x1400db9f0 LCMapStringW
0x1400db9f8 GetCPInfo
0x1400dba00 IsDebuggerPresent
0x1400dba08 WaitForSingleObjectEx
0x1400dba10 UnhandledExceptionFilter
0x1400dba18 SetUnhandledExceptionFilter
0x1400dba20 IsProcessorFeaturePresent
0x1400dba28 GetStartupInfoW
0x1400dba30 SetStdHandle
0x1400dba38 SetFilePointerEx
0x1400dba40 WriteConsoleW
0x1400dba48 SetEndOfFile
0x1400dba50 ReadConsoleW
0x1400dba58 GetStdHandle
0x1400dba60 GetFileType
0x1400dba68 GetCurrentThreadId
0x1400dba70 CreateFileW
0x1400dba78 QueryInformationJobObject
0x1400dba80 EncodePointer
USER32.dll
0x1400dbc08 IsIconic
0x1400dbc10 SetMenuItemInfoW
0x1400dbc18 GetWindowDC
0x1400dbc20 EndTask
0x1400dbc28 RegisterWindowMessageW
0x1400dbc30 DrawEdge
0x1400dbc38 GetMessageW
0x1400dbc40 TranslateMessage
0x1400dbc48 DispatchMessageW
0x1400dbc50 ExitWindowsEx
0x1400dbc58 PostQuitMessage
0x1400dbc60 IsWindow
0x1400dbc68 SetLayeredWindowAttributes
0x1400dbc70 CreateDialogParamW
0x1400dbc78 GetDlgItemTextW
0x1400dbc80 IsWindowEnabled
0x1400dbc88 LoadAcceleratorsW
0x1400dbc90 TranslateAcceleratorW
0x1400dbc98 LoadMenuW
0x1400dbca0 DrawMenuBar
0x1400dbca8 CreateMenu
0x1400dbcb0 RemoveMenu
0x1400dbcb8 TrackPopupMenu
0x1400dbcc0 GetMenuInfo
0x1400dbcc8 SetMenuInfo
0x1400dbcd0 EndMenu
0x1400dbcd8 RedrawWindow
0x1400dbce0 WindowFromPoint
0x1400dbce8 CheckMenuRadioItem
0x1400dbcf0 DrawIconEx
0x1400dbcf8 IsDialogMessageW
0x1400dbd00 LockWorkStation
0x1400dbd08 IsHungAppWindow
0x1400dbd10 PeekMessageW
0x1400dbd18 SendMessageTimeoutW
0x1400dbd20 CheckRadioButton
0x1400dbd28 GetDlgCtrlID
0x1400dbd30 MsgWaitForMultipleObjects
0x1400dbd38 KillTimer
0x1400dbd40 GetDesktopWindow
0x1400dbd48 GetWindow
0x1400dbd50 GetGuiResources
0x1400dbd58 LoadBitmapW
0x1400dbd60 CopyImage
0x1400dbd68 GetWindowLongW
0x1400dbd70 PtInRect
0x1400dbd78 UnionRect
0x1400dbd80 CopyRect
0x1400dbd88 ScreenToClient
0x1400dbd90 EmptyClipboard
0x1400dbd98 SetClipboardData
0x1400dbda0 CloseClipboard
0x1400dbda8 OpenClipboard
0x1400dbdb0 IsZoomed
0x1400dbdb8 EndDeferWindowPos
0x1400dbdc0 DeferWindowPos
0x1400dbdc8 BeginDeferWindowPos
0x1400dbdd0 DrawFrameControl
0x1400dbdd8 ChildWindowFromPoint
0x1400dbde0 SetDlgItemTextW
0x1400dbde8 DialogBoxParamW
0x1400dbdf0 GetMonitorInfoW
0x1400dbdf8 SetWindowTextW
0x1400dbe00 GetDlgItem
0x1400dbe08 EndDialog
0x1400dbe10 DialogBoxIndirectParamW
0x1400dbe18 GetScrollInfo
0x1400dbe20 SetScrollInfo
0x1400dbe28 GetParent
0x1400dbe30 GetClassLongPtrW
0x1400dbe38 SetWindowLongPtrW
0x1400dbe40 GetWindowLongPtrW
0x1400dbe48 OffsetRect
0x1400dbe50 IntersectRect
0x1400dbe58 InflateRect
0x1400dbe60 FillRect
0x1400dbe68 GetSysColorBrush
0x1400dbe70 GetSysColor
0x1400dbe78 MapWindowPoints
0x1400dbe80 GetCursorPos
0x1400dbe88 GetWindowRect
0x1400dbe90 GetClientRect
0x1400dbe98 GetPropW
0x1400dbea0 SetPropW
0x1400dbea8 ScrollWindowEx
0x1400dbeb0 ValidateRect
0x1400dbeb8 InvalidateRect
0x1400dbec0 GetUpdateRgn
0x1400dbec8 GetUpdateRect
0x1400dbed0 EndPaint
0x1400dbed8 BeginPaint
0x1400dbee0 UpdateWindow
0x1400dbee8 DrawTextW
0x1400dbef0 SetTimer
0x1400dbef8 ReleaseCapture
0x1400dbf00 SetCapture
0x1400dbf08 GetCapture
0x1400dbf10 GetKeyState
0x1400dbf18 GetFocus
0x1400dbf20 SetWindowPos
0x1400dbf28 CreateWindowExW
0x1400dbf30 RegisterClassExW
0x1400dbf38 CallWindowProcW
0x1400dbf40 DefWindowProcW
0x1400dbf48 PostMessageW
0x1400dbf50 LoadStringW
0x1400dbf58 ReleaseDC
0x1400dbf60 GetDC
0x1400dbf68 EnumDisplaySettingsW
0x1400dbf70 LoadImageW
0x1400dbf78 DestroyIcon
0x1400dbf80 LoadCursorW
0x1400dbf88 GetWindowThreadProcessId
0x1400dbf90 FindWindowExW
0x1400dbf98 FindWindowW
0x1400dbfa0 SetCursor
0x1400dbfa8 MessageBoxW
0x1400dbfb0 SetForegroundWindow
0x1400dbfb8 DeleteMenu
0x1400dbfc0 InsertMenuW
0x1400dbfc8 GetSubMenu
0x1400dbfd0 CheckMenuItem
0x1400dbfd8 GetMenu
0x1400dbfe0 GetSystemMetrics
0x1400dbfe8 SetFocus
0x1400dbff0 ShowWindow
0x1400dbff8 MonitorFromPoint
0x1400dc000 EnumWindows
0x1400dc008 SetClassLongW
0x1400dc010 ClientToScreen
0x1400dc018 GetWindowTextW
0x1400dc020 InvalidateRgn
0x1400dc028 TrackPopupMenuEx
0x1400dc030 ModifyMenuW
0x1400dc038 AppendMenuW
0x1400dc040 GetMenuItemCount
0x1400dc048 GetMenuItemID
0x1400dc050 WaitForInputIdle
0x1400dc058 EnableMenuItem
0x1400dc060 CreatePopupMenu
0x1400dc068 EnableWindow
0x1400dc070 IsDlgButtonChecked
0x1400dc078 CheckDlgButton
0x1400dc080 SendMessageW
0x1400dc088 GetWindowPlacement
0x1400dc090 LoadIconW
0x1400dc098 SetWindowPlacement
0x1400dc0a0 DefMDIChildProcW
0x1400dc0a8 DefFrameProcW
0x1400dc0b0 DefDlgProcW
0x1400dc0b8 CreateIconIndirect
0x1400dc0c0 FrameRect
0x1400dc0c8 IsWindowVisible
0x1400dc0d0 ShowWindowAsync
0x1400dc0d8 DestroyWindow
0x1400dc0e0 GetClassNameW
0x1400dc0e8 EnumChildWindows
0x1400dc0f0 MoveWindow
0x1400dc0f8 SetWindowLongW
ADVAPI32.dll
0x1400db010 RevertToSelf
0x1400db018 OpenProcessToken
0x1400db020 GetTokenInformation
0x1400db028 AdjustTokenPrivileges
0x1400db030 RegSetValueExW
0x1400db038 RegUnLoadKeyW
0x1400db040 RegQueryValueW
0x1400db048 EqualSid
0x1400db050 AllocateAndInitializeSid
0x1400db058 FreeSid
0x1400db060 CryptAcquireContextW
0x1400db068 CryptReleaseContext
0x1400db070 CryptGetHashParam
0x1400db078 CryptCreateHash
0x1400db080 CryptHashData
0x1400db088 LookupAccountSidW
0x1400db090 LookupAccountNameW
0x1400db098 CryptDestroyHash
0x1400db0a0 RegDeleteValueW
0x1400db0a8 CloseServiceHandle
0x1400db0b0 GetServiceDisplayNameW
0x1400db0b8 OpenSCManagerW
0x1400db0c0 OpenServiceW
0x1400db0c8 QueryServiceConfig2W
0x1400db0d0 RegCloseKey
0x1400db0d8 QueryServiceStatus
0x1400db0e0 StartServiceW
0x1400db0e8 RegCreateKeyW
0x1400db0f0 MapGenericMask
0x1400db0f8 QueryServiceObjectSecurity
0x1400db100 SetServiceObjectSecurity
0x1400db108 StartTraceW
0x1400db110 ControlTraceW
0x1400db118 OpenTraceW
0x1400db120 ProcessTrace
0x1400db128 CloseTrace
0x1400db130 GetLengthSid
0x1400db138 LookupPrivilegeValueW
0x1400db140 ImpersonateLoggedOnUser
0x1400db148 DuplicateTokenEx
0x1400db150 RegCreateKeyExW
0x1400db158 RegDeleteKeyW
0x1400db160 CopySid
0x1400db168 QueryServiceConfigW
0x1400db170 SetTokenInformation
0x1400db178 IsValidSid
0x1400db180 GetSidIdentifierAuthority
0x1400db188 GetSidSubAuthority
0x1400db190 GetSidSubAuthorityCount
0x1400db198 InitializeAcl
0x1400db1a0 ControlService
0x1400db1a8 RegQueryValueExW
0x1400db1b0 AddAce
0x1400db1b8 GetAce
0x1400db1c0 RegEnumKeyW
0x1400db1c8 RegEnumValueW
0x1400db1d0 RegLoadKeyW
0x1400db1d8 AddAccessAllowedAce
0x1400db1e0 CreateRestrictedToken
0x1400db1e8 GetSecurityInfo
0x1400db1f0 SetSecurityInfo
0x1400db1f8 LsaFreeMemory
0x1400db200 LsaClose
0x1400db208 LsaOpenPolicy
0x1400db210 LsaEnumerateAccountRights
0x1400db218 ConvertSidToStringSidW
0x1400db220 FlushTraceW
0x1400db228 RegConnectRegistryW
0x1400db230 CreateProcessAsUserW
0x1400db238 GetKernelObjectSecurity
0x1400db240 SetKernelObjectSecurity
0x1400db248 LookupPrivilegeNameW
0x1400db250 EnumServicesStatusExW
0x1400db258 RegOpenKeyExA
0x1400db260 RegQueryValueExA
0x1400db268 RegQueryInfoKeyW
0x1400db270 RegOpenKeyExW
0x1400db278 RegOpenKeyW
SHELL32.dll
0x1400dbb88 SHGetFileInfoW
0x1400dbb90 SHGetFolderPathW
0x1400dbb98 ShellExecuteW
0x1400dbba0 ShellExecuteExW
0x1400dbba8 SHBrowseForFolderW
0x1400dbbb0 SHGetSpecialFolderLocation
0x1400dbbb8 SHGetPathFromIDListW
0x1400dbbc0 SHGetMalloc
0x1400dbbc8 Shell_NotifyIconW
ole32.dll
0x1400dc310 CoInitializeEx
0x1400dc318 CoCreateInstance
0x1400dc320 CoUninitialize
0x1400dc328 CoTaskMemFree
0x1400dc330 CoMarshalInterThreadInterfaceInStream
0x1400dc338 CoGetInterfaceAndReleaseStream
0x1400dc340 CoInitialize
0x1400dc348 CoSetProxyBlanket
OLEAUT32.dll
0x1400dbaa0 SafeArrayGetElement
0x1400dbaa8 SysAllocString
0x1400dbab0 SysFreeString
0x1400dbab8 SafeArrayUnaccessData
0x1400dbac0 SysAllocStringByteLen
0x1400dbac8 VariantInit
0x1400dbad0 VariantClear
0x1400dbad8 VariantCopy
0x1400dbae0 SysStringLen
0x1400dbae8 VariantChangeType
0x1400dbaf0 SafeArrayDestroy
0x1400dbaf8 SafeArrayGetUBound
0x1400dbb00 SafeArrayGetLBound
0x1400dbb08 SafeArrayAccessData
0x1400dbb10 SysAllocStringLen
WINHTTP.dll
0x1400dc138 WinHttpReadData
0x1400dc140 WinHttpWriteData
0x1400dc148 WinHttpQueryDataAvailable
0x1400dc150 WinHttpSetOption
0x1400dc158 WinHttpOpenRequest
0x1400dc160 WinHttpSendRequest
0x1400dc168 WinHttpReceiveResponse
0x1400dc170 WinHttpQueryHeaders
0x1400dc178 WinHttpGetProxyForUrl
0x1400dc180 WinHttpConnect
0x1400dc188 WinHttpOpen
0x1400dc190 WinHttpCloseHandle
PSAPI.DLL
0x1400dbb40 QueryWorkingSet
0x1400dbb48 GetMappedFileNameW
0x1400dbb50 GetModuleFileNameExW
EAT(Export Address Table) is none
SHLWAPI.dll
0x1400dbbd8 ColorHLSToRGB
0x1400dbbe0 ColorRGBToHLS
0x1400dbbe8 UrlUnescapeW
0x1400dbbf0 SHAutoComplete
0x1400dbbf8 None
IPHLPAPI.DLL
0x1400db498 GetExtendedTcpTable
0x1400db4a0 GetExtendedUdpTable
WS2_32.dll
0x1400dc1a0 WSAStartup
0x1400dc1a8 ntohs
0x1400dc1b0 htonl
0x1400dc1b8 ntohl
0x1400dc1c0 htons
0x1400dc1c8 gethostbyaddr
0x1400dc1d0 getservbyport
MPR.dll
0x1400dba90 WNetGetConnectionW
COMCTL32.dll
0x1400db288 ImageList_ReplaceIcon
0x1400db290 ImageList_Add
0x1400db298 InitCommonControlsEx
0x1400db2a0 ImageList_Destroy
0x1400db2a8 ImageList_DrawEx
0x1400db2b0 None
0x1400db2b8 PropertySheetW
0x1400db2c0 ImageList_Create
0x1400db2c8 CreateStatusWindowW
0x1400db2d0 CreatePropertySheetPageW
0x1400db2d8 ImageList_GetIcon
0x1400db2e0 None
0x1400db2e8 None
VERSION.dll
0x1400dc118 GetFileVersionInfoSizeW
0x1400dc120 VerQueryValueW
0x1400dc128 GetFileVersionInfoW
credui.dll
0x1400dc218 CredUIPromptForCredentialsW
SETUPAPI.dll
0x1400dbb60 SetupDiGetDeviceInterfaceDetailW
0x1400dbb68 SetupDiEnumDeviceInterfaces
0x1400dbb70 SetupDiDestroyDeviceInfoList
0x1400dbb78 SetupDiGetClassDevsW
CRYPT32.dll
0x1400db338 CryptDecodeObject
0x1400db340 CertDuplicateCertificateContext
0x1400db348 CertGetNameStringW
ACLUI.dll
0x1400db000 None
POWRPROF.dll
0x1400dbb20 SetSuspendState
0x1400dbb28 IsPwrHibernateAllowed
0x1400dbb30 IsPwrSuspendAllowed
WTSAPI32.dll
0x1400dc1e0 WTSFreeMemory
0x1400dc1e8 WTSDisconnectSession
0x1400dc1f0 WTSSendMessageW
0x1400dc1f8 WTSQuerySessionInformationW
0x1400dc200 WTSEnumerateSessionsW
0x1400dc208 WTSLogoffSession
UxTheme.dll
0x1400dc108 EnableThemeDialogTexture
ntdll.dll
0x1400dc228 RtlUnwind
0x1400dc230 NtQueryMutant
0x1400dc238 NtQueryEvent
0x1400dc240 NtQuerySection
0x1400dc248 NtQuerySymbolicLinkObject
0x1400dc250 NtQueryObject
0x1400dc258 NtOpenSymbolicLinkObject
0x1400dc260 NtQuerySystemInformation
0x1400dc268 NtSetInformationProcess
0x1400dc270 NtLoadDriver
0x1400dc278 NtCreateKey
0x1400dc280 NtOpenKey
0x1400dc288 NtResumeThread
0x1400dc290 NtResumeProcess
0x1400dc298 NtOpenThread
0x1400dc2a0 RtlCreateQueryDebugBuffer
0x1400dc2a8 RtlQueryProcessDebugInformation
0x1400dc2b0 RtlDestroyQueryDebugBuffer
0x1400dc2b8 RtlPcToFileHeader
0x1400dc2c0 RtlUnwindEx
0x1400dc2c8 RtlVirtualUnwind
0x1400dc2d0 RtlLookupFunctionEntry
0x1400dc2d8 RtlCaptureContext
0x1400dc2e0 NtQueryInformationThread
0x1400dc2e8 NtQuerySemaphore
0x1400dc2f0 NtSuspendThread
0x1400dc2f8 NtSuspendProcess
0x1400dc300 NtQueryInformationProcess
GDI32.dll
0x1400db358 SelectObject
0x1400db360 SetBkColor
0x1400db368 SetBkMode
0x1400db370 SetTextColor
0x1400db378 GetTextMetricsW
0x1400db380 RectInRegion
0x1400db388 SetMapMode
0x1400db390 StartDocW
0x1400db398 EndDoc
0x1400db3a0 StartPage
0x1400db3a8 EndPage
0x1400db3b0 CreateFontIndirectW
0x1400db3b8 GetTextExtentPoint32W
0x1400db3c0 SetTextAlign
0x1400db3c8 ExtTextOutW
0x1400db3d0 LineTo
0x1400db3d8 Rectangle
0x1400db3e0 RestoreDC
0x1400db3e8 SaveDC
0x1400db3f0 SetROP2
0x1400db3f8 MoveToEx
0x1400db400 CreateBitmap
0x1400db408 SelectClipRgn
0x1400db410 GetStockObject
0x1400db418 GetDeviceCaps
0x1400db420 GetBkMode
0x1400db428 GetBkColor
0x1400db430 DeleteDC
0x1400db438 CreateSolidBrush
0x1400db440 CreateRectRgnIndirect
0x1400db448 CreateRectRgn
0x1400db450 CreatePen
0x1400db458 CreateCompatibleDC
0x1400db460 CreateCompatibleBitmap
0x1400db468 BitBlt
0x1400db470 DeleteObject
0x1400db478 GetObjectW
0x1400db480 CreateDIBSection
0x1400db488 Polyline
COMDLG32.dll
0x1400db2f8 GetSaveFileNameW
0x1400db300 ChooseColorW
0x1400db308 GetOpenFileNameW
0x1400db310 ChooseFontW
0x1400db318 PrintDlgW
0x1400db320 CommDlgExtendedError
0x1400db328 FindTextW
KERNEL32.dll
0x1400db4b0 WriteFile
0x1400db4b8 GetFileTime
0x1400db4c0 CloseHandle
0x1400db4c8 FileTimeToLocalFileTime
0x1400db4d0 FileTimeToSystemTime
0x1400db4d8 FormatMessageA
0x1400db4e0 MapViewOfFile
0x1400db4e8 UnmapViewOfFile
0x1400db4f0 lstrlenW
0x1400db4f8 TlsAlloc
0x1400db500 TlsSetValue
0x1400db508 CreateFileMappingW
0x1400db510 GetModuleFileNameW
0x1400db518 GetModuleHandleW
0x1400db520 CreateProcessW
0x1400db528 SetEnvironmentVariableW
0x1400db530 ExpandEnvironmentStringsW
0x1400db538 GetSystemWindowsDirectoryW
0x1400db540 GetSystemWow64DirectoryW
0x1400db548 GetFullPathNameW
0x1400db550 InitializeSListHead
0x1400db558 IsWow64Process
0x1400db560 GetLocaleInfoW
0x1400db568 GetTimeFormatW
0x1400db570 GetDateFormatW
0x1400db578 GetNumberFormatW
0x1400db580 CreateToolhelp32Snapshot
0x1400db588 Process32FirstW
0x1400db590 Process32NextW
0x1400db598 GetFileAttributesW
0x1400db5a0 FindFirstFileW
0x1400db5a8 GetPrivateProfileStringW
0x1400db5b0 FreeLibrary
0x1400db5b8 LoadLibraryExW
0x1400db5c0 ReadFile
0x1400db5c8 MultiByteToWideChar
0x1400db5d0 FindClose
0x1400db5d8 FindNextFileW
0x1400db5e0 LeaveCriticalSection
0x1400db5e8 GetCurrentThread
0x1400db5f0 EnterCriticalSection
0x1400db5f8 SetEvent
0x1400db600 WaitForSingleObject
0x1400db608 WaitForMultipleObjects
0x1400db610 CreateEventW
0x1400db618 CreateThread
0x1400db620 GetExitCodeThread
0x1400db628 SetLastError
0x1400db630 GetVersionExW
0x1400db638 GetFileSizeEx
0x1400db640 MulDiv
0x1400db648 GetTickCount
0x1400db650 LoadLibraryW
0x1400db658 GlobalAddAtomW
0x1400db660 FormatMessageW
0x1400db668 LocalAlloc
0x1400db670 GetFileSize
0x1400db678 GetCommandLineW
0x1400db680 LockResource
0x1400db688 HeapDestroy
0x1400db690 HeapAlloc
0x1400db698 HeapReAlloc
0x1400db6a0 HeapFree
0x1400db6a8 HeapSize
0x1400db6b0 GetProcessHeap
0x1400db6b8 LoadResource
0x1400db6c0 SizeofResource
0x1400db6c8 FindResourceW
0x1400db6d0 FindResourceExW
0x1400db6d8 GlobalAlloc
0x1400db6e0 GlobalReAlloc
0x1400db6e8 GlobalLock
0x1400db6f0 GlobalUnlock
0x1400db6f8 TerminateThread
0x1400db700 Module32FirstW
0x1400db708 Module32NextW
0x1400db710 DeleteCriticalSection
0x1400db718 GetSystemTime
0x1400db720 GetSystemTimeAsFileTime
0x1400db728 SystemTimeToFileTime
0x1400db730 IsBadStringPtrW
0x1400db738 OpenEventW
0x1400db740 ReadProcessMemory
0x1400db748 lstrcmpiW
0x1400db750 GetEnvironmentVariableW
0x1400db758 VirtualQueryEx
0x1400db760 GetCurrentProcessId
0x1400db768 SetFilePointer
0x1400db770 GetSystemDirectoryW
0x1400db778 SearchPathW
0x1400db780 OpenThread
0x1400db788 GetThreadContext
0x1400db790 SuspendThread
0x1400db798 ResumeThread
0x1400db7a0 Thread32First
0x1400db7a8 Thread32Next
0x1400db7b0 ResetEvent
0x1400db7b8 QueryPerformanceCounter
0x1400db7c0 QueryPerformanceFrequency
0x1400db7c8 IsBadReadPtr
0x1400db7d0 GlobalFree
0x1400db7d8 GlobalMemoryStatusEx
0x1400db7e0 SetProcessWorkingSetSize
0x1400db7e8 TerminateProcess
0x1400db7f0 GetProcessId
0x1400db7f8 PulseEvent
0x1400db800 DeleteFileW
0x1400db808 SetPriorityClass
0x1400db810 GetComputerNameW
0x1400db818 ProcessIdToSessionId
0x1400db820 WTSGetActiveConsoleSessionId
0x1400db828 GetLogicalProcessorInformation
0x1400db830 GlobalMemoryStatus
0x1400db838 VirtualAlloc
0x1400db840 VirtualFree
0x1400db848 GetProcessAffinityMask
0x1400db850 SetProcessAffinityMask
0x1400db858 GetProcessWorkingSetSize
0x1400db860 DeviceIoControl
0x1400db868 DuplicateHandle
0x1400db870 OutputDebugStringW
0x1400db878 GetDriveTypeW
0x1400db880 GetCurrentDirectoryW
0x1400db888 CreateJobObjectW
0x1400db890 IsProcessInJob
0x1400db898 WideCharToMultiByte
0x1400db8a0 DecodePointer
0x1400db8a8 RaiseException
0x1400db8b0 InitializeCriticalSectionAndSpinCount
0x1400db8b8 GetNativeSystemInfo
0x1400db8c0 LoadLibraryA
0x1400db8c8 ExpandEnvironmentStringsA
0x1400db8d0 FreeLibraryAndExitThread
0x1400db8d8 GetStringTypeW
0x1400db8e0 Sleep
0x1400db8e8 GetModuleHandleExW
0x1400db8f0 ExitProcess
0x1400db8f8 GetConsoleMode
0x1400db900 ReadConsoleInputA
0x1400db908 SetConsoleMode
0x1400db910 GetACP
0x1400db918 IsValidLocale
0x1400db920 GetUserDefaultLCID
0x1400db928 EnumSystemLocalesW
0x1400db930 FlushFileBuffers
0x1400db938 GetConsoleCP
0x1400db940 GetTimeZoneInformation
0x1400db948 FindFirstFileExW
0x1400db950 IsValidCodePage
0x1400db958 InitializeCriticalSection
0x1400db960 SetErrorMode
0x1400db968 GetLastError
0x1400db970 ExitThread
0x1400db978 GetCurrentProcess
0x1400db980 OpenProcess
0x1400db988 GetLongPathNameW
0x1400db990 LocalFree
0x1400db998 GetOEMCP
0x1400db9a0 GetCommandLineA
0x1400db9a8 GetEnvironmentStringsW
0x1400db9b0 FreeEnvironmentStringsW
0x1400db9b8 SetEnvironmentVariableA
0x1400db9c0 GetVersion
0x1400db9c8 GetProcAddress
0x1400db9d0 TlsGetValue
0x1400db9d8 SwitchToThread
0x1400db9e0 TlsFree
0x1400db9e8 CompareStringW
0x1400db9f0 LCMapStringW
0x1400db9f8 GetCPInfo
0x1400dba00 IsDebuggerPresent
0x1400dba08 WaitForSingleObjectEx
0x1400dba10 UnhandledExceptionFilter
0x1400dba18 SetUnhandledExceptionFilter
0x1400dba20 IsProcessorFeaturePresent
0x1400dba28 GetStartupInfoW
0x1400dba30 SetStdHandle
0x1400dba38 SetFilePointerEx
0x1400dba40 WriteConsoleW
0x1400dba48 SetEndOfFile
0x1400dba50 ReadConsoleW
0x1400dba58 GetStdHandle
0x1400dba60 GetFileType
0x1400dba68 GetCurrentThreadId
0x1400dba70 CreateFileW
0x1400dba78 QueryInformationJobObject
0x1400dba80 EncodePointer
USER32.dll
0x1400dbc08 IsIconic
0x1400dbc10 SetMenuItemInfoW
0x1400dbc18 GetWindowDC
0x1400dbc20 EndTask
0x1400dbc28 RegisterWindowMessageW
0x1400dbc30 DrawEdge
0x1400dbc38 GetMessageW
0x1400dbc40 TranslateMessage
0x1400dbc48 DispatchMessageW
0x1400dbc50 ExitWindowsEx
0x1400dbc58 PostQuitMessage
0x1400dbc60 IsWindow
0x1400dbc68 SetLayeredWindowAttributes
0x1400dbc70 CreateDialogParamW
0x1400dbc78 GetDlgItemTextW
0x1400dbc80 IsWindowEnabled
0x1400dbc88 LoadAcceleratorsW
0x1400dbc90 TranslateAcceleratorW
0x1400dbc98 LoadMenuW
0x1400dbca0 DrawMenuBar
0x1400dbca8 CreateMenu
0x1400dbcb0 RemoveMenu
0x1400dbcb8 TrackPopupMenu
0x1400dbcc0 GetMenuInfo
0x1400dbcc8 SetMenuInfo
0x1400dbcd0 EndMenu
0x1400dbcd8 RedrawWindow
0x1400dbce0 WindowFromPoint
0x1400dbce8 CheckMenuRadioItem
0x1400dbcf0 DrawIconEx
0x1400dbcf8 IsDialogMessageW
0x1400dbd00 LockWorkStation
0x1400dbd08 IsHungAppWindow
0x1400dbd10 PeekMessageW
0x1400dbd18 SendMessageTimeoutW
0x1400dbd20 CheckRadioButton
0x1400dbd28 GetDlgCtrlID
0x1400dbd30 MsgWaitForMultipleObjects
0x1400dbd38 KillTimer
0x1400dbd40 GetDesktopWindow
0x1400dbd48 GetWindow
0x1400dbd50 GetGuiResources
0x1400dbd58 LoadBitmapW
0x1400dbd60 CopyImage
0x1400dbd68 GetWindowLongW
0x1400dbd70 PtInRect
0x1400dbd78 UnionRect
0x1400dbd80 CopyRect
0x1400dbd88 ScreenToClient
0x1400dbd90 EmptyClipboard
0x1400dbd98 SetClipboardData
0x1400dbda0 CloseClipboard
0x1400dbda8 OpenClipboard
0x1400dbdb0 IsZoomed
0x1400dbdb8 EndDeferWindowPos
0x1400dbdc0 DeferWindowPos
0x1400dbdc8 BeginDeferWindowPos
0x1400dbdd0 DrawFrameControl
0x1400dbdd8 ChildWindowFromPoint
0x1400dbde0 SetDlgItemTextW
0x1400dbde8 DialogBoxParamW
0x1400dbdf0 GetMonitorInfoW
0x1400dbdf8 SetWindowTextW
0x1400dbe00 GetDlgItem
0x1400dbe08 EndDialog
0x1400dbe10 DialogBoxIndirectParamW
0x1400dbe18 GetScrollInfo
0x1400dbe20 SetScrollInfo
0x1400dbe28 GetParent
0x1400dbe30 GetClassLongPtrW
0x1400dbe38 SetWindowLongPtrW
0x1400dbe40 GetWindowLongPtrW
0x1400dbe48 OffsetRect
0x1400dbe50 IntersectRect
0x1400dbe58 InflateRect
0x1400dbe60 FillRect
0x1400dbe68 GetSysColorBrush
0x1400dbe70 GetSysColor
0x1400dbe78 MapWindowPoints
0x1400dbe80 GetCursorPos
0x1400dbe88 GetWindowRect
0x1400dbe90 GetClientRect
0x1400dbe98 GetPropW
0x1400dbea0 SetPropW
0x1400dbea8 ScrollWindowEx
0x1400dbeb0 ValidateRect
0x1400dbeb8 InvalidateRect
0x1400dbec0 GetUpdateRgn
0x1400dbec8 GetUpdateRect
0x1400dbed0 EndPaint
0x1400dbed8 BeginPaint
0x1400dbee0 UpdateWindow
0x1400dbee8 DrawTextW
0x1400dbef0 SetTimer
0x1400dbef8 ReleaseCapture
0x1400dbf00 SetCapture
0x1400dbf08 GetCapture
0x1400dbf10 GetKeyState
0x1400dbf18 GetFocus
0x1400dbf20 SetWindowPos
0x1400dbf28 CreateWindowExW
0x1400dbf30 RegisterClassExW
0x1400dbf38 CallWindowProcW
0x1400dbf40 DefWindowProcW
0x1400dbf48 PostMessageW
0x1400dbf50 LoadStringW
0x1400dbf58 ReleaseDC
0x1400dbf60 GetDC
0x1400dbf68 EnumDisplaySettingsW
0x1400dbf70 LoadImageW
0x1400dbf78 DestroyIcon
0x1400dbf80 LoadCursorW
0x1400dbf88 GetWindowThreadProcessId
0x1400dbf90 FindWindowExW
0x1400dbf98 FindWindowW
0x1400dbfa0 SetCursor
0x1400dbfa8 MessageBoxW
0x1400dbfb0 SetForegroundWindow
0x1400dbfb8 DeleteMenu
0x1400dbfc0 InsertMenuW
0x1400dbfc8 GetSubMenu
0x1400dbfd0 CheckMenuItem
0x1400dbfd8 GetMenu
0x1400dbfe0 GetSystemMetrics
0x1400dbfe8 SetFocus
0x1400dbff0 ShowWindow
0x1400dbff8 MonitorFromPoint
0x1400dc000 EnumWindows
0x1400dc008 SetClassLongW
0x1400dc010 ClientToScreen
0x1400dc018 GetWindowTextW
0x1400dc020 InvalidateRgn
0x1400dc028 TrackPopupMenuEx
0x1400dc030 ModifyMenuW
0x1400dc038 AppendMenuW
0x1400dc040 GetMenuItemCount
0x1400dc048 GetMenuItemID
0x1400dc050 WaitForInputIdle
0x1400dc058 EnableMenuItem
0x1400dc060 CreatePopupMenu
0x1400dc068 EnableWindow
0x1400dc070 IsDlgButtonChecked
0x1400dc078 CheckDlgButton
0x1400dc080 SendMessageW
0x1400dc088 GetWindowPlacement
0x1400dc090 LoadIconW
0x1400dc098 SetWindowPlacement
0x1400dc0a0 DefMDIChildProcW
0x1400dc0a8 DefFrameProcW
0x1400dc0b0 DefDlgProcW
0x1400dc0b8 CreateIconIndirect
0x1400dc0c0 FrameRect
0x1400dc0c8 IsWindowVisible
0x1400dc0d0 ShowWindowAsync
0x1400dc0d8 DestroyWindow
0x1400dc0e0 GetClassNameW
0x1400dc0e8 EnumChildWindows
0x1400dc0f0 MoveWindow
0x1400dc0f8 SetWindowLongW
ADVAPI32.dll
0x1400db010 RevertToSelf
0x1400db018 OpenProcessToken
0x1400db020 GetTokenInformation
0x1400db028 AdjustTokenPrivileges
0x1400db030 RegSetValueExW
0x1400db038 RegUnLoadKeyW
0x1400db040 RegQueryValueW
0x1400db048 EqualSid
0x1400db050 AllocateAndInitializeSid
0x1400db058 FreeSid
0x1400db060 CryptAcquireContextW
0x1400db068 CryptReleaseContext
0x1400db070 CryptGetHashParam
0x1400db078 CryptCreateHash
0x1400db080 CryptHashData
0x1400db088 LookupAccountSidW
0x1400db090 LookupAccountNameW
0x1400db098 CryptDestroyHash
0x1400db0a0 RegDeleteValueW
0x1400db0a8 CloseServiceHandle
0x1400db0b0 GetServiceDisplayNameW
0x1400db0b8 OpenSCManagerW
0x1400db0c0 OpenServiceW
0x1400db0c8 QueryServiceConfig2W
0x1400db0d0 RegCloseKey
0x1400db0d8 QueryServiceStatus
0x1400db0e0 StartServiceW
0x1400db0e8 RegCreateKeyW
0x1400db0f0 MapGenericMask
0x1400db0f8 QueryServiceObjectSecurity
0x1400db100 SetServiceObjectSecurity
0x1400db108 StartTraceW
0x1400db110 ControlTraceW
0x1400db118 OpenTraceW
0x1400db120 ProcessTrace
0x1400db128 CloseTrace
0x1400db130 GetLengthSid
0x1400db138 LookupPrivilegeValueW
0x1400db140 ImpersonateLoggedOnUser
0x1400db148 DuplicateTokenEx
0x1400db150 RegCreateKeyExW
0x1400db158 RegDeleteKeyW
0x1400db160 CopySid
0x1400db168 QueryServiceConfigW
0x1400db170 SetTokenInformation
0x1400db178 IsValidSid
0x1400db180 GetSidIdentifierAuthority
0x1400db188 GetSidSubAuthority
0x1400db190 GetSidSubAuthorityCount
0x1400db198 InitializeAcl
0x1400db1a0 ControlService
0x1400db1a8 RegQueryValueExW
0x1400db1b0 AddAce
0x1400db1b8 GetAce
0x1400db1c0 RegEnumKeyW
0x1400db1c8 RegEnumValueW
0x1400db1d0 RegLoadKeyW
0x1400db1d8 AddAccessAllowedAce
0x1400db1e0 CreateRestrictedToken
0x1400db1e8 GetSecurityInfo
0x1400db1f0 SetSecurityInfo
0x1400db1f8 LsaFreeMemory
0x1400db200 LsaClose
0x1400db208 LsaOpenPolicy
0x1400db210 LsaEnumerateAccountRights
0x1400db218 ConvertSidToStringSidW
0x1400db220 FlushTraceW
0x1400db228 RegConnectRegistryW
0x1400db230 CreateProcessAsUserW
0x1400db238 GetKernelObjectSecurity
0x1400db240 SetKernelObjectSecurity
0x1400db248 LookupPrivilegeNameW
0x1400db250 EnumServicesStatusExW
0x1400db258 RegOpenKeyExA
0x1400db260 RegQueryValueExA
0x1400db268 RegQueryInfoKeyW
0x1400db270 RegOpenKeyExW
0x1400db278 RegOpenKeyW
SHELL32.dll
0x1400dbb88 SHGetFileInfoW
0x1400dbb90 SHGetFolderPathW
0x1400dbb98 ShellExecuteW
0x1400dbba0 ShellExecuteExW
0x1400dbba8 SHBrowseForFolderW
0x1400dbbb0 SHGetSpecialFolderLocation
0x1400dbbb8 SHGetPathFromIDListW
0x1400dbbc0 SHGetMalloc
0x1400dbbc8 Shell_NotifyIconW
ole32.dll
0x1400dc310 CoInitializeEx
0x1400dc318 CoCreateInstance
0x1400dc320 CoUninitialize
0x1400dc328 CoTaskMemFree
0x1400dc330 CoMarshalInterThreadInterfaceInStream
0x1400dc338 CoGetInterfaceAndReleaseStream
0x1400dc340 CoInitialize
0x1400dc348 CoSetProxyBlanket
OLEAUT32.dll
0x1400dbaa0 SafeArrayGetElement
0x1400dbaa8 SysAllocString
0x1400dbab0 SysFreeString
0x1400dbab8 SafeArrayUnaccessData
0x1400dbac0 SysAllocStringByteLen
0x1400dbac8 VariantInit
0x1400dbad0 VariantClear
0x1400dbad8 VariantCopy
0x1400dbae0 SysStringLen
0x1400dbae8 VariantChangeType
0x1400dbaf0 SafeArrayDestroy
0x1400dbaf8 SafeArrayGetUBound
0x1400dbb00 SafeArrayGetLBound
0x1400dbb08 SafeArrayAccessData
0x1400dbb10 SysAllocStringLen
WINHTTP.dll
0x1400dc138 WinHttpReadData
0x1400dc140 WinHttpWriteData
0x1400dc148 WinHttpQueryDataAvailable
0x1400dc150 WinHttpSetOption
0x1400dc158 WinHttpOpenRequest
0x1400dc160 WinHttpSendRequest
0x1400dc168 WinHttpReceiveResponse
0x1400dc170 WinHttpQueryHeaders
0x1400dc178 WinHttpGetProxyForUrl
0x1400dc180 WinHttpConnect
0x1400dc188 WinHttpOpen
0x1400dc190 WinHttpCloseHandle
PSAPI.DLL
0x1400dbb40 QueryWorkingSet
0x1400dbb48 GetMappedFileNameW
0x1400dbb50 GetModuleFileNameExW
EAT(Export Address Table) is none