ScreenShot
| Created | 2024.05.03 15:53 | Machine | s1_win7_x6401 |
| Filename | svchosts.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 53 detected (AIDetectMalware, Malicious, score, unsafe, Save, Attribute, HighConfidence, high confidence, FlyStudio, GenericRXEN, CoinminerX, Coinminer, HackTool, XMRMiner, CLASSIC, PotentialRisk, R002C0PDU24, high, Generic Reputation PUA, Outbreak, ai score=70, XMRig, RA@1qraug, DisguisedXMRigMiner, 17UBEGE, Eldorado, ZexaF, @tW@aernBcmb, GenAsa, qOyPKoQMSbY, Static AI, Malicious PE, susgen, Miner) | ||
| md5 | 10e53496bc04214f85f2ba5688430edb | ||
| sha256 | 7c82c1d6e2a029959c60cdeaea831402b6b625e3bc66a312d915066825ecd000 | ||
| ssdeep | 98304:Q/A1BmUR/a0YRm8R3UIWP39tyILIjYVrOPvhRCBc1redIhiIu/6xQaSY9:kW7YRQCvhIBc8IhifSxSY9 | ||
| imphash | 32b9f7d435c39fc3898d22f106155583 | ||
| impfuzzy | 192:K7PzC0GCefjUqT0E4z/tsRcRcpcaKSZtQJh:SCP9TpEUSh | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 53 AntiVirus engines on VirusTotal as malicious |
| watch | A stratum cryptocurrency mining command was executed |
| watch | Created a service where a service was also not started |
| watch | Detects Virtual Machines through their custom firmware |
| watch | Installs itself for autorun at Windows startup |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Creates executable files on the filesystem |
| notice | Creates hidden or system file |
| notice | Foreign language identified in PE resource |
| info | Checks amount of memory in system |
| info | Command line console output was observed |
| info | Queries for the computername |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (17cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | XMRig_Miner_IN | XMRig Miner | binaries (download) |
| danger | XMRig_Miner_IN | XMRig Miner | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | DllRegisterServer_Zero | execute regsvr32.exe | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | IsPE64 | (no description) | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x484170 SetEndOfFile
0x484174 UnlockFile
0x484178 LockFile
0x48417c FlushFileBuffers
0x484180 SetFilePointer
0x484184 GetCurrentProcess
0x484188 DuplicateHandle
0x48418c lstrcpynA
0x484190 SetLastError
0x484194 FileTimeToLocalFileTime
0x484198 FileTimeToSystemTime
0x48419c LocalFree
0x4841a0 InterlockedDecrement
0x4841a4 CreateSemaphoreA
0x4841a8 ResumeThread
0x4841ac ReleaseSemaphore
0x4841b0 EnterCriticalSection
0x4841b4 LeaveCriticalSection
0x4841b8 GetProfileStringA
0x4841bc SetStdHandle
0x4841c0 IsBadCodePtr
0x4841c4 IsBadReadPtr
0x4841c8 CompareStringW
0x4841cc CompareStringA
0x4841d0 SetUnhandledExceptionFilter
0x4841d4 GetStringTypeW
0x4841d8 GetStringTypeA
0x4841dc IsBadWritePtr
0x4841e0 VirtualAlloc
0x4841e4 LCMapStringW
0x4841e8 LCMapStringA
0x4841ec SetEnvironmentVariableA
0x4841f0 VirtualFree
0x4841f4 HeapCreate
0x4841f8 HeapDestroy
0x4841fc GetEnvironmentVariableA
0x484200 GetFileType
0x484204 GetStdHandle
0x484208 SetHandleCount
0x48420c GetEnvironmentStringsW
0x484210 GetEnvironmentStrings
0x484214 FreeEnvironmentStringsW
0x484218 FreeEnvironmentStringsA
0x48421c UnhandledExceptionFilter
0x484220 GetACP
0x484224 HeapSize
0x484228 TerminateProcess
0x48422c GetLocalTime
0x484230 GetSystemTime
0x484234 GetTimeZoneInformation
0x484238 WriteFile
0x48423c WaitForMultipleObjects
0x484240 CreateFileA
0x484244 SetEvent
0x484248 FindResourceA
0x48424c LoadResource
0x484250 LockResource
0x484254 ReadFile
0x484258 GetModuleFileNameA
0x48425c GetCurrentThreadId
0x484260 ExitProcess
0x484264 GlobalSize
0x484268 GlobalFree
0x48426c DeleteCriticalSection
0x484270 InitializeCriticalSection
0x484274 lstrcatA
0x484278 lstrlenA
0x48427c WinExec
0x484280 lstrcpyA
0x484284 FindNextFileA
0x484288 GlobalReAlloc
0x48428c HeapFree
0x484290 HeapReAlloc
0x484294 GetProcessHeap
0x484298 HeapAlloc
0x48429c MultiByteToWideChar
0x4842a0 WideCharToMultiByte
0x4842a4 GetFullPathNameA
0x4842a8 FreeLibrary
0x4842ac LoadLibraryA
0x4842b0 GetLastError
0x4842b4 GetVersionExA
0x4842b8 WritePrivateProfileStringA
0x4842bc CreateThread
0x4842c0 CreateEventA
0x4842c4 Sleep
0x4842c8 GlobalAlloc
0x4842cc GlobalLock
0x4842d0 GlobalUnlock
0x4842d4 FindFirstFileA
0x4842d8 FindClose
0x4842dc SetFileAttributesA
0x4842e0 GetFileAttributesA
0x4842e4 RaiseException
0x4842e8 RtlUnwind
0x4842ec GetStartupInfoA
0x4842f0 GetOEMCP
0x4842f4 GetCPInfo
0x4842f8 GetProcessVersion
0x4842fc SetErrorMode
0x484300 GlobalFlags
0x484304 GetCurrentThread
0x484308 GetFileTime
0x48430c GetFileSize
0x484310 TlsGetValue
0x484314 LocalReAlloc
0x484318 TlsSetValue
0x48431c TlsFree
0x484320 GlobalHandle
0x484324 SetCurrentDirectoryA
0x484328 GetVolumeInformationA
0x48432c GetModuleHandleA
0x484330 GetProcAddress
0x484334 TlsAlloc
0x484338 LocalAlloc
0x48433c lstrcmpA
0x484340 GetVersion
0x484344 GlobalGetAtomNameA
0x484348 GlobalAddAtomA
0x48434c GlobalFindAtomA
0x484350 GlobalDeleteAtom
0x484354 lstrcmpiA
0x484358 MulDiv
0x48435c GetCommandLineA
0x484360 GetTickCount
0x484364 CreateProcessA
0x484368 WaitForSingleObject
0x48436c CloseHandle
0x484370 InterlockedIncrement
USER32.dll
0x484394 OpenClipboard
0x484398 SetClipboardData
0x48439c EmptyClipboard
0x4843a0 GetSystemMetrics
0x4843a4 GetCursorPos
0x4843a8 MessageBoxA
0x4843ac SetWindowPos
0x4843b0 SendMessageA
0x4843b4 DestroyCursor
0x4843b8 SetParent
0x4843bc GetClipboardData
0x4843c0 PostMessageA
0x4843c4 GetTopWindow
0x4843c8 GetParent
0x4843cc CloseClipboard
0x4843d0 wsprintfA
0x4843d4 GetFocus
0x4843d8 GetClientRect
0x4843dc InvalidateRect
0x4843e0 ValidateRect
0x4843e4 UpdateWindow
0x4843e8 EqualRect
0x4843ec GetWindowRect
0x4843f0 SetForegroundWindow
0x4843f4 WaitForInputIdle
0x4843f8 IsWindow
0x4843fc RegisterClassA
0x484400 DestroyMenu
0x484404 IsChild
0x484408 ReleaseDC
0x48440c IsRectEmpty
0x484410 FillRect
0x484414 GetDC
0x484418 SetCursor
0x48441c LoadCursorA
0x484420 SetCursorPos
0x484424 SetActiveWindow
0x484428 GetSysColor
0x48442c SetWindowLongA
0x484430 GetWindowLongA
0x484434 RedrawWindow
0x484438 EnableWindow
0x48443c IsWindowVisible
0x484440 OffsetRect
0x484444 PtInRect
0x484448 DestroyIcon
0x48444c IntersectRect
0x484450 InflateRect
0x484454 SetRect
0x484458 SetScrollPos
0x48445c SetScrollRange
0x484460 GetScrollRange
0x484464 SetCapture
0x484468 LoadIconA
0x48446c TranslateMessage
0x484470 DrawFrameControl
0x484474 DrawEdge
0x484478 DrawFocusRect
0x48447c WindowFromPoint
0x484480 GetMessageA
0x484484 DispatchMessageA
0x484488 SetRectEmpty
0x48448c RegisterClipboardFormatA
0x484490 CreateIconFromResourceEx
0x484494 CreateIconFromResource
0x484498 DrawIconEx
0x48449c CreatePopupMenu
0x4844a0 AppendMenuA
0x4844a4 ModifyMenuA
0x4844a8 CreateMenu
0x4844ac CreateAcceleratorTableA
0x4844b0 GetDlgCtrlID
0x4844b4 GetSubMenu
0x4844b8 EnableMenuItem
0x4844bc ClientToScreen
0x4844c0 EnumDisplaySettingsA
0x4844c4 LoadImageA
0x4844c8 SystemParametersInfoA
0x4844cc ShowWindow
0x4844d0 IsWindowEnabled
0x4844d4 TranslateAcceleratorA
0x4844d8 GetKeyState
0x4844dc CopyAcceleratorTableA
0x4844e0 PostQuitMessage
0x4844e4 IsZoomed
0x4844e8 GetClassInfoA
0x4844ec DefWindowProcA
0x4844f0 GetSystemMenu
0x4844f4 DeleteMenu
0x4844f8 GetMenu
0x4844fc SetMenu
0x484500 PeekMessageA
0x484504 GetWindowTextA
0x484508 GetWindowTextLengthA
0x48450c CharUpperA
0x484510 GetWindowDC
0x484514 BeginPaint
0x484518 EndPaint
0x48451c TabbedTextOutA
0x484520 DrawTextA
0x484524 GrayStringA
0x484528 GetDlgItem
0x48452c DestroyWindow
0x484530 CreateDialogIndirectParamA
0x484534 EndDialog
0x484538 GetNextDlgTabItem
0x48453c GetWindowPlacement
0x484540 RegisterWindowMessageA
0x484544 GetForegroundWindow
0x484548 GetLastActivePopup
0x48454c GetMessageTime
0x484550 RemovePropA
0x484554 CallWindowProcA
0x484558 GetPropA
0x48455c UnhookWindowsHookEx
0x484560 SetPropA
0x484564 GetClassLongA
0x484568 CallNextHookEx
0x48456c SetWindowsHookExA
0x484570 CreateWindowExA
0x484574 GetMenuItemID
0x484578 GetMenuItemCount
0x48457c UnregisterClassA
0x484580 GetScrollPos
0x484584 AdjustWindowRectEx
0x484588 MapWindowPoints
0x48458c SendDlgItemMessageA
0x484590 ScrollWindowEx
0x484594 IsDialogMessageA
0x484598 SetWindowTextA
0x48459c MoveWindow
0x4845a0 CheckMenuItem
0x4845a4 SetMenuItemBitmaps
0x4845a8 GetMenuState
0x4845ac GetMenuCheckMarkDimensions
0x4845b0 GetClassNameA
0x4845b4 GetDesktopWindow
0x4845b8 LoadStringA
0x4845bc GetSysColorBrush
0x4845c0 IsIconic
0x4845c4 SetFocus
0x4845c8 GetActiveWindow
0x4845cc GetWindow
0x4845d0 DestroyAcceleratorTable
0x4845d4 SetWindowRgn
0x4845d8 GetMessagePos
0x4845dc ScreenToClient
0x4845e0 ChildWindowFromPointEx
0x4845e4 CopyRect
0x4845e8 LoadBitmapA
0x4845ec WinHelpA
0x4845f0 KillTimer
0x4845f4 SetTimer
0x4845f8 ReleaseCapture
0x4845fc GetCapture
GDI32.dll
0x484024 GetClipRgn
0x484028 CreatePolygonRgn
0x48402c SelectClipRgn
0x484030 DeleteObject
0x484034 CreateDIBitmap
0x484038 GetSystemPaletteEntries
0x48403c CreatePalette
0x484040 StretchBlt
0x484044 SelectPalette
0x484048 RealizePalette
0x48404c GetDIBits
0x484050 GetWindowExtEx
0x484054 GetViewportOrgEx
0x484058 GetWindowOrgEx
0x48405c BeginPath
0x484060 EndPath
0x484064 PathToRegion
0x484068 CreateEllipticRgn
0x48406c CreateRoundRectRgn
0x484070 GetTextColor
0x484074 GetBkMode
0x484078 GetBkColor
0x48407c GetROP2
0x484080 GetStretchBltMode
0x484084 GetPolyFillMode
0x484088 CreateCompatibleBitmap
0x48408c CreateDCA
0x484090 CreateBitmap
0x484094 SelectObject
0x484098 GetObjectA
0x48409c CreatePen
0x4840a0 PatBlt
0x4840a4 SetStretchBltMode
0x4840a8 CreateRectRgn
0x4840ac FillRgn
0x4840b0 CreateSolidBrush
0x4840b4 GetStockObject
0x4840b8 CreateFontIndirectA
0x4840bc EndPage
0x4840c0 EndDoc
0x4840c4 DeleteDC
0x4840c8 StartDocA
0x4840cc StartPage
0x4840d0 BitBlt
0x4840d4 CreateCompatibleDC
0x4840d8 Ellipse
0x4840dc Rectangle
0x4840e0 LPtoDP
0x4840e4 DPtoLP
0x4840e8 GetCurrentObject
0x4840ec RoundRect
0x4840f0 GetTextExtentPoint32A
0x4840f4 GetDeviceCaps
0x4840f8 SaveDC
0x4840fc RestoreDC
0x484100 SetBkMode
0x484104 SetPolyFillMode
0x484108 SetROP2
0x48410c SetTextColor
0x484110 SetMapMode
0x484114 SetViewportOrgEx
0x484118 OffsetViewportOrgEx
0x48411c SetViewportExtEx
0x484120 ScaleViewportExtEx
0x484124 SetWindowOrgEx
0x484128 SetWindowExtEx
0x48412c ScaleWindowExtEx
0x484130 GetClipBox
0x484134 ExcludeClipRect
0x484138 MoveToEx
0x48413c LineTo
0x484140 CreateRectRgnIndirect
0x484144 SetBkColor
0x484148 CombineRgn
0x48414c GetTextMetricsA
0x484150 Escape
0x484154 ExtTextOutA
0x484158 TextOutA
0x48415c RectVisible
0x484160 PtVisible
0x484164 GetViewportExtEx
0x484168 ExtSelectClipRgn
WINMM.dll
0x484604 midiStreamRestart
0x484608 midiStreamClose
0x48460c midiOutReset
0x484610 midiStreamStop
0x484614 midiStreamOut
0x484618 midiOutPrepareHeader
0x48461c midiStreamProperty
0x484620 midiStreamOpen
0x484624 midiOutUnprepareHeader
0x484628 waveOutOpen
0x48462c waveOutGetNumDevs
0x484630 waveOutClose
0x484634 waveOutReset
0x484638 waveOutPause
0x48463c waveOutWrite
0x484640 waveOutPrepareHeader
0x484644 waveOutUnprepareHeader
WINSPOOL.DRV
0x48464c ClosePrinter
0x484650 DocumentPropertiesA
0x484654 OpenPrinterA
ADVAPI32.dll
0x484000 RegCloseKey
0x484004 RegOpenKeyExA
0x484008 RegSetValueExA
0x48400c RegQueryValueA
0x484010 RegCreateKeyExA
SHELL32.dll
0x484388 ShellExecuteA
0x48438c Shell_NotifyIconA
ole32.dll
0x484698 OleInitialize
0x48469c OleUninitialize
0x4846a0 CLSIDFromString
OLEAUT32.dll
0x484378 UnRegisterTypeLib
0x48437c RegisterTypeLib
0x484380 LoadTypeLib
COMCTL32.dll
0x484018 ImageList_Destroy
0x48401c None
WS2_32.dll
0x48465c ioctlsocket
0x484660 recv
0x484664 getpeername
0x484668 accept
0x48466c recvfrom
0x484670 WSAAsyncSelect
0x484674 closesocket
0x484678 inet_ntoa
0x48467c WSACleanup
comdlg32.dll
0x484684 ChooseColorA
0x484688 GetSaveFileNameA
0x48468c GetOpenFileNameA
0x484690 GetFileTitleA
EAT(Export Address Table) is none
KERNEL32.dll
0x484170 SetEndOfFile
0x484174 UnlockFile
0x484178 LockFile
0x48417c FlushFileBuffers
0x484180 SetFilePointer
0x484184 GetCurrentProcess
0x484188 DuplicateHandle
0x48418c lstrcpynA
0x484190 SetLastError
0x484194 FileTimeToLocalFileTime
0x484198 FileTimeToSystemTime
0x48419c LocalFree
0x4841a0 InterlockedDecrement
0x4841a4 CreateSemaphoreA
0x4841a8 ResumeThread
0x4841ac ReleaseSemaphore
0x4841b0 EnterCriticalSection
0x4841b4 LeaveCriticalSection
0x4841b8 GetProfileStringA
0x4841bc SetStdHandle
0x4841c0 IsBadCodePtr
0x4841c4 IsBadReadPtr
0x4841c8 CompareStringW
0x4841cc CompareStringA
0x4841d0 SetUnhandledExceptionFilter
0x4841d4 GetStringTypeW
0x4841d8 GetStringTypeA
0x4841dc IsBadWritePtr
0x4841e0 VirtualAlloc
0x4841e4 LCMapStringW
0x4841e8 LCMapStringA
0x4841ec SetEnvironmentVariableA
0x4841f0 VirtualFree
0x4841f4 HeapCreate
0x4841f8 HeapDestroy
0x4841fc GetEnvironmentVariableA
0x484200 GetFileType
0x484204 GetStdHandle
0x484208 SetHandleCount
0x48420c GetEnvironmentStringsW
0x484210 GetEnvironmentStrings
0x484214 FreeEnvironmentStringsW
0x484218 FreeEnvironmentStringsA
0x48421c UnhandledExceptionFilter
0x484220 GetACP
0x484224 HeapSize
0x484228 TerminateProcess
0x48422c GetLocalTime
0x484230 GetSystemTime
0x484234 GetTimeZoneInformation
0x484238 WriteFile
0x48423c WaitForMultipleObjects
0x484240 CreateFileA
0x484244 SetEvent
0x484248 FindResourceA
0x48424c LoadResource
0x484250 LockResource
0x484254 ReadFile
0x484258 GetModuleFileNameA
0x48425c GetCurrentThreadId
0x484260 ExitProcess
0x484264 GlobalSize
0x484268 GlobalFree
0x48426c DeleteCriticalSection
0x484270 InitializeCriticalSection
0x484274 lstrcatA
0x484278 lstrlenA
0x48427c WinExec
0x484280 lstrcpyA
0x484284 FindNextFileA
0x484288 GlobalReAlloc
0x48428c HeapFree
0x484290 HeapReAlloc
0x484294 GetProcessHeap
0x484298 HeapAlloc
0x48429c MultiByteToWideChar
0x4842a0 WideCharToMultiByte
0x4842a4 GetFullPathNameA
0x4842a8 FreeLibrary
0x4842ac LoadLibraryA
0x4842b0 GetLastError
0x4842b4 GetVersionExA
0x4842b8 WritePrivateProfileStringA
0x4842bc CreateThread
0x4842c0 CreateEventA
0x4842c4 Sleep
0x4842c8 GlobalAlloc
0x4842cc GlobalLock
0x4842d0 GlobalUnlock
0x4842d4 FindFirstFileA
0x4842d8 FindClose
0x4842dc SetFileAttributesA
0x4842e0 GetFileAttributesA
0x4842e4 RaiseException
0x4842e8 RtlUnwind
0x4842ec GetStartupInfoA
0x4842f0 GetOEMCP
0x4842f4 GetCPInfo
0x4842f8 GetProcessVersion
0x4842fc SetErrorMode
0x484300 GlobalFlags
0x484304 GetCurrentThread
0x484308 GetFileTime
0x48430c GetFileSize
0x484310 TlsGetValue
0x484314 LocalReAlloc
0x484318 TlsSetValue
0x48431c TlsFree
0x484320 GlobalHandle
0x484324 SetCurrentDirectoryA
0x484328 GetVolumeInformationA
0x48432c GetModuleHandleA
0x484330 GetProcAddress
0x484334 TlsAlloc
0x484338 LocalAlloc
0x48433c lstrcmpA
0x484340 GetVersion
0x484344 GlobalGetAtomNameA
0x484348 GlobalAddAtomA
0x48434c GlobalFindAtomA
0x484350 GlobalDeleteAtom
0x484354 lstrcmpiA
0x484358 MulDiv
0x48435c GetCommandLineA
0x484360 GetTickCount
0x484364 CreateProcessA
0x484368 WaitForSingleObject
0x48436c CloseHandle
0x484370 InterlockedIncrement
USER32.dll
0x484394 OpenClipboard
0x484398 SetClipboardData
0x48439c EmptyClipboard
0x4843a0 GetSystemMetrics
0x4843a4 GetCursorPos
0x4843a8 MessageBoxA
0x4843ac SetWindowPos
0x4843b0 SendMessageA
0x4843b4 DestroyCursor
0x4843b8 SetParent
0x4843bc GetClipboardData
0x4843c0 PostMessageA
0x4843c4 GetTopWindow
0x4843c8 GetParent
0x4843cc CloseClipboard
0x4843d0 wsprintfA
0x4843d4 GetFocus
0x4843d8 GetClientRect
0x4843dc InvalidateRect
0x4843e0 ValidateRect
0x4843e4 UpdateWindow
0x4843e8 EqualRect
0x4843ec GetWindowRect
0x4843f0 SetForegroundWindow
0x4843f4 WaitForInputIdle
0x4843f8 IsWindow
0x4843fc RegisterClassA
0x484400 DestroyMenu
0x484404 IsChild
0x484408 ReleaseDC
0x48440c IsRectEmpty
0x484410 FillRect
0x484414 GetDC
0x484418 SetCursor
0x48441c LoadCursorA
0x484420 SetCursorPos
0x484424 SetActiveWindow
0x484428 GetSysColor
0x48442c SetWindowLongA
0x484430 GetWindowLongA
0x484434 RedrawWindow
0x484438 EnableWindow
0x48443c IsWindowVisible
0x484440 OffsetRect
0x484444 PtInRect
0x484448 DestroyIcon
0x48444c IntersectRect
0x484450 InflateRect
0x484454 SetRect
0x484458 SetScrollPos
0x48445c SetScrollRange
0x484460 GetScrollRange
0x484464 SetCapture
0x484468 LoadIconA
0x48446c TranslateMessage
0x484470 DrawFrameControl
0x484474 DrawEdge
0x484478 DrawFocusRect
0x48447c WindowFromPoint
0x484480 GetMessageA
0x484484 DispatchMessageA
0x484488 SetRectEmpty
0x48448c RegisterClipboardFormatA
0x484490 CreateIconFromResourceEx
0x484494 CreateIconFromResource
0x484498 DrawIconEx
0x48449c CreatePopupMenu
0x4844a0 AppendMenuA
0x4844a4 ModifyMenuA
0x4844a8 CreateMenu
0x4844ac CreateAcceleratorTableA
0x4844b0 GetDlgCtrlID
0x4844b4 GetSubMenu
0x4844b8 EnableMenuItem
0x4844bc ClientToScreen
0x4844c0 EnumDisplaySettingsA
0x4844c4 LoadImageA
0x4844c8 SystemParametersInfoA
0x4844cc ShowWindow
0x4844d0 IsWindowEnabled
0x4844d4 TranslateAcceleratorA
0x4844d8 GetKeyState
0x4844dc CopyAcceleratorTableA
0x4844e0 PostQuitMessage
0x4844e4 IsZoomed
0x4844e8 GetClassInfoA
0x4844ec DefWindowProcA
0x4844f0 GetSystemMenu
0x4844f4 DeleteMenu
0x4844f8 GetMenu
0x4844fc SetMenu
0x484500 PeekMessageA
0x484504 GetWindowTextA
0x484508 GetWindowTextLengthA
0x48450c CharUpperA
0x484510 GetWindowDC
0x484514 BeginPaint
0x484518 EndPaint
0x48451c TabbedTextOutA
0x484520 DrawTextA
0x484524 GrayStringA
0x484528 GetDlgItem
0x48452c DestroyWindow
0x484530 CreateDialogIndirectParamA
0x484534 EndDialog
0x484538 GetNextDlgTabItem
0x48453c GetWindowPlacement
0x484540 RegisterWindowMessageA
0x484544 GetForegroundWindow
0x484548 GetLastActivePopup
0x48454c GetMessageTime
0x484550 RemovePropA
0x484554 CallWindowProcA
0x484558 GetPropA
0x48455c UnhookWindowsHookEx
0x484560 SetPropA
0x484564 GetClassLongA
0x484568 CallNextHookEx
0x48456c SetWindowsHookExA
0x484570 CreateWindowExA
0x484574 GetMenuItemID
0x484578 GetMenuItemCount
0x48457c UnregisterClassA
0x484580 GetScrollPos
0x484584 AdjustWindowRectEx
0x484588 MapWindowPoints
0x48458c SendDlgItemMessageA
0x484590 ScrollWindowEx
0x484594 IsDialogMessageA
0x484598 SetWindowTextA
0x48459c MoveWindow
0x4845a0 CheckMenuItem
0x4845a4 SetMenuItemBitmaps
0x4845a8 GetMenuState
0x4845ac GetMenuCheckMarkDimensions
0x4845b0 GetClassNameA
0x4845b4 GetDesktopWindow
0x4845b8 LoadStringA
0x4845bc GetSysColorBrush
0x4845c0 IsIconic
0x4845c4 SetFocus
0x4845c8 GetActiveWindow
0x4845cc GetWindow
0x4845d0 DestroyAcceleratorTable
0x4845d4 SetWindowRgn
0x4845d8 GetMessagePos
0x4845dc ScreenToClient
0x4845e0 ChildWindowFromPointEx
0x4845e4 CopyRect
0x4845e8 LoadBitmapA
0x4845ec WinHelpA
0x4845f0 KillTimer
0x4845f4 SetTimer
0x4845f8 ReleaseCapture
0x4845fc GetCapture
GDI32.dll
0x484024 GetClipRgn
0x484028 CreatePolygonRgn
0x48402c SelectClipRgn
0x484030 DeleteObject
0x484034 CreateDIBitmap
0x484038 GetSystemPaletteEntries
0x48403c CreatePalette
0x484040 StretchBlt
0x484044 SelectPalette
0x484048 RealizePalette
0x48404c GetDIBits
0x484050 GetWindowExtEx
0x484054 GetViewportOrgEx
0x484058 GetWindowOrgEx
0x48405c BeginPath
0x484060 EndPath
0x484064 PathToRegion
0x484068 CreateEllipticRgn
0x48406c CreateRoundRectRgn
0x484070 GetTextColor
0x484074 GetBkMode
0x484078 GetBkColor
0x48407c GetROP2
0x484080 GetStretchBltMode
0x484084 GetPolyFillMode
0x484088 CreateCompatibleBitmap
0x48408c CreateDCA
0x484090 CreateBitmap
0x484094 SelectObject
0x484098 GetObjectA
0x48409c CreatePen
0x4840a0 PatBlt
0x4840a4 SetStretchBltMode
0x4840a8 CreateRectRgn
0x4840ac FillRgn
0x4840b0 CreateSolidBrush
0x4840b4 GetStockObject
0x4840b8 CreateFontIndirectA
0x4840bc EndPage
0x4840c0 EndDoc
0x4840c4 DeleteDC
0x4840c8 StartDocA
0x4840cc StartPage
0x4840d0 BitBlt
0x4840d4 CreateCompatibleDC
0x4840d8 Ellipse
0x4840dc Rectangle
0x4840e0 LPtoDP
0x4840e4 DPtoLP
0x4840e8 GetCurrentObject
0x4840ec RoundRect
0x4840f0 GetTextExtentPoint32A
0x4840f4 GetDeviceCaps
0x4840f8 SaveDC
0x4840fc RestoreDC
0x484100 SetBkMode
0x484104 SetPolyFillMode
0x484108 SetROP2
0x48410c SetTextColor
0x484110 SetMapMode
0x484114 SetViewportOrgEx
0x484118 OffsetViewportOrgEx
0x48411c SetViewportExtEx
0x484120 ScaleViewportExtEx
0x484124 SetWindowOrgEx
0x484128 SetWindowExtEx
0x48412c ScaleWindowExtEx
0x484130 GetClipBox
0x484134 ExcludeClipRect
0x484138 MoveToEx
0x48413c LineTo
0x484140 CreateRectRgnIndirect
0x484144 SetBkColor
0x484148 CombineRgn
0x48414c GetTextMetricsA
0x484150 Escape
0x484154 ExtTextOutA
0x484158 TextOutA
0x48415c RectVisible
0x484160 PtVisible
0x484164 GetViewportExtEx
0x484168 ExtSelectClipRgn
WINMM.dll
0x484604 midiStreamRestart
0x484608 midiStreamClose
0x48460c midiOutReset
0x484610 midiStreamStop
0x484614 midiStreamOut
0x484618 midiOutPrepareHeader
0x48461c midiStreamProperty
0x484620 midiStreamOpen
0x484624 midiOutUnprepareHeader
0x484628 waveOutOpen
0x48462c waveOutGetNumDevs
0x484630 waveOutClose
0x484634 waveOutReset
0x484638 waveOutPause
0x48463c waveOutWrite
0x484640 waveOutPrepareHeader
0x484644 waveOutUnprepareHeader
WINSPOOL.DRV
0x48464c ClosePrinter
0x484650 DocumentPropertiesA
0x484654 OpenPrinterA
ADVAPI32.dll
0x484000 RegCloseKey
0x484004 RegOpenKeyExA
0x484008 RegSetValueExA
0x48400c RegQueryValueA
0x484010 RegCreateKeyExA
SHELL32.dll
0x484388 ShellExecuteA
0x48438c Shell_NotifyIconA
ole32.dll
0x484698 OleInitialize
0x48469c OleUninitialize
0x4846a0 CLSIDFromString
OLEAUT32.dll
0x484378 UnRegisterTypeLib
0x48437c RegisterTypeLib
0x484380 LoadTypeLib
COMCTL32.dll
0x484018 ImageList_Destroy
0x48401c None
WS2_32.dll
0x48465c ioctlsocket
0x484660 recv
0x484664 getpeername
0x484668 accept
0x48466c recvfrom
0x484670 WSAAsyncSelect
0x484674 closesocket
0x484678 inet_ntoa
0x48467c WSACleanup
comdlg32.dll
0x484684 ChooseColorA
0x484688 GetSaveFileNameA
0x48468c GetOpenFileNameA
0x484690 GetFileTitleA
EAT(Export Address Table) is none