ScreenShot
| Created | 2024.06.03 08:51 | Machine | s1_win7_x6403 |
| Filename | mdll.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 67 detected (Common, Zegost, malicious, high confidence, score, Lotok, Mikey, Unsafe, Vgyk, Attribute, HighConfidence, Farfli, GenericRXAA, Gh0stRAT, ixtqnh, CLASSIC, decyz, MulDrop18, GenKryptik, SM51, high, hredl, Detected, ai score=86, Kryptik, PDSB@4q3i1w, KillAV, Eldorado, R522712, ZexaF, Uq0@a0G1I1pi, Genetic, Gencirc, HIw4qR706vQ, Static AI, Suspicious PE, susgen, HOBH, confidence, 100%) | ||
| md5 | d65acc2321b1580bc524b991fad0f78a | ||
| sha256 | 1f4c1b7370b3ba6ef950a84589fc458cf5b3a019a9bfe21aab986d0a26785291 | ||
| ssdeep | 12288:YvJZtqNl8GkWnUYFhTJQQI3U3gAd0lpd0nLvwUbvwTjP:jl8GVUUikvd0/d0nbtLOb | ||
| imphash | 4d9c2b04add408d6b39c657f29e8d8c5 | ||
| impfuzzy | 192:iWadorI5UK3k5JobIGA91DNcRcBciokPsQ3Oq:OKrGy39zEufsQ3Oq | ||
Network IP location
Signature (10cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 67 AntiVirus engines on VirusTotal as malicious |
| danger | Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) |
| watch | Communicates with host for which no DNS query was performed |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x4280bc GetTimeZoneInformation
0x4280c0 UnhandledExceptionFilter
0x4280c4 FreeEnvironmentStringsA
0x4280c8 FreeEnvironmentStringsW
0x4280cc GetEnvironmentStrings
0x4280d0 GetEnvironmentStringsW
0x4280d4 SetHandleCount
0x4280d8 GetStdHandle
0x4280dc GetFileType
0x4280e0 GetEnvironmentVariableA
0x4280e4 GetVersionExA
0x4280e8 HeapDestroy
0x4280ec HeapCreate
0x4280f0 VirtualFree
0x4280f4 VirtualAlloc
0x4280f8 IsBadWritePtr
0x4280fc GetACP
0x428100 LCMapStringW
0x428104 SetUnhandledExceptionFilter
0x428108 GetStringTypeA
0x42810c GetStringTypeW
0x428110 IsBadReadPtr
0x428114 IsBadCodePtr
0x428118 SetStdHandle
0x42811c CompareStringA
0x428120 CompareStringW
0x428124 SetEnvironmentVariableA
0x428128 HeapSize
0x42812c GetProfileStringA
0x428130 HeapReAlloc
0x428134 TerminateProcess
0x428138 RaiseException
0x42813c HeapFree
0x428140 HeapAlloc
0x428144 ExitProcess
0x428148 GetCommandLineA
0x42814c GetStartupInfoA
0x428150 RtlUnwind
0x428154 GetFileTime
0x428158 GetFileSize
0x42815c GetFileAttributesA
0x428160 GetTickCount
0x428164 FileTimeToLocalFileTime
0x428168 FileTimeToSystemTime
0x42816c GetFullPathNameA
0x428170 GetVolumeInformationA
0x428174 FindFirstFileA
0x428178 FindClose
0x42817c SetEndOfFile
0x428180 UnlockFile
0x428184 LockFile
0x428188 FlushFileBuffers
0x42818c SetFilePointer
0x428190 WriteFile
0x428194 ReadFile
0x428198 CreateFileA
0x42819c GetCurrentProcess
0x4281a0 DuplicateHandle
0x4281a4 GetOEMCP
0x4281a8 GetCPInfo
0x4281ac SizeofResource
0x4281b0 GetThreadLocale
0x4281b4 GetProcessVersion
0x4281b8 WritePrivateProfileStringA
0x4281bc GlobalFlags
0x4281c0 TlsGetValue
0x4281c4 LocalReAlloc
0x4281c8 TlsSetValue
0x4281cc GlobalReAlloc
0x4281d0 GlobalHandle
0x4281d4 TlsAlloc
0x4281d8 LocalAlloc
0x4281dc EnterCriticalSection
0x4281e0 LeaveCriticalSection
0x4281e4 DeleteCriticalSection
0x4281e8 InitializeCriticalSection
0x4281ec lstrcpynA
0x4281f0 GetLastError
0x4281f4 MulDiv
0x4281f8 SetLastError
0x4281fc LoadLibraryA
0x428200 FreeLibrary
0x428204 GetVersion
0x428208 lstrcatA
0x42820c GlobalGetAtomNameA
0x428210 GlobalAddAtomA
0x428214 GlobalFindAtomA
0x428218 lstrcpyA
0x42821c GlobalUnlock
0x428220 FindResourceA
0x428224 LoadResource
0x428228 LockResource
0x42822c GlobalFree
0x428230 CloseHandle
0x428234 GetModuleFileNameA
0x428238 GlobalLock
0x42823c GlobalAlloc
0x428240 GlobalDeleteAtom
0x428244 lstrcmpiA
0x428248 GetCurrentThread
0x42824c GetCurrentThreadId
0x428250 FormatMessageA
0x428254 LocalFree
0x428258 lstrcmpA
0x42825c MultiByteToWideChar
0x428260 WideCharToMultiByte
0x428264 lstrlenA
0x428268 InterlockedDecrement
0x42826c InterlockedIncrement
0x428270 GetModuleHandleA
0x428274 LCMapStringA
0x428278 GetProcAddress
USER32.dll
0x4282b0 CharUpperA
0x4282b4 RegisterClipboardFormatA
0x4282b8 PostThreadMessageA
0x4282bc SendDlgItemMessageA
0x4282c0 MapWindowPoints
0x4282c4 GetSysColor
0x4282c8 SetFocus
0x4282cc AdjustWindowRectEx
0x4282d0 ScreenToClient
0x4282d4 CopyRect
0x4282d8 GetTopWindow
0x4282dc IsChild
0x4282e0 GetCapture
0x4282e4 WinHelpA
0x4282e8 GetClassInfoA
0x4282ec RegisterClassA
0x4282f0 GetMenu
0x4282f4 GetMenuItemCount
0x4282f8 GetSubMenu
0x4282fc GetMenuItemID
0x428300 GetWindowTextLengthA
0x428304 GetWindowTextA
0x428308 GetDlgCtrlID
0x42830c CreateWindowExA
0x428310 GetClassLongA
0x428314 SetPropA
0x428318 UnhookWindowsHookEx
0x42831c GetPropA
0x428320 CallWindowProcA
0x428324 RemovePropA
0x428328 DefWindowProcA
0x42832c GetMessageTime
0x428330 GetMessagePos
0x428334 GetForegroundWindow
0x428338 SetWindowLongA
0x42833c RegisterWindowMessageA
0x428340 OffsetRect
0x428344 IntersectRect
0x428348 CopyAcceleratorTableA
0x42834c GetWindowPlacement
0x428350 GetWindowRect
0x428354 EndDialog
0x428358 SetActiveWindow
0x42835c IsWindow
0x428360 CreateDialogIndirectParamA
0x428364 DestroyWindow
0x428368 GetDlgItem
0x42836c MapDialogRect
0x428370 SetWindowPos
0x428374 GetWindow
0x428378 SetWindowContextHelpId
0x42837c GetMenuCheckMarkDimensions
0x428380 GetMenuState
0x428384 ModifyMenuA
0x428388 SetMenuItemBitmaps
0x42838c CheckMenuItem
0x428390 EnableMenuItem
0x428394 GetFocus
0x428398 GetNextDlgTabItem
0x42839c GetMessageA
0x4283a0 TranslateMessage
0x4283a4 DispatchMessageA
0x4283a8 GetActiveWindow
0x4283ac GetKeyState
0x4283b0 CallNextHookEx
0x4283b4 ValidateRect
0x4283b8 IsWindowVisible
0x4283bc PeekMessageA
0x4283c0 GetCursorPos
0x4283c4 SetWindowsHookExA
0x4283c8 GetParent
0x4283cc LoadIconA
0x4283d0 HideCaret
0x4283d4 ShowCaret
0x4283d8 ExcludeUpdateRgn
0x4283dc DrawFocusRect
0x4283e0 DefDlgProcA
0x4283e4 IsWindowUnicode
0x4283e8 SendMessageA
0x4283ec GetLastActivePopup
0x4283f0 IsWindowEnabled
0x4283f4 GetWindowLongA
0x4283f8 MessageBoxA
0x4283fc SetCursor
0x428400 PostQuitMessage
0x428404 PostMessageA
0x428408 EnableWindow
0x42840c LoadBitmapA
0x428410 wsprintfA
0x428414 InflateRect
0x428418 MessageBeep
0x42841c GetNextDlgGroupItem
0x428420 SetForegroundWindow
0x428424 SetRect
0x428428 KillTimer
0x42842c InvalidateRect
0x428430 SetTimer
0x428434 IsIconic
0x428438 GetSystemMetrics
0x42843c GetClientRect
0x428440 DrawIcon
0x428444 GetDC
0x428448 CharNextA
0x42844c GetSysColorBrush
0x428450 PtInRect
0x428454 GetClassNameA
0x428458 GetDesktopWindow
0x42845c LoadCursorA
0x428460 GrayStringA
0x428464 DrawTextA
0x428468 TabbedTextOutA
0x42846c EndPaint
0x428470 BeginPaint
0x428474 GetWindowDC
0x428478 ClientToScreen
0x42847c DestroyMenu
0x428480 LoadStringA
0x428484 ReleaseDC
0x428488 ShowWindow
0x42848c MoveWindow
0x428490 SetWindowTextA
0x428494 IsDialogMessageA
0x428498 SetDlgItemTextA
0x42849c UpdateWindow
0x4284a0 SystemParametersInfoA
GDI32.dll
0x42801c SetViewportOrgEx
0x428020 OffsetViewportOrgEx
0x428024 SetViewportExtEx
0x428028 ScaleViewportExtEx
0x42802c SetWindowExtEx
0x428030 ScaleWindowExtEx
0x428034 IntersectClipRect
0x428038 SetMapMode
0x42803c GetDeviceCaps
0x428040 GetViewportExtEx
0x428044 GetWindowExtEx
0x428048 CreateSolidBrush
0x42804c PtVisible
0x428050 RectVisible
0x428054 TextOutA
0x428058 ExtTextOutA
0x42805c Escape
0x428060 GetTextColor
0x428064 GetBkColor
0x428068 DPtoLP
0x42806c LPtoDP
0x428070 GetMapMode
0x428074 SetBkMode
0x428078 GetStockObject
0x42807c SelectObject
0x428080 RestoreDC
0x428084 SaveDC
0x428088 DeleteDC
0x42808c PatBlt
0x428090 GetObjectA
0x428094 SetBkColor
0x428098 SetTextColor
0x42809c GetClipBox
0x4280a0 CreateBitmap
0x4280a4 CreateCompatibleDC
0x4280a8 BitBlt
0x4280ac CreateDIBitmap
0x4280b0 GetTextExtentPointA
0x4280b4 DeleteObject
comdlg32.dll
0x4284b8 GetFileTitleA
WINSPOOL.DRV
0x4284a8 ClosePrinter
0x4284ac DocumentPropertiesA
0x4284b0 OpenPrinterA
ADVAPI32.dll
0x428000 RegCreateKeyExA
0x428004 RegOpenKeyExA
0x428008 RegSetValueExA
0x42800c RegCloseKey
COMCTL32.dll
0x428014 None
oledlg.dll
0x428500 None
ole32.dll
0x4284c0 CoFreeUnusedLibraries
0x4284c4 OleInitialize
0x4284c8 CoTaskMemAlloc
0x4284cc CoTaskMemFree
0x4284d0 CreateILockBytesOnHGlobal
0x4284d4 StgCreateDocfileOnILockBytes
0x4284d8 StgOpenStorageOnILockBytes
0x4284dc CoGetClassObject
0x4284e0 CLSIDFromString
0x4284e4 CLSIDFromProgID
0x4284e8 CoRegisterMessageFilter
0x4284ec CoRevokeClassObject
0x4284f0 OleFlushClipboard
0x4284f4 OleIsCurrentClipboard
0x4284f8 OleUninitialize
OLEPRO32.DLL
0x4282a8 None
OLEAUT32.dll
0x428280 SysFreeString
0x428284 SysAllocStringLen
0x428288 VariantClear
0x42828c VariantTimeToSystemTime
0x428290 VariantCopy
0x428294 VariantChangeType
0x428298 SysAllocString
0x42829c SysAllocStringByteLen
0x4282a0 SysStringLen
EAT(Export Address Table) is none
KERNEL32.dll
0x4280bc GetTimeZoneInformation
0x4280c0 UnhandledExceptionFilter
0x4280c4 FreeEnvironmentStringsA
0x4280c8 FreeEnvironmentStringsW
0x4280cc GetEnvironmentStrings
0x4280d0 GetEnvironmentStringsW
0x4280d4 SetHandleCount
0x4280d8 GetStdHandle
0x4280dc GetFileType
0x4280e0 GetEnvironmentVariableA
0x4280e4 GetVersionExA
0x4280e8 HeapDestroy
0x4280ec HeapCreate
0x4280f0 VirtualFree
0x4280f4 VirtualAlloc
0x4280f8 IsBadWritePtr
0x4280fc GetACP
0x428100 LCMapStringW
0x428104 SetUnhandledExceptionFilter
0x428108 GetStringTypeA
0x42810c GetStringTypeW
0x428110 IsBadReadPtr
0x428114 IsBadCodePtr
0x428118 SetStdHandle
0x42811c CompareStringA
0x428120 CompareStringW
0x428124 SetEnvironmentVariableA
0x428128 HeapSize
0x42812c GetProfileStringA
0x428130 HeapReAlloc
0x428134 TerminateProcess
0x428138 RaiseException
0x42813c HeapFree
0x428140 HeapAlloc
0x428144 ExitProcess
0x428148 GetCommandLineA
0x42814c GetStartupInfoA
0x428150 RtlUnwind
0x428154 GetFileTime
0x428158 GetFileSize
0x42815c GetFileAttributesA
0x428160 GetTickCount
0x428164 FileTimeToLocalFileTime
0x428168 FileTimeToSystemTime
0x42816c GetFullPathNameA
0x428170 GetVolumeInformationA
0x428174 FindFirstFileA
0x428178 FindClose
0x42817c SetEndOfFile
0x428180 UnlockFile
0x428184 LockFile
0x428188 FlushFileBuffers
0x42818c SetFilePointer
0x428190 WriteFile
0x428194 ReadFile
0x428198 CreateFileA
0x42819c GetCurrentProcess
0x4281a0 DuplicateHandle
0x4281a4 GetOEMCP
0x4281a8 GetCPInfo
0x4281ac SizeofResource
0x4281b0 GetThreadLocale
0x4281b4 GetProcessVersion
0x4281b8 WritePrivateProfileStringA
0x4281bc GlobalFlags
0x4281c0 TlsGetValue
0x4281c4 LocalReAlloc
0x4281c8 TlsSetValue
0x4281cc GlobalReAlloc
0x4281d0 GlobalHandle
0x4281d4 TlsAlloc
0x4281d8 LocalAlloc
0x4281dc EnterCriticalSection
0x4281e0 LeaveCriticalSection
0x4281e4 DeleteCriticalSection
0x4281e8 InitializeCriticalSection
0x4281ec lstrcpynA
0x4281f0 GetLastError
0x4281f4 MulDiv
0x4281f8 SetLastError
0x4281fc LoadLibraryA
0x428200 FreeLibrary
0x428204 GetVersion
0x428208 lstrcatA
0x42820c GlobalGetAtomNameA
0x428210 GlobalAddAtomA
0x428214 GlobalFindAtomA
0x428218 lstrcpyA
0x42821c GlobalUnlock
0x428220 FindResourceA
0x428224 LoadResource
0x428228 LockResource
0x42822c GlobalFree
0x428230 CloseHandle
0x428234 GetModuleFileNameA
0x428238 GlobalLock
0x42823c GlobalAlloc
0x428240 GlobalDeleteAtom
0x428244 lstrcmpiA
0x428248 GetCurrentThread
0x42824c GetCurrentThreadId
0x428250 FormatMessageA
0x428254 LocalFree
0x428258 lstrcmpA
0x42825c MultiByteToWideChar
0x428260 WideCharToMultiByte
0x428264 lstrlenA
0x428268 InterlockedDecrement
0x42826c InterlockedIncrement
0x428270 GetModuleHandleA
0x428274 LCMapStringA
0x428278 GetProcAddress
USER32.dll
0x4282b0 CharUpperA
0x4282b4 RegisterClipboardFormatA
0x4282b8 PostThreadMessageA
0x4282bc SendDlgItemMessageA
0x4282c0 MapWindowPoints
0x4282c4 GetSysColor
0x4282c8 SetFocus
0x4282cc AdjustWindowRectEx
0x4282d0 ScreenToClient
0x4282d4 CopyRect
0x4282d8 GetTopWindow
0x4282dc IsChild
0x4282e0 GetCapture
0x4282e4 WinHelpA
0x4282e8 GetClassInfoA
0x4282ec RegisterClassA
0x4282f0 GetMenu
0x4282f4 GetMenuItemCount
0x4282f8 GetSubMenu
0x4282fc GetMenuItemID
0x428300 GetWindowTextLengthA
0x428304 GetWindowTextA
0x428308 GetDlgCtrlID
0x42830c CreateWindowExA
0x428310 GetClassLongA
0x428314 SetPropA
0x428318 UnhookWindowsHookEx
0x42831c GetPropA
0x428320 CallWindowProcA
0x428324 RemovePropA
0x428328 DefWindowProcA
0x42832c GetMessageTime
0x428330 GetMessagePos
0x428334 GetForegroundWindow
0x428338 SetWindowLongA
0x42833c RegisterWindowMessageA
0x428340 OffsetRect
0x428344 IntersectRect
0x428348 CopyAcceleratorTableA
0x42834c GetWindowPlacement
0x428350 GetWindowRect
0x428354 EndDialog
0x428358 SetActiveWindow
0x42835c IsWindow
0x428360 CreateDialogIndirectParamA
0x428364 DestroyWindow
0x428368 GetDlgItem
0x42836c MapDialogRect
0x428370 SetWindowPos
0x428374 GetWindow
0x428378 SetWindowContextHelpId
0x42837c GetMenuCheckMarkDimensions
0x428380 GetMenuState
0x428384 ModifyMenuA
0x428388 SetMenuItemBitmaps
0x42838c CheckMenuItem
0x428390 EnableMenuItem
0x428394 GetFocus
0x428398 GetNextDlgTabItem
0x42839c GetMessageA
0x4283a0 TranslateMessage
0x4283a4 DispatchMessageA
0x4283a8 GetActiveWindow
0x4283ac GetKeyState
0x4283b0 CallNextHookEx
0x4283b4 ValidateRect
0x4283b8 IsWindowVisible
0x4283bc PeekMessageA
0x4283c0 GetCursorPos
0x4283c4 SetWindowsHookExA
0x4283c8 GetParent
0x4283cc LoadIconA
0x4283d0 HideCaret
0x4283d4 ShowCaret
0x4283d8 ExcludeUpdateRgn
0x4283dc DrawFocusRect
0x4283e0 DefDlgProcA
0x4283e4 IsWindowUnicode
0x4283e8 SendMessageA
0x4283ec GetLastActivePopup
0x4283f0 IsWindowEnabled
0x4283f4 GetWindowLongA
0x4283f8 MessageBoxA
0x4283fc SetCursor
0x428400 PostQuitMessage
0x428404 PostMessageA
0x428408 EnableWindow
0x42840c LoadBitmapA
0x428410 wsprintfA
0x428414 InflateRect
0x428418 MessageBeep
0x42841c GetNextDlgGroupItem
0x428420 SetForegroundWindow
0x428424 SetRect
0x428428 KillTimer
0x42842c InvalidateRect
0x428430 SetTimer
0x428434 IsIconic
0x428438 GetSystemMetrics
0x42843c GetClientRect
0x428440 DrawIcon
0x428444 GetDC
0x428448 CharNextA
0x42844c GetSysColorBrush
0x428450 PtInRect
0x428454 GetClassNameA
0x428458 GetDesktopWindow
0x42845c LoadCursorA
0x428460 GrayStringA
0x428464 DrawTextA
0x428468 TabbedTextOutA
0x42846c EndPaint
0x428470 BeginPaint
0x428474 GetWindowDC
0x428478 ClientToScreen
0x42847c DestroyMenu
0x428480 LoadStringA
0x428484 ReleaseDC
0x428488 ShowWindow
0x42848c MoveWindow
0x428490 SetWindowTextA
0x428494 IsDialogMessageA
0x428498 SetDlgItemTextA
0x42849c UpdateWindow
0x4284a0 SystemParametersInfoA
GDI32.dll
0x42801c SetViewportOrgEx
0x428020 OffsetViewportOrgEx
0x428024 SetViewportExtEx
0x428028 ScaleViewportExtEx
0x42802c SetWindowExtEx
0x428030 ScaleWindowExtEx
0x428034 IntersectClipRect
0x428038 SetMapMode
0x42803c GetDeviceCaps
0x428040 GetViewportExtEx
0x428044 GetWindowExtEx
0x428048 CreateSolidBrush
0x42804c PtVisible
0x428050 RectVisible
0x428054 TextOutA
0x428058 ExtTextOutA
0x42805c Escape
0x428060 GetTextColor
0x428064 GetBkColor
0x428068 DPtoLP
0x42806c LPtoDP
0x428070 GetMapMode
0x428074 SetBkMode
0x428078 GetStockObject
0x42807c SelectObject
0x428080 RestoreDC
0x428084 SaveDC
0x428088 DeleteDC
0x42808c PatBlt
0x428090 GetObjectA
0x428094 SetBkColor
0x428098 SetTextColor
0x42809c GetClipBox
0x4280a0 CreateBitmap
0x4280a4 CreateCompatibleDC
0x4280a8 BitBlt
0x4280ac CreateDIBitmap
0x4280b0 GetTextExtentPointA
0x4280b4 DeleteObject
comdlg32.dll
0x4284b8 GetFileTitleA
WINSPOOL.DRV
0x4284a8 ClosePrinter
0x4284ac DocumentPropertiesA
0x4284b0 OpenPrinterA
ADVAPI32.dll
0x428000 RegCreateKeyExA
0x428004 RegOpenKeyExA
0x428008 RegSetValueExA
0x42800c RegCloseKey
COMCTL32.dll
0x428014 None
oledlg.dll
0x428500 None
ole32.dll
0x4284c0 CoFreeUnusedLibraries
0x4284c4 OleInitialize
0x4284c8 CoTaskMemAlloc
0x4284cc CoTaskMemFree
0x4284d0 CreateILockBytesOnHGlobal
0x4284d4 StgCreateDocfileOnILockBytes
0x4284d8 StgOpenStorageOnILockBytes
0x4284dc CoGetClassObject
0x4284e0 CLSIDFromString
0x4284e4 CLSIDFromProgID
0x4284e8 CoRegisterMessageFilter
0x4284ec CoRevokeClassObject
0x4284f0 OleFlushClipboard
0x4284f4 OleIsCurrentClipboard
0x4284f8 OleUninitialize
OLEPRO32.DLL
0x4282a8 None
OLEAUT32.dll
0x428280 SysFreeString
0x428284 SysAllocStringLen
0x428288 VariantClear
0x42828c VariantTimeToSystemTime
0x428290 VariantCopy
0x428294 VariantChangeType
0x428298 SysAllocString
0x42829c SysAllocStringByteLen
0x4282a0 SysStringLen
EAT(Export Address Table) is none