ScreenShot
| Created | 2024.06.19 09:44 | Machine | s1_win7_x6401 |
| Filename | 3R%BC%BC%CA%F5.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 54 detected (AIDetectMalware, lwTm, Malicious, score, Sabsik, Zusy, Unsafe, Save, Attribute, HighConfidence, high confidence, FlyStudio, Artemis, TrojanX, Bingoml, DownLoad4, Real Protect, moderate, HackTool, Detected, ai score=81, RA@1qraug, Casdet, 1DCLO88, Eldorado, R482514, ZexaF, @t0@aKwYA4mb, R002H0CFI24, Static AI, Malicious PE, Dinwod, frindll, CoinMiner) | ||
| md5 | befa6ec7199742afacb57a836c374853 | ||
| sha256 | 06f592fc63e163ed95a3ed797c64f4a029e95a90f8af1c4078be07f07215648b | ||
| ssdeep | 98304:3tigyfgAFc6wxml9uE6jYa1vOB3FqZVUzSnWYqdwkLcHHSSt:3tigyfgAFc6ZMmNjAP | ||
| imphash | 6484a6f708fa37c8c0be3e0080079152 | ||
| impfuzzy | 192:KKiAUb9q00Jrng1UqT0gAUT/4WTzSJQZcJycncbIk1qgYuPQOqDS:yc0eATbGQZJankojuPQOgS | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 54 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates executable files on the filesystem |
| notice | Creates hidden or system file |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (12cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | ASPack_Zero | ASPack packed file | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | DllRegisterServer_Zero | execute regsvr32.exe | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
RASAPI32.dll
0x696508 RasHangUpA
0x69650c RasGetConnectStatusA
WINMM.dll
0x6967d8 midiStreamOut
0x6967dc midiOutPrepareHeader
0x6967e0 midiStreamProperty
0x6967e4 midiStreamOpen
0x6967e8 midiOutUnprepareHeader
0x6967ec waveOutOpen
0x6967f0 waveOutRestart
0x6967f4 waveOutUnprepareHeader
0x6967f8 waveOutPrepareHeader
0x6967fc waveOutWrite
0x696800 waveOutPause
0x696804 waveOutReset
0x696808 waveOutClose
0x69680c midiStreamStop
0x696810 midiOutReset
0x696814 midiStreamClose
0x696818 midiStreamRestart
0x69681c waveOutGetNumDevs
WS2_32.dll
0x696834 select
0x696838 recv
0x69683c connect
0x696840 ioctlsocket
0x696844 recvfrom
0x696848 send
0x69684c closesocket
0x696850 WSAAsyncSelect
0x696854 htons
0x696858 ntohl
0x69685c accept
0x696860 getpeername
0x696864 WSACleanup
0x696868 socket
0x69686c WSAStartup
0x696870 gethostbyname
0x696874 inet_ntoa
0x696878 inet_addr
KERNEL32.dll
0x6961cc GetWindowsDirectoryA
0x6961d0 GetSystemDirectoryA
0x6961d4 GetVersion
0x6961d8 OpenProcess
0x6961dc CreateMutexA
0x6961e0 ReleaseMutex
0x6961e4 SuspendThread
0x6961e8 GetStringTypeW
0x6961ec GetStringTypeA
0x6961f0 SetUnhandledExceptionFilter
0x6961f4 IsBadWritePtr
0x6961f8 VirtualAlloc
0x6961fc LCMapStringW
0x696200 LCMapStringA
0x696204 SetEnvironmentVariableA
0x696208 VirtualFree
0x69620c HeapCreate
0x696210 HeapDestroy
0x696214 GetEnvironmentVariableA
0x696218 GetStdHandle
0x69621c SetHandleCount
0x696220 GetEnvironmentStringsW
0x696224 GetEnvironmentStrings
0x696228 FreeEnvironmentStringsW
0x69622c FreeEnvironmentStringsA
0x696230 UnhandledExceptionFilter
0x696234 GetFileType
0x696238 SetStdHandle
0x69623c GetACP
0x696240 HeapSize
0x696244 RaiseException
0x696248 GetLocalTime
0x69624c GetSystemTime
0x696250 RtlUnwind
0x696254 GetStartupInfoA
0x696258 GetOEMCP
0x69625c GetCPInfo
0x696260 GetProcessVersion
0x696264 SetErrorMode
0x696268 GetProfileIntA
0x69626c GlobalFlags
0x696270 GetCurrentThread
0x696274 GetFileTime
0x696278 TlsGetValue
0x69627c LocalReAlloc
0x696280 TlsSetValue
0x696284 TlsFree
0x696288 GlobalHandle
0x69628c TlsAlloc
0x696290 LocalAlloc
0x696294 lstrcmpA
0x696298 GlobalGetAtomNameA
0x69629c GlobalAddAtomA
0x6962a0 GlobalFindAtomA
0x6962a4 GlobalDeleteAtom
0x6962a8 lstrcmpiA
0x6962ac SetEndOfFile
0x6962b0 UnlockFile
0x6962b4 LockFile
0x6962b8 FlushFileBuffers
0x6962bc DuplicateHandle
0x6962c0 lstrcpynA
0x6962c4 FileTimeToLocalFileTime
0x6962c8 FormatMessageA
0x6962cc LocalFree
0x6962d0 InterlockedDecrement
0x6962d4 InterlockedIncrement
0x6962d8 TerminateProcess
0x6962dc GetCurrentProcess
0x6962e0 GetFileSize
0x6962e4 SetFilePointer
0x6962e8 CreateToolhelp32Snapshot
0x6962ec Process32First
0x6962f0 Process32Next
0x6962f4 FileTimeToSystemTime
0x6962f8 SetLastError
0x6962fc GetTimeZoneInformation
0x696300 TerminateThread
0x696304 CreateSemaphoreA
0x696308 ResumeThread
0x69630c ReleaseSemaphore
0x696310 EnterCriticalSection
0x696314 LeaveCriticalSection
0x696318 GetProfileStringA
0x69631c WriteFile
0x696320 WaitForMultipleObjects
0x696324 CreateFileA
0x696328 SetEvent
0x69632c FindResourceA
0x696330 LoadResource
0x696334 LockResource
0x696338 ReadFile
0x69633c lstrlenW
0x696340 GetModuleFileNameA
0x696344 GetCurrentThreadId
0x696348 ExitProcess
0x69634c GlobalSize
0x696350 GlobalFree
0x696354 DeleteCriticalSection
0x696358 InitializeCriticalSection
0x69635c lstrcatA
0x696360 lstrlenA
0x696364 WinExec
0x696368 lstrcpyA
0x69636c FindNextFileA
0x696370 GlobalReAlloc
0x696374 HeapFree
0x696378 HeapReAlloc
0x69637c GetProcessHeap
0x696380 HeapAlloc
0x696384 GetUserDefaultLCID
0x696388 MultiByteToWideChar
0x69638c WideCharToMultiByte
0x696390 GetFullPathNameA
0x696394 FreeLibrary
0x696398 LoadLibraryA
0x69639c GetLastError
0x6963a0 GetVersionExA
0x6963a4 WritePrivateProfileStringA
0x6963a8 GetPrivateProfileStringA
0x6963ac CreateThread
0x6963b0 CreateEventA
0x6963b4 Sleep
0x6963b8 GlobalAlloc
0x6963bc GlobalLock
0x6963c0 GlobalUnlock
0x6963c4 GetTempPathA
0x6963c8 FindFirstFileA
0x6963cc FindClose
0x6963d0 SetFileAttributesA
0x6963d4 GetFileAttributesA
0x6963d8 DeleteFileA
0x6963dc CopyFileA
0x6963e0 CreateDirectoryA
0x6963e4 SetCurrentDirectoryA
0x6963e8 GetVolumeInformationA
0x6963ec GetModuleHandleA
0x6963f0 GetProcAddress
0x6963f4 MulDiv
0x6963f8 GetCommandLineA
0x6963fc GetTickCount
0x696400 CreateProcessA
0x696404 WaitForSingleObject
0x696408 CloseHandle
0x69640c CompareStringA
0x696410 CompareStringW
0x696414 IsBadReadPtr
0x696418 IsBadCodePtr
0x69641c InterlockedExchange
USER32.dll
0x696524 FindWindowA
0x696528 GetWindowThreadProcessId
0x69652c GetClassNameA
0x696530 GetDesktopWindow
0x696534 FrameRect
0x696538 GetDoubleClickTime
0x69653c GetCursor
0x696540 ClipCursor
0x696544 GrayStringA
0x696548 DrawTextA
0x69654c TabbedTextOutA
0x696550 SetWindowTextA
0x696554 LoadIconA
0x696558 TranslateMessage
0x69655c DrawFrameControl
0x696560 DrawEdge
0x696564 DrawFocusRect
0x696568 WindowFromPoint
0x69656c GetMessageA
0x696570 DispatchMessageA
0x696574 SetRectEmpty
0x696578 RegisterClipboardFormatA
0x69657c CreateIconFromResourceEx
0x696580 CreateIconFromResource
0x696584 DrawIconEx
0x696588 CreatePopupMenu
0x69658c AppendMenuA
0x696590 ModifyMenuA
0x696594 CreateMenu
0x696598 CreateAcceleratorTableA
0x69659c GetDlgCtrlID
0x6965a0 GetSubMenu
0x6965a4 EnableMenuItem
0x6965a8 ClientToScreen
0x6965ac EnumDisplaySettingsA
0x6965b0 LoadImageA
0x6965b4 SystemParametersInfoA
0x6965b8 ShowWindow
0x6965bc IsWindowEnabled
0x6965c0 TranslateAcceleratorA
0x6965c4 GetKeyState
0x6965c8 CopyAcceleratorTableA
0x6965cc PostQuitMessage
0x6965d0 IsZoomed
0x6965d4 GetClassInfoA
0x6965d8 DefWindowProcA
0x6965dc GetSysColorBrush
0x6965e0 LoadStringA
0x6965e4 wvsprintfA
0x6965e8 GetMenuCheckMarkDimensions
0x6965ec GetMenuState
0x6965f0 SetMenuItemBitmaps
0x6965f4 CheckMenuItem
0x6965f8 MoveWindow
0x6965fc IsDialogMessageA
0x696600 ScrollWindowEx
0x696604 GetDlgItem
0x696608 SendDlgItemMessageA
0x69660c MapWindowPoints
0x696610 AdjustWindowRectEx
0x696614 GetSystemMenu
0x696618 DeleteMenu
0x69661c GetMenu
0x696620 SetMenu
0x696624 PeekMessageA
0x696628 IsIconic
0x69662c SetFocus
0x696630 GetActiveWindow
0x696634 GetWindow
0x696638 DestroyAcceleratorTable
0x69663c SetWindowRgn
0x696640 GetMessagePos
0x696644 ScreenToClient
0x696648 ChildWindowFromPointEx
0x69664c CopyRect
0x696650 LoadBitmapA
0x696654 WinHelpA
0x696658 KillTimer
0x69665c SetTimer
0x696660 ReleaseCapture
0x696664 GetCapture
0x696668 SetCapture
0x69666c GetScrollRange
0x696670 SetScrollRange
0x696674 SetScrollPos
0x696678 SetRect
0x69667c InflateRect
0x696680 IntersectRect
0x696684 DestroyIcon
0x696688 PtInRect
0x69668c OffsetRect
0x696690 IsWindowVisible
0x696694 EnableWindow
0x696698 RedrawWindow
0x69669c GetWindowLongA
0x6966a0 SetWindowLongA
0x6966a4 GetSysColor
0x6966a8 SetActiveWindow
0x6966ac SetCursorPos
0x6966b0 LoadCursorA
0x6966b4 SetCursor
0x6966b8 GetDC
0x6966bc FillRect
0x6966c0 InvertRect
0x6966c4 IsRectEmpty
0x6966c8 ScrollDC
0x6966cc ReleaseDC
0x6966d0 IsChild
0x6966d4 DestroyMenu
0x6966d8 SetForegroundWindow
0x6966dc GetWindowRect
0x6966e0 EqualRect
0x6966e4 UpdateWindow
0x6966e8 ValidateRect
0x6966ec InvalidateRect
0x6966f0 GetClientRect
0x6966f4 GetFocus
0x6966f8 GetParent
0x6966fc GetTopWindow
0x696700 PostMessageA
0x696704 IsWindow
0x696708 SetParent
0x69670c DestroyCursor
0x696710 SendMessageA
0x696714 SetWindowPos
0x696718 MessageBeep
0x69671c MessageBoxA
0x696720 GetCursorPos
0x696724 GetSystemMetrics
0x696728 IsClipboardFormatAvailable
0x69672c EmptyClipboard
0x696730 SetClipboardData
0x696734 OpenClipboard
0x696738 GetClipboardData
0x69673c CloseClipboard
0x696740 wsprintfA
0x696744 WaitForInputIdle
0x696748 GetWindowTextA
0x69674c UnregisterClassA
0x696750 GetForegroundWindow
0x696754 GetWindowTextLengthA
0x696758 CharUpperA
0x69675c GetWindowDC
0x696760 BeginPaint
0x696764 EndPaint
0x696768 DestroyWindow
0x69676c CreateDialogIndirectParamA
0x696770 EndDialog
0x696774 GetNextDlgTabItem
0x696778 GetWindowPlacement
0x69677c RegisterWindowMessageA
0x696780 GetLastActivePopup
0x696784 GetMessageTime
0x696788 RemovePropA
0x69678c CallWindowProcA
0x696790 GetPropA
0x696794 UnhookWindowsHookEx
0x696798 SetPropA
0x69679c GetClassLongA
0x6967a0 CallNextHookEx
0x6967a4 SetWindowsHookExA
0x6967a8 CreateWindowExA
0x6967ac GetMenuItemID
0x6967b0 GetMenuItemCount
0x6967b4 RegisterClassA
0x6967b8 GetScrollPos
0x6967bc ShowScrollBar
0x6967c0 SetScrollInfo
0x6967c4 GetScrollInfo
0x6967c8 ScrollWindow
GDI32.dll
0x69604c ExtSelectClipRgn
0x696050 EndPath
0x696054 PathToRegion
0x696058 CreateEllipticRgn
0x69605c CopyMetaFileA
0x696060 GetViewportExtEx
0x696064 CreateRoundRectRgn
0x696068 GetTextColor
0x69606c GetBkMode
0x696070 GetBkColor
0x696074 GetROP2
0x696078 GetPolyFillMode
0x69607c CreateCompatibleBitmap
0x696080 CreateDCA
0x696084 CreateBrushIndirect
0x696088 CreateHatchBrush
0x69608c CreateBitmap
0x696090 CreatePatternBrush
0x696094 SelectObject
0x696098 CreatePen
0x69609c PatBlt
0x6960a0 CombineRgn
0x6960a4 CreateRectRgn
0x6960a8 FillRgn
0x6960ac CreateSolidBrush
0x6960b0 CreateFontIndirectA
0x6960b4 GetStockObject
0x6960b8 GetObjectA
0x6960bc EndPage
0x6960c0 EndDoc
0x6960c4 DeleteDC
0x6960c8 StartDocA
0x6960cc StartPage
0x6960d0 BitBlt
0x6960d4 CreateCompatibleDC
0x6960d8 SetPixelV
0x6960dc Ellipse
0x6960e0 Rectangle
0x6960e4 LPtoDP
0x6960e8 DPtoLP
0x6960ec GetCurrentObject
0x6960f0 RoundRect
0x6960f4 Pie
0x6960f8 Chord
0x6960fc Arc
0x696100 Polygon
0x696104 GetTextExtentPoint32A
0x696108 GetDeviceCaps
0x69610c SelectPalette
0x696110 StretchBlt
0x696114 CreatePalette
0x696118 GetSystemPaletteEntries
0x69611c CreateDIBitmap
0x696120 DeleteObject
0x696124 SelectClipRgn
0x696128 CreatePolygonRgn
0x69612c GetClipRgn
0x696130 SetStretchBltMode
0x696134 CreateRectRgnIndirect
0x696138 SetBkColor
0x69613c PtVisible
0x696140 RectVisible
0x696144 TextOutA
0x696148 ExtTextOutA
0x69614c GetTextMetricsA
0x696150 Escape
0x696154 AbortDoc
0x696158 CreateFontA
0x69615c SetBrushOrgEx
0x696160 BeginPath
0x696164 GetWindowOrgEx
0x696168 GetViewportOrgEx
0x69616c GetWindowExtEx
0x696170 GetDIBits
0x696174 ExcludeClipRect
0x696178 MoveToEx
0x69617c GetStretchBltMode
0x696180 LineTo
0x696184 GetClipBox
0x696188 ScaleWindowExtEx
0x69618c SetWindowExtEx
0x696190 OffsetWindowOrgEx
0x696194 SetWindowOrgEx
0x696198 ScaleViewportExtEx
0x69619c SetViewportExtEx
0x6961a0 OffsetViewportOrgEx
0x6961a4 SetViewportOrgEx
0x6961a8 SetMapMode
0x6961ac SetTextColor
0x6961b0 SetROP2
0x6961b4 SetPolyFillMode
0x6961b8 SetBkMode
0x6961bc RestoreDC
0x6961c0 SaveDC
0x6961c4 RealizePalette
WINSPOOL.DRV
0x696824 DocumentPropertiesA
0x696828 OpenPrinterA
0x69682c ClosePrinter
ADVAPI32.dll
0x696000 RegCloseKey
0x696004 RegQueryValueExA
0x696008 RegOpenKeyExA
0x69600c RegSetValueExA
0x696010 RegCreateKeyA
0x696014 RegQueryValueA
0x696018 RegCreateKeyExA
SHELL32.dll
0x696514 SHGetSpecialFolderPathA
0x696518 Shell_NotifyIconA
0x69651c ShellExecuteA
ole32.dll
0x69689c CoTaskMemAlloc
0x6968a0 OleDuplicateData
0x6968a4 RevokeDragDrop
0x6968a8 CoLockObjectExternal
0x6968ac DoDragDrop
0x6968b0 OleGetClipboard
0x6968b4 OleFlushClipboard
0x6968b8 OleRun
0x6968bc CoCreateInstance
0x6968c0 CreateStreamOnHGlobal
0x6968c4 CLSIDFromString
0x6968c8 OleUninitialize
0x6968cc OleInitialize
0x6968d0 OleSetClipboard
0x6968d4 CoTaskMemFree
0x6968d8 ReleaseStgMedium
0x6968dc CLSIDFromProgID
0x6968e0 OleIsCurrentClipboard
OLEAUT32.dll
0x6964a8 SafeArrayGetElement
0x6964ac SysFreeString
0x6964b0 SysStringLen
0x6964b4 VarDateFromStr
0x6964b8 UnRegisterTypeLib
0x6964bc GetActiveObject
0x6964c0 LoadTypeLib
0x6964c4 LHashValOfNameSys
0x6964c8 RegisterTypeLib
0x6964cc SafeArrayPutElement
0x6964d0 SafeArrayCreate
0x6964d4 SafeArrayDestroy
0x6964d8 SysAllocString
0x6964dc VariantInit
0x6964e0 SafeArrayAccessData
0x6964e4 SafeArrayUnaccessData
0x6964e8 SafeArrayGetDim
0x6964ec SafeArrayGetLBound
0x6964f0 SafeArrayGetUBound
0x6964f4 VariantChangeType
0x6964f8 VariantClear
0x6964fc VariantCopy
0x696500 VariantCopyInd
ODBC32.dll
0x696424 None
0x696428 None
0x69642c None
0x696430 None
0x696434 None
0x696438 None
0x69643c None
0x696440 None
0x696444 None
0x696448 None
0x69644c None
0x696450 None
0x696454 None
0x696458 None
0x69645c None
0x696460 None
0x696464 None
0x696468 None
0x69646c None
0x696470 None
0x696474 None
0x696478 None
0x69647c None
0x696480 None
0x696484 None
0x696488 None
0x69648c None
0x696490 None
0x696494 None
0x696498 None
0x69649c None
0x6964a0 None
COMCTL32.dll
0x696020 ImageList_AddMasked
0x696024 ImageList_Draw
0x696028 None
0x69602c ImageList_Destroy
0x696030 ImageList_Create
0x696034 ImageList_Read
0x696038 ImageList_SetBkColor
0x69603c ImageList_GetImageCount
0x696040 ImageList_GetImageInfo
0x696044 ImageList_Duplicate
WININET.dll
0x6967d0 InternetCloseHandle
comdlg32.dll
0x696880 GetOpenFileNameA
0x696884 ChooseColorA
0x696888 ChooseFontA
0x69688c GetFileTitleA
0x696890 GetSaveFileNameA
0x696894 PrintDlgA
EAT(Export Address Table) is none
RASAPI32.dll
0x696508 RasHangUpA
0x69650c RasGetConnectStatusA
WINMM.dll
0x6967d8 midiStreamOut
0x6967dc midiOutPrepareHeader
0x6967e0 midiStreamProperty
0x6967e4 midiStreamOpen
0x6967e8 midiOutUnprepareHeader
0x6967ec waveOutOpen
0x6967f0 waveOutRestart
0x6967f4 waveOutUnprepareHeader
0x6967f8 waveOutPrepareHeader
0x6967fc waveOutWrite
0x696800 waveOutPause
0x696804 waveOutReset
0x696808 waveOutClose
0x69680c midiStreamStop
0x696810 midiOutReset
0x696814 midiStreamClose
0x696818 midiStreamRestart
0x69681c waveOutGetNumDevs
WS2_32.dll
0x696834 select
0x696838 recv
0x69683c connect
0x696840 ioctlsocket
0x696844 recvfrom
0x696848 send
0x69684c closesocket
0x696850 WSAAsyncSelect
0x696854 htons
0x696858 ntohl
0x69685c accept
0x696860 getpeername
0x696864 WSACleanup
0x696868 socket
0x69686c WSAStartup
0x696870 gethostbyname
0x696874 inet_ntoa
0x696878 inet_addr
KERNEL32.dll
0x6961cc GetWindowsDirectoryA
0x6961d0 GetSystemDirectoryA
0x6961d4 GetVersion
0x6961d8 OpenProcess
0x6961dc CreateMutexA
0x6961e0 ReleaseMutex
0x6961e4 SuspendThread
0x6961e8 GetStringTypeW
0x6961ec GetStringTypeA
0x6961f0 SetUnhandledExceptionFilter
0x6961f4 IsBadWritePtr
0x6961f8 VirtualAlloc
0x6961fc LCMapStringW
0x696200 LCMapStringA
0x696204 SetEnvironmentVariableA
0x696208 VirtualFree
0x69620c HeapCreate
0x696210 HeapDestroy
0x696214 GetEnvironmentVariableA
0x696218 GetStdHandle
0x69621c SetHandleCount
0x696220 GetEnvironmentStringsW
0x696224 GetEnvironmentStrings
0x696228 FreeEnvironmentStringsW
0x69622c FreeEnvironmentStringsA
0x696230 UnhandledExceptionFilter
0x696234 GetFileType
0x696238 SetStdHandle
0x69623c GetACP
0x696240 HeapSize
0x696244 RaiseException
0x696248 GetLocalTime
0x69624c GetSystemTime
0x696250 RtlUnwind
0x696254 GetStartupInfoA
0x696258 GetOEMCP
0x69625c GetCPInfo
0x696260 GetProcessVersion
0x696264 SetErrorMode
0x696268 GetProfileIntA
0x69626c GlobalFlags
0x696270 GetCurrentThread
0x696274 GetFileTime
0x696278 TlsGetValue
0x69627c LocalReAlloc
0x696280 TlsSetValue
0x696284 TlsFree
0x696288 GlobalHandle
0x69628c TlsAlloc
0x696290 LocalAlloc
0x696294 lstrcmpA
0x696298 GlobalGetAtomNameA
0x69629c GlobalAddAtomA
0x6962a0 GlobalFindAtomA
0x6962a4 GlobalDeleteAtom
0x6962a8 lstrcmpiA
0x6962ac SetEndOfFile
0x6962b0 UnlockFile
0x6962b4 LockFile
0x6962b8 FlushFileBuffers
0x6962bc DuplicateHandle
0x6962c0 lstrcpynA
0x6962c4 FileTimeToLocalFileTime
0x6962c8 FormatMessageA
0x6962cc LocalFree
0x6962d0 InterlockedDecrement
0x6962d4 InterlockedIncrement
0x6962d8 TerminateProcess
0x6962dc GetCurrentProcess
0x6962e0 GetFileSize
0x6962e4 SetFilePointer
0x6962e8 CreateToolhelp32Snapshot
0x6962ec Process32First
0x6962f0 Process32Next
0x6962f4 FileTimeToSystemTime
0x6962f8 SetLastError
0x6962fc GetTimeZoneInformation
0x696300 TerminateThread
0x696304 CreateSemaphoreA
0x696308 ResumeThread
0x69630c ReleaseSemaphore
0x696310 EnterCriticalSection
0x696314 LeaveCriticalSection
0x696318 GetProfileStringA
0x69631c WriteFile
0x696320 WaitForMultipleObjects
0x696324 CreateFileA
0x696328 SetEvent
0x69632c FindResourceA
0x696330 LoadResource
0x696334 LockResource
0x696338 ReadFile
0x69633c lstrlenW
0x696340 GetModuleFileNameA
0x696344 GetCurrentThreadId
0x696348 ExitProcess
0x69634c GlobalSize
0x696350 GlobalFree
0x696354 DeleteCriticalSection
0x696358 InitializeCriticalSection
0x69635c lstrcatA
0x696360 lstrlenA
0x696364 WinExec
0x696368 lstrcpyA
0x69636c FindNextFileA
0x696370 GlobalReAlloc
0x696374 HeapFree
0x696378 HeapReAlloc
0x69637c GetProcessHeap
0x696380 HeapAlloc
0x696384 GetUserDefaultLCID
0x696388 MultiByteToWideChar
0x69638c WideCharToMultiByte
0x696390 GetFullPathNameA
0x696394 FreeLibrary
0x696398 LoadLibraryA
0x69639c GetLastError
0x6963a0 GetVersionExA
0x6963a4 WritePrivateProfileStringA
0x6963a8 GetPrivateProfileStringA
0x6963ac CreateThread
0x6963b0 CreateEventA
0x6963b4 Sleep
0x6963b8 GlobalAlloc
0x6963bc GlobalLock
0x6963c0 GlobalUnlock
0x6963c4 GetTempPathA
0x6963c8 FindFirstFileA
0x6963cc FindClose
0x6963d0 SetFileAttributesA
0x6963d4 GetFileAttributesA
0x6963d8 DeleteFileA
0x6963dc CopyFileA
0x6963e0 CreateDirectoryA
0x6963e4 SetCurrentDirectoryA
0x6963e8 GetVolumeInformationA
0x6963ec GetModuleHandleA
0x6963f0 GetProcAddress
0x6963f4 MulDiv
0x6963f8 GetCommandLineA
0x6963fc GetTickCount
0x696400 CreateProcessA
0x696404 WaitForSingleObject
0x696408 CloseHandle
0x69640c CompareStringA
0x696410 CompareStringW
0x696414 IsBadReadPtr
0x696418 IsBadCodePtr
0x69641c InterlockedExchange
USER32.dll
0x696524 FindWindowA
0x696528 GetWindowThreadProcessId
0x69652c GetClassNameA
0x696530 GetDesktopWindow
0x696534 FrameRect
0x696538 GetDoubleClickTime
0x69653c GetCursor
0x696540 ClipCursor
0x696544 GrayStringA
0x696548 DrawTextA
0x69654c TabbedTextOutA
0x696550 SetWindowTextA
0x696554 LoadIconA
0x696558 TranslateMessage
0x69655c DrawFrameControl
0x696560 DrawEdge
0x696564 DrawFocusRect
0x696568 WindowFromPoint
0x69656c GetMessageA
0x696570 DispatchMessageA
0x696574 SetRectEmpty
0x696578 RegisterClipboardFormatA
0x69657c CreateIconFromResourceEx
0x696580 CreateIconFromResource
0x696584 DrawIconEx
0x696588 CreatePopupMenu
0x69658c AppendMenuA
0x696590 ModifyMenuA
0x696594 CreateMenu
0x696598 CreateAcceleratorTableA
0x69659c GetDlgCtrlID
0x6965a0 GetSubMenu
0x6965a4 EnableMenuItem
0x6965a8 ClientToScreen
0x6965ac EnumDisplaySettingsA
0x6965b0 LoadImageA
0x6965b4 SystemParametersInfoA
0x6965b8 ShowWindow
0x6965bc IsWindowEnabled
0x6965c0 TranslateAcceleratorA
0x6965c4 GetKeyState
0x6965c8 CopyAcceleratorTableA
0x6965cc PostQuitMessage
0x6965d0 IsZoomed
0x6965d4 GetClassInfoA
0x6965d8 DefWindowProcA
0x6965dc GetSysColorBrush
0x6965e0 LoadStringA
0x6965e4 wvsprintfA
0x6965e8 GetMenuCheckMarkDimensions
0x6965ec GetMenuState
0x6965f0 SetMenuItemBitmaps
0x6965f4 CheckMenuItem
0x6965f8 MoveWindow
0x6965fc IsDialogMessageA
0x696600 ScrollWindowEx
0x696604 GetDlgItem
0x696608 SendDlgItemMessageA
0x69660c MapWindowPoints
0x696610 AdjustWindowRectEx
0x696614 GetSystemMenu
0x696618 DeleteMenu
0x69661c GetMenu
0x696620 SetMenu
0x696624 PeekMessageA
0x696628 IsIconic
0x69662c SetFocus
0x696630 GetActiveWindow
0x696634 GetWindow
0x696638 DestroyAcceleratorTable
0x69663c SetWindowRgn
0x696640 GetMessagePos
0x696644 ScreenToClient
0x696648 ChildWindowFromPointEx
0x69664c CopyRect
0x696650 LoadBitmapA
0x696654 WinHelpA
0x696658 KillTimer
0x69665c SetTimer
0x696660 ReleaseCapture
0x696664 GetCapture
0x696668 SetCapture
0x69666c GetScrollRange
0x696670 SetScrollRange
0x696674 SetScrollPos
0x696678 SetRect
0x69667c InflateRect
0x696680 IntersectRect
0x696684 DestroyIcon
0x696688 PtInRect
0x69668c OffsetRect
0x696690 IsWindowVisible
0x696694 EnableWindow
0x696698 RedrawWindow
0x69669c GetWindowLongA
0x6966a0 SetWindowLongA
0x6966a4 GetSysColor
0x6966a8 SetActiveWindow
0x6966ac SetCursorPos
0x6966b0 LoadCursorA
0x6966b4 SetCursor
0x6966b8 GetDC
0x6966bc FillRect
0x6966c0 InvertRect
0x6966c4 IsRectEmpty
0x6966c8 ScrollDC
0x6966cc ReleaseDC
0x6966d0 IsChild
0x6966d4 DestroyMenu
0x6966d8 SetForegroundWindow
0x6966dc GetWindowRect
0x6966e0 EqualRect
0x6966e4 UpdateWindow
0x6966e8 ValidateRect
0x6966ec InvalidateRect
0x6966f0 GetClientRect
0x6966f4 GetFocus
0x6966f8 GetParent
0x6966fc GetTopWindow
0x696700 PostMessageA
0x696704 IsWindow
0x696708 SetParent
0x69670c DestroyCursor
0x696710 SendMessageA
0x696714 SetWindowPos
0x696718 MessageBeep
0x69671c MessageBoxA
0x696720 GetCursorPos
0x696724 GetSystemMetrics
0x696728 IsClipboardFormatAvailable
0x69672c EmptyClipboard
0x696730 SetClipboardData
0x696734 OpenClipboard
0x696738 GetClipboardData
0x69673c CloseClipboard
0x696740 wsprintfA
0x696744 WaitForInputIdle
0x696748 GetWindowTextA
0x69674c UnregisterClassA
0x696750 GetForegroundWindow
0x696754 GetWindowTextLengthA
0x696758 CharUpperA
0x69675c GetWindowDC
0x696760 BeginPaint
0x696764 EndPaint
0x696768 DestroyWindow
0x69676c CreateDialogIndirectParamA
0x696770 EndDialog
0x696774 GetNextDlgTabItem
0x696778 GetWindowPlacement
0x69677c RegisterWindowMessageA
0x696780 GetLastActivePopup
0x696784 GetMessageTime
0x696788 RemovePropA
0x69678c CallWindowProcA
0x696790 GetPropA
0x696794 UnhookWindowsHookEx
0x696798 SetPropA
0x69679c GetClassLongA
0x6967a0 CallNextHookEx
0x6967a4 SetWindowsHookExA
0x6967a8 CreateWindowExA
0x6967ac GetMenuItemID
0x6967b0 GetMenuItemCount
0x6967b4 RegisterClassA
0x6967b8 GetScrollPos
0x6967bc ShowScrollBar
0x6967c0 SetScrollInfo
0x6967c4 GetScrollInfo
0x6967c8 ScrollWindow
GDI32.dll
0x69604c ExtSelectClipRgn
0x696050 EndPath
0x696054 PathToRegion
0x696058 CreateEllipticRgn
0x69605c CopyMetaFileA
0x696060 GetViewportExtEx
0x696064 CreateRoundRectRgn
0x696068 GetTextColor
0x69606c GetBkMode
0x696070 GetBkColor
0x696074 GetROP2
0x696078 GetPolyFillMode
0x69607c CreateCompatibleBitmap
0x696080 CreateDCA
0x696084 CreateBrushIndirect
0x696088 CreateHatchBrush
0x69608c CreateBitmap
0x696090 CreatePatternBrush
0x696094 SelectObject
0x696098 CreatePen
0x69609c PatBlt
0x6960a0 CombineRgn
0x6960a4 CreateRectRgn
0x6960a8 FillRgn
0x6960ac CreateSolidBrush
0x6960b0 CreateFontIndirectA
0x6960b4 GetStockObject
0x6960b8 GetObjectA
0x6960bc EndPage
0x6960c0 EndDoc
0x6960c4 DeleteDC
0x6960c8 StartDocA
0x6960cc StartPage
0x6960d0 BitBlt
0x6960d4 CreateCompatibleDC
0x6960d8 SetPixelV
0x6960dc Ellipse
0x6960e0 Rectangle
0x6960e4 LPtoDP
0x6960e8 DPtoLP
0x6960ec GetCurrentObject
0x6960f0 RoundRect
0x6960f4 Pie
0x6960f8 Chord
0x6960fc Arc
0x696100 Polygon
0x696104 GetTextExtentPoint32A
0x696108 GetDeviceCaps
0x69610c SelectPalette
0x696110 StretchBlt
0x696114 CreatePalette
0x696118 GetSystemPaletteEntries
0x69611c CreateDIBitmap
0x696120 DeleteObject
0x696124 SelectClipRgn
0x696128 CreatePolygonRgn
0x69612c GetClipRgn
0x696130 SetStretchBltMode
0x696134 CreateRectRgnIndirect
0x696138 SetBkColor
0x69613c PtVisible
0x696140 RectVisible
0x696144 TextOutA
0x696148 ExtTextOutA
0x69614c GetTextMetricsA
0x696150 Escape
0x696154 AbortDoc
0x696158 CreateFontA
0x69615c SetBrushOrgEx
0x696160 BeginPath
0x696164 GetWindowOrgEx
0x696168 GetViewportOrgEx
0x69616c GetWindowExtEx
0x696170 GetDIBits
0x696174 ExcludeClipRect
0x696178 MoveToEx
0x69617c GetStretchBltMode
0x696180 LineTo
0x696184 GetClipBox
0x696188 ScaleWindowExtEx
0x69618c SetWindowExtEx
0x696190 OffsetWindowOrgEx
0x696194 SetWindowOrgEx
0x696198 ScaleViewportExtEx
0x69619c SetViewportExtEx
0x6961a0 OffsetViewportOrgEx
0x6961a4 SetViewportOrgEx
0x6961a8 SetMapMode
0x6961ac SetTextColor
0x6961b0 SetROP2
0x6961b4 SetPolyFillMode
0x6961b8 SetBkMode
0x6961bc RestoreDC
0x6961c0 SaveDC
0x6961c4 RealizePalette
WINSPOOL.DRV
0x696824 DocumentPropertiesA
0x696828 OpenPrinterA
0x69682c ClosePrinter
ADVAPI32.dll
0x696000 RegCloseKey
0x696004 RegQueryValueExA
0x696008 RegOpenKeyExA
0x69600c RegSetValueExA
0x696010 RegCreateKeyA
0x696014 RegQueryValueA
0x696018 RegCreateKeyExA
SHELL32.dll
0x696514 SHGetSpecialFolderPathA
0x696518 Shell_NotifyIconA
0x69651c ShellExecuteA
ole32.dll
0x69689c CoTaskMemAlloc
0x6968a0 OleDuplicateData
0x6968a4 RevokeDragDrop
0x6968a8 CoLockObjectExternal
0x6968ac DoDragDrop
0x6968b0 OleGetClipboard
0x6968b4 OleFlushClipboard
0x6968b8 OleRun
0x6968bc CoCreateInstance
0x6968c0 CreateStreamOnHGlobal
0x6968c4 CLSIDFromString
0x6968c8 OleUninitialize
0x6968cc OleInitialize
0x6968d0 OleSetClipboard
0x6968d4 CoTaskMemFree
0x6968d8 ReleaseStgMedium
0x6968dc CLSIDFromProgID
0x6968e0 OleIsCurrentClipboard
OLEAUT32.dll
0x6964a8 SafeArrayGetElement
0x6964ac SysFreeString
0x6964b0 SysStringLen
0x6964b4 VarDateFromStr
0x6964b8 UnRegisterTypeLib
0x6964bc GetActiveObject
0x6964c0 LoadTypeLib
0x6964c4 LHashValOfNameSys
0x6964c8 RegisterTypeLib
0x6964cc SafeArrayPutElement
0x6964d0 SafeArrayCreate
0x6964d4 SafeArrayDestroy
0x6964d8 SysAllocString
0x6964dc VariantInit
0x6964e0 SafeArrayAccessData
0x6964e4 SafeArrayUnaccessData
0x6964e8 SafeArrayGetDim
0x6964ec SafeArrayGetLBound
0x6964f0 SafeArrayGetUBound
0x6964f4 VariantChangeType
0x6964f8 VariantClear
0x6964fc VariantCopy
0x696500 VariantCopyInd
ODBC32.dll
0x696424 None
0x696428 None
0x69642c None
0x696430 None
0x696434 None
0x696438 None
0x69643c None
0x696440 None
0x696444 None
0x696448 None
0x69644c None
0x696450 None
0x696454 None
0x696458 None
0x69645c None
0x696460 None
0x696464 None
0x696468 None
0x69646c None
0x696470 None
0x696474 None
0x696478 None
0x69647c None
0x696480 None
0x696484 None
0x696488 None
0x69648c None
0x696490 None
0x696494 None
0x696498 None
0x69649c None
0x6964a0 None
COMCTL32.dll
0x696020 ImageList_AddMasked
0x696024 ImageList_Draw
0x696028 None
0x69602c ImageList_Destroy
0x696030 ImageList_Create
0x696034 ImageList_Read
0x696038 ImageList_SetBkColor
0x69603c ImageList_GetImageCount
0x696040 ImageList_GetImageInfo
0x696044 ImageList_Duplicate
WININET.dll
0x6967d0 InternetCloseHandle
comdlg32.dll
0x696880 GetOpenFileNameA
0x696884 ChooseColorA
0x696888 ChooseFontA
0x69688c GetFileTitleA
0x696890 GetSaveFileNameA
0x696894 PrintDlgA
EAT(Export Address Table) is none