ScreenShot
| Created | 2024.06.24 07:41 | Machine | s1_win7_x6403 |
| Filename | setup.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | |||
| md5 | b6698d4058a87ffcd7bfd86ed09860af | ||
| sha256 | b7abc68b15241dcc425b41e48adab590155a5c4825ccfe761903f6a689a8dc17 | ||
| ssdeep | 393216:whImijFjJ3D7uSHhtyWcBN3MjyQhlktqYGGCVPpjSBibscqvWsWithg:whUF5D0WqNcxhYqRGCtpjSQvg | ||
| imphash | e7d70664c989c41305a1d8de5286f298 | ||
| impfuzzy | 96:hW5+tmXXTSx6nme9Lywp6UB8bLG4xmwJXTXwwJ5i7ieKU4xkCNCP2QLPVd9jSZ:hWTjSxC9LHLejz8EkiCD4 | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | ASPack_Zero | ASPack packed file | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x141df1528 AcquireSRWLockExclusive
0x141df1530 AddDllDirectory
0x141df1538 AddVectoredContinueHandler
0x141df1540 AreFileApisANSI
0x141df1548 AssignProcessToJobObject
0x141df1550 Beep
0x141df1558 CancelIoEx
0x141df1560 CancelSynchronousIo
0x141df1568 CloseHandle
0x141df1570 CopyFileW
0x141df1578 CreateDirectoryExW
0x141df1580 CreateDirectoryW
0x141df1588 CreateEventA
0x141df1590 CreateEventW
0x141df1598 CreateFileW
0x141df15a0 CreateIoCompletionPort
0x141df15a8 CreateJobObjectW
0x141df15b0 CreateNamedPipeW
0x141df15b8 CreatePipe
0x141df15c0 CreateProcessW
0x141df15c8 CreateSymbolicLinkW
0x141df15d0 CreateThread
0x141df15d8 CreateTimerQueue
0x141df15e0 CreateTimerQueueTimer
0x141df15e8 CreateToolhelp32Snapshot
0x141df15f0 DefineDosDeviceW
0x141df15f8 DeleteCriticalSection
0x141df1600 DeleteFileW
0x141df1608 DeleteTimerQueueEx
0x141df1610 DeleteTimerQueueTimer
0x141df1618 DeviceIoControl
0x141df1620 DuplicateHandle
0x141df1628 EnterCriticalSection
0x141df1630 ExitThread
0x141df1638 FileTimeToLocalFileTime
0x141df1640 FileTimeToSystemTime
0x141df1648 FindClose
0x141df1650 FindCloseChangeNotification
0x141df1658 FindFirstChangeNotificationW
0x141df1660 FindFirstFileW
0x141df1668 FindNextChangeNotification
0x141df1670 FindNextFileW
0x141df1678 FlushConsoleInputBuffer
0x141df1680 FlushFileBuffers
0x141df1688 FormatMessageA
0x141df1690 FormatMessageW
0x141df1698 FreeEnvironmentStringsA
0x141df16a0 FreeEnvironmentStringsW
0x141df16a8 FreeLibrary
0x141df16b0 GenerateConsoleCtrlEvent
0x141df16b8 GetACP
0x141df16c0 GetActiveProcessorCount
0x141df16c8 GetActiveProcessorGroupCount
0x141df16d0 GetBinaryTypeW
0x141df16d8 GetCPInfo
0x141df16e0 GetCommandLineW
0x141df16e8 GetConsoleCP
0x141df16f0 GetConsoleMode
0x141df16f8 GetConsoleOutputCP
0x141df1700 GetConsoleScreenBufferInfo
0x141df1708 GetConsoleScreenBufferInfoEx
0x141df1710 GetCurrentDirectoryW
0x141df1718 GetCurrentProcess
0x141df1720 GetCurrentProcessId
0x141df1728 GetCurrentThread
0x141df1730 GetCurrentThreadId
0x141df1738 GetDiskFreeSpaceW
0x141df1740 GetEnvironmentStrings
0x141df1748 GetEnvironmentStringsW
0x141df1750 GetEnvironmentVariableW
0x141df1758 GetExitCodeProcess
0x141df1760 GetExitCodeThread
0x141df1768 GetFileAttributesA
0x141df1770 GetFileAttributesExW
0x141df1778 GetFileAttributesW
0x141df1780 GetFileInformationByHandle
0x141df1788 GetFileSizeEx
0x141df1790 GetFileTime
0x141df1798 GetFileType
0x141df17a0 GetFinalPathNameByHandleW
0x141df17a8 GetFullPathNameW
0x141df17b0 GetLastError
0x141df17b8 GetLocalTime
0x141df17c0 GetLogicalDrives
0x141df17c8 GetLongPathNameW
0x141df17d0 GetModuleFileNameW
0x141df17d8 GetModuleHandleA
0x141df17e0 GetModuleHandleW
0x141df17e8 GetNumaHighestNodeNumber
0x141df17f0 GetNumaNodeProcessorMask
0x141df17f8 GetNumberOfConsoleInputEvents
0x141df1800 GetOEMCP
0x141df1808 GetOverlappedResult
0x141df1810 GetProcAddress
0x141df1818 GetProcessAffinityMask
0x141df1820 GetProcessId
0x141df1828 GetProcessTimes
0x141df1830 GetQueuedCompletionStatusEx
0x141df1838 GetShortPathNameW
0x141df1840 GetStartupInfoA
0x141df1848 GetStdHandle
0x141df1850 GetSystemDirectoryW
0x141df1858 GetSystemInfo
0x141df1860 GetSystemTime
0x141df1868 GetSystemTimeAdjustment
0x141df1870 GetSystemTimeAsFileTime
0x141df1878 GetTempFileNameW
0x141df1880 GetTempPathW
0x141df1888 GetThreadTimes
0x141df1890 GetTickCount
0x141df1898 GetTickCount64
0x141df18a0 GetTimeFormatEx
0x141df18a8 GetTimeFormatW
0x141df18b0 GetTimeZoneInformation
0x141df18b8 GetWindowsDirectoryW
0x141df18c0 GlobalMemoryStatusEx
0x141df18c8 InitializeConditionVariable
0x141df18d0 InitializeCriticalSection
0x141df18d8 InitializeSRWLock
0x141df18e0 IsDBCSLeadByteEx
0x141df18e8 K32EnumProcessModules
0x141df18f0 K32GetModuleFileNameExW
0x141df18f8 K32GetModuleInformation
0x141df1900 LeaveCriticalSection
0x141df1908 LoadLibraryExW
0x141df1910 LoadLibraryW
0x141df1918 LocalFileTimeToFileTime
0x141df1920 LocalFree
0x141df1928 LockFileEx
0x141df1930 Module32FirstW
0x141df1938 Module32NextW
0x141df1940 MoveFileExW
0x141df1948 MoveFileW
0x141df1950 MultiByteToWideChar
0x141df1958 OpenProcess
0x141df1960 OpenThread
0x141df1968 OutputDebugStringA
0x141df1970 PeekConsoleInputA
0x141df1978 PeekNamedPipe
0x141df1980 PostQueuedCompletionStatus
0x141df1988 Process32FirstW
0x141df1990 Process32NextW
0x141df1998 QueryInformationJobObject
0x141df19a0 QueryPerformanceCounter
0x141df19a8 QueryPerformanceFrequency
0x141df19b0 ReadConsoleInputA
0x141df19b8 ReadConsoleInputW
0x141df19c0 ReadConsoleW
0x141df19c8 ReadFile
0x141df19d0 ReleaseSRWLockExclusive
0x141df19d8 RemoveDirectoryW
0x141df19e0 RemoveDllDirectory
0x141df19e8 RemoveVectoredContinueHandler
0x141df19f0 ResetEvent
0x141df19f8 ResumeThread
0x141df1a00 RtlAddFunctionTable
0x141df1a08 RtlDeleteFunctionTable
0x141df1a10 SearchPathW
0x141df1a18 SetConsoleCP
0x141df1a20 SetConsoleCtrlHandler
0x141df1a28 SetConsoleCursorPosition
0x141df1a30 SetConsoleMode
0x141df1a38 SetConsoleOutputCP
0x141df1a40 SetConsoleScreenBufferSize
0x141df1a48 SetCurrentDirectoryW
0x141df1a50 SetEndOfFile
0x141df1a58 SetEnvironmentVariableW
0x141df1a60 SetEvent
0x141df1a68 SetFileApisToANSI
0x141df1a70 SetFileApisToOEM
0x141df1a78 SetFileAttributesW
0x141df1a80 SetFileCompletionNotificationModes
0x141df1a88 SetFilePointerEx
0x141df1a90 SetFileTime
0x141df1a98 SetHandleCount
0x141df1aa0 SetHandleInformation
0x141df1aa8 SetInformationJobObject
0x141df1ab0 SetLastError
0x141df1ab8 SetLocalTime
0x141df1ac0 SetNamedPipeHandleState
0x141df1ac8 SetSystemTime
0x141df1ad0 SetSystemTimeAdjustment
0x141df1ad8 SetThreadAffinityMask
0x141df1ae0 SetThreadGroupAffinity
0x141df1ae8 SetUnhandledExceptionFilter
0x141df1af0 SetVolumeLabelW
0x141df1af8 Sleep
0x141df1b00 SleepConditionVariableSRW
0x141df1b08 SwitchToThread
0x141df1b10 SystemTimeToFileTime
0x141df1b18 TerminateJobObject
0x141df1b20 TerminateProcess
0x141df1b28 TlsAlloc
0x141df1b30 TlsFree
0x141df1b38 TlsGetValue
0x141df1b40 TlsSetValue
0x141df1b48 TryAcquireSRWLockExclusive
0x141df1b50 UnlockFileEx
0x141df1b58 UnmapViewOfFile
0x141df1b60 VirtualAlloc
0x141df1b68 VirtualAllocExNuma
0x141df1b70 VirtualFree
0x141df1b78 VirtualProtect
0x141df1b80 VirtualQuery
0x141df1b88 WaitForSingleObject
0x141df1b90 WakeAllConditionVariable
0x141df1b98 WakeConditionVariable
0x141df1ba0 WideCharToMultiByte
0x141df1ba8 WriteConsoleW
0x141df1bb0 WriteFile
0x141df1bb8 __C_specific_handler
api-ms-win-crt-heap-l1-1-0.dll
0x141df1bc8 _aligned_free
0x141df1bd0 _aligned_malloc
0x141df1bd8 _set_new_mode
0x141df1be0 calloc
0x141df1be8 free
0x141df1bf0 malloc
0x141df1bf8 realloc
api-ms-win-crt-private-l1-1-0.dll
0x141df1c08 memchr
0x141df1c10 memcmp
0x141df1c18 memcpy
0x141df1c20 memmove
0x141df1c28 strrchr
0x141df1c30 strstr
api-ms-win-crt-runtime-l1-1-0.dll
0x141df1c40 __p___argc
0x141df1c48 __p___argv
0x141df1c50 __p___wargv
0x141df1c58 __p__acmdln
0x141df1c60 _assert
0x141df1c68 _beginthreadex
0x141df1c70 _cexit
0x141df1c78 _configure_narrow_argv
0x141df1c80 _configure_wide_argv
0x141df1c88 _crt_at_quick_exit
0x141df1c90 _crt_atexit
0x141df1c98 _errno
0x141df1ca0 _fpreset
0x141df1ca8 _getpid
0x141df1cb0 _initialize_narrow_environment
0x141df1cb8 _initialize_wide_environment
0x141df1cc0 _initterm
0x141df1cc8 _set_app_type
0x141df1cd0 _set_invalid_parameter_handler
0x141df1cd8 _wassert
0x141df1ce0 abort
0x141df1ce8 exit
0x141df1cf0 raise
0x141df1cf8 signal
0x141df1d00 strerror
api-ms-win-crt-stdio-l1-1-0.dll
0x141df1d10 __acrt_iob_func
0x141df1d18 __p__commode
0x141df1d20 __p__fmode
0x141df1d28 __stdio_common_vfprintf
0x141df1d30 __stdio_common_vfwprintf
0x141df1d38 __stdio_common_vswprintf
0x141df1d40 __stdio_common_vswprintf_s
0x141df1d48 _chsize_s
0x141df1d50 _close
0x141df1d58 _creat
0x141df1d60 _dup
0x141df1d68 _dup2
0x141df1d70 _fileno
0x141df1d78 _get_osfhandle
0x141df1d80 _isatty
0x141df1d88 _lseeki64
0x141df1d90 _open_osfhandle
0x141df1d98 _pipe
0x141df1da0 _read
0x141df1da8 _setmode
0x141df1db0 _wfdopen
0x141df1db8 _write
0x141df1dc0 fclose
0x141df1dc8 feof
0x141df1dd0 fflush
0x141df1dd8 fputc
0x141df1de0 fputwc
0x141df1de8 fread
0x141df1df0 fseek
0x141df1df8 ftell
0x141df1e00 fwrite
0x141df1e08 getc
0x141df1e10 puts
0x141df1e18 ungetc
api-ms-win-crt-string-l1-1-0.dll
0x141df1e28 _strdup
0x141df1e30 _wcsdup
0x141df1e38 isspace
0x141df1e40 isxdigit
0x141df1e48 mbrlen
0x141df1e50 memset
0x141df1e58 strcmp
0x141df1e60 strcpy
0x141df1e68 strlen
0x141df1e70 strncmp
0x141df1e78 strncpy
0x141df1e80 strtok
0x141df1e88 tolower
0x141df1e90 wcscat
0x141df1e98 wcscmp
0x141df1ea0 wcscpy
0x141df1ea8 wcslen
0x141df1eb0 wcsncmp
SHELL32.dll
0x141df1ec0 CommandLineToArgvW
0x141df1ec8 SHGetFolderPathW
api-ms-win-crt-environment-l1-1-0.dll
0x141df1ed8 __p__environ
0x141df1ee0 __p__wenviron
0x141df1ee8 getenv
api-ms-win-crt-convert-l1-1-0.dll
0x141df1ef8 atof
0x141df1f00 atoi
0x141df1f08 mbrtowc
0x141df1f10 mbstowcs
0x141df1f18 strtol
0x141df1f20 strtoll
0x141df1f28 strtoul
0x141df1f30 strtoull
0x141df1f38 wcrtomb
api-ms-win-crt-locale-l1-1-0.dll
0x141df1f48 _configthreadlocale
0x141df1f50 localeconv
0x141df1f58 setlocale
api-ms-win-crt-math-l1-1-0.dll
0x141df1f68 __setusermatherr
0x141df1f70 acos
0x141df1f78 acosh
0x141df1f80 acoshf
0x141df1f88 asin
0x141df1f90 asinh
0x141df1f98 asinhf
0x141df1fa0 atan
0x141df1fa8 atanh
0x141df1fb0 atanhf
0x141df1fb8 cosh
0x141df1fc0 exp2
0x141df1fc8 expm1
0x141df1fd0 expm1f
0x141df1fd8 log1p
0x141df1fe0 log1pf
0x141df1fe8 log2
0x141df1ff0 sinh
0x141df1ff8 tan
0x141df2000 tanh
0x141df2008 tanhf
api-ms-win-crt-time-l1-1-0.dll
0x141df2018 __daylight
0x141df2020 __timezone
0x141df2028 __tzname
0x141df2030 _ctime64
0x141df2038 _time64
0x141df2040 _tzset
0x141df2048 _utime64
0x141df2050 clock
ADVAPI32.dll
0x141df2060 GetUserNameW
ole32.dll
0x141df2070 CoCreateGuid
RPCRT4.dll
0x141df2080 RpcStringFreeW
0x141df2088 UuidToStringW
WS2_32.dll
0x141df2098 WSACreateEvent
0x141df20a0 WSAEventSelect
0x141df20a8 closesocket
0x141df20b0 recv
0x141df20b8 select
0x141df20c0 send
USER32.dll
0x141df20d0 ClipCursor
0x141df20d8 ExitWindowsEx
0x141df20e0 GetClipCursor
0x141df20e8 GetCursorPos
0x141df20f0 GetLastInputInfo
0x141df20f8 KillTimer
0x141df2100 LoadAcceleratorsW
0x141df2108 LoadCursorW
0x141df2110 LoadIconW
0x141df2118 MessageBeep
0x141df2120 MessageBoxA
0x141df2128 MessageBoxW
0x141df2130 SetCursorPos
0x141df2138 SetTimer
WINMM.dll
0x141df2148 timeGetTime
api-ms-win-crt-utility-l1-1-0.dll
0x141df2158 qsort
api-ms-win-crt-filesystem-l1-1-0.dll
0x141df2168 _access
0x141df2170 _chmod
0x141df2178 _fstat64
0x141df2180 _lock_file
0x141df2188 _mkdir
0x141df2190 _umask
0x141df2198 _unlink
0x141df21a0 _unlock_file
0x141df21a8 _wsplitpath_s
0x141df21b0 _wstat64
dbghelp.dll
0x141df21c0 MiniDumpWriteDump
0x141df21c8 StackWalk64
0x141df21d0 SymFromAddr
0x141df21d8 SymFunctionTableAccess64
0x141df21e0 SymGetLineFromAddr64
0x141df21e8 SymGetModuleBase64
0x141df21f0 SymInitialize
ntdll.dll
0x141df2200 NtQueryObject
GDI32.dll
0x141df2210 DeleteObject
0x141df2218 Polygon
EAT(Export Address Table) is none
KERNEL32.dll
0x141df1528 AcquireSRWLockExclusive
0x141df1530 AddDllDirectory
0x141df1538 AddVectoredContinueHandler
0x141df1540 AreFileApisANSI
0x141df1548 AssignProcessToJobObject
0x141df1550 Beep
0x141df1558 CancelIoEx
0x141df1560 CancelSynchronousIo
0x141df1568 CloseHandle
0x141df1570 CopyFileW
0x141df1578 CreateDirectoryExW
0x141df1580 CreateDirectoryW
0x141df1588 CreateEventA
0x141df1590 CreateEventW
0x141df1598 CreateFileW
0x141df15a0 CreateIoCompletionPort
0x141df15a8 CreateJobObjectW
0x141df15b0 CreateNamedPipeW
0x141df15b8 CreatePipe
0x141df15c0 CreateProcessW
0x141df15c8 CreateSymbolicLinkW
0x141df15d0 CreateThread
0x141df15d8 CreateTimerQueue
0x141df15e0 CreateTimerQueueTimer
0x141df15e8 CreateToolhelp32Snapshot
0x141df15f0 DefineDosDeviceW
0x141df15f8 DeleteCriticalSection
0x141df1600 DeleteFileW
0x141df1608 DeleteTimerQueueEx
0x141df1610 DeleteTimerQueueTimer
0x141df1618 DeviceIoControl
0x141df1620 DuplicateHandle
0x141df1628 EnterCriticalSection
0x141df1630 ExitThread
0x141df1638 FileTimeToLocalFileTime
0x141df1640 FileTimeToSystemTime
0x141df1648 FindClose
0x141df1650 FindCloseChangeNotification
0x141df1658 FindFirstChangeNotificationW
0x141df1660 FindFirstFileW
0x141df1668 FindNextChangeNotification
0x141df1670 FindNextFileW
0x141df1678 FlushConsoleInputBuffer
0x141df1680 FlushFileBuffers
0x141df1688 FormatMessageA
0x141df1690 FormatMessageW
0x141df1698 FreeEnvironmentStringsA
0x141df16a0 FreeEnvironmentStringsW
0x141df16a8 FreeLibrary
0x141df16b0 GenerateConsoleCtrlEvent
0x141df16b8 GetACP
0x141df16c0 GetActiveProcessorCount
0x141df16c8 GetActiveProcessorGroupCount
0x141df16d0 GetBinaryTypeW
0x141df16d8 GetCPInfo
0x141df16e0 GetCommandLineW
0x141df16e8 GetConsoleCP
0x141df16f0 GetConsoleMode
0x141df16f8 GetConsoleOutputCP
0x141df1700 GetConsoleScreenBufferInfo
0x141df1708 GetConsoleScreenBufferInfoEx
0x141df1710 GetCurrentDirectoryW
0x141df1718 GetCurrentProcess
0x141df1720 GetCurrentProcessId
0x141df1728 GetCurrentThread
0x141df1730 GetCurrentThreadId
0x141df1738 GetDiskFreeSpaceW
0x141df1740 GetEnvironmentStrings
0x141df1748 GetEnvironmentStringsW
0x141df1750 GetEnvironmentVariableW
0x141df1758 GetExitCodeProcess
0x141df1760 GetExitCodeThread
0x141df1768 GetFileAttributesA
0x141df1770 GetFileAttributesExW
0x141df1778 GetFileAttributesW
0x141df1780 GetFileInformationByHandle
0x141df1788 GetFileSizeEx
0x141df1790 GetFileTime
0x141df1798 GetFileType
0x141df17a0 GetFinalPathNameByHandleW
0x141df17a8 GetFullPathNameW
0x141df17b0 GetLastError
0x141df17b8 GetLocalTime
0x141df17c0 GetLogicalDrives
0x141df17c8 GetLongPathNameW
0x141df17d0 GetModuleFileNameW
0x141df17d8 GetModuleHandleA
0x141df17e0 GetModuleHandleW
0x141df17e8 GetNumaHighestNodeNumber
0x141df17f0 GetNumaNodeProcessorMask
0x141df17f8 GetNumberOfConsoleInputEvents
0x141df1800 GetOEMCP
0x141df1808 GetOverlappedResult
0x141df1810 GetProcAddress
0x141df1818 GetProcessAffinityMask
0x141df1820 GetProcessId
0x141df1828 GetProcessTimes
0x141df1830 GetQueuedCompletionStatusEx
0x141df1838 GetShortPathNameW
0x141df1840 GetStartupInfoA
0x141df1848 GetStdHandle
0x141df1850 GetSystemDirectoryW
0x141df1858 GetSystemInfo
0x141df1860 GetSystemTime
0x141df1868 GetSystemTimeAdjustment
0x141df1870 GetSystemTimeAsFileTime
0x141df1878 GetTempFileNameW
0x141df1880 GetTempPathW
0x141df1888 GetThreadTimes
0x141df1890 GetTickCount
0x141df1898 GetTickCount64
0x141df18a0 GetTimeFormatEx
0x141df18a8 GetTimeFormatW
0x141df18b0 GetTimeZoneInformation
0x141df18b8 GetWindowsDirectoryW
0x141df18c0 GlobalMemoryStatusEx
0x141df18c8 InitializeConditionVariable
0x141df18d0 InitializeCriticalSection
0x141df18d8 InitializeSRWLock
0x141df18e0 IsDBCSLeadByteEx
0x141df18e8 K32EnumProcessModules
0x141df18f0 K32GetModuleFileNameExW
0x141df18f8 K32GetModuleInformation
0x141df1900 LeaveCriticalSection
0x141df1908 LoadLibraryExW
0x141df1910 LoadLibraryW
0x141df1918 LocalFileTimeToFileTime
0x141df1920 LocalFree
0x141df1928 LockFileEx
0x141df1930 Module32FirstW
0x141df1938 Module32NextW
0x141df1940 MoveFileExW
0x141df1948 MoveFileW
0x141df1950 MultiByteToWideChar
0x141df1958 OpenProcess
0x141df1960 OpenThread
0x141df1968 OutputDebugStringA
0x141df1970 PeekConsoleInputA
0x141df1978 PeekNamedPipe
0x141df1980 PostQueuedCompletionStatus
0x141df1988 Process32FirstW
0x141df1990 Process32NextW
0x141df1998 QueryInformationJobObject
0x141df19a0 QueryPerformanceCounter
0x141df19a8 QueryPerformanceFrequency
0x141df19b0 ReadConsoleInputA
0x141df19b8 ReadConsoleInputW
0x141df19c0 ReadConsoleW
0x141df19c8 ReadFile
0x141df19d0 ReleaseSRWLockExclusive
0x141df19d8 RemoveDirectoryW
0x141df19e0 RemoveDllDirectory
0x141df19e8 RemoveVectoredContinueHandler
0x141df19f0 ResetEvent
0x141df19f8 ResumeThread
0x141df1a00 RtlAddFunctionTable
0x141df1a08 RtlDeleteFunctionTable
0x141df1a10 SearchPathW
0x141df1a18 SetConsoleCP
0x141df1a20 SetConsoleCtrlHandler
0x141df1a28 SetConsoleCursorPosition
0x141df1a30 SetConsoleMode
0x141df1a38 SetConsoleOutputCP
0x141df1a40 SetConsoleScreenBufferSize
0x141df1a48 SetCurrentDirectoryW
0x141df1a50 SetEndOfFile
0x141df1a58 SetEnvironmentVariableW
0x141df1a60 SetEvent
0x141df1a68 SetFileApisToANSI
0x141df1a70 SetFileApisToOEM
0x141df1a78 SetFileAttributesW
0x141df1a80 SetFileCompletionNotificationModes
0x141df1a88 SetFilePointerEx
0x141df1a90 SetFileTime
0x141df1a98 SetHandleCount
0x141df1aa0 SetHandleInformation
0x141df1aa8 SetInformationJobObject
0x141df1ab0 SetLastError
0x141df1ab8 SetLocalTime
0x141df1ac0 SetNamedPipeHandleState
0x141df1ac8 SetSystemTime
0x141df1ad0 SetSystemTimeAdjustment
0x141df1ad8 SetThreadAffinityMask
0x141df1ae0 SetThreadGroupAffinity
0x141df1ae8 SetUnhandledExceptionFilter
0x141df1af0 SetVolumeLabelW
0x141df1af8 Sleep
0x141df1b00 SleepConditionVariableSRW
0x141df1b08 SwitchToThread
0x141df1b10 SystemTimeToFileTime
0x141df1b18 TerminateJobObject
0x141df1b20 TerminateProcess
0x141df1b28 TlsAlloc
0x141df1b30 TlsFree
0x141df1b38 TlsGetValue
0x141df1b40 TlsSetValue
0x141df1b48 TryAcquireSRWLockExclusive
0x141df1b50 UnlockFileEx
0x141df1b58 UnmapViewOfFile
0x141df1b60 VirtualAlloc
0x141df1b68 VirtualAllocExNuma
0x141df1b70 VirtualFree
0x141df1b78 VirtualProtect
0x141df1b80 VirtualQuery
0x141df1b88 WaitForSingleObject
0x141df1b90 WakeAllConditionVariable
0x141df1b98 WakeConditionVariable
0x141df1ba0 WideCharToMultiByte
0x141df1ba8 WriteConsoleW
0x141df1bb0 WriteFile
0x141df1bb8 __C_specific_handler
api-ms-win-crt-heap-l1-1-0.dll
0x141df1bc8 _aligned_free
0x141df1bd0 _aligned_malloc
0x141df1bd8 _set_new_mode
0x141df1be0 calloc
0x141df1be8 free
0x141df1bf0 malloc
0x141df1bf8 realloc
api-ms-win-crt-private-l1-1-0.dll
0x141df1c08 memchr
0x141df1c10 memcmp
0x141df1c18 memcpy
0x141df1c20 memmove
0x141df1c28 strrchr
0x141df1c30 strstr
api-ms-win-crt-runtime-l1-1-0.dll
0x141df1c40 __p___argc
0x141df1c48 __p___argv
0x141df1c50 __p___wargv
0x141df1c58 __p__acmdln
0x141df1c60 _assert
0x141df1c68 _beginthreadex
0x141df1c70 _cexit
0x141df1c78 _configure_narrow_argv
0x141df1c80 _configure_wide_argv
0x141df1c88 _crt_at_quick_exit
0x141df1c90 _crt_atexit
0x141df1c98 _errno
0x141df1ca0 _fpreset
0x141df1ca8 _getpid
0x141df1cb0 _initialize_narrow_environment
0x141df1cb8 _initialize_wide_environment
0x141df1cc0 _initterm
0x141df1cc8 _set_app_type
0x141df1cd0 _set_invalid_parameter_handler
0x141df1cd8 _wassert
0x141df1ce0 abort
0x141df1ce8 exit
0x141df1cf0 raise
0x141df1cf8 signal
0x141df1d00 strerror
api-ms-win-crt-stdio-l1-1-0.dll
0x141df1d10 __acrt_iob_func
0x141df1d18 __p__commode
0x141df1d20 __p__fmode
0x141df1d28 __stdio_common_vfprintf
0x141df1d30 __stdio_common_vfwprintf
0x141df1d38 __stdio_common_vswprintf
0x141df1d40 __stdio_common_vswprintf_s
0x141df1d48 _chsize_s
0x141df1d50 _close
0x141df1d58 _creat
0x141df1d60 _dup
0x141df1d68 _dup2
0x141df1d70 _fileno
0x141df1d78 _get_osfhandle
0x141df1d80 _isatty
0x141df1d88 _lseeki64
0x141df1d90 _open_osfhandle
0x141df1d98 _pipe
0x141df1da0 _read
0x141df1da8 _setmode
0x141df1db0 _wfdopen
0x141df1db8 _write
0x141df1dc0 fclose
0x141df1dc8 feof
0x141df1dd0 fflush
0x141df1dd8 fputc
0x141df1de0 fputwc
0x141df1de8 fread
0x141df1df0 fseek
0x141df1df8 ftell
0x141df1e00 fwrite
0x141df1e08 getc
0x141df1e10 puts
0x141df1e18 ungetc
api-ms-win-crt-string-l1-1-0.dll
0x141df1e28 _strdup
0x141df1e30 _wcsdup
0x141df1e38 isspace
0x141df1e40 isxdigit
0x141df1e48 mbrlen
0x141df1e50 memset
0x141df1e58 strcmp
0x141df1e60 strcpy
0x141df1e68 strlen
0x141df1e70 strncmp
0x141df1e78 strncpy
0x141df1e80 strtok
0x141df1e88 tolower
0x141df1e90 wcscat
0x141df1e98 wcscmp
0x141df1ea0 wcscpy
0x141df1ea8 wcslen
0x141df1eb0 wcsncmp
SHELL32.dll
0x141df1ec0 CommandLineToArgvW
0x141df1ec8 SHGetFolderPathW
api-ms-win-crt-environment-l1-1-0.dll
0x141df1ed8 __p__environ
0x141df1ee0 __p__wenviron
0x141df1ee8 getenv
api-ms-win-crt-convert-l1-1-0.dll
0x141df1ef8 atof
0x141df1f00 atoi
0x141df1f08 mbrtowc
0x141df1f10 mbstowcs
0x141df1f18 strtol
0x141df1f20 strtoll
0x141df1f28 strtoul
0x141df1f30 strtoull
0x141df1f38 wcrtomb
api-ms-win-crt-locale-l1-1-0.dll
0x141df1f48 _configthreadlocale
0x141df1f50 localeconv
0x141df1f58 setlocale
api-ms-win-crt-math-l1-1-0.dll
0x141df1f68 __setusermatherr
0x141df1f70 acos
0x141df1f78 acosh
0x141df1f80 acoshf
0x141df1f88 asin
0x141df1f90 asinh
0x141df1f98 asinhf
0x141df1fa0 atan
0x141df1fa8 atanh
0x141df1fb0 atanhf
0x141df1fb8 cosh
0x141df1fc0 exp2
0x141df1fc8 expm1
0x141df1fd0 expm1f
0x141df1fd8 log1p
0x141df1fe0 log1pf
0x141df1fe8 log2
0x141df1ff0 sinh
0x141df1ff8 tan
0x141df2000 tanh
0x141df2008 tanhf
api-ms-win-crt-time-l1-1-0.dll
0x141df2018 __daylight
0x141df2020 __timezone
0x141df2028 __tzname
0x141df2030 _ctime64
0x141df2038 _time64
0x141df2040 _tzset
0x141df2048 _utime64
0x141df2050 clock
ADVAPI32.dll
0x141df2060 GetUserNameW
ole32.dll
0x141df2070 CoCreateGuid
RPCRT4.dll
0x141df2080 RpcStringFreeW
0x141df2088 UuidToStringW
WS2_32.dll
0x141df2098 WSACreateEvent
0x141df20a0 WSAEventSelect
0x141df20a8 closesocket
0x141df20b0 recv
0x141df20b8 select
0x141df20c0 send
USER32.dll
0x141df20d0 ClipCursor
0x141df20d8 ExitWindowsEx
0x141df20e0 GetClipCursor
0x141df20e8 GetCursorPos
0x141df20f0 GetLastInputInfo
0x141df20f8 KillTimer
0x141df2100 LoadAcceleratorsW
0x141df2108 LoadCursorW
0x141df2110 LoadIconW
0x141df2118 MessageBeep
0x141df2120 MessageBoxA
0x141df2128 MessageBoxW
0x141df2130 SetCursorPos
0x141df2138 SetTimer
WINMM.dll
0x141df2148 timeGetTime
api-ms-win-crt-utility-l1-1-0.dll
0x141df2158 qsort
api-ms-win-crt-filesystem-l1-1-0.dll
0x141df2168 _access
0x141df2170 _chmod
0x141df2178 _fstat64
0x141df2180 _lock_file
0x141df2188 _mkdir
0x141df2190 _umask
0x141df2198 _unlink
0x141df21a0 _unlock_file
0x141df21a8 _wsplitpath_s
0x141df21b0 _wstat64
dbghelp.dll
0x141df21c0 MiniDumpWriteDump
0x141df21c8 StackWalk64
0x141df21d0 SymFromAddr
0x141df21d8 SymFunctionTableAccess64
0x141df21e0 SymGetLineFromAddr64
0x141df21e8 SymGetModuleBase64
0x141df21f0 SymInitialize
ntdll.dll
0x141df2200 NtQueryObject
GDI32.dll
0x141df2210 DeleteObject
0x141df2218 Polygon
EAT(Export Address Table) is none