ScreenShot
| Created | 2024.07.06 18:33 | Machine | s1_win7_x6401 |
| Filename | CoronaVirus.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 63 detected (AIDetectMalware, DelShad, malicious, high confidence, Crysis, Unsafe, Brresmon, Save, Genus, Filecoder, Ransomware, RansomX, MalwareCrypter, ali1020005, hbhyer, FileCryptor, 6uIZvQjslpQ, AGEN, R002C0DL723, DharmaCrypt, Detected, ai score=100, Occamy, HeurC, KVMH008, Gandcrab, Malware@#2yjrdnzlmd95d, Kryptik, Eldorado, ZexaF, aH0@auu2QVni, Gencirc, Static AI, Suspicious PE, HBIP, confidence, 100%) | ||
| md5 | 055d1462f66a350d9886542d4d79bc2b | ||
| sha256 | dddf7894b2e6aafa1903384759d68455c3a4a8348a7e2da3bd272555eba9bec0 | ||
| ssdeep | 24576:FRYz/ERA0eMuWfHvgPw/83JI8CorP9qY0:FE/yADMuYvgP93JIc2 | ||
| imphash | ad451900c0686f591cc20de73cdf7830 | ||
| impfuzzy | 96:308aX1mDecfsMj8veLdsYRj25sg6scwS1h0459L3tJ2Pz:308aFmXRj25sg6szg9L3v2Pz | ||
Network IP location
Signature (21cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 63 AntiVirus engines on VirusTotal as malicious |
| warning | Appends a new file extension or content to 168 files indicative of a ransomware file encryption process |
| warning | Performs 168 file moves indicative of a ransomware file encryption process |
| watch | Deletes a large number of files from the system indicative of ransomware |
| watch | Installs itself for autorun at Windows startup |
| watch | Removes the Shadow Copy to avoid recovery of the system |
| watch | Uses suspicious command line tools or Windows utilities |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | Tries to locate where the browsers are installed |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x48e088 GetProcAddress
0x48e08c CloseHandle
0x48e090 CreateFileW
0x48e094 HeapReAlloc
0x48e098 HeapSize
0x48e09c GlobalAlloc
0x48e0a0 ReadConsoleW
0x48e0a4 GetConsoleMode
0x48e0a8 GetConsoleCP
0x48e0ac GetProcessHeap
0x48e0b0 SetStdHandle
0x48e0b4 SetEnvironmentVariableA
0x48e0b8 GetThreadPriority
0x48e0bc SetFilePointerEx
0x48e0c0 LoadLibraryA
0x48e0c4 SetEvent
0x48e0c8 ResetEvent
0x48e0cc CreateEventA
0x48e0d0 GetEnvironmentStrings
0x48e0d4 GetConsoleWindow
0x48e0d8 SetEndOfFile
0x48e0dc GetPriorityClass
0x48e0e0 FreeLibrary
0x48e0e4 EnumDateFormatsA
0x48e0e8 GetCurrentThread
0x48e0ec GetLastError
0x48e0f0 GlobalAddAtomA
0x48e0f4 WaitForSingleObject
0x48e0f8 SetThreadPriority
0x48e0fc FreeEnvironmentStringsW
0x48e100 GetEnvironmentStringsW
0x48e104 GetCommandLineW
0x48e108 GetCommandLineA
0x48e10c GetCPInfo
0x48e110 GetOEMCP
0x48e114 IsValidCodePage
0x48e118 GetCurrentProcess
0x48e11c FindNextFileA
0x48e120 FindFirstFileExA
0x48e124 FindClose
0x48e128 DecodePointer
0x48e12c GetStringTypeW
0x48e130 LCMapStringW
0x48e134 CompareStringW
0x48e138 CreateThread
0x48e13c WaitForSingleObjectEx
0x48e140 OutputDebugStringW
0x48e144 HeapAlloc
0x48e148 HeapFree
0x48e14c GetACP
0x48e150 WideCharToMultiByte
0x48e154 MultiByteToWideChar
0x48e158 ExitProcess
0x48e15c WriteConsoleW
0x48e160 GetModuleHandleExW
0x48e164 GetModuleFileNameW
0x48e168 GetModuleFileNameA
0x48e16c GetFileType
0x48e170 GetStdHandle
0x48e174 LoadLibraryExW
0x48e178 TlsFree
0x48e17c TlsSetValue
0x48e180 TlsGetValue
0x48e184 TlsAlloc
0x48e188 InitializeCriticalSectionAndSpinCount
0x48e18c DeleteCriticalSection
0x48e190 LeaveCriticalSection
0x48e194 EnterCriticalSection
0x48e198 SetLastError
0x48e19c RtlUnwind
0x48e1a0 RaiseException
0x48e1a4 EncodePointer
0x48e1a8 GlobalFree
0x48e1ac GlobalLock
0x48e1b0 GlobalUnlock
0x48e1b4 GetModuleHandleW
0x48e1b8 GetStartupInfoW
0x48e1bc IsDebuggerPresent
0x48e1c0 InitializeSListHead
0x48e1c4 GetSystemTimeAsFileTime
0x48e1c8 GetCurrentThreadId
0x48e1cc GetCurrentProcessId
0x48e1d0 QueryPerformanceCounter
0x48e1d4 IsProcessorFeaturePresent
0x48e1d8 TerminateProcess
0x48e1dc SetUnhandledExceptionFilter
0x48e1e0 UnhandledExceptionFilter
0x48e1e4 BuildCommDCBA
0x48e1e8 SetCommTimeouts
0x48e1ec SetCommState
0x48e1f0 GetCommTimeouts
0x48e1f4 GetCommState
0x48e1f8 WriteFile
0x48e1fc ReadFile
0x48e200 FlushFileBuffers
0x48e204 CreateFileA
0x48e208 GetModuleHandleA
0x48e20c CreateEventW
0x48e210 SetPriorityClass
USER32.dll
0x48e338 SetClipboardData
0x48e33c GetClipboardData
0x48e340 EmptyClipboard
0x48e344 IsDlgButtonChecked
0x48e348 DefWindowProcA
0x48e34c TranslateMessage
0x48e350 RegisterWindowMessageW
0x48e354 ReleaseDC
0x48e358 EndPaint
0x48e35c CloseClipboard
0x48e360 OpenClipboard
0x48e364 DestroyWindow
0x48e368 ShowWindow
0x48e36c SetClassLongA
0x48e370 WindowFromDC
0x48e374 GetDesktopWindow
0x48e378 GetDlgItem
0x48e37c SendMessageA
0x48e380 LoadIconA
0x48e384 CheckMenuItem
0x48e388 GetCursorPos
0x48e38c BeginPaint
0x48e390 GetMessageW
0x48e394 CreateDialogParamW
0x48e398 GetDC
0x48e39c EndDialog
0x48e3a0 DialogBoxParamA
0x48e3a4 wsprintfA
0x48e3a8 OffsetRect
0x48e3ac DispatchMessageW
0x48e3b0 TrackMouseEvent
0x48e3b4 SetWindowTextA
0x48e3b8 MessageBoxA
0x48e3bc RegisterClassA
0x48e3c0 UnregisterClassA
0x48e3c4 GetClassInfoA
0x48e3c8 CreateWindowExA
0x48e3cc SetWindowPos
0x48e3d0 IsIconic
0x48e3d4 GetWindowRect
0x48e3d8 AdjustWindowRectEx
0x48e3dc ShowCursor
0x48e3e0 ClientToScreen
0x48e3e4 CopyRect
0x48e3e8 GetWindowLongA
0x48e3ec SetWindowLongA
0x48e3f0 GetMonitorInfoA
0x48e3f4 EnumDisplayMonitors
0x48e3f8 GetSystemMetrics
0x48e3fc LoadCursorA
0x48e400 ScreenToClient
0x48e404 SetRect
0x48e408 GetMessageA
0x48e40c DispatchMessageA
0x48e410 PeekMessageA
0x48e414 GetMessagePos
0x48e418 PostQuitMessage
0x48e41c IsZoomed
0x48e420 GetKeyState
0x48e424 GetKeyboardState
0x48e428 ToAscii
0x48e42c SetCapture
0x48e430 ReleaseCapture
0x48e434 MsgWaitForMultipleObjects
0x48e438 UpdateWindow
0x48e43c SetActiveWindow
0x48e440 GetUpdateRect
0x48e444 InvalidateRect
0x48e448 ChildWindowFromPoint
0x48e44c MonitorFromWindow
0x48e450 ChangeDisplaySettingsExA
0x48e454 EnumDisplaySettingsA
0x48e458 SetCursorPos
0x48e45c SetCursor
0x48e460 GetClientRect
GDI32.dll
0x48e034 ChoosePixelFormat
0x48e038 BitBlt
0x48e03c SelectObject
0x48e040 CreateDIBSection
0x48e044 GetTextExtentPoint32A
0x48e048 CreateCompatibleDC
0x48e04c GetNearestPaletteIndex
0x48e050 DeleteDC
0x48e054 SetViewportOrgEx
0x48e058 DeleteObject
0x48e05c CreateDCA
0x48e060 GetDeviceCaps
0x48e064 SetPixelFormat
0x48e068 DescribePixelFormat
0x48e06c SwapBuffers
0x48e070 GetPixelFormat
COMDLG32.dll
0x48e028 GetOpenFileNameA
0x48e02c FindTextW
ADVAPI32.dll
0x48e000 RegQueryValueExA
0x48e004 OpenSCManagerA
0x48e008 ControlService
0x48e00c RegOpenKeyA
0x48e010 OpenServiceA
0x48e014 RegCloseKey
0x48e018 RegOpenKeyExA
SHELL32.dll
0x48e324 None
0x48e328 DragQueryFileA
0x48e32c None
0x48e330 DragFinish
ole32.dll
0x48e4b8 CreateStreamOnHGlobal
OLEAUT32.dll
0x48e228 CreateTypeLib2
0x48e22c CreateTypeLib
ODBC32.dll
0x48e218 None
0x48e21c None
0x48e220 None
OPENGL32.dll
0x48e234 wglGetCurrentDC
0x48e238 glScissor
0x48e23c glDisableClientState
0x48e240 glMatrixMode
0x48e244 glBlendFunc
0x48e248 glLoadIdentity
0x48e24c glTexParameteri
0x48e250 glDeleteTextures
0x48e254 glPopMatrix
0x48e258 glViewport
0x48e25c glEnableClientState
0x48e260 glPopAttrib
0x48e264 glPolygonMode
0x48e268 glBindTexture
0x48e26c glGenTextures
0x48e270 glVertexPointer
0x48e274 glNormalPointer
0x48e278 glGetFloatv
0x48e27c glDrawArrays
0x48e280 glVertex2f
0x48e284 glTranslatef
0x48e288 glPushClientAttrib
0x48e28c glPopClientAttrib
0x48e290 glBitmap
0x48e294 glVertex2i
0x48e298 glRasterPos2i
0x48e29c glEnd
0x48e2a0 glColor4fv
0x48e2a4 glColor4f
0x48e2a8 glBegin
0x48e2ac glGetString
0x48e2b0 glGetError
0x48e2b4 glGetBooleanv
0x48e2b8 glReadBuffer
0x48e2bc glDrawBuffer
0x48e2c0 glFlush
0x48e2c4 wglMakeCurrent
0x48e2c8 wglGetProcAddress
0x48e2cc wglGetCurrentContext
0x48e2d0 wglDeleteContext
0x48e2d4 wglCreateContext
0x48e2d8 glClearColor
0x48e2dc glTexCoordPointer
0x48e2e0 glClear
0x48e2e4 glGetIntegerv
0x48e2e8 glPushAttrib
0x48e2ec glOrtho
0x48e2f0 glPixelStorei
0x48e2f4 glPushMatrix
0x48e2f8 glDisable
0x48e2fc glDrawElements
0x48e300 glTexEnvi
0x48e304 glColorPointer
0x48e308 glTexImage2D
0x48e30c glGetTexEnviv
0x48e310 glEnable
WINMM.dll
0x48e468 joyGetDevCapsA
0x48e46c timeBeginPeriod
0x48e470 timeEndPeriod
0x48e474 timeGetTime
0x48e478 joyGetPosEx
gdiplus.dll
0x48e498 GdipCreateBitmapFromStream
0x48e49c GdipSaveImageToStream
0x48e4a0 GdipFree
0x48e4a4 GdipDisposeImage
0x48e4a8 GdipAlloc
0x48e4ac GdipCreateBitmapFromHBITMAP
0x48e4b0 GdipCloneImage
WS2_32.dll
0x48e480 closesocket
AVIFIL32.dll
0x48e020 AVIMakeCompressedStream
RPCRT4.dll
0x48e318 UuidCreate
0x48e31c UuidToStringW
dbghelp.dll
0x48e490 EnumerateLoadedModules
comsvcs.dll
0x48e488 CoCreateActivity
IMM32.dll
0x48e078 ImmReleaseContext
0x48e07c ImmSetCompositionWindow
0x48e080 ImmGetContext
EAT(Export Address Table) is none
KERNEL32.dll
0x48e088 GetProcAddress
0x48e08c CloseHandle
0x48e090 CreateFileW
0x48e094 HeapReAlloc
0x48e098 HeapSize
0x48e09c GlobalAlloc
0x48e0a0 ReadConsoleW
0x48e0a4 GetConsoleMode
0x48e0a8 GetConsoleCP
0x48e0ac GetProcessHeap
0x48e0b0 SetStdHandle
0x48e0b4 SetEnvironmentVariableA
0x48e0b8 GetThreadPriority
0x48e0bc SetFilePointerEx
0x48e0c0 LoadLibraryA
0x48e0c4 SetEvent
0x48e0c8 ResetEvent
0x48e0cc CreateEventA
0x48e0d0 GetEnvironmentStrings
0x48e0d4 GetConsoleWindow
0x48e0d8 SetEndOfFile
0x48e0dc GetPriorityClass
0x48e0e0 FreeLibrary
0x48e0e4 EnumDateFormatsA
0x48e0e8 GetCurrentThread
0x48e0ec GetLastError
0x48e0f0 GlobalAddAtomA
0x48e0f4 WaitForSingleObject
0x48e0f8 SetThreadPriority
0x48e0fc FreeEnvironmentStringsW
0x48e100 GetEnvironmentStringsW
0x48e104 GetCommandLineW
0x48e108 GetCommandLineA
0x48e10c GetCPInfo
0x48e110 GetOEMCP
0x48e114 IsValidCodePage
0x48e118 GetCurrentProcess
0x48e11c FindNextFileA
0x48e120 FindFirstFileExA
0x48e124 FindClose
0x48e128 DecodePointer
0x48e12c GetStringTypeW
0x48e130 LCMapStringW
0x48e134 CompareStringW
0x48e138 CreateThread
0x48e13c WaitForSingleObjectEx
0x48e140 OutputDebugStringW
0x48e144 HeapAlloc
0x48e148 HeapFree
0x48e14c GetACP
0x48e150 WideCharToMultiByte
0x48e154 MultiByteToWideChar
0x48e158 ExitProcess
0x48e15c WriteConsoleW
0x48e160 GetModuleHandleExW
0x48e164 GetModuleFileNameW
0x48e168 GetModuleFileNameA
0x48e16c GetFileType
0x48e170 GetStdHandle
0x48e174 LoadLibraryExW
0x48e178 TlsFree
0x48e17c TlsSetValue
0x48e180 TlsGetValue
0x48e184 TlsAlloc
0x48e188 InitializeCriticalSectionAndSpinCount
0x48e18c DeleteCriticalSection
0x48e190 LeaveCriticalSection
0x48e194 EnterCriticalSection
0x48e198 SetLastError
0x48e19c RtlUnwind
0x48e1a0 RaiseException
0x48e1a4 EncodePointer
0x48e1a8 GlobalFree
0x48e1ac GlobalLock
0x48e1b0 GlobalUnlock
0x48e1b4 GetModuleHandleW
0x48e1b8 GetStartupInfoW
0x48e1bc IsDebuggerPresent
0x48e1c0 InitializeSListHead
0x48e1c4 GetSystemTimeAsFileTime
0x48e1c8 GetCurrentThreadId
0x48e1cc GetCurrentProcessId
0x48e1d0 QueryPerformanceCounter
0x48e1d4 IsProcessorFeaturePresent
0x48e1d8 TerminateProcess
0x48e1dc SetUnhandledExceptionFilter
0x48e1e0 UnhandledExceptionFilter
0x48e1e4 BuildCommDCBA
0x48e1e8 SetCommTimeouts
0x48e1ec SetCommState
0x48e1f0 GetCommTimeouts
0x48e1f4 GetCommState
0x48e1f8 WriteFile
0x48e1fc ReadFile
0x48e200 FlushFileBuffers
0x48e204 CreateFileA
0x48e208 GetModuleHandleA
0x48e20c CreateEventW
0x48e210 SetPriorityClass
USER32.dll
0x48e338 SetClipboardData
0x48e33c GetClipboardData
0x48e340 EmptyClipboard
0x48e344 IsDlgButtonChecked
0x48e348 DefWindowProcA
0x48e34c TranslateMessage
0x48e350 RegisterWindowMessageW
0x48e354 ReleaseDC
0x48e358 EndPaint
0x48e35c CloseClipboard
0x48e360 OpenClipboard
0x48e364 DestroyWindow
0x48e368 ShowWindow
0x48e36c SetClassLongA
0x48e370 WindowFromDC
0x48e374 GetDesktopWindow
0x48e378 GetDlgItem
0x48e37c SendMessageA
0x48e380 LoadIconA
0x48e384 CheckMenuItem
0x48e388 GetCursorPos
0x48e38c BeginPaint
0x48e390 GetMessageW
0x48e394 CreateDialogParamW
0x48e398 GetDC
0x48e39c EndDialog
0x48e3a0 DialogBoxParamA
0x48e3a4 wsprintfA
0x48e3a8 OffsetRect
0x48e3ac DispatchMessageW
0x48e3b0 TrackMouseEvent
0x48e3b4 SetWindowTextA
0x48e3b8 MessageBoxA
0x48e3bc RegisterClassA
0x48e3c0 UnregisterClassA
0x48e3c4 GetClassInfoA
0x48e3c8 CreateWindowExA
0x48e3cc SetWindowPos
0x48e3d0 IsIconic
0x48e3d4 GetWindowRect
0x48e3d8 AdjustWindowRectEx
0x48e3dc ShowCursor
0x48e3e0 ClientToScreen
0x48e3e4 CopyRect
0x48e3e8 GetWindowLongA
0x48e3ec SetWindowLongA
0x48e3f0 GetMonitorInfoA
0x48e3f4 EnumDisplayMonitors
0x48e3f8 GetSystemMetrics
0x48e3fc LoadCursorA
0x48e400 ScreenToClient
0x48e404 SetRect
0x48e408 GetMessageA
0x48e40c DispatchMessageA
0x48e410 PeekMessageA
0x48e414 GetMessagePos
0x48e418 PostQuitMessage
0x48e41c IsZoomed
0x48e420 GetKeyState
0x48e424 GetKeyboardState
0x48e428 ToAscii
0x48e42c SetCapture
0x48e430 ReleaseCapture
0x48e434 MsgWaitForMultipleObjects
0x48e438 UpdateWindow
0x48e43c SetActiveWindow
0x48e440 GetUpdateRect
0x48e444 InvalidateRect
0x48e448 ChildWindowFromPoint
0x48e44c MonitorFromWindow
0x48e450 ChangeDisplaySettingsExA
0x48e454 EnumDisplaySettingsA
0x48e458 SetCursorPos
0x48e45c SetCursor
0x48e460 GetClientRect
GDI32.dll
0x48e034 ChoosePixelFormat
0x48e038 BitBlt
0x48e03c SelectObject
0x48e040 CreateDIBSection
0x48e044 GetTextExtentPoint32A
0x48e048 CreateCompatibleDC
0x48e04c GetNearestPaletteIndex
0x48e050 DeleteDC
0x48e054 SetViewportOrgEx
0x48e058 DeleteObject
0x48e05c CreateDCA
0x48e060 GetDeviceCaps
0x48e064 SetPixelFormat
0x48e068 DescribePixelFormat
0x48e06c SwapBuffers
0x48e070 GetPixelFormat
COMDLG32.dll
0x48e028 GetOpenFileNameA
0x48e02c FindTextW
ADVAPI32.dll
0x48e000 RegQueryValueExA
0x48e004 OpenSCManagerA
0x48e008 ControlService
0x48e00c RegOpenKeyA
0x48e010 OpenServiceA
0x48e014 RegCloseKey
0x48e018 RegOpenKeyExA
SHELL32.dll
0x48e324 None
0x48e328 DragQueryFileA
0x48e32c None
0x48e330 DragFinish
ole32.dll
0x48e4b8 CreateStreamOnHGlobal
OLEAUT32.dll
0x48e228 CreateTypeLib2
0x48e22c CreateTypeLib
ODBC32.dll
0x48e218 None
0x48e21c None
0x48e220 None
OPENGL32.dll
0x48e234 wglGetCurrentDC
0x48e238 glScissor
0x48e23c glDisableClientState
0x48e240 glMatrixMode
0x48e244 glBlendFunc
0x48e248 glLoadIdentity
0x48e24c glTexParameteri
0x48e250 glDeleteTextures
0x48e254 glPopMatrix
0x48e258 glViewport
0x48e25c glEnableClientState
0x48e260 glPopAttrib
0x48e264 glPolygonMode
0x48e268 glBindTexture
0x48e26c glGenTextures
0x48e270 glVertexPointer
0x48e274 glNormalPointer
0x48e278 glGetFloatv
0x48e27c glDrawArrays
0x48e280 glVertex2f
0x48e284 glTranslatef
0x48e288 glPushClientAttrib
0x48e28c glPopClientAttrib
0x48e290 glBitmap
0x48e294 glVertex2i
0x48e298 glRasterPos2i
0x48e29c glEnd
0x48e2a0 glColor4fv
0x48e2a4 glColor4f
0x48e2a8 glBegin
0x48e2ac glGetString
0x48e2b0 glGetError
0x48e2b4 glGetBooleanv
0x48e2b8 glReadBuffer
0x48e2bc glDrawBuffer
0x48e2c0 glFlush
0x48e2c4 wglMakeCurrent
0x48e2c8 wglGetProcAddress
0x48e2cc wglGetCurrentContext
0x48e2d0 wglDeleteContext
0x48e2d4 wglCreateContext
0x48e2d8 glClearColor
0x48e2dc glTexCoordPointer
0x48e2e0 glClear
0x48e2e4 glGetIntegerv
0x48e2e8 glPushAttrib
0x48e2ec glOrtho
0x48e2f0 glPixelStorei
0x48e2f4 glPushMatrix
0x48e2f8 glDisable
0x48e2fc glDrawElements
0x48e300 glTexEnvi
0x48e304 glColorPointer
0x48e308 glTexImage2D
0x48e30c glGetTexEnviv
0x48e310 glEnable
WINMM.dll
0x48e468 joyGetDevCapsA
0x48e46c timeBeginPeriod
0x48e470 timeEndPeriod
0x48e474 timeGetTime
0x48e478 joyGetPosEx
gdiplus.dll
0x48e498 GdipCreateBitmapFromStream
0x48e49c GdipSaveImageToStream
0x48e4a0 GdipFree
0x48e4a4 GdipDisposeImage
0x48e4a8 GdipAlloc
0x48e4ac GdipCreateBitmapFromHBITMAP
0x48e4b0 GdipCloneImage
WS2_32.dll
0x48e480 closesocket
AVIFIL32.dll
0x48e020 AVIMakeCompressedStream
RPCRT4.dll
0x48e318 UuidCreate
0x48e31c UuidToStringW
dbghelp.dll
0x48e490 EnumerateLoadedModules
comsvcs.dll
0x48e488 CoCreateActivity
IMM32.dll
0x48e078 ImmReleaseContext
0x48e07c ImmSetCompositionWindow
0x48e080 ImmGetContext
EAT(Export Address Table) is none