ScreenShot
| Created | 2024.07.21 09:59 | Machine | s1_win7_x6401 |
| Filename | tomcat.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 45 detected (AIDetectMalware, BlackMoon, malicious, high confidence, score, Jaik, Unsafe, Save, GenusT, DXGH, A suspicious, TrojanX, Tiggre, Zenpak, kokgmk, W2Bdxtm86PF, MulDrop27, Real Protect, high, Detected, ai score=87, Blamon, 1DPEYYJ, R652645, ZexaF, wv2@aKGAqydi, BScope, GdSda, Static AI, Malicious PE, confidence) | ||
| md5 | 60697ecdf48bd911582ccd71c115dd21 | ||
| sha256 | 007be8197ac56659de05ef2ccdb897577fa72212e46131a79861c913beb38a99 | ||
| ssdeep | 24576:g1UGLrmwPVsjEkazzCmzpslRI4/iK6LfGJErGCkfp0sUPYud9mj1uRyRskdr:gu2jkaqmzpwOOiMeGPfp0sUPYu7UQqfr | ||
| imphash | 73f1fe0218fd69cb0bf74a3f77c6db00 | ||
| impfuzzy | 192:wkGErMq/ZiBm7fPM9ErKckJ3RDHuApbcncDJgznL8U:Oq/ZZfPc3xHFpba9rL8U | ||
Network IP location
Signature (16cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 45 AntiVirus engines on VirusTotal as malicious |
| watch | Collects information about installed applications |
| watch | Communicates with host for which no DNS query was performed |
| watch | Installs itself for autorun at Windows startup |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Checks whether any human activity is being performed by constantly checking whether the foreground window changed |
| notice | Creates a shortcut to an executable file |
| notice | Creates executable files on the filesystem |
| notice | Queries for potentially installed applications |
| notice | Repeatedly searches for a not-found process |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | Queries for the computername |
| info | Tries to locate where the browsers are installed |
Rules (12cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | lnk_file_format | Microsoft Windows Shortcut File Format | binaries (download) |
| info | Lnk_Format_Zero | LNK Format | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x4710cc HeapQueryInformation
0x4710d0 LCMapStringA
0x4710d4 GetCommandLineA
0x4710d8 GetTickCount
0x4710dc WritePrivateProfileStringA
0x4710e0 GetLocalTime
0x4710e4 FileTimeToLocalFileTime
0x4710e8 FileTimeToSystemTime
0x4710ec FindClose
0x4710f0 FindFirstFileA
0x4710f4 FindNextFileA
0x4710f8 GetDiskFreeSpaceExA
0x4710fc GetDiskFreeSpaceA
0x471100 MulDiv
0x471104 GetCurrentDirectoryA
0x471108 GetVolumeInformationA
0x47110c GetPrivateProfileStringA
0x471110 GlobalAlloc
0x471114 GlobalLock
0x471118 GlobalUnlock
0x47111c GlobalFree
0x471120 GetUserDefaultLCID
0x471124 GetStartupInfoA
0x471128 CreateProcessA
0x47112c ExitProcess
0x471130 CancelWaitableTimer
0x471134 VirtualAlloc
0x471138 VirtualFree
0x47113c TryEnterCriticalSection
0x471140 CreateEventA
0x471144 WaitForMultipleObjects
0x471148 SetEvent
0x47114c HeapReAlloc
0x471150 HeapDestroy
0x471154 DeleteCriticalSection
0x471158 FreeLibrary
0x47115c SetCriticalSectionSpinCount
0x471160 HeapCreate
0x471164 lstrcpyn
0x471168 RtlMoveMemory
0x47116c GlobalMemoryStatusEx
0x471170 GetProcessId
0x471174 GetTimeFormatA
0x471178 GetDateFormatA
0x47117c GetLocaleInfoA
0x471180 GetComputerNameA
0x471184 MoveFileA
0x471188 ReadFile
0x47118c GetFileSizeEx
0x471190 WriteFile
0x471194 SetEndOfFile
0x471198 SetFilePointerEx
0x47119c CreateFileA
0x4711a0 CreateFileW
0x4711a4 TlsSetValue
0x4711a8 IsBadReadPtr
0x4711ac TlsGetValue
0x4711b0 DeleteFileA
0x4711b4 GetTempPathW
0x4711b8 lstrlenW
0x4711bc SetFileAttributesA
0x4711c0 GetFileAttributesA
0x4711c4 GetLongPathNameA
0x4711c8 GetTempPathA
0x4711cc GetSystemDirectoryA
0x4711d0 GetWindowsDirectoryA
0x4711d4 CreateFileMappingA
0x4711d8 Process32Next
0x4711dc Process32First
0x4711e0 CreateToolhelp32Snapshot
0x4711e4 OpenProcess
0x4711e8 UnmapViewOfFile
0x4711ec MapViewOfFile
0x4711f0 OpenFileMappingA
0x4711f4 WideCharToMultiByte
0x4711f8 MultiByteToWideChar
0x4711fc GetModuleFileNameA
0x471200 HeapSize
0x471204 TerminateProcess
0x471208 SetThreadAffinityMask
0x47120c HeapFree
0x471210 InterlockedExchange
0x471214 LeaveCriticalSection
0x471218 WaitForSingleObject
0x47121c SetWaitableTimer
0x471220 CreateWaitableTimerA
0x471224 SwitchToThread
0x471228 InterlockedCompareExchange
0x47122c EnterCriticalSection
0x471230 CloseHandle
0x471234 CreateThread
0x471238 SetProcessDEPPolicy
0x47123c HeapAlloc
0x471240 GetProcessHeap
0x471244 InitializeCriticalSectionAndSpinCount
0x471248 GetCurrentProcessId
0x47124c GetCurrentThreadId
0x471250 GetProcAddress
0x471254 LoadLibraryA
0x471258 GetModuleHandleA
0x47125c IsWow64Process
0x471260 GetCurrentProcess
0x471264 GetSystemInfo
0x471268 GetProcessVersion
0x47126c GlobalGetAtomNameA
0x471270 GlobalAddAtomA
0x471274 GlobalFindAtomA
0x471278 SetFilePointer
0x47127c GetLastError
0x471280 GetDriveTypeA
0x471284 Sleep
0x471288 lstrcpyA
0x47128c lstrlenA
0x471290 SetLastError
0x471294 lstrcatA
0x471298 QueryPerformanceCounter
0x47129c GetVersion
0x4712a0 HeapSetInformation
0x4712a4 GetStartupInfoW
0x4712a8 EncodePointer
0x4712ac DecodePointer
0x4712b0 RtlUnwind
0x4712b4 RaiseException
0x4712b8 SetUnhandledExceptionFilter
0x4712bc GetModuleHandleW
0x4712c0 GetStdHandle
0x4712c4 GetModuleFileNameW
0x4712c8 FreeEnvironmentStringsW
0x4712cc GetEnvironmentStringsW
0x4712d0 SetHandleCount
0x4712d4 GetFileType
0x4712d8 TlsAlloc
0x4712dc TlsFree
0x4712e0 InterlockedIncrement
0x4712e4 InterlockedDecrement
0x4712e8 GetSystemTimeAsFileTime
0x4712ec UnhandledExceptionFilter
0x4712f0 IsDebuggerPresent
0x4712f4 IsProcessorFeaturePresent
0x4712f8 GetConsoleCP
0x4712fc GetConsoleMode
0x471300 GetCPInfo
0x471304 GetACP
0x471308 GetOEMCP
0x47130c IsValidCodePage
0x471310 LCMapStringW
0x471314 VirtualQuery
0x471318 GetStringTypeW
0x47131c LoadLibraryW
0x471320 GetLocaleInfoW
0x471324 SetStdHandle
0x471328 FlushFileBuffers
0x47132c WriteConsoleW
0x471330 EnumSystemLocalesA
0x471334 IsValidLocale
0x471338 lstrcmpiA
0x47133c lstrcmpA
0x471340 GlobalDeleteAtom
0x471344 LocalFree
0x471348 lstrcpynA
0x47134c LocalAlloc
0x471350 InitializeCriticalSection
0x471354 GlobalHandle
0x471358 GlobalReAlloc
0x47135c LocalReAlloc
0x471360 GlobalFlags
USER32.dll
0x4713c4 CallNextHookEx
0x4713c8 GetKeyState
0x4713cc GetNextDlgTabItem
0x4713d0 GetFocus
0x4713d4 EnableMenuItem
0x4713d8 CheckMenuItem
0x4713dc SetMenuItemBitmaps
0x4713e0 ModifyMenuA
0x4713e4 GetMenuState
0x4713e8 LoadBitmapA
0x4713ec GetMenuCheckMarkDimensions
0x4713f0 TabbedTextOutA
0x4713f4 DrawTextA
0x4713f8 GrayStringA
0x4713fc UnhookWindowsHookEx
0x471400 DestroyWindow
0x471404 GetDlgCtrlID
0x471408 SetWindowTextA
0x47140c GetMenuItemCount
0x471410 GetWindowPlacement
0x471414 RegisterWindowMessageA
0x471418 GetMessagePos
0x47141c GetMessageTime
0x471420 DefWindowProcA
0x471424 RemovePropA
0x471428 CallWindowProcA
0x47142c GetPropA
0x471430 SetPropA
0x471434 GetClassLongA
0x471438 CreateWindowExA
0x47143c GetMenuItemID
0x471440 GetSubMenu
0x471444 GetMenu
0x471448 RegisterClassA
0x47144c GetClassInfoA
0x471450 WinHelpA
0x471454 SetWindowsHookExA
0x471458 GetTopWindow
0x47145c CopyRect
0x471460 AdjustWindowRectEx
0x471464 GetSysColor
0x471468 MapWindowPoints
0x47146c LoadIconA
0x471470 LoadCursorA
0x471474 GetSysColorBrush
0x471478 LoadStringA
0x47147c DestroyMenu
0x471480 SetActiveWindow
0x471484 GetLastActivePopup
0x471488 IsWindowEnabled
0x47148c EnableWindow
0x471490 SetForegroundWindow
0x471494 SetFocus
0x471498 GetWindowThreadProcessId
0x47149c ShowWindowAsync
0x4714a0 PostMessageA
0x4714a4 PostQuitMessage
0x4714a8 MsgWaitForMultipleObjects
0x4714ac IsWindow
0x4714b0 FindWindowExA
0x4714b4 DestroyIcon
0x4714b8 GetForegroundWindow
0x4714bc GetDC
0x4714c0 FillRect
0x4714c4 DrawIconEx
0x4714c8 ReleaseDC
0x4714cc SendInput
0x4714d0 GetSystemMetrics
0x4714d4 MapVirtualKeyA
0x4714d8 GetLastInputInfo
0x4714dc LoadImageA
0x4714e0 EnumDisplaySettingsA
0x4714e4 IsIconic
0x4714e8 IsWindowVisible
0x4714ec GetWindowRect
0x4714f0 GetClientRect
0x4714f4 ClientToScreen
0x4714f8 OpenClipboard
0x4714fc GetClipboardData
0x471500 GetAncestor
0x471504 CloseClipboard
0x471508 EmptyClipboard
0x47150c SetClipboardData
0x471510 MessageBoxA
0x471514 wsprintfA
0x471518 DispatchMessageA
0x47151c TranslateMessage
0x471520 GetMessageA
0x471524 PeekMessageA
0x471528 GetParent
0x47152c GetWindow
0x471530 PtInRect
0x471534 GetWindowLongA
0x471538 GetWindowTextA
0x47153c SetWindowPos
0x471540 AttachThreadInput
0x471544 SetWindowLongA
0x471548 GetDlgItem
0x47154c SystemParametersInfoA
0x471550 GetClassNameA
0x471554 SendMessageA
0x471558 GetCapture
0x47155c BringWindowToTop
OLEAUT32.dll
0x471368 SafeArrayDestroy
0x47136c VariantClear
0x471370 SysAllocString
0x471374 SafeArrayCreate
0x471378 VariantCopy
0x47137c RegisterTypeLib
0x471380 LHashValOfNameSys
0x471384 LoadTypeLib
0x471388 SystemTimeToVariantTime
0x47138c OleLoadPicture
0x471390 VarR8FromCy
0x471394 VarR8FromBool
0x471398 VariantTimeToSystemTime
SHLWAPI.dll
0x4713b8 PathFindExtensionA
0x4713bc PathFindFileNameA
GDI32.dll
0x471040 GetClipBox
0x471044 ScaleWindowExtEx
0x471048 SetWindowExtEx
0x47104c ScaleViewportExtEx
0x471050 SetViewportExtEx
0x471054 OffsetViewportOrgEx
0x471058 SetViewportOrgEx
0x47105c SetMapMode
0x471060 GetStockObject
0x471064 GetDeviceCaps
0x471068 SetDIBitsToDevice
0x47106c GetDIBits
0x471070 SetPixelV
0x471074 GetPixel
0x471078 GdiFlush
0x47107c BitBlt
0x471080 GetObjectA
0x471084 CreateDIBSection
0x471088 SetTextColor
0x47108c DeleteDC
0x471090 CreateSolidBrush
0x471094 SelectObject
0x471098 CreateCompatibleBitmap
0x47109c CreateCompatibleDC
0x4710a0 PtVisible
0x4710a4 RectVisible
0x4710a8 TextOutA
0x4710ac ExtTextOutA
0x4710b0 Escape
0x4710b4 SetBkColor
0x4710b8 RestoreDC
0x4710bc SaveDC
0x4710c0 CreateBitmap
0x4710c4 DeleteObject
ADVAPI32.dll
0x471000 InitializeSecurityDescriptor
0x471004 SetSecurityDescriptorDacl
0x471008 CryptAcquireContextA
0x47100c CryptCreateHash
0x471010 CryptReleaseContext
0x471014 CryptHashData
0x471018 CryptDestroyHash
0x47101c CryptGetHashParam
0x471020 RegOpenKeyA
0x471024 RegCloseKey
0x471028 OpenProcessToken
0x47102c GetTokenInformation
0x471030 RegQueryValueExA
SHELL32.dll
0x4713a0 ShellExecuteExA
0x4713a4 SHGetFileInfoA
0x4713a8 ShellExecuteA
0x4713ac SHGetSpecialFolderPathW
0x4713b0 SHGetSpecialFolderPathA
ole32.dll
0x4715cc CoInitializeEx
0x4715d0 CoUninitialize
0x4715d4 CoCreateGuid
0x4715d8 CoInitialize
0x4715dc OleRun
0x4715e0 CoCreateInstance
0x4715e4 CLSIDFromString
0x4715e8 CLSIDFromProgID
0x4715ec CreateStreamOnHGlobal
kernel32.dll
0x471574 GetModuleHandleA
0x471578 GetProcessHeap
0x47157c HeapAlloc
0x471580 HeapFree
0x471584 RtlMoveMemory
0x471588 GetProcAddress
0x47158c FreeLibrary
0x471590 LoadLibraryA
0x471594 VirtualProtectEx
0x471598 LCMapStringA
0x47159c IsBadReadPtr
0x4715a0 GetEnvironmentVariableA
0x4715a4 ExitProcess
msvcrt.dll
0x4715ac sprintf
0x4715b0 atoi
0x4715b4 _ftol
0x4715b8 strchr
0x4715bc free
0x4715c0 malloc
0x4715c4 strstr
user32.dll
0x4715fc MessageBoxA
0x471600 wsprintfA
oleaut32.dll
0x4715f4 VariantTimeToSystemTime
WINSPOOL.DRV
0x471564 OpenPrinterA
0x471568 ClosePrinter
0x47156c DocumentPropertiesA
COMCTL32.dll
0x471038 None
EAT(Export Address Table) is none
KERNEL32.dll
0x4710cc HeapQueryInformation
0x4710d0 LCMapStringA
0x4710d4 GetCommandLineA
0x4710d8 GetTickCount
0x4710dc WritePrivateProfileStringA
0x4710e0 GetLocalTime
0x4710e4 FileTimeToLocalFileTime
0x4710e8 FileTimeToSystemTime
0x4710ec FindClose
0x4710f0 FindFirstFileA
0x4710f4 FindNextFileA
0x4710f8 GetDiskFreeSpaceExA
0x4710fc GetDiskFreeSpaceA
0x471100 MulDiv
0x471104 GetCurrentDirectoryA
0x471108 GetVolumeInformationA
0x47110c GetPrivateProfileStringA
0x471110 GlobalAlloc
0x471114 GlobalLock
0x471118 GlobalUnlock
0x47111c GlobalFree
0x471120 GetUserDefaultLCID
0x471124 GetStartupInfoA
0x471128 CreateProcessA
0x47112c ExitProcess
0x471130 CancelWaitableTimer
0x471134 VirtualAlloc
0x471138 VirtualFree
0x47113c TryEnterCriticalSection
0x471140 CreateEventA
0x471144 WaitForMultipleObjects
0x471148 SetEvent
0x47114c HeapReAlloc
0x471150 HeapDestroy
0x471154 DeleteCriticalSection
0x471158 FreeLibrary
0x47115c SetCriticalSectionSpinCount
0x471160 HeapCreate
0x471164 lstrcpyn
0x471168 RtlMoveMemory
0x47116c GlobalMemoryStatusEx
0x471170 GetProcessId
0x471174 GetTimeFormatA
0x471178 GetDateFormatA
0x47117c GetLocaleInfoA
0x471180 GetComputerNameA
0x471184 MoveFileA
0x471188 ReadFile
0x47118c GetFileSizeEx
0x471190 WriteFile
0x471194 SetEndOfFile
0x471198 SetFilePointerEx
0x47119c CreateFileA
0x4711a0 CreateFileW
0x4711a4 TlsSetValue
0x4711a8 IsBadReadPtr
0x4711ac TlsGetValue
0x4711b0 DeleteFileA
0x4711b4 GetTempPathW
0x4711b8 lstrlenW
0x4711bc SetFileAttributesA
0x4711c0 GetFileAttributesA
0x4711c4 GetLongPathNameA
0x4711c8 GetTempPathA
0x4711cc GetSystemDirectoryA
0x4711d0 GetWindowsDirectoryA
0x4711d4 CreateFileMappingA
0x4711d8 Process32Next
0x4711dc Process32First
0x4711e0 CreateToolhelp32Snapshot
0x4711e4 OpenProcess
0x4711e8 UnmapViewOfFile
0x4711ec MapViewOfFile
0x4711f0 OpenFileMappingA
0x4711f4 WideCharToMultiByte
0x4711f8 MultiByteToWideChar
0x4711fc GetModuleFileNameA
0x471200 HeapSize
0x471204 TerminateProcess
0x471208 SetThreadAffinityMask
0x47120c HeapFree
0x471210 InterlockedExchange
0x471214 LeaveCriticalSection
0x471218 WaitForSingleObject
0x47121c SetWaitableTimer
0x471220 CreateWaitableTimerA
0x471224 SwitchToThread
0x471228 InterlockedCompareExchange
0x47122c EnterCriticalSection
0x471230 CloseHandle
0x471234 CreateThread
0x471238 SetProcessDEPPolicy
0x47123c HeapAlloc
0x471240 GetProcessHeap
0x471244 InitializeCriticalSectionAndSpinCount
0x471248 GetCurrentProcessId
0x47124c GetCurrentThreadId
0x471250 GetProcAddress
0x471254 LoadLibraryA
0x471258 GetModuleHandleA
0x47125c IsWow64Process
0x471260 GetCurrentProcess
0x471264 GetSystemInfo
0x471268 GetProcessVersion
0x47126c GlobalGetAtomNameA
0x471270 GlobalAddAtomA
0x471274 GlobalFindAtomA
0x471278 SetFilePointer
0x47127c GetLastError
0x471280 GetDriveTypeA
0x471284 Sleep
0x471288 lstrcpyA
0x47128c lstrlenA
0x471290 SetLastError
0x471294 lstrcatA
0x471298 QueryPerformanceCounter
0x47129c GetVersion
0x4712a0 HeapSetInformation
0x4712a4 GetStartupInfoW
0x4712a8 EncodePointer
0x4712ac DecodePointer
0x4712b0 RtlUnwind
0x4712b4 RaiseException
0x4712b8 SetUnhandledExceptionFilter
0x4712bc GetModuleHandleW
0x4712c0 GetStdHandle
0x4712c4 GetModuleFileNameW
0x4712c8 FreeEnvironmentStringsW
0x4712cc GetEnvironmentStringsW
0x4712d0 SetHandleCount
0x4712d4 GetFileType
0x4712d8 TlsAlloc
0x4712dc TlsFree
0x4712e0 InterlockedIncrement
0x4712e4 InterlockedDecrement
0x4712e8 GetSystemTimeAsFileTime
0x4712ec UnhandledExceptionFilter
0x4712f0 IsDebuggerPresent
0x4712f4 IsProcessorFeaturePresent
0x4712f8 GetConsoleCP
0x4712fc GetConsoleMode
0x471300 GetCPInfo
0x471304 GetACP
0x471308 GetOEMCP
0x47130c IsValidCodePage
0x471310 LCMapStringW
0x471314 VirtualQuery
0x471318 GetStringTypeW
0x47131c LoadLibraryW
0x471320 GetLocaleInfoW
0x471324 SetStdHandle
0x471328 FlushFileBuffers
0x47132c WriteConsoleW
0x471330 EnumSystemLocalesA
0x471334 IsValidLocale
0x471338 lstrcmpiA
0x47133c lstrcmpA
0x471340 GlobalDeleteAtom
0x471344 LocalFree
0x471348 lstrcpynA
0x47134c LocalAlloc
0x471350 InitializeCriticalSection
0x471354 GlobalHandle
0x471358 GlobalReAlloc
0x47135c LocalReAlloc
0x471360 GlobalFlags
USER32.dll
0x4713c4 CallNextHookEx
0x4713c8 GetKeyState
0x4713cc GetNextDlgTabItem
0x4713d0 GetFocus
0x4713d4 EnableMenuItem
0x4713d8 CheckMenuItem
0x4713dc SetMenuItemBitmaps
0x4713e0 ModifyMenuA
0x4713e4 GetMenuState
0x4713e8 LoadBitmapA
0x4713ec GetMenuCheckMarkDimensions
0x4713f0 TabbedTextOutA
0x4713f4 DrawTextA
0x4713f8 GrayStringA
0x4713fc UnhookWindowsHookEx
0x471400 DestroyWindow
0x471404 GetDlgCtrlID
0x471408 SetWindowTextA
0x47140c GetMenuItemCount
0x471410 GetWindowPlacement
0x471414 RegisterWindowMessageA
0x471418 GetMessagePos
0x47141c GetMessageTime
0x471420 DefWindowProcA
0x471424 RemovePropA
0x471428 CallWindowProcA
0x47142c GetPropA
0x471430 SetPropA
0x471434 GetClassLongA
0x471438 CreateWindowExA
0x47143c GetMenuItemID
0x471440 GetSubMenu
0x471444 GetMenu
0x471448 RegisterClassA
0x47144c GetClassInfoA
0x471450 WinHelpA
0x471454 SetWindowsHookExA
0x471458 GetTopWindow
0x47145c CopyRect
0x471460 AdjustWindowRectEx
0x471464 GetSysColor
0x471468 MapWindowPoints
0x47146c LoadIconA
0x471470 LoadCursorA
0x471474 GetSysColorBrush
0x471478 LoadStringA
0x47147c DestroyMenu
0x471480 SetActiveWindow
0x471484 GetLastActivePopup
0x471488 IsWindowEnabled
0x47148c EnableWindow
0x471490 SetForegroundWindow
0x471494 SetFocus
0x471498 GetWindowThreadProcessId
0x47149c ShowWindowAsync
0x4714a0 PostMessageA
0x4714a4 PostQuitMessage
0x4714a8 MsgWaitForMultipleObjects
0x4714ac IsWindow
0x4714b0 FindWindowExA
0x4714b4 DestroyIcon
0x4714b8 GetForegroundWindow
0x4714bc GetDC
0x4714c0 FillRect
0x4714c4 DrawIconEx
0x4714c8 ReleaseDC
0x4714cc SendInput
0x4714d0 GetSystemMetrics
0x4714d4 MapVirtualKeyA
0x4714d8 GetLastInputInfo
0x4714dc LoadImageA
0x4714e0 EnumDisplaySettingsA
0x4714e4 IsIconic
0x4714e8 IsWindowVisible
0x4714ec GetWindowRect
0x4714f0 GetClientRect
0x4714f4 ClientToScreen
0x4714f8 OpenClipboard
0x4714fc GetClipboardData
0x471500 GetAncestor
0x471504 CloseClipboard
0x471508 EmptyClipboard
0x47150c SetClipboardData
0x471510 MessageBoxA
0x471514 wsprintfA
0x471518 DispatchMessageA
0x47151c TranslateMessage
0x471520 GetMessageA
0x471524 PeekMessageA
0x471528 GetParent
0x47152c GetWindow
0x471530 PtInRect
0x471534 GetWindowLongA
0x471538 GetWindowTextA
0x47153c SetWindowPos
0x471540 AttachThreadInput
0x471544 SetWindowLongA
0x471548 GetDlgItem
0x47154c SystemParametersInfoA
0x471550 GetClassNameA
0x471554 SendMessageA
0x471558 GetCapture
0x47155c BringWindowToTop
OLEAUT32.dll
0x471368 SafeArrayDestroy
0x47136c VariantClear
0x471370 SysAllocString
0x471374 SafeArrayCreate
0x471378 VariantCopy
0x47137c RegisterTypeLib
0x471380 LHashValOfNameSys
0x471384 LoadTypeLib
0x471388 SystemTimeToVariantTime
0x47138c OleLoadPicture
0x471390 VarR8FromCy
0x471394 VarR8FromBool
0x471398 VariantTimeToSystemTime
SHLWAPI.dll
0x4713b8 PathFindExtensionA
0x4713bc PathFindFileNameA
GDI32.dll
0x471040 GetClipBox
0x471044 ScaleWindowExtEx
0x471048 SetWindowExtEx
0x47104c ScaleViewportExtEx
0x471050 SetViewportExtEx
0x471054 OffsetViewportOrgEx
0x471058 SetViewportOrgEx
0x47105c SetMapMode
0x471060 GetStockObject
0x471064 GetDeviceCaps
0x471068 SetDIBitsToDevice
0x47106c GetDIBits
0x471070 SetPixelV
0x471074 GetPixel
0x471078 GdiFlush
0x47107c BitBlt
0x471080 GetObjectA
0x471084 CreateDIBSection
0x471088 SetTextColor
0x47108c DeleteDC
0x471090 CreateSolidBrush
0x471094 SelectObject
0x471098 CreateCompatibleBitmap
0x47109c CreateCompatibleDC
0x4710a0 PtVisible
0x4710a4 RectVisible
0x4710a8 TextOutA
0x4710ac ExtTextOutA
0x4710b0 Escape
0x4710b4 SetBkColor
0x4710b8 RestoreDC
0x4710bc SaveDC
0x4710c0 CreateBitmap
0x4710c4 DeleteObject
ADVAPI32.dll
0x471000 InitializeSecurityDescriptor
0x471004 SetSecurityDescriptorDacl
0x471008 CryptAcquireContextA
0x47100c CryptCreateHash
0x471010 CryptReleaseContext
0x471014 CryptHashData
0x471018 CryptDestroyHash
0x47101c CryptGetHashParam
0x471020 RegOpenKeyA
0x471024 RegCloseKey
0x471028 OpenProcessToken
0x47102c GetTokenInformation
0x471030 RegQueryValueExA
SHELL32.dll
0x4713a0 ShellExecuteExA
0x4713a4 SHGetFileInfoA
0x4713a8 ShellExecuteA
0x4713ac SHGetSpecialFolderPathW
0x4713b0 SHGetSpecialFolderPathA
ole32.dll
0x4715cc CoInitializeEx
0x4715d0 CoUninitialize
0x4715d4 CoCreateGuid
0x4715d8 CoInitialize
0x4715dc OleRun
0x4715e0 CoCreateInstance
0x4715e4 CLSIDFromString
0x4715e8 CLSIDFromProgID
0x4715ec CreateStreamOnHGlobal
kernel32.dll
0x471574 GetModuleHandleA
0x471578 GetProcessHeap
0x47157c HeapAlloc
0x471580 HeapFree
0x471584 RtlMoveMemory
0x471588 GetProcAddress
0x47158c FreeLibrary
0x471590 LoadLibraryA
0x471594 VirtualProtectEx
0x471598 LCMapStringA
0x47159c IsBadReadPtr
0x4715a0 GetEnvironmentVariableA
0x4715a4 ExitProcess
msvcrt.dll
0x4715ac sprintf
0x4715b0 atoi
0x4715b4 _ftol
0x4715b8 strchr
0x4715bc free
0x4715c0 malloc
0x4715c4 strstr
user32.dll
0x4715fc MessageBoxA
0x471600 wsprintfA
oleaut32.dll
0x4715f4 VariantTimeToSystemTime
WINSPOOL.DRV
0x471564 OpenPrinterA
0x471568 ClosePrinter
0x47156c DocumentPropertiesA
COMCTL32.dll
0x471038 None
EAT(Export Address Table) is none