ScreenShot
| Created | 2024.07.30 07:54 | Machine | s1_win7_x6403 |
| Filename | zbi.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | |||
| md5 | 0534ab10184891cd61d262bfd79b7b4c | ||
| sha256 | 191272e200345dcb0a7a8c8c975a8b07847f07b9d9f0c3af472fdb88092aee0b | ||
| ssdeep | 49152:flhBWdxUM546QwStp9BLoQDbN46Nhz8kGAy9x2XdMP3Z+dlihVnp3qd38gT+c1m0:flXWhqntN46uPM3jwHYlDx7ILqTn | ||
| imphash | 94e6725f9edd6f43dcf6269a222aa3c5 | ||
| impfuzzy | 96:PH3nb2treixLoIXMiE4vSYazav5fcg+Pw/kXuQmYJ4WohPdUMm4K:PH3it6XIci/SYazakaYJ4WoHUMm4K | ||
Network IP location
Signature (1cnts)
| Level | Description |
|---|---|
| info | This executable has a PDB path |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
api-ms-win-core-synch-l1-2-0.dll
0x1403a6040 WaitOnAddress
0x1403a6048 WakeByAddressAll
0x1403a6050 WakeByAddressSingle
cryptprimitives.dll
0x1403a6228 ProcessPrng
ntdll.dll
0x1403a6758 NtDeviceIoControlFile
0x1403a6760 NtCreateFile
0x1403a6768 NtWriteFile
0x1403a6770 RtlNtStatusToDosError
0x1403a6778 NtCancelIoFileEx
0x1403a6780 RtlUnwindEx
0x1403a6788 RtlPcToFileHeader
0x1403a6790 NtReadFile
0x1403a6798 RtlCaptureContext
0x1403a67a0 RtlLookupFunctionEntry
0x1403a67a8 RtlVirtualUnwind
kernel32.dll
0x1403a6300 MultiByteToWideChar
0x1403a6308 WriteConsoleW
0x1403a6310 GetModuleHandleA
0x1403a6318 GetProcAddress
0x1403a6320 CreateWaitableTimerExW
0x1403a6328 SetWaitableTimer
0x1403a6330 Sleep
0x1403a6338 QueryPerformanceFrequency
0x1403a6340 GetModuleHandleW
0x1403a6348 FormatMessageW
0x1403a6350 lstrlenW
0x1403a6358 GetEnvironmentVariableW
0x1403a6360 GetTempPathW
0x1403a6368 GetFileInformationByHandleEx
0x1403a6370 GetFullPathNameW
0x1403a6378 FlushFileBuffers
0x1403a6380 SetFilePointerEx
0x1403a6388 QueryPerformanceCounter
0x1403a6390 CreateDirectoryW
0x1403a6398 FindFirstFileW
0x1403a63a0 FindClose
0x1403a63a8 GetConsoleMode
0x1403a63b0 SetFileCompletionNotificationModes
0x1403a63b8 CreateIoCompletionPort
0x1403a63c0 GetQueuedCompletionStatusEx
0x1403a63c8 SetHandleInformation
0x1403a63d0 GetEnvironmentStringsW
0x1403a63d8 FreeEnvironmentStringsW
0x1403a63e0 CompareStringOrdinal
0x1403a63e8 GetSystemDirectoryW
0x1403a63f0 GetWindowsDirectoryW
0x1403a63f8 CreateProcessW
0x1403a6400 GetFileAttributesW
0x1403a6408 GetCurrentProcess
0x1403a6410 DuplicateHandle
0x1403a6418 InitializeProcThreadAttributeList
0x1403a6420 UpdateProcThreadAttribute
0x1403a6428 DeleteProcThreadAttributeList
0x1403a6430 GetCurrentProcessId
0x1403a6438 CreateNamedPipeW
0x1403a6440 CreateThread
0x1403a6448 ReadFileEx
0x1403a6450 SleepEx
0x1403a6458 WriteFileEx
0x1403a6460 WaitForMultipleObjects
0x1403a6468 GetOverlappedResult
0x1403a6470 CreateEventW
0x1403a6478 CancelIo
0x1403a6480 ReadFile
0x1403a6488 ExitProcess
0x1403a6490 HeapAlloc
0x1403a6498 GetStdHandle
0x1403a64a0 GetCurrentDirectoryW
0x1403a64a8 WaitForSingleObjectEx
0x1403a64b0 AddVectoredExceptionHandler
0x1403a64b8 CreateMutexA
0x1403a64c0 ReleaseMutex
0x1403a64c8 WideCharToMultiByte
0x1403a64d0 DeleteFileW
0x1403a64d8 CopyFileExW
0x1403a64e0 PostQueuedCompletionStatus
0x1403a64e8 GetFinalPathNameByHandleW
0x1403a64f0 SetLastError
0x1403a64f8 GetSystemInfo
0x1403a6500 UnhandledExceptionFilter
0x1403a6508 SwitchToThread
0x1403a6510 SetFileInformationByHandle
0x1403a6518 GetModuleFileNameW
0x1403a6520 CreateFileW
0x1403a6528 SetUnhandledExceptionFilter
0x1403a6530 HeapReAlloc
0x1403a6538 GetExitCodeProcess
0x1403a6540 WaitForSingleObject
0x1403a6548 GetSystemTimePreciseAsFileTime
0x1403a6550 GetTickCount
0x1403a6558 MapViewOfFile
0x1403a6560 CreateFileMappingW
0x1403a6568 FormatMessageA
0x1403a6570 GetSystemTime
0x1403a6578 GetSystemTimeAsFileTime
0x1403a6580 FreeLibrary
0x1403a6588 SystemTimeToFileTime
0x1403a6590 GetFileSize
0x1403a6598 LockFileEx
0x1403a65a0 LocalFree
0x1403a65a8 UnlockFile
0x1403a65b0 HeapDestroy
0x1403a65b8 HeapCompact
0x1403a65c0 LoadLibraryW
0x1403a65c8 DeleteFileA
0x1403a65d0 CreateFileA
0x1403a65d8 FlushViewOfFile
0x1403a65e0 OutputDebugStringW
0x1403a65e8 GetFileAttributesExW
0x1403a65f0 GetFileAttributesA
0x1403a65f8 GetDiskFreeSpaceA
0x1403a6600 GetTempPathA
0x1403a6608 HeapSize
0x1403a6610 HeapValidate
0x1403a6618 UnmapViewOfFile
0x1403a6620 CreateMutexW
0x1403a6628 UnlockFileEx
0x1403a6630 SetEndOfFile
0x1403a6638 GetFullPathNameA
0x1403a6640 SetFilePointer
0x1403a6648 LockFile
0x1403a6650 OutputDebugStringA
0x1403a6658 GetDiskFreeSpaceW
0x1403a6660 WriteFile
0x1403a6668 HeapCreate
0x1403a6670 AreFileApisANSI
0x1403a6678 InitializeCriticalSection
0x1403a6680 EnterCriticalSection
0x1403a6688 LeaveCriticalSection
0x1403a6690 TryEnterCriticalSection
0x1403a6698 DeleteCriticalSection
0x1403a66a0 GetCurrentThreadId
0x1403a66a8 TerminateProcess
0x1403a66b0 IsProcessorFeaturePresent
0x1403a66b8 GetLastError
0x1403a66c0 InitializeSListHead
0x1403a66c8 GetCurrentThread
0x1403a66d0 CloseHandle
0x1403a66d8 IsDebuggerPresent
0x1403a66e0 GetFileInformationByHandle
0x1403a66e8 HeapFree
0x1403a66f0 GetProcessHeap
0x1403a66f8 EncodePointer
0x1403a6700 RaiseException
0x1403a6708 InitializeCriticalSectionAndSpinCount
0x1403a6710 TlsAlloc
0x1403a6718 TlsGetValue
0x1403a6720 TlsSetValue
0x1403a6728 TlsFree
0x1403a6730 LoadLibraryA
0x1403a6738 SetThreadStackGuarantee
0x1403a6740 FindNextFileW
0x1403a6748 LoadLibraryExW
ws2_32.dll
0x1403a68c0 WSAIoctl
0x1403a68c8 ioctlsocket
0x1403a68d0 socket
0x1403a68d8 getsockname
0x1403a68e0 WSAGetLastError
0x1403a68e8 WSASend
0x1403a68f0 shutdown
0x1403a68f8 getpeername
0x1403a6900 send
0x1403a6908 WSACleanup
0x1403a6910 getsockopt
0x1403a6918 WSASocketW
0x1403a6920 closesocket
0x1403a6928 select
0x1403a6930 ind
0x1403a6938 listen
0x1403a6940 accept
0x1403a6948 setsockopt
0x1403a6950 freeaddrinfo
0x1403a6958 getaddrinfo
0x1403a6960 recv
0x1403a6968 connect
0x1403a6970 WSAStartup
rstrtmgr.dll
0x1403a6828 RmRegisterResources
0x1403a6830 RmGetList
0x1403a6838 RmStartSession
user32.dll
0x1403a68a0 EnumDisplaySettingsExW
0x1403a68a8 EnumDisplayMonitors
0x1403a68b0 GetMonitorInfoW
crypt.dll
0x1403a6218 BCryptGenRandom
advapi32.dll
0x1403a6000 RegQueryValueExW
0x1403a6008 CheckTokenMembership
0x1403a6010 RegOpenKeyExW
0x1403a6018 AllocateAndInitializeSid
0x1403a6020 RegCloseKey
0x1403a6028 SystemFunction036
0x1403a6030 FreeSid
secur32.dll
0x1403a6848 FreeCredentialsHandle
0x1403a6850 DeleteSecurityContext
0x1403a6858 AcquireCredentialsHandleA
0x1403a6860 ApplyControlToken
0x1403a6868 EncryptMessage
0x1403a6870 DecryptMessage
0x1403a6878 QueryContextAttributesW
0x1403a6880 InitializeSecurityContextW
0x1403a6888 AcceptSecurityContext
0x1403a6890 FreeContextBuffer
crypt32.dll
0x1403a6238 CertVerifyCertificateChainPolicy
0x1403a6240 CertFreeCertificateContext
0x1403a6248 CertEnumCertificatesInStore
0x1403a6250 CertAddCertificateContextToStore
0x1403a6258 CertFreeCertificateChain
0x1403a6260 CertGetCertificateChain
0x1403a6268 CertDuplicateStore
0x1403a6270 CertOpenStore
0x1403a6278 CertDuplicateCertificateContext
0x1403a6280 CertDuplicateCertificateChain
0x1403a6288 CertCloseStore
0x1403a6290 CryptUnprotectData
oleaut32.dll
0x1403a67e0 SysAllocStringLen
0x1403a67e8 SafeArrayDestroy
0x1403a67f0 VariantClear
0x1403a67f8 SafeArrayAccessData
0x1403a6800 SysFreeString
0x1403a6808 SafeArrayGetUBound
0x1403a6810 SafeArrayGetLBound
0x1403a6818 SafeArrayUnaccessData
ole32.dll
0x1403a67b8 CoSetProxyBlanket
0x1403a67c0 CoInitializeSecurity
0x1403a67c8 CoInitializeEx
0x1403a67d0 CoCreateInstance
gdi32.dll
0x1403a62a0 GetDeviceCaps
0x1403a62a8 CreateCompatibleDC
0x1403a62b0 CreateCompatibleBitmap
0x1403a62b8 SelectObject
0x1403a62c0 SetStretchBltMode
0x1403a62c8 DeleteDC
0x1403a62d0 GetDIBits
0x1403a62d8 GetObjectW
0x1403a62e0 DeleteObject
0x1403a62e8 CreateDCW
0x1403a62f0 StretchBlt
api-ms-win-crt-math-l1-1-0.dll
0x1403a60a8 log
0x1403a60b0 ceil
0x1403a60b8 exp2f
0x1403a60c0 _dclass
0x1403a60c8 pow
0x1403a60d0 truncf
0x1403a60d8 __setusermatherr
0x1403a60e0 roundf
api-ms-win-crt-string-l1-1-0.dll
0x1403a61b8 strcspn
0x1403a61c0 strlen
0x1403a61c8 strcmp
0x1403a61d0 strcpy_s
0x1403a61d8 wcsncmp
0x1403a61e0 strncmp
api-ms-win-crt-heap-l1-1-0.dll
0x1403a6060 free
0x1403a6068 _msize
0x1403a6070 realloc
0x1403a6078 calloc
0x1403a6080 malloc
0x1403a6088 _set_new_mode
api-ms-win-crt-utility-l1-1-0.dll
0x1403a6200 _rotl64
0x1403a6208 qsort
api-ms-win-crt-time-l1-1-0.dll
0x1403a61f0 _localtime64_s
api-ms-win-crt-runtime-l1-1-0.dll
0x1403a60f0 _configure_narrow_argv
0x1403a60f8 _seh_filter_exe
0x1403a6100 _endthreadex
0x1403a6108 _get_initial_narrow_environment
0x1403a6110 _initterm
0x1403a6118 _initialize_onexit_table
0x1403a6120 _beginthreadex
0x1403a6128 _initterm_e
0x1403a6130 exit
0x1403a6138 _exit
0x1403a6140 terminate
0x1403a6148 abort
0x1403a6150 __p___argc
0x1403a6158 __p___argv
0x1403a6160 _cexit
0x1403a6168 _c_exit
0x1403a6170 _register_onexit_function
0x1403a6178 _register_thread_local_exe_atexit_callback
0x1403a6180 _crt_atexit
0x1403a6188 _initialize_narrow_environment
0x1403a6190 _set_app_type
api-ms-win-crt-stdio-l1-1-0.dll
0x1403a61a0 __p__commode
0x1403a61a8 _set_fmode
api-ms-win-crt-locale-l1-1-0.dll
0x1403a6098 _configthreadlocale
EAT(Export Address Table) is none
api-ms-win-core-synch-l1-2-0.dll
0x1403a6040 WaitOnAddress
0x1403a6048 WakeByAddressAll
0x1403a6050 WakeByAddressSingle
cryptprimitives.dll
0x1403a6228 ProcessPrng
ntdll.dll
0x1403a6758 NtDeviceIoControlFile
0x1403a6760 NtCreateFile
0x1403a6768 NtWriteFile
0x1403a6770 RtlNtStatusToDosError
0x1403a6778 NtCancelIoFileEx
0x1403a6780 RtlUnwindEx
0x1403a6788 RtlPcToFileHeader
0x1403a6790 NtReadFile
0x1403a6798 RtlCaptureContext
0x1403a67a0 RtlLookupFunctionEntry
0x1403a67a8 RtlVirtualUnwind
kernel32.dll
0x1403a6300 MultiByteToWideChar
0x1403a6308 WriteConsoleW
0x1403a6310 GetModuleHandleA
0x1403a6318 GetProcAddress
0x1403a6320 CreateWaitableTimerExW
0x1403a6328 SetWaitableTimer
0x1403a6330 Sleep
0x1403a6338 QueryPerformanceFrequency
0x1403a6340 GetModuleHandleW
0x1403a6348 FormatMessageW
0x1403a6350 lstrlenW
0x1403a6358 GetEnvironmentVariableW
0x1403a6360 GetTempPathW
0x1403a6368 GetFileInformationByHandleEx
0x1403a6370 GetFullPathNameW
0x1403a6378 FlushFileBuffers
0x1403a6380 SetFilePointerEx
0x1403a6388 QueryPerformanceCounter
0x1403a6390 CreateDirectoryW
0x1403a6398 FindFirstFileW
0x1403a63a0 FindClose
0x1403a63a8 GetConsoleMode
0x1403a63b0 SetFileCompletionNotificationModes
0x1403a63b8 CreateIoCompletionPort
0x1403a63c0 GetQueuedCompletionStatusEx
0x1403a63c8 SetHandleInformation
0x1403a63d0 GetEnvironmentStringsW
0x1403a63d8 FreeEnvironmentStringsW
0x1403a63e0 CompareStringOrdinal
0x1403a63e8 GetSystemDirectoryW
0x1403a63f0 GetWindowsDirectoryW
0x1403a63f8 CreateProcessW
0x1403a6400 GetFileAttributesW
0x1403a6408 GetCurrentProcess
0x1403a6410 DuplicateHandle
0x1403a6418 InitializeProcThreadAttributeList
0x1403a6420 UpdateProcThreadAttribute
0x1403a6428 DeleteProcThreadAttributeList
0x1403a6430 GetCurrentProcessId
0x1403a6438 CreateNamedPipeW
0x1403a6440 CreateThread
0x1403a6448 ReadFileEx
0x1403a6450 SleepEx
0x1403a6458 WriteFileEx
0x1403a6460 WaitForMultipleObjects
0x1403a6468 GetOverlappedResult
0x1403a6470 CreateEventW
0x1403a6478 CancelIo
0x1403a6480 ReadFile
0x1403a6488 ExitProcess
0x1403a6490 HeapAlloc
0x1403a6498 GetStdHandle
0x1403a64a0 GetCurrentDirectoryW
0x1403a64a8 WaitForSingleObjectEx
0x1403a64b0 AddVectoredExceptionHandler
0x1403a64b8 CreateMutexA
0x1403a64c0 ReleaseMutex
0x1403a64c8 WideCharToMultiByte
0x1403a64d0 DeleteFileW
0x1403a64d8 CopyFileExW
0x1403a64e0 PostQueuedCompletionStatus
0x1403a64e8 GetFinalPathNameByHandleW
0x1403a64f0 SetLastError
0x1403a64f8 GetSystemInfo
0x1403a6500 UnhandledExceptionFilter
0x1403a6508 SwitchToThread
0x1403a6510 SetFileInformationByHandle
0x1403a6518 GetModuleFileNameW
0x1403a6520 CreateFileW
0x1403a6528 SetUnhandledExceptionFilter
0x1403a6530 HeapReAlloc
0x1403a6538 GetExitCodeProcess
0x1403a6540 WaitForSingleObject
0x1403a6548 GetSystemTimePreciseAsFileTime
0x1403a6550 GetTickCount
0x1403a6558 MapViewOfFile
0x1403a6560 CreateFileMappingW
0x1403a6568 FormatMessageA
0x1403a6570 GetSystemTime
0x1403a6578 GetSystemTimeAsFileTime
0x1403a6580 FreeLibrary
0x1403a6588 SystemTimeToFileTime
0x1403a6590 GetFileSize
0x1403a6598 LockFileEx
0x1403a65a0 LocalFree
0x1403a65a8 UnlockFile
0x1403a65b0 HeapDestroy
0x1403a65b8 HeapCompact
0x1403a65c0 LoadLibraryW
0x1403a65c8 DeleteFileA
0x1403a65d0 CreateFileA
0x1403a65d8 FlushViewOfFile
0x1403a65e0 OutputDebugStringW
0x1403a65e8 GetFileAttributesExW
0x1403a65f0 GetFileAttributesA
0x1403a65f8 GetDiskFreeSpaceA
0x1403a6600 GetTempPathA
0x1403a6608 HeapSize
0x1403a6610 HeapValidate
0x1403a6618 UnmapViewOfFile
0x1403a6620 CreateMutexW
0x1403a6628 UnlockFileEx
0x1403a6630 SetEndOfFile
0x1403a6638 GetFullPathNameA
0x1403a6640 SetFilePointer
0x1403a6648 LockFile
0x1403a6650 OutputDebugStringA
0x1403a6658 GetDiskFreeSpaceW
0x1403a6660 WriteFile
0x1403a6668 HeapCreate
0x1403a6670 AreFileApisANSI
0x1403a6678 InitializeCriticalSection
0x1403a6680 EnterCriticalSection
0x1403a6688 LeaveCriticalSection
0x1403a6690 TryEnterCriticalSection
0x1403a6698 DeleteCriticalSection
0x1403a66a0 GetCurrentThreadId
0x1403a66a8 TerminateProcess
0x1403a66b0 IsProcessorFeaturePresent
0x1403a66b8 GetLastError
0x1403a66c0 InitializeSListHead
0x1403a66c8 GetCurrentThread
0x1403a66d0 CloseHandle
0x1403a66d8 IsDebuggerPresent
0x1403a66e0 GetFileInformationByHandle
0x1403a66e8 HeapFree
0x1403a66f0 GetProcessHeap
0x1403a66f8 EncodePointer
0x1403a6700 RaiseException
0x1403a6708 InitializeCriticalSectionAndSpinCount
0x1403a6710 TlsAlloc
0x1403a6718 TlsGetValue
0x1403a6720 TlsSetValue
0x1403a6728 TlsFree
0x1403a6730 LoadLibraryA
0x1403a6738 SetThreadStackGuarantee
0x1403a6740 FindNextFileW
0x1403a6748 LoadLibraryExW
ws2_32.dll
0x1403a68c0 WSAIoctl
0x1403a68c8 ioctlsocket
0x1403a68d0 socket
0x1403a68d8 getsockname
0x1403a68e0 WSAGetLastError
0x1403a68e8 WSASend
0x1403a68f0 shutdown
0x1403a68f8 getpeername
0x1403a6900 send
0x1403a6908 WSACleanup
0x1403a6910 getsockopt
0x1403a6918 WSASocketW
0x1403a6920 closesocket
0x1403a6928 select
0x1403a6930 ind
0x1403a6938 listen
0x1403a6940 accept
0x1403a6948 setsockopt
0x1403a6950 freeaddrinfo
0x1403a6958 getaddrinfo
0x1403a6960 recv
0x1403a6968 connect
0x1403a6970 WSAStartup
rstrtmgr.dll
0x1403a6828 RmRegisterResources
0x1403a6830 RmGetList
0x1403a6838 RmStartSession
user32.dll
0x1403a68a0 EnumDisplaySettingsExW
0x1403a68a8 EnumDisplayMonitors
0x1403a68b0 GetMonitorInfoW
crypt.dll
0x1403a6218 BCryptGenRandom
advapi32.dll
0x1403a6000 RegQueryValueExW
0x1403a6008 CheckTokenMembership
0x1403a6010 RegOpenKeyExW
0x1403a6018 AllocateAndInitializeSid
0x1403a6020 RegCloseKey
0x1403a6028 SystemFunction036
0x1403a6030 FreeSid
secur32.dll
0x1403a6848 FreeCredentialsHandle
0x1403a6850 DeleteSecurityContext
0x1403a6858 AcquireCredentialsHandleA
0x1403a6860 ApplyControlToken
0x1403a6868 EncryptMessage
0x1403a6870 DecryptMessage
0x1403a6878 QueryContextAttributesW
0x1403a6880 InitializeSecurityContextW
0x1403a6888 AcceptSecurityContext
0x1403a6890 FreeContextBuffer
crypt32.dll
0x1403a6238 CertVerifyCertificateChainPolicy
0x1403a6240 CertFreeCertificateContext
0x1403a6248 CertEnumCertificatesInStore
0x1403a6250 CertAddCertificateContextToStore
0x1403a6258 CertFreeCertificateChain
0x1403a6260 CertGetCertificateChain
0x1403a6268 CertDuplicateStore
0x1403a6270 CertOpenStore
0x1403a6278 CertDuplicateCertificateContext
0x1403a6280 CertDuplicateCertificateChain
0x1403a6288 CertCloseStore
0x1403a6290 CryptUnprotectData
oleaut32.dll
0x1403a67e0 SysAllocStringLen
0x1403a67e8 SafeArrayDestroy
0x1403a67f0 VariantClear
0x1403a67f8 SafeArrayAccessData
0x1403a6800 SysFreeString
0x1403a6808 SafeArrayGetUBound
0x1403a6810 SafeArrayGetLBound
0x1403a6818 SafeArrayUnaccessData
ole32.dll
0x1403a67b8 CoSetProxyBlanket
0x1403a67c0 CoInitializeSecurity
0x1403a67c8 CoInitializeEx
0x1403a67d0 CoCreateInstance
gdi32.dll
0x1403a62a0 GetDeviceCaps
0x1403a62a8 CreateCompatibleDC
0x1403a62b0 CreateCompatibleBitmap
0x1403a62b8 SelectObject
0x1403a62c0 SetStretchBltMode
0x1403a62c8 DeleteDC
0x1403a62d0 GetDIBits
0x1403a62d8 GetObjectW
0x1403a62e0 DeleteObject
0x1403a62e8 CreateDCW
0x1403a62f0 StretchBlt
api-ms-win-crt-math-l1-1-0.dll
0x1403a60a8 log
0x1403a60b0 ceil
0x1403a60b8 exp2f
0x1403a60c0 _dclass
0x1403a60c8 pow
0x1403a60d0 truncf
0x1403a60d8 __setusermatherr
0x1403a60e0 roundf
api-ms-win-crt-string-l1-1-0.dll
0x1403a61b8 strcspn
0x1403a61c0 strlen
0x1403a61c8 strcmp
0x1403a61d0 strcpy_s
0x1403a61d8 wcsncmp
0x1403a61e0 strncmp
api-ms-win-crt-heap-l1-1-0.dll
0x1403a6060 free
0x1403a6068 _msize
0x1403a6070 realloc
0x1403a6078 calloc
0x1403a6080 malloc
0x1403a6088 _set_new_mode
api-ms-win-crt-utility-l1-1-0.dll
0x1403a6200 _rotl64
0x1403a6208 qsort
api-ms-win-crt-time-l1-1-0.dll
0x1403a61f0 _localtime64_s
api-ms-win-crt-runtime-l1-1-0.dll
0x1403a60f0 _configure_narrow_argv
0x1403a60f8 _seh_filter_exe
0x1403a6100 _endthreadex
0x1403a6108 _get_initial_narrow_environment
0x1403a6110 _initterm
0x1403a6118 _initialize_onexit_table
0x1403a6120 _beginthreadex
0x1403a6128 _initterm_e
0x1403a6130 exit
0x1403a6138 _exit
0x1403a6140 terminate
0x1403a6148 abort
0x1403a6150 __p___argc
0x1403a6158 __p___argv
0x1403a6160 _cexit
0x1403a6168 _c_exit
0x1403a6170 _register_onexit_function
0x1403a6178 _register_thread_local_exe_atexit_callback
0x1403a6180 _crt_atexit
0x1403a6188 _initialize_narrow_environment
0x1403a6190 _set_app_type
api-ms-win-crt-stdio-l1-1-0.dll
0x1403a61a0 __p__commode
0x1403a61a8 _set_fmode
api-ms-win-crt-locale-l1-1-0.dll
0x1403a6098 _configthreadlocale
EAT(Export Address Table) is none