ScreenShot
| Created | 2024.08.10 12:30 | Machine | s1_win7_x6403 |
| Filename | file.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 23 detected (OpenSUpdater, malicious, Attribute, HighConfidence, Artemis, AdwareX, CLOUD, Generic Reputation PUA, GrayWare, SpecialSearchOffer) | ||
| md5 | 364045dcd335ffd17f48a8cf5f816a01 | ||
| sha256 | dc5b6ebcf502935ed2c0b4258eb13ff403efc8b97fe562e96a3dc1c7451db76b | ||
| ssdeep | 196608:t1cCA+KNn9QK7FQZDJLla35CKFdu9CwJsv6t0KAnag:t1cDPQca1JA3YKFdu9CwJsv6ti1 | ||
| imphash | befcc5e78c31ef8066362d4d7e2c6722 | ||
| impfuzzy | 192:fy+56P556vnkiJp+Zda5FAWBdLUcjAFu1UNeCMvUEwQWgBXd4iiBNd:F0PP6fJp+ZADbBdocj2uU7 | ||
Network IP location
Signature (7cnts)
| Level | Description |
|---|---|
| warning | File has been identified by 23 AntiVirus engines on VirusTotal as malicious |
| watch | Attempts to create or modify system certificates |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Performs some HTTP requests |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
PE API
IAT(Import Address Table) Library
IMM32.dll
0xd87154 ImmReleaseContext
0xd87158 ImmGetOpenStatus
0xd8715c ImmSetCandidateWindow
0xd87160 ImmNotifyIME
0xd87164 ImmAssociateContextEx
0xd87168 ImmGetContext
0xd8716c ImmGetCompositionStringW
0xd87170 ImmGetVirtualKey
0xd87174 ImmGetDefaultIMEWnd
0xd87178 ImmAssociateContext
0xd8717c ImmSetCompositionWindow
OLEAUT32.dll
0xd87480 SysAllocString
0xd87484 SafeArrayCreateVector
0xd87488 SysFreeString
0xd8748c SafeArrayPutElement
WTSAPI32.dll
0xd87814 WTSQuerySessionInformationW
0xd87818 WTSFreeMemory
dwmapi.dll
0xd87828 DwmEnableBlurBehindWindow
0xd8782c DwmGetWindowAttribute
0xd87830 DwmSetWindowAttribute
0xd87834 DwmIsCompositionEnabled
UxTheme.dll
0xd87720 IsAppThemed
0xd87724 GetThemePartSize
0xd87728 GetThemeMargins
0xd8772c OpenThemeData
0xd87730 IsThemeBackgroundPartiallyTransparent
0xd87734 CloseThemeData
0xd87738 GetThemeBackgroundRegion
0xd8773c GetCurrentThemeName
0xd87740 GetThemeTransitionDuration
0xd87744 SetWindowTheme
0xd87748 GetThemePropertyOrigin
0xd8774c GetThemeColor
0xd87750 GetThemeInt
0xd87754 GetThemeBool
0xd87758 GetThemeEnumValue
0xd8775c None
0xd87760 IsThemeActive
GDI32.dll
0xd870a8 DeleteDC
0xd870ac GdiFlush
0xd870b0 CreateDCW
0xd870b4 GetTextMetricsW
0xd870b8 GetBitmapBits
0xd870bc SetGraphicsMode
0xd870c0 RemoveFontResourceExW
0xd870c4 GetDIBits
0xd870c8 RemoveFontMemResourceEx
0xd870cc GetTextFaceW
0xd870d0 DeleteObject
0xd870d4 SetBkMode
0xd870d8 GetStockObject
0xd870dc BitBlt
0xd870e0 CreateCompatibleDC
0xd870e4 CreateRectRgn
0xd870e8 OffsetRgn
0xd870ec ExtTextOutW
0xd870f0 GetCharABCWidthsW
0xd870f4 GetCharABCWidthsFloatW
0xd870f8 AddFontResourceExW
0xd870fc GetGlyphOutlineW
0xd87100 SelectObject
0xd87104 GetObjectW
0xd87108 GetCharABCWidthsI
0xd8710c CreateDIBSection
0xd87110 GetRegionData
0xd87114 GetOutlineTextMetricsW
0xd87118 SetLayout
0xd8711c SelectClipRgn
0xd87120 AddFontMemResourceEx
0xd87124 GetDeviceCaps
0xd87128 SetTextColor
0xd8712c EnumFontFamiliesExW
0xd87130 SetWorldTransform
0xd87134 CreateBitmap
0xd87138 CombineRgn
0xd8713c GetFontData
0xd87140 GetTextExtentPoint32W
0xd87144 SetTextAlign
0xd87148 CreateCompatibleBitmap
0xd8714c CreateFontIndirectW
DNSAPI.dll
0xd8709c DnsQuery_W
0xd870a0 DnsFree
IPHLPAPI.DLL
0xd87184 GetAdaptersAddresses
0xd87188 ConvertInterfaceLuidToIndex
0xd8718c ConvertInterfaceLuidToNameW
0xd87190 ConvertInterfaceNameToLuidW
0xd87194 ConvertInterfaceIndexToLuid
0xd87198 ConvertInterfaceLuidToGuid
WS2_32.dll
0xd87788 WSAConnect
0xd8778c WSANtohl
0xd87790 WSASend
0xd87794 recv
0xd87798 send
0xd8779c freeaddrinfo
0xd877a0 WSAStartup
0xd877a4 WSACleanup
0xd877a8 WSARecv
0xd877ac WSASendTo
0xd877b0 WSASocketW
0xd877b4 getaddrinfo
0xd877b8 WSANtohs
0xd877bc WSAIoctl
0xd877c0 WSAGetLastError
0xd877c4 WSARecvFrom
0xd877c8 WSASetLastError
0xd877cc gethostname
0xd877d0 WSAAsyncSelect
0xd877d4 setsockopt
0xd877d8 select
0xd877dc listen
0xd877e0 htons
0xd877e4 getsockname
0xd877e8 getpeername
0xd877ec closesocket
0xd877f0 ind
0xd877f4 __WSAFDIsSet
0xd877f8 getsockopt
0xd877fc WSAAccept
0xd87800 getnameinfo
0xd87804 WSAHtonl
0xd87808 ntohl
0xd8780c htonl
CRYPT32.dll
0xd87074 CertCloseStore
0xd87078 CertOpenSystemStoreW
0xd8707c CertFreeCertificateChain
0xd87080 CertGetCertificateChain
0xd87084 CertCreateCertificateContext
0xd87088 CertAddCertificateContextToStore
0xd8708c CertFreeCertificateContext
0xd87090 CertFindCertificateInStore
0xd87094 CertOpenStore
USERENV.dll
0xd87718 GetUserProfileDirectoryW
ADVAPI32.dll
0xd87000 FreeSid
0xd87004 RegFlushKey
0xd87008 GetTokenInformation
0xd8700c RegCloseKey
0xd87010 SystemFunction036
0xd87014 AccessCheck
0xd87018 RegSetValueExW
0xd8701c RegOpenKeyExW
0xd87020 GetNamedSecurityInfoW
0xd87024 GetEffectiveRightsFromAclW
0xd87028 RegQueryValueExW
0xd8702c MapGenericMask
0xd87030 GetLengthSid
0xd87034 AllocateAndInitializeSid
0xd87038 RegEnumKeyExW
0xd8703c GetSidSubAuthorityCount
0xd87040 RegQueryInfoKeyW
0xd87044 BuildTrusteeWithSidW
0xd87048 RegNotifyChangeKeyValue
0xd8704c RegCreateKeyExW
0xd87050 RegDeleteKeyW
0xd87054 CopySid
0xd87058 GetSidSubAuthority
0xd8705c RegDeleteValueW
0xd87060 LookupAccountSidW
0xd87064 OpenProcessToken
0xd87068 RegEnumValueW
0xd8706c DuplicateToken
KERNEL32.dll
0xd871a0 GetConsoleOutputCP
0xd871a4 GetACP
0xd871a8 SystemTimeToFileTime
0xd871ac SetFilePointerEx
0xd871b0 GlobalUnlock
0xd871b4 VirtualFree
0xd871b8 GetProcAddress
0xd871bc GetCurrentThread
0xd871c0 GetModuleHandleExW
0xd871c4 SystemTimeToTzSpecificLocalTime
0xd871c8 TlsFree
0xd871cc GetSystemInfo
0xd871d0 GetFileSize
0xd871d4 MoveFileExW
0xd871d8 TzSpecificLocalTimeToSystemTime
0xd871dc LeaveCriticalSection
0xd871e0 UnhandledExceptionFilter
0xd871e4 IsDebuggerPresent
0xd871e8 RtlUnwind
0xd871ec SetHandleInformation
0xd871f0 SetLastError
0xd871f4 IsValidCodePage
0xd871f8 GetFullPathNameW
0xd871fc GetLocaleInfoW
0xd87200 SetEndOfFile
0xd87204 GetDateFormatW
0xd87208 GetLongPathNameW
0xd8720c WaitForSingleObject
0xd87210 FreeLibraryAndExitThread
0xd87214 GetGeoInfoW
0xd87218 FindNextChangeNotification
0xd8721c EnumSystemLocalesW
0xd87220 GetFileAttributesExW
0xd87224 FindCloseChangeNotification
0xd87228 GetDriveTypeW
0xd8722c GetCPInfo
0xd87230 GlobalLock
0xd87234 ReadFile
0xd87238 Sleep
0xd8723c GetUserGeoID
0xd87240 LCMapStringW
0xd87244 TlsSetValue
0xd87248 GetTickCount
0xd8724c ExitProcess
0xd87250 CreateDirectoryW
0xd87254 SetUnhandledExceptionFilter
0xd87258 GetExitCodeProcess
0xd8725c LCMapStringEx
0xd87260 GetModuleHandleW
0xd87264 GetUserPreferredUILanguages
0xd87268 GetConsoleWindow
0xd8726c HeapFree
0xd87270 GetModuleFileNameW
0xd87274 DeleteFiber
0xd87278 FileTimeToSystemTime
0xd8727c ConvertFiberToThread
0xd87280 SetEnvironmentVariableW
0xd87284 FindFirstFileW
0xd87288 TlsGetValue
0xd8728c QueryPerformanceCounter
0xd87290 RaiseException
0xd87294 TerminateThread
0xd87298 CreateFiber
0xd8729c GetTimeZoneInformation
0xd872a0 WriteFile
0xd872a4 GetVolumeInformationW
0xd872a8 LoadLibraryW
0xd872ac FreeLibrary
0xd872b0 GetVolumePathNamesForVolumeNameW
0xd872b4 PeekNamedPipe
0xd872b8 DecodePointer
0xd872bc IsProcessorFeaturePresent
0xd872c0 GetLocalTime
0xd872c4 InitializeCriticalSectionEx
0xd872c8 GetLastError
0xd872cc HeapSize
0xd872d0 UnregisterWaitEx
0xd872d4 FindFirstFileExW
0xd872d8 TlsAlloc
0xd872dc GetStartupInfoW
0xd872e0 GetThreadPriority
0xd872e4 MoveFileW
0xd872e8 OutputDebugStringW
0xd872ec MapViewOfFile
0xd872f0 SetThreadPriority
0xd872f4 RegisterWaitForSingleObject
0xd872f8 ReadConsoleA
0xd872fc CheckRemoteDebuggerPresent
0xd87300 GetFileInformationByHandle
0xd87304 GetCurrentThreadId
0xd87308 ExitThread
0xd8730c WaitForMultipleObjects
0xd87310 FlushFileBuffers
0xd87314 GetFileSizeEx
0xd87318 lstrcmpW
0xd8731c CopyFileW
0xd87320 SetConsoleCtrlHandler
0xd87324 GetOEMCP
0xd87328 GetProcessHeap
0xd8732c GetFileInformationByHandleEx
0xd87330 SetConsoleMode
0xd87334 GetCurrentProcess
0xd87338 HeapAlloc
0xd8733c GlobalFree
0xd87340 EncodePointer
0xd87344 GetTickCount64
0xd87348 FormatMessageW
0xd8734c InitializeSListHead
0xd87350 CompareStringEx
0xd87354 InitializeCriticalSectionAndSpinCount
0xd87358 EnterCriticalSection
0xd8735c GetUserDefaultLCID
0xd87360 FindFirstChangeNotificationW
0xd87364 WaitForSingleObjectEx
0xd87368 WTSGetActiveConsoleSessionId
0xd8736c SwitchToFiber
0xd87370 ResetEvent
0xd87374 WriteConsoleW
0xd87378 GetStdHandle
0xd8737c ConvertThreadToFiber
0xd87380 CreateEventW
0xd87384 GetConsoleMode
0xd87388 FreeEnvironmentStringsW
0xd8738c QueryPerformanceFrequency
0xd87390 CreateProcessW
0xd87394 UnmapViewOfFile
0xd87398 GlobalSize
0xd8739c ExpandEnvironmentStringsW
0xd873a0 TerminateProcess
0xd873a4 HeapReAlloc
0xd873a8 LocalFree
0xd873ac GetUserDefaultLocaleName
0xd873b0 GlobalAlloc
0xd873b4 IsValidLocale
0xd873b8 GetTempPathW
0xd873bc WideCharToMultiByte
0xd873c0 CompareStringW
0xd873c4 DeleteFileW
0xd873c8 GetLogicalDrives
0xd873cc GetCommandLineW
0xd873d0 LocalAlloc
0xd873d4 GetFileAttributesW
0xd873d8 CreateFileW
0xd873dc ResumeThread
0xd873e0 GetEnvironmentVariableW
0xd873e4 GetUserDefaultLangID
0xd873e8 LoadLibraryExW
0xd873ec GetCurrentProcessId
0xd873f0 GetCurrentDirectoryW
0xd873f4 ReadConsoleW
0xd873f8 GetStringTypeW
0xd873fc GetFileType
0xd87400 SetFileAttributesW
0xd87404 OpenProcess
0xd87408 DeleteCriticalSection
0xd8740c GetTimeFormatW
0xd87410 CreateMutexA
0xd87414 DeviceIoControl
0xd87418 ReleaseMutex
0xd8741c CreateThread
0xd87420 CreateFileMappingW
0xd87424 RemoveDirectoryW
0xd87428 FindNextFileW
0xd8742c GetSystemDirectoryW
0xd87430 InitializeCriticalSection
0xd87434 SetFileTime
0xd87438 SetErrorMode
0xd8743c DuplicateHandle
0xd87440 SetEvent
0xd87444 GetCurrencyFormatW
0xd87448 GetSystemTimeAsFileTime
0xd8744c SetStdHandle
0xd87450 GetCommandLineA
0xd87454 VirtualAlloc
0xd87458 GetSystemTime
0xd8745c LoadLibraryA
0xd87460 MultiByteToWideChar
0xd87464 GetEnvironmentStringsW
0xd87468 FindClose
0xd8746c CloseHandle
NETAPI32.dll
0xd87474 NetApiBufferFree
0xd87478 NetShareEnum
ole32.dll
0xd8783c OleInitialize
0xd87840 OleIsCurrentClipboard
0xd87844 OleFlushClipboard
0xd87848 CoInitialize
0xd8784c DoDragDrop
0xd87850 CoTaskMemFree
0xd87854 StringFromGUID2
0xd87858 CoLockObjectExternal
0xd8785c RevokeDragDrop
0xd87860 ReleaseStgMedium
0xd87864 OleGetClipboard
0xd87868 CoCreateGuid
0xd8786c OleUninitialize
0xd87870 CoInitializeEx
0xd87874 CoUninitialize
0xd87878 CoGetMalloc
0xd8787c CoCreateInstance
0xd87880 OleSetClipboard
0xd87884 RegisterDragDrop
SHELL32.dll
0xd87494 Shell_NotifyIconGetRect
0xd87498 SHGetSpecialFolderPathW
0xd8749c CommandLineToArgvW
0xd874a0 SHGetStockIconInfo
0xd874a4 ShellExecuteW
0xd874a8 SHCreateItemFromParsingName
0xd874ac SHBrowseForFolderW
0xd874b0 None
0xd874b4 Shell_NotifyIconW
0xd874b8 SHGetKnownFolderIDList
0xd874bc SHGetMalloc
0xd874c0 SHGetPathFromIDListW
0xd874c4 SHGetKnownFolderPath
0xd874c8 SHGetFileInfoW
0xd874cc SHCreateItemFromIDList
USER32.dll
0xd874d4 CreateCaret
0xd874d8 HideCaret
0xd874dc AttachThreadInput
0xd874e0 RegisterClipboardFormatW
0xd874e4 UpdateLayeredWindowIndirect
0xd874e8 CreateMenu
0xd874ec DestroyCursor
0xd874f0 RealGetWindowClassW
0xd874f4 CloseTouchInputHandle
0xd874f8 GetForegroundWindow
0xd874fc UnregisterClassW
0xd87500 TrackMouseEvent
0xd87504 GetClipboardFormatNameW
0xd87508 EnumDisplayDevicesW
0xd8750c SetWindowRgn
0xd87510 CreatePopupMenu
0xd87514 SetCaretPos
0xd87518 ReleaseCapture
0xd8751c IsZoomed
0xd87520 ToAscii
0xd87524 DestroyIcon
0xd87528 LoadIconW
0xd8752c SetCursor
0xd87530 SystemParametersInfoW
0xd87534 SetWindowTextW
0xd87538 GetKeyboardLayout
0xd8753c UnregisterTouchWindow
0xd87540 LoadCursorW
0xd87544 GetWindow
0xd87548 GetClientRect
0xd8754c EnumDisplayMonitors
0xd87550 BeginPaint
0xd87554 MessageBoxW
0xd87558 ToUnicode
0xd8755c CharNextExA
0xd87560 GetCursor
0xd87564 GetParent
0xd87568 SetMenu
0xd8756c AppendMenuW
0xd87570 PostMessageW
0xd87574 ChildWindowFromPointEx
0xd87578 WindowFromPoint
0xd8757c TrackPopupMenu
0xd87580 IsChild
0xd87584 GetDC
0xd87588 CreateWindowExW
0xd8758c SetWindowPlacement
0xd87590 GetCapture
0xd87594 GetSysColorBrush
0xd87598 TrackPopupMenuEx
0xd8759c LoadImageW
0xd875a0 InvalidateRect
0xd875a4 UnregisterPowerSettingNotification
0xd875a8 CreateIconIndirect
0xd875ac EnumWindows
0xd875b0 RegisterClassExW
0xd875b4 DestroyMenu
0xd875b8 GetDisplayConfigBufferSizes
0xd875bc MsgWaitForMultipleObjectsEx
0xd875c0 MoveWindow
0xd875c4 GetQueueStatus
0xd875c8 ScreenToClient
0xd875cc ModifyMenuW
0xd875d0 GetFocus
0xd875d4 GetKeyState
0xd875d8 MonitorFromPoint
0xd875dc MonitorFromWindow
0xd875e0 SetTimer
0xd875e4 DisplayConfigGetDeviceInfo
0xd875e8 DrawIconEx
0xd875ec GetAsyncKeyState
0xd875f0 GetClassInfoW
0xd875f4 AdjustWindowRectEx
0xd875f8 GetSystemMenu
0xd875fc GetDoubleClickTime
0xd87600 SetParent
0xd87604 ShowCaret
0xd87608 GetDesktopWindow
0xd8760c SetCapture
0xd87610 InsertMenuW
0xd87614 SetWindowPos
0xd87618 DefWindowProcW
0xd8761c ClientToScreen
0xd87620 RegisterTouchWindow
0xd87624 UpdateLayeredWindow
0xd87628 DestroyCaret
0xd8762c MessageBeep
0xd87630 EndPaint
0xd87634 ReleaseDC
0xd87638 GetMessageExtraInfo
0xd8763c SetClipboardViewer
0xd87640 GetWindowRect
0xd87644 IsHungAppWindow
0xd87648 IsIconic
0xd8764c DispatchMessageW
0xd87650 GetSystemMetrics
0xd87654 GetKeyboardState
0xd87658 GetUpdateRect
0xd8765c FindWindowA
0xd87660 PeekMessageW
0xd87664 RegisterPowerSettingNotification
0xd87668 KillTimer
0xd8766c SetForegroundWindow
0xd87670 DrawMenuBar
0xd87674 GetAncestor
0xd87678 ShowWindow
0xd8767c GetWindowTextW
0xd87680 GetWindowLongW
0xd87684 GetSysColor
0xd87688 ChangeClipboardChain
0xd8768c DestroyWindow
0xd87690 GetCursorPos
0xd87694 SetMenuItemInfoW
0xd87698 TranslateMessage
0xd8769c UnregisterDeviceNotification
0xd876a0 IsWindowEnabled
0xd876a4 GetMonitorInfoW
0xd876a8 IsWindow
0xd876ac GetMenuItemInfoW
0xd876b0 RegisterClassW
0xd876b4 IsWindowVisible
0xd876b8 ChangeWindowMessageFilterEx
0xd876bc QueryDisplayConfig
0xd876c0 SetCursorPos
0xd876c4 SendMessageW
0xd876c8 EnableMenuItem
0xd876cc GetKeyboardLayoutList
0xd876d0 RegisterWindowMessageW
0xd876d4 RemoveMenu
0xd876d8 FlashWindowEx
0xd876dc GetTouchInputInfo
0xd876e0 GetCaretBlinkTime
0xd876e4 GetMenu
0xd876e8 GetIconInfo
0xd876ec SetLayeredWindowAttributes
0xd876f0 GetCursorInfo
0xd876f4 MapVirtualKeyW
0xd876f8 CreateCursor
0xd876fc SetWindowLongW
0xd87700 GetWindowThreadProcessId
0xd87704 SetFocus
0xd87708 GetWindowPlacement
0xd8770c RegisterDeviceNotificationW
0xd87710 IsTouchWindow
VERSION.dll
0xd87768 GetFileVersionInfoW
0xd8776c VerQueryValueW
0xd87770 GetFileVersionInfoSizeW
WINMM.dll
0xd87778 PlaySoundW
0xd8777c timeKillEvent
0xd87780 timeSetEvent
crypt.dll
0xd87820 BCryptGenRandom
EAT(Export Address Table) is none
IMM32.dll
0xd87154 ImmReleaseContext
0xd87158 ImmGetOpenStatus
0xd8715c ImmSetCandidateWindow
0xd87160 ImmNotifyIME
0xd87164 ImmAssociateContextEx
0xd87168 ImmGetContext
0xd8716c ImmGetCompositionStringW
0xd87170 ImmGetVirtualKey
0xd87174 ImmGetDefaultIMEWnd
0xd87178 ImmAssociateContext
0xd8717c ImmSetCompositionWindow
OLEAUT32.dll
0xd87480 SysAllocString
0xd87484 SafeArrayCreateVector
0xd87488 SysFreeString
0xd8748c SafeArrayPutElement
WTSAPI32.dll
0xd87814 WTSQuerySessionInformationW
0xd87818 WTSFreeMemory
dwmapi.dll
0xd87828 DwmEnableBlurBehindWindow
0xd8782c DwmGetWindowAttribute
0xd87830 DwmSetWindowAttribute
0xd87834 DwmIsCompositionEnabled
UxTheme.dll
0xd87720 IsAppThemed
0xd87724 GetThemePartSize
0xd87728 GetThemeMargins
0xd8772c OpenThemeData
0xd87730 IsThemeBackgroundPartiallyTransparent
0xd87734 CloseThemeData
0xd87738 GetThemeBackgroundRegion
0xd8773c GetCurrentThemeName
0xd87740 GetThemeTransitionDuration
0xd87744 SetWindowTheme
0xd87748 GetThemePropertyOrigin
0xd8774c GetThemeColor
0xd87750 GetThemeInt
0xd87754 GetThemeBool
0xd87758 GetThemeEnumValue
0xd8775c None
0xd87760 IsThemeActive
GDI32.dll
0xd870a8 DeleteDC
0xd870ac GdiFlush
0xd870b0 CreateDCW
0xd870b4 GetTextMetricsW
0xd870b8 GetBitmapBits
0xd870bc SetGraphicsMode
0xd870c0 RemoveFontResourceExW
0xd870c4 GetDIBits
0xd870c8 RemoveFontMemResourceEx
0xd870cc GetTextFaceW
0xd870d0 DeleteObject
0xd870d4 SetBkMode
0xd870d8 GetStockObject
0xd870dc BitBlt
0xd870e0 CreateCompatibleDC
0xd870e4 CreateRectRgn
0xd870e8 OffsetRgn
0xd870ec ExtTextOutW
0xd870f0 GetCharABCWidthsW
0xd870f4 GetCharABCWidthsFloatW
0xd870f8 AddFontResourceExW
0xd870fc GetGlyphOutlineW
0xd87100 SelectObject
0xd87104 GetObjectW
0xd87108 GetCharABCWidthsI
0xd8710c CreateDIBSection
0xd87110 GetRegionData
0xd87114 GetOutlineTextMetricsW
0xd87118 SetLayout
0xd8711c SelectClipRgn
0xd87120 AddFontMemResourceEx
0xd87124 GetDeviceCaps
0xd87128 SetTextColor
0xd8712c EnumFontFamiliesExW
0xd87130 SetWorldTransform
0xd87134 CreateBitmap
0xd87138 CombineRgn
0xd8713c GetFontData
0xd87140 GetTextExtentPoint32W
0xd87144 SetTextAlign
0xd87148 CreateCompatibleBitmap
0xd8714c CreateFontIndirectW
DNSAPI.dll
0xd8709c DnsQuery_W
0xd870a0 DnsFree
IPHLPAPI.DLL
0xd87184 GetAdaptersAddresses
0xd87188 ConvertInterfaceLuidToIndex
0xd8718c ConvertInterfaceLuidToNameW
0xd87190 ConvertInterfaceNameToLuidW
0xd87194 ConvertInterfaceIndexToLuid
0xd87198 ConvertInterfaceLuidToGuid
WS2_32.dll
0xd87788 WSAConnect
0xd8778c WSANtohl
0xd87790 WSASend
0xd87794 recv
0xd87798 send
0xd8779c freeaddrinfo
0xd877a0 WSAStartup
0xd877a4 WSACleanup
0xd877a8 WSARecv
0xd877ac WSASendTo
0xd877b0 WSASocketW
0xd877b4 getaddrinfo
0xd877b8 WSANtohs
0xd877bc WSAIoctl
0xd877c0 WSAGetLastError
0xd877c4 WSARecvFrom
0xd877c8 WSASetLastError
0xd877cc gethostname
0xd877d0 WSAAsyncSelect
0xd877d4 setsockopt
0xd877d8 select
0xd877dc listen
0xd877e0 htons
0xd877e4 getsockname
0xd877e8 getpeername
0xd877ec closesocket
0xd877f0 ind
0xd877f4 __WSAFDIsSet
0xd877f8 getsockopt
0xd877fc WSAAccept
0xd87800 getnameinfo
0xd87804 WSAHtonl
0xd87808 ntohl
0xd8780c htonl
CRYPT32.dll
0xd87074 CertCloseStore
0xd87078 CertOpenSystemStoreW
0xd8707c CertFreeCertificateChain
0xd87080 CertGetCertificateChain
0xd87084 CertCreateCertificateContext
0xd87088 CertAddCertificateContextToStore
0xd8708c CertFreeCertificateContext
0xd87090 CertFindCertificateInStore
0xd87094 CertOpenStore
USERENV.dll
0xd87718 GetUserProfileDirectoryW
ADVAPI32.dll
0xd87000 FreeSid
0xd87004 RegFlushKey
0xd87008 GetTokenInformation
0xd8700c RegCloseKey
0xd87010 SystemFunction036
0xd87014 AccessCheck
0xd87018 RegSetValueExW
0xd8701c RegOpenKeyExW
0xd87020 GetNamedSecurityInfoW
0xd87024 GetEffectiveRightsFromAclW
0xd87028 RegQueryValueExW
0xd8702c MapGenericMask
0xd87030 GetLengthSid
0xd87034 AllocateAndInitializeSid
0xd87038 RegEnumKeyExW
0xd8703c GetSidSubAuthorityCount
0xd87040 RegQueryInfoKeyW
0xd87044 BuildTrusteeWithSidW
0xd87048 RegNotifyChangeKeyValue
0xd8704c RegCreateKeyExW
0xd87050 RegDeleteKeyW
0xd87054 CopySid
0xd87058 GetSidSubAuthority
0xd8705c RegDeleteValueW
0xd87060 LookupAccountSidW
0xd87064 OpenProcessToken
0xd87068 RegEnumValueW
0xd8706c DuplicateToken
KERNEL32.dll
0xd871a0 GetConsoleOutputCP
0xd871a4 GetACP
0xd871a8 SystemTimeToFileTime
0xd871ac SetFilePointerEx
0xd871b0 GlobalUnlock
0xd871b4 VirtualFree
0xd871b8 GetProcAddress
0xd871bc GetCurrentThread
0xd871c0 GetModuleHandleExW
0xd871c4 SystemTimeToTzSpecificLocalTime
0xd871c8 TlsFree
0xd871cc GetSystemInfo
0xd871d0 GetFileSize
0xd871d4 MoveFileExW
0xd871d8 TzSpecificLocalTimeToSystemTime
0xd871dc LeaveCriticalSection
0xd871e0 UnhandledExceptionFilter
0xd871e4 IsDebuggerPresent
0xd871e8 RtlUnwind
0xd871ec SetHandleInformation
0xd871f0 SetLastError
0xd871f4 IsValidCodePage
0xd871f8 GetFullPathNameW
0xd871fc GetLocaleInfoW
0xd87200 SetEndOfFile
0xd87204 GetDateFormatW
0xd87208 GetLongPathNameW
0xd8720c WaitForSingleObject
0xd87210 FreeLibraryAndExitThread
0xd87214 GetGeoInfoW
0xd87218 FindNextChangeNotification
0xd8721c EnumSystemLocalesW
0xd87220 GetFileAttributesExW
0xd87224 FindCloseChangeNotification
0xd87228 GetDriveTypeW
0xd8722c GetCPInfo
0xd87230 GlobalLock
0xd87234 ReadFile
0xd87238 Sleep
0xd8723c GetUserGeoID
0xd87240 LCMapStringW
0xd87244 TlsSetValue
0xd87248 GetTickCount
0xd8724c ExitProcess
0xd87250 CreateDirectoryW
0xd87254 SetUnhandledExceptionFilter
0xd87258 GetExitCodeProcess
0xd8725c LCMapStringEx
0xd87260 GetModuleHandleW
0xd87264 GetUserPreferredUILanguages
0xd87268 GetConsoleWindow
0xd8726c HeapFree
0xd87270 GetModuleFileNameW
0xd87274 DeleteFiber
0xd87278 FileTimeToSystemTime
0xd8727c ConvertFiberToThread
0xd87280 SetEnvironmentVariableW
0xd87284 FindFirstFileW
0xd87288 TlsGetValue
0xd8728c QueryPerformanceCounter
0xd87290 RaiseException
0xd87294 TerminateThread
0xd87298 CreateFiber
0xd8729c GetTimeZoneInformation
0xd872a0 WriteFile
0xd872a4 GetVolumeInformationW
0xd872a8 LoadLibraryW
0xd872ac FreeLibrary
0xd872b0 GetVolumePathNamesForVolumeNameW
0xd872b4 PeekNamedPipe
0xd872b8 DecodePointer
0xd872bc IsProcessorFeaturePresent
0xd872c0 GetLocalTime
0xd872c4 InitializeCriticalSectionEx
0xd872c8 GetLastError
0xd872cc HeapSize
0xd872d0 UnregisterWaitEx
0xd872d4 FindFirstFileExW
0xd872d8 TlsAlloc
0xd872dc GetStartupInfoW
0xd872e0 GetThreadPriority
0xd872e4 MoveFileW
0xd872e8 OutputDebugStringW
0xd872ec MapViewOfFile
0xd872f0 SetThreadPriority
0xd872f4 RegisterWaitForSingleObject
0xd872f8 ReadConsoleA
0xd872fc CheckRemoteDebuggerPresent
0xd87300 GetFileInformationByHandle
0xd87304 GetCurrentThreadId
0xd87308 ExitThread
0xd8730c WaitForMultipleObjects
0xd87310 FlushFileBuffers
0xd87314 GetFileSizeEx
0xd87318 lstrcmpW
0xd8731c CopyFileW
0xd87320 SetConsoleCtrlHandler
0xd87324 GetOEMCP
0xd87328 GetProcessHeap
0xd8732c GetFileInformationByHandleEx
0xd87330 SetConsoleMode
0xd87334 GetCurrentProcess
0xd87338 HeapAlloc
0xd8733c GlobalFree
0xd87340 EncodePointer
0xd87344 GetTickCount64
0xd87348 FormatMessageW
0xd8734c InitializeSListHead
0xd87350 CompareStringEx
0xd87354 InitializeCriticalSectionAndSpinCount
0xd87358 EnterCriticalSection
0xd8735c GetUserDefaultLCID
0xd87360 FindFirstChangeNotificationW
0xd87364 WaitForSingleObjectEx
0xd87368 WTSGetActiveConsoleSessionId
0xd8736c SwitchToFiber
0xd87370 ResetEvent
0xd87374 WriteConsoleW
0xd87378 GetStdHandle
0xd8737c ConvertThreadToFiber
0xd87380 CreateEventW
0xd87384 GetConsoleMode
0xd87388 FreeEnvironmentStringsW
0xd8738c QueryPerformanceFrequency
0xd87390 CreateProcessW
0xd87394 UnmapViewOfFile
0xd87398 GlobalSize
0xd8739c ExpandEnvironmentStringsW
0xd873a0 TerminateProcess
0xd873a4 HeapReAlloc
0xd873a8 LocalFree
0xd873ac GetUserDefaultLocaleName
0xd873b0 GlobalAlloc
0xd873b4 IsValidLocale
0xd873b8 GetTempPathW
0xd873bc WideCharToMultiByte
0xd873c0 CompareStringW
0xd873c4 DeleteFileW
0xd873c8 GetLogicalDrives
0xd873cc GetCommandLineW
0xd873d0 LocalAlloc
0xd873d4 GetFileAttributesW
0xd873d8 CreateFileW
0xd873dc ResumeThread
0xd873e0 GetEnvironmentVariableW
0xd873e4 GetUserDefaultLangID
0xd873e8 LoadLibraryExW
0xd873ec GetCurrentProcessId
0xd873f0 GetCurrentDirectoryW
0xd873f4 ReadConsoleW
0xd873f8 GetStringTypeW
0xd873fc GetFileType
0xd87400 SetFileAttributesW
0xd87404 OpenProcess
0xd87408 DeleteCriticalSection
0xd8740c GetTimeFormatW
0xd87410 CreateMutexA
0xd87414 DeviceIoControl
0xd87418 ReleaseMutex
0xd8741c CreateThread
0xd87420 CreateFileMappingW
0xd87424 RemoveDirectoryW
0xd87428 FindNextFileW
0xd8742c GetSystemDirectoryW
0xd87430 InitializeCriticalSection
0xd87434 SetFileTime
0xd87438 SetErrorMode
0xd8743c DuplicateHandle
0xd87440 SetEvent
0xd87444 GetCurrencyFormatW
0xd87448 GetSystemTimeAsFileTime
0xd8744c SetStdHandle
0xd87450 GetCommandLineA
0xd87454 VirtualAlloc
0xd87458 GetSystemTime
0xd8745c LoadLibraryA
0xd87460 MultiByteToWideChar
0xd87464 GetEnvironmentStringsW
0xd87468 FindClose
0xd8746c CloseHandle
NETAPI32.dll
0xd87474 NetApiBufferFree
0xd87478 NetShareEnum
ole32.dll
0xd8783c OleInitialize
0xd87840 OleIsCurrentClipboard
0xd87844 OleFlushClipboard
0xd87848 CoInitialize
0xd8784c DoDragDrop
0xd87850 CoTaskMemFree
0xd87854 StringFromGUID2
0xd87858 CoLockObjectExternal
0xd8785c RevokeDragDrop
0xd87860 ReleaseStgMedium
0xd87864 OleGetClipboard
0xd87868 CoCreateGuid
0xd8786c OleUninitialize
0xd87870 CoInitializeEx
0xd87874 CoUninitialize
0xd87878 CoGetMalloc
0xd8787c CoCreateInstance
0xd87880 OleSetClipboard
0xd87884 RegisterDragDrop
SHELL32.dll
0xd87494 Shell_NotifyIconGetRect
0xd87498 SHGetSpecialFolderPathW
0xd8749c CommandLineToArgvW
0xd874a0 SHGetStockIconInfo
0xd874a4 ShellExecuteW
0xd874a8 SHCreateItemFromParsingName
0xd874ac SHBrowseForFolderW
0xd874b0 None
0xd874b4 Shell_NotifyIconW
0xd874b8 SHGetKnownFolderIDList
0xd874bc SHGetMalloc
0xd874c0 SHGetPathFromIDListW
0xd874c4 SHGetKnownFolderPath
0xd874c8 SHGetFileInfoW
0xd874cc SHCreateItemFromIDList
USER32.dll
0xd874d4 CreateCaret
0xd874d8 HideCaret
0xd874dc AttachThreadInput
0xd874e0 RegisterClipboardFormatW
0xd874e4 UpdateLayeredWindowIndirect
0xd874e8 CreateMenu
0xd874ec DestroyCursor
0xd874f0 RealGetWindowClassW
0xd874f4 CloseTouchInputHandle
0xd874f8 GetForegroundWindow
0xd874fc UnregisterClassW
0xd87500 TrackMouseEvent
0xd87504 GetClipboardFormatNameW
0xd87508 EnumDisplayDevicesW
0xd8750c SetWindowRgn
0xd87510 CreatePopupMenu
0xd87514 SetCaretPos
0xd87518 ReleaseCapture
0xd8751c IsZoomed
0xd87520 ToAscii
0xd87524 DestroyIcon
0xd87528 LoadIconW
0xd8752c SetCursor
0xd87530 SystemParametersInfoW
0xd87534 SetWindowTextW
0xd87538 GetKeyboardLayout
0xd8753c UnregisterTouchWindow
0xd87540 LoadCursorW
0xd87544 GetWindow
0xd87548 GetClientRect
0xd8754c EnumDisplayMonitors
0xd87550 BeginPaint
0xd87554 MessageBoxW
0xd87558 ToUnicode
0xd8755c CharNextExA
0xd87560 GetCursor
0xd87564 GetParent
0xd87568 SetMenu
0xd8756c AppendMenuW
0xd87570 PostMessageW
0xd87574 ChildWindowFromPointEx
0xd87578 WindowFromPoint
0xd8757c TrackPopupMenu
0xd87580 IsChild
0xd87584 GetDC
0xd87588 CreateWindowExW
0xd8758c SetWindowPlacement
0xd87590 GetCapture
0xd87594 GetSysColorBrush
0xd87598 TrackPopupMenuEx
0xd8759c LoadImageW
0xd875a0 InvalidateRect
0xd875a4 UnregisterPowerSettingNotification
0xd875a8 CreateIconIndirect
0xd875ac EnumWindows
0xd875b0 RegisterClassExW
0xd875b4 DestroyMenu
0xd875b8 GetDisplayConfigBufferSizes
0xd875bc MsgWaitForMultipleObjectsEx
0xd875c0 MoveWindow
0xd875c4 GetQueueStatus
0xd875c8 ScreenToClient
0xd875cc ModifyMenuW
0xd875d0 GetFocus
0xd875d4 GetKeyState
0xd875d8 MonitorFromPoint
0xd875dc MonitorFromWindow
0xd875e0 SetTimer
0xd875e4 DisplayConfigGetDeviceInfo
0xd875e8 DrawIconEx
0xd875ec GetAsyncKeyState
0xd875f0 GetClassInfoW
0xd875f4 AdjustWindowRectEx
0xd875f8 GetSystemMenu
0xd875fc GetDoubleClickTime
0xd87600 SetParent
0xd87604 ShowCaret
0xd87608 GetDesktopWindow
0xd8760c SetCapture
0xd87610 InsertMenuW
0xd87614 SetWindowPos
0xd87618 DefWindowProcW
0xd8761c ClientToScreen
0xd87620 RegisterTouchWindow
0xd87624 UpdateLayeredWindow
0xd87628 DestroyCaret
0xd8762c MessageBeep
0xd87630 EndPaint
0xd87634 ReleaseDC
0xd87638 GetMessageExtraInfo
0xd8763c SetClipboardViewer
0xd87640 GetWindowRect
0xd87644 IsHungAppWindow
0xd87648 IsIconic
0xd8764c DispatchMessageW
0xd87650 GetSystemMetrics
0xd87654 GetKeyboardState
0xd87658 GetUpdateRect
0xd8765c FindWindowA
0xd87660 PeekMessageW
0xd87664 RegisterPowerSettingNotification
0xd87668 KillTimer
0xd8766c SetForegroundWindow
0xd87670 DrawMenuBar
0xd87674 GetAncestor
0xd87678 ShowWindow
0xd8767c GetWindowTextW
0xd87680 GetWindowLongW
0xd87684 GetSysColor
0xd87688 ChangeClipboardChain
0xd8768c DestroyWindow
0xd87690 GetCursorPos
0xd87694 SetMenuItemInfoW
0xd87698 TranslateMessage
0xd8769c UnregisterDeviceNotification
0xd876a0 IsWindowEnabled
0xd876a4 GetMonitorInfoW
0xd876a8 IsWindow
0xd876ac GetMenuItemInfoW
0xd876b0 RegisterClassW
0xd876b4 IsWindowVisible
0xd876b8 ChangeWindowMessageFilterEx
0xd876bc QueryDisplayConfig
0xd876c0 SetCursorPos
0xd876c4 SendMessageW
0xd876c8 EnableMenuItem
0xd876cc GetKeyboardLayoutList
0xd876d0 RegisterWindowMessageW
0xd876d4 RemoveMenu
0xd876d8 FlashWindowEx
0xd876dc GetTouchInputInfo
0xd876e0 GetCaretBlinkTime
0xd876e4 GetMenu
0xd876e8 GetIconInfo
0xd876ec SetLayeredWindowAttributes
0xd876f0 GetCursorInfo
0xd876f4 MapVirtualKeyW
0xd876f8 CreateCursor
0xd876fc SetWindowLongW
0xd87700 GetWindowThreadProcessId
0xd87704 SetFocus
0xd87708 GetWindowPlacement
0xd8770c RegisterDeviceNotificationW
0xd87710 IsTouchWindow
VERSION.dll
0xd87768 GetFileVersionInfoW
0xd8776c VerQueryValueW
0xd87770 GetFileVersionInfoSizeW
WINMM.dll
0xd87778 PlaySoundW
0xd8777c timeKillEvent
0xd87780 timeSetEvent
crypt.dll
0xd87820 BCryptGenRandom
EAT(Export Address Table) is none