ScreenShot
| Created | 2024.08.19 14:56 | Machine | s1_win7_x6401 |
| Filename | POS_C081.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 10 detected (Midie, malicious, ai score=87) | ||
| md5 | 1ccf158942cdc89a6b0a2889b8448497 | ||
| sha256 | 678b1a589daa201b21e993e098e32927c190fe143a545b5d95a2f8d508285a73 | ||
| ssdeep | 24576:LKmQaAsIBb8/ShhGz4zxdZ9IPlRg4itiLR3+VA5uxWg5MCgym4PD:LWA+x/mHi8oR55PD | ||
| imphash | 649373440eb9c6c6b9aef768374d55c2 | ||
| impfuzzy | 192:f3ugG1alc0FGbuuEjSUvK9ugoaqlBtc7sPbOQadx:f3S1GAEo9YRnPbOQ4 | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 10 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Foreign language identified in PE resource |
| info | Checks amount of memory in system |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | DllRegisterServer_Zero | execute regsvr32.exe | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
kernel32.dll
0x558168 DeleteCriticalSection
0x55816c LeaveCriticalSection
0x558170 EnterCriticalSection
0x558174 InitializeCriticalSection
0x558178 VirtualFree
0x55817c VirtualAlloc
0x558180 LocalFree
0x558184 LocalAlloc
0x558188 GetVersion
0x55818c GetCurrentThreadId
0x558190 InterlockedDecrement
0x558194 InterlockedIncrement
0x558198 VirtualQuery
0x55819c WideCharToMultiByte
0x5581a0 MultiByteToWideChar
0x5581a4 lstrlenA
0x5581a8 lstrcpynA
0x5581ac LoadLibraryExA
0x5581b0 GetThreadLocale
0x5581b4 GetStartupInfoA
0x5581b8 GetProcAddress
0x5581bc GetModuleHandleA
0x5581c0 GetModuleFileNameA
0x5581c4 GetLocaleInfoA
0x5581c8 GetCommandLineA
0x5581cc FreeLibrary
0x5581d0 FindFirstFileA
0x5581d4 FindClose
0x5581d8 ExitProcess
0x5581dc ExitThread
0x5581e0 CreateThread
0x5581e4 WriteFile
0x5581e8 UnhandledExceptionFilter
0x5581ec RtlUnwind
0x5581f0 RaiseException
0x5581f4 GetStdHandle
user32.dll
0x5581fc GetKeyboardType
0x558200 LoadStringA
0x558204 MessageBoxA
0x558208 CharNextA
advapi32.dll
0x558210 RegQueryValueExA
0x558214 RegOpenKeyExA
0x558218 RegCloseKey
oleaut32.dll
0x558220 SysFreeString
0x558224 SysReAllocStringLen
0x558228 SysAllocStringLen
kernel32.dll
0x558230 TlsSetValue
0x558234 TlsGetValue
0x558238 LocalAlloc
0x55823c GetModuleHandleA
advapi32.dll
0x558244 RegQueryValueExA
0x558248 RegQueryValueA
0x55824c RegOpenKeyExA
0x558250 RegCloseKey
kernel32.dll
0x558258 lstrcpyA
0x55825c WriteFile
0x558260 WaitForSingleObject
0x558264 VirtualQuery
0x558268 VirtualAlloc
0x55826c Sleep
0x558270 SizeofResource
0x558274 SetThreadLocale
0x558278 SetFilePointer
0x55827c SetEvent
0x558280 SetErrorMode
0x558284 SetEndOfFile
0x558288 ResumeThread
0x55828c ResetEvent
0x558290 ReadFile
0x558294 MultiByteToWideChar
0x558298 MulDiv
0x55829c LockResource
0x5582a0 LoadResource
0x5582a4 LoadLibraryA
0x5582a8 LeaveCriticalSection
0x5582ac IsBadReadPtr
0x5582b0 InitializeCriticalSection
0x5582b4 GlobalUnlock
0x5582b8 GlobalSize
0x5582bc GlobalReAlloc
0x5582c0 GlobalHandle
0x5582c4 GlobalLock
0x5582c8 GlobalFree
0x5582cc GlobalFindAtomA
0x5582d0 GlobalDeleteAtom
0x5582d4 GlobalAlloc
0x5582d8 GlobalAddAtomA
0x5582dc GetVersionExA
0x5582e0 GetVersion
0x5582e4 GetTimeZoneInformation
0x5582e8 GetTickCount
0x5582ec GetThreadLocale
0x5582f0 GetTempPathA
0x5582f4 GetSystemInfo
0x5582f8 GetStringTypeExA
0x5582fc GetStdHandle
0x558300 GetProcAddress
0x558304 GetModuleHandleA
0x558308 GetModuleFileNameA
0x55830c GetLocaleInfoA
0x558310 GetLocalTime
0x558314 GetLastError
0x558318 GetFullPathNameA
0x55831c GetFileSize
0x558320 GetExitCodeThread
0x558324 GetDiskFreeSpaceA
0x558328 GetDateFormatA
0x55832c GetCurrentThreadId
0x558330 GetCurrentProcessId
0x558334 GetCPInfo
0x558338 GetACP
0x55833c FreeResource
0x558340 InterlockedIncrement
0x558344 InterlockedExchange
0x558348 InterlockedDecrement
0x55834c FreeLibrary
0x558350 FormatMessageA
0x558354 FindResourceA
0x558358 FindFirstFileA
0x55835c FindClose
0x558360 FileTimeToLocalFileTime
0x558364 FileTimeToDosDateTime
0x558368 EnumCalendarInfoA
0x55836c EnterCriticalSection
0x558370 DeleteCriticalSection
0x558374 CreateThread
0x558378 CreateFileA
0x55837c CreateEventA
0x558380 CompareStringA
0x558384 CloseHandle
version.dll
0x55838c VerQueryValueA
0x558390 GetFileVersionInfoSizeA
0x558394 GetFileVersionInfoA
gdi32.dll
0x55839c UnrealizeObject
0x5583a0 StretchBlt
0x5583a4 SetWindowOrgEx
0x5583a8 SetWindowExtEx
0x5583ac SetWinMetaFileBits
0x5583b0 SetViewportOrgEx
0x5583b4 SetViewportExtEx
0x5583b8 SetTextColor
0x5583bc SetStretchBltMode
0x5583c0 SetROP2
0x5583c4 SetPixel
0x5583c8 SetMapMode
0x5583cc SetEnhMetaFileBits
0x5583d0 SetDIBColorTable
0x5583d4 SetBrushOrgEx
0x5583d8 SetBkMode
0x5583dc SetBkColor
0x5583e0 SelectPalette
0x5583e4 SelectObject
0x5583e8 SelectClipRgn
0x5583ec SaveDC
0x5583f0 RoundRect
0x5583f4 RestoreDC
0x5583f8 Rectangle
0x5583fc RectVisible
0x558400 RealizePalette
0x558404 Polyline
0x558408 Polygon
0x55840c PolyPolyline
0x558410 PlayEnhMetaFile
0x558414 PatBlt
0x558418 MoveToEx
0x55841c MaskBlt
0x558420 LineTo
0x558424 LPtoDP
0x558428 IntersectClipRect
0x55842c GetWindowOrgEx
0x558430 GetWinMetaFileBits
0x558434 GetViewportOrgEx
0x558438 GetTextMetricsA
0x55843c GetTextExtentPointA
0x558440 GetTextExtentPoint32A
0x558444 GetSystemPaletteEntries
0x558448 GetStockObject
0x55844c GetPixel
0x558450 GetPaletteEntries
0x558454 GetOutlineTextMetricsA
0x558458 GetObjectA
0x55845c GetNearestColor
0x558460 GetEnhMetaFilePaletteEntries
0x558464 GetEnhMetaFileHeader
0x558468 GetEnhMetaFileBits
0x55846c GetDeviceCaps
0x558470 GetDIBits
0x558474 GetDIBColorTable
0x558478 GetDCOrgEx
0x55847c GetCurrentPositionEx
0x558480 GetCurrentObject
0x558484 GetClipRgn
0x558488 GetClipBox
0x55848c GetBrushOrgEx
0x558490 GetBitmapBits
0x558494 GdiFlush
0x558498 ExtTextOutA
0x55849c ExtSelectClipRgn
0x5584a0 ExtCreateRegion
0x5584a4 ExtCreatePen
0x5584a8 ExcludeClipRect
0x5584ac Ellipse
0x5584b0 DeleteObject
0x5584b4 DeleteEnhMetaFile
0x5584b8 DeleteDC
0x5584bc CreateSolidBrush
0x5584c0 CreateRectRgn
0x5584c4 CreatePolygonRgn
0x5584c8 CreatePenIndirect
0x5584cc CreatePen
0x5584d0 CreatePalette
0x5584d4 CreateHalftonePalette
0x5584d8 CreateFontIndirectA
0x5584dc CreateDIBitmap
0x5584e0 CreateDIBSection
0x5584e4 CreateCompatibleDC
0x5584e8 CreateCompatibleBitmap
0x5584ec CreateBrushIndirect
0x5584f0 CreateBitmap
0x5584f4 CopyEnhMetaFileA
0x5584f8 CombineRgn
0x5584fc BitBlt
user32.dll
0x558504 CreateWindowExA
0x558508 WindowFromPoint
0x55850c WinHelpA
0x558510 WaitMessage
0x558514 ValidateRect
0x558518 UpdateWindow
0x55851c UnregisterClassA
0x558520 UnhookWindowsHookEx
0x558524 TranslateMessage
0x558528 TranslateMDISysAccel
0x55852c TrackPopupMenu
0x558530 SystemParametersInfoA
0x558534 ShowWindow
0x558538 ShowScrollBar
0x55853c ShowOwnedPopups
0x558540 ShowCursor
0x558544 ShowCaret
0x558548 SetWindowRgn
0x55854c SetWindowsHookExA
0x558550 SetWindowTextA
0x558554 SetWindowPos
0x558558 SetWindowPlacement
0x55855c SetWindowLongW
0x558560 SetWindowLongA
0x558564 SetTimer
0x558568 SetScrollRange
0x55856c SetScrollPos
0x558570 SetScrollInfo
0x558574 SetRect
0x558578 SetPropA
0x55857c SetParent
0x558580 SetMenuItemInfoA
0x558584 SetMenu
0x558588 SetKeyboardState
0x55858c SetForegroundWindow
0x558590 SetFocus
0x558594 SetCursor
0x558598 SetClipboardData
0x55859c SetClassLongA
0x5585a0 SetCapture
0x5585a4 SetActiveWindow
0x5585a8 SendMessageA
0x5585ac ScrollWindowEx
0x5585b0 ScrollWindow
0x5585b4 ScreenToClient
0x5585b8 RemovePropA
0x5585bc RemoveMenu
0x5585c0 ReleaseDC
0x5585c4 ReleaseCapture
0x5585c8 RegisterWindowMessageA
0x5585cc RegisterClipboardFormatA
0x5585d0 RegisterClassA
0x5585d4 RedrawWindow
0x5585d8 PtInRect
0x5585dc PostQuitMessage
0x5585e0 PostMessageA
0x5585e4 PeekMessageA
0x5585e8 OpenClipboard
0x5585ec OffsetRect
0x5585f0 OemToCharA
0x5585f4 MsgWaitForMultipleObjects
0x5585f8 MoveWindow
0x5585fc MessageBoxA
0x558600 MessageBeep
0x558604 MapWindowPoints
0x558608 MapVirtualKeyA
0x55860c LoadStringA
0x558610 LoadKeyboardLayoutA
0x558614 LoadIconA
0x558618 LoadCursorA
0x55861c LoadBitmapA
0x558620 KillTimer
0x558624 IsZoomed
0x558628 IsWindowVisible
0x55862c IsWindowUnicode
0x558630 IsWindowEnabled
0x558634 IsWindow
0x558638 IsRectEmpty
0x55863c IsIconic
0x558640 IsDialogMessageA
0x558644 IsClipboardFormatAvailable
0x558648 IsChild
0x55864c IsCharAlphaNumericA
0x558650 IsCharAlphaA
0x558654 InvalidateRect
0x558658 IntersectRect
0x55865c InsertMenuItemA
0x558660 InsertMenuA
0x558664 InflateRect
0x558668 HideCaret
0x55866c GetWindowThreadProcessId
0x558670 GetWindowTextLengthW
0x558674 GetWindowTextW
0x558678 GetWindowTextA
0x55867c GetWindowRect
0x558680 GetWindowPlacement
0x558684 GetWindowLongW
0x558688 GetWindowLongA
0x55868c GetWindowDC
0x558690 GetTopWindow
0x558694 GetSystemMetrics
0x558698 GetSystemMenu
0x55869c GetSysColorBrush
0x5586a0 GetSysColor
0x5586a4 GetSubMenu
0x5586a8 GetScrollRange
0x5586ac GetScrollPos
0x5586b0 GetScrollInfo
0x5586b4 GetPropA
0x5586b8 GetParent
0x5586bc GetWindow
0x5586c0 GetMessageTime
0x5586c4 GetMenuStringA
0x5586c8 GetMenuState
0x5586cc GetMenuItemInfoA
0x5586d0 GetMenuItemID
0x5586d4 GetMenuItemCount
0x5586d8 GetMenu
0x5586dc GetLastActivePopup
0x5586e0 GetKeyboardState
0x5586e4 GetKeyboardLayoutList
0x5586e8 GetKeyboardLayout
0x5586ec GetKeyState
0x5586f0 GetKeyNameTextA
0x5586f4 GetIconInfo
0x5586f8 GetForegroundWindow
0x5586fc GetFocus
0x558700 GetDoubleClickTime
0x558704 GetDlgCtrlID
0x558708 GetDesktopWindow
0x55870c GetDCEx
0x558710 GetDC
0x558714 GetCursorPos
0x558718 GetCursor
0x55871c GetClipboardData
0x558720 GetClientRect
0x558724 GetClassNameA
0x558728 GetClassInfoA
0x55872c GetCaretPos
0x558730 GetCapture
0x558734 GetActiveWindow
0x558738 FrameRect
0x55873c FindWindowExA
0x558740 FindWindowA
0x558744 FillRect
0x558748 EqualRect
0x55874c EnumWindows
0x558750 EnumThreadWindows
0x558754 EnumClipboardFormats
0x558758 EndPaint
0x55875c EnableWindow
0x558760 EnableScrollBar
0x558764 EnableMenuItem
0x558768 EmptyClipboard
0x55876c DrawTextExA
0x558770 DrawTextW
0x558774 DrawTextA
0x558778 DrawMenuBar
0x55877c DrawIconEx
0x558780 DrawIcon
0x558784 DrawFrameControl
0x558788 DrawFocusRect
0x55878c DrawEdge
0x558790 DispatchMessageA
0x558794 DestroyWindow
0x558798 DestroyMenu
0x55879c DestroyIcon
0x5587a0 DestroyCursor
0x5587a4 DeleteMenu
0x5587a8 DefWindowProcA
0x5587ac DefMDIChildProcA
0x5587b0 DefFrameProcA
0x5587b4 CreatePopupMenu
0x5587b8 CreateMenu
0x5587bc CreateIcon
0x5587c0 CopyImage
0x5587c4 CloseClipboard
0x5587c8 ClientToScreen
0x5587cc CheckMenuItem
0x5587d0 CallWindowProcA
0x5587d4 CallNextHookEx
0x5587d8 BeginPaint
0x5587dc CharNextA
0x5587e0 CharLowerBuffA
0x5587e4 CharLowerA
0x5587e8 CharUpperBuffA
0x5587ec CharToOemA
0x5587f0 AdjustWindowRectEx
0x5587f4 ActivateKeyboardLayout
ole32.dll
0x5587fc CoTaskMemFree
0x558800 StringFromCLSID
kernel32.dll
0x558808 Sleep
oleaut32.dll
0x558810 SafeArrayPtrOfIndex
0x558814 SafeArrayPutElement
0x558818 SafeArrayGetElement
0x55881c SafeArrayUnaccessData
0x558820 SafeArrayAccessData
0x558824 SafeArrayGetUBound
0x558828 SafeArrayGetLBound
0x55882c SafeArrayRedim
0x558830 SafeArrayCreate
0x558834 VariantChangeType
0x558838 VariantCopyInd
0x55883c VariantCopy
0x558840 VariantClear
0x558844 VariantInit
ole32.dll
0x55884c CoCreateInstance
0x558850 CoGetMalloc
0x558854 CoUninitialize
0x558858 CoInitialize
0x55885c IsEqualGUID
oleaut32.dll
0x558864 CreateErrorInfo
0x558868 GetErrorInfo
0x55886c SetErrorInfo
0x558870 SafeArrayCopy
0x558874 SafeArrayUnaccessData
0x558878 SafeArrayAccessData
0x55887c SafeArrayGetUBound
0x558880 SafeArrayDestroy
0x558884 SafeArrayCreate
0x558888 SysFreeString
comctl32.dll
0x558890 ImageList_SetIconSize
0x558894 ImageList_GetIconSize
0x558898 ImageList_Write
0x55889c ImageList_Read
0x5588a0 ImageList_GetDragImage
0x5588a4 ImageList_DragShowNolock
0x5588a8 ImageList_SetDragCursorImage
0x5588ac ImageList_DragMove
0x5588b0 ImageList_DragLeave
0x5588b4 ImageList_DragEnter
0x5588b8 ImageList_EndDrag
0x5588bc ImageList_BeginDrag
0x5588c0 ImageList_LoadImageA
0x5588c4 ImageList_Remove
0x5588c8 ImageList_DrawEx
0x5588cc ImageList_Replace
0x5588d0 ImageList_Draw
0x5588d4 ImageList_GetBkColor
0x5588d8 ImageList_SetBkColor
0x5588dc ImageList_ReplaceIcon
0x5588e0 ImageList_Add
0x5588e4 ImageList_GetImageCount
0x5588e8 ImageList_Destroy
0x5588ec ImageList_Create
0x5588f0 InitCommonControls
kernel32.dll
0x5588f8 MulDiv
EAT(Export Address Table) is none
kernel32.dll
0x558168 DeleteCriticalSection
0x55816c LeaveCriticalSection
0x558170 EnterCriticalSection
0x558174 InitializeCriticalSection
0x558178 VirtualFree
0x55817c VirtualAlloc
0x558180 LocalFree
0x558184 LocalAlloc
0x558188 GetVersion
0x55818c GetCurrentThreadId
0x558190 InterlockedDecrement
0x558194 InterlockedIncrement
0x558198 VirtualQuery
0x55819c WideCharToMultiByte
0x5581a0 MultiByteToWideChar
0x5581a4 lstrlenA
0x5581a8 lstrcpynA
0x5581ac LoadLibraryExA
0x5581b0 GetThreadLocale
0x5581b4 GetStartupInfoA
0x5581b8 GetProcAddress
0x5581bc GetModuleHandleA
0x5581c0 GetModuleFileNameA
0x5581c4 GetLocaleInfoA
0x5581c8 GetCommandLineA
0x5581cc FreeLibrary
0x5581d0 FindFirstFileA
0x5581d4 FindClose
0x5581d8 ExitProcess
0x5581dc ExitThread
0x5581e0 CreateThread
0x5581e4 WriteFile
0x5581e8 UnhandledExceptionFilter
0x5581ec RtlUnwind
0x5581f0 RaiseException
0x5581f4 GetStdHandle
user32.dll
0x5581fc GetKeyboardType
0x558200 LoadStringA
0x558204 MessageBoxA
0x558208 CharNextA
advapi32.dll
0x558210 RegQueryValueExA
0x558214 RegOpenKeyExA
0x558218 RegCloseKey
oleaut32.dll
0x558220 SysFreeString
0x558224 SysReAllocStringLen
0x558228 SysAllocStringLen
kernel32.dll
0x558230 TlsSetValue
0x558234 TlsGetValue
0x558238 LocalAlloc
0x55823c GetModuleHandleA
advapi32.dll
0x558244 RegQueryValueExA
0x558248 RegQueryValueA
0x55824c RegOpenKeyExA
0x558250 RegCloseKey
kernel32.dll
0x558258 lstrcpyA
0x55825c WriteFile
0x558260 WaitForSingleObject
0x558264 VirtualQuery
0x558268 VirtualAlloc
0x55826c Sleep
0x558270 SizeofResource
0x558274 SetThreadLocale
0x558278 SetFilePointer
0x55827c SetEvent
0x558280 SetErrorMode
0x558284 SetEndOfFile
0x558288 ResumeThread
0x55828c ResetEvent
0x558290 ReadFile
0x558294 MultiByteToWideChar
0x558298 MulDiv
0x55829c LockResource
0x5582a0 LoadResource
0x5582a4 LoadLibraryA
0x5582a8 LeaveCriticalSection
0x5582ac IsBadReadPtr
0x5582b0 InitializeCriticalSection
0x5582b4 GlobalUnlock
0x5582b8 GlobalSize
0x5582bc GlobalReAlloc
0x5582c0 GlobalHandle
0x5582c4 GlobalLock
0x5582c8 GlobalFree
0x5582cc GlobalFindAtomA
0x5582d0 GlobalDeleteAtom
0x5582d4 GlobalAlloc
0x5582d8 GlobalAddAtomA
0x5582dc GetVersionExA
0x5582e0 GetVersion
0x5582e4 GetTimeZoneInformation
0x5582e8 GetTickCount
0x5582ec GetThreadLocale
0x5582f0 GetTempPathA
0x5582f4 GetSystemInfo
0x5582f8 GetStringTypeExA
0x5582fc GetStdHandle
0x558300 GetProcAddress
0x558304 GetModuleHandleA
0x558308 GetModuleFileNameA
0x55830c GetLocaleInfoA
0x558310 GetLocalTime
0x558314 GetLastError
0x558318 GetFullPathNameA
0x55831c GetFileSize
0x558320 GetExitCodeThread
0x558324 GetDiskFreeSpaceA
0x558328 GetDateFormatA
0x55832c GetCurrentThreadId
0x558330 GetCurrentProcessId
0x558334 GetCPInfo
0x558338 GetACP
0x55833c FreeResource
0x558340 InterlockedIncrement
0x558344 InterlockedExchange
0x558348 InterlockedDecrement
0x55834c FreeLibrary
0x558350 FormatMessageA
0x558354 FindResourceA
0x558358 FindFirstFileA
0x55835c FindClose
0x558360 FileTimeToLocalFileTime
0x558364 FileTimeToDosDateTime
0x558368 EnumCalendarInfoA
0x55836c EnterCriticalSection
0x558370 DeleteCriticalSection
0x558374 CreateThread
0x558378 CreateFileA
0x55837c CreateEventA
0x558380 CompareStringA
0x558384 CloseHandle
version.dll
0x55838c VerQueryValueA
0x558390 GetFileVersionInfoSizeA
0x558394 GetFileVersionInfoA
gdi32.dll
0x55839c UnrealizeObject
0x5583a0 StretchBlt
0x5583a4 SetWindowOrgEx
0x5583a8 SetWindowExtEx
0x5583ac SetWinMetaFileBits
0x5583b0 SetViewportOrgEx
0x5583b4 SetViewportExtEx
0x5583b8 SetTextColor
0x5583bc SetStretchBltMode
0x5583c0 SetROP2
0x5583c4 SetPixel
0x5583c8 SetMapMode
0x5583cc SetEnhMetaFileBits
0x5583d0 SetDIBColorTable
0x5583d4 SetBrushOrgEx
0x5583d8 SetBkMode
0x5583dc SetBkColor
0x5583e0 SelectPalette
0x5583e4 SelectObject
0x5583e8 SelectClipRgn
0x5583ec SaveDC
0x5583f0 RoundRect
0x5583f4 RestoreDC
0x5583f8 Rectangle
0x5583fc RectVisible
0x558400 RealizePalette
0x558404 Polyline
0x558408 Polygon
0x55840c PolyPolyline
0x558410 PlayEnhMetaFile
0x558414 PatBlt
0x558418 MoveToEx
0x55841c MaskBlt
0x558420 LineTo
0x558424 LPtoDP
0x558428 IntersectClipRect
0x55842c GetWindowOrgEx
0x558430 GetWinMetaFileBits
0x558434 GetViewportOrgEx
0x558438 GetTextMetricsA
0x55843c GetTextExtentPointA
0x558440 GetTextExtentPoint32A
0x558444 GetSystemPaletteEntries
0x558448 GetStockObject
0x55844c GetPixel
0x558450 GetPaletteEntries
0x558454 GetOutlineTextMetricsA
0x558458 GetObjectA
0x55845c GetNearestColor
0x558460 GetEnhMetaFilePaletteEntries
0x558464 GetEnhMetaFileHeader
0x558468 GetEnhMetaFileBits
0x55846c GetDeviceCaps
0x558470 GetDIBits
0x558474 GetDIBColorTable
0x558478 GetDCOrgEx
0x55847c GetCurrentPositionEx
0x558480 GetCurrentObject
0x558484 GetClipRgn
0x558488 GetClipBox
0x55848c GetBrushOrgEx
0x558490 GetBitmapBits
0x558494 GdiFlush
0x558498 ExtTextOutA
0x55849c ExtSelectClipRgn
0x5584a0 ExtCreateRegion
0x5584a4 ExtCreatePen
0x5584a8 ExcludeClipRect
0x5584ac Ellipse
0x5584b0 DeleteObject
0x5584b4 DeleteEnhMetaFile
0x5584b8 DeleteDC
0x5584bc CreateSolidBrush
0x5584c0 CreateRectRgn
0x5584c4 CreatePolygonRgn
0x5584c8 CreatePenIndirect
0x5584cc CreatePen
0x5584d0 CreatePalette
0x5584d4 CreateHalftonePalette
0x5584d8 CreateFontIndirectA
0x5584dc CreateDIBitmap
0x5584e0 CreateDIBSection
0x5584e4 CreateCompatibleDC
0x5584e8 CreateCompatibleBitmap
0x5584ec CreateBrushIndirect
0x5584f0 CreateBitmap
0x5584f4 CopyEnhMetaFileA
0x5584f8 CombineRgn
0x5584fc BitBlt
user32.dll
0x558504 CreateWindowExA
0x558508 WindowFromPoint
0x55850c WinHelpA
0x558510 WaitMessage
0x558514 ValidateRect
0x558518 UpdateWindow
0x55851c UnregisterClassA
0x558520 UnhookWindowsHookEx
0x558524 TranslateMessage
0x558528 TranslateMDISysAccel
0x55852c TrackPopupMenu
0x558530 SystemParametersInfoA
0x558534 ShowWindow
0x558538 ShowScrollBar
0x55853c ShowOwnedPopups
0x558540 ShowCursor
0x558544 ShowCaret
0x558548 SetWindowRgn
0x55854c SetWindowsHookExA
0x558550 SetWindowTextA
0x558554 SetWindowPos
0x558558 SetWindowPlacement
0x55855c SetWindowLongW
0x558560 SetWindowLongA
0x558564 SetTimer
0x558568 SetScrollRange
0x55856c SetScrollPos
0x558570 SetScrollInfo
0x558574 SetRect
0x558578 SetPropA
0x55857c SetParent
0x558580 SetMenuItemInfoA
0x558584 SetMenu
0x558588 SetKeyboardState
0x55858c SetForegroundWindow
0x558590 SetFocus
0x558594 SetCursor
0x558598 SetClipboardData
0x55859c SetClassLongA
0x5585a0 SetCapture
0x5585a4 SetActiveWindow
0x5585a8 SendMessageA
0x5585ac ScrollWindowEx
0x5585b0 ScrollWindow
0x5585b4 ScreenToClient
0x5585b8 RemovePropA
0x5585bc RemoveMenu
0x5585c0 ReleaseDC
0x5585c4 ReleaseCapture
0x5585c8 RegisterWindowMessageA
0x5585cc RegisterClipboardFormatA
0x5585d0 RegisterClassA
0x5585d4 RedrawWindow
0x5585d8 PtInRect
0x5585dc PostQuitMessage
0x5585e0 PostMessageA
0x5585e4 PeekMessageA
0x5585e8 OpenClipboard
0x5585ec OffsetRect
0x5585f0 OemToCharA
0x5585f4 MsgWaitForMultipleObjects
0x5585f8 MoveWindow
0x5585fc MessageBoxA
0x558600 MessageBeep
0x558604 MapWindowPoints
0x558608 MapVirtualKeyA
0x55860c LoadStringA
0x558610 LoadKeyboardLayoutA
0x558614 LoadIconA
0x558618 LoadCursorA
0x55861c LoadBitmapA
0x558620 KillTimer
0x558624 IsZoomed
0x558628 IsWindowVisible
0x55862c IsWindowUnicode
0x558630 IsWindowEnabled
0x558634 IsWindow
0x558638 IsRectEmpty
0x55863c IsIconic
0x558640 IsDialogMessageA
0x558644 IsClipboardFormatAvailable
0x558648 IsChild
0x55864c IsCharAlphaNumericA
0x558650 IsCharAlphaA
0x558654 InvalidateRect
0x558658 IntersectRect
0x55865c InsertMenuItemA
0x558660 InsertMenuA
0x558664 InflateRect
0x558668 HideCaret
0x55866c GetWindowThreadProcessId
0x558670 GetWindowTextLengthW
0x558674 GetWindowTextW
0x558678 GetWindowTextA
0x55867c GetWindowRect
0x558680 GetWindowPlacement
0x558684 GetWindowLongW
0x558688 GetWindowLongA
0x55868c GetWindowDC
0x558690 GetTopWindow
0x558694 GetSystemMetrics
0x558698 GetSystemMenu
0x55869c GetSysColorBrush
0x5586a0 GetSysColor
0x5586a4 GetSubMenu
0x5586a8 GetScrollRange
0x5586ac GetScrollPos
0x5586b0 GetScrollInfo
0x5586b4 GetPropA
0x5586b8 GetParent
0x5586bc GetWindow
0x5586c0 GetMessageTime
0x5586c4 GetMenuStringA
0x5586c8 GetMenuState
0x5586cc GetMenuItemInfoA
0x5586d0 GetMenuItemID
0x5586d4 GetMenuItemCount
0x5586d8 GetMenu
0x5586dc GetLastActivePopup
0x5586e0 GetKeyboardState
0x5586e4 GetKeyboardLayoutList
0x5586e8 GetKeyboardLayout
0x5586ec GetKeyState
0x5586f0 GetKeyNameTextA
0x5586f4 GetIconInfo
0x5586f8 GetForegroundWindow
0x5586fc GetFocus
0x558700 GetDoubleClickTime
0x558704 GetDlgCtrlID
0x558708 GetDesktopWindow
0x55870c GetDCEx
0x558710 GetDC
0x558714 GetCursorPos
0x558718 GetCursor
0x55871c GetClipboardData
0x558720 GetClientRect
0x558724 GetClassNameA
0x558728 GetClassInfoA
0x55872c GetCaretPos
0x558730 GetCapture
0x558734 GetActiveWindow
0x558738 FrameRect
0x55873c FindWindowExA
0x558740 FindWindowA
0x558744 FillRect
0x558748 EqualRect
0x55874c EnumWindows
0x558750 EnumThreadWindows
0x558754 EnumClipboardFormats
0x558758 EndPaint
0x55875c EnableWindow
0x558760 EnableScrollBar
0x558764 EnableMenuItem
0x558768 EmptyClipboard
0x55876c DrawTextExA
0x558770 DrawTextW
0x558774 DrawTextA
0x558778 DrawMenuBar
0x55877c DrawIconEx
0x558780 DrawIcon
0x558784 DrawFrameControl
0x558788 DrawFocusRect
0x55878c DrawEdge
0x558790 DispatchMessageA
0x558794 DestroyWindow
0x558798 DestroyMenu
0x55879c DestroyIcon
0x5587a0 DestroyCursor
0x5587a4 DeleteMenu
0x5587a8 DefWindowProcA
0x5587ac DefMDIChildProcA
0x5587b0 DefFrameProcA
0x5587b4 CreatePopupMenu
0x5587b8 CreateMenu
0x5587bc CreateIcon
0x5587c0 CopyImage
0x5587c4 CloseClipboard
0x5587c8 ClientToScreen
0x5587cc CheckMenuItem
0x5587d0 CallWindowProcA
0x5587d4 CallNextHookEx
0x5587d8 BeginPaint
0x5587dc CharNextA
0x5587e0 CharLowerBuffA
0x5587e4 CharLowerA
0x5587e8 CharUpperBuffA
0x5587ec CharToOemA
0x5587f0 AdjustWindowRectEx
0x5587f4 ActivateKeyboardLayout
ole32.dll
0x5587fc CoTaskMemFree
0x558800 StringFromCLSID
kernel32.dll
0x558808 Sleep
oleaut32.dll
0x558810 SafeArrayPtrOfIndex
0x558814 SafeArrayPutElement
0x558818 SafeArrayGetElement
0x55881c SafeArrayUnaccessData
0x558820 SafeArrayAccessData
0x558824 SafeArrayGetUBound
0x558828 SafeArrayGetLBound
0x55882c SafeArrayRedim
0x558830 SafeArrayCreate
0x558834 VariantChangeType
0x558838 VariantCopyInd
0x55883c VariantCopy
0x558840 VariantClear
0x558844 VariantInit
ole32.dll
0x55884c CoCreateInstance
0x558850 CoGetMalloc
0x558854 CoUninitialize
0x558858 CoInitialize
0x55885c IsEqualGUID
oleaut32.dll
0x558864 CreateErrorInfo
0x558868 GetErrorInfo
0x55886c SetErrorInfo
0x558870 SafeArrayCopy
0x558874 SafeArrayUnaccessData
0x558878 SafeArrayAccessData
0x55887c SafeArrayGetUBound
0x558880 SafeArrayDestroy
0x558884 SafeArrayCreate
0x558888 SysFreeString
comctl32.dll
0x558890 ImageList_SetIconSize
0x558894 ImageList_GetIconSize
0x558898 ImageList_Write
0x55889c ImageList_Read
0x5588a0 ImageList_GetDragImage
0x5588a4 ImageList_DragShowNolock
0x5588a8 ImageList_SetDragCursorImage
0x5588ac ImageList_DragMove
0x5588b0 ImageList_DragLeave
0x5588b4 ImageList_DragEnter
0x5588b8 ImageList_EndDrag
0x5588bc ImageList_BeginDrag
0x5588c0 ImageList_LoadImageA
0x5588c4 ImageList_Remove
0x5588c8 ImageList_DrawEx
0x5588cc ImageList_Replace
0x5588d0 ImageList_Draw
0x5588d4 ImageList_GetBkColor
0x5588d8 ImageList_SetBkColor
0x5588dc ImageList_ReplaceIcon
0x5588e0 ImageList_Add
0x5588e4 ImageList_GetImageCount
0x5588e8 ImageList_Destroy
0x5588ec ImageList_Create
0x5588f0 InitCommonControls
kernel32.dll
0x5588f8 MulDiv
EAT(Export Address Table) is none