ScreenShot
| Created | 2024.09.17 14:26 | Machine | s1_win7_x6403 |
| Filename | 66df1acad4359_res_out.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 46 detected (AIDetectMalware, Loader, Artemis, GenericKD, Unsafe, Vk5w, VBGenus, malicious, high confidence, a variant of Generik, GCMQCGB, ccmw, CLASSIC, AMADEY, YXEIMZ, Mdrop, Krypt, GenKD, Detected, Wacatac, ABTrojan, BYEN, Gencirc, susgen, Behavior) | ||
| md5 | bee899073ade70f17b353c7f1f9e2748 | ||
| sha256 | 3abd01f8fa4bbc0919e070295b6c8a1ac511fdc136e992badf65b461a92f5074 | ||
| ssdeep | 49152:dgokKNDK7VHKrv7OkRHWv38rYlyH6uwp7rw6Yv/t7ku2OSdi/a9w7SbryRJ3SFxw:SUNu7VqXO+7sU7kuz | ||
| imphash | fb0b6f7604117749530b17f45ad5a3da | ||
| impfuzzy | 192:44pHkHL9YdjSlGd3/nEJcnc2I+dW+N+HD5zWQOuj88wl:rHkHAXeapU+NiD5zWQOuQ9 | ||
Network IP location
Signature (16cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 46 AntiVirus engines on VirusTotal as malicious |
| danger | Executed a process and injected code into it |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Communicates with host for which no DNS query was performed |
| watch | Installs itself for autorun at Windows startup |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | One or more of the buffers contains an embedded PE file |
| watch | Potential code injection by writing to the memory of another process |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates executable files on the filesystem |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Sends data using the HTTP POST Method |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | This executable has a PDB path |
Rules (18cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (download) |
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (download) |
| watch | Antivirus | Contains references to security software | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (4cnts) ?
Suricata ids
ET INFO Dotted Quad Host DLL Request
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
ET POLICY PE EXE or DLL Windows file download HTTP
ET INFO Executable Retrieved With Minimal HTTP Headers - Potential Second Stage Download
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x4ba0e8 GetLocaleInfoW
0x4ba0ec LocalFileTimeToFileTime
0x4ba0f0 GetFileSizeEx
0x4ba0f4 ExitThread
0x4ba0f8 UnhandledExceptionFilter
0x4ba0fc SetUnhandledExceptionFilter
0x4ba100 IsDebuggerPresent
0x4ba104 GetCPInfo
0x4ba108 GetStartupInfoW
0x4ba10c RtlUnwind
0x4ba110 HeapReAlloc
0x4ba114 HeapSize
0x4ba118 GetOEMCP
0x4ba11c IsValidCodePage
0x4ba120 LCMapStringA
0x4ba124 LCMapStringW
0x4ba128 VirtualFree
0x4ba12c VirtualAlloc
0x4ba130 HeapCreate
0x4ba134 HeapDestroy
0x4ba138 GetStdHandle
0x4ba13c GetModuleFileNameA
0x4ba140 SetHandleCount
0x4ba144 GetFileType
0x4ba148 GetConsoleCP
0x4ba14c GetConsoleMode
0x4ba150 CompareStringA
0x4ba154 GetUserDefaultLCID
0x4ba158 GetLocaleInfoA
0x4ba15c EnumSystemLocalesA
0x4ba160 IsValidLocale
0x4ba164 GetStringTypeA
0x4ba168 GetStringTypeW
0x4ba16c InitializeCriticalSectionAndSpinCount
0x4ba170 FreeEnvironmentStringsW
0x4ba174 GetEnvironmentStringsW
0x4ba178 QueryPerformanceCounter
0x4ba17c SetStdHandle
0x4ba180 WriteConsoleA
0x4ba184 GetConsoleOutputCP
0x4ba188 WriteConsoleW
0x4ba18c CreateFileA
0x4ba190 SetEnvironmentVariableA
0x4ba194 GlobalFlags
0x4ba198 lstrcmpiA
0x4ba19c HeapWalk
0x4ba1a0 HeapLock
0x4ba1a4 OpenThread
0x4ba1a8 HeapUnlock
0x4ba1ac OutputDebugStringW
0x4ba1b0 SetFilePointerEx
0x4ba1b4 IsProcessorFeaturePresent
0x4ba1b8 GlobalAddAtomW
0x4ba1bc GlobalFindAtomW
0x4ba1c0 GlobalDeleteAtom
0x4ba1c4 GetVersionExA
0x4ba1c8 lstrcmpA
0x4ba1cc CompareStringW
0x4ba1d0 TlsFree
0x4ba1d4 LocalReAlloc
0x4ba1d8 TlsSetValue
0x4ba1dc TlsAlloc
0x4ba1e0 GlobalHandle
0x4ba1e4 GlobalReAlloc
0x4ba1e8 TlsGetValue
0x4ba1ec GetACP
0x4ba1f0 FormatMessageW
0x4ba1f4 ExitProcess
0x4ba1f8 GetFullPathNameW
0x4ba1fc lstrcmpW
0x4ba200 SetErrorMode
0x4ba204 SetEnvironmentVariableW
0x4ba208 lstrcpyW
0x4ba20c lstrlenA
0x4ba210 GetCommandLineW
0x4ba214 GlobalUnlock
0x4ba218 GlobalLock
0x4ba21c GetTempFileNameW
0x4ba220 GlobalAlloc
0x4ba224 InterlockedIncrement
0x4ba228 GetTimeZoneInformation
0x4ba22c GlobalFree
0x4ba230 FreeConsole
0x4ba234 GetTempPathW
0x4ba238 SetCurrentDirectoryW
0x4ba23c MulDiv
0x4ba240 CreateSemaphoreW
0x4ba244 ReleaseSemaphore
0x4ba248 GetSystemTimeAsFileTime
0x4ba24c RaiseException
0x4ba250 FlushInstructionCache
0x4ba254 GetModuleHandleA
0x4ba258 CreateProcessW
0x4ba25c LocalAlloc
0x4ba260 GetTickCount
0x4ba264 TerminateProcess
0x4ba268 OpenMutexW
0x4ba26c SetEndOfFile
0x4ba270 FlushFileBuffers
0x4ba274 SetFilePointer
0x4ba278 WriteFile
0x4ba27c GetCurrentThreadId
0x4ba280 FreeResource
0x4ba284 lstrcmpiW
0x4ba288 HeapFree
0x4ba28c GetProcessHeap
0x4ba290 HeapAlloc
0x4ba294 WideCharToMultiByte
0x4ba298 GetCurrentProcess
0x4ba29c lstrlenW
0x4ba2a0 SetLastError
0x4ba2a4 ProcessIdToSessionId
0x4ba2a8 LoadLibraryA
0x4ba2ac GetUserDefaultUILanguage
0x4ba2b0 LoadLibraryExW
0x4ba2b4 MultiByteToWideChar
0x4ba2b8 ReleaseMutex
0x4ba2bc CreateMutexW
0x4ba2c0 GetCurrentProcessId
0x4ba2c4 DeviceIoControl
0x4ba2c8 MoveFileExW
0x4ba2cc GetFileAttributesW
0x4ba2d0 DeleteFileW
0x4ba2d4 ExpandEnvironmentStringsW
0x4ba2d8 SystemTimeToFileTime
0x4ba2dc GetSystemTime
0x4ba2e0 GetSystemDirectoryW
0x4ba2e4 GetSystemWindowsDirectoryW
0x4ba2e8 ReadFile
0x4ba2ec GetFileSize
0x4ba2f0 GetModuleFileNameW
0x4ba2f4 GetWindowsDirectoryW
0x4ba2f8 GetPrivateProfileStringW
0x4ba2fc CreateThread
0x4ba300 CreateFileW
0x4ba304 GetShortPathNameW
0x4ba308 OpenProcess
0x4ba30c InterlockedDecrement
0x4ba310 FindNextFileW
0x4ba314 FindFirstFileW
0x4ba318 SetEvent
0x4ba31c LoadLibraryW
0x4ba320 InterlockedCompareExchange
0x4ba324 Sleep
0x4ba328 InitializeCriticalSection
0x4ba32c EnterCriticalSection
0x4ba330 LeaveCriticalSection
0x4ba334 DeleteCriticalSection
0x4ba338 LocalFree
0x4ba33c GetLastError
0x4ba340 GetVersion
0x4ba344 CloseHandle
0x4ba348 WaitForSingleObject
0x4ba34c FindResourceExW
0x4ba350 FindResourceW
0x4ba354 LoadResource
0x4ba358 LockResource
0x4ba35c SizeofResource
0x4ba360 GetModuleHandleW
0x4ba364 GetProcAddress
0x4ba368 GetVersionExW
0x4ba36c CreateEventW
0x4ba370 InterlockedExchange
0x4ba374 FindClose
0x4ba378 FreeLibrary
0x4ba37c GetStartupInfoA
USER32.dll
0x4ba4b4 SetCursor
0x4ba4b8 GetWindowTextW
0x4ba4bc GetWindowTextLengthW
0x4ba4c0 RedrawWindow
0x4ba4c4 ScreenToClient
0x4ba4c8 GetMessagePos
0x4ba4cc PtInRect
0x4ba4d0 DrawTextW
0x4ba4d4 DispatchMessageW
0x4ba4d8 TranslateMessage
0x4ba4dc GetMessageW
0x4ba4e0 SetWindowTextW
0x4ba4e4 GetWindow
0x4ba4e8 MonitorFromWindow
0x4ba4ec MapWindowPoints
0x4ba4f0 IsRectEmpty
0x4ba4f4 IsDialogMessageW
0x4ba4f8 GetClientRect
0x4ba4fc DrawIconEx
0x4ba500 DestroyIcon
0x4ba504 GetActiveWindow
0x4ba508 MessageBoxW
0x4ba50c InvalidateRect
0x4ba510 LoadIconW
0x4ba514 GetDesktopWindow
0x4ba518 keybd_event
0x4ba51c GetKeyboardState
0x4ba520 SetActiveWindow
0x4ba524 SetForegroundWindow
0x4ba528 AttachThreadInput
0x4ba52c GetForegroundWindow
0x4ba530 AllowSetForegroundWindow
0x4ba534 GetMonitorInfoW
0x4ba538 GetWindowRect
0x4ba53c MoveWindow
0x4ba540 ClientToScreen
0x4ba544 OffsetRect
0x4ba548 CopyRect
0x4ba54c GetFocus
0x4ba550 ReleaseDC
0x4ba554 GetDC
0x4ba558 RegisterWindowMessageW
0x4ba55c SetRectEmpty
0x4ba560 IsWindowEnabled
0x4ba564 SetFocus
0x4ba568 SetWindowPos
0x4ba56c SendMessageW
0x4ba570 GetParent
0x4ba574 EnableWindow
0x4ba578 CreateWindowExW
0x4ba57c LoadCursorW
0x4ba580 GetClassInfoExW
0x4ba584 GetDlgCtrlID
0x4ba588 GetKeyState
0x4ba58c IsWindow
0x4ba590 GetWindowDC
0x4ba594 BeginPaint
0x4ba598 EndPaint
0x4ba59c SetCapture
0x4ba5a0 ReleaseCapture
0x4ba5a4 GetClassLongW
0x4ba5a8 SetClassLongW
0x4ba5ac BringWindowToTop
0x4ba5b0 SwitchToThisWindow
0x4ba5b4 PostMessageW
0x4ba5b8 LoadStringW
0x4ba5bc UnregisterClassA
0x4ba5c0 GetSystemMetrics
0x4ba5c4 GetWindowThreadProcessId
0x4ba5c8 IsWindowVisible
0x4ba5cc SetWindowLongW
0x4ba5d0 GetWindowLongW
0x4ba5d4 DefWindowProcW
0x4ba5d8 DestroyMenu
0x4ba5dc TabbedTextOutW
0x4ba5e0 DrawTextExW
0x4ba5e4 CallWindowProcW
0x4ba5e8 FindWindowW
0x4ba5ec SendMessageTimeoutW
0x4ba5f0 KillTimer
0x4ba5f4 GrayStringW
0x4ba5f8 DestroyWindow
0x4ba5fc OpenClipboard
0x4ba600 EmptyClipboard
0x4ba604 CloseClipboard
0x4ba608 GetClipboardData
0x4ba60c FindWindowExW
0x4ba610 CallNextHookEx
0x4ba614 SetClipboardViewer
0x4ba618 ChangeClipboardChain
0x4ba61c SetWindowsHookExW
0x4ba620 UnhookWindowsHookEx
0x4ba624 CharNextW
0x4ba628 PeekMessageW
0x4ba62c DestroyAcceleratorTable
0x4ba630 InvalidateRgn
0x4ba634 FillRect
0x4ba638 CreateAcceleratorTableW
0x4ba63c GetSysColor
0x4ba640 GetClassNameW
0x4ba644 GetDlgItem
0x4ba648 IsChild
0x4ba64c LoadImageW
0x4ba650 PrivateExtractIconsW
0x4ba654 PostQuitMessage
0x4ba658 GetCursorPos
0x4ba65c GetLastActivePopup
0x4ba660 GetSubMenu
0x4ba664 GetMenuItemCount
0x4ba668 GetMenuItemID
0x4ba66c GetMenuState
0x4ba670 ValidateRect
0x4ba674 GetSysColorBrush
0x4ba678 CheckMenuItem
0x4ba67c EnableMenuItem
0x4ba680 ModifyMenuW
0x4ba684 LoadBitmapW
0x4ba688 GetMenuCheckMarkDimensions
0x4ba68c SetMenuItemBitmaps
0x4ba690 IsIconic
0x4ba694 SystemParametersInfoA
0x4ba698 GetMenu
0x4ba69c AdjustWindowRectEx
0x4ba6a0 RegisterClassW
0x4ba6a4 GetClassInfoW
0x4ba6a8 SetMenu
0x4ba6ac GetMessageTime
0x4ba6b0 GetTopWindow
0x4ba6b4 RemovePropW
0x4ba6b8 GetPropW
0x4ba6bc SetPropW
0x4ba6c0 GetCapture
0x4ba6c4 WinHelpW
0x4ba6c8 RegisterClassExW
0x4ba6cc SetTimer
0x4ba6d0 ShowWindow
0x4ba6d4 GetWindowPlacement
GDI32.dll
0x4ba058 SetWindowExtEx
0x4ba05c ScaleViewportExtEx
0x4ba060 SetViewportExtEx
0x4ba064 OffsetViewportOrgEx
0x4ba068 Escape
0x4ba06c TextOutW
0x4ba070 RectVisible
0x4ba074 PtVisible
0x4ba078 SetMapMode
0x4ba07c RestoreDC
0x4ba080 SaveDC
0x4ba084 ExtTextOutW
0x4ba088 GetClipBox
0x4ba08c CreateBitmap
0x4ba090 GetStockObject
0x4ba094 BitBlt
0x4ba098 SetViewportOrgEx
0x4ba09c GetPixel
0x4ba0a0 CreateCompatibleBitmap
0x4ba0a4 SetTextColor
0x4ba0a8 SetBkColor
0x4ba0ac CreateSolidBrush
0x4ba0b0 GetTextExtentPoint32W
0x4ba0b4 GetTextMetricsW
0x4ba0b8 GetObjectA
0x4ba0bc GetObjectW
0x4ba0c0 SelectObject
0x4ba0c4 CreateCompatibleDC
0x4ba0c8 DeleteDC
0x4ba0cc ScaleWindowExtEx
0x4ba0d0 DeleteObject
0x4ba0d4 CreateFontW
0x4ba0d8 GetDeviceCaps
WINSPOOL.DRV
0x4ba714 DocumentPropertiesW
0x4ba718 OpenPrinterW
0x4ba71c ClosePrinter
COMDLG32.dll
0x4ba04c GetSaveFileNameW
0x4ba050 GetOpenFileNameW
ADVAPI32.dll
0x4ba000 RegOpenKeyExA
0x4ba004 RegQueryValueExA
0x4ba008 RegQueryInfoKeyW
0x4ba00c GetSidSubAuthority
0x4ba010 GetTokenInformation
0x4ba014 OpenProcessToken
0x4ba018 RegDeleteValueW
0x4ba01c RegCreateKeyExW
0x4ba020 RegEnumKeyExW
0x4ba024 RegEnumValueW
0x4ba028 RegQueryValueExW
0x4ba02c RegDeleteKeyW
0x4ba030 RegSetValueExW
0x4ba034 RegOpenKeyExW
0x4ba038 RegCloseKey
0x4ba03c RegEnumKeyExA
SHELL32.dll
0x4ba41c DragQueryFileW
0x4ba420 DragFinish
0x4ba424 ExtractIconW
0x4ba428 SHGetPathFromIDListW
0x4ba42c SHBrowseForFolderW
0x4ba430 ShellExecuteW
0x4ba434 None
0x4ba438 ShellExecuteExW
0x4ba43c SHGetFileInfoW
0x4ba440 SHGetFolderPathW
0x4ba444 DragAcceptFiles
0x4ba448 SHGetSpecialFolderPathW
ole32.dll
0x4ba894 CoInitializeEx
0x4ba898 CLSIDFromString
0x4ba89c CoGetClassObject
0x4ba8a0 OleLockRunning
0x4ba8a4 StringFromGUID2
0x4ba8a8 OleUninitialize
0x4ba8ac OleInitialize
0x4ba8b0 CoTaskMemAlloc
0x4ba8b4 CoTaskMemRealloc
0x4ba8b8 RevokeDragDrop
0x4ba8bc CreateStreamOnHGlobal
0x4ba8c0 CLSIDFromProgID
0x4ba8c4 CoUninitialize
0x4ba8c8 CoCreateInstance
0x4ba8cc CoInitialize
0x4ba8d0 CoTaskMemFree
OLEAUT32.dll
0x4ba390 SysAllocString
0x4ba394 VariantInit
0x4ba398 VariantClear
0x4ba39c SysFreeString
0x4ba3a0 DispCallFunc
0x4ba3a4 SafeArrayGetVartype
0x4ba3a8 SafeArrayCopy
0x4ba3ac VariantCopy
0x4ba3b0 SafeArrayGetLBound
0x4ba3b4 SafeArrayGetUBound
0x4ba3b8 SafeArrayCreate
0x4ba3bc SafeArrayDestroy
0x4ba3c0 SafeArrayLock
0x4ba3c4 SafeArrayUnlock
0x4ba3c8 VarBstrCmp
0x4ba3cc SysAllocStringLen
0x4ba3d0 VarUI4FromStr
0x4ba3d4 OleCreateFontIndirect
0x4ba3d8 SysStringLen
0x4ba3dc LoadRegTypeLib
0x4ba3e0 LoadTypeLib
0x4ba3e4 VariantTimeToSystemTime
0x4ba3e8 SystemTimeToVariantTime
0x4ba3ec VariantChangeType
SHLWAPI.dll
0x4ba450 StrStrW
0x4ba454 StrRStrIW
0x4ba458 PathRemoveBackslashW
0x4ba45c ColorHLSToRGB
0x4ba460 ColorRGBToHLS
0x4ba464 PathCompactPathW
0x4ba468 PathStripPathW
0x4ba46c None
0x4ba470 SHSetValueA
0x4ba474 SHGetValueA
0x4ba478 StrCmpNIW
0x4ba47c StrStrIA
0x4ba480 PathAddBackslashW
0x4ba484 PathAppendW
0x4ba488 SHGetValueW
0x4ba48c wnsprintfW
0x4ba490 PathIsDirectoryW
0x4ba494 PathFindExtensionW
0x4ba498 PathFindFileNameW
0x4ba49c StrCmpIW
0x4ba4a0 PathCombineW
0x4ba4a4 PathFileExistsW
0x4ba4a8 StrStrIW
0x4ba4ac PathRemoveFileSpecW
COMCTL32.dll
0x4ba044 InitCommonControlsEx
gdiplus.dll
0x4ba72c GdipCreatePath
0x4ba730 GdipDeletePath
0x4ba734 GdipGetSmoothingMode
0x4ba738 GdipSetSmoothingMode
0x4ba73c GdipFillPath
0x4ba740 GdipDrawPath
0x4ba744 GdipCreateBitmapFromScan0
0x4ba748 GdipGetImagePixelFormat
0x4ba74c GdipGetImageGraphicsContext
0x4ba750 GdipDrawImageRectI
0x4ba754 GdipSetPixelOffsetMode
0x4ba758 GdipAddPathLineI
0x4ba75c GdipSetPenDashOffset
0x4ba760 GdipDrawEllipseI
0x4ba764 GdipSetPenWidth
0x4ba768 GdipGetPixelOffsetMode
0x4ba76c GdipAddPathRectangleI
0x4ba770 GdipCreateLineBrushFromRect
0x4ba774 GdipDrawRectangleI
0x4ba778 GdipCreatePen2
0x4ba77c GdipSetLinePresetBlend
0x4ba780 GdipDeleteFontFamily
0x4ba784 GdipCloneFontFamily
0x4ba788 GdipGetFontCollectionFamilyList
0x4ba78c GdipCreateFont
0x4ba790 GdipSetTextRenderingHint
0x4ba794 GdipSetClipRectI
0x4ba798 GdipResetClip
0x4ba79c GdipGetFontHeight
0x4ba7a0 GdipCreateFromHWND
0x4ba7a4 GdipCreatePathGradientFromPath
0x4ba7a8 GdipSetPathGradientCenterColor
0x4ba7ac GdipDrawString
0x4ba7b0 GdipGetPathGradientPointCount
0x4ba7b4 GdipAddPathEllipseI
0x4ba7b8 GdipDrawLine
0x4ba7bc GdipDrawImageRectRectI
0x4ba7c0 GdipNewPrivateFontCollection
0x4ba7c4 GdipFillRectangleI
0x4ba7c8 GdipPrivateAddMemoryFont
0x4ba7cc GdipTranslateWorldTransform
0x4ba7d0 GdipRotateWorldTransform
0x4ba7d4 GdipResetWorldTransform
0x4ba7d8 GdipDrawImagePointRectI
0x4ba7dc GdipCreateBitmapFromStream
0x4ba7e0 GdipSetInterpolationMode
0x4ba7e4 GdipGetImageEncodersSize
0x4ba7e8 GdipGetImageEncoders
0x4ba7ec GdipSaveImageToFile
0x4ba7f0 GdipAddPathArc
0x4ba7f4 GdipAddPathLine
0x4ba7f8 GdipAddPathPie
0x4ba7fc GdipGetPathWorldBoundsI
0x4ba800 GdipAddPathLine2
0x4ba804 GdipSetPathGradientCenterPoint
0x4ba808 GdipSetPathGradientGammaCorrection
0x4ba80c GdipCloneBrush
0x4ba810 GdipDeleteBrush
0x4ba814 GdipCreateSolidFill
0x4ba818 GdipFillRectangle
0x4ba81c GdipMeasureString
0x4ba820 GdipSetStringFormatAlign
0x4ba824 GdipSetStringFormatLineAlign
0x4ba828 GdipDeleteStringFormat
0x4ba82c GdipCreateStringFormat
0x4ba830 GdipDeleteFont
0x4ba834 GdipCreateFontFromLogfontA
0x4ba838 GdipCreateFontFromDC
0x4ba83c GdipDrawLineI
0x4ba840 GdipGetImageWidth
0x4ba844 GdipCreateBitmapFromFile
0x4ba848 GdipCloneImage
0x4ba84c GdipAlloc
0x4ba850 GdipDisposeImage
0x4ba854 GdipCreateLineBrushFromRectI
0x4ba858 GdipClosePathFigure
0x4ba85c GdipAddPathArcI
0x4ba860 GdipResetPath
0x4ba864 GdipDeletePrivateFontCollection
0x4ba868 GdipSetPenDashStyle
0x4ba86c GdipDeletePen
0x4ba870 GdipCreatePen1
0x4ba874 GdipDeleteGraphics
0x4ba878 GdipFree
0x4ba87c GdipCreateFromHDC
0x4ba880 GdipBitmapSetPixel
0x4ba884 GdipBitmapGetPixel
0x4ba888 GdipSetPathGradientSurroundColorsWithCount
0x4ba88c GdipGetImageHeight
VERSION.dll
0x4ba6e4 VerQueryValueW
0x4ba6e8 GetFileVersionInfoW
0x4ba6ec GetFileVersionInfoSizeW
WININET.dll
0x4ba6f4 HttpQueryInfoW
0x4ba6f8 InternetCloseHandle
0x4ba6fc InternetOpenUrlW
0x4ba700 InternetSetOptionW
0x4ba704 InternetOpenW
0x4ba708 DeleteUrlCacheEntryW
0x4ba70c InternetReadFile
PSAPI.DLL
0x4ba3f4 GetModuleFileNameExW
WTSAPI32.dll
0x4ba724 WTSQuerySessionInformationW
USERENV.dll
0x4ba6dc GetUserProfileDirectoryW
IMM32.dll
0x4ba0e0 ImmDisableIME
RPCRT4.dll
0x4ba3fc NdrAsyncClientCall
0x4ba400 RpcAsyncInitializeHandle
0x4ba404 RpcStringBindingComposeW
0x4ba408 RpcBindingFromStringBindingW
0x4ba40c RpcAsyncCompleteCall
0x4ba410 RpcStringFreeW
0x4ba414 RpcBindingFree
OLEACC.dll
0x4ba384 LresultFromObject
0x4ba388 CreateStdAccessibleObject
EAT(Export Address Table) is none
KERNEL32.dll
0x4ba0e8 GetLocaleInfoW
0x4ba0ec LocalFileTimeToFileTime
0x4ba0f0 GetFileSizeEx
0x4ba0f4 ExitThread
0x4ba0f8 UnhandledExceptionFilter
0x4ba0fc SetUnhandledExceptionFilter
0x4ba100 IsDebuggerPresent
0x4ba104 GetCPInfo
0x4ba108 GetStartupInfoW
0x4ba10c RtlUnwind
0x4ba110 HeapReAlloc
0x4ba114 HeapSize
0x4ba118 GetOEMCP
0x4ba11c IsValidCodePage
0x4ba120 LCMapStringA
0x4ba124 LCMapStringW
0x4ba128 VirtualFree
0x4ba12c VirtualAlloc
0x4ba130 HeapCreate
0x4ba134 HeapDestroy
0x4ba138 GetStdHandle
0x4ba13c GetModuleFileNameA
0x4ba140 SetHandleCount
0x4ba144 GetFileType
0x4ba148 GetConsoleCP
0x4ba14c GetConsoleMode
0x4ba150 CompareStringA
0x4ba154 GetUserDefaultLCID
0x4ba158 GetLocaleInfoA
0x4ba15c EnumSystemLocalesA
0x4ba160 IsValidLocale
0x4ba164 GetStringTypeA
0x4ba168 GetStringTypeW
0x4ba16c InitializeCriticalSectionAndSpinCount
0x4ba170 FreeEnvironmentStringsW
0x4ba174 GetEnvironmentStringsW
0x4ba178 QueryPerformanceCounter
0x4ba17c SetStdHandle
0x4ba180 WriteConsoleA
0x4ba184 GetConsoleOutputCP
0x4ba188 WriteConsoleW
0x4ba18c CreateFileA
0x4ba190 SetEnvironmentVariableA
0x4ba194 GlobalFlags
0x4ba198 lstrcmpiA
0x4ba19c HeapWalk
0x4ba1a0 HeapLock
0x4ba1a4 OpenThread
0x4ba1a8 HeapUnlock
0x4ba1ac OutputDebugStringW
0x4ba1b0 SetFilePointerEx
0x4ba1b4 IsProcessorFeaturePresent
0x4ba1b8 GlobalAddAtomW
0x4ba1bc GlobalFindAtomW
0x4ba1c0 GlobalDeleteAtom
0x4ba1c4 GetVersionExA
0x4ba1c8 lstrcmpA
0x4ba1cc CompareStringW
0x4ba1d0 TlsFree
0x4ba1d4 LocalReAlloc
0x4ba1d8 TlsSetValue
0x4ba1dc TlsAlloc
0x4ba1e0 GlobalHandle
0x4ba1e4 GlobalReAlloc
0x4ba1e8 TlsGetValue
0x4ba1ec GetACP
0x4ba1f0 FormatMessageW
0x4ba1f4 ExitProcess
0x4ba1f8 GetFullPathNameW
0x4ba1fc lstrcmpW
0x4ba200 SetErrorMode
0x4ba204 SetEnvironmentVariableW
0x4ba208 lstrcpyW
0x4ba20c lstrlenA
0x4ba210 GetCommandLineW
0x4ba214 GlobalUnlock
0x4ba218 GlobalLock
0x4ba21c GetTempFileNameW
0x4ba220 GlobalAlloc
0x4ba224 InterlockedIncrement
0x4ba228 GetTimeZoneInformation
0x4ba22c GlobalFree
0x4ba230 FreeConsole
0x4ba234 GetTempPathW
0x4ba238 SetCurrentDirectoryW
0x4ba23c MulDiv
0x4ba240 CreateSemaphoreW
0x4ba244 ReleaseSemaphore
0x4ba248 GetSystemTimeAsFileTime
0x4ba24c RaiseException
0x4ba250 FlushInstructionCache
0x4ba254 GetModuleHandleA
0x4ba258 CreateProcessW
0x4ba25c LocalAlloc
0x4ba260 GetTickCount
0x4ba264 TerminateProcess
0x4ba268 OpenMutexW
0x4ba26c SetEndOfFile
0x4ba270 FlushFileBuffers
0x4ba274 SetFilePointer
0x4ba278 WriteFile
0x4ba27c GetCurrentThreadId
0x4ba280 FreeResource
0x4ba284 lstrcmpiW
0x4ba288 HeapFree
0x4ba28c GetProcessHeap
0x4ba290 HeapAlloc
0x4ba294 WideCharToMultiByte
0x4ba298 GetCurrentProcess
0x4ba29c lstrlenW
0x4ba2a0 SetLastError
0x4ba2a4 ProcessIdToSessionId
0x4ba2a8 LoadLibraryA
0x4ba2ac GetUserDefaultUILanguage
0x4ba2b0 LoadLibraryExW
0x4ba2b4 MultiByteToWideChar
0x4ba2b8 ReleaseMutex
0x4ba2bc CreateMutexW
0x4ba2c0 GetCurrentProcessId
0x4ba2c4 DeviceIoControl
0x4ba2c8 MoveFileExW
0x4ba2cc GetFileAttributesW
0x4ba2d0 DeleteFileW
0x4ba2d4 ExpandEnvironmentStringsW
0x4ba2d8 SystemTimeToFileTime
0x4ba2dc GetSystemTime
0x4ba2e0 GetSystemDirectoryW
0x4ba2e4 GetSystemWindowsDirectoryW
0x4ba2e8 ReadFile
0x4ba2ec GetFileSize
0x4ba2f0 GetModuleFileNameW
0x4ba2f4 GetWindowsDirectoryW
0x4ba2f8 GetPrivateProfileStringW
0x4ba2fc CreateThread
0x4ba300 CreateFileW
0x4ba304 GetShortPathNameW
0x4ba308 OpenProcess
0x4ba30c InterlockedDecrement
0x4ba310 FindNextFileW
0x4ba314 FindFirstFileW
0x4ba318 SetEvent
0x4ba31c LoadLibraryW
0x4ba320 InterlockedCompareExchange
0x4ba324 Sleep
0x4ba328 InitializeCriticalSection
0x4ba32c EnterCriticalSection
0x4ba330 LeaveCriticalSection
0x4ba334 DeleteCriticalSection
0x4ba338 LocalFree
0x4ba33c GetLastError
0x4ba340 GetVersion
0x4ba344 CloseHandle
0x4ba348 WaitForSingleObject
0x4ba34c FindResourceExW
0x4ba350 FindResourceW
0x4ba354 LoadResource
0x4ba358 LockResource
0x4ba35c SizeofResource
0x4ba360 GetModuleHandleW
0x4ba364 GetProcAddress
0x4ba368 GetVersionExW
0x4ba36c CreateEventW
0x4ba370 InterlockedExchange
0x4ba374 FindClose
0x4ba378 FreeLibrary
0x4ba37c GetStartupInfoA
USER32.dll
0x4ba4b4 SetCursor
0x4ba4b8 GetWindowTextW
0x4ba4bc GetWindowTextLengthW
0x4ba4c0 RedrawWindow
0x4ba4c4 ScreenToClient
0x4ba4c8 GetMessagePos
0x4ba4cc PtInRect
0x4ba4d0 DrawTextW
0x4ba4d4 DispatchMessageW
0x4ba4d8 TranslateMessage
0x4ba4dc GetMessageW
0x4ba4e0 SetWindowTextW
0x4ba4e4 GetWindow
0x4ba4e8 MonitorFromWindow
0x4ba4ec MapWindowPoints
0x4ba4f0 IsRectEmpty
0x4ba4f4 IsDialogMessageW
0x4ba4f8 GetClientRect
0x4ba4fc DrawIconEx
0x4ba500 DestroyIcon
0x4ba504 GetActiveWindow
0x4ba508 MessageBoxW
0x4ba50c InvalidateRect
0x4ba510 LoadIconW
0x4ba514 GetDesktopWindow
0x4ba518 keybd_event
0x4ba51c GetKeyboardState
0x4ba520 SetActiveWindow
0x4ba524 SetForegroundWindow
0x4ba528 AttachThreadInput
0x4ba52c GetForegroundWindow
0x4ba530 AllowSetForegroundWindow
0x4ba534 GetMonitorInfoW
0x4ba538 GetWindowRect
0x4ba53c MoveWindow
0x4ba540 ClientToScreen
0x4ba544 OffsetRect
0x4ba548 CopyRect
0x4ba54c GetFocus
0x4ba550 ReleaseDC
0x4ba554 GetDC
0x4ba558 RegisterWindowMessageW
0x4ba55c SetRectEmpty
0x4ba560 IsWindowEnabled
0x4ba564 SetFocus
0x4ba568 SetWindowPos
0x4ba56c SendMessageW
0x4ba570 GetParent
0x4ba574 EnableWindow
0x4ba578 CreateWindowExW
0x4ba57c LoadCursorW
0x4ba580 GetClassInfoExW
0x4ba584 GetDlgCtrlID
0x4ba588 GetKeyState
0x4ba58c IsWindow
0x4ba590 GetWindowDC
0x4ba594 BeginPaint
0x4ba598 EndPaint
0x4ba59c SetCapture
0x4ba5a0 ReleaseCapture
0x4ba5a4 GetClassLongW
0x4ba5a8 SetClassLongW
0x4ba5ac BringWindowToTop
0x4ba5b0 SwitchToThisWindow
0x4ba5b4 PostMessageW
0x4ba5b8 LoadStringW
0x4ba5bc UnregisterClassA
0x4ba5c0 GetSystemMetrics
0x4ba5c4 GetWindowThreadProcessId
0x4ba5c8 IsWindowVisible
0x4ba5cc SetWindowLongW
0x4ba5d0 GetWindowLongW
0x4ba5d4 DefWindowProcW
0x4ba5d8 DestroyMenu
0x4ba5dc TabbedTextOutW
0x4ba5e0 DrawTextExW
0x4ba5e4 CallWindowProcW
0x4ba5e8 FindWindowW
0x4ba5ec SendMessageTimeoutW
0x4ba5f0 KillTimer
0x4ba5f4 GrayStringW
0x4ba5f8 DestroyWindow
0x4ba5fc OpenClipboard
0x4ba600 EmptyClipboard
0x4ba604 CloseClipboard
0x4ba608 GetClipboardData
0x4ba60c FindWindowExW
0x4ba610 CallNextHookEx
0x4ba614 SetClipboardViewer
0x4ba618 ChangeClipboardChain
0x4ba61c SetWindowsHookExW
0x4ba620 UnhookWindowsHookEx
0x4ba624 CharNextW
0x4ba628 PeekMessageW
0x4ba62c DestroyAcceleratorTable
0x4ba630 InvalidateRgn
0x4ba634 FillRect
0x4ba638 CreateAcceleratorTableW
0x4ba63c GetSysColor
0x4ba640 GetClassNameW
0x4ba644 GetDlgItem
0x4ba648 IsChild
0x4ba64c LoadImageW
0x4ba650 PrivateExtractIconsW
0x4ba654 PostQuitMessage
0x4ba658 GetCursorPos
0x4ba65c GetLastActivePopup
0x4ba660 GetSubMenu
0x4ba664 GetMenuItemCount
0x4ba668 GetMenuItemID
0x4ba66c GetMenuState
0x4ba670 ValidateRect
0x4ba674 GetSysColorBrush
0x4ba678 CheckMenuItem
0x4ba67c EnableMenuItem
0x4ba680 ModifyMenuW
0x4ba684 LoadBitmapW
0x4ba688 GetMenuCheckMarkDimensions
0x4ba68c SetMenuItemBitmaps
0x4ba690 IsIconic
0x4ba694 SystemParametersInfoA
0x4ba698 GetMenu
0x4ba69c AdjustWindowRectEx
0x4ba6a0 RegisterClassW
0x4ba6a4 GetClassInfoW
0x4ba6a8 SetMenu
0x4ba6ac GetMessageTime
0x4ba6b0 GetTopWindow
0x4ba6b4 RemovePropW
0x4ba6b8 GetPropW
0x4ba6bc SetPropW
0x4ba6c0 GetCapture
0x4ba6c4 WinHelpW
0x4ba6c8 RegisterClassExW
0x4ba6cc SetTimer
0x4ba6d0 ShowWindow
0x4ba6d4 GetWindowPlacement
GDI32.dll
0x4ba058 SetWindowExtEx
0x4ba05c ScaleViewportExtEx
0x4ba060 SetViewportExtEx
0x4ba064 OffsetViewportOrgEx
0x4ba068 Escape
0x4ba06c TextOutW
0x4ba070 RectVisible
0x4ba074 PtVisible
0x4ba078 SetMapMode
0x4ba07c RestoreDC
0x4ba080 SaveDC
0x4ba084 ExtTextOutW
0x4ba088 GetClipBox
0x4ba08c CreateBitmap
0x4ba090 GetStockObject
0x4ba094 BitBlt
0x4ba098 SetViewportOrgEx
0x4ba09c GetPixel
0x4ba0a0 CreateCompatibleBitmap
0x4ba0a4 SetTextColor
0x4ba0a8 SetBkColor
0x4ba0ac CreateSolidBrush
0x4ba0b0 GetTextExtentPoint32W
0x4ba0b4 GetTextMetricsW
0x4ba0b8 GetObjectA
0x4ba0bc GetObjectW
0x4ba0c0 SelectObject
0x4ba0c4 CreateCompatibleDC
0x4ba0c8 DeleteDC
0x4ba0cc ScaleWindowExtEx
0x4ba0d0 DeleteObject
0x4ba0d4 CreateFontW
0x4ba0d8 GetDeviceCaps
WINSPOOL.DRV
0x4ba714 DocumentPropertiesW
0x4ba718 OpenPrinterW
0x4ba71c ClosePrinter
COMDLG32.dll
0x4ba04c GetSaveFileNameW
0x4ba050 GetOpenFileNameW
ADVAPI32.dll
0x4ba000 RegOpenKeyExA
0x4ba004 RegQueryValueExA
0x4ba008 RegQueryInfoKeyW
0x4ba00c GetSidSubAuthority
0x4ba010 GetTokenInformation
0x4ba014 OpenProcessToken
0x4ba018 RegDeleteValueW
0x4ba01c RegCreateKeyExW
0x4ba020 RegEnumKeyExW
0x4ba024 RegEnumValueW
0x4ba028 RegQueryValueExW
0x4ba02c RegDeleteKeyW
0x4ba030 RegSetValueExW
0x4ba034 RegOpenKeyExW
0x4ba038 RegCloseKey
0x4ba03c RegEnumKeyExA
SHELL32.dll
0x4ba41c DragQueryFileW
0x4ba420 DragFinish
0x4ba424 ExtractIconW
0x4ba428 SHGetPathFromIDListW
0x4ba42c SHBrowseForFolderW
0x4ba430 ShellExecuteW
0x4ba434 None
0x4ba438 ShellExecuteExW
0x4ba43c SHGetFileInfoW
0x4ba440 SHGetFolderPathW
0x4ba444 DragAcceptFiles
0x4ba448 SHGetSpecialFolderPathW
ole32.dll
0x4ba894 CoInitializeEx
0x4ba898 CLSIDFromString
0x4ba89c CoGetClassObject
0x4ba8a0 OleLockRunning
0x4ba8a4 StringFromGUID2
0x4ba8a8 OleUninitialize
0x4ba8ac OleInitialize
0x4ba8b0 CoTaskMemAlloc
0x4ba8b4 CoTaskMemRealloc
0x4ba8b8 RevokeDragDrop
0x4ba8bc CreateStreamOnHGlobal
0x4ba8c0 CLSIDFromProgID
0x4ba8c4 CoUninitialize
0x4ba8c8 CoCreateInstance
0x4ba8cc CoInitialize
0x4ba8d0 CoTaskMemFree
OLEAUT32.dll
0x4ba390 SysAllocString
0x4ba394 VariantInit
0x4ba398 VariantClear
0x4ba39c SysFreeString
0x4ba3a0 DispCallFunc
0x4ba3a4 SafeArrayGetVartype
0x4ba3a8 SafeArrayCopy
0x4ba3ac VariantCopy
0x4ba3b0 SafeArrayGetLBound
0x4ba3b4 SafeArrayGetUBound
0x4ba3b8 SafeArrayCreate
0x4ba3bc SafeArrayDestroy
0x4ba3c0 SafeArrayLock
0x4ba3c4 SafeArrayUnlock
0x4ba3c8 VarBstrCmp
0x4ba3cc SysAllocStringLen
0x4ba3d0 VarUI4FromStr
0x4ba3d4 OleCreateFontIndirect
0x4ba3d8 SysStringLen
0x4ba3dc LoadRegTypeLib
0x4ba3e0 LoadTypeLib
0x4ba3e4 VariantTimeToSystemTime
0x4ba3e8 SystemTimeToVariantTime
0x4ba3ec VariantChangeType
SHLWAPI.dll
0x4ba450 StrStrW
0x4ba454 StrRStrIW
0x4ba458 PathRemoveBackslashW
0x4ba45c ColorHLSToRGB
0x4ba460 ColorRGBToHLS
0x4ba464 PathCompactPathW
0x4ba468 PathStripPathW
0x4ba46c None
0x4ba470 SHSetValueA
0x4ba474 SHGetValueA
0x4ba478 StrCmpNIW
0x4ba47c StrStrIA
0x4ba480 PathAddBackslashW
0x4ba484 PathAppendW
0x4ba488 SHGetValueW
0x4ba48c wnsprintfW
0x4ba490 PathIsDirectoryW
0x4ba494 PathFindExtensionW
0x4ba498 PathFindFileNameW
0x4ba49c StrCmpIW
0x4ba4a0 PathCombineW
0x4ba4a4 PathFileExistsW
0x4ba4a8 StrStrIW
0x4ba4ac PathRemoveFileSpecW
COMCTL32.dll
0x4ba044 InitCommonControlsEx
gdiplus.dll
0x4ba72c GdipCreatePath
0x4ba730 GdipDeletePath
0x4ba734 GdipGetSmoothingMode
0x4ba738 GdipSetSmoothingMode
0x4ba73c GdipFillPath
0x4ba740 GdipDrawPath
0x4ba744 GdipCreateBitmapFromScan0
0x4ba748 GdipGetImagePixelFormat
0x4ba74c GdipGetImageGraphicsContext
0x4ba750 GdipDrawImageRectI
0x4ba754 GdipSetPixelOffsetMode
0x4ba758 GdipAddPathLineI
0x4ba75c GdipSetPenDashOffset
0x4ba760 GdipDrawEllipseI
0x4ba764 GdipSetPenWidth
0x4ba768 GdipGetPixelOffsetMode
0x4ba76c GdipAddPathRectangleI
0x4ba770 GdipCreateLineBrushFromRect
0x4ba774 GdipDrawRectangleI
0x4ba778 GdipCreatePen2
0x4ba77c GdipSetLinePresetBlend
0x4ba780 GdipDeleteFontFamily
0x4ba784 GdipCloneFontFamily
0x4ba788 GdipGetFontCollectionFamilyList
0x4ba78c GdipCreateFont
0x4ba790 GdipSetTextRenderingHint
0x4ba794 GdipSetClipRectI
0x4ba798 GdipResetClip
0x4ba79c GdipGetFontHeight
0x4ba7a0 GdipCreateFromHWND
0x4ba7a4 GdipCreatePathGradientFromPath
0x4ba7a8 GdipSetPathGradientCenterColor
0x4ba7ac GdipDrawString
0x4ba7b0 GdipGetPathGradientPointCount
0x4ba7b4 GdipAddPathEllipseI
0x4ba7b8 GdipDrawLine
0x4ba7bc GdipDrawImageRectRectI
0x4ba7c0 GdipNewPrivateFontCollection
0x4ba7c4 GdipFillRectangleI
0x4ba7c8 GdipPrivateAddMemoryFont
0x4ba7cc GdipTranslateWorldTransform
0x4ba7d0 GdipRotateWorldTransform
0x4ba7d4 GdipResetWorldTransform
0x4ba7d8 GdipDrawImagePointRectI
0x4ba7dc GdipCreateBitmapFromStream
0x4ba7e0 GdipSetInterpolationMode
0x4ba7e4 GdipGetImageEncodersSize
0x4ba7e8 GdipGetImageEncoders
0x4ba7ec GdipSaveImageToFile
0x4ba7f0 GdipAddPathArc
0x4ba7f4 GdipAddPathLine
0x4ba7f8 GdipAddPathPie
0x4ba7fc GdipGetPathWorldBoundsI
0x4ba800 GdipAddPathLine2
0x4ba804 GdipSetPathGradientCenterPoint
0x4ba808 GdipSetPathGradientGammaCorrection
0x4ba80c GdipCloneBrush
0x4ba810 GdipDeleteBrush
0x4ba814 GdipCreateSolidFill
0x4ba818 GdipFillRectangle
0x4ba81c GdipMeasureString
0x4ba820 GdipSetStringFormatAlign
0x4ba824 GdipSetStringFormatLineAlign
0x4ba828 GdipDeleteStringFormat
0x4ba82c GdipCreateStringFormat
0x4ba830 GdipDeleteFont
0x4ba834 GdipCreateFontFromLogfontA
0x4ba838 GdipCreateFontFromDC
0x4ba83c GdipDrawLineI
0x4ba840 GdipGetImageWidth
0x4ba844 GdipCreateBitmapFromFile
0x4ba848 GdipCloneImage
0x4ba84c GdipAlloc
0x4ba850 GdipDisposeImage
0x4ba854 GdipCreateLineBrushFromRectI
0x4ba858 GdipClosePathFigure
0x4ba85c GdipAddPathArcI
0x4ba860 GdipResetPath
0x4ba864 GdipDeletePrivateFontCollection
0x4ba868 GdipSetPenDashStyle
0x4ba86c GdipDeletePen
0x4ba870 GdipCreatePen1
0x4ba874 GdipDeleteGraphics
0x4ba878 GdipFree
0x4ba87c GdipCreateFromHDC
0x4ba880 GdipBitmapSetPixel
0x4ba884 GdipBitmapGetPixel
0x4ba888 GdipSetPathGradientSurroundColorsWithCount
0x4ba88c GdipGetImageHeight
VERSION.dll
0x4ba6e4 VerQueryValueW
0x4ba6e8 GetFileVersionInfoW
0x4ba6ec GetFileVersionInfoSizeW
WININET.dll
0x4ba6f4 HttpQueryInfoW
0x4ba6f8 InternetCloseHandle
0x4ba6fc InternetOpenUrlW
0x4ba700 InternetSetOptionW
0x4ba704 InternetOpenW
0x4ba708 DeleteUrlCacheEntryW
0x4ba70c InternetReadFile
PSAPI.DLL
0x4ba3f4 GetModuleFileNameExW
WTSAPI32.dll
0x4ba724 WTSQuerySessionInformationW
USERENV.dll
0x4ba6dc GetUserProfileDirectoryW
IMM32.dll
0x4ba0e0 ImmDisableIME
RPCRT4.dll
0x4ba3fc NdrAsyncClientCall
0x4ba400 RpcAsyncInitializeHandle
0x4ba404 RpcStringBindingComposeW
0x4ba408 RpcBindingFromStringBindingW
0x4ba40c RpcAsyncCompleteCall
0x4ba410 RpcStringFreeW
0x4ba414 RpcBindingFree
OLEACC.dll
0x4ba384 LresultFromObject
0x4ba388 CreateStdAccessibleObject
EAT(Export Address Table) is none