ScreenShot
| Created | 2024.09.27 13:43 | Machine | s1_win7_x6401 |
| Filename | 1221.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 40 detected (AIDetectMalware, Malicious, score, Fragtor, Unsafe, Save, confidence, Attribute, HighConfidence, high confidence, FlyStudio, Real Protect, moderate, Generic Reputation PUA, Static AI, Malicious PE, Detected, RA@1qraug, Wacatac, 15CL508, FlyAgent, Eldorado, Artemis, BScope, Dynamer, CoinMiner) | ||
| md5 | b2d997ae878ab9eb95c015548367b746 | ||
| sha256 | ec6d1df52cb3cd17cb8d638eb9f5ada51fb2a4997d7f0953fac35f101ff1822a | ||
| ssdeep | 49152:Z/aimhYljuri/ieiCes4fYn2o4Bpo3aVfm2pT+s8KuqGaX0ToIBAUZLY/:A7hYMreJes4fJobqVRoJBAUZLI | ||
| imphash | 1b6716231657ae11dc1ea8a2863b4bf4 | ||
| impfuzzy | 192:b3Nw+04C+RizhUqT0Cv4zicRcBcVAHhv/5xQ4b1AYjGE:u+xGTBEmr5xQ4byYqE | ||
Network IP location
Signature (8cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 40 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (14cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | ASPack_Zero | ASPack packed file | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | DllRegisterServer_Zero | execute regsvr32.exe | binaries (upload) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
RASAPI32.dll
0x4de3ec RasHangUpA
0x4de3f0 RasGetConnectStatusA
KERNEL32.dll
0x4de180 GetModuleHandleA
0x4de184 GetVolumeInformationA
0x4de188 FlushFileBuffers
0x4de18c SetFilePointer
0x4de190 GetCurrentProcess
0x4de194 DuplicateHandle
0x4de198 lstrcpynA
0x4de19c FileTimeToLocalFileTime
0x4de1a0 LocalFree
0x4de1a4 InterlockedDecrement
0x4de1a8 InterlockedIncrement
0x4de1ac SetCurrentDirectoryA
0x4de1b0 GetFileAttributesA
0x4de1b4 GetProcAddress
0x4de1b8 FindClose
0x4de1bc FindFirstFileA
0x4de1c0 GetACP
0x4de1c4 SuspendThread
0x4de1c8 ReleaseMutex
0x4de1cc CreateMutexA
0x4de1d0 TerminateThread
0x4de1d4 GetFileSize
0x4de1d8 UnmapViewOfFile
0x4de1dc SetLastError
0x4de1e0 GetTimeZoneInformation
0x4de1e4 FileTimeToSystemTime
0x4de1e8 IsBadCodePtr
0x4de1ec IsBadReadPtr
0x4de1f0 CompareStringW
0x4de1f4 CompareStringA
0x4de1f8 GetStringTypeW
0x4de1fc GetStringTypeA
0x4de200 SetUnhandledExceptionFilter
0x4de204 IsBadWritePtr
0x4de208 VirtualAlloc
0x4de20c LCMapStringW
0x4de210 LCMapStringA
0x4de214 SetEnvironmentVariableA
0x4de218 VirtualFree
0x4de21c HeapCreate
0x4de220 HeapDestroy
0x4de224 GetEnvironmentVariableA
0x4de228 GetStdHandle
0x4de22c SetHandleCount
0x4de230 GetEnvironmentStringsW
0x4de234 GetEnvironmentStrings
0x4de238 FreeEnvironmentStringsW
0x4de23c FreeEnvironmentStringsA
0x4de240 UnhandledExceptionFilter
0x4de244 GetFileType
0x4de248 SetStdHandle
0x4de24c TerminateProcess
0x4de250 GetLocalTime
0x4de254 GetSystemTime
0x4de258 CreateSemaphoreA
0x4de25c ResumeThread
0x4de260 ReleaseSemaphore
0x4de264 EnterCriticalSection
0x4de268 LeaveCriticalSection
0x4de26c GetProfileStringA
0x4de270 WriteFile
0x4de274 WaitForMultipleObjects
0x4de278 CreateFileA
0x4de27c SetEvent
0x4de280 FindResourceA
0x4de284 LoadResource
0x4de288 LockResource
0x4de28c ReadFile
0x4de290 lstrlenW
0x4de294 GetModuleFileNameA
0x4de298 WideCharToMultiByte
0x4de29c MultiByteToWideChar
0x4de2a0 GetCurrentThreadId
0x4de2a4 ExitProcess
0x4de2a8 GlobalSize
0x4de2ac GlobalFree
0x4de2b0 DeleteCriticalSection
0x4de2b4 InitializeCriticalSection
0x4de2b8 lstrcatA
0x4de2bc lstrlenA
0x4de2c0 WinExec
0x4de2c4 lstrcpyA
0x4de2c8 FindNextFileA
0x4de2cc GlobalReAlloc
0x4de2d0 HeapFree
0x4de2d4 HeapReAlloc
0x4de2d8 GetProcessHeap
0x4de2dc HeapAlloc
0x4de2e0 GetUserDefaultLCID
0x4de2e4 GetFullPathNameA
0x4de2e8 FreeLibrary
0x4de2ec LoadLibraryA
0x4de2f0 GetLastError
0x4de2f4 GetVersionExA
0x4de2f8 WritePrivateProfileStringA
0x4de2fc CreateThread
0x4de300 CreateEventA
0x4de304 Sleep
0x4de308 GlobalAlloc
0x4de30c GlobalLock
0x4de310 GlobalUnlock
0x4de314 RaiseException
0x4de318 HeapSize
0x4de31c RtlUnwind
0x4de320 GetStartupInfoA
0x4de324 GetOEMCP
0x4de328 GetCPInfo
0x4de32c GetProcessVersion
0x4de330 SetErrorMode
0x4de334 GlobalFlags
0x4de338 GetCurrentThread
0x4de33c GetFileTime
0x4de340 TlsGetValue
0x4de344 LocalReAlloc
0x4de348 TlsSetValue
0x4de34c TlsFree
0x4de350 GlobalHandle
0x4de354 TlsAlloc
0x4de358 LocalAlloc
0x4de35c lstrcmpA
0x4de360 GetVersion
0x4de364 GlobalGetAtomNameA
0x4de368 GlobalAddAtomA
0x4de36c GlobalFindAtomA
0x4de370 GlobalDeleteAtom
0x4de374 lstrcmpiA
0x4de378 MulDiv
0x4de37c GetCommandLineA
0x4de380 GetTickCount
0x4de384 WaitForSingleObject
0x4de388 CloseHandle
0x4de38c SetEndOfFile
0x4de390 UnlockFile
0x4de394 LockFile
USER32.dll
0x4de408 SetClipboardData
0x4de40c EmptyClipboard
0x4de410 GetSystemMetrics
0x4de414 GetCursorPos
0x4de418 MessageBoxA
0x4de41c SetWindowPos
0x4de420 SendMessageA
0x4de424 DestroyCursor
0x4de428 SetParent
0x4de42c IsWindow
0x4de430 PostMessageA
0x4de434 GetTopWindow
0x4de438 GetParent
0x4de43c OpenClipboard
0x4de440 GetClipboardData
0x4de444 GetFocus
0x4de448 GetClientRect
0x4de44c InvalidateRect
0x4de450 ValidateRect
0x4de454 UpdateWindow
0x4de458 EqualRect
0x4de45c GetWindowRect
0x4de460 SetForegroundWindow
0x4de464 DestroyMenu
0x4de468 IsChild
0x4de46c ReleaseDC
0x4de470 IsRectEmpty
0x4de474 FillRect
0x4de478 GetDC
0x4de47c SetCursor
0x4de480 LoadCursorA
0x4de484 CloseClipboard
0x4de488 SetActiveWindow
0x4de48c GetSysColor
0x4de490 SetWindowLongA
0x4de494 GetWindowLongA
0x4de498 RedrawWindow
0x4de49c EnableWindow
0x4de4a0 IsWindowVisible
0x4de4a4 OffsetRect
0x4de4a8 PtInRect
0x4de4ac DestroyIcon
0x4de4b0 IntersectRect
0x4de4b4 InflateRect
0x4de4b8 SetRect
0x4de4bc SetScrollPos
0x4de4c0 SetScrollRange
0x4de4c4 GetScrollRange
0x4de4c8 SetCapture
0x4de4cc GetCapture
0x4de4d0 ReleaseCapture
0x4de4d4 SetTimer
0x4de4d8 KillTimer
0x4de4dc WinHelpA
0x4de4e0 LoadBitmapA
0x4de4e4 CopyRect
0x4de4e8 ChildWindowFromPointEx
0x4de4ec ScreenToClient
0x4de4f0 GetMessagePos
0x4de4f4 SetWindowRgn
0x4de4f8 DestroyAcceleratorTable
0x4de4fc GetWindow
0x4de500 GetActiveWindow
0x4de504 SetFocus
0x4de508 IsIconic
0x4de50c GetSysColorBrush
0x4de510 LoadStringA
0x4de514 wsprintfA
0x4de518 SetCursorPos
0x4de51c CharUpperA
0x4de520 GetClassNameA
0x4de524 GetMenuCheckMarkDimensions
0x4de528 GetMenuState
0x4de52c SetMenuItemBitmaps
0x4de530 CheckMenuItem
0x4de534 MoveWindow
0x4de538 IsDialogMessageA
0x4de53c ScrollWindowEx
0x4de540 SendDlgItemMessageA
0x4de544 MapWindowPoints
0x4de548 AdjustWindowRectEx
0x4de54c GetScrollPos
0x4de550 RegisterClassA
0x4de554 GetMenuItemCount
0x4de558 GetDesktopWindow
0x4de55c SetWindowTextA
0x4de560 LoadIconA
0x4de564 TranslateMessage
0x4de568 DrawFrameControl
0x4de56c DrawEdge
0x4de570 DrawFocusRect
0x4de574 WindowFromPoint
0x4de578 GetMessageA
0x4de57c DispatchMessageA
0x4de580 SetRectEmpty
0x4de584 RegisterClipboardFormatA
0x4de588 CreateIconFromResourceEx
0x4de58c CreateIconFromResource
0x4de590 DrawIconEx
0x4de594 CreatePopupMenu
0x4de598 AppendMenuA
0x4de59c ModifyMenuA
0x4de5a0 CreateMenu
0x4de5a4 CreateAcceleratorTableA
0x4de5a8 GetDlgCtrlID
0x4de5ac GetSubMenu
0x4de5b0 EnableMenuItem
0x4de5b4 ClientToScreen
0x4de5b8 EnumDisplaySettingsA
0x4de5bc LoadImageA
0x4de5c0 SystemParametersInfoA
0x4de5c4 ShowWindow
0x4de5c8 IsWindowEnabled
0x4de5cc TranslateAcceleratorA
0x4de5d0 GetKeyState
0x4de5d4 CopyAcceleratorTableA
0x4de5d8 PostQuitMessage
0x4de5dc IsZoomed
0x4de5e0 GetClassInfoA
0x4de5e4 DefWindowProcA
0x4de5e8 GetSystemMenu
0x4de5ec DeleteMenu
0x4de5f0 GetMenu
0x4de5f4 SetMenu
0x4de5f8 PeekMessageA
0x4de5fc GetWindowTextA
0x4de600 GetWindowTextLengthA
0x4de604 UnregisterClassA
0x4de608 GetWindowDC
0x4de60c BeginPaint
0x4de610 EndPaint
0x4de614 TabbedTextOutA
0x4de618 DrawTextA
0x4de61c GrayStringA
0x4de620 GetDlgItem
0x4de624 DestroyWindow
0x4de628 CreateDialogIndirectParamA
0x4de62c EndDialog
0x4de630 GetNextDlgTabItem
0x4de634 GetWindowPlacement
0x4de638 RegisterWindowMessageA
0x4de63c GetForegroundWindow
0x4de640 GetLastActivePopup
0x4de644 GetMessageTime
0x4de648 RemovePropA
0x4de64c CallWindowProcA
0x4de650 GetPropA
0x4de654 UnhookWindowsHookEx
0x4de658 SetPropA
0x4de65c GetClassLongA
0x4de660 CallNextHookEx
0x4de664 SetWindowsHookExA
0x4de668 CreateWindowExA
0x4de66c GetMenuItemID
GDI32.dll
0x4de034 SetBkMode
0x4de038 SetBkColor
0x4de03c CreateRectRgnIndirect
0x4de040 SetStretchBltMode
0x4de044 GetClipRgn
0x4de048 CreatePolygonRgn
0x4de04c SelectClipRgn
0x4de050 DeleteObject
0x4de054 CreateDIBitmap
0x4de058 GetSystemPaletteEntries
0x4de05c CreatePalette
0x4de060 StretchBlt
0x4de064 SelectPalette
0x4de068 RealizePalette
0x4de06c GetDIBits
0x4de070 GetWindowExtEx
0x4de074 GetViewportOrgEx
0x4de078 GetWindowOrgEx
0x4de07c BeginPath
0x4de080 EndPath
0x4de084 PathToRegion
0x4de088 CreateEllipticRgn
0x4de08c CreateRoundRectRgn
0x4de090 GetTextColor
0x4de094 GetBkMode
0x4de098 GetBkColor
0x4de09c GetROP2
0x4de0a0 GetStretchBltMode
0x4de0a4 GetPolyFillMode
0x4de0a8 CreateCompatibleBitmap
0x4de0ac CreateDCA
0x4de0b0 CreateBitmap
0x4de0b4 SelectObject
0x4de0b8 CreatePen
0x4de0bc PatBlt
0x4de0c0 CombineRgn
0x4de0c4 CreateRectRgn
0x4de0c8 FillRgn
0x4de0cc CreateSolidBrush
0x4de0d0 CreateFontIndirectA
0x4de0d4 GetStockObject
0x4de0d8 GetObjectA
0x4de0dc EndPage
0x4de0e0 EndDoc
0x4de0e4 DeleteDC
0x4de0e8 StartDocA
0x4de0ec StartPage
0x4de0f0 BitBlt
0x4de0f4 CreateCompatibleDC
0x4de0f8 Ellipse
0x4de0fc Rectangle
0x4de100 LPtoDP
0x4de104 DPtoLP
0x4de108 GetCurrentObject
0x4de10c RoundRect
0x4de110 GetTextExtentPoint32A
0x4de114 GetDeviceCaps
0x4de118 SaveDC
0x4de11c RestoreDC
0x4de120 ExcludeClipRect
0x4de124 SetPolyFillMode
0x4de128 SetROP2
0x4de12c SetTextColor
0x4de130 SetMapMode
0x4de134 SetViewportOrgEx
0x4de138 OffsetViewportOrgEx
0x4de13c SetViewportExtEx
0x4de140 ScaleViewportExtEx
0x4de144 SetWindowOrgEx
0x4de148 SetWindowExtEx
0x4de14c ScaleWindowExtEx
0x4de150 GetClipBox
0x4de154 MoveToEx
0x4de158 LineTo
0x4de15c ExtSelectClipRgn
0x4de160 GetTextMetricsA
0x4de164 Escape
0x4de168 ExtTextOutA
0x4de16c TextOutA
0x4de170 RectVisible
0x4de174 PtVisible
0x4de178 GetViewportExtEx
WINMM.dll
0x4de6a0 waveOutRestart
0x4de6a4 waveOutUnprepareHeader
0x4de6a8 waveOutPrepareHeader
0x4de6ac waveOutWrite
0x4de6b0 waveOutPause
0x4de6b4 waveOutReset
0x4de6b8 waveOutClose
0x4de6bc waveOutGetNumDevs
0x4de6c0 waveOutOpen
0x4de6c4 midiOutUnprepareHeader
0x4de6c8 midiStreamOpen
0x4de6cc midiStreamProperty
0x4de6d0 midiOutPrepareHeader
0x4de6d4 midiStreamOut
0x4de6d8 midiStreamStop
0x4de6dc midiOutReset
0x4de6e0 midiStreamClose
0x4de6e4 midiStreamRestart
WINSPOOL.DRV
0x4de6ec ClosePrinter
0x4de6f0 DocumentPropertiesA
0x4de6f4 OpenPrinterA
ADVAPI32.dll
0x4de000 RegCloseKey
0x4de004 RegOpenKeyExA
0x4de008 RegSetValueExA
0x4de00c RegQueryValueA
0x4de010 RegCreateKeyExA
SHELL32.dll
0x4de3f8 ShellExecuteA
0x4de3fc DragQueryFileA
0x4de400 Shell_NotifyIconA
ole32.dll
0x4de784 CLSIDFromProgID
0x4de788 OleRun
0x4de78c CoCreateInstance
0x4de790 CreateStreamOnHGlobal
0x4de794 CLSIDFromString
0x4de798 OleUninitialize
0x4de79c OleInitialize
0x4de7a0 RegisterDragDrop
0x4de7a4 RevokeDragDrop
0x4de7a8 ReleaseStgMedium
OLEAUT32.dll
0x4de39c VariantClear
0x4de3a0 VariantChangeType
0x4de3a4 SafeArrayGetUBound
0x4de3a8 SafeArrayGetLBound
0x4de3ac SafeArrayGetDim
0x4de3b0 SafeArrayUnaccessData
0x4de3b4 SafeArrayGetElement
0x4de3b8 VariantCopyInd
0x4de3bc VariantInit
0x4de3c0 SysAllocString
0x4de3c4 SafeArrayDestroy
0x4de3c8 SafeArrayCreate
0x4de3cc SafeArrayPutElement
0x4de3d0 RegisterTypeLib
0x4de3d4 LHashValOfNameSys
0x4de3d8 LoadTypeLib
0x4de3dc OleCreatePictureIndirect
0x4de3e0 UnRegisterTypeLib
0x4de3e4 SafeArrayAccessData
COMCTL32.dll
0x4de018 ImageList_Read
0x4de01c ImageList_Duplicate
0x4de020 ImageList_GetImageCount
0x4de024 ImageList_SetBkColor
0x4de028 None
0x4de02c ImageList_Destroy
WS2_32.dll
0x4de704 WSAAsyncSelect
0x4de708 send
0x4de70c select
0x4de710 WSACleanup
0x4de714 WSAStartup
0x4de718 gethostbyname
0x4de71c inet_ntoa
0x4de720 inet_addr
0x4de724 closesocket
0x4de728 ntohl
0x4de72c getsockname
0x4de730 htons
0x4de734 ind
0x4de738 htonl
0x4de73c socket
0x4de740 sendto
0x4de744 recvfrom
0x4de748 ioctlsocket
0x4de74c connect
0x4de750 ntohs
0x4de754 __WSAFDIsSet
0x4de758 accept
0x4de75c getpeername
0x4de760 listen
0x4de764 recv
0x4de768 gethostname
WININET.dll
0x4de674 InternetReadFile
0x4de678 InternetCanonicalizeUrlA
0x4de67c InternetCrackUrlA
0x4de680 HttpOpenRequestA
0x4de684 InternetOpenA
0x4de688 InternetCloseHandle
0x4de68c InternetSetOptionA
0x4de690 InternetConnectA
0x4de694 HttpSendRequestA
0x4de698 HttpQueryInfoA
WLDAP32.dll
0x4de6fc None
comdlg32.dll
0x4de770 GetFileTitleA
0x4de774 GetSaveFileNameA
0x4de778 GetOpenFileNameA
0x4de77c ChooseColorA
EAT(Export Address Table) is none
RASAPI32.dll
0x4de3ec RasHangUpA
0x4de3f0 RasGetConnectStatusA
KERNEL32.dll
0x4de180 GetModuleHandleA
0x4de184 GetVolumeInformationA
0x4de188 FlushFileBuffers
0x4de18c SetFilePointer
0x4de190 GetCurrentProcess
0x4de194 DuplicateHandle
0x4de198 lstrcpynA
0x4de19c FileTimeToLocalFileTime
0x4de1a0 LocalFree
0x4de1a4 InterlockedDecrement
0x4de1a8 InterlockedIncrement
0x4de1ac SetCurrentDirectoryA
0x4de1b0 GetFileAttributesA
0x4de1b4 GetProcAddress
0x4de1b8 FindClose
0x4de1bc FindFirstFileA
0x4de1c0 GetACP
0x4de1c4 SuspendThread
0x4de1c8 ReleaseMutex
0x4de1cc CreateMutexA
0x4de1d0 TerminateThread
0x4de1d4 GetFileSize
0x4de1d8 UnmapViewOfFile
0x4de1dc SetLastError
0x4de1e0 GetTimeZoneInformation
0x4de1e4 FileTimeToSystemTime
0x4de1e8 IsBadCodePtr
0x4de1ec IsBadReadPtr
0x4de1f0 CompareStringW
0x4de1f4 CompareStringA
0x4de1f8 GetStringTypeW
0x4de1fc GetStringTypeA
0x4de200 SetUnhandledExceptionFilter
0x4de204 IsBadWritePtr
0x4de208 VirtualAlloc
0x4de20c LCMapStringW
0x4de210 LCMapStringA
0x4de214 SetEnvironmentVariableA
0x4de218 VirtualFree
0x4de21c HeapCreate
0x4de220 HeapDestroy
0x4de224 GetEnvironmentVariableA
0x4de228 GetStdHandle
0x4de22c SetHandleCount
0x4de230 GetEnvironmentStringsW
0x4de234 GetEnvironmentStrings
0x4de238 FreeEnvironmentStringsW
0x4de23c FreeEnvironmentStringsA
0x4de240 UnhandledExceptionFilter
0x4de244 GetFileType
0x4de248 SetStdHandle
0x4de24c TerminateProcess
0x4de250 GetLocalTime
0x4de254 GetSystemTime
0x4de258 CreateSemaphoreA
0x4de25c ResumeThread
0x4de260 ReleaseSemaphore
0x4de264 EnterCriticalSection
0x4de268 LeaveCriticalSection
0x4de26c GetProfileStringA
0x4de270 WriteFile
0x4de274 WaitForMultipleObjects
0x4de278 CreateFileA
0x4de27c SetEvent
0x4de280 FindResourceA
0x4de284 LoadResource
0x4de288 LockResource
0x4de28c ReadFile
0x4de290 lstrlenW
0x4de294 GetModuleFileNameA
0x4de298 WideCharToMultiByte
0x4de29c MultiByteToWideChar
0x4de2a0 GetCurrentThreadId
0x4de2a4 ExitProcess
0x4de2a8 GlobalSize
0x4de2ac GlobalFree
0x4de2b0 DeleteCriticalSection
0x4de2b4 InitializeCriticalSection
0x4de2b8 lstrcatA
0x4de2bc lstrlenA
0x4de2c0 WinExec
0x4de2c4 lstrcpyA
0x4de2c8 FindNextFileA
0x4de2cc GlobalReAlloc
0x4de2d0 HeapFree
0x4de2d4 HeapReAlloc
0x4de2d8 GetProcessHeap
0x4de2dc HeapAlloc
0x4de2e0 GetUserDefaultLCID
0x4de2e4 GetFullPathNameA
0x4de2e8 FreeLibrary
0x4de2ec LoadLibraryA
0x4de2f0 GetLastError
0x4de2f4 GetVersionExA
0x4de2f8 WritePrivateProfileStringA
0x4de2fc CreateThread
0x4de300 CreateEventA
0x4de304 Sleep
0x4de308 GlobalAlloc
0x4de30c GlobalLock
0x4de310 GlobalUnlock
0x4de314 RaiseException
0x4de318 HeapSize
0x4de31c RtlUnwind
0x4de320 GetStartupInfoA
0x4de324 GetOEMCP
0x4de328 GetCPInfo
0x4de32c GetProcessVersion
0x4de330 SetErrorMode
0x4de334 GlobalFlags
0x4de338 GetCurrentThread
0x4de33c GetFileTime
0x4de340 TlsGetValue
0x4de344 LocalReAlloc
0x4de348 TlsSetValue
0x4de34c TlsFree
0x4de350 GlobalHandle
0x4de354 TlsAlloc
0x4de358 LocalAlloc
0x4de35c lstrcmpA
0x4de360 GetVersion
0x4de364 GlobalGetAtomNameA
0x4de368 GlobalAddAtomA
0x4de36c GlobalFindAtomA
0x4de370 GlobalDeleteAtom
0x4de374 lstrcmpiA
0x4de378 MulDiv
0x4de37c GetCommandLineA
0x4de380 GetTickCount
0x4de384 WaitForSingleObject
0x4de388 CloseHandle
0x4de38c SetEndOfFile
0x4de390 UnlockFile
0x4de394 LockFile
USER32.dll
0x4de408 SetClipboardData
0x4de40c EmptyClipboard
0x4de410 GetSystemMetrics
0x4de414 GetCursorPos
0x4de418 MessageBoxA
0x4de41c SetWindowPos
0x4de420 SendMessageA
0x4de424 DestroyCursor
0x4de428 SetParent
0x4de42c IsWindow
0x4de430 PostMessageA
0x4de434 GetTopWindow
0x4de438 GetParent
0x4de43c OpenClipboard
0x4de440 GetClipboardData
0x4de444 GetFocus
0x4de448 GetClientRect
0x4de44c InvalidateRect
0x4de450 ValidateRect
0x4de454 UpdateWindow
0x4de458 EqualRect
0x4de45c GetWindowRect
0x4de460 SetForegroundWindow
0x4de464 DestroyMenu
0x4de468 IsChild
0x4de46c ReleaseDC
0x4de470 IsRectEmpty
0x4de474 FillRect
0x4de478 GetDC
0x4de47c SetCursor
0x4de480 LoadCursorA
0x4de484 CloseClipboard
0x4de488 SetActiveWindow
0x4de48c GetSysColor
0x4de490 SetWindowLongA
0x4de494 GetWindowLongA
0x4de498 RedrawWindow
0x4de49c EnableWindow
0x4de4a0 IsWindowVisible
0x4de4a4 OffsetRect
0x4de4a8 PtInRect
0x4de4ac DestroyIcon
0x4de4b0 IntersectRect
0x4de4b4 InflateRect
0x4de4b8 SetRect
0x4de4bc SetScrollPos
0x4de4c0 SetScrollRange
0x4de4c4 GetScrollRange
0x4de4c8 SetCapture
0x4de4cc GetCapture
0x4de4d0 ReleaseCapture
0x4de4d4 SetTimer
0x4de4d8 KillTimer
0x4de4dc WinHelpA
0x4de4e0 LoadBitmapA
0x4de4e4 CopyRect
0x4de4e8 ChildWindowFromPointEx
0x4de4ec ScreenToClient
0x4de4f0 GetMessagePos
0x4de4f4 SetWindowRgn
0x4de4f8 DestroyAcceleratorTable
0x4de4fc GetWindow
0x4de500 GetActiveWindow
0x4de504 SetFocus
0x4de508 IsIconic
0x4de50c GetSysColorBrush
0x4de510 LoadStringA
0x4de514 wsprintfA
0x4de518 SetCursorPos
0x4de51c CharUpperA
0x4de520 GetClassNameA
0x4de524 GetMenuCheckMarkDimensions
0x4de528 GetMenuState
0x4de52c SetMenuItemBitmaps
0x4de530 CheckMenuItem
0x4de534 MoveWindow
0x4de538 IsDialogMessageA
0x4de53c ScrollWindowEx
0x4de540 SendDlgItemMessageA
0x4de544 MapWindowPoints
0x4de548 AdjustWindowRectEx
0x4de54c GetScrollPos
0x4de550 RegisterClassA
0x4de554 GetMenuItemCount
0x4de558 GetDesktopWindow
0x4de55c SetWindowTextA
0x4de560 LoadIconA
0x4de564 TranslateMessage
0x4de568 DrawFrameControl
0x4de56c DrawEdge
0x4de570 DrawFocusRect
0x4de574 WindowFromPoint
0x4de578 GetMessageA
0x4de57c DispatchMessageA
0x4de580 SetRectEmpty
0x4de584 RegisterClipboardFormatA
0x4de588 CreateIconFromResourceEx
0x4de58c CreateIconFromResource
0x4de590 DrawIconEx
0x4de594 CreatePopupMenu
0x4de598 AppendMenuA
0x4de59c ModifyMenuA
0x4de5a0 CreateMenu
0x4de5a4 CreateAcceleratorTableA
0x4de5a8 GetDlgCtrlID
0x4de5ac GetSubMenu
0x4de5b0 EnableMenuItem
0x4de5b4 ClientToScreen
0x4de5b8 EnumDisplaySettingsA
0x4de5bc LoadImageA
0x4de5c0 SystemParametersInfoA
0x4de5c4 ShowWindow
0x4de5c8 IsWindowEnabled
0x4de5cc TranslateAcceleratorA
0x4de5d0 GetKeyState
0x4de5d4 CopyAcceleratorTableA
0x4de5d8 PostQuitMessage
0x4de5dc IsZoomed
0x4de5e0 GetClassInfoA
0x4de5e4 DefWindowProcA
0x4de5e8 GetSystemMenu
0x4de5ec DeleteMenu
0x4de5f0 GetMenu
0x4de5f4 SetMenu
0x4de5f8 PeekMessageA
0x4de5fc GetWindowTextA
0x4de600 GetWindowTextLengthA
0x4de604 UnregisterClassA
0x4de608 GetWindowDC
0x4de60c BeginPaint
0x4de610 EndPaint
0x4de614 TabbedTextOutA
0x4de618 DrawTextA
0x4de61c GrayStringA
0x4de620 GetDlgItem
0x4de624 DestroyWindow
0x4de628 CreateDialogIndirectParamA
0x4de62c EndDialog
0x4de630 GetNextDlgTabItem
0x4de634 GetWindowPlacement
0x4de638 RegisterWindowMessageA
0x4de63c GetForegroundWindow
0x4de640 GetLastActivePopup
0x4de644 GetMessageTime
0x4de648 RemovePropA
0x4de64c CallWindowProcA
0x4de650 GetPropA
0x4de654 UnhookWindowsHookEx
0x4de658 SetPropA
0x4de65c GetClassLongA
0x4de660 CallNextHookEx
0x4de664 SetWindowsHookExA
0x4de668 CreateWindowExA
0x4de66c GetMenuItemID
GDI32.dll
0x4de034 SetBkMode
0x4de038 SetBkColor
0x4de03c CreateRectRgnIndirect
0x4de040 SetStretchBltMode
0x4de044 GetClipRgn
0x4de048 CreatePolygonRgn
0x4de04c SelectClipRgn
0x4de050 DeleteObject
0x4de054 CreateDIBitmap
0x4de058 GetSystemPaletteEntries
0x4de05c CreatePalette
0x4de060 StretchBlt
0x4de064 SelectPalette
0x4de068 RealizePalette
0x4de06c GetDIBits
0x4de070 GetWindowExtEx
0x4de074 GetViewportOrgEx
0x4de078 GetWindowOrgEx
0x4de07c BeginPath
0x4de080 EndPath
0x4de084 PathToRegion
0x4de088 CreateEllipticRgn
0x4de08c CreateRoundRectRgn
0x4de090 GetTextColor
0x4de094 GetBkMode
0x4de098 GetBkColor
0x4de09c GetROP2
0x4de0a0 GetStretchBltMode
0x4de0a4 GetPolyFillMode
0x4de0a8 CreateCompatibleBitmap
0x4de0ac CreateDCA
0x4de0b0 CreateBitmap
0x4de0b4 SelectObject
0x4de0b8 CreatePen
0x4de0bc PatBlt
0x4de0c0 CombineRgn
0x4de0c4 CreateRectRgn
0x4de0c8 FillRgn
0x4de0cc CreateSolidBrush
0x4de0d0 CreateFontIndirectA
0x4de0d4 GetStockObject
0x4de0d8 GetObjectA
0x4de0dc EndPage
0x4de0e0 EndDoc
0x4de0e4 DeleteDC
0x4de0e8 StartDocA
0x4de0ec StartPage
0x4de0f0 BitBlt
0x4de0f4 CreateCompatibleDC
0x4de0f8 Ellipse
0x4de0fc Rectangle
0x4de100 LPtoDP
0x4de104 DPtoLP
0x4de108 GetCurrentObject
0x4de10c RoundRect
0x4de110 GetTextExtentPoint32A
0x4de114 GetDeviceCaps
0x4de118 SaveDC
0x4de11c RestoreDC
0x4de120 ExcludeClipRect
0x4de124 SetPolyFillMode
0x4de128 SetROP2
0x4de12c SetTextColor
0x4de130 SetMapMode
0x4de134 SetViewportOrgEx
0x4de138 OffsetViewportOrgEx
0x4de13c SetViewportExtEx
0x4de140 ScaleViewportExtEx
0x4de144 SetWindowOrgEx
0x4de148 SetWindowExtEx
0x4de14c ScaleWindowExtEx
0x4de150 GetClipBox
0x4de154 MoveToEx
0x4de158 LineTo
0x4de15c ExtSelectClipRgn
0x4de160 GetTextMetricsA
0x4de164 Escape
0x4de168 ExtTextOutA
0x4de16c TextOutA
0x4de170 RectVisible
0x4de174 PtVisible
0x4de178 GetViewportExtEx
WINMM.dll
0x4de6a0 waveOutRestart
0x4de6a4 waveOutUnprepareHeader
0x4de6a8 waveOutPrepareHeader
0x4de6ac waveOutWrite
0x4de6b0 waveOutPause
0x4de6b4 waveOutReset
0x4de6b8 waveOutClose
0x4de6bc waveOutGetNumDevs
0x4de6c0 waveOutOpen
0x4de6c4 midiOutUnprepareHeader
0x4de6c8 midiStreamOpen
0x4de6cc midiStreamProperty
0x4de6d0 midiOutPrepareHeader
0x4de6d4 midiStreamOut
0x4de6d8 midiStreamStop
0x4de6dc midiOutReset
0x4de6e0 midiStreamClose
0x4de6e4 midiStreamRestart
WINSPOOL.DRV
0x4de6ec ClosePrinter
0x4de6f0 DocumentPropertiesA
0x4de6f4 OpenPrinterA
ADVAPI32.dll
0x4de000 RegCloseKey
0x4de004 RegOpenKeyExA
0x4de008 RegSetValueExA
0x4de00c RegQueryValueA
0x4de010 RegCreateKeyExA
SHELL32.dll
0x4de3f8 ShellExecuteA
0x4de3fc DragQueryFileA
0x4de400 Shell_NotifyIconA
ole32.dll
0x4de784 CLSIDFromProgID
0x4de788 OleRun
0x4de78c CoCreateInstance
0x4de790 CreateStreamOnHGlobal
0x4de794 CLSIDFromString
0x4de798 OleUninitialize
0x4de79c OleInitialize
0x4de7a0 RegisterDragDrop
0x4de7a4 RevokeDragDrop
0x4de7a8 ReleaseStgMedium
OLEAUT32.dll
0x4de39c VariantClear
0x4de3a0 VariantChangeType
0x4de3a4 SafeArrayGetUBound
0x4de3a8 SafeArrayGetLBound
0x4de3ac SafeArrayGetDim
0x4de3b0 SafeArrayUnaccessData
0x4de3b4 SafeArrayGetElement
0x4de3b8 VariantCopyInd
0x4de3bc VariantInit
0x4de3c0 SysAllocString
0x4de3c4 SafeArrayDestroy
0x4de3c8 SafeArrayCreate
0x4de3cc SafeArrayPutElement
0x4de3d0 RegisterTypeLib
0x4de3d4 LHashValOfNameSys
0x4de3d8 LoadTypeLib
0x4de3dc OleCreatePictureIndirect
0x4de3e0 UnRegisterTypeLib
0x4de3e4 SafeArrayAccessData
COMCTL32.dll
0x4de018 ImageList_Read
0x4de01c ImageList_Duplicate
0x4de020 ImageList_GetImageCount
0x4de024 ImageList_SetBkColor
0x4de028 None
0x4de02c ImageList_Destroy
WS2_32.dll
0x4de704 WSAAsyncSelect
0x4de708 send
0x4de70c select
0x4de710 WSACleanup
0x4de714 WSAStartup
0x4de718 gethostbyname
0x4de71c inet_ntoa
0x4de720 inet_addr
0x4de724 closesocket
0x4de728 ntohl
0x4de72c getsockname
0x4de730 htons
0x4de734 ind
0x4de738 htonl
0x4de73c socket
0x4de740 sendto
0x4de744 recvfrom
0x4de748 ioctlsocket
0x4de74c connect
0x4de750 ntohs
0x4de754 __WSAFDIsSet
0x4de758 accept
0x4de75c getpeername
0x4de760 listen
0x4de764 recv
0x4de768 gethostname
WININET.dll
0x4de674 InternetReadFile
0x4de678 InternetCanonicalizeUrlA
0x4de67c InternetCrackUrlA
0x4de680 HttpOpenRequestA
0x4de684 InternetOpenA
0x4de688 InternetCloseHandle
0x4de68c InternetSetOptionA
0x4de690 InternetConnectA
0x4de694 HttpSendRequestA
0x4de698 HttpQueryInfoA
WLDAP32.dll
0x4de6fc None
comdlg32.dll
0x4de770 GetFileTitleA
0x4de774 GetSaveFileNameA
0x4de778 GetOpenFileNameA
0x4de77c ChooseColorA
EAT(Export Address Table) is none