ScreenShot
| Created | 2024.10.02 14:38 | Machine | s1_win7_x6401 |
| Filename | SPOOF.exe | ||
| Type | PE32 executable (console) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 40 detected (AIDetectMalware, lwoF, Malicious, score, Unsafe, confidence, Attribute, HighConfidence, high confidence, FlyStudio, Genkryptik, MalCert, CLASSIC, DownLoad4, Real Protect, Static AI, Malicious PE, OSCF@5rs7jr, Emotet, 11U3QNE, Eldorado, Artemis, Dinwod, frindll, CoinMiner, KillFiles) | ||
| md5 | 801832b0eb4d855a4753bb1af311db93 | ||
| sha256 | 4a963dacd8dd63fb79d0ec9c75da079eca9ffb9e4214c716686966434c9aad36 | ||
| ssdeep | 196608:/72lKkKCAWGgV89oRqt/CdqRc64hv3tmF1b6CffW/sfH6s7zQcKDsVv/JLSF66bI:VWGQFqt/3crv9mF1b6CffW/sfH6s7zQQ | ||
| imphash | 46d8e48c13de471d4398c0067c490431 | ||
| impfuzzy | 192:/KmA3HC0juFp0JZUXN8iL6CTYEocncmc0EB81:2CqCa4kal71 | ||
Network IP location
Signature (15cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 40 AntiVirus engines on VirusTotal as malicious |
| danger | Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Expresses interest in specific running processes |
| notice | Foreign language identified in PE resource |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | Sends data using the HTTP POST Method |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (14cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | ASPack_Zero | ASPack packed file | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | DllRegisterServer_Zero | execute regsvr32.exe | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (8cnts) ?
Suricata ids
PE API
IAT(Import Address Table) Library
WINMM.dll
0x5316e0 midiStreamOut
0x5316e4 midiOutPrepareHeader
0x5316e8 midiStreamProperty
0x5316ec midiStreamOpen
0x5316f0 midiOutUnprepareHeader
0x5316f4 waveOutOpen
0x5316f8 waveOutGetNumDevs
0x5316fc waveOutClose
0x531700 waveOutUnprepareHeader
0x531704 waveOutPrepareHeader
0x531708 waveOutWrite
0x53170c waveOutPause
0x531710 waveOutReset
0x531714 midiStreamStop
0x531718 midiOutReset
0x53171c midiStreamClose
0x531720 midiStreamRestart
WS2_32.dll
0x531738 WSAAsyncSelect
0x53173c send
0x531740 select
0x531744 WSACleanup
0x531748 WSAStartup
0x53174c inet_ntoa
0x531750 recvfrom
0x531754 ioctlsocket
0x531758 recv
0x53175c getpeername
0x531760 accept
0x531764 closesocket
RASAPI32.dll
0x531408 RasHangUpA
0x53140c RasGetConnectStatusA
KERNEL32.dll
0x5311b8 GetWindowsDirectoryA
0x5311bc GetSystemDirectoryA
0x5311c0 SetLastError
0x5311c4 GetTimeZoneInformation
0x5311c8 GetVersion
0x5311cc TerminateThread
0x5311d0 GetOEMCP
0x5311d4 GetCPInfo
0x5311d8 GetProcessVersion
0x5311dc SetErrorMode
0x5311e0 GlobalFlags
0x5311e4 GetCurrentThread
0x5311e8 GetFileTime
0x5311ec TlsGetValue
0x5311f0 LocalReAlloc
0x5311f4 TlsSetValue
0x5311f8 TlsFree
0x5311fc GlobalHandle
0x531200 TlsAlloc
0x531204 LocalAlloc
0x531208 lstrcmpA
0x53120c GlobalGetAtomNameA
0x531210 GlobalAddAtomA
0x531214 GlobalFindAtomA
0x531218 GlobalDeleteAtom
0x53121c lstrcmpiA
0x531220 SetEndOfFile
0x531224 UnlockFile
0x531228 LockFile
0x53122c FlushFileBuffers
0x531230 DuplicateHandle
0x531234 lstrcpynA
0x531238 FileTimeToLocalFileTime
0x53123c LocalFree
0x531240 InterlockedDecrement
0x531244 InterlockedIncrement
0x531248 IsBadReadPtr
0x53124c IsBadCodePtr
0x531250 InterlockedExchange
0x531254 TerminateProcess
0x531258 GetCurrentProcess
0x53125c GetFileSize
0x531260 SetFilePointer
0x531264 CreateSemaphoreA
0x531268 ResumeThread
0x53126c ReleaseSemaphore
0x531270 EnterCriticalSection
0x531274 LeaveCriticalSection
0x531278 GetProfileStringA
0x53127c WriteFile
0x531280 WaitForMultipleObjects
0x531284 CreateFileA
0x531288 SetEvent
0x53128c FindResourceA
0x531290 LoadResource
0x531294 LockResource
0x531298 ReadFile
0x53129c RemoveDirectoryA
0x5312a0 GetModuleFileNameA
0x5312a4 GetCurrentThreadId
0x5312a8 ExitProcess
0x5312ac GlobalSize
0x5312b0 GlobalFree
0x5312b4 DeleteCriticalSection
0x5312b8 InitializeCriticalSection
0x5312bc lstrcatA
0x5312c0 lstrlenA
0x5312c4 WinExec
0x5312c8 lstrcpyA
0x5312cc FindNextFileA
0x5312d0 GlobalReAlloc
0x5312d4 HeapFree
0x5312d8 HeapReAlloc
0x5312dc GetProcessHeap
0x5312e0 HeapAlloc
0x5312e4 MultiByteToWideChar
0x5312e8 WideCharToMultiByte
0x5312ec GetFullPathNameA
0x5312f0 FreeLibrary
0x5312f4 LoadLibraryA
0x5312f8 GetLastError
0x5312fc GetVersionExA
0x531300 WritePrivateProfileStringA
0x531304 CreateThread
0x531308 CreateEventA
0x53130c Sleep
0x531310 ExpandEnvironmentStringsA
0x531314 GlobalAlloc
0x531318 GlobalLock
0x53131c GlobalUnlock
0x531320 GetTempPathA
0x531324 FindFirstFileA
0x531328 FindClose
0x53132c SetFileAttributesA
0x531330 GetFileAttributesA
0x531334 DeleteFileA
0x531338 CreateDirectoryA
0x53133c SetCurrentDirectoryA
0x531340 GetVolumeInformationA
0x531344 GetModuleHandleA
0x531348 CompareStringW
0x53134c GetProcAddress
0x531350 MulDiv
0x531354 GetCommandLineA
0x531358 GetTickCount
0x53135c CreateProcessA
0x531360 WaitForSingleObject
0x531364 CloseHandle
0x531368 GetStartupInfoA
0x53136c RtlUnwind
0x531370 GetSystemTime
0x531374 GetLocalTime
0x531378 RaiseException
0x53137c ReadConsoleInputA
0x531380 SetConsoleMode
0x531384 GetConsoleMode
0x531388 HeapSize
0x53138c GetACP
0x531390 SetStdHandle
0x531394 GetFileType
0x531398 UnhandledExceptionFilter
0x53139c FreeEnvironmentStringsA
0x5313a0 FreeEnvironmentStringsW
0x5313a4 GetEnvironmentStrings
0x5313a8 GetEnvironmentStringsW
0x5313ac SetHandleCount
0x5313b0 GetStdHandle
0x5313b4 GetEnvironmentVariableA
0x5313b8 HeapDestroy
0x5313bc HeapCreate
0x5313c0 VirtualFree
0x5313c4 SetEnvironmentVariableA
0x5313c8 LCMapStringA
0x5313cc LCMapStringW
0x5313d0 VirtualAlloc
0x5313d4 IsBadWritePtr
0x5313d8 SetUnhandledExceptionFilter
0x5313dc GetStringTypeA
0x5313e0 GetStringTypeW
0x5313e4 CompareStringA
0x5313e8 FileTimeToSystemTime
USER32.dll
0x531424 PostQuitMessage
0x531428 IsZoomed
0x53142c GetClassInfoA
0x531430 DefWindowProcA
0x531434 GetSystemMenu
0x531438 DeleteMenu
0x53143c GetMenu
0x531440 SetMenu
0x531444 PeekMessageA
0x531448 IsIconic
0x53144c SetFocus
0x531450 GetActiveWindow
0x531454 GetWindow
0x531458 DestroyAcceleratorTable
0x53145c SetWindowRgn
0x531460 GetMessagePos
0x531464 CopyAcceleratorTableA
0x531468 GetKeyState
0x53146c TranslateAcceleratorA
0x531470 IsWindowEnabled
0x531474 ShowWindow
0x531478 SystemParametersInfoA
0x53147c LoadImageA
0x531480 EnumDisplaySettingsA
0x531484 ClientToScreen
0x531488 EnableMenuItem
0x53148c GetSubMenu
0x531490 LoadStringA
0x531494 RegisterClipboardFormatA
0x531498 SetRectEmpty
0x53149c DispatchMessageA
0x5314a0 GetMessageA
0x5314a4 WindowFromPoint
0x5314a8 DrawFocusRect
0x5314ac DrawEdge
0x5314b0 DrawFrameControl
0x5314b4 TranslateMessage
0x5314b8 LoadIconA
0x5314bc GetDesktopWindow
0x5314c0 GetClassNameA
0x5314c4 UnregisterClassA
0x5314c8 GetDlgItem
0x5314cc GetWindowTextA
0x5314d0 ScreenToClient
0x5314d4 ChildWindowFromPointEx
0x5314d8 CopyRect
0x5314dc LoadBitmapA
0x5314e0 WinHelpA
0x5314e4 SetTimer
0x5314e8 ReleaseCapture
0x5314ec GetCapture
0x5314f0 SetCapture
0x5314f4 GetScrollRange
0x5314f8 SetScrollRange
0x5314fc SetScrollPos
0x531500 SetRect
0x531504 InflateRect
0x531508 IntersectRect
0x53150c DestroyIcon
0x531510 PtInRect
0x531514 OffsetRect
0x531518 GetMenuCheckMarkDimensions
0x53151c SetMenuItemBitmaps
0x531520 CheckMenuItem
0x531524 IsDialogMessageA
0x531528 ScrollWindowEx
0x53152c GetDlgCtrlID
0x531530 SendDlgItemMessageA
0x531534 MapWindowPoints
0x531538 AdjustWindowRectEx
0x53153c GetScrollPos
0x531540 RegisterClassA
0x531544 CreateWindowExA
0x531548 GetClassLongA
0x53154c RemovePropA
0x531550 GetMessageTime
0x531554 GetLastActivePopup
0x531558 RegisterWindowMessageA
0x53155c GetWindowPlacement
0x531560 GetNextDlgTabItem
0x531564 EndDialog
0x531568 CreateDialogIndirectParamA
0x53156c DestroyWindow
0x531570 EndPaint
0x531574 BeginPaint
0x531578 CharUpperA
0x53157c GetWindowTextLengthA
0x531580 IsWindowVisible
0x531584 EnableWindow
0x531588 RedrawWindow
0x53158c GetWindowLongA
0x531590 SetWindowLongA
0x531594 GetSysColor
0x531598 SetActiveWindow
0x53159c SetCursorPos
0x5315a0 LoadCursorA
0x5315a4 SetCursor
0x5315a8 GetDC
0x5315ac FillRect
0x5315b0 IsRectEmpty
0x5315b4 ReleaseDC
0x5315b8 IsChild
0x5315bc TrackPopupMenu
0x5315c0 DestroyMenu
0x5315c4 SetForegroundWindow
0x5315c8 GetWindowRect
0x5315cc EqualRect
0x5315d0 UpdateWindow
0x5315d4 ValidateRect
0x5315d8 InvalidateRect
0x5315dc GetClientRect
0x5315e0 GetFocus
0x5315e4 GetParent
0x5315e8 GetTopWindow
0x5315ec PostMessageA
0x5315f0 IsWindow
0x5315f4 SetParent
0x5315f8 DestroyCursor
0x5315fc SendMessageA
0x531600 SetWindowPos
0x531604 MessageBoxA
0x531608 GetCursorPos
0x53160c GetSystemMetrics
0x531610 EmptyClipboard
0x531614 SetClipboardData
0x531618 OpenClipboard
0x53161c GetClipboardData
0x531620 CloseClipboard
0x531624 wsprintfA
0x531628 WaitForInputIdle
0x53162c CreateAcceleratorTableA
0x531630 CreateMenu
0x531634 GetSysColorBrush
0x531638 ModifyMenuA
0x53163c AppendMenuA
0x531640 SetWindowTextA
0x531644 GetCursor
0x531648 DrawTextA
0x53164c SetPropA
0x531650 CallWindowProcA
0x531654 MoveWindow
0x531658 GetPropA
0x53165c FrameRect
0x531660 SetWindowsHookExA
0x531664 CallNextHookEx
0x531668 UnhookWindowsHookEx
0x53166c GetWindowDC
0x531670 WindowFromDC
0x531674 TabbedTextOutA
0x531678 GrayStringA
0x53167c DrawStateA
0x531680 GetTabbedTextExtentA
0x531684 GetMenuState
0x531688 GetMenuStringA
0x53168c GetMenuItemID
0x531690 GetMenuItemCount
0x531694 GetForegroundWindow
0x531698 CreatePopupMenu
0x53169c DrawIconEx
0x5316a0 CreateIconFromResource
0x5316a4 CreateIconFromResourceEx
0x5316a8 KillTimer
0x5316ac EnumChildWindows
GDI32.dll
0x531058 LineTo
0x53105c MoveToEx
0x531060 ExcludeClipRect
0x531064 GetClipBox
0x531068 ScaleWindowExtEx
0x53106c SetWindowExtEx
0x531070 GetTextExtentPoint32A
0x531074 GetDeviceCaps
0x531078 GetStretchBltMode
0x53107c GetROP2
0x531080 GetBkColor
0x531084 GetBkMode
0x531088 GetTextColor
0x53108c CreateRoundRectRgn
0x531090 CreateEllipticRgn
0x531094 PathToRegion
0x531098 EndPath
0x53109c BeginPath
0x5310a0 GetWindowOrgEx
0x5310a4 GetViewportOrgEx
0x5310a8 GetWindowExtEx
0x5310ac GetDIBits
0x5310b0 RealizePalette
0x5310b4 StretchBlt
0x5310b8 CreatePalette
0x5310bc GetSystemPaletteEntries
0x5310c0 CreateDIBitmap
0x5310c4 DeleteObject
0x5310c8 SelectClipRgn
0x5310cc CreatePolygonRgn
0x5310d0 GetClipRgn
0x5310d4 SetStretchBltMode
0x5310d8 SetPixel
0x5310dc CreateRectRgnIndirect
0x5310e0 SetBkColor
0x5310e4 SetBkMode
0x5310e8 SetTextColor
0x5310ec SetWindowOrgEx
0x5310f0 SaveDC
0x5310f4 RestoreDC
0x5310f8 CreatePenIndirect
0x5310fc PtVisible
0x531100 RectVisible
0x531104 TextOutA
0x531108 ExtTextOutA
0x53110c Escape
0x531110 ScaleViewportExtEx
0x531114 SetViewportExtEx
0x531118 OffsetViewportOrgEx
0x53111c SetViewportOrgEx
0x531120 SetMapMode
0x531124 SetROP2
0x531128 SetPolyFillMode
0x53112c ExtSelectClipRgn
0x531130 GetViewportExtEx
0x531134 GetTextMetricsA
0x531138 RoundRect
0x53113c GetCurrentObject
0x531140 DPtoLP
0x531144 LPtoDP
0x531148 Rectangle
0x53114c Ellipse
0x531150 SetPixelV
0x531154 CreateCompatibleDC
0x531158 GetPixel
0x53115c BitBlt
0x531160 StartPage
0x531164 StartDocA
0x531168 DeleteDC
0x53116c EndDoc
0x531170 EndPage
0x531174 CreateFontIndirectA
0x531178 GetStockObject
0x53117c CreateSolidBrush
0x531180 FillRgn
0x531184 CreateRectRgn
0x531188 CombineRgn
0x53118c PatBlt
0x531190 CreatePen
0x531194 GetObjectA
0x531198 SelectObject
0x53119c CreateBitmap
0x5311a0 CreateBrushIndirect
0x5311a4 CreateDCA
0x5311a8 CreateCompatibleBitmap
0x5311ac SelectPalette
0x5311b0 GetPolyFillMode
MSIMG32.dll
0x5313f0 GradientFill
WINSPOOL.DRV
0x531728 DocumentPropertiesA
0x53172c OpenPrinterA
0x531730 ClosePrinter
ADVAPI32.dll
0x531000 RegQueryValueExA
0x531004 RegOpenKeyExA
0x531008 RegSetValueExA
0x53100c RegCreateKeyA
0x531010 RegDeleteValueA
0x531014 RegDeleteKeyA
0x531018 RegQueryValueA
0x53101c RegCreateKeyExA
0x531020 RegCloseKey
SHELL32.dll
0x531414 SHGetSpecialFolderPathA
0x531418 ShellExecuteA
0x53141c Shell_NotifyIconA
ole32.dll
0x531780 CLSIDFromString
0x531784 OleUninitialize
0x531788 OleInitialize
OLEAUT32.dll
0x5313f8 LoadTypeLib
0x5313fc RegisterTypeLib
0x531400 UnRegisterTypeLib
COMCTL32.dll
0x531028 ImageList_Draw
0x53102c ImageList_GetImageInfo
0x531030 _TrackMouseEvent
0x531034 ImageList_GetImageCount
0x531038 ImageList_AddMasked
0x53103c ImageList_GetIcon
0x531040 ImageList_SetBkColor
0x531044 None
0x531048 ImageList_Destroy
0x53104c ImageList_Create
0x531050 ImageList_DrawIndirect
WININET.dll
0x5316b4 InternetCanonicalizeUrlA
0x5316b8 InternetCrackUrlA
0x5316bc HttpOpenRequestA
0x5316c0 HttpSendRequestA
0x5316c4 HttpQueryInfoA
0x5316c8 InternetConnectA
0x5316cc InternetSetOptionA
0x5316d0 InternetOpenA
0x5316d4 InternetCloseHandle
0x5316d8 InternetReadFile
comdlg32.dll
0x53176c ChooseColorA
0x531770 GetOpenFileNameA
0x531774 GetFileTitleA
0x531778 GetSaveFileNameA
EAT(Export Address Table) is none
WINMM.dll
0x5316e0 midiStreamOut
0x5316e4 midiOutPrepareHeader
0x5316e8 midiStreamProperty
0x5316ec midiStreamOpen
0x5316f0 midiOutUnprepareHeader
0x5316f4 waveOutOpen
0x5316f8 waveOutGetNumDevs
0x5316fc waveOutClose
0x531700 waveOutUnprepareHeader
0x531704 waveOutPrepareHeader
0x531708 waveOutWrite
0x53170c waveOutPause
0x531710 waveOutReset
0x531714 midiStreamStop
0x531718 midiOutReset
0x53171c midiStreamClose
0x531720 midiStreamRestart
WS2_32.dll
0x531738 WSAAsyncSelect
0x53173c send
0x531740 select
0x531744 WSACleanup
0x531748 WSAStartup
0x53174c inet_ntoa
0x531750 recvfrom
0x531754 ioctlsocket
0x531758 recv
0x53175c getpeername
0x531760 accept
0x531764 closesocket
RASAPI32.dll
0x531408 RasHangUpA
0x53140c RasGetConnectStatusA
KERNEL32.dll
0x5311b8 GetWindowsDirectoryA
0x5311bc GetSystemDirectoryA
0x5311c0 SetLastError
0x5311c4 GetTimeZoneInformation
0x5311c8 GetVersion
0x5311cc TerminateThread
0x5311d0 GetOEMCP
0x5311d4 GetCPInfo
0x5311d8 GetProcessVersion
0x5311dc SetErrorMode
0x5311e0 GlobalFlags
0x5311e4 GetCurrentThread
0x5311e8 GetFileTime
0x5311ec TlsGetValue
0x5311f0 LocalReAlloc
0x5311f4 TlsSetValue
0x5311f8 TlsFree
0x5311fc GlobalHandle
0x531200 TlsAlloc
0x531204 LocalAlloc
0x531208 lstrcmpA
0x53120c GlobalGetAtomNameA
0x531210 GlobalAddAtomA
0x531214 GlobalFindAtomA
0x531218 GlobalDeleteAtom
0x53121c lstrcmpiA
0x531220 SetEndOfFile
0x531224 UnlockFile
0x531228 LockFile
0x53122c FlushFileBuffers
0x531230 DuplicateHandle
0x531234 lstrcpynA
0x531238 FileTimeToLocalFileTime
0x53123c LocalFree
0x531240 InterlockedDecrement
0x531244 InterlockedIncrement
0x531248 IsBadReadPtr
0x53124c IsBadCodePtr
0x531250 InterlockedExchange
0x531254 TerminateProcess
0x531258 GetCurrentProcess
0x53125c GetFileSize
0x531260 SetFilePointer
0x531264 CreateSemaphoreA
0x531268 ResumeThread
0x53126c ReleaseSemaphore
0x531270 EnterCriticalSection
0x531274 LeaveCriticalSection
0x531278 GetProfileStringA
0x53127c WriteFile
0x531280 WaitForMultipleObjects
0x531284 CreateFileA
0x531288 SetEvent
0x53128c FindResourceA
0x531290 LoadResource
0x531294 LockResource
0x531298 ReadFile
0x53129c RemoveDirectoryA
0x5312a0 GetModuleFileNameA
0x5312a4 GetCurrentThreadId
0x5312a8 ExitProcess
0x5312ac GlobalSize
0x5312b0 GlobalFree
0x5312b4 DeleteCriticalSection
0x5312b8 InitializeCriticalSection
0x5312bc lstrcatA
0x5312c0 lstrlenA
0x5312c4 WinExec
0x5312c8 lstrcpyA
0x5312cc FindNextFileA
0x5312d0 GlobalReAlloc
0x5312d4 HeapFree
0x5312d8 HeapReAlloc
0x5312dc GetProcessHeap
0x5312e0 HeapAlloc
0x5312e4 MultiByteToWideChar
0x5312e8 WideCharToMultiByte
0x5312ec GetFullPathNameA
0x5312f0 FreeLibrary
0x5312f4 LoadLibraryA
0x5312f8 GetLastError
0x5312fc GetVersionExA
0x531300 WritePrivateProfileStringA
0x531304 CreateThread
0x531308 CreateEventA
0x53130c Sleep
0x531310 ExpandEnvironmentStringsA
0x531314 GlobalAlloc
0x531318 GlobalLock
0x53131c GlobalUnlock
0x531320 GetTempPathA
0x531324 FindFirstFileA
0x531328 FindClose
0x53132c SetFileAttributesA
0x531330 GetFileAttributesA
0x531334 DeleteFileA
0x531338 CreateDirectoryA
0x53133c SetCurrentDirectoryA
0x531340 GetVolumeInformationA
0x531344 GetModuleHandleA
0x531348 CompareStringW
0x53134c GetProcAddress
0x531350 MulDiv
0x531354 GetCommandLineA
0x531358 GetTickCount
0x53135c CreateProcessA
0x531360 WaitForSingleObject
0x531364 CloseHandle
0x531368 GetStartupInfoA
0x53136c RtlUnwind
0x531370 GetSystemTime
0x531374 GetLocalTime
0x531378 RaiseException
0x53137c ReadConsoleInputA
0x531380 SetConsoleMode
0x531384 GetConsoleMode
0x531388 HeapSize
0x53138c GetACP
0x531390 SetStdHandle
0x531394 GetFileType
0x531398 UnhandledExceptionFilter
0x53139c FreeEnvironmentStringsA
0x5313a0 FreeEnvironmentStringsW
0x5313a4 GetEnvironmentStrings
0x5313a8 GetEnvironmentStringsW
0x5313ac SetHandleCount
0x5313b0 GetStdHandle
0x5313b4 GetEnvironmentVariableA
0x5313b8 HeapDestroy
0x5313bc HeapCreate
0x5313c0 VirtualFree
0x5313c4 SetEnvironmentVariableA
0x5313c8 LCMapStringA
0x5313cc LCMapStringW
0x5313d0 VirtualAlloc
0x5313d4 IsBadWritePtr
0x5313d8 SetUnhandledExceptionFilter
0x5313dc GetStringTypeA
0x5313e0 GetStringTypeW
0x5313e4 CompareStringA
0x5313e8 FileTimeToSystemTime
USER32.dll
0x531424 PostQuitMessage
0x531428 IsZoomed
0x53142c GetClassInfoA
0x531430 DefWindowProcA
0x531434 GetSystemMenu
0x531438 DeleteMenu
0x53143c GetMenu
0x531440 SetMenu
0x531444 PeekMessageA
0x531448 IsIconic
0x53144c SetFocus
0x531450 GetActiveWindow
0x531454 GetWindow
0x531458 DestroyAcceleratorTable
0x53145c SetWindowRgn
0x531460 GetMessagePos
0x531464 CopyAcceleratorTableA
0x531468 GetKeyState
0x53146c TranslateAcceleratorA
0x531470 IsWindowEnabled
0x531474 ShowWindow
0x531478 SystemParametersInfoA
0x53147c LoadImageA
0x531480 EnumDisplaySettingsA
0x531484 ClientToScreen
0x531488 EnableMenuItem
0x53148c GetSubMenu
0x531490 LoadStringA
0x531494 RegisterClipboardFormatA
0x531498 SetRectEmpty
0x53149c DispatchMessageA
0x5314a0 GetMessageA
0x5314a4 WindowFromPoint
0x5314a8 DrawFocusRect
0x5314ac DrawEdge
0x5314b0 DrawFrameControl
0x5314b4 TranslateMessage
0x5314b8 LoadIconA
0x5314bc GetDesktopWindow
0x5314c0 GetClassNameA
0x5314c4 UnregisterClassA
0x5314c8 GetDlgItem
0x5314cc GetWindowTextA
0x5314d0 ScreenToClient
0x5314d4 ChildWindowFromPointEx
0x5314d8 CopyRect
0x5314dc LoadBitmapA
0x5314e0 WinHelpA
0x5314e4 SetTimer
0x5314e8 ReleaseCapture
0x5314ec GetCapture
0x5314f0 SetCapture
0x5314f4 GetScrollRange
0x5314f8 SetScrollRange
0x5314fc SetScrollPos
0x531500 SetRect
0x531504 InflateRect
0x531508 IntersectRect
0x53150c DestroyIcon
0x531510 PtInRect
0x531514 OffsetRect
0x531518 GetMenuCheckMarkDimensions
0x53151c SetMenuItemBitmaps
0x531520 CheckMenuItem
0x531524 IsDialogMessageA
0x531528 ScrollWindowEx
0x53152c GetDlgCtrlID
0x531530 SendDlgItemMessageA
0x531534 MapWindowPoints
0x531538 AdjustWindowRectEx
0x53153c GetScrollPos
0x531540 RegisterClassA
0x531544 CreateWindowExA
0x531548 GetClassLongA
0x53154c RemovePropA
0x531550 GetMessageTime
0x531554 GetLastActivePopup
0x531558 RegisterWindowMessageA
0x53155c GetWindowPlacement
0x531560 GetNextDlgTabItem
0x531564 EndDialog
0x531568 CreateDialogIndirectParamA
0x53156c DestroyWindow
0x531570 EndPaint
0x531574 BeginPaint
0x531578 CharUpperA
0x53157c GetWindowTextLengthA
0x531580 IsWindowVisible
0x531584 EnableWindow
0x531588 RedrawWindow
0x53158c GetWindowLongA
0x531590 SetWindowLongA
0x531594 GetSysColor
0x531598 SetActiveWindow
0x53159c SetCursorPos
0x5315a0 LoadCursorA
0x5315a4 SetCursor
0x5315a8 GetDC
0x5315ac FillRect
0x5315b0 IsRectEmpty
0x5315b4 ReleaseDC
0x5315b8 IsChild
0x5315bc TrackPopupMenu
0x5315c0 DestroyMenu
0x5315c4 SetForegroundWindow
0x5315c8 GetWindowRect
0x5315cc EqualRect
0x5315d0 UpdateWindow
0x5315d4 ValidateRect
0x5315d8 InvalidateRect
0x5315dc GetClientRect
0x5315e0 GetFocus
0x5315e4 GetParent
0x5315e8 GetTopWindow
0x5315ec PostMessageA
0x5315f0 IsWindow
0x5315f4 SetParent
0x5315f8 DestroyCursor
0x5315fc SendMessageA
0x531600 SetWindowPos
0x531604 MessageBoxA
0x531608 GetCursorPos
0x53160c GetSystemMetrics
0x531610 EmptyClipboard
0x531614 SetClipboardData
0x531618 OpenClipboard
0x53161c GetClipboardData
0x531620 CloseClipboard
0x531624 wsprintfA
0x531628 WaitForInputIdle
0x53162c CreateAcceleratorTableA
0x531630 CreateMenu
0x531634 GetSysColorBrush
0x531638 ModifyMenuA
0x53163c AppendMenuA
0x531640 SetWindowTextA
0x531644 GetCursor
0x531648 DrawTextA
0x53164c SetPropA
0x531650 CallWindowProcA
0x531654 MoveWindow
0x531658 GetPropA
0x53165c FrameRect
0x531660 SetWindowsHookExA
0x531664 CallNextHookEx
0x531668 UnhookWindowsHookEx
0x53166c GetWindowDC
0x531670 WindowFromDC
0x531674 TabbedTextOutA
0x531678 GrayStringA
0x53167c DrawStateA
0x531680 GetTabbedTextExtentA
0x531684 GetMenuState
0x531688 GetMenuStringA
0x53168c GetMenuItemID
0x531690 GetMenuItemCount
0x531694 GetForegroundWindow
0x531698 CreatePopupMenu
0x53169c DrawIconEx
0x5316a0 CreateIconFromResource
0x5316a4 CreateIconFromResourceEx
0x5316a8 KillTimer
0x5316ac EnumChildWindows
GDI32.dll
0x531058 LineTo
0x53105c MoveToEx
0x531060 ExcludeClipRect
0x531064 GetClipBox
0x531068 ScaleWindowExtEx
0x53106c SetWindowExtEx
0x531070 GetTextExtentPoint32A
0x531074 GetDeviceCaps
0x531078 GetStretchBltMode
0x53107c GetROP2
0x531080 GetBkColor
0x531084 GetBkMode
0x531088 GetTextColor
0x53108c CreateRoundRectRgn
0x531090 CreateEllipticRgn
0x531094 PathToRegion
0x531098 EndPath
0x53109c BeginPath
0x5310a0 GetWindowOrgEx
0x5310a4 GetViewportOrgEx
0x5310a8 GetWindowExtEx
0x5310ac GetDIBits
0x5310b0 RealizePalette
0x5310b4 StretchBlt
0x5310b8 CreatePalette
0x5310bc GetSystemPaletteEntries
0x5310c0 CreateDIBitmap
0x5310c4 DeleteObject
0x5310c8 SelectClipRgn
0x5310cc CreatePolygonRgn
0x5310d0 GetClipRgn
0x5310d4 SetStretchBltMode
0x5310d8 SetPixel
0x5310dc CreateRectRgnIndirect
0x5310e0 SetBkColor
0x5310e4 SetBkMode
0x5310e8 SetTextColor
0x5310ec SetWindowOrgEx
0x5310f0 SaveDC
0x5310f4 RestoreDC
0x5310f8 CreatePenIndirect
0x5310fc PtVisible
0x531100 RectVisible
0x531104 TextOutA
0x531108 ExtTextOutA
0x53110c Escape
0x531110 ScaleViewportExtEx
0x531114 SetViewportExtEx
0x531118 OffsetViewportOrgEx
0x53111c SetViewportOrgEx
0x531120 SetMapMode
0x531124 SetROP2
0x531128 SetPolyFillMode
0x53112c ExtSelectClipRgn
0x531130 GetViewportExtEx
0x531134 GetTextMetricsA
0x531138 RoundRect
0x53113c GetCurrentObject
0x531140 DPtoLP
0x531144 LPtoDP
0x531148 Rectangle
0x53114c Ellipse
0x531150 SetPixelV
0x531154 CreateCompatibleDC
0x531158 GetPixel
0x53115c BitBlt
0x531160 StartPage
0x531164 StartDocA
0x531168 DeleteDC
0x53116c EndDoc
0x531170 EndPage
0x531174 CreateFontIndirectA
0x531178 GetStockObject
0x53117c CreateSolidBrush
0x531180 FillRgn
0x531184 CreateRectRgn
0x531188 CombineRgn
0x53118c PatBlt
0x531190 CreatePen
0x531194 GetObjectA
0x531198 SelectObject
0x53119c CreateBitmap
0x5311a0 CreateBrushIndirect
0x5311a4 CreateDCA
0x5311a8 CreateCompatibleBitmap
0x5311ac SelectPalette
0x5311b0 GetPolyFillMode
MSIMG32.dll
0x5313f0 GradientFill
WINSPOOL.DRV
0x531728 DocumentPropertiesA
0x53172c OpenPrinterA
0x531730 ClosePrinter
ADVAPI32.dll
0x531000 RegQueryValueExA
0x531004 RegOpenKeyExA
0x531008 RegSetValueExA
0x53100c RegCreateKeyA
0x531010 RegDeleteValueA
0x531014 RegDeleteKeyA
0x531018 RegQueryValueA
0x53101c RegCreateKeyExA
0x531020 RegCloseKey
SHELL32.dll
0x531414 SHGetSpecialFolderPathA
0x531418 ShellExecuteA
0x53141c Shell_NotifyIconA
ole32.dll
0x531780 CLSIDFromString
0x531784 OleUninitialize
0x531788 OleInitialize
OLEAUT32.dll
0x5313f8 LoadTypeLib
0x5313fc RegisterTypeLib
0x531400 UnRegisterTypeLib
COMCTL32.dll
0x531028 ImageList_Draw
0x53102c ImageList_GetImageInfo
0x531030 _TrackMouseEvent
0x531034 ImageList_GetImageCount
0x531038 ImageList_AddMasked
0x53103c ImageList_GetIcon
0x531040 ImageList_SetBkColor
0x531044 None
0x531048 ImageList_Destroy
0x53104c ImageList_Create
0x531050 ImageList_DrawIndirect
WININET.dll
0x5316b4 InternetCanonicalizeUrlA
0x5316b8 InternetCrackUrlA
0x5316bc HttpOpenRequestA
0x5316c0 HttpSendRequestA
0x5316c4 HttpQueryInfoA
0x5316c8 InternetConnectA
0x5316cc InternetSetOptionA
0x5316d0 InternetOpenA
0x5316d4 InternetCloseHandle
0x5316d8 InternetReadFile
comdlg32.dll
0x53176c ChooseColorA
0x531770 GetOpenFileNameA
0x531774 GetFileTitleA
0x531778 GetSaveFileNameA
EAT(Export Address Table) is none