ScreenShot
| Created | 2024.10.12 09:39 | Machine | s1_win7_x6403 |
| Filename | 1654365431.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 12 detected (V1m1, Attribute, HighConfidence, DropperX, Hacktool, RDPWrap, LESS, bWQ1OjpfhfdBffwb, MulDrop28, Sonbokli, Artemis) | ||
| md5 | 31d649663149dabd99c51b71e60a4a91 | ||
| sha256 | 2acb9052db5b304a822f8cd1169e31327e967e06ff78064997ea8a5003e783ec | ||
| ssdeep | 49152:eDShb1KwGF4Ilow5sADndfK0IptgSoP6MRM2BTXwmlPJmqHc4a/:LQK0/lX9PJhHc | ||
| imphash | bf7e94a88b651f53cc57bdb23fcd2c2f | ||
| impfuzzy | 192:oc58u5RuuNwEUh99KSoSN5TUlgXF9bVH1YhrPbOQHxxJn:AuTN+9O8VJp1yPbOQHx7n | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| watch | Communicates with host for which no DNS query was performed |
| watch | File has been identified by 12 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Foreign language identified in PE resource |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x8a92c0 SysFreeString
0x8a92c8 SysReAllocStringLen
0x8a92d0 SysAllocStringLen
advapi32.dll
0x8a92e0 RegQueryValueExW
0x8a92e8 RegOpenKeyExW
0x8a92f0 RegCloseKey
user32.dll
0x8a9300 CharNextW
0x8a9308 LoadStringW
kernel32.dll
0x8a9318 Sleep
0x8a9320 VirtualFree
0x8a9328 VirtualAlloc
0x8a9330 lstrlenW
0x8a9338 VirtualQuery
0x8a9340 QueryPerformanceCounter
0x8a9348 GetTickCount
0x8a9350 GetSystemInfo
0x8a9358 GetVersion
0x8a9360 CompareStringW
0x8a9368 IsDBCSLeadByteEx
0x8a9370 IsValidLocale
0x8a9378 SetThreadLocale
0x8a9380 GetSystemDefaultUILanguage
0x8a9388 GetUserDefaultUILanguage
0x8a9390 GetLocaleInfoW
0x8a9398 WideCharToMultiByte
0x8a93a0 MultiByteToWideChar
0x8a93a8 GetConsoleOutputCP
0x8a93b0 GetConsoleCP
0x8a93b8 GetACP
0x8a93c0 LoadLibraryExW
0x8a93c8 GetStartupInfoW
0x8a93d0 GetProcAddress
0x8a93d8 GetModuleHandleW
0x8a93e0 GetModuleFileNameW
0x8a93e8 GetCommandLineW
0x8a93f0 FreeLibrary
0x8a93f8 GetLastError
0x8a9400 UnhandledExceptionFilter
0x8a9408 RtlUnwindEx
0x8a9410 RtlUnwind
0x8a9418 RaiseException
0x8a9420 ExitProcess
0x8a9428 ExitThread
0x8a9430 SwitchToThread
0x8a9438 GetCurrentThreadId
0x8a9440 CreateThread
0x8a9448 DeleteCriticalSection
0x8a9450 LeaveCriticalSection
0x8a9458 EnterCriticalSection
0x8a9460 InitializeCriticalSection
0x8a9468 FindFirstFileW
0x8a9470 FindClose
0x8a9478 WriteFile
0x8a9480 SetFilePointer
0x8a9488 SetEndOfFile
0x8a9490 ReadFile
0x8a9498 GetFileType
0x8a94a0 GetFileSize
0x8a94a8 CreateFileW
0x8a94b0 GetStdHandle
0x8a94b8 CloseHandle
kernel32.dll
0x8a94c8 GetProcAddress
0x8a94d0 RaiseException
0x8a94d8 LoadLibraryA
0x8a94e0 GetLastError
0x8a94e8 TlsSetValue
0x8a94f0 TlsGetValue
0x8a94f8 LocalFree
0x8a9500 LocalAlloc
0x8a9508 GetModuleHandleW
0x8a9510 FreeLibrary
user32.dll
0x8a9520 SetClassLongPtrW
0x8a9528 GetClassLongPtrW
0x8a9530 SetWindowLongPtrW
0x8a9538 GetWindowLongPtrW
0x8a9540 CreateWindowExW
0x8a9548 WindowFromPoint
0x8a9550 WaitMessage
0x8a9558 UpdateWindow
0x8a9560 UnregisterClassW
0x8a9568 UnhookWindowsHookEx
0x8a9570 TranslateMessage
0x8a9578 TranslateMDISysAccel
0x8a9580 TrackPopupMenu
0x8a9588 SystemParametersInfoW
0x8a9590 ShowWindow
0x8a9598 ShowScrollBar
0x8a95a0 ShowOwnedPopups
0x8a95a8 ShowCaret
0x8a95b0 SetWindowRgn
0x8a95b8 SetWindowsHookExW
0x8a95c0 SetWindowTextW
0x8a95c8 SetWindowPos
0x8a95d0 SetWindowPlacement
0x8a95d8 SetTimer
0x8a95e0 SetScrollRange
0x8a95e8 SetScrollPos
0x8a95f0 SetScrollInfo
0x8a95f8 SetRect
0x8a9600 SetPropW
0x8a9608 SetParent
0x8a9610 SetMenuItemInfoW
0x8a9618 SetMenu
0x8a9620 SetForegroundWindow
0x8a9628 SetFocus
0x8a9630 SetCursorPos
0x8a9638 SetCursor
0x8a9640 SetClipboardData
0x8a9648 SetCapture
0x8a9650 SetActiveWindow
0x8a9658 SendMessageA
0x8a9660 SendMessageW
0x8a9668 ScrollWindow
0x8a9670 ScreenToClient
0x8a9678 RemovePropW
0x8a9680 RemoveMenu
0x8a9688 ReleaseDC
0x8a9690 ReleaseCapture
0x8a9698 RegisterWindowMessageW
0x8a96a0 RegisterClipboardFormatW
0x8a96a8 RegisterClassW
0x8a96b0 RedrawWindow
0x8a96b8 PostQuitMessage
0x8a96c0 PostMessageW
0x8a96c8 PeekMessageA
0x8a96d0 PeekMessageW
0x8a96d8 OpenClipboard
0x8a96e0 MsgWaitForMultipleObjectsEx
0x8a96e8 MsgWaitForMultipleObjects
0x8a96f0 MessageBoxW
0x8a96f8 MessageBeep
0x8a9700 MapWindowPoints
0x8a9708 MapVirtualKeyW
0x8a9710 LoadStringW
0x8a9718 LoadKeyboardLayoutW
0x8a9720 LoadIconW
0x8a9728 LoadCursorW
0x8a9730 LoadBitmapW
0x8a9738 KillTimer
0x8a9740 IsZoomed
0x8a9748 IsWindowVisible
0x8a9750 IsWindowUnicode
0x8a9758 IsWindowEnabled
0x8a9760 IsWindow
0x8a9768 IsIconic
0x8a9770 IsDialogMessageA
0x8a9778 IsDialogMessageW
0x8a9780 IsChild
0x8a9788 InvalidateRect
0x8a9790 InsertMenuItemW
0x8a9798 InsertMenuW
0x8a97a0 HideCaret
0x8a97a8 GetWindowThreadProcessId
0x8a97b0 GetWindowTextW
0x8a97b8 GetWindowRect
0x8a97c0 GetWindowPlacement
0x8a97c8 GetWindowDC
0x8a97d0 GetTopWindow
0x8a97d8 GetSystemMetrics
0x8a97e0 GetSystemMenu
0x8a97e8 GetSysColorBrush
0x8a97f0 GetSysColor
0x8a97f8 GetSubMenu
0x8a9800 GetScrollRange
0x8a9808 GetScrollPos
0x8a9810 GetScrollInfo
0x8a9818 GetScrollBarInfo
0x8a9820 GetPropW
0x8a9828 GetParent
0x8a9830 GetWindow
0x8a9838 GetMessagePos
0x8a9840 GetMessageExtraInfo
0x8a9848 GetMenuStringW
0x8a9850 GetMenuState
0x8a9858 GetMenuItemInfoW
0x8a9860 GetMenuItemID
0x8a9868 GetMenuItemCount
0x8a9870 GetMenu
0x8a9878 GetLastActivePopup
0x8a9880 GetKeyboardState
0x8a9888 GetKeyboardLayoutNameW
0x8a9890 GetKeyboardLayoutList
0x8a9898 GetKeyboardLayout
0x8a98a0 GetKeyState
0x8a98a8 GetKeyNameTextW
0x8a98b0 GetIconInfo
0x8a98b8 GetForegroundWindow
0x8a98c0 GetFocus
0x8a98c8 GetDlgCtrlID
0x8a98d0 GetDesktopWindow
0x8a98d8 GetDCEx
0x8a98e0 GetDC
0x8a98e8 GetCursorPos
0x8a98f0 GetCursor
0x8a98f8 GetClipboardData
0x8a9900 GetClientRect
0x8a9908 GetClassNameW
0x8a9910 GetClassInfoExW
0x8a9918 GetClassInfoW
0x8a9920 GetCapture
0x8a9928 GetActiveWindow
0x8a9930 FrameRect
0x8a9938 FindWindowExW
0x8a9940 FindWindowW
0x8a9948 FillRect
0x8a9950 EnumWindows
0x8a9958 EnumThreadWindows
0x8a9960 EnumChildWindows
0x8a9968 EndPaint
0x8a9970 EndMenu
0x8a9978 EnableWindow
0x8a9980 EnableScrollBar
0x8a9988 EnableMenuItem
0x8a9990 EmptyClipboard
0x8a9998 DrawTextExW
0x8a99a0 DrawTextW
0x8a99a8 DrawMenuBar
0x8a99b0 DrawIconEx
0x8a99b8 DrawIcon
0x8a99c0 DrawFrameControl
0x8a99c8 DrawFocusRect
0x8a99d0 DrawEdge
0x8a99d8 DispatchMessageA
0x8a99e0 DispatchMessageW
0x8a99e8 DestroyWindow
0x8a99f0 DestroyMenu
0x8a99f8 DestroyIcon
0x8a9a00 DestroyCursor
0x8a9a08 DeleteMenu
0x8a9a10 DefWindowProcW
0x8a9a18 DefMDIChildProcW
0x8a9a20 DefFrameProcW
0x8a9a28 CreatePopupMenu
0x8a9a30 CreateMenu
0x8a9a38 CreateIcon
0x8a9a40 CreateAcceleratorTableW
0x8a9a48 CopyImage
0x8a9a50 CopyIcon
0x8a9a58 CloseClipboard
0x8a9a60 ClientToScreen
0x8a9a68 CheckMenuItem
0x8a9a70 CharUpperBuffW
0x8a9a78 CharUpperW
0x8a9a80 CharNextW
0x8a9a88 CharLowerBuffW
0x8a9a90 CharLowerW
0x8a9a98 CallWindowProcW
0x8a9aa0 CallNextHookEx
0x8a9aa8 BeginPaint
0x8a9ab0 AdjustWindowRectEx
0x8a9ab8 ActivateKeyboardLayout
gdi32.dll
0x8a9ac8 UnrealizeObject
0x8a9ad0 StretchDIBits
0x8a9ad8 StretchBlt
0x8a9ae0 StartPage
0x8a9ae8 StartDocW
0x8a9af0 SetWindowOrgEx
0x8a9af8 SetWinMetaFileBits
0x8a9b00 SetViewportOrgEx
0x8a9b08 SetTextColor
0x8a9b10 SetStretchBltMode
0x8a9b18 SetRectRgn
0x8a9b20 SetROP2
0x8a9b28 SetPixel
0x8a9b30 SetEnhMetaFileBits
0x8a9b38 SetDIBits
0x8a9b40 SetDIBColorTable
0x8a9b48 SetBrushOrgEx
0x8a9b50 SetBkMode
0x8a9b58 SetBkColor
0x8a9b60 SetAbortProc
0x8a9b68 SelectPalette
0x8a9b70 SelectObject
0x8a9b78 SaveDC
0x8a9b80 RoundRect
0x8a9b88 RestoreDC
0x8a9b90 Rectangle
0x8a9b98 RectVisible
0x8a9ba0 RealizePalette
0x8a9ba8 Polyline
0x8a9bb0 Polygon
0x8a9bb8 PolyBezierTo
0x8a9bc0 PolyBezier
0x8a9bc8 PlayEnhMetaFile
0x8a9bd0 Pie
0x8a9bd8 PatBlt
0x8a9be0 MoveToEx
0x8a9be8 MaskBlt
0x8a9bf0 LineTo
0x8a9bf8 IntersectClipRect
0x8a9c00 GetWindowOrgEx
0x8a9c08 GetWinMetaFileBits
0x8a9c10 GetTextMetricsW
0x8a9c18 GetTextExtentPointW
0x8a9c20 GetTextExtentPoint32W
0x8a9c28 GetSystemPaletteEntries
0x8a9c30 GetStockObject
0x8a9c38 GetRgnBox
0x8a9c40 GetPixel
0x8a9c48 GetPaletteEntries
0x8a9c50 GetObjectW
0x8a9c58 GetMapMode
0x8a9c60 GetEnhMetaFilePaletteEntries
0x8a9c68 GetEnhMetaFileHeader
0x8a9c70 GetEnhMetaFileDescriptionW
0x8a9c78 GetEnhMetaFileBits
0x8a9c80 GetDeviceCaps
0x8a9c88 GetDIBits
0x8a9c90 GetDIBColorTable
0x8a9c98 GetCurrentPositionEx
0x8a9ca0 GetClipBox
0x8a9ca8 GetBrushOrgEx
0x8a9cb0 GetBitmapBits
0x8a9cb8 GdiFlush
0x8a9cc0 FrameRgn
0x8a9cc8 ExtTextOutW
0x8a9cd0 ExtFloodFill
0x8a9cd8 ExcludeClipRect
0x8a9ce0 EnumFontsW
0x8a9ce8 EnumFontFamiliesExW
0x8a9cf0 EndPage
0x8a9cf8 EndDoc
0x8a9d00 Ellipse
0x8a9d08 DeleteObject
0x8a9d10 DeleteEnhMetaFile
0x8a9d18 DeleteDC
0x8a9d20 CreateSolidBrush
0x8a9d28 CreateRectRgn
0x8a9d30 CreatePenIndirect
0x8a9d38 CreatePalette
0x8a9d40 CreateICW
0x8a9d48 CreateHalftonePalette
0x8a9d50 CreateFontIndirectW
0x8a9d58 CreateDIBitmap
0x8a9d60 CreateDIBSection
0x8a9d68 CreateDCW
0x8a9d70 CreateCompatibleDC
0x8a9d78 CreateCompatibleBitmap
0x8a9d80 CreateBrushIndirect
0x8a9d88 CreateBitmap
0x8a9d90 CopyEnhMetaFileW
0x8a9d98 Chord
0x8a9da0 BitBlt
0x8a9da8 ArcTo
0x8a9db0 Arc
0x8a9db8 AngleArc
0x8a9dc0 AbortDoc
version.dll
0x8a9dd0 VerQueryValueW
0x8a9dd8 GetFileVersionInfoSizeW
0x8a9de0 GetFileVersionInfoW
kernel32.dll
0x8a9df0 WriteFile
0x8a9df8 WideCharToMultiByte
0x8a9e00 WaitForSingleObject
0x8a9e08 WaitForMultipleObjectsEx
0x8a9e10 VirtualQueryEx
0x8a9e18 VirtualQuery
0x8a9e20 VirtualProtect
0x8a9e28 VirtualFree
0x8a9e30 VirtualAlloc
0x8a9e38 VerSetConditionMask
0x8a9e40 VerifyVersionInfoW
0x8a9e48 TryEnterCriticalSection
0x8a9e50 SwitchToThread
0x8a9e58 SuspendThread
0x8a9e60 Sleep
0x8a9e68 SizeofResource
0x8a9e70 SetThreadPriority
0x8a9e78 SetThreadLocale
0x8a9e80 SetLastError
0x8a9e88 SetFilePointer
0x8a9e90 SetEvent
0x8a9e98 SetErrorMode
0x8a9ea0 SetEndOfFile
0x8a9ea8 ResumeThread
0x8a9eb0 ResetEvent
0x8a9eb8 ReadFile
0x8a9ec0 RaiseException
0x8a9ec8 QueryPerformanceFrequency
0x8a9ed0 QueryPerformanceCounter
0x8a9ed8 IsDebuggerPresent
0x8a9ee0 MulDiv
0x8a9ee8 LockResource
0x8a9ef0 LocalFree
0x8a9ef8 LoadResource
0x8a9f00 LoadLibraryW
0x8a9f08 LeaveCriticalSection
0x8a9f10 LCMapStringW
0x8a9f18 IsValidLocale
0x8a9f20 InitializeCriticalSection
0x8a9f28 HeapSize
0x8a9f30 HeapFree
0x8a9f38 HeapDestroy
0x8a9f40 HeapCreate
0x8a9f48 HeapAlloc
0x8a9f50 GlobalUnlock
0x8a9f58 GlobalLock
0x8a9f60 GlobalFree
0x8a9f68 GlobalFindAtomW
0x8a9f70 GlobalDeleteAtom
0x8a9f78 GlobalAlloc
0x8a9f80 GlobalAddAtomW
0x8a9f88 GetVersionExW
0x8a9f90 GetVersion
0x8a9f98 GetTimeZoneInformation
0x8a9fa0 GetTickCount
0x8a9fa8 GetThreadPriority
0x8a9fb0 GetThreadLocale
0x8a9fb8 GetStdHandle
0x8a9fc0 GetProcAddress
0x8a9fc8 GetModuleHandleW
0x8a9fd0 GetModuleFileNameW
0x8a9fd8 GetLocaleInfoW
0x8a9fe0 GetLocalTime
0x8a9fe8 GetLastError
0x8a9ff0 GetFullPathNameW
0x8a9ff8 GetFileSize
0x8aa000 GetFileAttributesW
0x8aa008 GetExitCodeThread
0x8aa010 GetDiskFreeSpaceW
0x8aa018 GetDateFormatW
0x8aa020 GetCurrentThreadId
0x8aa028 GetCurrentThread
0x8aa030 GetCurrentProcessId
0x8aa038 GetCurrentProcess
0x8aa040 GetCPInfoExW
0x8aa048 GetCPInfo
0x8aa050 GetACP
0x8aa058 FreeResource
0x8aa060 FreeLibrary
0x8aa068 FormatMessageW
0x8aa070 FindResourceW
0x8aa078 FindFirstFileW
0x8aa080 FindClose
0x8aa088 EnumSystemLocalesW
0x8aa090 EnumResourceNamesW
0x8aa098 EnumCalendarInfoW
0x8aa0a0 EnterCriticalSection
0x8aa0a8 DeleteCriticalSection
0x8aa0b0 CreateThread
0x8aa0b8 CreateFileW
0x8aa0c0 CreateEventW
0x8aa0c8 CompareStringW
0x8aa0d0 CloseHandle
advapi32.dll
0x8aa0e0 RegUnLoadKeyW
0x8aa0e8 RegSetValueExW
0x8aa0f0 RegSaveKeyW
0x8aa0f8 RegRestoreKeyW
0x8aa100 RegReplaceKeyW
0x8aa108 RegQueryValueExW
0x8aa110 RegQueryInfoKeyW
0x8aa118 RegOpenKeyExW
0x8aa120 RegLoadKeyW
0x8aa128 RegFlushKey
0x8aa130 RegEnumValueW
0x8aa138 RegEnumKeyExW
0x8aa140 RegDeleteValueW
0x8aa148 RegDeleteKeyW
0x8aa150 RegCreateKeyExW
0x8aa158 RegConnectRegistryW
0x8aa160 RegCloseKey
kernel32.dll
0x8aa170 Sleep
oleaut32.dll
0x8aa180 SafeArrayGetElemsize
0x8aa188 SafeArrayPtrOfIndex
0x8aa190 SafeArrayPutElement
0x8aa198 SafeArrayGetElement
0x8aa1a0 SafeArrayUnaccessData
0x8aa1a8 SafeArrayAccessData
0x8aa1b0 SafeArrayGetUBound
0x8aa1b8 SafeArrayGetLBound
0x8aa1c0 SafeArrayCreate
0x8aa1c8 VariantChangeType
0x8aa1d0 VariantCopyInd
0x8aa1d8 VariantCopy
0x8aa1e0 VariantClear
0x8aa1e8 VariantInit
oleaut32.dll
0x8aa1f8 GetErrorInfo
0x8aa200 SysFreeString
ole32.dll
0x8aa210 OleUninitialize
0x8aa218 OleInitialize
0x8aa220 CoTaskMemFree
0x8aa228 CoTaskMemAlloc
0x8aa230 CoCreateInstance
0x8aa238 CoUninitialize
0x8aa240 CoInitialize
0x8aa248 IsEqualGUID
comctl32.dll
0x8aa258 InitializeFlatSB
0x8aa260 FlatSB_SetScrollProp
0x8aa268 FlatSB_SetScrollPos
0x8aa270 FlatSB_SetScrollInfo
0x8aa278 FlatSB_GetScrollPos
0x8aa280 FlatSB_GetScrollInfo
0x8aa288 _TrackMouseEvent
0x8aa290 ImageList_GetImageInfo
0x8aa298 ImageList_SetIconSize
0x8aa2a0 ImageList_GetIconSize
0x8aa2a8 ImageList_Write
0x8aa2b0 ImageList_Read
0x8aa2b8 ImageList_GetDragImage
0x8aa2c0 ImageList_DragShowNolock
0x8aa2c8 ImageList_DragMove
0x8aa2d0 ImageList_DragLeave
0x8aa2d8 ImageList_DragEnter
0x8aa2e0 ImageList_EndDrag
0x8aa2e8 ImageList_BeginDrag
0x8aa2f0 ImageList_Copy
0x8aa2f8 ImageList_LoadImageW
0x8aa300 ImageList_GetIcon
0x8aa308 ImageList_Remove
0x8aa310 ImageList_DrawEx
0x8aa318 ImageList_Replace
0x8aa320 ImageList_Draw
0x8aa328 ImageList_SetOverlayImage
0x8aa330 ImageList_GetBkColor
0x8aa338 ImageList_SetBkColor
0x8aa340 ImageList_ReplaceIcon
0x8aa348 ImageList_Add
0x8aa350 ImageList_SetImageCount
0x8aa358 ImageList_GetImageCount
0x8aa360 ImageList_Destroy
0x8aa368 ImageList_Create
user32.dll
0x8aa378 EnumDisplayMonitors
0x8aa380 GetMonitorInfoW
0x8aa388 MonitorFromPoint
0x8aa390 MonitorFromRect
0x8aa398 MonitorFromWindow
shell32.dll
0x8aa3a8 Shell_NotifyIconW
winspool.drv
0x8aa3b8 OpenPrinterW
0x8aa3c0 EnumPrintersW
0x8aa3c8 DocumentPropertiesW
0x8aa3d0 ClosePrinter
winspool.drv
0x8aa3e0 GetDefaultPrinterW
EAT(Export Address Table) Library
0x4991b0 TMethodImplementationIntercept
0x417300 __dbk_fcall_wrapper
0x8a1f58 dbkFCallWrapperAddr
oleaut32.dll
0x8a92c0 SysFreeString
0x8a92c8 SysReAllocStringLen
0x8a92d0 SysAllocStringLen
advapi32.dll
0x8a92e0 RegQueryValueExW
0x8a92e8 RegOpenKeyExW
0x8a92f0 RegCloseKey
user32.dll
0x8a9300 CharNextW
0x8a9308 LoadStringW
kernel32.dll
0x8a9318 Sleep
0x8a9320 VirtualFree
0x8a9328 VirtualAlloc
0x8a9330 lstrlenW
0x8a9338 VirtualQuery
0x8a9340 QueryPerformanceCounter
0x8a9348 GetTickCount
0x8a9350 GetSystemInfo
0x8a9358 GetVersion
0x8a9360 CompareStringW
0x8a9368 IsDBCSLeadByteEx
0x8a9370 IsValidLocale
0x8a9378 SetThreadLocale
0x8a9380 GetSystemDefaultUILanguage
0x8a9388 GetUserDefaultUILanguage
0x8a9390 GetLocaleInfoW
0x8a9398 WideCharToMultiByte
0x8a93a0 MultiByteToWideChar
0x8a93a8 GetConsoleOutputCP
0x8a93b0 GetConsoleCP
0x8a93b8 GetACP
0x8a93c0 LoadLibraryExW
0x8a93c8 GetStartupInfoW
0x8a93d0 GetProcAddress
0x8a93d8 GetModuleHandleW
0x8a93e0 GetModuleFileNameW
0x8a93e8 GetCommandLineW
0x8a93f0 FreeLibrary
0x8a93f8 GetLastError
0x8a9400 UnhandledExceptionFilter
0x8a9408 RtlUnwindEx
0x8a9410 RtlUnwind
0x8a9418 RaiseException
0x8a9420 ExitProcess
0x8a9428 ExitThread
0x8a9430 SwitchToThread
0x8a9438 GetCurrentThreadId
0x8a9440 CreateThread
0x8a9448 DeleteCriticalSection
0x8a9450 LeaveCriticalSection
0x8a9458 EnterCriticalSection
0x8a9460 InitializeCriticalSection
0x8a9468 FindFirstFileW
0x8a9470 FindClose
0x8a9478 WriteFile
0x8a9480 SetFilePointer
0x8a9488 SetEndOfFile
0x8a9490 ReadFile
0x8a9498 GetFileType
0x8a94a0 GetFileSize
0x8a94a8 CreateFileW
0x8a94b0 GetStdHandle
0x8a94b8 CloseHandle
kernel32.dll
0x8a94c8 GetProcAddress
0x8a94d0 RaiseException
0x8a94d8 LoadLibraryA
0x8a94e0 GetLastError
0x8a94e8 TlsSetValue
0x8a94f0 TlsGetValue
0x8a94f8 LocalFree
0x8a9500 LocalAlloc
0x8a9508 GetModuleHandleW
0x8a9510 FreeLibrary
user32.dll
0x8a9520 SetClassLongPtrW
0x8a9528 GetClassLongPtrW
0x8a9530 SetWindowLongPtrW
0x8a9538 GetWindowLongPtrW
0x8a9540 CreateWindowExW
0x8a9548 WindowFromPoint
0x8a9550 WaitMessage
0x8a9558 UpdateWindow
0x8a9560 UnregisterClassW
0x8a9568 UnhookWindowsHookEx
0x8a9570 TranslateMessage
0x8a9578 TranslateMDISysAccel
0x8a9580 TrackPopupMenu
0x8a9588 SystemParametersInfoW
0x8a9590 ShowWindow
0x8a9598 ShowScrollBar
0x8a95a0 ShowOwnedPopups
0x8a95a8 ShowCaret
0x8a95b0 SetWindowRgn
0x8a95b8 SetWindowsHookExW
0x8a95c0 SetWindowTextW
0x8a95c8 SetWindowPos
0x8a95d0 SetWindowPlacement
0x8a95d8 SetTimer
0x8a95e0 SetScrollRange
0x8a95e8 SetScrollPos
0x8a95f0 SetScrollInfo
0x8a95f8 SetRect
0x8a9600 SetPropW
0x8a9608 SetParent
0x8a9610 SetMenuItemInfoW
0x8a9618 SetMenu
0x8a9620 SetForegroundWindow
0x8a9628 SetFocus
0x8a9630 SetCursorPos
0x8a9638 SetCursor
0x8a9640 SetClipboardData
0x8a9648 SetCapture
0x8a9650 SetActiveWindow
0x8a9658 SendMessageA
0x8a9660 SendMessageW
0x8a9668 ScrollWindow
0x8a9670 ScreenToClient
0x8a9678 RemovePropW
0x8a9680 RemoveMenu
0x8a9688 ReleaseDC
0x8a9690 ReleaseCapture
0x8a9698 RegisterWindowMessageW
0x8a96a0 RegisterClipboardFormatW
0x8a96a8 RegisterClassW
0x8a96b0 RedrawWindow
0x8a96b8 PostQuitMessage
0x8a96c0 PostMessageW
0x8a96c8 PeekMessageA
0x8a96d0 PeekMessageW
0x8a96d8 OpenClipboard
0x8a96e0 MsgWaitForMultipleObjectsEx
0x8a96e8 MsgWaitForMultipleObjects
0x8a96f0 MessageBoxW
0x8a96f8 MessageBeep
0x8a9700 MapWindowPoints
0x8a9708 MapVirtualKeyW
0x8a9710 LoadStringW
0x8a9718 LoadKeyboardLayoutW
0x8a9720 LoadIconW
0x8a9728 LoadCursorW
0x8a9730 LoadBitmapW
0x8a9738 KillTimer
0x8a9740 IsZoomed
0x8a9748 IsWindowVisible
0x8a9750 IsWindowUnicode
0x8a9758 IsWindowEnabled
0x8a9760 IsWindow
0x8a9768 IsIconic
0x8a9770 IsDialogMessageA
0x8a9778 IsDialogMessageW
0x8a9780 IsChild
0x8a9788 InvalidateRect
0x8a9790 InsertMenuItemW
0x8a9798 InsertMenuW
0x8a97a0 HideCaret
0x8a97a8 GetWindowThreadProcessId
0x8a97b0 GetWindowTextW
0x8a97b8 GetWindowRect
0x8a97c0 GetWindowPlacement
0x8a97c8 GetWindowDC
0x8a97d0 GetTopWindow
0x8a97d8 GetSystemMetrics
0x8a97e0 GetSystemMenu
0x8a97e8 GetSysColorBrush
0x8a97f0 GetSysColor
0x8a97f8 GetSubMenu
0x8a9800 GetScrollRange
0x8a9808 GetScrollPos
0x8a9810 GetScrollInfo
0x8a9818 GetScrollBarInfo
0x8a9820 GetPropW
0x8a9828 GetParent
0x8a9830 GetWindow
0x8a9838 GetMessagePos
0x8a9840 GetMessageExtraInfo
0x8a9848 GetMenuStringW
0x8a9850 GetMenuState
0x8a9858 GetMenuItemInfoW
0x8a9860 GetMenuItemID
0x8a9868 GetMenuItemCount
0x8a9870 GetMenu
0x8a9878 GetLastActivePopup
0x8a9880 GetKeyboardState
0x8a9888 GetKeyboardLayoutNameW
0x8a9890 GetKeyboardLayoutList
0x8a9898 GetKeyboardLayout
0x8a98a0 GetKeyState
0x8a98a8 GetKeyNameTextW
0x8a98b0 GetIconInfo
0x8a98b8 GetForegroundWindow
0x8a98c0 GetFocus
0x8a98c8 GetDlgCtrlID
0x8a98d0 GetDesktopWindow
0x8a98d8 GetDCEx
0x8a98e0 GetDC
0x8a98e8 GetCursorPos
0x8a98f0 GetCursor
0x8a98f8 GetClipboardData
0x8a9900 GetClientRect
0x8a9908 GetClassNameW
0x8a9910 GetClassInfoExW
0x8a9918 GetClassInfoW
0x8a9920 GetCapture
0x8a9928 GetActiveWindow
0x8a9930 FrameRect
0x8a9938 FindWindowExW
0x8a9940 FindWindowW
0x8a9948 FillRect
0x8a9950 EnumWindows
0x8a9958 EnumThreadWindows
0x8a9960 EnumChildWindows
0x8a9968 EndPaint
0x8a9970 EndMenu
0x8a9978 EnableWindow
0x8a9980 EnableScrollBar
0x8a9988 EnableMenuItem
0x8a9990 EmptyClipboard
0x8a9998 DrawTextExW
0x8a99a0 DrawTextW
0x8a99a8 DrawMenuBar
0x8a99b0 DrawIconEx
0x8a99b8 DrawIcon
0x8a99c0 DrawFrameControl
0x8a99c8 DrawFocusRect
0x8a99d0 DrawEdge
0x8a99d8 DispatchMessageA
0x8a99e0 DispatchMessageW
0x8a99e8 DestroyWindow
0x8a99f0 DestroyMenu
0x8a99f8 DestroyIcon
0x8a9a00 DestroyCursor
0x8a9a08 DeleteMenu
0x8a9a10 DefWindowProcW
0x8a9a18 DefMDIChildProcW
0x8a9a20 DefFrameProcW
0x8a9a28 CreatePopupMenu
0x8a9a30 CreateMenu
0x8a9a38 CreateIcon
0x8a9a40 CreateAcceleratorTableW
0x8a9a48 CopyImage
0x8a9a50 CopyIcon
0x8a9a58 CloseClipboard
0x8a9a60 ClientToScreen
0x8a9a68 CheckMenuItem
0x8a9a70 CharUpperBuffW
0x8a9a78 CharUpperW
0x8a9a80 CharNextW
0x8a9a88 CharLowerBuffW
0x8a9a90 CharLowerW
0x8a9a98 CallWindowProcW
0x8a9aa0 CallNextHookEx
0x8a9aa8 BeginPaint
0x8a9ab0 AdjustWindowRectEx
0x8a9ab8 ActivateKeyboardLayout
gdi32.dll
0x8a9ac8 UnrealizeObject
0x8a9ad0 StretchDIBits
0x8a9ad8 StretchBlt
0x8a9ae0 StartPage
0x8a9ae8 StartDocW
0x8a9af0 SetWindowOrgEx
0x8a9af8 SetWinMetaFileBits
0x8a9b00 SetViewportOrgEx
0x8a9b08 SetTextColor
0x8a9b10 SetStretchBltMode
0x8a9b18 SetRectRgn
0x8a9b20 SetROP2
0x8a9b28 SetPixel
0x8a9b30 SetEnhMetaFileBits
0x8a9b38 SetDIBits
0x8a9b40 SetDIBColorTable
0x8a9b48 SetBrushOrgEx
0x8a9b50 SetBkMode
0x8a9b58 SetBkColor
0x8a9b60 SetAbortProc
0x8a9b68 SelectPalette
0x8a9b70 SelectObject
0x8a9b78 SaveDC
0x8a9b80 RoundRect
0x8a9b88 RestoreDC
0x8a9b90 Rectangle
0x8a9b98 RectVisible
0x8a9ba0 RealizePalette
0x8a9ba8 Polyline
0x8a9bb0 Polygon
0x8a9bb8 PolyBezierTo
0x8a9bc0 PolyBezier
0x8a9bc8 PlayEnhMetaFile
0x8a9bd0 Pie
0x8a9bd8 PatBlt
0x8a9be0 MoveToEx
0x8a9be8 MaskBlt
0x8a9bf0 LineTo
0x8a9bf8 IntersectClipRect
0x8a9c00 GetWindowOrgEx
0x8a9c08 GetWinMetaFileBits
0x8a9c10 GetTextMetricsW
0x8a9c18 GetTextExtentPointW
0x8a9c20 GetTextExtentPoint32W
0x8a9c28 GetSystemPaletteEntries
0x8a9c30 GetStockObject
0x8a9c38 GetRgnBox
0x8a9c40 GetPixel
0x8a9c48 GetPaletteEntries
0x8a9c50 GetObjectW
0x8a9c58 GetMapMode
0x8a9c60 GetEnhMetaFilePaletteEntries
0x8a9c68 GetEnhMetaFileHeader
0x8a9c70 GetEnhMetaFileDescriptionW
0x8a9c78 GetEnhMetaFileBits
0x8a9c80 GetDeviceCaps
0x8a9c88 GetDIBits
0x8a9c90 GetDIBColorTable
0x8a9c98 GetCurrentPositionEx
0x8a9ca0 GetClipBox
0x8a9ca8 GetBrushOrgEx
0x8a9cb0 GetBitmapBits
0x8a9cb8 GdiFlush
0x8a9cc0 FrameRgn
0x8a9cc8 ExtTextOutW
0x8a9cd0 ExtFloodFill
0x8a9cd8 ExcludeClipRect
0x8a9ce0 EnumFontsW
0x8a9ce8 EnumFontFamiliesExW
0x8a9cf0 EndPage
0x8a9cf8 EndDoc
0x8a9d00 Ellipse
0x8a9d08 DeleteObject
0x8a9d10 DeleteEnhMetaFile
0x8a9d18 DeleteDC
0x8a9d20 CreateSolidBrush
0x8a9d28 CreateRectRgn
0x8a9d30 CreatePenIndirect
0x8a9d38 CreatePalette
0x8a9d40 CreateICW
0x8a9d48 CreateHalftonePalette
0x8a9d50 CreateFontIndirectW
0x8a9d58 CreateDIBitmap
0x8a9d60 CreateDIBSection
0x8a9d68 CreateDCW
0x8a9d70 CreateCompatibleDC
0x8a9d78 CreateCompatibleBitmap
0x8a9d80 CreateBrushIndirect
0x8a9d88 CreateBitmap
0x8a9d90 CopyEnhMetaFileW
0x8a9d98 Chord
0x8a9da0 BitBlt
0x8a9da8 ArcTo
0x8a9db0 Arc
0x8a9db8 AngleArc
0x8a9dc0 AbortDoc
version.dll
0x8a9dd0 VerQueryValueW
0x8a9dd8 GetFileVersionInfoSizeW
0x8a9de0 GetFileVersionInfoW
kernel32.dll
0x8a9df0 WriteFile
0x8a9df8 WideCharToMultiByte
0x8a9e00 WaitForSingleObject
0x8a9e08 WaitForMultipleObjectsEx
0x8a9e10 VirtualQueryEx
0x8a9e18 VirtualQuery
0x8a9e20 VirtualProtect
0x8a9e28 VirtualFree
0x8a9e30 VirtualAlloc
0x8a9e38 VerSetConditionMask
0x8a9e40 VerifyVersionInfoW
0x8a9e48 TryEnterCriticalSection
0x8a9e50 SwitchToThread
0x8a9e58 SuspendThread
0x8a9e60 Sleep
0x8a9e68 SizeofResource
0x8a9e70 SetThreadPriority
0x8a9e78 SetThreadLocale
0x8a9e80 SetLastError
0x8a9e88 SetFilePointer
0x8a9e90 SetEvent
0x8a9e98 SetErrorMode
0x8a9ea0 SetEndOfFile
0x8a9ea8 ResumeThread
0x8a9eb0 ResetEvent
0x8a9eb8 ReadFile
0x8a9ec0 RaiseException
0x8a9ec8 QueryPerformanceFrequency
0x8a9ed0 QueryPerformanceCounter
0x8a9ed8 IsDebuggerPresent
0x8a9ee0 MulDiv
0x8a9ee8 LockResource
0x8a9ef0 LocalFree
0x8a9ef8 LoadResource
0x8a9f00 LoadLibraryW
0x8a9f08 LeaveCriticalSection
0x8a9f10 LCMapStringW
0x8a9f18 IsValidLocale
0x8a9f20 InitializeCriticalSection
0x8a9f28 HeapSize
0x8a9f30 HeapFree
0x8a9f38 HeapDestroy
0x8a9f40 HeapCreate
0x8a9f48 HeapAlloc
0x8a9f50 GlobalUnlock
0x8a9f58 GlobalLock
0x8a9f60 GlobalFree
0x8a9f68 GlobalFindAtomW
0x8a9f70 GlobalDeleteAtom
0x8a9f78 GlobalAlloc
0x8a9f80 GlobalAddAtomW
0x8a9f88 GetVersionExW
0x8a9f90 GetVersion
0x8a9f98 GetTimeZoneInformation
0x8a9fa0 GetTickCount
0x8a9fa8 GetThreadPriority
0x8a9fb0 GetThreadLocale
0x8a9fb8 GetStdHandle
0x8a9fc0 GetProcAddress
0x8a9fc8 GetModuleHandleW
0x8a9fd0 GetModuleFileNameW
0x8a9fd8 GetLocaleInfoW
0x8a9fe0 GetLocalTime
0x8a9fe8 GetLastError
0x8a9ff0 GetFullPathNameW
0x8a9ff8 GetFileSize
0x8aa000 GetFileAttributesW
0x8aa008 GetExitCodeThread
0x8aa010 GetDiskFreeSpaceW
0x8aa018 GetDateFormatW
0x8aa020 GetCurrentThreadId
0x8aa028 GetCurrentThread
0x8aa030 GetCurrentProcessId
0x8aa038 GetCurrentProcess
0x8aa040 GetCPInfoExW
0x8aa048 GetCPInfo
0x8aa050 GetACP
0x8aa058 FreeResource
0x8aa060 FreeLibrary
0x8aa068 FormatMessageW
0x8aa070 FindResourceW
0x8aa078 FindFirstFileW
0x8aa080 FindClose
0x8aa088 EnumSystemLocalesW
0x8aa090 EnumResourceNamesW
0x8aa098 EnumCalendarInfoW
0x8aa0a0 EnterCriticalSection
0x8aa0a8 DeleteCriticalSection
0x8aa0b0 CreateThread
0x8aa0b8 CreateFileW
0x8aa0c0 CreateEventW
0x8aa0c8 CompareStringW
0x8aa0d0 CloseHandle
advapi32.dll
0x8aa0e0 RegUnLoadKeyW
0x8aa0e8 RegSetValueExW
0x8aa0f0 RegSaveKeyW
0x8aa0f8 RegRestoreKeyW
0x8aa100 RegReplaceKeyW
0x8aa108 RegQueryValueExW
0x8aa110 RegQueryInfoKeyW
0x8aa118 RegOpenKeyExW
0x8aa120 RegLoadKeyW
0x8aa128 RegFlushKey
0x8aa130 RegEnumValueW
0x8aa138 RegEnumKeyExW
0x8aa140 RegDeleteValueW
0x8aa148 RegDeleteKeyW
0x8aa150 RegCreateKeyExW
0x8aa158 RegConnectRegistryW
0x8aa160 RegCloseKey
kernel32.dll
0x8aa170 Sleep
oleaut32.dll
0x8aa180 SafeArrayGetElemsize
0x8aa188 SafeArrayPtrOfIndex
0x8aa190 SafeArrayPutElement
0x8aa198 SafeArrayGetElement
0x8aa1a0 SafeArrayUnaccessData
0x8aa1a8 SafeArrayAccessData
0x8aa1b0 SafeArrayGetUBound
0x8aa1b8 SafeArrayGetLBound
0x8aa1c0 SafeArrayCreate
0x8aa1c8 VariantChangeType
0x8aa1d0 VariantCopyInd
0x8aa1d8 VariantCopy
0x8aa1e0 VariantClear
0x8aa1e8 VariantInit
oleaut32.dll
0x8aa1f8 GetErrorInfo
0x8aa200 SysFreeString
ole32.dll
0x8aa210 OleUninitialize
0x8aa218 OleInitialize
0x8aa220 CoTaskMemFree
0x8aa228 CoTaskMemAlloc
0x8aa230 CoCreateInstance
0x8aa238 CoUninitialize
0x8aa240 CoInitialize
0x8aa248 IsEqualGUID
comctl32.dll
0x8aa258 InitializeFlatSB
0x8aa260 FlatSB_SetScrollProp
0x8aa268 FlatSB_SetScrollPos
0x8aa270 FlatSB_SetScrollInfo
0x8aa278 FlatSB_GetScrollPos
0x8aa280 FlatSB_GetScrollInfo
0x8aa288 _TrackMouseEvent
0x8aa290 ImageList_GetImageInfo
0x8aa298 ImageList_SetIconSize
0x8aa2a0 ImageList_GetIconSize
0x8aa2a8 ImageList_Write
0x8aa2b0 ImageList_Read
0x8aa2b8 ImageList_GetDragImage
0x8aa2c0 ImageList_DragShowNolock
0x8aa2c8 ImageList_DragMove
0x8aa2d0 ImageList_DragLeave
0x8aa2d8 ImageList_DragEnter
0x8aa2e0 ImageList_EndDrag
0x8aa2e8 ImageList_BeginDrag
0x8aa2f0 ImageList_Copy
0x8aa2f8 ImageList_LoadImageW
0x8aa300 ImageList_GetIcon
0x8aa308 ImageList_Remove
0x8aa310 ImageList_DrawEx
0x8aa318 ImageList_Replace
0x8aa320 ImageList_Draw
0x8aa328 ImageList_SetOverlayImage
0x8aa330 ImageList_GetBkColor
0x8aa338 ImageList_SetBkColor
0x8aa340 ImageList_ReplaceIcon
0x8aa348 ImageList_Add
0x8aa350 ImageList_SetImageCount
0x8aa358 ImageList_GetImageCount
0x8aa360 ImageList_Destroy
0x8aa368 ImageList_Create
user32.dll
0x8aa378 EnumDisplayMonitors
0x8aa380 GetMonitorInfoW
0x8aa388 MonitorFromPoint
0x8aa390 MonitorFromRect
0x8aa398 MonitorFromWindow
shell32.dll
0x8aa3a8 Shell_NotifyIconW
winspool.drv
0x8aa3b8 OpenPrinterW
0x8aa3c0 EnumPrintersW
0x8aa3c8 DocumentPropertiesW
0x8aa3d0 ClosePrinter
winspool.drv
0x8aa3e0 GetDefaultPrinterW
EAT(Export Address Table) Library
0x4991b0 TMethodImplementationIntercept
0x417300 __dbk_fcall_wrapper
0x8a1f58 dbkFCallWrapperAddr