ScreenShot
| Created | 2024.10.15 14:26 | Machine | s1_win7_x6401 |
| Filename | CrazyCoach.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 54 detected (AIDetectMalware, Malicious, score, Babar, Unsafe, Vck8, confidence, Attribute, HighConfidence, high confidence, FlyStudio, Pasta, Cryp, Trojanx, dvixmz, CLASSIC, Wsgame, Real Protect, high, EncPk, Static AI, Malicious PE, edyx, Detected, SBadur, Wacatac, OSCF@5rs7jr, 1TYMTF4, Eldorado, R668664, Flyagent, BScope, MulDrop, Disabler, Probably Heur, ExeHeaderL, susgen, CoinMiner, BELF, B9nj) | ||
| md5 | 05894e6439e626412c11b1c23eac073f | ||
| sha256 | 042e2c5e4fe54168736c408dea6ce251a01ad59c1961f47438033204405ea2bb | ||
| ssdeep | 49152:uA/QyO+qnbHx11BLNTzrSTpah/yRjap+vMLBW5HEWoIthmrJGCxpbTjCw:zqrr5YpaN2nvM14HEZIngJGK | ||
| imphash | 5aad076aff6a3bd2c917579560b6b074 | ||
| impfuzzy | 192:ch+KStc1v0rp78xUnThTWiT6eTBvzzqclcncdKfZuQ+sMgYNKN:XKSov8PTPk+aIQ+xjNKN | ||
Network IP location
Signature (13cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 54 AntiVirus engines on VirusTotal as malicious |
| watch | Connects to an IRC server |
| watch | Network activity contains more than one unique useragent |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | An executable file was downloaded by the process crazycoach.exe |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | Foreign language identified in PE resource |
| notice | One or more potentially interesting buffers were extracted |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks amount of memory in system |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (14cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (download) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (8cnts) ?
Suricata ids
ET POLICY Unsupported/Fake Windows NT Version 5.0
ET POLICY PE EXE or DLL Windows file download HTTP
ET POLICY Windows 98 User-Agent Detected - Possible Malware or Non-Updated System
ET POLICY Unsupported/Fake Internet Explorer Version MSIE 5.
ET POLICY PE EXE or DLL Windows file download HTTP
ET POLICY Windows 98 User-Agent Detected - Possible Malware or Non-Updated System
ET POLICY Unsupported/Fake Internet Explorer Version MSIE 5.
PE API
IAT(Import Address Table) Library
RASAPI32.dll
0x5e34d8 RasHangUpA
0x5e34dc RasGetConnectStatusA
KERNEL32.dll
0x5e31d8 GetStdHandle
0x5e31dc SetHandleCount
0x5e31e0 GetEnvironmentStringsW
0x5e31e4 GetEnvironmentStrings
0x5e31e8 FreeEnvironmentStringsW
0x5e31ec FreeEnvironmentStringsA
0x5e31f0 UnhandledExceptionFilter
0x5e31f4 GetFileType
0x5e31f8 SetStdHandle
0x5e31fc GetACP
0x5e3200 RaiseException
0x5e3204 GetLocalTime
0x5e3208 TerminateProcess
0x5e320c RtlUnwind
0x5e3210 GetStartupInfoA
0x5e3214 GetOEMCP
0x5e3218 GetCPInfo
0x5e321c GetProcessVersion
0x5e3220 SetErrorMode
0x5e3224 GlobalFlags
0x5e3228 GetEnvironmentVariableA
0x5e322c GetCurrentThread
0x5e3230 GetFileTime
0x5e3234 TlsGetValue
0x5e3238 LocalReAlloc
0x5e323c TlsSetValue
0x5e3240 TlsFree
0x5e3244 GlobalHandle
0x5e3248 TlsAlloc
0x5e324c LocalAlloc
0x5e3250 lstrcmpA
0x5e3254 GetVersion
0x5e3258 GlobalGetAtomNameA
0x5e325c GlobalAddAtomA
0x5e3260 GlobalFindAtomA
0x5e3264 GlobalDeleteAtom
0x5e3268 lstrcmpiA
0x5e326c DuplicateHandle
0x5e3270 lstrcpynA
0x5e3274 FileTimeToLocalFileTime
0x5e3278 InterlockedDecrement
0x5e327c InterlockedIncrement
0x5e3280 SetEnvironmentVariableA
0x5e3284 LCMapStringA
0x5e3288 LCMapStringW
0x5e328c IsBadWritePtr
0x5e3290 IsValidLocale
0x5e3294 IsValidCodePage
0x5e3298 GetLocaleInfoA
0x5e329c EnumSystemLocalesA
0x5e32a0 GetStringTypeA
0x5e32a4 GetStringTypeW
0x5e32a8 SuspendThread
0x5e32ac ReleaseMutex
0x5e32b0 CreateMutexA
0x5e32b4 VirtualFree
0x5e32b8 VirtualAlloc
0x5e32bc SetLastError
0x5e32c0 GetTimeZoneInformation
0x5e32c4 FileTimeToSystemTime
0x5e32c8 GetCurrentProcess
0x5e32cc GetWindowsDirectoryA
0x5e32d0 GetSystemDirectoryA
0x5e32d4 InterlockedCompareExchange
0x5e32d8 AreFileApisANSI
0x5e32dc CreateFileW
0x5e32e0 CreateFileMappingA
0x5e32e4 CreateFileMappingW
0x5e32e8 CreateMutexW
0x5e32ec DeleteFileW
0x5e32f0 FlushFileBuffers
0x5e32f4 FormatMessageA
0x5e32f8 FormatMessageW
0x5e32fc GetDiskFreeSpaceW
0x5e3300 GetFileAttributesW
0x5e3304 GetFileAttributesExW
0x5e3308 GetFileSize
0x5e330c GetFullPathNameW
0x5e3310 GetSystemInfo
0x5e3314 GetSystemTime
0x5e3318 GetSystemTimeAsFileTime
0x5e331c GetTempPathW
0x5e3320 HeapCreate
0x5e3324 HeapDestroy
0x5e3328 HeapSize
0x5e332c HeapValidate
0x5e3330 LoadLibraryW
0x5e3334 LocalFree
0x5e3338 LockFile
0x5e333c LockFileEx
0x5e3340 MapViewOfFile
0x5e3344 QueryPerformanceCounter
0x5e3348 SetEndOfFile
0x5e334c SetFilePointer
0x5e3350 SystemTimeToFileTime
0x5e3354 UnlockFile
0x5e3358 UnlockFileEx
0x5e335c UnmapViewOfFile
0x5e3360 TerminateThread
0x5e3364 CreateSemaphoreA
0x5e3368 ResumeThread
0x5e336c ReleaseSemaphore
0x5e3370 EnterCriticalSection
0x5e3374 LeaveCriticalSection
0x5e3378 GetProfileStringA
0x5e337c WriteFile
0x5e3380 WaitForMultipleObjects
0x5e3384 CreateFileA
0x5e3388 SetEvent
0x5e338c FindResourceA
0x5e3390 LoadResource
0x5e3394 LockResource
0x5e3398 ReadFile
0x5e339c lstrlenW
0x5e33a0 GetModuleFileNameA
0x5e33a4 GetCurrentProcessId
0x5e33a8 GetCurrentThreadId
0x5e33ac ExitProcess
0x5e33b0 GlobalSize
0x5e33b4 GlobalFree
0x5e33b8 DeleteCriticalSection
0x5e33bc InitializeCriticalSection
0x5e33c0 lstrcatA
0x5e33c4 GetLocaleInfoW
0x5e33c8 lstrlenA
0x5e33cc WinExec
0x5e33d0 lstrcpyA
0x5e33d4 FindNextFileA
0x5e33d8 GlobalReAlloc
0x5e33dc HeapFree
0x5e33e0 HeapReAlloc
0x5e33e4 GetProcessHeap
0x5e33e8 HeapAlloc
0x5e33ec GetUserDefaultLCID
0x5e33f0 MultiByteToWideChar
0x5e33f4 WideCharToMultiByte
0x5e33f8 GetFullPathNameA
0x5e33fc FreeLibrary
0x5e3400 LoadLibraryA
0x5e3404 GetLastError
0x5e3408 GetVersionExA
0x5e340c WritePrivateProfileStringA
0x5e3410 CreateThread
0x5e3414 CreateEventA
0x5e3418 Sleep
0x5e341c GlobalAlloc
0x5e3420 GlobalLock
0x5e3424 GlobalUnlock
0x5e3428 GetTempPathA
0x5e342c FindFirstFileA
0x5e3430 FindClose
0x5e3434 GetFileAttributesA
0x5e3438 DeleteFileA
0x5e343c SetCurrentDirectoryA
0x5e3440 GetVolumeInformationA
0x5e3444 GetModuleHandleA
0x5e3448 GetProcAddress
0x5e344c GetDiskFreeSpaceA
0x5e3450 MulDiv
0x5e3454 GetCommandLineA
0x5e3458 GetTickCount
0x5e345c CreateProcessA
0x5e3460 WaitForSingleObject
0x5e3464 CloseHandle
0x5e3468 SetUnhandledExceptionFilter
0x5e346c CompareStringA
0x5e3470 CompareStringW
0x5e3474 IsBadReadPtr
0x5e3478 IsBadCodePtr
USER32.dll
0x5e3500 FrameRect
0x5e3504 SetWindowsHookExA
0x5e3508 CallNextHookEx
0x5e350c UnhookWindowsHookEx
0x5e3510 GetWindowDC
0x5e3514 EnumChildWindows
0x5e3518 GetPropA
0x5e351c WindowFromDC
0x5e3520 TabbedTextOutA
0x5e3524 GrayStringA
0x5e3528 DrawStateA
0x5e352c GetTabbedTextExtentA
0x5e3530 GetMenuState
0x5e3534 GetMenuStringA
0x5e3538 GetMenuItemID
0x5e353c GetMenuItemCount
0x5e3540 SetWindowTextA
0x5e3544 GetWindowTextA
0x5e3548 MoveWindow
0x5e354c CallWindowProcA
0x5e3550 SetPropA
0x5e3554 DrawTextA
0x5e3558 GetCursor
0x5e355c LoadIconA
0x5e3560 TranslateMessage
0x5e3564 DrawFrameControl
0x5e3568 DrawEdge
0x5e356c DrawFocusRect
0x5e3570 WindowFromPoint
0x5e3574 GetMessageA
0x5e3578 DispatchMessageA
0x5e357c SetRectEmpty
0x5e3580 RegisterClipboardFormatA
0x5e3584 CreateIconFromResourceEx
0x5e3588 CreateIconFromResource
0x5e358c DrawIconEx
0x5e3590 CreatePopupMenu
0x5e3594 AppendMenuA
0x5e3598 ModifyMenuA
0x5e359c CreateMenu
0x5e35a0 CreateAcceleratorTableA
0x5e35a4 GetDlgCtrlID
0x5e35a8 GetSubMenu
0x5e35ac EnableMenuItem
0x5e35b0 ClientToScreen
0x5e35b4 EnumDisplaySettingsA
0x5e35b8 LoadImageA
0x5e35bc SystemParametersInfoA
0x5e35c0 ShowWindow
0x5e35c4 TranslateAcceleratorA
0x5e35c8 GetKeyState
0x5e35cc CopyAcceleratorTableA
0x5e35d0 PostQuitMessage
0x5e35d4 GetWindowThreadProcessId
0x5e35d8 IsWindowEnabled
0x5e35dc EnumWindows
0x5e35e0 IsZoomed
0x5e35e4 GetClassInfoA
0x5e35e8 DefWindowProcA
0x5e35ec GetSystemMenu
0x5e35f0 DeleteMenu
0x5e35f4 GetMenu
0x5e35f8 SetMenu
0x5e35fc GetForegroundWindow
0x5e3600 IsIconic
0x5e3604 SetFocus
0x5e3608 GetActiveWindow
0x5e360c GetWindow
0x5e3610 DestroyAcceleratorTable
0x5e3614 SetWindowRgn
0x5e3618 GetSysColorBrush
0x5e361c LoadStringA
0x5e3620 GetDesktopWindow
0x5e3624 GetClassNameA
0x5e3628 GetMenuCheckMarkDimensions
0x5e362c SetMenuItemBitmaps
0x5e3630 CheckMenuItem
0x5e3634 IsDialogMessageA
0x5e3638 ScrollWindowEx
0x5e363c SendDlgItemMessageA
0x5e3640 MapWindowPoints
0x5e3644 AdjustWindowRectEx
0x5e3648 GetScrollPos
0x5e364c RegisterClassA
0x5e3650 GetClassLongA
0x5e3654 RemovePropA
0x5e3658 GetMessageTime
0x5e365c GetLastActivePopup
0x5e3660 RegisterWindowMessageA
0x5e3664 GetWindowPlacement
0x5e3668 GetNextDlgTabItem
0x5e366c EndDialog
0x5e3670 CreateDialogIndirectParamA
0x5e3674 DestroyWindow
0x5e3678 GetMessagePos
0x5e367c ScreenToClient
0x5e3680 ChildWindowFromPointEx
0x5e3684 CopyRect
0x5e3688 LoadBitmapA
0x5e368c WinHelpA
0x5e3690 KillTimer
0x5e3694 SetTimer
0x5e3698 GetCapture
0x5e369c SetCapture
0x5e36a0 GetScrollRange
0x5e36a4 SetScrollRange
0x5e36a8 SetScrollPos
0x5e36ac SetRect
0x5e36b0 InflateRect
0x5e36b4 IntersectRect
0x5e36b8 DestroyIcon
0x5e36bc PtInRect
0x5e36c0 OffsetRect
0x5e36c4 IsWindowVisible
0x5e36c8 EnableWindow
0x5e36cc RedrawWindow
0x5e36d0 GetWindowLongA
0x5e36d4 SetWindowLongA
0x5e36d8 GetSysColor
0x5e36dc SetActiveWindow
0x5e36e0 SetCursorPos
0x5e36e4 LoadCursorA
0x5e36e8 SetCursor
0x5e36ec GetDC
0x5e36f0 FillRect
0x5e36f4 IsRectEmpty
0x5e36f8 ReleaseDC
0x5e36fc IsChild
0x5e3700 TrackPopupMenu
0x5e3704 DestroyMenu
0x5e3708 SetForegroundWindow
0x5e370c GetWindowRect
0x5e3710 EqualRect
0x5e3714 UpdateWindow
0x5e3718 ValidateRect
0x5e371c InvalidateRect
0x5e3720 LockWindowUpdate
0x5e3724 GetClientRect
0x5e3728 GetFocus
0x5e372c GetParent
0x5e3730 GetTopWindow
0x5e3734 PostMessageA
0x5e3738 IsWindow
0x5e373c SetParent
0x5e3740 DestroyCursor
0x5e3744 SendMessageA
0x5e3748 SetWindowPos
0x5e374c MessageBoxA
0x5e3750 ReleaseCapture
0x5e3754 GetCursorPos
0x5e3758 GetSystemMetrics
0x5e375c EmptyClipboard
0x5e3760 SetClipboardData
0x5e3764 OpenClipboard
0x5e3768 GetClipboardData
0x5e376c CloseClipboard
0x5e3770 wsprintfA
0x5e3774 WaitForInputIdle
0x5e3778 CreateWindowExA
0x5e377c RegisterHotKey
0x5e3780 UnregisterHotKey
0x5e3784 UnregisterClassA
0x5e3788 PeekMessageA
0x5e378c GetWindowTextLengthA
0x5e3790 CharUpperA
0x5e3794 BeginPaint
0x5e3798 EndPaint
0x5e379c GetDlgItem
GDI32.dll
0x5e3070 PathToRegion
0x5e3074 CreateEllipticRgn
0x5e3078 CreateRoundRectRgn
0x5e307c GetTextColor
0x5e3080 GetBkMode
0x5e3084 GetBkColor
0x5e3088 GetROP2
0x5e308c GetStretchBltMode
0x5e3090 GetPolyFillMode
0x5e3094 CreateCompatibleBitmap
0x5e3098 CreateDCA
0x5e309c FillRgn
0x5e30a0 CreateBrushIndirect
0x5e30a4 CreateBitmap
0x5e30a8 SelectObject
0x5e30ac CreatePen
0x5e30b0 PatBlt
0x5e30b4 CreateRectRgn
0x5e30b8 CombineRgn
0x5e30bc CreateFontIndirectA
0x5e30c0 GetStockObject
0x5e30c4 GetObjectA
0x5e30c8 EndPage
0x5e30cc EndDoc
0x5e30d0 DeleteDC
0x5e30d4 EndPath
0x5e30d8 StartPage
0x5e30dc BitBlt
0x5e30e0 GetPixel
0x5e30e4 CreateCompatibleDC
0x5e30e8 SetPixelV
0x5e30ec Ellipse
0x5e30f0 Rectangle
0x5e30f4 LPtoDP
0x5e30f8 DPtoLP
0x5e30fc GetCurrentObject
0x5e3100 RoundRect
0x5e3104 GetTextExtentPoint32A
0x5e3108 GetDeviceCaps
0x5e310c GetTextMetricsA
0x5e3110 GetViewportExtEx
0x5e3114 BeginPath
0x5e3118 GetWindowOrgEx
0x5e311c GetViewportOrgEx
0x5e3120 GetWindowExtEx
0x5e3124 GetDIBits
0x5e3128 RealizePalette
0x5e312c SelectPalette
0x5e3130 StretchBlt
0x5e3134 CreatePalette
0x5e3138 GetSystemPaletteEntries
0x5e313c CreateDIBitmap
0x5e3140 DeleteObject
0x5e3144 ExtSelectClipRgn
0x5e3148 SelectClipRgn
0x5e314c CreatePolygonRgn
0x5e3150 GetClipRgn
0x5e3154 SetStretchBltMode
0x5e3158 SetPixel
0x5e315c CreateRectRgnIndirect
0x5e3160 SetBkColor
0x5e3164 SetBkMode
0x5e3168 SetTextColor
0x5e316c SetWindowOrgEx
0x5e3170 SaveDC
0x5e3174 RestoreDC
0x5e3178 CreatePenIndirect
0x5e317c PtVisible
0x5e3180 RectVisible
0x5e3184 TextOutA
0x5e3188 ExtTextOutA
0x5e318c Escape
0x5e3190 CreateFontA
0x5e3194 TranslateCharsetInfo
0x5e3198 StartDocA
0x5e319c LineTo
0x5e31a0 MoveToEx
0x5e31a4 ExcludeClipRect
0x5e31a8 GetClipBox
0x5e31ac ScaleWindowExtEx
0x5e31b0 SetWindowExtEx
0x5e31b4 ScaleViewportExtEx
0x5e31b8 SetViewportExtEx
0x5e31bc OffsetViewportOrgEx
0x5e31c0 SetViewportOrgEx
0x5e31c4 SetMapMode
0x5e31c8 SetROP2
0x5e31cc SetPolyFillMode
0x5e31d0 CreateSolidBrush
WINMM.dll
0x5e37d0 midiStreamRestart
0x5e37d4 midiStreamClose
0x5e37d8 midiOutReset
0x5e37dc midiStreamStop
0x5e37e0 midiStreamOut
0x5e37e4 midiOutPrepareHeader
0x5e37e8 midiStreamProperty
0x5e37ec midiStreamOpen
0x5e37f0 midiOutUnprepareHeader
0x5e37f4 waveOutOpen
0x5e37f8 waveOutGetNumDevs
0x5e37fc waveOutReset
0x5e3800 waveOutPause
0x5e3804 waveOutWrite
0x5e3808 waveOutPrepareHeader
0x5e380c waveOutUnprepareHeader
0x5e3810 waveOutRestart
0x5e3814 waveOutClose
MSIMG32.dll
0x5e3480 GradientFill
WINSPOOL.DRV
0x5e381c DocumentPropertiesA
0x5e3820 OpenPrinterA
0x5e3824 ClosePrinter
ADVAPI32.dll
0x5e3000 RegCreateKeyExA
0x5e3004 RegOpenKeyExA
0x5e3008 RegSetValueExA
0x5e300c RegQueryValueA
0x5e3010 RegCloseKey
SHELL32.dll
0x5e34e4 DragFinish
0x5e34e8 Shell_NotifyIconA
0x5e34ec SHGetSpecialFolderPathA
0x5e34f0 DragQueryFileA
0x5e34f4 ShellExecuteA
0x5e34f8 DragAcceptFiles
ole32.dll
0x5e38b8 OleRun
0x5e38bc CoCreateInstance
0x5e38c0 CLSIDFromString
0x5e38c4 OleUninitialize
0x5e38c8 OleInitialize
0x5e38cc CLSIDFromProgID
OLEAUT32.dll
0x5e3488 VariantClear
0x5e348c VariantChangeType
0x5e3490 SafeArrayGetUBound
0x5e3494 SafeArrayGetLBound
0x5e3498 VariantCopy
0x5e349c SafeArrayGetDim
0x5e34a0 SafeArrayUnaccessData
0x5e34a4 UnRegisterTypeLib
0x5e34a8 LoadTypeLib
0x5e34ac LHashValOfNameSys
0x5e34b0 RegisterTypeLib
0x5e34b4 SafeArrayPutElement
0x5e34b8 SafeArrayCreate
0x5e34bc SafeArrayDestroy
0x5e34c0 SysAllocString
0x5e34c4 VariantInit
0x5e34c8 VariantCopyInd
0x5e34cc SafeArrayGetElement
0x5e34d0 SafeArrayAccessData
COMCTL32.dll
0x5e3018 ImageList_DragLeave
0x5e301c ImageList_DragEnter
0x5e3020 ImageList_Destroy
0x5e3024 ImageList_Create
0x5e3028 ImageList_BeginDrag
0x5e302c ImageList_DragMove
0x5e3030 ImageList_AddMasked
0x5e3034 _TrackMouseEvent
0x5e3038 ImageList_Draw
0x5e303c ImageList_SetBkColor
0x5e3040 ImageList_GetImageCount
0x5e3044 ImageList_GetImageInfo
0x5e3048 ImageList_GetIcon
0x5e304c ImageList_DragShowNolock
0x5e3050 ImageList_EndDrag
0x5e3054 None
0x5e3058 ImageList_Read
0x5e305c ImageList_Write
0x5e3060 ImageList_DrawIndirect
0x5e3064 ImageList_Duplicate
0x5e3068 ImageList_Add
WS2_32.dll
0x5e382c ntohl
0x5e3830 getsockname
0x5e3834 ntohs
0x5e3838 WSAGetLastError
0x5e383c shutdown
0x5e3840 gethostname
0x5e3844 inet_addr
0x5e3848 inet_ntoa
0x5e384c closesocket
0x5e3850 WSAStartup
0x5e3854 WSACleanup
0x5e3858 select
0x5e385c __WSAFDIsSet
0x5e3860 accept
0x5e3864 getpeername
0x5e3868 listen
0x5e386c recv
0x5e3870 connect
0x5e3874 ioctlsocket
0x5e3878 recvfrom
0x5e387c sendto
0x5e3880 send
0x5e3884 WSAAsyncSelect
0x5e3888 htons
0x5e388c gethostbyname
0x5e3890 socket
0x5e3894 htonl
0x5e3898 ind
WININET.dll
0x5e37a4 InternetCanonicalizeUrlA
0x5e37a8 InternetCrackUrlA
0x5e37ac HttpOpenRequestA
0x5e37b0 HttpSendRequestA
0x5e37b4 HttpQueryInfoA
0x5e37b8 InternetReadFile
0x5e37bc InternetConnectA
0x5e37c0 InternetSetOptionA
0x5e37c4 InternetCloseHandle
0x5e37c8 InternetOpenA
comdlg32.dll
0x5e38a0 ChooseColorA
0x5e38a4 GetSaveFileNameA
0x5e38a8 GetOpenFileNameA
0x5e38ac ChooseFontA
0x5e38b0 GetFileTitleA
EAT(Export Address Table) is none
RASAPI32.dll
0x5e34d8 RasHangUpA
0x5e34dc RasGetConnectStatusA
KERNEL32.dll
0x5e31d8 GetStdHandle
0x5e31dc SetHandleCount
0x5e31e0 GetEnvironmentStringsW
0x5e31e4 GetEnvironmentStrings
0x5e31e8 FreeEnvironmentStringsW
0x5e31ec FreeEnvironmentStringsA
0x5e31f0 UnhandledExceptionFilter
0x5e31f4 GetFileType
0x5e31f8 SetStdHandle
0x5e31fc GetACP
0x5e3200 RaiseException
0x5e3204 GetLocalTime
0x5e3208 TerminateProcess
0x5e320c RtlUnwind
0x5e3210 GetStartupInfoA
0x5e3214 GetOEMCP
0x5e3218 GetCPInfo
0x5e321c GetProcessVersion
0x5e3220 SetErrorMode
0x5e3224 GlobalFlags
0x5e3228 GetEnvironmentVariableA
0x5e322c GetCurrentThread
0x5e3230 GetFileTime
0x5e3234 TlsGetValue
0x5e3238 LocalReAlloc
0x5e323c TlsSetValue
0x5e3240 TlsFree
0x5e3244 GlobalHandle
0x5e3248 TlsAlloc
0x5e324c LocalAlloc
0x5e3250 lstrcmpA
0x5e3254 GetVersion
0x5e3258 GlobalGetAtomNameA
0x5e325c GlobalAddAtomA
0x5e3260 GlobalFindAtomA
0x5e3264 GlobalDeleteAtom
0x5e3268 lstrcmpiA
0x5e326c DuplicateHandle
0x5e3270 lstrcpynA
0x5e3274 FileTimeToLocalFileTime
0x5e3278 InterlockedDecrement
0x5e327c InterlockedIncrement
0x5e3280 SetEnvironmentVariableA
0x5e3284 LCMapStringA
0x5e3288 LCMapStringW
0x5e328c IsBadWritePtr
0x5e3290 IsValidLocale
0x5e3294 IsValidCodePage
0x5e3298 GetLocaleInfoA
0x5e329c EnumSystemLocalesA
0x5e32a0 GetStringTypeA
0x5e32a4 GetStringTypeW
0x5e32a8 SuspendThread
0x5e32ac ReleaseMutex
0x5e32b0 CreateMutexA
0x5e32b4 VirtualFree
0x5e32b8 VirtualAlloc
0x5e32bc SetLastError
0x5e32c0 GetTimeZoneInformation
0x5e32c4 FileTimeToSystemTime
0x5e32c8 GetCurrentProcess
0x5e32cc GetWindowsDirectoryA
0x5e32d0 GetSystemDirectoryA
0x5e32d4 InterlockedCompareExchange
0x5e32d8 AreFileApisANSI
0x5e32dc CreateFileW
0x5e32e0 CreateFileMappingA
0x5e32e4 CreateFileMappingW
0x5e32e8 CreateMutexW
0x5e32ec DeleteFileW
0x5e32f0 FlushFileBuffers
0x5e32f4 FormatMessageA
0x5e32f8 FormatMessageW
0x5e32fc GetDiskFreeSpaceW
0x5e3300 GetFileAttributesW
0x5e3304 GetFileAttributesExW
0x5e3308 GetFileSize
0x5e330c GetFullPathNameW
0x5e3310 GetSystemInfo
0x5e3314 GetSystemTime
0x5e3318 GetSystemTimeAsFileTime
0x5e331c GetTempPathW
0x5e3320 HeapCreate
0x5e3324 HeapDestroy
0x5e3328 HeapSize
0x5e332c HeapValidate
0x5e3330 LoadLibraryW
0x5e3334 LocalFree
0x5e3338 LockFile
0x5e333c LockFileEx
0x5e3340 MapViewOfFile
0x5e3344 QueryPerformanceCounter
0x5e3348 SetEndOfFile
0x5e334c SetFilePointer
0x5e3350 SystemTimeToFileTime
0x5e3354 UnlockFile
0x5e3358 UnlockFileEx
0x5e335c UnmapViewOfFile
0x5e3360 TerminateThread
0x5e3364 CreateSemaphoreA
0x5e3368 ResumeThread
0x5e336c ReleaseSemaphore
0x5e3370 EnterCriticalSection
0x5e3374 LeaveCriticalSection
0x5e3378 GetProfileStringA
0x5e337c WriteFile
0x5e3380 WaitForMultipleObjects
0x5e3384 CreateFileA
0x5e3388 SetEvent
0x5e338c FindResourceA
0x5e3390 LoadResource
0x5e3394 LockResource
0x5e3398 ReadFile
0x5e339c lstrlenW
0x5e33a0 GetModuleFileNameA
0x5e33a4 GetCurrentProcessId
0x5e33a8 GetCurrentThreadId
0x5e33ac ExitProcess
0x5e33b0 GlobalSize
0x5e33b4 GlobalFree
0x5e33b8 DeleteCriticalSection
0x5e33bc InitializeCriticalSection
0x5e33c0 lstrcatA
0x5e33c4 GetLocaleInfoW
0x5e33c8 lstrlenA
0x5e33cc WinExec
0x5e33d0 lstrcpyA
0x5e33d4 FindNextFileA
0x5e33d8 GlobalReAlloc
0x5e33dc HeapFree
0x5e33e0 HeapReAlloc
0x5e33e4 GetProcessHeap
0x5e33e8 HeapAlloc
0x5e33ec GetUserDefaultLCID
0x5e33f0 MultiByteToWideChar
0x5e33f4 WideCharToMultiByte
0x5e33f8 GetFullPathNameA
0x5e33fc FreeLibrary
0x5e3400 LoadLibraryA
0x5e3404 GetLastError
0x5e3408 GetVersionExA
0x5e340c WritePrivateProfileStringA
0x5e3410 CreateThread
0x5e3414 CreateEventA
0x5e3418 Sleep
0x5e341c GlobalAlloc
0x5e3420 GlobalLock
0x5e3424 GlobalUnlock
0x5e3428 GetTempPathA
0x5e342c FindFirstFileA
0x5e3430 FindClose
0x5e3434 GetFileAttributesA
0x5e3438 DeleteFileA
0x5e343c SetCurrentDirectoryA
0x5e3440 GetVolumeInformationA
0x5e3444 GetModuleHandleA
0x5e3448 GetProcAddress
0x5e344c GetDiskFreeSpaceA
0x5e3450 MulDiv
0x5e3454 GetCommandLineA
0x5e3458 GetTickCount
0x5e345c CreateProcessA
0x5e3460 WaitForSingleObject
0x5e3464 CloseHandle
0x5e3468 SetUnhandledExceptionFilter
0x5e346c CompareStringA
0x5e3470 CompareStringW
0x5e3474 IsBadReadPtr
0x5e3478 IsBadCodePtr
USER32.dll
0x5e3500 FrameRect
0x5e3504 SetWindowsHookExA
0x5e3508 CallNextHookEx
0x5e350c UnhookWindowsHookEx
0x5e3510 GetWindowDC
0x5e3514 EnumChildWindows
0x5e3518 GetPropA
0x5e351c WindowFromDC
0x5e3520 TabbedTextOutA
0x5e3524 GrayStringA
0x5e3528 DrawStateA
0x5e352c GetTabbedTextExtentA
0x5e3530 GetMenuState
0x5e3534 GetMenuStringA
0x5e3538 GetMenuItemID
0x5e353c GetMenuItemCount
0x5e3540 SetWindowTextA
0x5e3544 GetWindowTextA
0x5e3548 MoveWindow
0x5e354c CallWindowProcA
0x5e3550 SetPropA
0x5e3554 DrawTextA
0x5e3558 GetCursor
0x5e355c LoadIconA
0x5e3560 TranslateMessage
0x5e3564 DrawFrameControl
0x5e3568 DrawEdge
0x5e356c DrawFocusRect
0x5e3570 WindowFromPoint
0x5e3574 GetMessageA
0x5e3578 DispatchMessageA
0x5e357c SetRectEmpty
0x5e3580 RegisterClipboardFormatA
0x5e3584 CreateIconFromResourceEx
0x5e3588 CreateIconFromResource
0x5e358c DrawIconEx
0x5e3590 CreatePopupMenu
0x5e3594 AppendMenuA
0x5e3598 ModifyMenuA
0x5e359c CreateMenu
0x5e35a0 CreateAcceleratorTableA
0x5e35a4 GetDlgCtrlID
0x5e35a8 GetSubMenu
0x5e35ac EnableMenuItem
0x5e35b0 ClientToScreen
0x5e35b4 EnumDisplaySettingsA
0x5e35b8 LoadImageA
0x5e35bc SystemParametersInfoA
0x5e35c0 ShowWindow
0x5e35c4 TranslateAcceleratorA
0x5e35c8 GetKeyState
0x5e35cc CopyAcceleratorTableA
0x5e35d0 PostQuitMessage
0x5e35d4 GetWindowThreadProcessId
0x5e35d8 IsWindowEnabled
0x5e35dc EnumWindows
0x5e35e0 IsZoomed
0x5e35e4 GetClassInfoA
0x5e35e8 DefWindowProcA
0x5e35ec GetSystemMenu
0x5e35f0 DeleteMenu
0x5e35f4 GetMenu
0x5e35f8 SetMenu
0x5e35fc GetForegroundWindow
0x5e3600 IsIconic
0x5e3604 SetFocus
0x5e3608 GetActiveWindow
0x5e360c GetWindow
0x5e3610 DestroyAcceleratorTable
0x5e3614 SetWindowRgn
0x5e3618 GetSysColorBrush
0x5e361c LoadStringA
0x5e3620 GetDesktopWindow
0x5e3624 GetClassNameA
0x5e3628 GetMenuCheckMarkDimensions
0x5e362c SetMenuItemBitmaps
0x5e3630 CheckMenuItem
0x5e3634 IsDialogMessageA
0x5e3638 ScrollWindowEx
0x5e363c SendDlgItemMessageA
0x5e3640 MapWindowPoints
0x5e3644 AdjustWindowRectEx
0x5e3648 GetScrollPos
0x5e364c RegisterClassA
0x5e3650 GetClassLongA
0x5e3654 RemovePropA
0x5e3658 GetMessageTime
0x5e365c GetLastActivePopup
0x5e3660 RegisterWindowMessageA
0x5e3664 GetWindowPlacement
0x5e3668 GetNextDlgTabItem
0x5e366c EndDialog
0x5e3670 CreateDialogIndirectParamA
0x5e3674 DestroyWindow
0x5e3678 GetMessagePos
0x5e367c ScreenToClient
0x5e3680 ChildWindowFromPointEx
0x5e3684 CopyRect
0x5e3688 LoadBitmapA
0x5e368c WinHelpA
0x5e3690 KillTimer
0x5e3694 SetTimer
0x5e3698 GetCapture
0x5e369c SetCapture
0x5e36a0 GetScrollRange
0x5e36a4 SetScrollRange
0x5e36a8 SetScrollPos
0x5e36ac SetRect
0x5e36b0 InflateRect
0x5e36b4 IntersectRect
0x5e36b8 DestroyIcon
0x5e36bc PtInRect
0x5e36c0 OffsetRect
0x5e36c4 IsWindowVisible
0x5e36c8 EnableWindow
0x5e36cc RedrawWindow
0x5e36d0 GetWindowLongA
0x5e36d4 SetWindowLongA
0x5e36d8 GetSysColor
0x5e36dc SetActiveWindow
0x5e36e0 SetCursorPos
0x5e36e4 LoadCursorA
0x5e36e8 SetCursor
0x5e36ec GetDC
0x5e36f0 FillRect
0x5e36f4 IsRectEmpty
0x5e36f8 ReleaseDC
0x5e36fc IsChild
0x5e3700 TrackPopupMenu
0x5e3704 DestroyMenu
0x5e3708 SetForegroundWindow
0x5e370c GetWindowRect
0x5e3710 EqualRect
0x5e3714 UpdateWindow
0x5e3718 ValidateRect
0x5e371c InvalidateRect
0x5e3720 LockWindowUpdate
0x5e3724 GetClientRect
0x5e3728 GetFocus
0x5e372c GetParent
0x5e3730 GetTopWindow
0x5e3734 PostMessageA
0x5e3738 IsWindow
0x5e373c SetParent
0x5e3740 DestroyCursor
0x5e3744 SendMessageA
0x5e3748 SetWindowPos
0x5e374c MessageBoxA
0x5e3750 ReleaseCapture
0x5e3754 GetCursorPos
0x5e3758 GetSystemMetrics
0x5e375c EmptyClipboard
0x5e3760 SetClipboardData
0x5e3764 OpenClipboard
0x5e3768 GetClipboardData
0x5e376c CloseClipboard
0x5e3770 wsprintfA
0x5e3774 WaitForInputIdle
0x5e3778 CreateWindowExA
0x5e377c RegisterHotKey
0x5e3780 UnregisterHotKey
0x5e3784 UnregisterClassA
0x5e3788 PeekMessageA
0x5e378c GetWindowTextLengthA
0x5e3790 CharUpperA
0x5e3794 BeginPaint
0x5e3798 EndPaint
0x5e379c GetDlgItem
GDI32.dll
0x5e3070 PathToRegion
0x5e3074 CreateEllipticRgn
0x5e3078 CreateRoundRectRgn
0x5e307c GetTextColor
0x5e3080 GetBkMode
0x5e3084 GetBkColor
0x5e3088 GetROP2
0x5e308c GetStretchBltMode
0x5e3090 GetPolyFillMode
0x5e3094 CreateCompatibleBitmap
0x5e3098 CreateDCA
0x5e309c FillRgn
0x5e30a0 CreateBrushIndirect
0x5e30a4 CreateBitmap
0x5e30a8 SelectObject
0x5e30ac CreatePen
0x5e30b0 PatBlt
0x5e30b4 CreateRectRgn
0x5e30b8 CombineRgn
0x5e30bc CreateFontIndirectA
0x5e30c0 GetStockObject
0x5e30c4 GetObjectA
0x5e30c8 EndPage
0x5e30cc EndDoc
0x5e30d0 DeleteDC
0x5e30d4 EndPath
0x5e30d8 StartPage
0x5e30dc BitBlt
0x5e30e0 GetPixel
0x5e30e4 CreateCompatibleDC
0x5e30e8 SetPixelV
0x5e30ec Ellipse
0x5e30f0 Rectangle
0x5e30f4 LPtoDP
0x5e30f8 DPtoLP
0x5e30fc GetCurrentObject
0x5e3100 RoundRect
0x5e3104 GetTextExtentPoint32A
0x5e3108 GetDeviceCaps
0x5e310c GetTextMetricsA
0x5e3110 GetViewportExtEx
0x5e3114 BeginPath
0x5e3118 GetWindowOrgEx
0x5e311c GetViewportOrgEx
0x5e3120 GetWindowExtEx
0x5e3124 GetDIBits
0x5e3128 RealizePalette
0x5e312c SelectPalette
0x5e3130 StretchBlt
0x5e3134 CreatePalette
0x5e3138 GetSystemPaletteEntries
0x5e313c CreateDIBitmap
0x5e3140 DeleteObject
0x5e3144 ExtSelectClipRgn
0x5e3148 SelectClipRgn
0x5e314c CreatePolygonRgn
0x5e3150 GetClipRgn
0x5e3154 SetStretchBltMode
0x5e3158 SetPixel
0x5e315c CreateRectRgnIndirect
0x5e3160 SetBkColor
0x5e3164 SetBkMode
0x5e3168 SetTextColor
0x5e316c SetWindowOrgEx
0x5e3170 SaveDC
0x5e3174 RestoreDC
0x5e3178 CreatePenIndirect
0x5e317c PtVisible
0x5e3180 RectVisible
0x5e3184 TextOutA
0x5e3188 ExtTextOutA
0x5e318c Escape
0x5e3190 CreateFontA
0x5e3194 TranslateCharsetInfo
0x5e3198 StartDocA
0x5e319c LineTo
0x5e31a0 MoveToEx
0x5e31a4 ExcludeClipRect
0x5e31a8 GetClipBox
0x5e31ac ScaleWindowExtEx
0x5e31b0 SetWindowExtEx
0x5e31b4 ScaleViewportExtEx
0x5e31b8 SetViewportExtEx
0x5e31bc OffsetViewportOrgEx
0x5e31c0 SetViewportOrgEx
0x5e31c4 SetMapMode
0x5e31c8 SetROP2
0x5e31cc SetPolyFillMode
0x5e31d0 CreateSolidBrush
WINMM.dll
0x5e37d0 midiStreamRestart
0x5e37d4 midiStreamClose
0x5e37d8 midiOutReset
0x5e37dc midiStreamStop
0x5e37e0 midiStreamOut
0x5e37e4 midiOutPrepareHeader
0x5e37e8 midiStreamProperty
0x5e37ec midiStreamOpen
0x5e37f0 midiOutUnprepareHeader
0x5e37f4 waveOutOpen
0x5e37f8 waveOutGetNumDevs
0x5e37fc waveOutReset
0x5e3800 waveOutPause
0x5e3804 waveOutWrite
0x5e3808 waveOutPrepareHeader
0x5e380c waveOutUnprepareHeader
0x5e3810 waveOutRestart
0x5e3814 waveOutClose
MSIMG32.dll
0x5e3480 GradientFill
WINSPOOL.DRV
0x5e381c DocumentPropertiesA
0x5e3820 OpenPrinterA
0x5e3824 ClosePrinter
ADVAPI32.dll
0x5e3000 RegCreateKeyExA
0x5e3004 RegOpenKeyExA
0x5e3008 RegSetValueExA
0x5e300c RegQueryValueA
0x5e3010 RegCloseKey
SHELL32.dll
0x5e34e4 DragFinish
0x5e34e8 Shell_NotifyIconA
0x5e34ec SHGetSpecialFolderPathA
0x5e34f0 DragQueryFileA
0x5e34f4 ShellExecuteA
0x5e34f8 DragAcceptFiles
ole32.dll
0x5e38b8 OleRun
0x5e38bc CoCreateInstance
0x5e38c0 CLSIDFromString
0x5e38c4 OleUninitialize
0x5e38c8 OleInitialize
0x5e38cc CLSIDFromProgID
OLEAUT32.dll
0x5e3488 VariantClear
0x5e348c VariantChangeType
0x5e3490 SafeArrayGetUBound
0x5e3494 SafeArrayGetLBound
0x5e3498 VariantCopy
0x5e349c SafeArrayGetDim
0x5e34a0 SafeArrayUnaccessData
0x5e34a4 UnRegisterTypeLib
0x5e34a8 LoadTypeLib
0x5e34ac LHashValOfNameSys
0x5e34b0 RegisterTypeLib
0x5e34b4 SafeArrayPutElement
0x5e34b8 SafeArrayCreate
0x5e34bc SafeArrayDestroy
0x5e34c0 SysAllocString
0x5e34c4 VariantInit
0x5e34c8 VariantCopyInd
0x5e34cc SafeArrayGetElement
0x5e34d0 SafeArrayAccessData
COMCTL32.dll
0x5e3018 ImageList_DragLeave
0x5e301c ImageList_DragEnter
0x5e3020 ImageList_Destroy
0x5e3024 ImageList_Create
0x5e3028 ImageList_BeginDrag
0x5e302c ImageList_DragMove
0x5e3030 ImageList_AddMasked
0x5e3034 _TrackMouseEvent
0x5e3038 ImageList_Draw
0x5e303c ImageList_SetBkColor
0x5e3040 ImageList_GetImageCount
0x5e3044 ImageList_GetImageInfo
0x5e3048 ImageList_GetIcon
0x5e304c ImageList_DragShowNolock
0x5e3050 ImageList_EndDrag
0x5e3054 None
0x5e3058 ImageList_Read
0x5e305c ImageList_Write
0x5e3060 ImageList_DrawIndirect
0x5e3064 ImageList_Duplicate
0x5e3068 ImageList_Add
WS2_32.dll
0x5e382c ntohl
0x5e3830 getsockname
0x5e3834 ntohs
0x5e3838 WSAGetLastError
0x5e383c shutdown
0x5e3840 gethostname
0x5e3844 inet_addr
0x5e3848 inet_ntoa
0x5e384c closesocket
0x5e3850 WSAStartup
0x5e3854 WSACleanup
0x5e3858 select
0x5e385c __WSAFDIsSet
0x5e3860 accept
0x5e3864 getpeername
0x5e3868 listen
0x5e386c recv
0x5e3870 connect
0x5e3874 ioctlsocket
0x5e3878 recvfrom
0x5e387c sendto
0x5e3880 send
0x5e3884 WSAAsyncSelect
0x5e3888 htons
0x5e388c gethostbyname
0x5e3890 socket
0x5e3894 htonl
0x5e3898 ind
WININET.dll
0x5e37a4 InternetCanonicalizeUrlA
0x5e37a8 InternetCrackUrlA
0x5e37ac HttpOpenRequestA
0x5e37b0 HttpSendRequestA
0x5e37b4 HttpQueryInfoA
0x5e37b8 InternetReadFile
0x5e37bc InternetConnectA
0x5e37c0 InternetSetOptionA
0x5e37c4 InternetCloseHandle
0x5e37c8 InternetOpenA
comdlg32.dll
0x5e38a0 ChooseColorA
0x5e38a4 GetSaveFileNameA
0x5e38a8 GetOpenFileNameA
0x5e38ac ChooseFontA
0x5e38b0 GetFileTitleA
EAT(Export Address Table) is none