ScreenShot
| Created | 2024.10.17 10:39 | Machine | s1_win7_x6403 |
| Filename | ewm.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | 53 detected (AIDetectMalware, lqH9, malicious, high confidence, score, Jaik, Unsafe, SilverFoxHA, swkad, Attribute, HighConfidence, FlyStudio, Artemis, MalwareX, LESS, bWQ1OoTdRYfhRz3J, MulDrop28, Real Protect, moderate, Generic Reputation PUA, QQWare, HackTool, Detected, ai score=80, RA@1qraug, Wacatac, 18B7I2K, Eldorado, ZexaF, us0@ayXVcwjb, BScope, R002H0CI424, susgen, CoinMiner, confidence, AM QhjuRRKzSBn RJNtCCRj) | ||
| md5 | 5be32defc6aeca7d5d91d1eb90c14124 | ||
| sha256 | f2e2a44d8084a1b9b359cb6d32ec93331cde72c53229edb5452590e1c26f562c | ||
| ssdeep | 49152:vYV/Bd1kOdyrQMx/m+s8KuqGaX0ToIBAUZLYbo:QV5rkOd+p/lJBAUZLv | ||
| imphash | 1f5b2e5531c9782d16fadf7e280a0f76 | ||
| impfuzzy | 192:upW3SqC0KCpkEmVUqT02t4zSJQOqcRcrcEAHhSk5QkE:upeC3zT9QjE6bkNE | ||
Network IP location
Signature (9cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 53 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Expresses interest in specific running processes |
| notice | Foreign language identified in PE resource |
| notice | Performs some HTTP requests |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | ASPack_Zero | ASPack packed file | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | DllRegisterServer_Zero | execute regsvr32.exe | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
RASAPI32.dll
0x5083e4 RasHangUpA
0x5083e8 RasGetConnectStatusA
KERNEL32.dll
0x5081a0 GetCommandLineA
0x5081a4 MulDiv
0x5081a8 GetProcAddress
0x5081ac GetModuleHandleA
0x5081b0 GetVolumeInformationA
0x5081b4 SetCurrentDirectoryA
0x5081b8 lstrcpynA
0x5081bc FileTimeToLocalFileTime
0x5081c0 FormatMessageA
0x5081c4 LocalFree
0x5081c8 InterlockedDecrement
0x5081cc InterlockedIncrement
0x5081d0 CreateDirectoryA
0x5081d4 CopyFileA
0x5081d8 DeleteFileA
0x5081dc GetFileAttributesA
0x5081e0 CreateProcessA
0x5081e4 FindClose
0x5081e8 FindFirstFileA
0x5081ec GetACP
0x5081f0 SuspendThread
0x5081f4 ReleaseMutex
0x5081f8 CreateMutexA
0x5081fc GetFileSize
0x508200 IsBadCodePtr
0x508204 IsBadReadPtr
0x508208 CompareStringW
0x50820c CompareStringA
0x508210 GetStringTypeW
0x508214 GetStringTypeA
0x508218 SetUnhandledExceptionFilter
0x50821c IsBadWritePtr
0x508220 VirtualAlloc
0x508224 LCMapStringW
0x508228 LCMapStringA
0x50822c SetEnvironmentVariableA
0x508230 VirtualFree
0x508234 HeapCreate
0x508238 HeapDestroy
0x50823c GetEnvironmentVariableA
0x508240 GetStdHandle
0x508244 SetHandleCount
0x508248 GetEnvironmentStringsW
0x50824c GetEnvironmentStrings
0x508250 FreeEnvironmentStringsW
0x508254 FreeEnvironmentStringsA
0x508258 UnhandledExceptionFilter
0x50825c GetFileType
0x508260 SetStdHandle
0x508264 TerminateProcess
0x508268 GetLocalTime
0x50826c GetSystemTime
0x508270 RaiseException
0x508274 HeapSize
0x508278 RtlUnwind
0x50827c GetStartupInfoA
0x508280 GetOEMCP
0x508284 GetCPInfo
0x508288 GetProcessVersion
0x50828c SetErrorMode
0x508290 UnmapViewOfFile
0x508294 TerminateThread
0x508298 SetLastError
0x50829c GetTimeZoneInformation
0x5082a0 FileTimeToSystemTime
0x5082a4 CreateSemaphoreA
0x5082a8 ResumeThread
0x5082ac ReleaseSemaphore
0x5082b0 EnterCriticalSection
0x5082b4 LeaveCriticalSection
0x5082b8 GetProfileStringA
0x5082bc WriteFile
0x5082c0 WaitForMultipleObjects
0x5082c4 CreateFileA
0x5082c8 SetEvent
0x5082cc FindResourceA
0x5082d0 LoadResource
0x5082d4 LockResource
0x5082d8 ReadFile
0x5082dc lstrlenW
0x5082e0 GetModuleFileNameA
0x5082e4 GetCurrentThreadId
0x5082e8 ExitProcess
0x5082ec GlobalSize
0x5082f0 GlobalFree
0x5082f4 DeleteCriticalSection
0x5082f8 InitializeCriticalSection
0x5082fc lstrcatA
0x508300 lstrlenA
0x508304 WinExec
0x508308 lstrcpyA
0x50830c FindNextFileA
0x508310 GlobalReAlloc
0x508314 HeapFree
0x508318 HeapReAlloc
0x50831c GetProcessHeap
0x508320 HeapAlloc
0x508324 MultiByteToWideChar
0x508328 WideCharToMultiByte
0x50832c GetFullPathNameA
0x508330 FreeLibrary
0x508334 LoadLibraryA
0x508338 GetLastError
0x50833c GetVersionExA
0x508340 WritePrivateProfileStringA
0x508344 CreateThread
0x508348 CreateEventA
0x50834c Sleep
0x508350 GlobalAlloc
0x508354 GlobalLock
0x508358 GlobalUnlock
0x50835c GetTickCount
0x508360 GetProfileIntA
0x508364 GlobalFlags
0x508368 GetCurrentThread
0x50836c GetFileTime
0x508370 TlsGetValue
0x508374 LocalReAlloc
0x508378 TlsSetValue
0x50837c TlsFree
0x508380 GlobalHandle
0x508384 TlsAlloc
0x508388 LocalAlloc
0x50838c lstrcmpA
0x508390 GetVersion
0x508394 GlobalGetAtomNameA
0x508398 GlobalAddAtomA
0x50839c GlobalFindAtomA
0x5083a0 GlobalDeleteAtom
0x5083a4 lstrcmpiA
0x5083a8 SetEndOfFile
0x5083ac UnlockFile
0x5083b0 LockFile
0x5083b4 FlushFileBuffers
0x5083b8 SetFilePointer
0x5083bc GetCurrentProcess
0x5083c0 DuplicateHandle
0x5083c4 WaitForSingleObject
0x5083c8 CloseHandle
USER32.dll
0x5083fc EmptyClipboard
0x508400 IsClipboardFormatAvailable
0x508404 GetSystemMetrics
0x508408 GetCursorPos
0x50840c MessageBoxA
0x508410 MessageBeep
0x508414 SetWindowPos
0x508418 SendMessageA
0x50841c DestroyCursor
0x508420 SetParent
0x508424 IsWindow
0x508428 PostMessageA
0x50842c GetTopWindow
0x508430 GetParent
0x508434 SetClipboardData
0x508438 OpenClipboard
0x50843c GetClipboardData
0x508440 CloseClipboard
0x508444 GetFocus
0x508448 GetClientRect
0x50844c InvalidateRect
0x508450 ValidateRect
0x508454 UpdateWindow
0x508458 EqualRect
0x50845c GetWindowRect
0x508460 SetForegroundWindow
0x508464 DestroyMenu
0x508468 IsChild
0x50846c ReleaseDC
0x508470 wsprintfA
0x508474 InvertRect
0x508478 FillRect
0x50847c GetDC
0x508480 SetCursor
0x508484 LoadCursorA
0x508488 SetCursorPos
0x50848c SetActiveWindow
0x508490 GetSysColor
0x508494 SetWindowLongA
0x508498 GetWindowLongA
0x50849c RedrawWindow
0x5084a0 EnableWindow
0x5084a4 IsWindowVisible
0x5084a8 OffsetRect
0x5084ac PtInRect
0x5084b0 DestroyIcon
0x5084b4 IntersectRect
0x5084b8 InflateRect
0x5084bc SetRect
0x5084c0 SetScrollPos
0x5084c4 SetScrollRange
0x5084c8 GetScrollRange
0x5084cc SetCapture
0x5084d0 GetCapture
0x5084d4 ReleaseCapture
0x5084d8 SetTimer
0x5084dc KillTimer
0x5084e0 WinHelpA
0x5084e4 LoadBitmapA
0x5084e8 CopyRect
0x5084ec ChildWindowFromPointEx
0x5084f0 ScreenToClient
0x5084f4 GetMessagePos
0x5084f8 SetWindowRgn
0x5084fc DestroyAcceleratorTable
0x508500 GetWindow
0x508504 WaitForInputIdle
0x508508 IsRectEmpty
0x50850c EndPaint
0x508510 GetSysColorBrush
0x508514 LoadStringA
0x508518 wvsprintfA
0x50851c GetClassNameA
0x508520 GetMenuCheckMarkDimensions
0x508524 GetMenuState
0x508528 SetMenuItemBitmaps
0x50852c CheckMenuItem
0x508530 MoveWindow
0x508534 IsDialogMessageA
0x508538 ScrollWindowEx
0x50853c SendDlgItemMessageA
0x508540 MapWindowPoints
0x508544 AdjustWindowRectEx
0x508548 GetDesktopWindow
0x50854c SetWindowTextA
0x508550 FrameRect
0x508554 GetDoubleClickTime
0x508558 GetCursor
0x50855c ClipCursor
0x508560 GrayStringA
0x508564 DrawTextA
0x508568 TabbedTextOutA
0x50856c LoadIconA
0x508570 TranslateMessage
0x508574 DrawFrameControl
0x508578 DrawEdge
0x50857c DrawFocusRect
0x508580 WindowFromPoint
0x508584 GetMessageA
0x508588 DispatchMessageA
0x50858c SetRectEmpty
0x508590 RegisterClipboardFormatA
0x508594 CreateIconFromResourceEx
0x508598 CreateIconFromResource
0x50859c DrawIconEx
0x5085a0 CreatePopupMenu
0x5085a4 AppendMenuA
0x5085a8 ModifyMenuA
0x5085ac CreateMenu
0x5085b0 CreateAcceleratorTableA
0x5085b4 GetDlgCtrlID
0x5085b8 GetSubMenu
0x5085bc EnableMenuItem
0x5085c0 ClientToScreen
0x5085c4 EnumDisplaySettingsA
0x5085c8 LoadImageA
0x5085cc SystemParametersInfoA
0x5085d0 ShowWindow
0x5085d4 IsWindowEnabled
0x5085d8 TranslateAcceleratorA
0x5085dc GetKeyState
0x5085e0 CopyAcceleratorTableA
0x5085e4 PostQuitMessage
0x5085e8 IsZoomed
0x5085ec GetClassInfoA
0x5085f0 DefWindowProcA
0x5085f4 GetSystemMenu
0x5085f8 DeleteMenu
0x5085fc GetMenu
0x508600 SetMenu
0x508604 PeekMessageA
0x508608 IsIconic
0x50860c SetFocus
0x508610 GetActiveWindow
0x508614 GetWindowTextA
0x508618 GetWindowTextLengthA
0x50861c CharUpperA
0x508620 GetWindowDC
0x508624 BeginPaint
0x508628 UnregisterClassA
0x50862c GetDlgItem
0x508630 DestroyWindow
0x508634 CreateDialogIndirectParamA
0x508638 EndDialog
0x50863c GetNextDlgTabItem
0x508640 GetWindowPlacement
0x508644 RegisterWindowMessageA
0x508648 GetForegroundWindow
0x50864c GetLastActivePopup
0x508650 GetMessageTime
0x508654 RemovePropA
0x508658 CallWindowProcA
0x50865c GetPropA
0x508660 UnhookWindowsHookEx
0x508664 SetPropA
0x508668 GetClassLongA
0x50866c CallNextHookEx
0x508670 SetWindowsHookExA
0x508674 CreateWindowExA
0x508678 GetMenuItemID
0x50867c GetMenuItemCount
0x508680 RegisterClassA
0x508684 GetScrollPos
0x508688 ShowScrollBar
0x50868c SetScrollInfo
0x508690 GetScrollInfo
0x508694 ScrollWindow
GDI32.dll
0x508038 OffsetViewportOrgEx
0x50803c GetNearestPaletteIndex
0x508040 SetBrushOrgEx
0x508044 CreateFontA
0x508048 AbortDoc
0x50804c Escape
0x508050 GetTextMetricsA
0x508054 ExtTextOutA
0x508058 TextOutA
0x50805c RectVisible
0x508060 PtVisible
0x508064 SetBkColor
0x508068 CreateRectRgnIndirect
0x50806c SetStretchBltMode
0x508070 GetClipRgn
0x508074 CreatePolygonRgn
0x508078 SelectClipRgn
0x50807c DeleteObject
0x508080 CreateDIBitmap
0x508084 GetSystemPaletteEntries
0x508088 CreatePalette
0x50808c StretchBlt
0x508090 SelectPalette
0x508094 RealizePalette
0x508098 GetDIBits
0x50809c GetWindowExtEx
0x5080a0 GetViewportOrgEx
0x5080a4 GetWindowOrgEx
0x5080a8 BeginPath
0x5080ac EndPath
0x5080b0 PathToRegion
0x5080b4 CreateEllipticRgn
0x5080b8 CreateRoundRectRgn
0x5080bc GetTextColor
0x5080c0 GetBkMode
0x5080c4 GetBkColor
0x5080c8 GetROP2
0x5080cc GetStretchBltMode
0x5080d0 GetPolyFillMode
0x5080d4 CreateCompatibleBitmap
0x5080d8 CreateDCA
0x5080dc CreateBitmap
0x5080e0 CreatePatternBrush
0x5080e4 SelectObject
0x5080e8 GetObjectA
0x5080ec CreatePen
0x5080f0 PatBlt
0x5080f4 CombineRgn
0x5080f8 CreateRectRgn
0x5080fc FillRgn
0x508100 CreateSolidBrush
0x508104 GetStockObject
0x508108 CreateFontIndirectA
0x50810c EndPage
0x508110 EndDoc
0x508114 DeleteDC
0x508118 StartDocA
0x50811c StartPage
0x508120 BitBlt
0x508124 CreateCompatibleDC
0x508128 Ellipse
0x50812c Rectangle
0x508130 LPtoDP
0x508134 DPtoLP
0x508138 GetCurrentObject
0x50813c RoundRect
0x508140 GetTextExtentPoint32A
0x508144 GetDeviceCaps
0x508148 SaveDC
0x50814c RestoreDC
0x508150 SetBkMode
0x508154 SetPolyFillMode
0x508158 SetROP2
0x50815c SetTextColor
0x508160 SetMapMode
0x508164 SetViewportOrgEx
0x508168 SetViewportExtEx
0x50816c ScaleViewportExtEx
0x508170 SetWindowOrgEx
0x508174 OffsetWindowOrgEx
0x508178 SetWindowExtEx
0x50817c ScaleWindowExtEx
0x508180 GetClipBox
0x508184 ExcludeClipRect
0x508188 MoveToEx
0x50818c LineTo
0x508190 CopyMetaFileA
0x508194 GetViewportExtEx
0x508198 ExtSelectClipRgn
WINMM.dll
0x5086c8 waveOutRestart
0x5086cc waveOutUnprepareHeader
0x5086d0 waveOutPrepareHeader
0x5086d4 waveOutWrite
0x5086d8 waveOutPause
0x5086dc waveOutReset
0x5086e0 waveOutClose
0x5086e4 waveOutGetNumDevs
0x5086e8 waveOutOpen
0x5086ec midiOutUnprepareHeader
0x5086f0 midiStreamOpen
0x5086f4 midiStreamProperty
0x5086f8 midiOutPrepareHeader
0x5086fc midiStreamOut
0x508700 midiStreamStop
0x508704 midiOutReset
0x508708 midiStreamClose
0x50870c midiStreamRestart
WINSPOOL.DRV
0x508714 DocumentPropertiesA
0x508718 OpenPrinterA
0x50871c ClosePrinter
ADVAPI32.dll
0x508000 RegOpenKeyExA
0x508004 RegQueryValueA
0x508008 RegSetValueExA
0x50800c RegQueryValueExA
0x508010 RegCloseKey
0x508014 RegCreateKeyExA
SHELL32.dll
0x5083f0 ShellExecuteA
0x5083f4 Shell_NotifyIconA
ole32.dll
0x508774 OleFlushClipboard
0x508778 OleSetClipboard
0x50877c ReleaseStgMedium
0x508780 CoTaskMemAlloc
0x508784 OleDuplicateData
0x508788 RevokeDragDrop
0x50878c CoLockObjectExternal
0x508790 DoDragDrop
0x508794 OleGetClipboard
0x508798 OleIsCurrentClipboard
0x50879c CLSIDFromString
0x5087a0 OleUninitialize
0x5087a4 CoTaskMemFree
0x5087a8 CreateStreamOnHGlobal
0x5087ac OleInitialize
OLEAUT32.dll
0x5083d0 VarDateFromStr
0x5083d4 UnRegisterTypeLib
0x5083d8 RegisterTypeLib
0x5083dc LoadTypeLib
COMCTL32.dll
0x50801c ImageList_Destroy
0x508020 ImageList_Create
0x508024 ImageList_AddMasked
0x508028 ImageList_Draw
0x50802c ImageList_GetImageInfo
0x508030 None
WS2_32.dll
0x508724 inet_ntoa
0x508728 WSAStartup
0x50872c WSACleanup
0x508730 select
0x508734 send
0x508738 closesocket
0x50873c WSAAsyncSelect
0x508740 ntohl
0x508744 accept
0x508748 getpeername
0x50874c recv
0x508750 ioctlsocket
0x508754 recvfrom
WININET.dll
0x50869c InternetReadFile
0x5086a0 HttpQueryInfoA
0x5086a4 HttpSendRequestA
0x5086a8 HttpOpenRequestA
0x5086ac InternetCrackUrlA
0x5086b0 InternetCanonicalizeUrlA
0x5086b4 InternetOpenA
0x5086b8 InternetCloseHandle
0x5086bc InternetSetOptionA
0x5086c0 InternetConnectA
comdlg32.dll
0x50875c GetFileTitleA
0x508760 PrintDlgA
0x508764 GetSaveFileNameA
0x508768 GetOpenFileNameA
0x50876c ChooseColorA
EAT(Export Address Table) is none
RASAPI32.dll
0x5083e4 RasHangUpA
0x5083e8 RasGetConnectStatusA
KERNEL32.dll
0x5081a0 GetCommandLineA
0x5081a4 MulDiv
0x5081a8 GetProcAddress
0x5081ac GetModuleHandleA
0x5081b0 GetVolumeInformationA
0x5081b4 SetCurrentDirectoryA
0x5081b8 lstrcpynA
0x5081bc FileTimeToLocalFileTime
0x5081c0 FormatMessageA
0x5081c4 LocalFree
0x5081c8 InterlockedDecrement
0x5081cc InterlockedIncrement
0x5081d0 CreateDirectoryA
0x5081d4 CopyFileA
0x5081d8 DeleteFileA
0x5081dc GetFileAttributesA
0x5081e0 CreateProcessA
0x5081e4 FindClose
0x5081e8 FindFirstFileA
0x5081ec GetACP
0x5081f0 SuspendThread
0x5081f4 ReleaseMutex
0x5081f8 CreateMutexA
0x5081fc GetFileSize
0x508200 IsBadCodePtr
0x508204 IsBadReadPtr
0x508208 CompareStringW
0x50820c CompareStringA
0x508210 GetStringTypeW
0x508214 GetStringTypeA
0x508218 SetUnhandledExceptionFilter
0x50821c IsBadWritePtr
0x508220 VirtualAlloc
0x508224 LCMapStringW
0x508228 LCMapStringA
0x50822c SetEnvironmentVariableA
0x508230 VirtualFree
0x508234 HeapCreate
0x508238 HeapDestroy
0x50823c GetEnvironmentVariableA
0x508240 GetStdHandle
0x508244 SetHandleCount
0x508248 GetEnvironmentStringsW
0x50824c GetEnvironmentStrings
0x508250 FreeEnvironmentStringsW
0x508254 FreeEnvironmentStringsA
0x508258 UnhandledExceptionFilter
0x50825c GetFileType
0x508260 SetStdHandle
0x508264 TerminateProcess
0x508268 GetLocalTime
0x50826c GetSystemTime
0x508270 RaiseException
0x508274 HeapSize
0x508278 RtlUnwind
0x50827c GetStartupInfoA
0x508280 GetOEMCP
0x508284 GetCPInfo
0x508288 GetProcessVersion
0x50828c SetErrorMode
0x508290 UnmapViewOfFile
0x508294 TerminateThread
0x508298 SetLastError
0x50829c GetTimeZoneInformation
0x5082a0 FileTimeToSystemTime
0x5082a4 CreateSemaphoreA
0x5082a8 ResumeThread
0x5082ac ReleaseSemaphore
0x5082b0 EnterCriticalSection
0x5082b4 LeaveCriticalSection
0x5082b8 GetProfileStringA
0x5082bc WriteFile
0x5082c0 WaitForMultipleObjects
0x5082c4 CreateFileA
0x5082c8 SetEvent
0x5082cc FindResourceA
0x5082d0 LoadResource
0x5082d4 LockResource
0x5082d8 ReadFile
0x5082dc lstrlenW
0x5082e0 GetModuleFileNameA
0x5082e4 GetCurrentThreadId
0x5082e8 ExitProcess
0x5082ec GlobalSize
0x5082f0 GlobalFree
0x5082f4 DeleteCriticalSection
0x5082f8 InitializeCriticalSection
0x5082fc lstrcatA
0x508300 lstrlenA
0x508304 WinExec
0x508308 lstrcpyA
0x50830c FindNextFileA
0x508310 GlobalReAlloc
0x508314 HeapFree
0x508318 HeapReAlloc
0x50831c GetProcessHeap
0x508320 HeapAlloc
0x508324 MultiByteToWideChar
0x508328 WideCharToMultiByte
0x50832c GetFullPathNameA
0x508330 FreeLibrary
0x508334 LoadLibraryA
0x508338 GetLastError
0x50833c GetVersionExA
0x508340 WritePrivateProfileStringA
0x508344 CreateThread
0x508348 CreateEventA
0x50834c Sleep
0x508350 GlobalAlloc
0x508354 GlobalLock
0x508358 GlobalUnlock
0x50835c GetTickCount
0x508360 GetProfileIntA
0x508364 GlobalFlags
0x508368 GetCurrentThread
0x50836c GetFileTime
0x508370 TlsGetValue
0x508374 LocalReAlloc
0x508378 TlsSetValue
0x50837c TlsFree
0x508380 GlobalHandle
0x508384 TlsAlloc
0x508388 LocalAlloc
0x50838c lstrcmpA
0x508390 GetVersion
0x508394 GlobalGetAtomNameA
0x508398 GlobalAddAtomA
0x50839c GlobalFindAtomA
0x5083a0 GlobalDeleteAtom
0x5083a4 lstrcmpiA
0x5083a8 SetEndOfFile
0x5083ac UnlockFile
0x5083b0 LockFile
0x5083b4 FlushFileBuffers
0x5083b8 SetFilePointer
0x5083bc GetCurrentProcess
0x5083c0 DuplicateHandle
0x5083c4 WaitForSingleObject
0x5083c8 CloseHandle
USER32.dll
0x5083fc EmptyClipboard
0x508400 IsClipboardFormatAvailable
0x508404 GetSystemMetrics
0x508408 GetCursorPos
0x50840c MessageBoxA
0x508410 MessageBeep
0x508414 SetWindowPos
0x508418 SendMessageA
0x50841c DestroyCursor
0x508420 SetParent
0x508424 IsWindow
0x508428 PostMessageA
0x50842c GetTopWindow
0x508430 GetParent
0x508434 SetClipboardData
0x508438 OpenClipboard
0x50843c GetClipboardData
0x508440 CloseClipboard
0x508444 GetFocus
0x508448 GetClientRect
0x50844c InvalidateRect
0x508450 ValidateRect
0x508454 UpdateWindow
0x508458 EqualRect
0x50845c GetWindowRect
0x508460 SetForegroundWindow
0x508464 DestroyMenu
0x508468 IsChild
0x50846c ReleaseDC
0x508470 wsprintfA
0x508474 InvertRect
0x508478 FillRect
0x50847c GetDC
0x508480 SetCursor
0x508484 LoadCursorA
0x508488 SetCursorPos
0x50848c SetActiveWindow
0x508490 GetSysColor
0x508494 SetWindowLongA
0x508498 GetWindowLongA
0x50849c RedrawWindow
0x5084a0 EnableWindow
0x5084a4 IsWindowVisible
0x5084a8 OffsetRect
0x5084ac PtInRect
0x5084b0 DestroyIcon
0x5084b4 IntersectRect
0x5084b8 InflateRect
0x5084bc SetRect
0x5084c0 SetScrollPos
0x5084c4 SetScrollRange
0x5084c8 GetScrollRange
0x5084cc SetCapture
0x5084d0 GetCapture
0x5084d4 ReleaseCapture
0x5084d8 SetTimer
0x5084dc KillTimer
0x5084e0 WinHelpA
0x5084e4 LoadBitmapA
0x5084e8 CopyRect
0x5084ec ChildWindowFromPointEx
0x5084f0 ScreenToClient
0x5084f4 GetMessagePos
0x5084f8 SetWindowRgn
0x5084fc DestroyAcceleratorTable
0x508500 GetWindow
0x508504 WaitForInputIdle
0x508508 IsRectEmpty
0x50850c EndPaint
0x508510 GetSysColorBrush
0x508514 LoadStringA
0x508518 wvsprintfA
0x50851c GetClassNameA
0x508520 GetMenuCheckMarkDimensions
0x508524 GetMenuState
0x508528 SetMenuItemBitmaps
0x50852c CheckMenuItem
0x508530 MoveWindow
0x508534 IsDialogMessageA
0x508538 ScrollWindowEx
0x50853c SendDlgItemMessageA
0x508540 MapWindowPoints
0x508544 AdjustWindowRectEx
0x508548 GetDesktopWindow
0x50854c SetWindowTextA
0x508550 FrameRect
0x508554 GetDoubleClickTime
0x508558 GetCursor
0x50855c ClipCursor
0x508560 GrayStringA
0x508564 DrawTextA
0x508568 TabbedTextOutA
0x50856c LoadIconA
0x508570 TranslateMessage
0x508574 DrawFrameControl
0x508578 DrawEdge
0x50857c DrawFocusRect
0x508580 WindowFromPoint
0x508584 GetMessageA
0x508588 DispatchMessageA
0x50858c SetRectEmpty
0x508590 RegisterClipboardFormatA
0x508594 CreateIconFromResourceEx
0x508598 CreateIconFromResource
0x50859c DrawIconEx
0x5085a0 CreatePopupMenu
0x5085a4 AppendMenuA
0x5085a8 ModifyMenuA
0x5085ac CreateMenu
0x5085b0 CreateAcceleratorTableA
0x5085b4 GetDlgCtrlID
0x5085b8 GetSubMenu
0x5085bc EnableMenuItem
0x5085c0 ClientToScreen
0x5085c4 EnumDisplaySettingsA
0x5085c8 LoadImageA
0x5085cc SystemParametersInfoA
0x5085d0 ShowWindow
0x5085d4 IsWindowEnabled
0x5085d8 TranslateAcceleratorA
0x5085dc GetKeyState
0x5085e0 CopyAcceleratorTableA
0x5085e4 PostQuitMessage
0x5085e8 IsZoomed
0x5085ec GetClassInfoA
0x5085f0 DefWindowProcA
0x5085f4 GetSystemMenu
0x5085f8 DeleteMenu
0x5085fc GetMenu
0x508600 SetMenu
0x508604 PeekMessageA
0x508608 IsIconic
0x50860c SetFocus
0x508610 GetActiveWindow
0x508614 GetWindowTextA
0x508618 GetWindowTextLengthA
0x50861c CharUpperA
0x508620 GetWindowDC
0x508624 BeginPaint
0x508628 UnregisterClassA
0x50862c GetDlgItem
0x508630 DestroyWindow
0x508634 CreateDialogIndirectParamA
0x508638 EndDialog
0x50863c GetNextDlgTabItem
0x508640 GetWindowPlacement
0x508644 RegisterWindowMessageA
0x508648 GetForegroundWindow
0x50864c GetLastActivePopup
0x508650 GetMessageTime
0x508654 RemovePropA
0x508658 CallWindowProcA
0x50865c GetPropA
0x508660 UnhookWindowsHookEx
0x508664 SetPropA
0x508668 GetClassLongA
0x50866c CallNextHookEx
0x508670 SetWindowsHookExA
0x508674 CreateWindowExA
0x508678 GetMenuItemID
0x50867c GetMenuItemCount
0x508680 RegisterClassA
0x508684 GetScrollPos
0x508688 ShowScrollBar
0x50868c SetScrollInfo
0x508690 GetScrollInfo
0x508694 ScrollWindow
GDI32.dll
0x508038 OffsetViewportOrgEx
0x50803c GetNearestPaletteIndex
0x508040 SetBrushOrgEx
0x508044 CreateFontA
0x508048 AbortDoc
0x50804c Escape
0x508050 GetTextMetricsA
0x508054 ExtTextOutA
0x508058 TextOutA
0x50805c RectVisible
0x508060 PtVisible
0x508064 SetBkColor
0x508068 CreateRectRgnIndirect
0x50806c SetStretchBltMode
0x508070 GetClipRgn
0x508074 CreatePolygonRgn
0x508078 SelectClipRgn
0x50807c DeleteObject
0x508080 CreateDIBitmap
0x508084 GetSystemPaletteEntries
0x508088 CreatePalette
0x50808c StretchBlt
0x508090 SelectPalette
0x508094 RealizePalette
0x508098 GetDIBits
0x50809c GetWindowExtEx
0x5080a0 GetViewportOrgEx
0x5080a4 GetWindowOrgEx
0x5080a8 BeginPath
0x5080ac EndPath
0x5080b0 PathToRegion
0x5080b4 CreateEllipticRgn
0x5080b8 CreateRoundRectRgn
0x5080bc GetTextColor
0x5080c0 GetBkMode
0x5080c4 GetBkColor
0x5080c8 GetROP2
0x5080cc GetStretchBltMode
0x5080d0 GetPolyFillMode
0x5080d4 CreateCompatibleBitmap
0x5080d8 CreateDCA
0x5080dc CreateBitmap
0x5080e0 CreatePatternBrush
0x5080e4 SelectObject
0x5080e8 GetObjectA
0x5080ec CreatePen
0x5080f0 PatBlt
0x5080f4 CombineRgn
0x5080f8 CreateRectRgn
0x5080fc FillRgn
0x508100 CreateSolidBrush
0x508104 GetStockObject
0x508108 CreateFontIndirectA
0x50810c EndPage
0x508110 EndDoc
0x508114 DeleteDC
0x508118 StartDocA
0x50811c StartPage
0x508120 BitBlt
0x508124 CreateCompatibleDC
0x508128 Ellipse
0x50812c Rectangle
0x508130 LPtoDP
0x508134 DPtoLP
0x508138 GetCurrentObject
0x50813c RoundRect
0x508140 GetTextExtentPoint32A
0x508144 GetDeviceCaps
0x508148 SaveDC
0x50814c RestoreDC
0x508150 SetBkMode
0x508154 SetPolyFillMode
0x508158 SetROP2
0x50815c SetTextColor
0x508160 SetMapMode
0x508164 SetViewportOrgEx
0x508168 SetViewportExtEx
0x50816c ScaleViewportExtEx
0x508170 SetWindowOrgEx
0x508174 OffsetWindowOrgEx
0x508178 SetWindowExtEx
0x50817c ScaleWindowExtEx
0x508180 GetClipBox
0x508184 ExcludeClipRect
0x508188 MoveToEx
0x50818c LineTo
0x508190 CopyMetaFileA
0x508194 GetViewportExtEx
0x508198 ExtSelectClipRgn
WINMM.dll
0x5086c8 waveOutRestart
0x5086cc waveOutUnprepareHeader
0x5086d0 waveOutPrepareHeader
0x5086d4 waveOutWrite
0x5086d8 waveOutPause
0x5086dc waveOutReset
0x5086e0 waveOutClose
0x5086e4 waveOutGetNumDevs
0x5086e8 waveOutOpen
0x5086ec midiOutUnprepareHeader
0x5086f0 midiStreamOpen
0x5086f4 midiStreamProperty
0x5086f8 midiOutPrepareHeader
0x5086fc midiStreamOut
0x508700 midiStreamStop
0x508704 midiOutReset
0x508708 midiStreamClose
0x50870c midiStreamRestart
WINSPOOL.DRV
0x508714 DocumentPropertiesA
0x508718 OpenPrinterA
0x50871c ClosePrinter
ADVAPI32.dll
0x508000 RegOpenKeyExA
0x508004 RegQueryValueA
0x508008 RegSetValueExA
0x50800c RegQueryValueExA
0x508010 RegCloseKey
0x508014 RegCreateKeyExA
SHELL32.dll
0x5083f0 ShellExecuteA
0x5083f4 Shell_NotifyIconA
ole32.dll
0x508774 OleFlushClipboard
0x508778 OleSetClipboard
0x50877c ReleaseStgMedium
0x508780 CoTaskMemAlloc
0x508784 OleDuplicateData
0x508788 RevokeDragDrop
0x50878c CoLockObjectExternal
0x508790 DoDragDrop
0x508794 OleGetClipboard
0x508798 OleIsCurrentClipboard
0x50879c CLSIDFromString
0x5087a0 OleUninitialize
0x5087a4 CoTaskMemFree
0x5087a8 CreateStreamOnHGlobal
0x5087ac OleInitialize
OLEAUT32.dll
0x5083d0 VarDateFromStr
0x5083d4 UnRegisterTypeLib
0x5083d8 RegisterTypeLib
0x5083dc LoadTypeLib
COMCTL32.dll
0x50801c ImageList_Destroy
0x508020 ImageList_Create
0x508024 ImageList_AddMasked
0x508028 ImageList_Draw
0x50802c ImageList_GetImageInfo
0x508030 None
WS2_32.dll
0x508724 inet_ntoa
0x508728 WSAStartup
0x50872c WSACleanup
0x508730 select
0x508734 send
0x508738 closesocket
0x50873c WSAAsyncSelect
0x508740 ntohl
0x508744 accept
0x508748 getpeername
0x50874c recv
0x508750 ioctlsocket
0x508754 recvfrom
WININET.dll
0x50869c InternetReadFile
0x5086a0 HttpQueryInfoA
0x5086a4 HttpSendRequestA
0x5086a8 HttpOpenRequestA
0x5086ac InternetCrackUrlA
0x5086b0 InternetCanonicalizeUrlA
0x5086b4 InternetOpenA
0x5086b8 InternetCloseHandle
0x5086bc InternetSetOptionA
0x5086c0 InternetConnectA
comdlg32.dll
0x50875c GetFileTitleA
0x508760 PrintDlgA
0x508764 GetSaveFileNameA
0x508768 GetOpenFileNameA
0x50876c ChooseColorA
EAT(Export Address Table) is none