ScreenShot
| Created | 2024.10.17 10:59 | Machine | s1_win7_x6401 |
| Filename | AA_v3.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 50 detected (AIDetectMalware, Ammyy, PuwadersRI, S16293931, Ransomware, GenericKD, Unsafe, Vskr, grayware, confidence, Remacc, malicious, high confidence, RemoteAdmin, B potentially unsafe, hvkdxf, HackTool, CLASSIC, Tool, high, score, Generic ML PUA, Static AI, Suspicious PE, Detected, Eldorado, GenericRXUA, AmmyyAdmin) | ||
| md5 | ee50ecb3152bdebe5fff2cc3cfb4d451 | ||
| sha256 | 5b39f6d054344333059662e486d89617546397016fe50192777bc7afeabe9107 | ||
| ssdeep | 24576:Wj0JJ4p/A4npt3XojeQG5EtzRtO7GvmDguu2h:WjoJ4u4zojegylDuU | ||
| imphash | 3e985254f2e34ad96da799a2a5d33efe | ||
| impfuzzy | 192:Ri7Y8DH0THU4l7juRh51nY7JamHmlcX1W0bwAfHyq8atnfFG:H/lfS71QJamGlcX1X/yq8a5dG | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 50 AntiVirus engines on VirusTotal as malicious |
| watch | Communicates with host for which no DNS query was performed |
| watch | Installs itself for autorun at Windows startup |
| watch | Queries information on disks |
| notice | Creates a service |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | Performs some HTTP requests |
| notice | Sends data using the HTTP POST Method |
| info | Checks amount of memory in system |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (10cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Ammy_Admin_r0d | Ammy Admin | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| warning | Process_Snapshot_Kill_Zero | Process Kill Zero | binaries (upload) |
| watch | CryptGenKey_Zero | CryptGenKey Zero | binaries (upload) |
| watch | FindFirstVolume_Zero | FindFirstVolume Zero | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | Device_Check_Zero | Device Check Zero | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (10cnts) ?
Suricata ids
ET POLICY IP Check (rl. ammyy. com)
PE API
IAT(Import Address Table) Library
WS2_32.dll
0x48f878 WSAGetLastError
0x48f87c send
0x48f880 recv
0x48f884 select
0x48f888 WSAStartup
0x48f88c getpeername
0x48f890 getservbyport
0x48f894 ntohs
0x48f898 gethostbyaddr
0x48f89c gethostbyname
0x48f8a0 inet_addr
0x48f8a4 getservbyname
0x48f8a8 htonl
0x48f8ac inet_ntoa
0x48f8b0 WSAIoctl
0x48f8b4 connect
0x48f8b8 accept
0x48f8bc htons
0x48f8c0 ind
0x48f8c4 listen
0x48f8c8 socket
0x48f8cc __WSAFDIsSet
0x48f8d0 shutdown
0x48f8d4 setsockopt
0x48f8d8 ioctlsocket
0x48f8dc WSACleanup
0x48f8e0 closesocket
GDI32.dll
0x48f0e8 SetStretchBltMode
0x48f0ec LineTo
0x48f0f0 MoveToEx
0x48f0f4 Ellipse
0x48f0f8 GetDIBits
0x48f0fc CreateCompatibleBitmap
0x48f100 RealizePalette
0x48f104 SelectPalette
0x48f108 CreatePalette
0x48f10c GetSystemPaletteEntries
0x48f110 GdiFlush
0x48f114 CombineRgn
0x48f118 GetRegionData
0x48f11c StretchBlt
0x48f120 GetTextExtentPoint32A
0x48f124 TextOutA
0x48f128 CreateDIBitmap
0x48f12c DeleteDC
0x48f130 SetBkMode
0x48f134 SelectObject
0x48f138 CreateCompatibleDC
0x48f13c CreatePatternBrush
0x48f140 BitBlt
0x48f144 CreateFontIndirectA
0x48f148 DPtoLP
0x48f14c GetDeviceCaps
0x48f150 GetBitmapBits
0x48f154 CreateRectRgn
0x48f158 ExtTextOutA
0x48f15c CreateDIBSection
0x48f160 CreateRectRgnIndirect
0x48f164 SelectClipRgn
0x48f168 TextOutW
0x48f16c SetTextAlign
0x48f170 SetBrushOrgEx
0x48f174 ExtTextOutW
0x48f178 SetTextColor
0x48f17c SetBkColor
0x48f180 GetTextExtentPoint32W
0x48f184 CreateFontA
0x48f188 CreateFontIndirectW
0x48f18c GetStockObject
0x48f190 CreatePen
0x48f194 CreateSolidBrush
0x48f198 DeleteObject
0x48f19c GetObjectA
USER32.dll
0x48f5a0 FillRect
0x48f5a4 LoadIconA
0x48f5a8 DrawIconEx
0x48f5ac UnregisterClassW
0x48f5b0 FindWindowA
0x48f5b4 SendMessageTimeoutA
0x48f5b8 IntersectRect
0x48f5bc IsWindowVisible
0x48f5c0 EqualRect
0x48f5c4 EnumDisplaySettingsExW
0x48f5c8 EnumDisplayDevicesW
0x48f5cc GetCursorInfo
0x48f5d0 OpenInputDesktop
0x48f5d4 CloseDesktop
0x48f5d8 GetUserObjectInformationA
0x48f5dc GetThreadDesktop
0x48f5e0 OpenDesktopA
0x48f5e4 GetClipboardData
0x48f5e8 OpenClipboard
0x48f5ec EmptyClipboard
0x48f5f0 CloseClipboard
0x48f5f4 SetClipboardData
0x48f5f8 RegisterClassExA
0x48f5fc PeekMessageA
0x48f600 MapVirtualKeyW
0x48f604 SendInput
0x48f608 LockWorkStation
0x48f60c SetDlgItemTextA
0x48f610 SetDlgItemInt
0x48f614 CallNextHookEx
0x48f618 SetWindowsHookExA
0x48f61c UnhookWindowsHookEx
0x48f620 DestroyAcceleratorTable
0x48f624 TranslateAcceleratorA
0x48f628 CreateAcceleratorTableA
0x48f62c SetWindowTextA
0x48f630 ReleaseCapture
0x48f634 SetCapture
0x48f638 GetAsyncKeyState
0x48f63c RegisterClassExW
0x48f640 DestroyCursor
0x48f644 MessageBeep
0x48f648 wsprintfW
0x48f64c DispatchMessageW
0x48f650 TranslateMessage
0x48f654 PeekMessageW
0x48f658 MsgWaitForMultipleObjects
0x48f65c SetThreadDesktop
0x48f660 SwitchToThisWindow
0x48f664 SetCursorPos
0x48f668 ShowWindowAsync
0x48f66c GetClipboardOwner
0x48f670 GetWindowDC
0x48f674 SetScrollInfo
0x48f678 GetWindow
0x48f67c WindowFromPoint
0x48f680 CreateCursor
0x48f684 SetClassLongW
0x48f688 ChangeClipboardChain
0x48f68c MapWindowPoints
0x48f690 EnumWindows
0x48f694 GetClassNameA
0x48f698 SendMessageA
0x48f69c FindWindowW
0x48f6a0 MessageBoxW
0x48f6a4 MessageBoxA
0x48f6a8 ShowWindow
0x48f6ac wsprintfA
0x48f6b0 ReleaseDC
0x48f6b4 GetDC
0x48f6b8 DestroyIcon
0x48f6bc GetWindowTextA
0x48f6c0 KillTimer
0x48f6c4 GetWindowLongW
0x48f6c8 PostMessageA
0x48f6cc DrawTextW
0x48f6d0 SetRect
0x48f6d4 ShowScrollBar
0x48f6d8 IsIconic
0x48f6dc ScrollWindowEx
0x48f6e0 AdjustWindowRectEx
0x48f6e4 GetMenuState
0x48f6e8 GetWindowPlacement
0x48f6ec SetWindowPlacement
0x48f6f0 GetSysColorBrush
0x48f6f4 SetClipboardViewer
0x48f6f8 DrawTextA
0x48f6fc EndDialog
0x48f700 CreateDialogIndirectParamW
0x48f704 DialogBoxIndirectParamW
0x48f708 CallWindowProcW
0x48f70c CallWindowProcA
0x48f710 DefWindowProcA
0x48f714 IsWindowUnicode
0x48f718 GetSystemMenu
0x48f71c RedrawWindow
0x48f720 ScreenToClient
0x48f724 DrawStateA
0x48f728 DrawEdge
0x48f72c GetClientRect
0x48f730 CreateWindowExA
0x48f734 IsWindow
0x48f738 GetParent
0x48f73c GetWindowLongA
0x48f740 MonitorFromWindow
0x48f744 GetMonitorInfoW
0x48f748 EnumDisplaySettingsW
0x48f74c GetForegroundWindow
0x48f750 GetWindowThreadProcessId
0x48f754 AttachThreadInput
0x48f758 SetActiveWindow
0x48f75c SetCursor
0x48f760 SetTimer
0x48f764 PostThreadMessageA
0x48f768 MoveWindow
0x48f76c BeginPaint
0x48f770 EndPaint
0x48f774 GetDlgItemInt
0x48f778 SendDlgItemMessageA
0x48f77c MapDialogRect
0x48f780 SetWindowLongA
0x48f784 ClientToScreen
0x48f788 LoadCursorA
0x48f78c RegisterClassW
0x48f790 CreateWindowExW
0x48f794 SetWindowLongW
0x48f798 GetMessageA
0x48f79c IsDialogMessageA
0x48f7a0 DispatchMessageA
0x48f7a4 SetWindowTextW
0x48f7a8 SetMenu
0x48f7ac InsertMenuItemW
0x48f7b0 AppendMenuW
0x48f7b4 InsertMenuItemA
0x48f7b8 CreateMenu
0x48f7bc GetMenuItemInfoA
0x48f7c0 SetMenuItemInfoA
0x48f7c4 GetMenuItemID
0x48f7c8 EnableMenuItem
0x48f7cc GetMenuItemCount
0x48f7d0 CheckMenuItem
0x48f7d4 GetKeyState
0x48f7d8 InvalidateRect
0x48f7dc UpdateWindow
0x48f7e0 SetForegroundWindow
0x48f7e4 SetFocus
0x48f7e8 GetFocus
0x48f7ec PostQuitMessage
0x48f7f0 DefWindowProcW
0x48f7f4 CreatePopupMenu
0x48f7f8 GetCursorPos
0x48f7fc TrackPopupMenu
0x48f800 GetSysColor
0x48f804 GetSystemMetrics
0x48f808 GetMenuItemInfoW
0x48f80c DrawMenuBar
0x48f810 AppendMenuA
0x48f814 SystemParametersInfoW
0x48f818 DestroyMenu
0x48f81c GetDlgItem
0x48f820 SendMessageW
0x48f824 GetWindowRect
0x48f828 SystemParametersInfoA
0x48f82c SetWindowPos
0x48f830 DestroyWindow
0x48f834 SetDlgItemTextW
0x48f838 EnableWindow
0x48f83c GetIconInfo
0x48f840 LoadImageA
SHELL32.dll
0x48f548 SHBrowseForFolderW
0x48f54c SHGetPathFromIDListW
0x48f550 Shell_NotifyIconA
0x48f554 SHGetMalloc
0x48f558 SHGetFolderPathW
0x48f55c SHGetFolderPathA
0x48f560 None
0x48f564 ShellExecuteExW
0x48f568 SHGetFileInfoW
0x48f56c ShellExecuteW
0x48f570 SHGetSpecialFolderPathW
0x48f574 ShellExecuteA
MSVCRT.dll
0x48f394 _strnicmp
0x48f398 _strupr
0x48f39c _strlwr
0x48f3a0 _wcsicmp
0x48f3a4 wcsncmp
0x48f3a8 _controlfp
0x48f3ac _iob
0x48f3b0 __set_app_type
0x48f3b4 __p__fmode
0x48f3b8 __p__commode
0x48f3bc _adjust_fdiv
0x48f3c0 __setusermatherr
0x48f3c4 _initterm
0x48f3c8 __getmainargs
0x48f3cc _acmdln
0x48f3d0 _XcptFilter
0x48f3d4 _exit
0x48f3d8 ?terminate@@YAXXZ
0x48f3dc _except_handler3
0x48f3e0 _onexit
0x48f3e4 __dllonexit
0x48f3e8 __CxxFrameHandler
0x48f3ec strlen
0x48f3f0 isspace
0x48f3f4 memchr
0x48f3f8 _errno
0x48f3fc strtol
0x48f400 isdigit
0x48f404 strstr
0x48f408 memcpy
0x48f40c ??2@YAPAXI@Z
0x48f410 _purecall
0x48f414 free
0x48f418 memset
0x48f41c malloc
0x48f420 sprintf
0x48f424 printf
0x48f428 fwrite
0x48f42c srand
0x48f430 time
0x48f434 _CxxThrowException
0x48f438 rand
0x48f43c atol
0x48f440 memcmp
0x48f444 isprint
0x48f448 tolower
0x48f44c strncpy
0x48f450 _stricmp
0x48f454 wcslen
0x48f458 atoi
0x48f45c abs
0x48f460 wcscpy
0x48f464 strcmp
0x48f468 strcpy
0x48f46c iswspace
0x48f470 _stat
0x48f474 _wtoi
0x48f478 _ultow
0x48f47c wcschr
0x48f480 strchr
0x48f484 swprintf
0x48f488 _ftol
0x48f48c strcat
0x48f490 strtoul
0x48f494 calloc
0x48f498 _rotl
0x48f49c _rotr
0x48f4a0 fopen
0x48f4a4 fread
0x48f4a8 fclose
0x48f4ac fseek
0x48f4b0 ftell
0x48f4b4 fflush
0x48f4b8 wcsncpy
0x48f4bc wcsrchr
0x48f4c0 vsprintf
0x48f4c4 memmove
0x48f4c8 strrchr
0x48f4cc strncmp
0x48f4d0 mbstowcs
0x48f4d4 wcscmp
0x48f4d8 wcsstr
0x48f4dc vswprintf
0x48f4e0 iswdigit
0x48f4e4 _beginthreadex
0x48f4e8 _endthreadex
0x48f4ec cos
0x48f4f0 floor
0x48f4f4 sin
0x48f4f8 atof
0x48f4fc _i64tow
0x48f500 wcscat
0x48f504 realloc
0x48f508 _snwprintf
0x48f50c exit
0x48f510 fprintf
0x48f514 sscanf
0x48f518 getenv
0x48f51c fputc
0x48f520 _CIpow
0x48f524 _CIacos
0x48f528 ??1type_info@@UAE@XZ
Secur32.dll
0x48f584 FreeCredentialsHandle
0x48f588 InitializeSecurityContextA
0x48f58c CompleteAuthToken
0x48f590 QuerySecurityPackageInfoA
0x48f594 AcquireCredentialsHandleA
0x48f598 FreeContextBuffer
SHLWAPI.dll
0x48f57c PathGetDriveNumberA
SETUPAPI.dll
0x48f530 SetupDiGetDeviceRegistryPropertyA
0x48f534 SetupDiEnumDeviceInfo
0x48f538 SetupDiGetClassDevsA
0x48f53c SetupDiClassGuidsFromNameA
0x48f540 SetupDiDestroyDeviceInfoList
iphlpapi.dll
0x48f8f4 GetAdaptersInfo
ADVAPI32.dll
0x48f000 ConvertSidToStringSidA
0x48f004 GetTokenInformation
0x48f008 OpenProcessToken
0x48f00c RegCloseKey
0x48f010 RegQueryValueExA
0x48f014 RegOpenKeyExA
0x48f018 FreeSid
0x48f01c SetFileSecurityW
0x48f020 SetSecurityDescriptorDacl
0x48f024 InitializeSecurityDescriptor
0x48f028 AllocateAndInitializeSid
0x48f02c ImpersonateLoggedOnUser
0x48f030 RevertToSelf
0x48f034 GetUserNameA
0x48f038 StartServiceCtrlDispatcherW
0x48f03c RegisterServiceCtrlHandlerExA
0x48f040 SetServiceStatus
0x48f044 SetTokenInformation
0x48f048 DuplicateTokenEx
0x48f04c CreateProcessAsUserW
0x48f050 QueryServiceStatus
0x48f054 CloseServiceHandle
0x48f058 OpenServiceA
0x48f05c OpenSCManagerA
0x48f060 CreateServiceW
0x48f064 DeleteService
0x48f068 ControlService
0x48f06c StartServiceA
0x48f070 StartServiceW
0x48f074 RegCreateKeyExA
0x48f078 RegQueryValueExW
0x48f07c RegSetValueExW
0x48f080 RegSetValueExA
0x48f084 RegDeleteKeyA
0x48f088 RegDeleteValueW
0x48f08c RegCreateKeyExW
0x48f090 RegEnumKeyExW
0x48f094 RegOpenKeyExW
0x48f098 SetEntriesInAclA
comdlg32.dll
0x48f8e8 GetOpenFileNameW
0x48f8ec GetSaveFileNameW
USERENV.dll
0x48f848 LoadUserProfileA
0x48f84c UnloadUserProfile
COMCTL32.dll
0x48f0a0 CreateToolbarEx
0x48f0a4 ImageList_Create
0x48f0a8 ImageList_Draw
0x48f0ac ImageList_Destroy
0x48f0b0 None
0x48f0b4 ImageList_GetIconSize
0x48f0b8 ImageList_ReplaceIcon
0x48f0bc ImageList_Add
0x48f0c0 ImageList_Duplicate
0x48f0c4 _TrackMouseEvent
0x48f0c8 CreatePropertySheetPageW
0x48f0cc PropertySheetW
WININET.dll
0x48f854 HttpSendRequestA
0x48f858 HttpQueryInfoA
0x48f85c InternetConnectA
0x48f860 InternetSetOptionA
0x48f864 InternetCloseHandle
0x48f868 InternetReadFile
0x48f86c InternetOpenA
0x48f870 HttpOpenRequestA
DSOUND.dll
0x48f0d4 None
0x48f0d8 None
0x48f0dc None
0x48f0e0 None
KERNEL32.dll
0x48f1a4 SizeofResource
0x48f1a8 LoadResource
0x48f1ac LockResource
0x48f1b0 TryEnterCriticalSection
0x48f1b4 LeaveCriticalSection
0x48f1b8 EnterCriticalSection
0x48f1bc DeleteCriticalSection
0x48f1c0 InitializeCriticalSection
0x48f1c4 SetFileTime
0x48f1c8 GetFileTime
0x48f1cc OpenMutexA
0x48f1d0 FindResourceExA
0x48f1d4 ResetEvent
0x48f1d8 SetEvent
0x48f1dc OpenEventA
0x48f1e0 CreateEventA
0x48f1e4 ExitProcess
0x48f1e8 SetUnhandledExceptionFilter
0x48f1ec GetSystemDirectoryA
0x48f1f0 CompareFileTime
0x48f1f4 GetSystemTimeAsFileTime
0x48f1f8 GetLocalTime
0x48f1fc FileTimeToSystemTime
0x48f200 lstrcatW
0x48f204 LoadLibraryW
0x48f208 WaitNamedPipeW
0x48f20c ReadFile
0x48f210 SetLastError
0x48f214 GetExitCodeProcess
0x48f218 WaitForSingleObject
0x48f21c BeginUpdateResourceW
0x48f220 EndUpdateResourceW
0x48f224 UpdateResourceA
0x48f228 CreateThread
0x48f22c OpenProcess
0x48f230 CreateToolhelp32Snapshot
0x48f234 Process32First
0x48f238 Process32Next
0x48f23c LoadLibraryA
0x48f240 FreeLibrary
0x48f244 GetFileSize
0x48f248 SetFilePointer
0x48f24c WriteFile
0x48f250 GetFileAttributesW
0x48f254 lstrcmpiW
0x48f258 lstrcmpW
0x48f25c MulDiv
0x48f260 FormatMessageW
0x48f264 MultiByteToWideChar
0x48f268 WideCharToMultiByte
0x48f26c GetModuleFileNameW
0x48f270 GetComputerNameA
0x48f274 LocalAlloc
0x48f278 GetExitCodeThread
0x48f27c SystemTimeToFileTime
0x48f280 MoveFileW
0x48f284 DeleteFileW
0x48f288 GetTempPathW
0x48f28c CreateFileW
0x48f290 FindFirstFileW
0x48f294 FindClose
0x48f298 GetUserDefaultUILanguage
0x48f29c GetLocaleInfoA
0x48f2a0 CreateDirectoryW
0x48f2a4 SetCurrentDirectoryW
0x48f2a8 GetStartupInfoW
0x48f2ac CreateProcessW
0x48f2b0 GetModuleHandleA
0x48f2b4 GetProcAddress
0x48f2b8 SetProcessShutdownParameters
0x48f2bc GetVersionExA
0x48f2c0 GetCurrentProcess
0x48f2c4 LocalFree
0x48f2c8 GetCurrentThreadId
0x48f2cc CloseHandle
0x48f2d0 DeviceIoControl
0x48f2d4 CreateFileA
0x48f2d8 GetCurrentProcessId
0x48f2dc GetLastError
0x48f2e0 Sleep
0x48f2e4 GetTickCount
0x48f2e8 QueryPerformanceFrequency
0x48f2ec QueryPerformanceCounter
0x48f2f0 InterlockedIncrement
0x48f2f4 InterlockedDecrement
0x48f2f8 lstrlenA
0x48f2fc lstrlenW
0x48f300 TerminateProcess
0x48f304 SystemTimeToTzSpecificLocalTime
0x48f308 GetFileSizeEx
0x48f30c SetEndOfFile
0x48f310 SetFilePointerEx
0x48f314 GlobalUnlock
0x48f318 GlobalLock
0x48f31c GlobalAlloc
0x48f320 GetDriveTypeW
0x48f324 RemoveDirectoryW
0x48f328 FindNextFileW
0x48f32c SetFileAttributesW
0x48f330 GetLogicalDrives
0x48f334 ProcessIdToSessionId
0x48f338 SleepEx
0x48f33c CreateDirectoryA
0x48f340 DeleteFileA
0x48f344 GlobalFree
0x48f348 IsBadReadPtr
0x48f34c lstrcmpA
0x48f350 LocalFileTimeToFileTime
0x48f354 GetSystemDirectoryW
0x48f358 lstrcpyA
0x48f35c GetCurrentDirectoryA
0x48f360 FindResourceA
0x48f364 DuplicateHandle
0x48f368 CreateSemaphoreA
0x48f36c SetThreadPriority
0x48f370 TlsSetValue
0x48f374 GetCurrentThread
0x48f378 TlsAlloc
0x48f37c ResumeThread
0x48f380 TlsGetValue
0x48f384 InterlockedExchange
0x48f388 GetStartupInfoA
0x48f38c CreateMutexA
EAT(Export Address Table) is none
WS2_32.dll
0x48f878 WSAGetLastError
0x48f87c send
0x48f880 recv
0x48f884 select
0x48f888 WSAStartup
0x48f88c getpeername
0x48f890 getservbyport
0x48f894 ntohs
0x48f898 gethostbyaddr
0x48f89c gethostbyname
0x48f8a0 inet_addr
0x48f8a4 getservbyname
0x48f8a8 htonl
0x48f8ac inet_ntoa
0x48f8b0 WSAIoctl
0x48f8b4 connect
0x48f8b8 accept
0x48f8bc htons
0x48f8c0 ind
0x48f8c4 listen
0x48f8c8 socket
0x48f8cc __WSAFDIsSet
0x48f8d0 shutdown
0x48f8d4 setsockopt
0x48f8d8 ioctlsocket
0x48f8dc WSACleanup
0x48f8e0 closesocket
GDI32.dll
0x48f0e8 SetStretchBltMode
0x48f0ec LineTo
0x48f0f0 MoveToEx
0x48f0f4 Ellipse
0x48f0f8 GetDIBits
0x48f0fc CreateCompatibleBitmap
0x48f100 RealizePalette
0x48f104 SelectPalette
0x48f108 CreatePalette
0x48f10c GetSystemPaletteEntries
0x48f110 GdiFlush
0x48f114 CombineRgn
0x48f118 GetRegionData
0x48f11c StretchBlt
0x48f120 GetTextExtentPoint32A
0x48f124 TextOutA
0x48f128 CreateDIBitmap
0x48f12c DeleteDC
0x48f130 SetBkMode
0x48f134 SelectObject
0x48f138 CreateCompatibleDC
0x48f13c CreatePatternBrush
0x48f140 BitBlt
0x48f144 CreateFontIndirectA
0x48f148 DPtoLP
0x48f14c GetDeviceCaps
0x48f150 GetBitmapBits
0x48f154 CreateRectRgn
0x48f158 ExtTextOutA
0x48f15c CreateDIBSection
0x48f160 CreateRectRgnIndirect
0x48f164 SelectClipRgn
0x48f168 TextOutW
0x48f16c SetTextAlign
0x48f170 SetBrushOrgEx
0x48f174 ExtTextOutW
0x48f178 SetTextColor
0x48f17c SetBkColor
0x48f180 GetTextExtentPoint32W
0x48f184 CreateFontA
0x48f188 CreateFontIndirectW
0x48f18c GetStockObject
0x48f190 CreatePen
0x48f194 CreateSolidBrush
0x48f198 DeleteObject
0x48f19c GetObjectA
USER32.dll
0x48f5a0 FillRect
0x48f5a4 LoadIconA
0x48f5a8 DrawIconEx
0x48f5ac UnregisterClassW
0x48f5b0 FindWindowA
0x48f5b4 SendMessageTimeoutA
0x48f5b8 IntersectRect
0x48f5bc IsWindowVisible
0x48f5c0 EqualRect
0x48f5c4 EnumDisplaySettingsExW
0x48f5c8 EnumDisplayDevicesW
0x48f5cc GetCursorInfo
0x48f5d0 OpenInputDesktop
0x48f5d4 CloseDesktop
0x48f5d8 GetUserObjectInformationA
0x48f5dc GetThreadDesktop
0x48f5e0 OpenDesktopA
0x48f5e4 GetClipboardData
0x48f5e8 OpenClipboard
0x48f5ec EmptyClipboard
0x48f5f0 CloseClipboard
0x48f5f4 SetClipboardData
0x48f5f8 RegisterClassExA
0x48f5fc PeekMessageA
0x48f600 MapVirtualKeyW
0x48f604 SendInput
0x48f608 LockWorkStation
0x48f60c SetDlgItemTextA
0x48f610 SetDlgItemInt
0x48f614 CallNextHookEx
0x48f618 SetWindowsHookExA
0x48f61c UnhookWindowsHookEx
0x48f620 DestroyAcceleratorTable
0x48f624 TranslateAcceleratorA
0x48f628 CreateAcceleratorTableA
0x48f62c SetWindowTextA
0x48f630 ReleaseCapture
0x48f634 SetCapture
0x48f638 GetAsyncKeyState
0x48f63c RegisterClassExW
0x48f640 DestroyCursor
0x48f644 MessageBeep
0x48f648 wsprintfW
0x48f64c DispatchMessageW
0x48f650 TranslateMessage
0x48f654 PeekMessageW
0x48f658 MsgWaitForMultipleObjects
0x48f65c SetThreadDesktop
0x48f660 SwitchToThisWindow
0x48f664 SetCursorPos
0x48f668 ShowWindowAsync
0x48f66c GetClipboardOwner
0x48f670 GetWindowDC
0x48f674 SetScrollInfo
0x48f678 GetWindow
0x48f67c WindowFromPoint
0x48f680 CreateCursor
0x48f684 SetClassLongW
0x48f688 ChangeClipboardChain
0x48f68c MapWindowPoints
0x48f690 EnumWindows
0x48f694 GetClassNameA
0x48f698 SendMessageA
0x48f69c FindWindowW
0x48f6a0 MessageBoxW
0x48f6a4 MessageBoxA
0x48f6a8 ShowWindow
0x48f6ac wsprintfA
0x48f6b0 ReleaseDC
0x48f6b4 GetDC
0x48f6b8 DestroyIcon
0x48f6bc GetWindowTextA
0x48f6c0 KillTimer
0x48f6c4 GetWindowLongW
0x48f6c8 PostMessageA
0x48f6cc DrawTextW
0x48f6d0 SetRect
0x48f6d4 ShowScrollBar
0x48f6d8 IsIconic
0x48f6dc ScrollWindowEx
0x48f6e0 AdjustWindowRectEx
0x48f6e4 GetMenuState
0x48f6e8 GetWindowPlacement
0x48f6ec SetWindowPlacement
0x48f6f0 GetSysColorBrush
0x48f6f4 SetClipboardViewer
0x48f6f8 DrawTextA
0x48f6fc EndDialog
0x48f700 CreateDialogIndirectParamW
0x48f704 DialogBoxIndirectParamW
0x48f708 CallWindowProcW
0x48f70c CallWindowProcA
0x48f710 DefWindowProcA
0x48f714 IsWindowUnicode
0x48f718 GetSystemMenu
0x48f71c RedrawWindow
0x48f720 ScreenToClient
0x48f724 DrawStateA
0x48f728 DrawEdge
0x48f72c GetClientRect
0x48f730 CreateWindowExA
0x48f734 IsWindow
0x48f738 GetParent
0x48f73c GetWindowLongA
0x48f740 MonitorFromWindow
0x48f744 GetMonitorInfoW
0x48f748 EnumDisplaySettingsW
0x48f74c GetForegroundWindow
0x48f750 GetWindowThreadProcessId
0x48f754 AttachThreadInput
0x48f758 SetActiveWindow
0x48f75c SetCursor
0x48f760 SetTimer
0x48f764 PostThreadMessageA
0x48f768 MoveWindow
0x48f76c BeginPaint
0x48f770 EndPaint
0x48f774 GetDlgItemInt
0x48f778 SendDlgItemMessageA
0x48f77c MapDialogRect
0x48f780 SetWindowLongA
0x48f784 ClientToScreen
0x48f788 LoadCursorA
0x48f78c RegisterClassW
0x48f790 CreateWindowExW
0x48f794 SetWindowLongW
0x48f798 GetMessageA
0x48f79c IsDialogMessageA
0x48f7a0 DispatchMessageA
0x48f7a4 SetWindowTextW
0x48f7a8 SetMenu
0x48f7ac InsertMenuItemW
0x48f7b0 AppendMenuW
0x48f7b4 InsertMenuItemA
0x48f7b8 CreateMenu
0x48f7bc GetMenuItemInfoA
0x48f7c0 SetMenuItemInfoA
0x48f7c4 GetMenuItemID
0x48f7c8 EnableMenuItem
0x48f7cc GetMenuItemCount
0x48f7d0 CheckMenuItem
0x48f7d4 GetKeyState
0x48f7d8 InvalidateRect
0x48f7dc UpdateWindow
0x48f7e0 SetForegroundWindow
0x48f7e4 SetFocus
0x48f7e8 GetFocus
0x48f7ec PostQuitMessage
0x48f7f0 DefWindowProcW
0x48f7f4 CreatePopupMenu
0x48f7f8 GetCursorPos
0x48f7fc TrackPopupMenu
0x48f800 GetSysColor
0x48f804 GetSystemMetrics
0x48f808 GetMenuItemInfoW
0x48f80c DrawMenuBar
0x48f810 AppendMenuA
0x48f814 SystemParametersInfoW
0x48f818 DestroyMenu
0x48f81c GetDlgItem
0x48f820 SendMessageW
0x48f824 GetWindowRect
0x48f828 SystemParametersInfoA
0x48f82c SetWindowPos
0x48f830 DestroyWindow
0x48f834 SetDlgItemTextW
0x48f838 EnableWindow
0x48f83c GetIconInfo
0x48f840 LoadImageA
SHELL32.dll
0x48f548 SHBrowseForFolderW
0x48f54c SHGetPathFromIDListW
0x48f550 Shell_NotifyIconA
0x48f554 SHGetMalloc
0x48f558 SHGetFolderPathW
0x48f55c SHGetFolderPathA
0x48f560 None
0x48f564 ShellExecuteExW
0x48f568 SHGetFileInfoW
0x48f56c ShellExecuteW
0x48f570 SHGetSpecialFolderPathW
0x48f574 ShellExecuteA
MSVCRT.dll
0x48f394 _strnicmp
0x48f398 _strupr
0x48f39c _strlwr
0x48f3a0 _wcsicmp
0x48f3a4 wcsncmp
0x48f3a8 _controlfp
0x48f3ac _iob
0x48f3b0 __set_app_type
0x48f3b4 __p__fmode
0x48f3b8 __p__commode
0x48f3bc _adjust_fdiv
0x48f3c0 __setusermatherr
0x48f3c4 _initterm
0x48f3c8 __getmainargs
0x48f3cc _acmdln
0x48f3d0 _XcptFilter
0x48f3d4 _exit
0x48f3d8 ?terminate@@YAXXZ
0x48f3dc _except_handler3
0x48f3e0 _onexit
0x48f3e4 __dllonexit
0x48f3e8 __CxxFrameHandler
0x48f3ec strlen
0x48f3f0 isspace
0x48f3f4 memchr
0x48f3f8 _errno
0x48f3fc strtol
0x48f400 isdigit
0x48f404 strstr
0x48f408 memcpy
0x48f40c ??2@YAPAXI@Z
0x48f410 _purecall
0x48f414 free
0x48f418 memset
0x48f41c malloc
0x48f420 sprintf
0x48f424 printf
0x48f428 fwrite
0x48f42c srand
0x48f430 time
0x48f434 _CxxThrowException
0x48f438 rand
0x48f43c atol
0x48f440 memcmp
0x48f444 isprint
0x48f448 tolower
0x48f44c strncpy
0x48f450 _stricmp
0x48f454 wcslen
0x48f458 atoi
0x48f45c abs
0x48f460 wcscpy
0x48f464 strcmp
0x48f468 strcpy
0x48f46c iswspace
0x48f470 _stat
0x48f474 _wtoi
0x48f478 _ultow
0x48f47c wcschr
0x48f480 strchr
0x48f484 swprintf
0x48f488 _ftol
0x48f48c strcat
0x48f490 strtoul
0x48f494 calloc
0x48f498 _rotl
0x48f49c _rotr
0x48f4a0 fopen
0x48f4a4 fread
0x48f4a8 fclose
0x48f4ac fseek
0x48f4b0 ftell
0x48f4b4 fflush
0x48f4b8 wcsncpy
0x48f4bc wcsrchr
0x48f4c0 vsprintf
0x48f4c4 memmove
0x48f4c8 strrchr
0x48f4cc strncmp
0x48f4d0 mbstowcs
0x48f4d4 wcscmp
0x48f4d8 wcsstr
0x48f4dc vswprintf
0x48f4e0 iswdigit
0x48f4e4 _beginthreadex
0x48f4e8 _endthreadex
0x48f4ec cos
0x48f4f0 floor
0x48f4f4 sin
0x48f4f8 atof
0x48f4fc _i64tow
0x48f500 wcscat
0x48f504 realloc
0x48f508 _snwprintf
0x48f50c exit
0x48f510 fprintf
0x48f514 sscanf
0x48f518 getenv
0x48f51c fputc
0x48f520 _CIpow
0x48f524 _CIacos
0x48f528 ??1type_info@@UAE@XZ
Secur32.dll
0x48f584 FreeCredentialsHandle
0x48f588 InitializeSecurityContextA
0x48f58c CompleteAuthToken
0x48f590 QuerySecurityPackageInfoA
0x48f594 AcquireCredentialsHandleA
0x48f598 FreeContextBuffer
SHLWAPI.dll
0x48f57c PathGetDriveNumberA
SETUPAPI.dll
0x48f530 SetupDiGetDeviceRegistryPropertyA
0x48f534 SetupDiEnumDeviceInfo
0x48f538 SetupDiGetClassDevsA
0x48f53c SetupDiClassGuidsFromNameA
0x48f540 SetupDiDestroyDeviceInfoList
iphlpapi.dll
0x48f8f4 GetAdaptersInfo
ADVAPI32.dll
0x48f000 ConvertSidToStringSidA
0x48f004 GetTokenInformation
0x48f008 OpenProcessToken
0x48f00c RegCloseKey
0x48f010 RegQueryValueExA
0x48f014 RegOpenKeyExA
0x48f018 FreeSid
0x48f01c SetFileSecurityW
0x48f020 SetSecurityDescriptorDacl
0x48f024 InitializeSecurityDescriptor
0x48f028 AllocateAndInitializeSid
0x48f02c ImpersonateLoggedOnUser
0x48f030 RevertToSelf
0x48f034 GetUserNameA
0x48f038 StartServiceCtrlDispatcherW
0x48f03c RegisterServiceCtrlHandlerExA
0x48f040 SetServiceStatus
0x48f044 SetTokenInformation
0x48f048 DuplicateTokenEx
0x48f04c CreateProcessAsUserW
0x48f050 QueryServiceStatus
0x48f054 CloseServiceHandle
0x48f058 OpenServiceA
0x48f05c OpenSCManagerA
0x48f060 CreateServiceW
0x48f064 DeleteService
0x48f068 ControlService
0x48f06c StartServiceA
0x48f070 StartServiceW
0x48f074 RegCreateKeyExA
0x48f078 RegQueryValueExW
0x48f07c RegSetValueExW
0x48f080 RegSetValueExA
0x48f084 RegDeleteKeyA
0x48f088 RegDeleteValueW
0x48f08c RegCreateKeyExW
0x48f090 RegEnumKeyExW
0x48f094 RegOpenKeyExW
0x48f098 SetEntriesInAclA
comdlg32.dll
0x48f8e8 GetOpenFileNameW
0x48f8ec GetSaveFileNameW
USERENV.dll
0x48f848 LoadUserProfileA
0x48f84c UnloadUserProfile
COMCTL32.dll
0x48f0a0 CreateToolbarEx
0x48f0a4 ImageList_Create
0x48f0a8 ImageList_Draw
0x48f0ac ImageList_Destroy
0x48f0b0 None
0x48f0b4 ImageList_GetIconSize
0x48f0b8 ImageList_ReplaceIcon
0x48f0bc ImageList_Add
0x48f0c0 ImageList_Duplicate
0x48f0c4 _TrackMouseEvent
0x48f0c8 CreatePropertySheetPageW
0x48f0cc PropertySheetW
WININET.dll
0x48f854 HttpSendRequestA
0x48f858 HttpQueryInfoA
0x48f85c InternetConnectA
0x48f860 InternetSetOptionA
0x48f864 InternetCloseHandle
0x48f868 InternetReadFile
0x48f86c InternetOpenA
0x48f870 HttpOpenRequestA
DSOUND.dll
0x48f0d4 None
0x48f0d8 None
0x48f0dc None
0x48f0e0 None
KERNEL32.dll
0x48f1a4 SizeofResource
0x48f1a8 LoadResource
0x48f1ac LockResource
0x48f1b0 TryEnterCriticalSection
0x48f1b4 LeaveCriticalSection
0x48f1b8 EnterCriticalSection
0x48f1bc DeleteCriticalSection
0x48f1c0 InitializeCriticalSection
0x48f1c4 SetFileTime
0x48f1c8 GetFileTime
0x48f1cc OpenMutexA
0x48f1d0 FindResourceExA
0x48f1d4 ResetEvent
0x48f1d8 SetEvent
0x48f1dc OpenEventA
0x48f1e0 CreateEventA
0x48f1e4 ExitProcess
0x48f1e8 SetUnhandledExceptionFilter
0x48f1ec GetSystemDirectoryA
0x48f1f0 CompareFileTime
0x48f1f4 GetSystemTimeAsFileTime
0x48f1f8 GetLocalTime
0x48f1fc FileTimeToSystemTime
0x48f200 lstrcatW
0x48f204 LoadLibraryW
0x48f208 WaitNamedPipeW
0x48f20c ReadFile
0x48f210 SetLastError
0x48f214 GetExitCodeProcess
0x48f218 WaitForSingleObject
0x48f21c BeginUpdateResourceW
0x48f220 EndUpdateResourceW
0x48f224 UpdateResourceA
0x48f228 CreateThread
0x48f22c OpenProcess
0x48f230 CreateToolhelp32Snapshot
0x48f234 Process32First
0x48f238 Process32Next
0x48f23c LoadLibraryA
0x48f240 FreeLibrary
0x48f244 GetFileSize
0x48f248 SetFilePointer
0x48f24c WriteFile
0x48f250 GetFileAttributesW
0x48f254 lstrcmpiW
0x48f258 lstrcmpW
0x48f25c MulDiv
0x48f260 FormatMessageW
0x48f264 MultiByteToWideChar
0x48f268 WideCharToMultiByte
0x48f26c GetModuleFileNameW
0x48f270 GetComputerNameA
0x48f274 LocalAlloc
0x48f278 GetExitCodeThread
0x48f27c SystemTimeToFileTime
0x48f280 MoveFileW
0x48f284 DeleteFileW
0x48f288 GetTempPathW
0x48f28c CreateFileW
0x48f290 FindFirstFileW
0x48f294 FindClose
0x48f298 GetUserDefaultUILanguage
0x48f29c GetLocaleInfoA
0x48f2a0 CreateDirectoryW
0x48f2a4 SetCurrentDirectoryW
0x48f2a8 GetStartupInfoW
0x48f2ac CreateProcessW
0x48f2b0 GetModuleHandleA
0x48f2b4 GetProcAddress
0x48f2b8 SetProcessShutdownParameters
0x48f2bc GetVersionExA
0x48f2c0 GetCurrentProcess
0x48f2c4 LocalFree
0x48f2c8 GetCurrentThreadId
0x48f2cc CloseHandle
0x48f2d0 DeviceIoControl
0x48f2d4 CreateFileA
0x48f2d8 GetCurrentProcessId
0x48f2dc GetLastError
0x48f2e0 Sleep
0x48f2e4 GetTickCount
0x48f2e8 QueryPerformanceFrequency
0x48f2ec QueryPerformanceCounter
0x48f2f0 InterlockedIncrement
0x48f2f4 InterlockedDecrement
0x48f2f8 lstrlenA
0x48f2fc lstrlenW
0x48f300 TerminateProcess
0x48f304 SystemTimeToTzSpecificLocalTime
0x48f308 GetFileSizeEx
0x48f30c SetEndOfFile
0x48f310 SetFilePointerEx
0x48f314 GlobalUnlock
0x48f318 GlobalLock
0x48f31c GlobalAlloc
0x48f320 GetDriveTypeW
0x48f324 RemoveDirectoryW
0x48f328 FindNextFileW
0x48f32c SetFileAttributesW
0x48f330 GetLogicalDrives
0x48f334 ProcessIdToSessionId
0x48f338 SleepEx
0x48f33c CreateDirectoryA
0x48f340 DeleteFileA
0x48f344 GlobalFree
0x48f348 IsBadReadPtr
0x48f34c lstrcmpA
0x48f350 LocalFileTimeToFileTime
0x48f354 GetSystemDirectoryW
0x48f358 lstrcpyA
0x48f35c GetCurrentDirectoryA
0x48f360 FindResourceA
0x48f364 DuplicateHandle
0x48f368 CreateSemaphoreA
0x48f36c SetThreadPriority
0x48f370 TlsSetValue
0x48f374 GetCurrentThread
0x48f378 TlsAlloc
0x48f37c ResumeThread
0x48f380 TlsGetValue
0x48f384 InterlockedExchange
0x48f388 GetStartupInfoA
0x48f38c CreateMutexA
EAT(Export Address Table) is none