ScreenShot
| Created | 2024.10.20 10:05 | Machine | s1_win7_x6403 |
| Filename | %E9%AD%94%E6%99%B6.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | |||
| md5 | 2be4dfa98a31a874af90e0835951420d | ||
| sha256 | f69edcadbd85090b512acd60ae374ef0ede3af6302f0fe0e4e082629c003e5a8 | ||
| ssdeep | 98304:QxWYC6Av+V8FSrciFtXaswUdX+G8FJBAUZL7:gVgYE2aFJVf | ||
| imphash | f9ab754bc9fa6a8282105e098246a54c | ||
| impfuzzy | 192:/KWA3HCuJqZFiUYvlh6LTYyKOXx2z8cnc8ciBYNYPQf7:OCDjYOfa1QNYPQf7 | ||
Network IP location
Signature (7cnts)
| Level | Description |
|---|---|
| danger | Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) |
| watch | Communicates with host for which no DNS query was performed |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Foreign language identified in PE resource |
| notice | Searches running processes potentially to identify processes for sandbox evasion |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (11cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | ASPack_Zero | ASPack packed file | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | DllRegisterServer_Zero | execute regsvr32.exe | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
WINMM.dll
0x4db70c midiStreamOut
0x4db710 midiOutPrepareHeader
0x4db714 midiStreamProperty
0x4db718 midiStreamOpen
0x4db71c midiOutUnprepareHeader
0x4db720 waveOutOpen
0x4db724 waveOutUnprepareHeader
0x4db728 waveOutPrepareHeader
0x4db72c waveOutWrite
0x4db730 waveOutPause
0x4db734 waveOutReset
0x4db738 waveOutClose
0x4db73c waveOutGetNumDevs
0x4db740 waveOutRestart
0x4db744 midiStreamStop
0x4db748 midiOutReset
0x4db74c midiStreamClose
0x4db750 midiStreamRestart
WS2_32.dll
0x4db768 htons
0x4db76c WSAAsyncSelect
0x4db770 closesocket
0x4db774 send
0x4db778 select
0x4db77c socket
0x4db780 WSAStartup
0x4db784 gethostbyname
0x4db788 inet_ntoa
0x4db78c inet_addr
0x4db790 recvfrom
0x4db794 ioctlsocket
0x4db798 connect
0x4db79c recv
0x4db7a0 getpeername
0x4db7a4 accept
0x4db7a8 WSACleanup
0x4db7ac ntohl
RASAPI32.dll
0x4db42c RasHangUpA
0x4db430 RasGetConnectStatusA
KERNEL32.dll
0x4db1a8 SetLastError
0x4db1ac GetTimeZoneInformation
0x4db1b0 GetVersion
0x4db1b4 CreateMutexA
0x4db1b8 ReleaseMutex
0x4db1bc SuspendThread
0x4db1c0 GetACP
0x4db1c4 RaiseException
0x4db1c8 GetLocalTime
0x4db1cc GetSystemTime
0x4db1d0 RtlUnwind
0x4db1d4 GetStartupInfoA
0x4db1d8 GetOEMCP
0x4db1dc GetCPInfo
0x4db1e0 GetProcessVersion
0x4db1e4 SetErrorMode
0x4db1e8 GlobalFlags
0x4db1ec GetCurrentThread
0x4db1f0 GetFileTime
0x4db1f4 TlsGetValue
0x4db1f8 LocalReAlloc
0x4db1fc TlsSetValue
0x4db200 TlsFree
0x4db204 GlobalHandle
0x4db208 TlsAlloc
0x4db20c LocalAlloc
0x4db210 lstrcmpA
0x4db214 GlobalGetAtomNameA
0x4db218 GlobalAddAtomA
0x4db21c GlobalFindAtomA
0x4db220 GlobalDeleteAtom
0x4db224 lstrcmpiA
0x4db228 SetEndOfFile
0x4db22c UnlockFile
0x4db230 LockFile
0x4db234 FlushFileBuffers
0x4db238 DuplicateHandle
0x4db23c lstrcpynA
0x4db240 FileTimeToLocalFileTime
0x4db244 LocalFree
0x4db248 InterlockedDecrement
0x4db24c InterlockedIncrement
0x4db250 OpenProcess
0x4db254 TerminateProcess
0x4db258 GetFileSize
0x4db25c SetFilePointer
0x4db260 CreateToolhelp32Snapshot
0x4db264 Process32First
0x4db268 Process32Next
0x4db26c TerminateThread
0x4db270 GetCurrentProcess
0x4db274 CreateSemaphoreA
0x4db278 ResumeThread
0x4db27c ReleaseSemaphore
0x4db280 EnterCriticalSection
0x4db284 LeaveCriticalSection
0x4db288 GetProfileStringA
0x4db28c WriteFile
0x4db290 WaitForMultipleObjects
0x4db294 CreateFileA
0x4db298 SetEvent
0x4db29c FindResourceA
0x4db2a0 LoadResource
0x4db2a4 LockResource
0x4db2a8 ReadFile
0x4db2ac RemoveDirectoryA
0x4db2b0 GetModuleFileNameA
0x4db2b4 GetCurrentThreadId
0x4db2b8 ExitProcess
0x4db2bc GlobalSize
0x4db2c0 GlobalFree
0x4db2c4 DeleteCriticalSection
0x4db2c8 InitializeCriticalSection
0x4db2cc lstrcatA
0x4db2d0 lstrlenA
0x4db2d4 WinExec
0x4db2d8 lstrcpyA
0x4db2dc FindNextFileA
0x4db2e0 GlobalReAlloc
0x4db2e4 HeapFree
0x4db2e8 HeapReAlloc
0x4db2ec GetProcessHeap
0x4db2f0 HeapAlloc
0x4db2f4 MultiByteToWideChar
0x4db2f8 WideCharToMultiByte
0x4db2fc GetFullPathNameA
0x4db300 FreeLibrary
0x4db304 LoadLibraryA
0x4db308 GetLastError
0x4db30c GetVersionExA
0x4db310 GetPrivateProfileSectionNamesA
0x4db314 WritePrivateProfileStringA
0x4db318 GetPrivateProfileStringA
0x4db31c CreateThread
0x4db320 CreateEventA
0x4db324 Sleep
0x4db328 GlobalAlloc
0x4db32c GlobalLock
0x4db330 GlobalUnlock
0x4db334 InterlockedExchange
0x4db338 FindFirstFileA
0x4db33c FindClose
0x4db340 GetFileAttributesA
0x4db344 DeleteFileA
0x4db348 CopyFileA
0x4db34c SetCurrentDirectoryA
0x4db350 GetVolumeInformationA
0x4db354 GetModuleHandleA
0x4db358 GetProcAddress
0x4db35c MulDiv
0x4db360 GetCommandLineA
0x4db364 GetTickCount
0x4db368 CreateProcessA
0x4db36c WaitForSingleObject
0x4db370 CloseHandle
0x4db374 HeapSize
0x4db378 SetStdHandle
0x4db37c GetFileType
0x4db380 UnhandledExceptionFilter
0x4db384 FreeEnvironmentStringsA
0x4db388 FreeEnvironmentStringsW
0x4db38c GetEnvironmentStrings
0x4db390 GetEnvironmentStringsW
0x4db394 SetHandleCount
0x4db398 GetStdHandle
0x4db39c GetEnvironmentVariableA
0x4db3a0 HeapDestroy
0x4db3a4 HeapCreate
0x4db3a8 VirtualFree
0x4db3ac SetEnvironmentVariableA
0x4db3b0 LCMapStringA
0x4db3b4 LCMapStringW
0x4db3b8 VirtualAlloc
0x4db3bc IsBadWritePtr
0x4db3c0 SetUnhandledExceptionFilter
0x4db3c4 GetStringTypeA
0x4db3c8 GetStringTypeW
0x4db3cc CompareStringA
0x4db3d0 CompareStringW
0x4db3d4 IsBadReadPtr
0x4db3d8 IsBadCodePtr
0x4db3dc FileTimeToSystemTime
USER32.dll
0x4db45c GetActiveWindow
0x4db460 SetFocus
0x4db464 IsIconic
0x4db468 PeekMessageA
0x4db46c SetMenu
0x4db470 GetWindow
0x4db474 GetSysColorBrush
0x4db478 LoadStringA
0x4db47c SystemParametersInfoA
0x4db480 LoadImageA
0x4db484 EnumDisplaySettingsA
0x4db488 ClientToScreen
0x4db48c EnableMenuItem
0x4db490 GetSubMenu
0x4db494 GetDlgCtrlID
0x4db498 CreateAcceleratorTableA
0x4db49c CreateMenu
0x4db4a0 ModifyMenuA
0x4db4a4 AppendMenuA
0x4db4a8 CreatePopupMenu
0x4db4ac DrawIconEx
0x4db4b0 CreateIconFromResource
0x4db4b4 CreateIconFromResourceEx
0x4db4b8 RegisterClipboardFormatA
0x4db4bc SetRectEmpty
0x4db4c0 DispatchMessageA
0x4db4c4 GetMessageA
0x4db4c8 WindowFromPoint
0x4db4cc DrawFocusRect
0x4db4d0 DrawEdge
0x4db4d4 DestroyAcceleratorTable
0x4db4d8 SetWindowRgn
0x4db4dc GetMessagePos
0x4db4e0 ScreenToClient
0x4db4e4 ChildWindowFromPointEx
0x4db4e8 CopyRect
0x4db4ec LoadBitmapA
0x4db4f0 WinHelpA
0x4db4f4 KillTimer
0x4db4f8 SetTimer
0x4db4fc ReleaseCapture
0x4db500 GetCapture
0x4db504 SetCapture
0x4db508 GetScrollRange
0x4db50c SetScrollRange
0x4db510 SetScrollPos
0x4db514 SetRect
0x4db518 InflateRect
0x4db51c IntersectRect
0x4db520 DestroyIcon
0x4db524 PtInRect
0x4db528 DrawFrameControl
0x4db52c IsWindowVisible
0x4db530 EnableWindow
0x4db534 GetMenuCheckMarkDimensions
0x4db538 GetMenuState
0x4db53c SetMenuItemBitmaps
0x4db540 CheckMenuItem
0x4db544 MoveWindow
0x4db548 IsDialogMessageA
0x4db54c ScrollWindowEx
0x4db550 SendDlgItemMessageA
0x4db554 MapWindowPoints
0x4db558 AdjustWindowRectEx
0x4db55c GetMenu
0x4db560 GetScrollPos
0x4db564 RegisterClassA
0x4db568 GetMenuItemCount
0x4db56c GetMenuItemID
0x4db570 SetWindowsHookExA
0x4db574 CallNextHookEx
0x4db578 GetClassLongA
0x4db57c SetPropA
0x4db580 UnhookWindowsHookEx
0x4db584 GetPropA
0x4db588 RemovePropA
0x4db58c GetMessageTime
0x4db590 GetLastActivePopup
0x4db594 RegisterWindowMessageA
0x4db598 GetWindowPlacement
0x4db59c GetNextDlgTabItem
0x4db5a0 EndDialog
0x4db5a4 CreateDialogIndirectParamA
0x4db5a8 DestroyWindow
0x4db5ac GrayStringA
0x4db5b0 RedrawWindow
0x4db5b4 GetWindowLongA
0x4db5b8 SetWindowLongA
0x4db5bc GetSysColor
0x4db5c0 SetActiveWindow
0x4db5c4 SetCursorPos
0x4db5c8 LoadCursorA
0x4db5cc SetCursor
0x4db5d0 GetDC
0x4db5d4 FillRect
0x4db5d8 IsRectEmpty
0x4db5dc ReleaseDC
0x4db5e0 IsChild
0x4db5e4 TrackPopupMenu
0x4db5e8 DestroyMenu
0x4db5ec SetForegroundWindow
0x4db5f0 GetWindowRect
0x4db5f4 EqualRect
0x4db5f8 UpdateWindow
0x4db5fc ValidateRect
0x4db600 InvalidateRect
0x4db604 GetClientRect
0x4db608 GetFocus
0x4db60c GetParent
0x4db610 GetTopWindow
0x4db614 PostMessageA
0x4db618 IsWindow
0x4db61c SetParent
0x4db620 DestroyCursor
0x4db624 SendMessageA
0x4db628 SetWindowPos
0x4db62c MessageBoxA
0x4db630 GetCursorPos
0x4db634 GetSystemMetrics
0x4db638 EmptyClipboard
0x4db63c SetClipboardData
0x4db640 OpenClipboard
0x4db644 GetClipboardData
0x4db648 CloseClipboard
0x4db64c wsprintfA
0x4db650 WaitForInputIdle
0x4db654 DeleteMenu
0x4db658 GetSystemMenu
0x4db65c DefWindowProcA
0x4db660 GetClassInfoA
0x4db664 IsZoomed
0x4db668 PostQuitMessage
0x4db66c CopyAcceleratorTableA
0x4db670 TranslateMessage
0x4db674 LoadIconA
0x4db678 GetForegroundWindow
0x4db67c GetDesktopWindow
0x4db680 UnregisterClassA
0x4db684 GetClassNameA
0x4db688 GetWindowThreadProcessId
0x4db68c FindWindowA
0x4db690 GetDlgItem
0x4db694 GetWindowTextA
0x4db698 CallWindowProcA
0x4db69c CreateWindowExA
0x4db6a0 RegisterHotKey
0x4db6a4 UnregisterHotKey
0x4db6a8 SetWindowTextA
0x4db6ac GetKeyState
0x4db6b0 TranslateAcceleratorA
0x4db6b4 IsWindowEnabled
0x4db6b8 ShowWindow
0x4db6bc OffsetRect
0x4db6c0 GetWindowTextLengthA
0x4db6c4 CharUpperA
0x4db6c8 GetWindowDC
0x4db6cc BeginPaint
0x4db6d0 EndPaint
0x4db6d4 TabbedTextOutA
0x4db6d8 DrawTextA
GDI32.dll
0x4db054 LineTo
0x4db058 MoveToEx
0x4db05c ExcludeClipRect
0x4db060 GetClipBox
0x4db064 ScaleWindowExtEx
0x4db068 SetWindowExtEx
0x4db06c GetStockObject
0x4db070 CreateFontIndirectA
0x4db074 EndPage
0x4db078 EndDoc
0x4db07c DeleteDC
0x4db080 StartDocA
0x4db084 StartPage
0x4db088 BitBlt
0x4db08c CreateCompatibleDC
0x4db090 Ellipse
0x4db094 Rectangle
0x4db098 LPtoDP
0x4db09c DPtoLP
0x4db0a0 GetCurrentObject
0x4db0a4 RoundRect
0x4db0a8 GetTextExtentPoint32A
0x4db0ac GetDeviceCaps
0x4db0b0 CreatePalette
0x4db0b4 GetSystemPaletteEntries
0x4db0b8 CreateDIBitmap
0x4db0bc DeleteObject
0x4db0c0 SelectClipRgn
0x4db0c4 CreatePolygonRgn
0x4db0c8 GetClipRgn
0x4db0cc SetStretchBltMode
0x4db0d0 CreateRectRgnIndirect
0x4db0d4 SetBkColor
0x4db0d8 CreateFontA
0x4db0dc TranslateCharsetInfo
0x4db0e0 SetWindowOrgEx
0x4db0e4 ScaleViewportExtEx
0x4db0e8 SetViewportExtEx
0x4db0ec OffsetViewportOrgEx
0x4db0f0 SetViewportOrgEx
0x4db0f4 SetMapMode
0x4db0f8 SetTextColor
0x4db0fc SetROP2
0x4db100 SetPolyFillMode
0x4db104 SetBkMode
0x4db108 RestoreDC
0x4db10c ExtSelectClipRgn
0x4db110 GetViewportExtEx
0x4db114 PtVisible
0x4db118 RectVisible
0x4db11c TextOutA
0x4db120 ExtTextOutA
0x4db124 Escape
0x4db128 GetTextMetricsA
0x4db12c CreateSolidBrush
0x4db130 FillRgn
0x4db134 CreateRectRgn
0x4db138 CombineRgn
0x4db13c PatBlt
0x4db140 CreatePen
0x4db144 GetObjectA
0x4db148 SelectObject
0x4db14c SaveDC
0x4db150 CreateBitmap
0x4db154 CreateDCA
0x4db158 CreateCompatibleBitmap
0x4db15c GetPolyFillMode
0x4db160 GetStretchBltMode
0x4db164 GetROP2
0x4db168 GetBkColor
0x4db16c GetBkMode
0x4db170 GetTextColor
0x4db174 CreateRoundRectRgn
0x4db178 CreateEllipticRgn
0x4db17c PathToRegion
0x4db180 EndPath
0x4db184 BeginPath
0x4db188 GetWindowOrgEx
0x4db18c GetViewportOrgEx
0x4db190 GetWindowExtEx
0x4db194 GetDIBits
0x4db198 RealizePalette
0x4db19c SelectPalette
0x4db1a0 StretchBlt
WINSPOOL.DRV
0x4db758 OpenPrinterA
0x4db75c DocumentPropertiesA
0x4db760 ClosePrinter
ADVAPI32.dll
0x4db000 RegOpenKeyExA
0x4db004 RegSetValueExA
0x4db008 RegQueryValueA
0x4db00c RegCreateKeyExA
0x4db010 RegCloseKey
SHELL32.dll
0x4db438 DragQueryFileA
0x4db43c SHBrowseForFolderA
0x4db440 DragFinish
0x4db444 DragAcceptFiles
0x4db448 ShellExecuteA
0x4db44c Shell_NotifyIconA
0x4db450 SHGetMalloc
0x4db454 SHGetPathFromIDListA
ole32.dll
0x4db7cc CLSIDFromString
0x4db7d0 OleInitialize
0x4db7d4 OleUninitialize
OLEAUT32.dll
0x4db3e4 LoadTypeLib
0x4db3e8 RegisterTypeLib
0x4db3ec UnRegisterTypeLib
0x4db3f0 SafeArrayPutElement
0x4db3f4 SafeArrayCreate
0x4db3f8 SafeArrayDestroy
0x4db3fc SysAllocString
0x4db400 VariantInit
0x4db404 VariantCopyInd
0x4db408 SafeArrayAccessData
0x4db40c SafeArrayUnaccessData
0x4db410 SafeArrayGetDim
0x4db414 SafeArrayGetLBound
0x4db418 SafeArrayGetUBound
0x4db41c VariantChangeType
0x4db420 VariantClear
0x4db424 VariantCopy
COMCTL32.dll
0x4db018 ImageList_GetImageCount
0x4db01c ImageList_SetBkColor
0x4db020 ImageList_Add
0x4db024 ImageList_BeginDrag
0x4db028 ImageList_Create
0x4db02c ImageList_Destroy
0x4db030 ImageList_DragEnter
0x4db034 ImageList_DragLeave
0x4db038 ImageList_DragMove
0x4db03c ImageList_DragShowNolock
0x4db040 ImageList_EndDrag
0x4db044 None
0x4db048 ImageList_Read
0x4db04c ImageList_Duplicate
WININET.dll
0x4db6e0 InternetCanonicalizeUrlA
0x4db6e4 InternetCrackUrlA
0x4db6e8 HttpOpenRequestA
0x4db6ec HttpSendRequestA
0x4db6f0 HttpQueryInfoA
0x4db6f4 InternetConnectA
0x4db6f8 InternetSetOptionA
0x4db6fc InternetOpenA
0x4db700 InternetCloseHandle
0x4db704 InternetReadFile
comdlg32.dll
0x4db7b4 ChooseFontA
0x4db7b8 ChooseColorA
0x4db7bc GetFileTitleA
0x4db7c0 GetSaveFileNameA
0x4db7c4 GetOpenFileNameA
EAT(Export Address Table) is none
WINMM.dll
0x4db70c midiStreamOut
0x4db710 midiOutPrepareHeader
0x4db714 midiStreamProperty
0x4db718 midiStreamOpen
0x4db71c midiOutUnprepareHeader
0x4db720 waveOutOpen
0x4db724 waveOutUnprepareHeader
0x4db728 waveOutPrepareHeader
0x4db72c waveOutWrite
0x4db730 waveOutPause
0x4db734 waveOutReset
0x4db738 waveOutClose
0x4db73c waveOutGetNumDevs
0x4db740 waveOutRestart
0x4db744 midiStreamStop
0x4db748 midiOutReset
0x4db74c midiStreamClose
0x4db750 midiStreamRestart
WS2_32.dll
0x4db768 htons
0x4db76c WSAAsyncSelect
0x4db770 closesocket
0x4db774 send
0x4db778 select
0x4db77c socket
0x4db780 WSAStartup
0x4db784 gethostbyname
0x4db788 inet_ntoa
0x4db78c inet_addr
0x4db790 recvfrom
0x4db794 ioctlsocket
0x4db798 connect
0x4db79c recv
0x4db7a0 getpeername
0x4db7a4 accept
0x4db7a8 WSACleanup
0x4db7ac ntohl
RASAPI32.dll
0x4db42c RasHangUpA
0x4db430 RasGetConnectStatusA
KERNEL32.dll
0x4db1a8 SetLastError
0x4db1ac GetTimeZoneInformation
0x4db1b0 GetVersion
0x4db1b4 CreateMutexA
0x4db1b8 ReleaseMutex
0x4db1bc SuspendThread
0x4db1c0 GetACP
0x4db1c4 RaiseException
0x4db1c8 GetLocalTime
0x4db1cc GetSystemTime
0x4db1d0 RtlUnwind
0x4db1d4 GetStartupInfoA
0x4db1d8 GetOEMCP
0x4db1dc GetCPInfo
0x4db1e0 GetProcessVersion
0x4db1e4 SetErrorMode
0x4db1e8 GlobalFlags
0x4db1ec GetCurrentThread
0x4db1f0 GetFileTime
0x4db1f4 TlsGetValue
0x4db1f8 LocalReAlloc
0x4db1fc TlsSetValue
0x4db200 TlsFree
0x4db204 GlobalHandle
0x4db208 TlsAlloc
0x4db20c LocalAlloc
0x4db210 lstrcmpA
0x4db214 GlobalGetAtomNameA
0x4db218 GlobalAddAtomA
0x4db21c GlobalFindAtomA
0x4db220 GlobalDeleteAtom
0x4db224 lstrcmpiA
0x4db228 SetEndOfFile
0x4db22c UnlockFile
0x4db230 LockFile
0x4db234 FlushFileBuffers
0x4db238 DuplicateHandle
0x4db23c lstrcpynA
0x4db240 FileTimeToLocalFileTime
0x4db244 LocalFree
0x4db248 InterlockedDecrement
0x4db24c InterlockedIncrement
0x4db250 OpenProcess
0x4db254 TerminateProcess
0x4db258 GetFileSize
0x4db25c SetFilePointer
0x4db260 CreateToolhelp32Snapshot
0x4db264 Process32First
0x4db268 Process32Next
0x4db26c TerminateThread
0x4db270 GetCurrentProcess
0x4db274 CreateSemaphoreA
0x4db278 ResumeThread
0x4db27c ReleaseSemaphore
0x4db280 EnterCriticalSection
0x4db284 LeaveCriticalSection
0x4db288 GetProfileStringA
0x4db28c WriteFile
0x4db290 WaitForMultipleObjects
0x4db294 CreateFileA
0x4db298 SetEvent
0x4db29c FindResourceA
0x4db2a0 LoadResource
0x4db2a4 LockResource
0x4db2a8 ReadFile
0x4db2ac RemoveDirectoryA
0x4db2b0 GetModuleFileNameA
0x4db2b4 GetCurrentThreadId
0x4db2b8 ExitProcess
0x4db2bc GlobalSize
0x4db2c0 GlobalFree
0x4db2c4 DeleteCriticalSection
0x4db2c8 InitializeCriticalSection
0x4db2cc lstrcatA
0x4db2d0 lstrlenA
0x4db2d4 WinExec
0x4db2d8 lstrcpyA
0x4db2dc FindNextFileA
0x4db2e0 GlobalReAlloc
0x4db2e4 HeapFree
0x4db2e8 HeapReAlloc
0x4db2ec GetProcessHeap
0x4db2f0 HeapAlloc
0x4db2f4 MultiByteToWideChar
0x4db2f8 WideCharToMultiByte
0x4db2fc GetFullPathNameA
0x4db300 FreeLibrary
0x4db304 LoadLibraryA
0x4db308 GetLastError
0x4db30c GetVersionExA
0x4db310 GetPrivateProfileSectionNamesA
0x4db314 WritePrivateProfileStringA
0x4db318 GetPrivateProfileStringA
0x4db31c CreateThread
0x4db320 CreateEventA
0x4db324 Sleep
0x4db328 GlobalAlloc
0x4db32c GlobalLock
0x4db330 GlobalUnlock
0x4db334 InterlockedExchange
0x4db338 FindFirstFileA
0x4db33c FindClose
0x4db340 GetFileAttributesA
0x4db344 DeleteFileA
0x4db348 CopyFileA
0x4db34c SetCurrentDirectoryA
0x4db350 GetVolumeInformationA
0x4db354 GetModuleHandleA
0x4db358 GetProcAddress
0x4db35c MulDiv
0x4db360 GetCommandLineA
0x4db364 GetTickCount
0x4db368 CreateProcessA
0x4db36c WaitForSingleObject
0x4db370 CloseHandle
0x4db374 HeapSize
0x4db378 SetStdHandle
0x4db37c GetFileType
0x4db380 UnhandledExceptionFilter
0x4db384 FreeEnvironmentStringsA
0x4db388 FreeEnvironmentStringsW
0x4db38c GetEnvironmentStrings
0x4db390 GetEnvironmentStringsW
0x4db394 SetHandleCount
0x4db398 GetStdHandle
0x4db39c GetEnvironmentVariableA
0x4db3a0 HeapDestroy
0x4db3a4 HeapCreate
0x4db3a8 VirtualFree
0x4db3ac SetEnvironmentVariableA
0x4db3b0 LCMapStringA
0x4db3b4 LCMapStringW
0x4db3b8 VirtualAlloc
0x4db3bc IsBadWritePtr
0x4db3c0 SetUnhandledExceptionFilter
0x4db3c4 GetStringTypeA
0x4db3c8 GetStringTypeW
0x4db3cc CompareStringA
0x4db3d0 CompareStringW
0x4db3d4 IsBadReadPtr
0x4db3d8 IsBadCodePtr
0x4db3dc FileTimeToSystemTime
USER32.dll
0x4db45c GetActiveWindow
0x4db460 SetFocus
0x4db464 IsIconic
0x4db468 PeekMessageA
0x4db46c SetMenu
0x4db470 GetWindow
0x4db474 GetSysColorBrush
0x4db478 LoadStringA
0x4db47c SystemParametersInfoA
0x4db480 LoadImageA
0x4db484 EnumDisplaySettingsA
0x4db488 ClientToScreen
0x4db48c EnableMenuItem
0x4db490 GetSubMenu
0x4db494 GetDlgCtrlID
0x4db498 CreateAcceleratorTableA
0x4db49c CreateMenu
0x4db4a0 ModifyMenuA
0x4db4a4 AppendMenuA
0x4db4a8 CreatePopupMenu
0x4db4ac DrawIconEx
0x4db4b0 CreateIconFromResource
0x4db4b4 CreateIconFromResourceEx
0x4db4b8 RegisterClipboardFormatA
0x4db4bc SetRectEmpty
0x4db4c0 DispatchMessageA
0x4db4c4 GetMessageA
0x4db4c8 WindowFromPoint
0x4db4cc DrawFocusRect
0x4db4d0 DrawEdge
0x4db4d4 DestroyAcceleratorTable
0x4db4d8 SetWindowRgn
0x4db4dc GetMessagePos
0x4db4e0 ScreenToClient
0x4db4e4 ChildWindowFromPointEx
0x4db4e8 CopyRect
0x4db4ec LoadBitmapA
0x4db4f0 WinHelpA
0x4db4f4 KillTimer
0x4db4f8 SetTimer
0x4db4fc ReleaseCapture
0x4db500 GetCapture
0x4db504 SetCapture
0x4db508 GetScrollRange
0x4db50c SetScrollRange
0x4db510 SetScrollPos
0x4db514 SetRect
0x4db518 InflateRect
0x4db51c IntersectRect
0x4db520 DestroyIcon
0x4db524 PtInRect
0x4db528 DrawFrameControl
0x4db52c IsWindowVisible
0x4db530 EnableWindow
0x4db534 GetMenuCheckMarkDimensions
0x4db538 GetMenuState
0x4db53c SetMenuItemBitmaps
0x4db540 CheckMenuItem
0x4db544 MoveWindow
0x4db548 IsDialogMessageA
0x4db54c ScrollWindowEx
0x4db550 SendDlgItemMessageA
0x4db554 MapWindowPoints
0x4db558 AdjustWindowRectEx
0x4db55c GetMenu
0x4db560 GetScrollPos
0x4db564 RegisterClassA
0x4db568 GetMenuItemCount
0x4db56c GetMenuItemID
0x4db570 SetWindowsHookExA
0x4db574 CallNextHookEx
0x4db578 GetClassLongA
0x4db57c SetPropA
0x4db580 UnhookWindowsHookEx
0x4db584 GetPropA
0x4db588 RemovePropA
0x4db58c GetMessageTime
0x4db590 GetLastActivePopup
0x4db594 RegisterWindowMessageA
0x4db598 GetWindowPlacement
0x4db59c GetNextDlgTabItem
0x4db5a0 EndDialog
0x4db5a4 CreateDialogIndirectParamA
0x4db5a8 DestroyWindow
0x4db5ac GrayStringA
0x4db5b0 RedrawWindow
0x4db5b4 GetWindowLongA
0x4db5b8 SetWindowLongA
0x4db5bc GetSysColor
0x4db5c0 SetActiveWindow
0x4db5c4 SetCursorPos
0x4db5c8 LoadCursorA
0x4db5cc SetCursor
0x4db5d0 GetDC
0x4db5d4 FillRect
0x4db5d8 IsRectEmpty
0x4db5dc ReleaseDC
0x4db5e0 IsChild
0x4db5e4 TrackPopupMenu
0x4db5e8 DestroyMenu
0x4db5ec SetForegroundWindow
0x4db5f0 GetWindowRect
0x4db5f4 EqualRect
0x4db5f8 UpdateWindow
0x4db5fc ValidateRect
0x4db600 InvalidateRect
0x4db604 GetClientRect
0x4db608 GetFocus
0x4db60c GetParent
0x4db610 GetTopWindow
0x4db614 PostMessageA
0x4db618 IsWindow
0x4db61c SetParent
0x4db620 DestroyCursor
0x4db624 SendMessageA
0x4db628 SetWindowPos
0x4db62c MessageBoxA
0x4db630 GetCursorPos
0x4db634 GetSystemMetrics
0x4db638 EmptyClipboard
0x4db63c SetClipboardData
0x4db640 OpenClipboard
0x4db644 GetClipboardData
0x4db648 CloseClipboard
0x4db64c wsprintfA
0x4db650 WaitForInputIdle
0x4db654 DeleteMenu
0x4db658 GetSystemMenu
0x4db65c DefWindowProcA
0x4db660 GetClassInfoA
0x4db664 IsZoomed
0x4db668 PostQuitMessage
0x4db66c CopyAcceleratorTableA
0x4db670 TranslateMessage
0x4db674 LoadIconA
0x4db678 GetForegroundWindow
0x4db67c GetDesktopWindow
0x4db680 UnregisterClassA
0x4db684 GetClassNameA
0x4db688 GetWindowThreadProcessId
0x4db68c FindWindowA
0x4db690 GetDlgItem
0x4db694 GetWindowTextA
0x4db698 CallWindowProcA
0x4db69c CreateWindowExA
0x4db6a0 RegisterHotKey
0x4db6a4 UnregisterHotKey
0x4db6a8 SetWindowTextA
0x4db6ac GetKeyState
0x4db6b0 TranslateAcceleratorA
0x4db6b4 IsWindowEnabled
0x4db6b8 ShowWindow
0x4db6bc OffsetRect
0x4db6c0 GetWindowTextLengthA
0x4db6c4 CharUpperA
0x4db6c8 GetWindowDC
0x4db6cc BeginPaint
0x4db6d0 EndPaint
0x4db6d4 TabbedTextOutA
0x4db6d8 DrawTextA
GDI32.dll
0x4db054 LineTo
0x4db058 MoveToEx
0x4db05c ExcludeClipRect
0x4db060 GetClipBox
0x4db064 ScaleWindowExtEx
0x4db068 SetWindowExtEx
0x4db06c GetStockObject
0x4db070 CreateFontIndirectA
0x4db074 EndPage
0x4db078 EndDoc
0x4db07c DeleteDC
0x4db080 StartDocA
0x4db084 StartPage
0x4db088 BitBlt
0x4db08c CreateCompatibleDC
0x4db090 Ellipse
0x4db094 Rectangle
0x4db098 LPtoDP
0x4db09c DPtoLP
0x4db0a0 GetCurrentObject
0x4db0a4 RoundRect
0x4db0a8 GetTextExtentPoint32A
0x4db0ac GetDeviceCaps
0x4db0b0 CreatePalette
0x4db0b4 GetSystemPaletteEntries
0x4db0b8 CreateDIBitmap
0x4db0bc DeleteObject
0x4db0c0 SelectClipRgn
0x4db0c4 CreatePolygonRgn
0x4db0c8 GetClipRgn
0x4db0cc SetStretchBltMode
0x4db0d0 CreateRectRgnIndirect
0x4db0d4 SetBkColor
0x4db0d8 CreateFontA
0x4db0dc TranslateCharsetInfo
0x4db0e0 SetWindowOrgEx
0x4db0e4 ScaleViewportExtEx
0x4db0e8 SetViewportExtEx
0x4db0ec OffsetViewportOrgEx
0x4db0f0 SetViewportOrgEx
0x4db0f4 SetMapMode
0x4db0f8 SetTextColor
0x4db0fc SetROP2
0x4db100 SetPolyFillMode
0x4db104 SetBkMode
0x4db108 RestoreDC
0x4db10c ExtSelectClipRgn
0x4db110 GetViewportExtEx
0x4db114 PtVisible
0x4db118 RectVisible
0x4db11c TextOutA
0x4db120 ExtTextOutA
0x4db124 Escape
0x4db128 GetTextMetricsA
0x4db12c CreateSolidBrush
0x4db130 FillRgn
0x4db134 CreateRectRgn
0x4db138 CombineRgn
0x4db13c PatBlt
0x4db140 CreatePen
0x4db144 GetObjectA
0x4db148 SelectObject
0x4db14c SaveDC
0x4db150 CreateBitmap
0x4db154 CreateDCA
0x4db158 CreateCompatibleBitmap
0x4db15c GetPolyFillMode
0x4db160 GetStretchBltMode
0x4db164 GetROP2
0x4db168 GetBkColor
0x4db16c GetBkMode
0x4db170 GetTextColor
0x4db174 CreateRoundRectRgn
0x4db178 CreateEllipticRgn
0x4db17c PathToRegion
0x4db180 EndPath
0x4db184 BeginPath
0x4db188 GetWindowOrgEx
0x4db18c GetViewportOrgEx
0x4db190 GetWindowExtEx
0x4db194 GetDIBits
0x4db198 RealizePalette
0x4db19c SelectPalette
0x4db1a0 StretchBlt
WINSPOOL.DRV
0x4db758 OpenPrinterA
0x4db75c DocumentPropertiesA
0x4db760 ClosePrinter
ADVAPI32.dll
0x4db000 RegOpenKeyExA
0x4db004 RegSetValueExA
0x4db008 RegQueryValueA
0x4db00c RegCreateKeyExA
0x4db010 RegCloseKey
SHELL32.dll
0x4db438 DragQueryFileA
0x4db43c SHBrowseForFolderA
0x4db440 DragFinish
0x4db444 DragAcceptFiles
0x4db448 ShellExecuteA
0x4db44c Shell_NotifyIconA
0x4db450 SHGetMalloc
0x4db454 SHGetPathFromIDListA
ole32.dll
0x4db7cc CLSIDFromString
0x4db7d0 OleInitialize
0x4db7d4 OleUninitialize
OLEAUT32.dll
0x4db3e4 LoadTypeLib
0x4db3e8 RegisterTypeLib
0x4db3ec UnRegisterTypeLib
0x4db3f0 SafeArrayPutElement
0x4db3f4 SafeArrayCreate
0x4db3f8 SafeArrayDestroy
0x4db3fc SysAllocString
0x4db400 VariantInit
0x4db404 VariantCopyInd
0x4db408 SafeArrayAccessData
0x4db40c SafeArrayUnaccessData
0x4db410 SafeArrayGetDim
0x4db414 SafeArrayGetLBound
0x4db418 SafeArrayGetUBound
0x4db41c VariantChangeType
0x4db420 VariantClear
0x4db424 VariantCopy
COMCTL32.dll
0x4db018 ImageList_GetImageCount
0x4db01c ImageList_SetBkColor
0x4db020 ImageList_Add
0x4db024 ImageList_BeginDrag
0x4db028 ImageList_Create
0x4db02c ImageList_Destroy
0x4db030 ImageList_DragEnter
0x4db034 ImageList_DragLeave
0x4db038 ImageList_DragMove
0x4db03c ImageList_DragShowNolock
0x4db040 ImageList_EndDrag
0x4db044 None
0x4db048 ImageList_Read
0x4db04c ImageList_Duplicate
WININET.dll
0x4db6e0 InternetCanonicalizeUrlA
0x4db6e4 InternetCrackUrlA
0x4db6e8 HttpOpenRequestA
0x4db6ec HttpSendRequestA
0x4db6f0 HttpQueryInfoA
0x4db6f4 InternetConnectA
0x4db6f8 InternetSetOptionA
0x4db6fc InternetOpenA
0x4db700 InternetCloseHandle
0x4db704 InternetReadFile
comdlg32.dll
0x4db7b4 ChooseFontA
0x4db7b8 ChooseColorA
0x4db7bc GetFileTitleA
0x4db7c0 GetSaveFileNameA
0x4db7c4 GetOpenFileNameA
EAT(Export Address Table) is none