ScreenShot
| Created | 2024.10.21 14:31 | Machine | s1_win7_x6403 |
| Filename | file.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 58 detected (AIDetectMalware, Zenpak, Malicious, score, Artemis, IcedID, Unsafe, Conti, Vdz4, confidence, 100%, GenericKD, Attribute, HighConfidence, high confidence, Kryptik, HEEO, aghc, Emotet, htrmxx, T7jucGsOneL, AGEN, R002C0DJJ24, Detected, DealPly, Eldorado, Hplw, 4nmkZpn1pJQ, GenKryptik, EOAA) | ||
| md5 | 0ef3890b051c62c04435a5ab8cb15ec2 | ||
| sha256 | b9ce680718abab18162d7358dd9717276d4d77674f699aac9f7dfc3dc2e9115b | ||
| ssdeep | 6144:N3GXaEkS6acHhDbYIur4J4Zn4HSMz6gCz3FGIcAolpgVHMe4IuKKew8O/CTq:N4aW4uMz6DwAUOVHMe4938C | ||
| imphash | 51a39d3e3157040e8114582e1db221ac | ||
| impfuzzy | 192:muKBAsYxUKf0Rk4dJ/bbO37cRcTcXv0POP2mOQ:mvABfebaLEOnOP2mOQ | ||
Network IP location
Signature (6cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 58 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates hidden or system file |
| notice | Foreign language identified in PE resource |
| notice | One or more potentially interesting buffers were extracted |
| notice | Resolves a suspicious Top Level Domain (TLD) |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (6cnts) ?
Suricata ids
ET DNS Query to a *.top domain - Likely Hostile
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x4490e0 RtlUnwind
0x4490e4 HeapFree
0x4490e8 HeapAlloc
0x4490ec RaiseException
0x4490f0 Sleep
0x4490f4 ExitProcess
0x4490f8 HeapReAlloc
0x4490fc VirtualProtect
0x449100 VirtualAlloc
0x449104 GetSystemInfo
0x449108 VirtualQuery
0x44910c HeapSize
0x449110 TerminateProcess
0x449114 UnhandledExceptionFilter
0x449118 SetUnhandledExceptionFilter
0x44911c IsDebuggerPresent
0x449120 GetStdHandle
0x449124 FreeEnvironmentStringsA
0x449128 GetEnvironmentStrings
0x44912c FreeEnvironmentStringsW
0x449130 GetEnvironmentStringsW
0x449134 SetHandleCount
0x449138 GetFileType
0x44913c HeapCreate
0x449140 GetStartupInfoA
0x449144 QueryPerformanceCounter
0x449148 GetSystemTimeAsFileTime
0x44914c GetACP
0x449150 IsValidCodePage
0x449154 InitializeCriticalSectionAndSpinCount
0x449158 GetStringTypeA
0x44915c GetStringTypeW
0x449160 GetTimeZoneInformation
0x449164 GetConsoleCP
0x449168 GetConsoleMode
0x44916c LCMapStringA
0x449170 LCMapStringW
0x449174 SetStdHandle
0x449178 WriteConsoleA
0x44917c GetConsoleOutputCP
0x449180 WriteConsoleW
0x449184 CompareStringW
0x449188 SetEnvironmentVariableA
0x44918c GetCommandLineA
0x449190 GetFileTime
0x449194 GetFileSizeEx
0x449198 GetFileAttributesA
0x44919c FileTimeToLocalFileTime
0x4491a0 SetErrorMode
0x4491a4 GetModuleHandleW
0x4491a8 FileTimeToSystemTime
0x4491ac CreateFileA
0x4491b0 GetFullPathNameA
0x4491b4 GetVolumeInformationA
0x4491b8 FindFirstFileA
0x4491bc FindClose
0x4491c0 GetCurrentProcess
0x4491c4 DuplicateHandle
0x4491c8 GetFileSize
0x4491cc SetEndOfFile
0x4491d0 UnlockFile
0x4491d4 LockFile
0x4491d8 FlushFileBuffers
0x4491dc SetFilePointer
0x4491e0 WriteFile
0x4491e4 ReadFile
0x4491e8 GetThreadLocale
0x4491ec WritePrivateProfileStringA
0x4491f0 GetOEMCP
0x4491f4 GetCPInfo
0x4491f8 InterlockedIncrement
0x4491fc TlsFree
0x449200 DeleteCriticalSection
0x449204 LocalReAlloc
0x449208 TlsSetValue
0x44920c TlsAlloc
0x449210 InitializeCriticalSection
0x449214 GlobalHandle
0x449218 GlobalReAlloc
0x44921c EnterCriticalSection
0x449220 TlsGetValue
0x449224 LeaveCriticalSection
0x449228 LocalAlloc
0x44922c GlobalFlags
0x449230 FormatMessageA
0x449234 LocalFree
0x449238 MulDiv
0x44923c InterlockedDecrement
0x449240 GetModuleFileNameW
0x449244 GetCurrentProcessId
0x449248 CloseHandle
0x44924c GetCurrentThread
0x449250 ConvertDefaultLocale
0x449254 EnumResourceLanguagesA
0x449258 GetModuleFileNameA
0x44925c GetLocaleInfoA
0x449260 InterlockedExchange
0x449264 lstrcmpA
0x449268 GlobalAlloc
0x44926c GetCurrentThreadId
0x449270 GlobalGetAtomNameA
0x449274 GlobalAddAtomA
0x449278 GlobalFindAtomA
0x44927c GlobalDeleteAtom
0x449280 FreeLibrary
0x449284 CompareStringA
0x449288 MultiByteToWideChar
0x44928c lstrcmpW
0x449290 GetVersionExA
0x449294 lstrlenA
0x449298 SetLastError
0x44929c GetProcAddress
0x4492a0 GetModuleHandleA
0x4492a4 LoadLibraryA
0x4492a8 GlobalLock
0x4492ac GlobalUnlock
0x4492b0 GlobalFree
0x4492b4 FreeResource
0x4492b8 GetLastError
0x4492bc GetTickCount
0x4492c0 FindResourceA
0x4492c4 LoadResource
0x4492c8 LockResource
0x4492cc SizeofResource
0x4492d0 WideCharToMultiByte
0x4492d4 VirtualFree
0x4492d8 LoadLibraryExW
USER32.dll
0x44932c UnregisterClassA
0x449330 RegisterClipboardFormatA
0x449334 PostThreadMessageA
0x449338 EndPaint
0x44933c BeginPaint
0x449340 GetWindowDC
0x449344 ClientToScreen
0x449348 GrayStringA
0x44934c DrawTextExA
0x449350 TabbedTextOutA
0x449354 DestroyMenu
0x449358 GetWindowThreadProcessId
0x44935c GetMessageA
0x449360 TranslateMessage
0x449364 ValidateRect
0x449368 SetWindowContextHelpId
0x44936c MapDialogRect
0x449370 PostQuitMessage
0x449374 SetMenuItemBitmaps
0x449378 GetMenuCheckMarkDimensions
0x44937c LoadBitmapA
0x449380 ModifyMenuA
0x449384 GetMenuState
0x449388 EnableMenuItem
0x44938c CheckMenuItem
0x449390 IsDialogMessageA
0x449394 SetDlgItemInt
0x449398 GetDlgItemInt
0x44939c RegisterWindowMessageA
0x4493a0 WinHelpA
0x4493a4 IsChild
0x4493a8 GetCapture
0x4493ac SetWindowsHookExA
0x4493b0 CallNextHookEx
0x4493b4 GetClassLongA
0x4493b8 GetClassNameA
0x4493bc CharUpperA
0x4493c0 GetPropA
0x4493c4 RemovePropA
0x4493c8 GetFocus
0x4493cc GetForegroundWindow
0x4493d0 GetLastActivePopup
0x4493d4 DispatchMessageA
0x4493d8 GetTopWindow
0x4493dc UnhookWindowsHookEx
0x4493e0 GetMessageTime
0x4493e4 GetMessagePos
0x4493e8 PeekMessageA
0x4493ec MapWindowPoints
0x4493f0 SetMenu
0x4493f4 SetForegroundWindow
0x4493f8 IsWindowVisible
0x4493fc GetSubMenu
0x449400 GetMenuItemID
0x449404 GetMenuItemCount
0x449408 MessageBoxA
0x44940c GetClassInfoExA
0x449410 GetSysColor
0x449414 AdjustWindowRectEx
0x449418 EqualRect
0x44941c GetDlgCtrlID
0x449420 GetMenu
0x449424 SetWindowPos
0x449428 OffsetRect
0x44942c IntersectRect
0x449430 SystemParametersInfoA
0x449434 GetWindowPlacement
0x449438 GetWindowRect
0x44943c GetWindow
0x449440 CopyRect
0x449444 EnableWindow
0x449448 SendMessageA
0x44944c LoadIconA
0x449450 GetSystemMenu
0x449454 GetDesktopWindow
0x449458 GetActiveWindow
0x44945c SetActiveWindow
0x449460 CreateDialogIndirectParamA
0x449464 DestroyWindow
0x449468 IsWindow
0x44946c GetDlgItem
0x449470 IsWindowEnabled
0x449474 GetNextDlgTabItem
0x449478 EndDialog
0x44947c PostMessageA
0x449480 CallWindowProcA
0x449484 SetWindowTextA
0x449488 MessageBeep
0x44948c GetNextDlgGroupItem
0x449490 InvalidateRgn
0x449494 IsRectEmpty
0x449498 CopyAcceleratorTableA
0x44949c CharNextA
0x4494a0 SetPropA
0x4494a4 GetSysColorBrush
0x4494a8 AppendMenuA
0x4494ac IsIconic
0x4494b0 GetSystemMetrics
0x4494b4 GetClientRect
0x4494b8 DrawIcon
0x4494bc InvalidateRect
0x4494c0 SetWindowLongA
0x4494c4 GetParent
0x4494c8 RegisterClassA
0x4494cc GetClassInfoA
0x4494d0 SetFocus
0x4494d4 UpdateWindow
0x4494d8 CreateWindowExA
0x4494dc GetWindowLongA
0x4494e0 LoadCursorA
0x4494e4 DestroyCursor
0x4494e8 FillRect
0x4494ec SetRect
0x4494f0 DrawTextA
0x4494f4 InflateRect
0x4494f8 SetScrollPos
0x4494fc ShowWindow
0x449500 GetWindowTextA
0x449504 ReleaseDC
0x449508 GetDC
0x44950c SetScrollRange
0x449510 GetScrollInfo
0x449514 GetKeyState
0x449518 SetCapture
0x44951c PtInRect
0x449520 KillTimer
0x449524 ReleaseCapture
0x449528 SetTimer
0x44952c SetCursor
0x449530 ScreenToClient
0x449534 GetCursorPos
0x449538 DefWindowProcA
0x44953c MoveWindow
0x449540 SendDlgItemMessageA
GDI32.dll
0x449030 OffsetViewportOrgEx
0x449034 SetViewportExtEx
0x449038 ScaleViewportExtEx
0x44903c SetWindowExtEx
0x449040 ScaleWindowExtEx
0x449044 ExtSelectClipRgn
0x449048 SetViewportOrgEx
0x44904c GetMapMode
0x449050 GetBkColor
0x449054 GetTextColor
0x449058 GetRgnBox
0x44905c TextOutA
0x449060 Escape
0x449064 RectVisible
0x449068 PtVisible
0x44906c GetWindowExtEx
0x449070 GetViewportExtEx
0x449074 GetStockObject
0x449078 SetMapMode
0x44907c RestoreDC
0x449080 SaveDC
0x449084 GetDeviceCaps
0x449088 ExtTextOutA
0x44908c CreateBitmap
0x449090 SetBkColor
0x449094 SetTextColor
0x449098 CreateRectRgnIndirect
0x44909c BitBlt
0x4490a0 DeleteDC
0x4490a4 CreateCompatibleDC
0x4490a8 CreateCompatibleBitmap
0x4490ac SetWindowOrgEx
0x4490b0 SetBkMode
0x4490b4 SetROP2
0x4490b8 SelectObject
0x4490bc MoveToEx
0x4490c0 LineTo
0x4490c4 GetClipBox
0x4490c8 GetObjectA
0x4490cc CreateFontIndirectA
0x4490d0 DeleteObject
0x4490d4 CreatePen
0x4490d8 CreateSolidBrush
COMDLG32.dll
0x449028 GetFileTitleA
WINSPOOL.DRV
0x449548 DocumentPropertiesA
0x44954c ClosePrinter
0x449550 OpenPrinterA
ADVAPI32.dll
0x449000 RegSetValueExA
0x449004 RegCreateKeyExA
0x449008 RegQueryValueA
0x44900c RegOpenKeyA
0x449010 RegEnumKeyA
0x449014 RegDeleteKeyA
0x449018 RegOpenKeyExA
0x44901c RegQueryValueExA
0x449020 RegCloseKey
SHLWAPI.dll
0x449318 PathFindFileNameA
0x44931c PathStripToRootA
0x449320 PathIsUNCA
0x449324 PathFindExtensionA
oledlg.dll
0x449598 None
ole32.dll
0x449558 CoRevokeClassObject
0x44955c OleInitialize
0x449560 CoFreeUnusedLibraries
0x449564 OleUninitialize
0x449568 CreateILockBytesOnHGlobal
0x44956c StgCreateDocfileOnILockBytes
0x449570 StgOpenStorageOnILockBytes
0x449574 CoGetClassObject
0x449578 OleIsCurrentClipboard
0x44957c CoTaskMemAlloc
0x449580 CoTaskMemFree
0x449584 CLSIDFromString
0x449588 CLSIDFromProgID
0x44958c OleFlushClipboard
0x449590 CoRegisterMessageFilter
OLEAUT32.dll
0x4492e0 VariantChangeType
0x4492e4 VariantInit
0x4492e8 SysAllocStringLen
0x4492ec SysFreeString
0x4492f0 SysStringLen
0x4492f4 SysAllocStringByteLen
0x4492f8 OleCreateFontIndirect
0x4492fc VariantTimeToSystemTime
0x449300 SystemTimeToVariantTime
0x449304 SafeArrayDestroy
0x449308 SysAllocString
0x44930c VariantCopy
0x449310 VariantClear
EAT(Export Address Table) is none
KERNEL32.dll
0x4490e0 RtlUnwind
0x4490e4 HeapFree
0x4490e8 HeapAlloc
0x4490ec RaiseException
0x4490f0 Sleep
0x4490f4 ExitProcess
0x4490f8 HeapReAlloc
0x4490fc VirtualProtect
0x449100 VirtualAlloc
0x449104 GetSystemInfo
0x449108 VirtualQuery
0x44910c HeapSize
0x449110 TerminateProcess
0x449114 UnhandledExceptionFilter
0x449118 SetUnhandledExceptionFilter
0x44911c IsDebuggerPresent
0x449120 GetStdHandle
0x449124 FreeEnvironmentStringsA
0x449128 GetEnvironmentStrings
0x44912c FreeEnvironmentStringsW
0x449130 GetEnvironmentStringsW
0x449134 SetHandleCount
0x449138 GetFileType
0x44913c HeapCreate
0x449140 GetStartupInfoA
0x449144 QueryPerformanceCounter
0x449148 GetSystemTimeAsFileTime
0x44914c GetACP
0x449150 IsValidCodePage
0x449154 InitializeCriticalSectionAndSpinCount
0x449158 GetStringTypeA
0x44915c GetStringTypeW
0x449160 GetTimeZoneInformation
0x449164 GetConsoleCP
0x449168 GetConsoleMode
0x44916c LCMapStringA
0x449170 LCMapStringW
0x449174 SetStdHandle
0x449178 WriteConsoleA
0x44917c GetConsoleOutputCP
0x449180 WriteConsoleW
0x449184 CompareStringW
0x449188 SetEnvironmentVariableA
0x44918c GetCommandLineA
0x449190 GetFileTime
0x449194 GetFileSizeEx
0x449198 GetFileAttributesA
0x44919c FileTimeToLocalFileTime
0x4491a0 SetErrorMode
0x4491a4 GetModuleHandleW
0x4491a8 FileTimeToSystemTime
0x4491ac CreateFileA
0x4491b0 GetFullPathNameA
0x4491b4 GetVolumeInformationA
0x4491b8 FindFirstFileA
0x4491bc FindClose
0x4491c0 GetCurrentProcess
0x4491c4 DuplicateHandle
0x4491c8 GetFileSize
0x4491cc SetEndOfFile
0x4491d0 UnlockFile
0x4491d4 LockFile
0x4491d8 FlushFileBuffers
0x4491dc SetFilePointer
0x4491e0 WriteFile
0x4491e4 ReadFile
0x4491e8 GetThreadLocale
0x4491ec WritePrivateProfileStringA
0x4491f0 GetOEMCP
0x4491f4 GetCPInfo
0x4491f8 InterlockedIncrement
0x4491fc TlsFree
0x449200 DeleteCriticalSection
0x449204 LocalReAlloc
0x449208 TlsSetValue
0x44920c TlsAlloc
0x449210 InitializeCriticalSection
0x449214 GlobalHandle
0x449218 GlobalReAlloc
0x44921c EnterCriticalSection
0x449220 TlsGetValue
0x449224 LeaveCriticalSection
0x449228 LocalAlloc
0x44922c GlobalFlags
0x449230 FormatMessageA
0x449234 LocalFree
0x449238 MulDiv
0x44923c InterlockedDecrement
0x449240 GetModuleFileNameW
0x449244 GetCurrentProcessId
0x449248 CloseHandle
0x44924c GetCurrentThread
0x449250 ConvertDefaultLocale
0x449254 EnumResourceLanguagesA
0x449258 GetModuleFileNameA
0x44925c GetLocaleInfoA
0x449260 InterlockedExchange
0x449264 lstrcmpA
0x449268 GlobalAlloc
0x44926c GetCurrentThreadId
0x449270 GlobalGetAtomNameA
0x449274 GlobalAddAtomA
0x449278 GlobalFindAtomA
0x44927c GlobalDeleteAtom
0x449280 FreeLibrary
0x449284 CompareStringA
0x449288 MultiByteToWideChar
0x44928c lstrcmpW
0x449290 GetVersionExA
0x449294 lstrlenA
0x449298 SetLastError
0x44929c GetProcAddress
0x4492a0 GetModuleHandleA
0x4492a4 LoadLibraryA
0x4492a8 GlobalLock
0x4492ac GlobalUnlock
0x4492b0 GlobalFree
0x4492b4 FreeResource
0x4492b8 GetLastError
0x4492bc GetTickCount
0x4492c0 FindResourceA
0x4492c4 LoadResource
0x4492c8 LockResource
0x4492cc SizeofResource
0x4492d0 WideCharToMultiByte
0x4492d4 VirtualFree
0x4492d8 LoadLibraryExW
USER32.dll
0x44932c UnregisterClassA
0x449330 RegisterClipboardFormatA
0x449334 PostThreadMessageA
0x449338 EndPaint
0x44933c BeginPaint
0x449340 GetWindowDC
0x449344 ClientToScreen
0x449348 GrayStringA
0x44934c DrawTextExA
0x449350 TabbedTextOutA
0x449354 DestroyMenu
0x449358 GetWindowThreadProcessId
0x44935c GetMessageA
0x449360 TranslateMessage
0x449364 ValidateRect
0x449368 SetWindowContextHelpId
0x44936c MapDialogRect
0x449370 PostQuitMessage
0x449374 SetMenuItemBitmaps
0x449378 GetMenuCheckMarkDimensions
0x44937c LoadBitmapA
0x449380 ModifyMenuA
0x449384 GetMenuState
0x449388 EnableMenuItem
0x44938c CheckMenuItem
0x449390 IsDialogMessageA
0x449394 SetDlgItemInt
0x449398 GetDlgItemInt
0x44939c RegisterWindowMessageA
0x4493a0 WinHelpA
0x4493a4 IsChild
0x4493a8 GetCapture
0x4493ac SetWindowsHookExA
0x4493b0 CallNextHookEx
0x4493b4 GetClassLongA
0x4493b8 GetClassNameA
0x4493bc CharUpperA
0x4493c0 GetPropA
0x4493c4 RemovePropA
0x4493c8 GetFocus
0x4493cc GetForegroundWindow
0x4493d0 GetLastActivePopup
0x4493d4 DispatchMessageA
0x4493d8 GetTopWindow
0x4493dc UnhookWindowsHookEx
0x4493e0 GetMessageTime
0x4493e4 GetMessagePos
0x4493e8 PeekMessageA
0x4493ec MapWindowPoints
0x4493f0 SetMenu
0x4493f4 SetForegroundWindow
0x4493f8 IsWindowVisible
0x4493fc GetSubMenu
0x449400 GetMenuItemID
0x449404 GetMenuItemCount
0x449408 MessageBoxA
0x44940c GetClassInfoExA
0x449410 GetSysColor
0x449414 AdjustWindowRectEx
0x449418 EqualRect
0x44941c GetDlgCtrlID
0x449420 GetMenu
0x449424 SetWindowPos
0x449428 OffsetRect
0x44942c IntersectRect
0x449430 SystemParametersInfoA
0x449434 GetWindowPlacement
0x449438 GetWindowRect
0x44943c GetWindow
0x449440 CopyRect
0x449444 EnableWindow
0x449448 SendMessageA
0x44944c LoadIconA
0x449450 GetSystemMenu
0x449454 GetDesktopWindow
0x449458 GetActiveWindow
0x44945c SetActiveWindow
0x449460 CreateDialogIndirectParamA
0x449464 DestroyWindow
0x449468 IsWindow
0x44946c GetDlgItem
0x449470 IsWindowEnabled
0x449474 GetNextDlgTabItem
0x449478 EndDialog
0x44947c PostMessageA
0x449480 CallWindowProcA
0x449484 SetWindowTextA
0x449488 MessageBeep
0x44948c GetNextDlgGroupItem
0x449490 InvalidateRgn
0x449494 IsRectEmpty
0x449498 CopyAcceleratorTableA
0x44949c CharNextA
0x4494a0 SetPropA
0x4494a4 GetSysColorBrush
0x4494a8 AppendMenuA
0x4494ac IsIconic
0x4494b0 GetSystemMetrics
0x4494b4 GetClientRect
0x4494b8 DrawIcon
0x4494bc InvalidateRect
0x4494c0 SetWindowLongA
0x4494c4 GetParent
0x4494c8 RegisterClassA
0x4494cc GetClassInfoA
0x4494d0 SetFocus
0x4494d4 UpdateWindow
0x4494d8 CreateWindowExA
0x4494dc GetWindowLongA
0x4494e0 LoadCursorA
0x4494e4 DestroyCursor
0x4494e8 FillRect
0x4494ec SetRect
0x4494f0 DrawTextA
0x4494f4 InflateRect
0x4494f8 SetScrollPos
0x4494fc ShowWindow
0x449500 GetWindowTextA
0x449504 ReleaseDC
0x449508 GetDC
0x44950c SetScrollRange
0x449510 GetScrollInfo
0x449514 GetKeyState
0x449518 SetCapture
0x44951c PtInRect
0x449520 KillTimer
0x449524 ReleaseCapture
0x449528 SetTimer
0x44952c SetCursor
0x449530 ScreenToClient
0x449534 GetCursorPos
0x449538 DefWindowProcA
0x44953c MoveWindow
0x449540 SendDlgItemMessageA
GDI32.dll
0x449030 OffsetViewportOrgEx
0x449034 SetViewportExtEx
0x449038 ScaleViewportExtEx
0x44903c SetWindowExtEx
0x449040 ScaleWindowExtEx
0x449044 ExtSelectClipRgn
0x449048 SetViewportOrgEx
0x44904c GetMapMode
0x449050 GetBkColor
0x449054 GetTextColor
0x449058 GetRgnBox
0x44905c TextOutA
0x449060 Escape
0x449064 RectVisible
0x449068 PtVisible
0x44906c GetWindowExtEx
0x449070 GetViewportExtEx
0x449074 GetStockObject
0x449078 SetMapMode
0x44907c RestoreDC
0x449080 SaveDC
0x449084 GetDeviceCaps
0x449088 ExtTextOutA
0x44908c CreateBitmap
0x449090 SetBkColor
0x449094 SetTextColor
0x449098 CreateRectRgnIndirect
0x44909c BitBlt
0x4490a0 DeleteDC
0x4490a4 CreateCompatibleDC
0x4490a8 CreateCompatibleBitmap
0x4490ac SetWindowOrgEx
0x4490b0 SetBkMode
0x4490b4 SetROP2
0x4490b8 SelectObject
0x4490bc MoveToEx
0x4490c0 LineTo
0x4490c4 GetClipBox
0x4490c8 GetObjectA
0x4490cc CreateFontIndirectA
0x4490d0 DeleteObject
0x4490d4 CreatePen
0x4490d8 CreateSolidBrush
COMDLG32.dll
0x449028 GetFileTitleA
WINSPOOL.DRV
0x449548 DocumentPropertiesA
0x44954c ClosePrinter
0x449550 OpenPrinterA
ADVAPI32.dll
0x449000 RegSetValueExA
0x449004 RegCreateKeyExA
0x449008 RegQueryValueA
0x44900c RegOpenKeyA
0x449010 RegEnumKeyA
0x449014 RegDeleteKeyA
0x449018 RegOpenKeyExA
0x44901c RegQueryValueExA
0x449020 RegCloseKey
SHLWAPI.dll
0x449318 PathFindFileNameA
0x44931c PathStripToRootA
0x449320 PathIsUNCA
0x449324 PathFindExtensionA
oledlg.dll
0x449598 None
ole32.dll
0x449558 CoRevokeClassObject
0x44955c OleInitialize
0x449560 CoFreeUnusedLibraries
0x449564 OleUninitialize
0x449568 CreateILockBytesOnHGlobal
0x44956c StgCreateDocfileOnILockBytes
0x449570 StgOpenStorageOnILockBytes
0x449574 CoGetClassObject
0x449578 OleIsCurrentClipboard
0x44957c CoTaskMemAlloc
0x449580 CoTaskMemFree
0x449584 CLSIDFromString
0x449588 CLSIDFromProgID
0x44958c OleFlushClipboard
0x449590 CoRegisterMessageFilter
OLEAUT32.dll
0x4492e0 VariantChangeType
0x4492e4 VariantInit
0x4492e8 SysAllocStringLen
0x4492ec SysFreeString
0x4492f0 SysStringLen
0x4492f4 SysAllocStringByteLen
0x4492f8 OleCreateFontIndirect
0x4492fc VariantTimeToSystemTime
0x449300 SystemTimeToVariantTime
0x449304 SafeArrayDestroy
0x449308 SysAllocString
0x44930c VariantCopy
0x449310 VariantClear
EAT(Export Address Table) is none