ScreenShot
| Created | 2024.10.25 10:43 | Machine | s1_win7_x6401 |
| Filename | RDPConf.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 38 detected (AIDetectMalware, RDPWrap, Malicious, score, Infected, Misc, RemoteAdmin, Unsafe, RemoteTool, Undefined, YzY0OqssLIp, 7y4i, PrivacyRisk, Tool, HackTool, Radmin, remote, access, Detected, NetTool, RemoteApp, ABApplication, KVPF, RemAdm, Neshta, FileInfector, Gencirc, susgen) | ||
| md5 | 03fb8e478f4ba100d37a136231fa2f78 | ||
| sha256 | 3c0e5d6863b03283afda9bd188501757d47dc57fc4bba2bdbb0d9baa34487fe0 | ||
| ssdeep | 24576:JwewFB5btX9uALSTRMab+wBySRX7ADs9UXOAPOA:At9UMSJADsaXOAPOA | ||
| imphash | 401f49861c03e27b1837ef48b7fb06e2 | ||
| impfuzzy | 192:ocqNeRuujhEUh99/eoINeKMF9iIh1qhPxxePOQVzA:ANyj59Nhw41wxUPOQVk | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 38 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | Checks amount of memory in system |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x4c593c SysFreeString
0x4c5940 SysReAllocStringLen
0x4c5944 SysAllocStringLen
advapi32.dll
0x4c594c RegQueryValueExW
0x4c5950 RegOpenKeyExW
0x4c5954 RegCloseKey
user32.dll
0x4c595c LoadStringW
0x4c5960 MessageBoxA
0x4c5964 CharNextW
kernel32.dll
0x4c596c lstrcmpiA
0x4c5970 LoadLibraryA
0x4c5974 LocalFree
0x4c5978 LocalAlloc
0x4c597c GetACP
0x4c5980 Sleep
0x4c5984 VirtualFree
0x4c5988 VirtualAlloc
0x4c598c GetSystemInfo
0x4c5990 GetTickCount
0x4c5994 QueryPerformanceCounter
0x4c5998 GetVersion
0x4c599c GetCurrentThreadId
0x4c59a0 VirtualQuery
0x4c59a4 WideCharToMultiByte
0x4c59a8 MultiByteToWideChar
0x4c59ac lstrlenW
0x4c59b0 lstrcpynW
0x4c59b4 LoadLibraryExW
0x4c59b8 IsValidLocale
0x4c59bc GetSystemDefaultUILanguage
0x4c59c0 GetStartupInfoA
0x4c59c4 GetProcAddress
0x4c59c8 GetModuleHandleW
0x4c59cc GetModuleFileNameW
0x4c59d0 GetUserDefaultUILanguage
0x4c59d4 GetLocaleInfoW
0x4c59d8 GetLastError
0x4c59dc GetCommandLineW
0x4c59e0 FreeLibrary
0x4c59e4 FindFirstFileW
0x4c59e8 FindClose
0x4c59ec ExitProcess
0x4c59f0 ExitThread
0x4c59f4 CreateThread
0x4c59f8 CompareStringW
0x4c59fc WriteFile
0x4c5a00 UnhandledExceptionFilter
0x4c5a04 RtlUnwind
0x4c5a08 RaiseException
0x4c5a0c GetStdHandle
0x4c5a10 DeleteCriticalSection
0x4c5a14 LeaveCriticalSection
0x4c5a18 EnterCriticalSection
0x4c5a1c InitializeCriticalSection
0x4c5a20 CloseHandle
kernel32.dll
0x4c5a28 TlsSetValue
0x4c5a2c TlsGetValue
0x4c5a30 LocalAlloc
0x4c5a34 GetModuleHandleW
user32.dll
0x4c5a3c CreateWindowExW
0x4c5a40 WindowFromPoint
0x4c5a44 WaitMessage
0x4c5a48 UpdateWindow
0x4c5a4c UnregisterClassW
0x4c5a50 UnhookWindowsHookEx
0x4c5a54 TranslateMessage
0x4c5a58 TranslateMDISysAccel
0x4c5a5c TrackPopupMenu
0x4c5a60 SystemParametersInfoW
0x4c5a64 ShowWindow
0x4c5a68 ShowScrollBar
0x4c5a6c ShowOwnedPopups
0x4c5a70 SetWindowsHookExW
0x4c5a74 SetWindowTextW
0x4c5a78 SetWindowPos
0x4c5a7c SetWindowPlacement
0x4c5a80 SetWindowLongW
0x4c5a84 SetTimer
0x4c5a88 SetScrollRange
0x4c5a8c SetScrollPos
0x4c5a90 SetScrollInfo
0x4c5a94 SetRect
0x4c5a98 SetPropW
0x4c5a9c SetParent
0x4c5aa0 SetMenuItemInfoW
0x4c5aa4 SetMenu
0x4c5aa8 SetForegroundWindow
0x4c5aac SetFocus
0x4c5ab0 SetCursorPos
0x4c5ab4 SetCursor
0x4c5ab8 SetClassLongW
0x4c5abc SetCapture
0x4c5ac0 SetActiveWindow
0x4c5ac4 SendMessageA
0x4c5ac8 SendMessageW
0x4c5acc ScrollWindow
0x4c5ad0 ScreenToClient
0x4c5ad4 RemovePropW
0x4c5ad8 RemoveMenu
0x4c5adc ReleaseDC
0x4c5ae0 ReleaseCapture
0x4c5ae4 RegisterWindowMessageW
0x4c5ae8 RegisterClipboardFormatW
0x4c5aec RegisterClassW
0x4c5af0 RedrawWindow
0x4c5af4 PostQuitMessage
0x4c5af8 PostMessageW
0x4c5afc PeekMessageA
0x4c5b00 PeekMessageW
0x4c5b04 OffsetRect
0x4c5b08 MsgWaitForMultipleObjectsEx
0x4c5b0c MsgWaitForMultipleObjects
0x4c5b10 MessageBoxW
0x4c5b14 MessageBeep
0x4c5b18 MapWindowPoints
0x4c5b1c MapVirtualKeyW
0x4c5b20 LoadStringW
0x4c5b24 LoadKeyboardLayoutW
0x4c5b28 LoadIconW
0x4c5b2c LoadCursorW
0x4c5b30 LoadBitmapW
0x4c5b34 KillTimer
0x4c5b38 IsZoomed
0x4c5b3c IsWindowVisible
0x4c5b40 IsWindowUnicode
0x4c5b44 IsWindowEnabled
0x4c5b48 IsWindow
0x4c5b4c IsIconic
0x4c5b50 IsDialogMessageA
0x4c5b54 IsDialogMessageW
0x4c5b58 IsChild
0x4c5b5c InvalidateRect
0x4c5b60 IntersectRect
0x4c5b64 InsertMenuItemW
0x4c5b68 InsertMenuW
0x4c5b6c InflateRect
0x4c5b70 GetWindowThreadProcessId
0x4c5b74 GetWindowTextW
0x4c5b78 GetWindowRect
0x4c5b7c GetWindowPlacement
0x4c5b80 GetWindowLongW
0x4c5b84 GetWindowDC
0x4c5b88 GetTopWindow
0x4c5b8c GetSystemMetrics
0x4c5b90 GetSystemMenu
0x4c5b94 GetSysColorBrush
0x4c5b98 GetSysColor
0x4c5b9c GetSubMenu
0x4c5ba0 GetScrollRange
0x4c5ba4 GetScrollPos
0x4c5ba8 GetScrollInfo
0x4c5bac GetPropW
0x4c5bb0 GetParent
0x4c5bb4 GetWindow
0x4c5bb8 GetMessagePos
0x4c5bbc GetMessageExtraInfo
0x4c5bc0 GetMenuStringW
0x4c5bc4 GetMenuState
0x4c5bc8 GetMenuItemInfoW
0x4c5bcc GetMenuItemID
0x4c5bd0 GetMenuItemCount
0x4c5bd4 GetMenu
0x4c5bd8 GetLastActivePopup
0x4c5bdc GetKeyboardState
0x4c5be0 GetKeyboardLayoutNameW
0x4c5be4 GetKeyboardLayoutList
0x4c5be8 GetKeyboardLayout
0x4c5bec GetKeyState
0x4c5bf0 GetKeyNameTextW
0x4c5bf4 GetIconInfo
0x4c5bf8 GetForegroundWindow
0x4c5bfc GetFocus
0x4c5c00 GetDesktopWindow
0x4c5c04 GetDCEx
0x4c5c08 GetDC
0x4c5c0c GetCursorPos
0x4c5c10 GetCursor
0x4c5c14 GetClientRect
0x4c5c18 GetClassLongW
0x4c5c1c GetClassInfoW
0x4c5c20 GetCapture
0x4c5c24 GetActiveWindow
0x4c5c28 FrameRect
0x4c5c2c FindWindowExW
0x4c5c30 FindWindowW
0x4c5c34 FillRect
0x4c5c38 EnumWindows
0x4c5c3c EnumThreadWindows
0x4c5c40 EnumChildWindows
0x4c5c44 EndPaint
0x4c5c48 EndDeferWindowPos
0x4c5c4c EnableWindow
0x4c5c50 EnableScrollBar
0x4c5c54 EnableMenuItem
0x4c5c58 DrawTextExW
0x4c5c5c DrawTextW
0x4c5c60 DrawMenuBar
0x4c5c64 DrawIconEx
0x4c5c68 DrawIcon
0x4c5c6c DrawFrameControl
0x4c5c70 DrawFocusRect
0x4c5c74 DrawEdge
0x4c5c78 DispatchMessageA
0x4c5c7c DispatchMessageW
0x4c5c80 DestroyWindow
0x4c5c84 DestroyMenu
0x4c5c88 DestroyIcon
0x4c5c8c DestroyCursor
0x4c5c90 DeleteMenu
0x4c5c94 DeferWindowPos
0x4c5c98 DefWindowProcW
0x4c5c9c DefMDIChildProcW
0x4c5ca0 DefFrameProcW
0x4c5ca4 CreatePopupMenu
0x4c5ca8 CreateMenu
0x4c5cac CreateIcon
0x4c5cb0 CreateAcceleratorTableW
0x4c5cb4 CopyIcon
0x4c5cb8 ClientToScreen
0x4c5cbc CheckMenuItem
0x4c5cc0 CharUpperBuffW
0x4c5cc4 CharNextW
0x4c5cc8 CharLowerW
0x4c5ccc CallWindowProcW
0x4c5cd0 CallNextHookEx
0x4c5cd4 BeginPaint
0x4c5cd8 BeginDeferWindowPos
0x4c5cdc AdjustWindowRectEx
0x4c5ce0 ActivateKeyboardLayout
msimg32.dll
0x4c5ce8 AlphaBlend
gdi32.dll
0x4c5cf0 UnrealizeObject
0x4c5cf4 StretchDIBits
0x4c5cf8 StretchBlt
0x4c5cfc StartPage
0x4c5d00 StartDocW
0x4c5d04 SetWindowOrgEx
0x4c5d08 SetViewportOrgEx
0x4c5d0c SetTextColor
0x4c5d10 SetStretchBltMode
0x4c5d14 SetROP2
0x4c5d18 SetPixel
0x4c5d1c SetDIBits
0x4c5d20 SetDIBColorTable
0x4c5d24 SetBrushOrgEx
0x4c5d28 SetBkMode
0x4c5d2c SetBkColor
0x4c5d30 SetAbortProc
0x4c5d34 SelectPalette
0x4c5d38 SelectObject
0x4c5d3c SelectClipRgn
0x4c5d40 SaveDC
0x4c5d44 RoundRect
0x4c5d48 RestoreDC
0x4c5d4c Rectangle
0x4c5d50 RectVisible
0x4c5d54 RealizePalette
0x4c5d58 Polyline
0x4c5d5c Polygon
0x4c5d60 PolyBezierTo
0x4c5d64 PolyBezier
0x4c5d68 Pie
0x4c5d6c PatBlt
0x4c5d70 MoveToEx
0x4c5d74 MaskBlt
0x4c5d78 LineTo
0x4c5d7c IntersectClipRect
0x4c5d80 GetWindowOrgEx
0x4c5d84 GetTextMetricsW
0x4c5d88 GetTextExtentPoint32W
0x4c5d8c GetSystemPaletteEntries
0x4c5d90 GetStockObject
0x4c5d94 GetRgnBox
0x4c5d98 GetPixel
0x4c5d9c GetPaletteEntries
0x4c5da0 GetObjectW
0x4c5da4 GetDeviceCaps
0x4c5da8 GetDIBits
0x4c5dac GetDIBColorTable
0x4c5db0 GetDCOrgEx
0x4c5db4 GetCurrentPositionEx
0x4c5db8 GetClipBox
0x4c5dbc GetBrushOrgEx
0x4c5dc0 GetBitmapBits
0x4c5dc4 FrameRgn
0x4c5dc8 ExtTextOutW
0x4c5dcc ExtFloodFill
0x4c5dd0 ExcludeClipRect
0x4c5dd4 EnumFontsW
0x4c5dd8 EnumFontFamiliesExW
0x4c5ddc EndPage
0x4c5de0 EndDoc
0x4c5de4 Ellipse
0x4c5de8 DeleteObject
0x4c5dec DeleteDC
0x4c5df0 CreateSolidBrush
0x4c5df4 CreateRectRgn
0x4c5df8 CreatePenIndirect
0x4c5dfc CreatePalette
0x4c5e00 CreateICW
0x4c5e04 CreateHalftonePalette
0x4c5e08 CreateFontIndirectW
0x4c5e0c CreateDIBitmap
0x4c5e10 CreateDIBSection
0x4c5e14 CreateDCW
0x4c5e18 CreateCompatibleDC
0x4c5e1c CreateCompatibleBitmap
0x4c5e20 CreateBrushIndirect
0x4c5e24 CreateBitmap
0x4c5e28 Chord
0x4c5e2c BitBlt
0x4c5e30 Arc
0x4c5e34 AbortDoc
version.dll
0x4c5e3c VerQueryValueW
0x4c5e40 GetFileVersionInfoSizeW
0x4c5e44 GetFileVersionInfoW
kernel32.dll
0x4c5e4c lstrcpyW
0x4c5e50 WriteFile
0x4c5e54 WideCharToMultiByte
0x4c5e58 WaitForSingleObject
0x4c5e5c WaitForMultipleObjectsEx
0x4c5e60 VirtualQueryEx
0x4c5e64 VirtualQuery
0x4c5e68 VirtualFree
0x4c5e6c VirtualAlloc
0x4c5e70 TryEnterCriticalSection
0x4c5e74 SwitchToThread
0x4c5e78 SuspendThread
0x4c5e7c SizeofResource
0x4c5e80 SignalObjectAndWait
0x4c5e84 SetThreadPriority
0x4c5e88 SetThreadLocale
0x4c5e8c SetLastError
0x4c5e90 SetFilePointer
0x4c5e94 SetEvent
0x4c5e98 SetErrorMode
0x4c5e9c SetEndOfFile
0x4c5ea0 ResumeThread
0x4c5ea4 ResetEvent
0x4c5ea8 ReadFile
0x4c5eac RaiseException
0x4c5eb0 IsDebuggerPresent
0x4c5eb4 MultiByteToWideChar
0x4c5eb8 MulDiv
0x4c5ebc LockResource
0x4c5ec0 LoadResource
0x4c5ec4 LoadLibraryExW
0x4c5ec8 LoadLibraryW
0x4c5ecc LeaveCriticalSection
0x4c5ed0 InitializeCriticalSection
0x4c5ed4 GlobalUnlock
0x4c5ed8 GlobalLock
0x4c5edc GlobalFree
0x4c5ee0 GlobalFindAtomW
0x4c5ee4 GlobalDeleteAtom
0x4c5ee8 GlobalAlloc
0x4c5eec GlobalAddAtomW
0x4c5ef0 GetVersionExW
0x4c5ef4 GetVersion
0x4c5ef8 GetTickCount
0x4c5efc GetThreadPriority
0x4c5f00 GetThreadLocale
0x4c5f04 GetNativeSystemInfo
0x4c5f08 GetStdHandle
0x4c5f0c GetProcAddress
0x4c5f10 GetModuleHandleW
0x4c5f14 GetModuleFileNameW
0x4c5f18 GetLocaleInfoW
0x4c5f1c GetLocalTime
0x4c5f20 GetLastError
0x4c5f24 GetFullPathNameW
0x4c5f28 GetFileAttributesW
0x4c5f2c GetExitCodeThread
0x4c5f30 GetDiskFreeSpaceW
0x4c5f34 GetDateFormatW
0x4c5f38 GetCurrentThreadId
0x4c5f3c GetCurrentThread
0x4c5f40 GetCurrentProcessId
0x4c5f44 GetCurrentProcess
0x4c5f48 GetCPInfo
0x4c5f4c FreeResource
0x4c5f50 InterlockedExchangeAdd
0x4c5f54 InterlockedExchange
0x4c5f58 InterlockedCompareExchange
0x4c5f5c FreeLibrary
0x4c5f60 FormatMessageW
0x4c5f64 FindResourceW
0x4c5f68 FindFirstFileW
0x4c5f6c FindClose
0x4c5f70 ExpandEnvironmentStringsW
0x4c5f74 EnumCalendarInfoW
0x4c5f78 EnterCriticalSection
0x4c5f7c DeleteCriticalSection
0x4c5f80 CreateThread
0x4c5f84 CreateProcessW
0x4c5f88 CreateFileW
0x4c5f8c CreateEventW
0x4c5f90 CompareStringW
0x4c5f94 CloseHandle
advapi32.dll
0x4c5f9c RegUnLoadKeyW
0x4c5fa0 RegSetValueExW
0x4c5fa4 RegSaveKeyW
0x4c5fa8 RegRestoreKeyW
0x4c5fac RegReplaceKeyW
0x4c5fb0 RegQueryValueExW
0x4c5fb4 RegQueryInfoKeyW
0x4c5fb8 RegOpenKeyExW
0x4c5fbc RegLoadKeyW
0x4c5fc0 RegFlushKey
0x4c5fc4 RegEnumValueW
0x4c5fc8 RegEnumKeyExW
0x4c5fcc RegDeleteValueW
0x4c5fd0 RegDeleteKeyW
0x4c5fd4 RegCreateKeyExW
0x4c5fd8 RegConnectRegistryW
0x4c5fdc RegCloseKey
ole32.dll
0x4c5fe4 OleUninitialize
0x4c5fe8 OleInitialize
comctl32.dll
0x4c5ff0 InitializeFlatSB
0x4c5ff4 FlatSB_SetScrollProp
0x4c5ff8 FlatSB_SetScrollPos
0x4c5ffc FlatSB_SetScrollInfo
0x4c6000 FlatSB_GetScrollPos
0x4c6004 FlatSB_GetScrollInfo
0x4c6008 _TrackMouseEvent
0x4c600c ImageList_GetImageInfo
0x4c6010 ImageList_SetIconSize
0x4c6014 ImageList_GetIconSize
0x4c6018 ImageList_Write
0x4c601c ImageList_Read
0x4c6020 ImageList_GetDragImage
0x4c6024 ImageList_DragShowNolock
0x4c6028 ImageList_DragMove
0x4c602c ImageList_DragLeave
0x4c6030 ImageList_DragEnter
0x4c6034 ImageList_EndDrag
0x4c6038 ImageList_BeginDrag
0x4c603c ImageList_Copy
0x4c6040 ImageList_LoadImageW
0x4c6044 ImageList_GetIcon
0x4c6048 ImageList_Remove
0x4c604c ImageList_DrawEx
0x4c6050 ImageList_Replace
0x4c6054 ImageList_Draw
0x4c6058 ImageList_SetOverlayImage
0x4c605c ImageList_GetBkColor
0x4c6060 ImageList_SetBkColor
0x4c6064 ImageList_ReplaceIcon
0x4c6068 ImageList_Add
0x4c606c ImageList_SetImageCount
0x4c6070 ImageList_GetImageCount
0x4c6074 ImageList_Destroy
0x4c6078 ImageList_Create
kernel32.dll
0x4c6080 Sleep
oleaut32.dll
0x4c6088 SafeArrayPtrOfIndex
0x4c608c SafeArrayGetUBound
0x4c6090 SafeArrayGetLBound
0x4c6094 SafeArrayCreate
0x4c6098 VariantChangeType
0x4c609c VariantCopy
0x4c60a0 VariantClear
0x4c60a4 VariantInit
winspool.drv
0x4c60ac OpenPrinterW
0x4c60b0 EnumPrintersW
0x4c60b4 DocumentPropertiesW
0x4c60b8 ClosePrinter
winspool.drv
0x4c60c0 GetDefaultPrinterW
advapi32.dll
0x4c60c8 QueryServiceStatusEx
0x4c60cc OpenServiceW
0x4c60d0 OpenSCManagerW
0x4c60d4 CloseServiceHandle
winsta.dll
0x4c60dc WinStationFreeMemory
0x4c60e0 WinStationEnumerateW
EAT(Export Address Table) is none
oleaut32.dll
0x4c593c SysFreeString
0x4c5940 SysReAllocStringLen
0x4c5944 SysAllocStringLen
advapi32.dll
0x4c594c RegQueryValueExW
0x4c5950 RegOpenKeyExW
0x4c5954 RegCloseKey
user32.dll
0x4c595c LoadStringW
0x4c5960 MessageBoxA
0x4c5964 CharNextW
kernel32.dll
0x4c596c lstrcmpiA
0x4c5970 LoadLibraryA
0x4c5974 LocalFree
0x4c5978 LocalAlloc
0x4c597c GetACP
0x4c5980 Sleep
0x4c5984 VirtualFree
0x4c5988 VirtualAlloc
0x4c598c GetSystemInfo
0x4c5990 GetTickCount
0x4c5994 QueryPerformanceCounter
0x4c5998 GetVersion
0x4c599c GetCurrentThreadId
0x4c59a0 VirtualQuery
0x4c59a4 WideCharToMultiByte
0x4c59a8 MultiByteToWideChar
0x4c59ac lstrlenW
0x4c59b0 lstrcpynW
0x4c59b4 LoadLibraryExW
0x4c59b8 IsValidLocale
0x4c59bc GetSystemDefaultUILanguage
0x4c59c0 GetStartupInfoA
0x4c59c4 GetProcAddress
0x4c59c8 GetModuleHandleW
0x4c59cc GetModuleFileNameW
0x4c59d0 GetUserDefaultUILanguage
0x4c59d4 GetLocaleInfoW
0x4c59d8 GetLastError
0x4c59dc GetCommandLineW
0x4c59e0 FreeLibrary
0x4c59e4 FindFirstFileW
0x4c59e8 FindClose
0x4c59ec ExitProcess
0x4c59f0 ExitThread
0x4c59f4 CreateThread
0x4c59f8 CompareStringW
0x4c59fc WriteFile
0x4c5a00 UnhandledExceptionFilter
0x4c5a04 RtlUnwind
0x4c5a08 RaiseException
0x4c5a0c GetStdHandle
0x4c5a10 DeleteCriticalSection
0x4c5a14 LeaveCriticalSection
0x4c5a18 EnterCriticalSection
0x4c5a1c InitializeCriticalSection
0x4c5a20 CloseHandle
kernel32.dll
0x4c5a28 TlsSetValue
0x4c5a2c TlsGetValue
0x4c5a30 LocalAlloc
0x4c5a34 GetModuleHandleW
user32.dll
0x4c5a3c CreateWindowExW
0x4c5a40 WindowFromPoint
0x4c5a44 WaitMessage
0x4c5a48 UpdateWindow
0x4c5a4c UnregisterClassW
0x4c5a50 UnhookWindowsHookEx
0x4c5a54 TranslateMessage
0x4c5a58 TranslateMDISysAccel
0x4c5a5c TrackPopupMenu
0x4c5a60 SystemParametersInfoW
0x4c5a64 ShowWindow
0x4c5a68 ShowScrollBar
0x4c5a6c ShowOwnedPopups
0x4c5a70 SetWindowsHookExW
0x4c5a74 SetWindowTextW
0x4c5a78 SetWindowPos
0x4c5a7c SetWindowPlacement
0x4c5a80 SetWindowLongW
0x4c5a84 SetTimer
0x4c5a88 SetScrollRange
0x4c5a8c SetScrollPos
0x4c5a90 SetScrollInfo
0x4c5a94 SetRect
0x4c5a98 SetPropW
0x4c5a9c SetParent
0x4c5aa0 SetMenuItemInfoW
0x4c5aa4 SetMenu
0x4c5aa8 SetForegroundWindow
0x4c5aac SetFocus
0x4c5ab0 SetCursorPos
0x4c5ab4 SetCursor
0x4c5ab8 SetClassLongW
0x4c5abc SetCapture
0x4c5ac0 SetActiveWindow
0x4c5ac4 SendMessageA
0x4c5ac8 SendMessageW
0x4c5acc ScrollWindow
0x4c5ad0 ScreenToClient
0x4c5ad4 RemovePropW
0x4c5ad8 RemoveMenu
0x4c5adc ReleaseDC
0x4c5ae0 ReleaseCapture
0x4c5ae4 RegisterWindowMessageW
0x4c5ae8 RegisterClipboardFormatW
0x4c5aec RegisterClassW
0x4c5af0 RedrawWindow
0x4c5af4 PostQuitMessage
0x4c5af8 PostMessageW
0x4c5afc PeekMessageA
0x4c5b00 PeekMessageW
0x4c5b04 OffsetRect
0x4c5b08 MsgWaitForMultipleObjectsEx
0x4c5b0c MsgWaitForMultipleObjects
0x4c5b10 MessageBoxW
0x4c5b14 MessageBeep
0x4c5b18 MapWindowPoints
0x4c5b1c MapVirtualKeyW
0x4c5b20 LoadStringW
0x4c5b24 LoadKeyboardLayoutW
0x4c5b28 LoadIconW
0x4c5b2c LoadCursorW
0x4c5b30 LoadBitmapW
0x4c5b34 KillTimer
0x4c5b38 IsZoomed
0x4c5b3c IsWindowVisible
0x4c5b40 IsWindowUnicode
0x4c5b44 IsWindowEnabled
0x4c5b48 IsWindow
0x4c5b4c IsIconic
0x4c5b50 IsDialogMessageA
0x4c5b54 IsDialogMessageW
0x4c5b58 IsChild
0x4c5b5c InvalidateRect
0x4c5b60 IntersectRect
0x4c5b64 InsertMenuItemW
0x4c5b68 InsertMenuW
0x4c5b6c InflateRect
0x4c5b70 GetWindowThreadProcessId
0x4c5b74 GetWindowTextW
0x4c5b78 GetWindowRect
0x4c5b7c GetWindowPlacement
0x4c5b80 GetWindowLongW
0x4c5b84 GetWindowDC
0x4c5b88 GetTopWindow
0x4c5b8c GetSystemMetrics
0x4c5b90 GetSystemMenu
0x4c5b94 GetSysColorBrush
0x4c5b98 GetSysColor
0x4c5b9c GetSubMenu
0x4c5ba0 GetScrollRange
0x4c5ba4 GetScrollPos
0x4c5ba8 GetScrollInfo
0x4c5bac GetPropW
0x4c5bb0 GetParent
0x4c5bb4 GetWindow
0x4c5bb8 GetMessagePos
0x4c5bbc GetMessageExtraInfo
0x4c5bc0 GetMenuStringW
0x4c5bc4 GetMenuState
0x4c5bc8 GetMenuItemInfoW
0x4c5bcc GetMenuItemID
0x4c5bd0 GetMenuItemCount
0x4c5bd4 GetMenu
0x4c5bd8 GetLastActivePopup
0x4c5bdc GetKeyboardState
0x4c5be0 GetKeyboardLayoutNameW
0x4c5be4 GetKeyboardLayoutList
0x4c5be8 GetKeyboardLayout
0x4c5bec GetKeyState
0x4c5bf0 GetKeyNameTextW
0x4c5bf4 GetIconInfo
0x4c5bf8 GetForegroundWindow
0x4c5bfc GetFocus
0x4c5c00 GetDesktopWindow
0x4c5c04 GetDCEx
0x4c5c08 GetDC
0x4c5c0c GetCursorPos
0x4c5c10 GetCursor
0x4c5c14 GetClientRect
0x4c5c18 GetClassLongW
0x4c5c1c GetClassInfoW
0x4c5c20 GetCapture
0x4c5c24 GetActiveWindow
0x4c5c28 FrameRect
0x4c5c2c FindWindowExW
0x4c5c30 FindWindowW
0x4c5c34 FillRect
0x4c5c38 EnumWindows
0x4c5c3c EnumThreadWindows
0x4c5c40 EnumChildWindows
0x4c5c44 EndPaint
0x4c5c48 EndDeferWindowPos
0x4c5c4c EnableWindow
0x4c5c50 EnableScrollBar
0x4c5c54 EnableMenuItem
0x4c5c58 DrawTextExW
0x4c5c5c DrawTextW
0x4c5c60 DrawMenuBar
0x4c5c64 DrawIconEx
0x4c5c68 DrawIcon
0x4c5c6c DrawFrameControl
0x4c5c70 DrawFocusRect
0x4c5c74 DrawEdge
0x4c5c78 DispatchMessageA
0x4c5c7c DispatchMessageW
0x4c5c80 DestroyWindow
0x4c5c84 DestroyMenu
0x4c5c88 DestroyIcon
0x4c5c8c DestroyCursor
0x4c5c90 DeleteMenu
0x4c5c94 DeferWindowPos
0x4c5c98 DefWindowProcW
0x4c5c9c DefMDIChildProcW
0x4c5ca0 DefFrameProcW
0x4c5ca4 CreatePopupMenu
0x4c5ca8 CreateMenu
0x4c5cac CreateIcon
0x4c5cb0 CreateAcceleratorTableW
0x4c5cb4 CopyIcon
0x4c5cb8 ClientToScreen
0x4c5cbc CheckMenuItem
0x4c5cc0 CharUpperBuffW
0x4c5cc4 CharNextW
0x4c5cc8 CharLowerW
0x4c5ccc CallWindowProcW
0x4c5cd0 CallNextHookEx
0x4c5cd4 BeginPaint
0x4c5cd8 BeginDeferWindowPos
0x4c5cdc AdjustWindowRectEx
0x4c5ce0 ActivateKeyboardLayout
msimg32.dll
0x4c5ce8 AlphaBlend
gdi32.dll
0x4c5cf0 UnrealizeObject
0x4c5cf4 StretchDIBits
0x4c5cf8 StretchBlt
0x4c5cfc StartPage
0x4c5d00 StartDocW
0x4c5d04 SetWindowOrgEx
0x4c5d08 SetViewportOrgEx
0x4c5d0c SetTextColor
0x4c5d10 SetStretchBltMode
0x4c5d14 SetROP2
0x4c5d18 SetPixel
0x4c5d1c SetDIBits
0x4c5d20 SetDIBColorTable
0x4c5d24 SetBrushOrgEx
0x4c5d28 SetBkMode
0x4c5d2c SetBkColor
0x4c5d30 SetAbortProc
0x4c5d34 SelectPalette
0x4c5d38 SelectObject
0x4c5d3c SelectClipRgn
0x4c5d40 SaveDC
0x4c5d44 RoundRect
0x4c5d48 RestoreDC
0x4c5d4c Rectangle
0x4c5d50 RectVisible
0x4c5d54 RealizePalette
0x4c5d58 Polyline
0x4c5d5c Polygon
0x4c5d60 PolyBezierTo
0x4c5d64 PolyBezier
0x4c5d68 Pie
0x4c5d6c PatBlt
0x4c5d70 MoveToEx
0x4c5d74 MaskBlt
0x4c5d78 LineTo
0x4c5d7c IntersectClipRect
0x4c5d80 GetWindowOrgEx
0x4c5d84 GetTextMetricsW
0x4c5d88 GetTextExtentPoint32W
0x4c5d8c GetSystemPaletteEntries
0x4c5d90 GetStockObject
0x4c5d94 GetRgnBox
0x4c5d98 GetPixel
0x4c5d9c GetPaletteEntries
0x4c5da0 GetObjectW
0x4c5da4 GetDeviceCaps
0x4c5da8 GetDIBits
0x4c5dac GetDIBColorTable
0x4c5db0 GetDCOrgEx
0x4c5db4 GetCurrentPositionEx
0x4c5db8 GetClipBox
0x4c5dbc GetBrushOrgEx
0x4c5dc0 GetBitmapBits
0x4c5dc4 FrameRgn
0x4c5dc8 ExtTextOutW
0x4c5dcc ExtFloodFill
0x4c5dd0 ExcludeClipRect
0x4c5dd4 EnumFontsW
0x4c5dd8 EnumFontFamiliesExW
0x4c5ddc EndPage
0x4c5de0 EndDoc
0x4c5de4 Ellipse
0x4c5de8 DeleteObject
0x4c5dec DeleteDC
0x4c5df0 CreateSolidBrush
0x4c5df4 CreateRectRgn
0x4c5df8 CreatePenIndirect
0x4c5dfc CreatePalette
0x4c5e00 CreateICW
0x4c5e04 CreateHalftonePalette
0x4c5e08 CreateFontIndirectW
0x4c5e0c CreateDIBitmap
0x4c5e10 CreateDIBSection
0x4c5e14 CreateDCW
0x4c5e18 CreateCompatibleDC
0x4c5e1c CreateCompatibleBitmap
0x4c5e20 CreateBrushIndirect
0x4c5e24 CreateBitmap
0x4c5e28 Chord
0x4c5e2c BitBlt
0x4c5e30 Arc
0x4c5e34 AbortDoc
version.dll
0x4c5e3c VerQueryValueW
0x4c5e40 GetFileVersionInfoSizeW
0x4c5e44 GetFileVersionInfoW
kernel32.dll
0x4c5e4c lstrcpyW
0x4c5e50 WriteFile
0x4c5e54 WideCharToMultiByte
0x4c5e58 WaitForSingleObject
0x4c5e5c WaitForMultipleObjectsEx
0x4c5e60 VirtualQueryEx
0x4c5e64 VirtualQuery
0x4c5e68 VirtualFree
0x4c5e6c VirtualAlloc
0x4c5e70 TryEnterCriticalSection
0x4c5e74 SwitchToThread
0x4c5e78 SuspendThread
0x4c5e7c SizeofResource
0x4c5e80 SignalObjectAndWait
0x4c5e84 SetThreadPriority
0x4c5e88 SetThreadLocale
0x4c5e8c SetLastError
0x4c5e90 SetFilePointer
0x4c5e94 SetEvent
0x4c5e98 SetErrorMode
0x4c5e9c SetEndOfFile
0x4c5ea0 ResumeThread
0x4c5ea4 ResetEvent
0x4c5ea8 ReadFile
0x4c5eac RaiseException
0x4c5eb0 IsDebuggerPresent
0x4c5eb4 MultiByteToWideChar
0x4c5eb8 MulDiv
0x4c5ebc LockResource
0x4c5ec0 LoadResource
0x4c5ec4 LoadLibraryExW
0x4c5ec8 LoadLibraryW
0x4c5ecc LeaveCriticalSection
0x4c5ed0 InitializeCriticalSection
0x4c5ed4 GlobalUnlock
0x4c5ed8 GlobalLock
0x4c5edc GlobalFree
0x4c5ee0 GlobalFindAtomW
0x4c5ee4 GlobalDeleteAtom
0x4c5ee8 GlobalAlloc
0x4c5eec GlobalAddAtomW
0x4c5ef0 GetVersionExW
0x4c5ef4 GetVersion
0x4c5ef8 GetTickCount
0x4c5efc GetThreadPriority
0x4c5f00 GetThreadLocale
0x4c5f04 GetNativeSystemInfo
0x4c5f08 GetStdHandle
0x4c5f0c GetProcAddress
0x4c5f10 GetModuleHandleW
0x4c5f14 GetModuleFileNameW
0x4c5f18 GetLocaleInfoW
0x4c5f1c GetLocalTime
0x4c5f20 GetLastError
0x4c5f24 GetFullPathNameW
0x4c5f28 GetFileAttributesW
0x4c5f2c GetExitCodeThread
0x4c5f30 GetDiskFreeSpaceW
0x4c5f34 GetDateFormatW
0x4c5f38 GetCurrentThreadId
0x4c5f3c GetCurrentThread
0x4c5f40 GetCurrentProcessId
0x4c5f44 GetCurrentProcess
0x4c5f48 GetCPInfo
0x4c5f4c FreeResource
0x4c5f50 InterlockedExchangeAdd
0x4c5f54 InterlockedExchange
0x4c5f58 InterlockedCompareExchange
0x4c5f5c FreeLibrary
0x4c5f60 FormatMessageW
0x4c5f64 FindResourceW
0x4c5f68 FindFirstFileW
0x4c5f6c FindClose
0x4c5f70 ExpandEnvironmentStringsW
0x4c5f74 EnumCalendarInfoW
0x4c5f78 EnterCriticalSection
0x4c5f7c DeleteCriticalSection
0x4c5f80 CreateThread
0x4c5f84 CreateProcessW
0x4c5f88 CreateFileW
0x4c5f8c CreateEventW
0x4c5f90 CompareStringW
0x4c5f94 CloseHandle
advapi32.dll
0x4c5f9c RegUnLoadKeyW
0x4c5fa0 RegSetValueExW
0x4c5fa4 RegSaveKeyW
0x4c5fa8 RegRestoreKeyW
0x4c5fac RegReplaceKeyW
0x4c5fb0 RegQueryValueExW
0x4c5fb4 RegQueryInfoKeyW
0x4c5fb8 RegOpenKeyExW
0x4c5fbc RegLoadKeyW
0x4c5fc0 RegFlushKey
0x4c5fc4 RegEnumValueW
0x4c5fc8 RegEnumKeyExW
0x4c5fcc RegDeleteValueW
0x4c5fd0 RegDeleteKeyW
0x4c5fd4 RegCreateKeyExW
0x4c5fd8 RegConnectRegistryW
0x4c5fdc RegCloseKey
ole32.dll
0x4c5fe4 OleUninitialize
0x4c5fe8 OleInitialize
comctl32.dll
0x4c5ff0 InitializeFlatSB
0x4c5ff4 FlatSB_SetScrollProp
0x4c5ff8 FlatSB_SetScrollPos
0x4c5ffc FlatSB_SetScrollInfo
0x4c6000 FlatSB_GetScrollPos
0x4c6004 FlatSB_GetScrollInfo
0x4c6008 _TrackMouseEvent
0x4c600c ImageList_GetImageInfo
0x4c6010 ImageList_SetIconSize
0x4c6014 ImageList_GetIconSize
0x4c6018 ImageList_Write
0x4c601c ImageList_Read
0x4c6020 ImageList_GetDragImage
0x4c6024 ImageList_DragShowNolock
0x4c6028 ImageList_DragMove
0x4c602c ImageList_DragLeave
0x4c6030 ImageList_DragEnter
0x4c6034 ImageList_EndDrag
0x4c6038 ImageList_BeginDrag
0x4c603c ImageList_Copy
0x4c6040 ImageList_LoadImageW
0x4c6044 ImageList_GetIcon
0x4c6048 ImageList_Remove
0x4c604c ImageList_DrawEx
0x4c6050 ImageList_Replace
0x4c6054 ImageList_Draw
0x4c6058 ImageList_SetOverlayImage
0x4c605c ImageList_GetBkColor
0x4c6060 ImageList_SetBkColor
0x4c6064 ImageList_ReplaceIcon
0x4c6068 ImageList_Add
0x4c606c ImageList_SetImageCount
0x4c6070 ImageList_GetImageCount
0x4c6074 ImageList_Destroy
0x4c6078 ImageList_Create
kernel32.dll
0x4c6080 Sleep
oleaut32.dll
0x4c6088 SafeArrayPtrOfIndex
0x4c608c SafeArrayGetUBound
0x4c6090 SafeArrayGetLBound
0x4c6094 SafeArrayCreate
0x4c6098 VariantChangeType
0x4c609c VariantCopy
0x4c60a0 VariantClear
0x4c60a4 VariantInit
winspool.drv
0x4c60ac OpenPrinterW
0x4c60b0 EnumPrintersW
0x4c60b4 DocumentPropertiesW
0x4c60b8 ClosePrinter
winspool.drv
0x4c60c0 GetDefaultPrinterW
advapi32.dll
0x4c60c8 QueryServiceStatusEx
0x4c60cc OpenServiceW
0x4c60d0 OpenSCManagerW
0x4c60d4 CloseServiceHandle
winsta.dll
0x4c60dc WinStationFreeMemory
0x4c60e0 WinStationEnumerateW
EAT(Export Address Table) is none