ScreenShot
| Created | 2024.10.25 10:45 | Machine | s1_win7_x6403 |
| Filename | RDPCheck.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 32 detected (RDPWrap, Malicious, score, RemoteAdmin, Unsafe, RemoteTool, eyvlpq, Undefined, YzY0Oh78uuVlSDN4, PrivacyRisk, HackTool, Radmin, remote, access, Detected, Gencirc, 39OEp2Y0vOM, susgen) | ||
| md5 | 8f82226b2f24d470c02f6664f67f23f7 | ||
| sha256 | 5603338a1f8dbb46efb8e0869db3491d5db92f362711d6680f91ecc5d18bfadf | ||
| ssdeep | 12288:AR55BK3IsHoeGoE0SYmsjRwH/fD/sK3wzBOSdzIaVI99l/rk9gvQJg7:81KY2oeGTKRqPCBOSd0aVIHloI | ||
| imphash | 05a0d0ec656ffbcba1d60f4783a3f1d9 | ||
| impfuzzy | 192:ocqNeRuujhEUh99Ieo+NePI4VIcF9Rgc1ph6xxSPOQVn:ANyj59mdIKjh12xwPOQVn | ||
Network IP location
Signature (7cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 32 AntiVirus engines on VirusTotal as malicious |
| watch | Creates a windows hook that monitors keyboard input (keylogger) |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Queries the disk size which could be used to detect virtual machine with small fixed size or dynamic allocation |
| info | Queries for the computername |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x4c7988 SysFreeString
0x4c798c SysReAllocStringLen
0x4c7990 SysAllocStringLen
advapi32.dll
0x4c7998 RegQueryValueExW
0x4c799c RegOpenKeyExW
0x4c79a0 RegCloseKey
user32.dll
0x4c79a8 LoadStringW
0x4c79ac MessageBoxA
0x4c79b0 CharNextW
kernel32.dll
0x4c79b8 lstrcmpiA
0x4c79bc LoadLibraryA
0x4c79c0 LocalFree
0x4c79c4 LocalAlloc
0x4c79c8 GetACP
0x4c79cc Sleep
0x4c79d0 VirtualFree
0x4c79d4 VirtualAlloc
0x4c79d8 GetSystemInfo
0x4c79dc GetTickCount
0x4c79e0 QueryPerformanceCounter
0x4c79e4 GetVersion
0x4c79e8 GetCurrentThreadId
0x4c79ec VirtualQuery
0x4c79f0 WideCharToMultiByte
0x4c79f4 MultiByteToWideChar
0x4c79f8 lstrlenW
0x4c79fc lstrcpynW
0x4c7a00 LoadLibraryExW
0x4c7a04 IsValidLocale
0x4c7a08 GetSystemDefaultUILanguage
0x4c7a0c GetStartupInfoA
0x4c7a10 GetProcAddress
0x4c7a14 GetModuleHandleW
0x4c7a18 GetModuleFileNameW
0x4c7a1c GetUserDefaultUILanguage
0x4c7a20 GetLocaleInfoW
0x4c7a24 GetLastError
0x4c7a28 GetCommandLineW
0x4c7a2c FreeLibrary
0x4c7a30 FindFirstFileW
0x4c7a34 FindClose
0x4c7a38 ExitProcess
0x4c7a3c ExitThread
0x4c7a40 CreateThread
0x4c7a44 CompareStringW
0x4c7a48 WriteFile
0x4c7a4c UnhandledExceptionFilter
0x4c7a50 RtlUnwind
0x4c7a54 RaiseException
0x4c7a58 GetStdHandle
0x4c7a5c DeleteCriticalSection
0x4c7a60 LeaveCriticalSection
0x4c7a64 EnterCriticalSection
0x4c7a68 InitializeCriticalSection
0x4c7a6c CloseHandle
kernel32.dll
0x4c7a74 TlsSetValue
0x4c7a78 TlsGetValue
0x4c7a7c LocalAlloc
0x4c7a80 GetModuleHandleW
user32.dll
0x4c7a88 CreateWindowExW
0x4c7a8c WindowFromPoint
0x4c7a90 WaitMessage
0x4c7a94 UpdateWindow
0x4c7a98 UnregisterClassW
0x4c7a9c UnhookWindowsHookEx
0x4c7aa0 TranslateMessage
0x4c7aa4 TranslateMDISysAccel
0x4c7aa8 TrackPopupMenu
0x4c7aac SystemParametersInfoW
0x4c7ab0 ShowWindow
0x4c7ab4 ShowScrollBar
0x4c7ab8 ShowOwnedPopups
0x4c7abc SetWindowsHookExW
0x4c7ac0 SetWindowTextW
0x4c7ac4 SetWindowPos
0x4c7ac8 SetWindowPlacement
0x4c7acc SetWindowLongW
0x4c7ad0 SetTimer
0x4c7ad4 SetScrollRange
0x4c7ad8 SetScrollPos
0x4c7adc SetScrollInfo
0x4c7ae0 SetRect
0x4c7ae4 SetPropW
0x4c7ae8 SetParent
0x4c7aec SetMenuItemInfoW
0x4c7af0 SetMenu
0x4c7af4 SetForegroundWindow
0x4c7af8 SetFocus
0x4c7afc SetCursorPos
0x4c7b00 SetCursor
0x4c7b04 SetClassLongW
0x4c7b08 SetCapture
0x4c7b0c SetActiveWindow
0x4c7b10 SendMessageA
0x4c7b14 SendMessageW
0x4c7b18 ScrollWindow
0x4c7b1c ScreenToClient
0x4c7b20 RemovePropW
0x4c7b24 RemoveMenu
0x4c7b28 ReleaseDC
0x4c7b2c ReleaseCapture
0x4c7b30 RegisterWindowMessageW
0x4c7b34 RegisterClipboardFormatW
0x4c7b38 RegisterClassW
0x4c7b3c RedrawWindow
0x4c7b40 PostQuitMessage
0x4c7b44 PostMessageW
0x4c7b48 PeekMessageA
0x4c7b4c PeekMessageW
0x4c7b50 OffsetRect
0x4c7b54 MsgWaitForMultipleObjectsEx
0x4c7b58 MsgWaitForMultipleObjects
0x4c7b5c MessageBoxW
0x4c7b60 MapWindowPoints
0x4c7b64 MapVirtualKeyW
0x4c7b68 LoadStringW
0x4c7b6c LoadKeyboardLayoutW
0x4c7b70 LoadIconW
0x4c7b74 LoadCursorW
0x4c7b78 LoadBitmapW
0x4c7b7c KillTimer
0x4c7b80 IsZoomed
0x4c7b84 IsWindowVisible
0x4c7b88 IsWindowUnicode
0x4c7b8c IsWindowEnabled
0x4c7b90 IsWindow
0x4c7b94 IsIconic
0x4c7b98 IsDialogMessageA
0x4c7b9c IsDialogMessageW
0x4c7ba0 IsChild
0x4c7ba4 InvalidateRect
0x4c7ba8 IntersectRect
0x4c7bac InsertMenuItemW
0x4c7bb0 InsertMenuW
0x4c7bb4 InflateRect
0x4c7bb8 GetWindowThreadProcessId
0x4c7bbc GetWindowTextW
0x4c7bc0 GetWindowRect
0x4c7bc4 GetWindowPlacement
0x4c7bc8 GetWindowLongW
0x4c7bcc GetWindowDC
0x4c7bd0 GetTopWindow
0x4c7bd4 GetSystemMetrics
0x4c7bd8 GetSystemMenu
0x4c7bdc GetSysColorBrush
0x4c7be0 GetSysColor
0x4c7be4 GetSubMenu
0x4c7be8 GetScrollRange
0x4c7bec GetScrollPos
0x4c7bf0 GetScrollInfo
0x4c7bf4 GetPropW
0x4c7bf8 GetParent
0x4c7bfc GetWindow
0x4c7c00 GetMessageTime
0x4c7c04 GetMessagePos
0x4c7c08 GetMessageExtraInfo
0x4c7c0c GetMenuStringW
0x4c7c10 GetMenuState
0x4c7c14 GetMenuItemInfoW
0x4c7c18 GetMenuItemID
0x4c7c1c GetMenuItemCount
0x4c7c20 GetMenu
0x4c7c24 GetLastActivePopup
0x4c7c28 GetKeyboardState
0x4c7c2c GetKeyboardLayoutNameW
0x4c7c30 GetKeyboardLayoutList
0x4c7c34 GetKeyboardLayout
0x4c7c38 GetKeyState
0x4c7c3c GetKeyNameTextW
0x4c7c40 GetIconInfo
0x4c7c44 GetForegroundWindow
0x4c7c48 GetFocus
0x4c7c4c GetDesktopWindow
0x4c7c50 GetDCEx
0x4c7c54 GetDC
0x4c7c58 GetCursorPos
0x4c7c5c GetCursor
0x4c7c60 GetClipboardData
0x4c7c64 GetClientRect
0x4c7c68 GetClassLongW
0x4c7c6c GetClassInfoW
0x4c7c70 GetCapture
0x4c7c74 GetActiveWindow
0x4c7c78 FrameRect
0x4c7c7c FindWindowExW
0x4c7c80 FindWindowW
0x4c7c84 FillRect
0x4c7c88 EnumWindows
0x4c7c8c EnumThreadWindows
0x4c7c90 EnumChildWindows
0x4c7c94 EndPaint
0x4c7c98 EnableWindow
0x4c7c9c EnableScrollBar
0x4c7ca0 EnableMenuItem
0x4c7ca4 DrawTextExW
0x4c7ca8 DrawTextW
0x4c7cac DrawMenuBar
0x4c7cb0 DrawIconEx
0x4c7cb4 DrawIcon
0x4c7cb8 DrawFrameControl
0x4c7cbc DrawFocusRect
0x4c7cc0 DrawEdge
0x4c7cc4 DispatchMessageA
0x4c7cc8 DispatchMessageW
0x4c7ccc DestroyWindow
0x4c7cd0 DestroyMenu
0x4c7cd4 DestroyIcon
0x4c7cd8 DestroyCursor
0x4c7cdc DeleteMenu
0x4c7ce0 DefWindowProcW
0x4c7ce4 DefMDIChildProcW
0x4c7ce8 DefFrameProcW
0x4c7cec CreatePopupMenu
0x4c7cf0 CreateMenu
0x4c7cf4 CreateIcon
0x4c7cf8 CreateAcceleratorTableW
0x4c7cfc CopyIcon
0x4c7d00 ClientToScreen
0x4c7d04 CheckMenuItem
0x4c7d08 CharUpperBuffW
0x4c7d0c CharNextW
0x4c7d10 CharLowerBuffW
0x4c7d14 CharLowerW
0x4c7d18 CallWindowProcW
0x4c7d1c CallNextHookEx
0x4c7d20 BeginPaint
0x4c7d24 AdjustWindowRectEx
0x4c7d28 ActivateKeyboardLayout
msimg32.dll
0x4c7d30 AlphaBlend
gdi32.dll
0x4c7d38 UnrealizeObject
0x4c7d3c StretchDIBits
0x4c7d40 StretchBlt
0x4c7d44 StartPage
0x4c7d48 StartDocW
0x4c7d4c SetWindowOrgEx
0x4c7d50 SetWinMetaFileBits
0x4c7d54 SetViewportOrgEx
0x4c7d58 SetTextColor
0x4c7d5c SetStretchBltMode
0x4c7d60 SetROP2
0x4c7d64 SetPixel
0x4c7d68 SetMapMode
0x4c7d6c SetEnhMetaFileBits
0x4c7d70 SetDIBits
0x4c7d74 SetDIBColorTable
0x4c7d78 SetBrushOrgEx
0x4c7d7c SetBkMode
0x4c7d80 SetBkColor
0x4c7d84 SetAbortProc
0x4c7d88 SelectPalette
0x4c7d8c SelectObject
0x4c7d90 SaveDC
0x4c7d94 RoundRect
0x4c7d98 RestoreDC
0x4c7d9c Rectangle
0x4c7da0 RectVisible
0x4c7da4 RealizePalette
0x4c7da8 Polyline
0x4c7dac Polygon
0x4c7db0 PolyBezierTo
0x4c7db4 PolyBezier
0x4c7db8 PlayEnhMetaFile
0x4c7dbc Pie
0x4c7dc0 PatBlt
0x4c7dc4 MoveToEx
0x4c7dc8 MaskBlt
0x4c7dcc LineTo
0x4c7dd0 LPtoDP
0x4c7dd4 IntersectClipRect
0x4c7dd8 GetWindowOrgEx
0x4c7ddc GetWinMetaFileBits
0x4c7de0 GetTextMetricsW
0x4c7de4 GetTextExtentPoint32W
0x4c7de8 GetSystemPaletteEntries
0x4c7dec GetStockObject
0x4c7df0 GetRgnBox
0x4c7df4 GetPixel
0x4c7df8 GetPaletteEntries
0x4c7dfc GetObjectW
0x4c7e00 GetEnhMetaFilePaletteEntries
0x4c7e04 GetEnhMetaFileHeader
0x4c7e08 GetEnhMetaFileDescriptionW
0x4c7e0c GetEnhMetaFileBits
0x4c7e10 GetDeviceCaps
0x4c7e14 GetDIBits
0x4c7e18 GetDIBColorTable
0x4c7e1c GetDCOrgEx
0x4c7e20 GetCurrentPositionEx
0x4c7e24 GetClipBox
0x4c7e28 GetBrushOrgEx
0x4c7e2c GetBitmapBits
0x4c7e30 FrameRgn
0x4c7e34 ExtTextOutW
0x4c7e38 ExtFloodFill
0x4c7e3c ExcludeClipRect
0x4c7e40 EnumFontsW
0x4c7e44 EnumFontFamiliesExW
0x4c7e48 EndPage
0x4c7e4c EndDoc
0x4c7e50 Ellipse
0x4c7e54 DeleteObject
0x4c7e58 DeleteEnhMetaFile
0x4c7e5c DeleteDC
0x4c7e60 CreateSolidBrush
0x4c7e64 CreateRectRgn
0x4c7e68 CreatePenIndirect
0x4c7e6c CreatePalette
0x4c7e70 CreateICW
0x4c7e74 CreateHalftonePalette
0x4c7e78 CreateFontIndirectW
0x4c7e7c CreateEnhMetaFileW
0x4c7e80 CreateDIBitmap
0x4c7e84 CreateDIBSection
0x4c7e88 CreateDCW
0x4c7e8c CreateCompatibleDC
0x4c7e90 CreateCompatibleBitmap
0x4c7e94 CreateBrushIndirect
0x4c7e98 CreateBitmap
0x4c7e9c CopyEnhMetaFileW
0x4c7ea0 CloseEnhMetaFile
0x4c7ea4 Chord
0x4c7ea8 BitBlt
0x4c7eac Arc
0x4c7eb0 AbortDoc
version.dll
0x4c7eb8 VerQueryValueW
0x4c7ebc GetFileVersionInfoSizeW
0x4c7ec0 GetFileVersionInfoW
kernel32.dll
0x4c7ec8 lstrcpyW
0x4c7ecc WriteFile
0x4c7ed0 WideCharToMultiByte
0x4c7ed4 WaitForSingleObject
0x4c7ed8 WaitForMultipleObjectsEx
0x4c7edc VirtualQueryEx
0x4c7ee0 VirtualQuery
0x4c7ee4 VirtualFree
0x4c7ee8 VirtualAlloc
0x4c7eec TryEnterCriticalSection
0x4c7ef0 SwitchToThread
0x4c7ef4 SuspendThread
0x4c7ef8 SizeofResource
0x4c7efc SignalObjectAndWait
0x4c7f00 SetThreadPriority
0x4c7f04 SetThreadLocale
0x4c7f08 SetLastError
0x4c7f0c SetFilePointer
0x4c7f10 SetEvent
0x4c7f14 SetErrorMode
0x4c7f18 SetEndOfFile
0x4c7f1c ResumeThread
0x4c7f20 ResetEvent
0x4c7f24 ReadFile
0x4c7f28 RaiseException
0x4c7f2c IsDebuggerPresent
0x4c7f30 MultiByteToWideChar
0x4c7f34 MulDiv
0x4c7f38 LockResource
0x4c7f3c LoadResource
0x4c7f40 LoadLibraryW
0x4c7f44 LeaveCriticalSection
0x4c7f48 InitializeCriticalSection
0x4c7f4c GlobalUnlock
0x4c7f50 GlobalSize
0x4c7f54 GlobalLock
0x4c7f58 GlobalFree
0x4c7f5c GlobalFindAtomW
0x4c7f60 GlobalDeleteAtom
0x4c7f64 GlobalAlloc
0x4c7f68 GlobalAddAtomW
0x4c7f6c GetVersionExW
0x4c7f70 GetVersion
0x4c7f74 GetUserDefaultLCID
0x4c7f78 GetTickCount
0x4c7f7c GetThreadPriority
0x4c7f80 GetThreadLocale
0x4c7f84 GetStdHandle
0x4c7f88 GetProcAddress
0x4c7f8c GetModuleHandleW
0x4c7f90 GetModuleFileNameW
0x4c7f94 GetLocaleInfoW
0x4c7f98 GetLocalTime
0x4c7f9c GetLastError
0x4c7fa0 GetFullPathNameW
0x4c7fa4 GetExitCodeThread
0x4c7fa8 GetDiskFreeSpaceW
0x4c7fac GetDateFormatW
0x4c7fb0 GetCurrentThreadId
0x4c7fb4 GetCurrentThread
0x4c7fb8 GetCurrentProcessId
0x4c7fbc GetCurrentProcess
0x4c7fc0 GetComputerNameW
0x4c7fc4 GetCPInfo
0x4c7fc8 FreeResource
0x4c7fcc InterlockedExchangeAdd
0x4c7fd0 InterlockedExchange
0x4c7fd4 InterlockedCompareExchange
0x4c7fd8 FreeLibrary
0x4c7fdc FormatMessageW
0x4c7fe0 FindResourceW
0x4c7fe4 EnumCalendarInfoW
0x4c7fe8 EnterCriticalSection
0x4c7fec DeleteCriticalSection
0x4c7ff0 CreateThread
0x4c7ff4 CreateFileW
0x4c7ff8 CreateEventW
0x4c7ffc CompareStringW
0x4c8000 CloseHandle
advapi32.dll
0x4c8008 RegUnLoadKeyW
0x4c800c RegSetValueExW
0x4c8010 RegSaveKeyW
0x4c8014 RegRestoreKeyW
0x4c8018 RegReplaceKeyW
0x4c801c RegQueryValueExW
0x4c8020 RegQueryInfoKeyW
0x4c8024 RegOpenKeyExW
0x4c8028 RegLoadKeyW
0x4c802c RegFlushKey
0x4c8030 RegEnumValueW
0x4c8034 RegEnumKeyExW
0x4c8038 RegDeleteValueW
0x4c803c RegDeleteKeyW
0x4c8040 RegCreateKeyExW
0x4c8044 RegConnectRegistryW
0x4c8048 RegCloseKey
oleaut32.dll
0x4c8050 GetErrorInfo
0x4c8054 GetActiveObject
0x4c8058 SysFreeString
ole32.dll
0x4c8060 CreateStreamOnHGlobal
0x4c8064 OleRegEnumVerbs
0x4c8068 IsAccelerator
0x4c806c OleDraw
0x4c8070 OleSetMenuDescriptor
0x4c8074 OleUninitialize
0x4c8078 OleInitialize
0x4c807c CoTaskMemFree
0x4c8080 ProgIDFromCLSID
0x4c8084 StringFromCLSID
0x4c8088 CoCreateInstance
0x4c808c CoGetClassObject
0x4c8090 CoUninitialize
0x4c8094 CoInitialize
0x4c8098 IsEqualGUID
comctl32.dll
0x4c80a0 InitializeFlatSB
0x4c80a4 FlatSB_SetScrollProp
0x4c80a8 FlatSB_SetScrollPos
0x4c80ac FlatSB_SetScrollInfo
0x4c80b0 FlatSB_GetScrollPos
0x4c80b4 FlatSB_GetScrollInfo
0x4c80b8 _TrackMouseEvent
0x4c80bc ImageList_GetImageInfo
0x4c80c0 ImageList_SetIconSize
0x4c80c4 ImageList_GetIconSize
0x4c80c8 ImageList_Write
0x4c80cc ImageList_Read
0x4c80d0 ImageList_GetDragImage
0x4c80d4 ImageList_DragShowNolock
0x4c80d8 ImageList_DragMove
0x4c80dc ImageList_DragLeave
0x4c80e0 ImageList_DragEnter
0x4c80e4 ImageList_EndDrag
0x4c80e8 ImageList_BeginDrag
0x4c80ec ImageList_Copy
0x4c80f0 ImageList_LoadImageW
0x4c80f4 ImageList_GetIcon
0x4c80f8 ImageList_Remove
0x4c80fc ImageList_DrawEx
0x4c8100 ImageList_Replace
0x4c8104 ImageList_Draw
0x4c8108 ImageList_SetOverlayImage
0x4c810c ImageList_GetBkColor
0x4c8110 ImageList_SetBkColor
0x4c8114 ImageList_ReplaceIcon
0x4c8118 ImageList_Add
0x4c811c ImageList_SetImageCount
0x4c8120 ImageList_GetImageCount
0x4c8124 ImageList_Destroy
0x4c8128 ImageList_Create
kernel32.dll
0x4c8130 Sleep
ole32.dll
0x4c8138 IsEqualGUID
oleaut32.dll
0x4c8140 SafeArrayPtrOfIndex
0x4c8144 SafeArrayGetUBound
0x4c8148 SafeArrayGetLBound
0x4c814c SafeArrayCreate
0x4c8150 VariantChangeType
0x4c8154 VariantCopy
0x4c8158 VariantClear
0x4c815c VariantInit
winspool.drv
0x4c8164 OpenPrinterW
0x4c8168 EnumPrintersW
0x4c816c DocumentPropertiesW
0x4c8170 ClosePrinter
winspool.drv
0x4c8178 GetDefaultPrinterW
EAT(Export Address Table) is none
oleaut32.dll
0x4c7988 SysFreeString
0x4c798c SysReAllocStringLen
0x4c7990 SysAllocStringLen
advapi32.dll
0x4c7998 RegQueryValueExW
0x4c799c RegOpenKeyExW
0x4c79a0 RegCloseKey
user32.dll
0x4c79a8 LoadStringW
0x4c79ac MessageBoxA
0x4c79b0 CharNextW
kernel32.dll
0x4c79b8 lstrcmpiA
0x4c79bc LoadLibraryA
0x4c79c0 LocalFree
0x4c79c4 LocalAlloc
0x4c79c8 GetACP
0x4c79cc Sleep
0x4c79d0 VirtualFree
0x4c79d4 VirtualAlloc
0x4c79d8 GetSystemInfo
0x4c79dc GetTickCount
0x4c79e0 QueryPerformanceCounter
0x4c79e4 GetVersion
0x4c79e8 GetCurrentThreadId
0x4c79ec VirtualQuery
0x4c79f0 WideCharToMultiByte
0x4c79f4 MultiByteToWideChar
0x4c79f8 lstrlenW
0x4c79fc lstrcpynW
0x4c7a00 LoadLibraryExW
0x4c7a04 IsValidLocale
0x4c7a08 GetSystemDefaultUILanguage
0x4c7a0c GetStartupInfoA
0x4c7a10 GetProcAddress
0x4c7a14 GetModuleHandleW
0x4c7a18 GetModuleFileNameW
0x4c7a1c GetUserDefaultUILanguage
0x4c7a20 GetLocaleInfoW
0x4c7a24 GetLastError
0x4c7a28 GetCommandLineW
0x4c7a2c FreeLibrary
0x4c7a30 FindFirstFileW
0x4c7a34 FindClose
0x4c7a38 ExitProcess
0x4c7a3c ExitThread
0x4c7a40 CreateThread
0x4c7a44 CompareStringW
0x4c7a48 WriteFile
0x4c7a4c UnhandledExceptionFilter
0x4c7a50 RtlUnwind
0x4c7a54 RaiseException
0x4c7a58 GetStdHandle
0x4c7a5c DeleteCriticalSection
0x4c7a60 LeaveCriticalSection
0x4c7a64 EnterCriticalSection
0x4c7a68 InitializeCriticalSection
0x4c7a6c CloseHandle
kernel32.dll
0x4c7a74 TlsSetValue
0x4c7a78 TlsGetValue
0x4c7a7c LocalAlloc
0x4c7a80 GetModuleHandleW
user32.dll
0x4c7a88 CreateWindowExW
0x4c7a8c WindowFromPoint
0x4c7a90 WaitMessage
0x4c7a94 UpdateWindow
0x4c7a98 UnregisterClassW
0x4c7a9c UnhookWindowsHookEx
0x4c7aa0 TranslateMessage
0x4c7aa4 TranslateMDISysAccel
0x4c7aa8 TrackPopupMenu
0x4c7aac SystemParametersInfoW
0x4c7ab0 ShowWindow
0x4c7ab4 ShowScrollBar
0x4c7ab8 ShowOwnedPopups
0x4c7abc SetWindowsHookExW
0x4c7ac0 SetWindowTextW
0x4c7ac4 SetWindowPos
0x4c7ac8 SetWindowPlacement
0x4c7acc SetWindowLongW
0x4c7ad0 SetTimer
0x4c7ad4 SetScrollRange
0x4c7ad8 SetScrollPos
0x4c7adc SetScrollInfo
0x4c7ae0 SetRect
0x4c7ae4 SetPropW
0x4c7ae8 SetParent
0x4c7aec SetMenuItemInfoW
0x4c7af0 SetMenu
0x4c7af4 SetForegroundWindow
0x4c7af8 SetFocus
0x4c7afc SetCursorPos
0x4c7b00 SetCursor
0x4c7b04 SetClassLongW
0x4c7b08 SetCapture
0x4c7b0c SetActiveWindow
0x4c7b10 SendMessageA
0x4c7b14 SendMessageW
0x4c7b18 ScrollWindow
0x4c7b1c ScreenToClient
0x4c7b20 RemovePropW
0x4c7b24 RemoveMenu
0x4c7b28 ReleaseDC
0x4c7b2c ReleaseCapture
0x4c7b30 RegisterWindowMessageW
0x4c7b34 RegisterClipboardFormatW
0x4c7b38 RegisterClassW
0x4c7b3c RedrawWindow
0x4c7b40 PostQuitMessage
0x4c7b44 PostMessageW
0x4c7b48 PeekMessageA
0x4c7b4c PeekMessageW
0x4c7b50 OffsetRect
0x4c7b54 MsgWaitForMultipleObjectsEx
0x4c7b58 MsgWaitForMultipleObjects
0x4c7b5c MessageBoxW
0x4c7b60 MapWindowPoints
0x4c7b64 MapVirtualKeyW
0x4c7b68 LoadStringW
0x4c7b6c LoadKeyboardLayoutW
0x4c7b70 LoadIconW
0x4c7b74 LoadCursorW
0x4c7b78 LoadBitmapW
0x4c7b7c KillTimer
0x4c7b80 IsZoomed
0x4c7b84 IsWindowVisible
0x4c7b88 IsWindowUnicode
0x4c7b8c IsWindowEnabled
0x4c7b90 IsWindow
0x4c7b94 IsIconic
0x4c7b98 IsDialogMessageA
0x4c7b9c IsDialogMessageW
0x4c7ba0 IsChild
0x4c7ba4 InvalidateRect
0x4c7ba8 IntersectRect
0x4c7bac InsertMenuItemW
0x4c7bb0 InsertMenuW
0x4c7bb4 InflateRect
0x4c7bb8 GetWindowThreadProcessId
0x4c7bbc GetWindowTextW
0x4c7bc0 GetWindowRect
0x4c7bc4 GetWindowPlacement
0x4c7bc8 GetWindowLongW
0x4c7bcc GetWindowDC
0x4c7bd0 GetTopWindow
0x4c7bd4 GetSystemMetrics
0x4c7bd8 GetSystemMenu
0x4c7bdc GetSysColorBrush
0x4c7be0 GetSysColor
0x4c7be4 GetSubMenu
0x4c7be8 GetScrollRange
0x4c7bec GetScrollPos
0x4c7bf0 GetScrollInfo
0x4c7bf4 GetPropW
0x4c7bf8 GetParent
0x4c7bfc GetWindow
0x4c7c00 GetMessageTime
0x4c7c04 GetMessagePos
0x4c7c08 GetMessageExtraInfo
0x4c7c0c GetMenuStringW
0x4c7c10 GetMenuState
0x4c7c14 GetMenuItemInfoW
0x4c7c18 GetMenuItemID
0x4c7c1c GetMenuItemCount
0x4c7c20 GetMenu
0x4c7c24 GetLastActivePopup
0x4c7c28 GetKeyboardState
0x4c7c2c GetKeyboardLayoutNameW
0x4c7c30 GetKeyboardLayoutList
0x4c7c34 GetKeyboardLayout
0x4c7c38 GetKeyState
0x4c7c3c GetKeyNameTextW
0x4c7c40 GetIconInfo
0x4c7c44 GetForegroundWindow
0x4c7c48 GetFocus
0x4c7c4c GetDesktopWindow
0x4c7c50 GetDCEx
0x4c7c54 GetDC
0x4c7c58 GetCursorPos
0x4c7c5c GetCursor
0x4c7c60 GetClipboardData
0x4c7c64 GetClientRect
0x4c7c68 GetClassLongW
0x4c7c6c GetClassInfoW
0x4c7c70 GetCapture
0x4c7c74 GetActiveWindow
0x4c7c78 FrameRect
0x4c7c7c FindWindowExW
0x4c7c80 FindWindowW
0x4c7c84 FillRect
0x4c7c88 EnumWindows
0x4c7c8c EnumThreadWindows
0x4c7c90 EnumChildWindows
0x4c7c94 EndPaint
0x4c7c98 EnableWindow
0x4c7c9c EnableScrollBar
0x4c7ca0 EnableMenuItem
0x4c7ca4 DrawTextExW
0x4c7ca8 DrawTextW
0x4c7cac DrawMenuBar
0x4c7cb0 DrawIconEx
0x4c7cb4 DrawIcon
0x4c7cb8 DrawFrameControl
0x4c7cbc DrawFocusRect
0x4c7cc0 DrawEdge
0x4c7cc4 DispatchMessageA
0x4c7cc8 DispatchMessageW
0x4c7ccc DestroyWindow
0x4c7cd0 DestroyMenu
0x4c7cd4 DestroyIcon
0x4c7cd8 DestroyCursor
0x4c7cdc DeleteMenu
0x4c7ce0 DefWindowProcW
0x4c7ce4 DefMDIChildProcW
0x4c7ce8 DefFrameProcW
0x4c7cec CreatePopupMenu
0x4c7cf0 CreateMenu
0x4c7cf4 CreateIcon
0x4c7cf8 CreateAcceleratorTableW
0x4c7cfc CopyIcon
0x4c7d00 ClientToScreen
0x4c7d04 CheckMenuItem
0x4c7d08 CharUpperBuffW
0x4c7d0c CharNextW
0x4c7d10 CharLowerBuffW
0x4c7d14 CharLowerW
0x4c7d18 CallWindowProcW
0x4c7d1c CallNextHookEx
0x4c7d20 BeginPaint
0x4c7d24 AdjustWindowRectEx
0x4c7d28 ActivateKeyboardLayout
msimg32.dll
0x4c7d30 AlphaBlend
gdi32.dll
0x4c7d38 UnrealizeObject
0x4c7d3c StretchDIBits
0x4c7d40 StretchBlt
0x4c7d44 StartPage
0x4c7d48 StartDocW
0x4c7d4c SetWindowOrgEx
0x4c7d50 SetWinMetaFileBits
0x4c7d54 SetViewportOrgEx
0x4c7d58 SetTextColor
0x4c7d5c SetStretchBltMode
0x4c7d60 SetROP2
0x4c7d64 SetPixel
0x4c7d68 SetMapMode
0x4c7d6c SetEnhMetaFileBits
0x4c7d70 SetDIBits
0x4c7d74 SetDIBColorTable
0x4c7d78 SetBrushOrgEx
0x4c7d7c SetBkMode
0x4c7d80 SetBkColor
0x4c7d84 SetAbortProc
0x4c7d88 SelectPalette
0x4c7d8c SelectObject
0x4c7d90 SaveDC
0x4c7d94 RoundRect
0x4c7d98 RestoreDC
0x4c7d9c Rectangle
0x4c7da0 RectVisible
0x4c7da4 RealizePalette
0x4c7da8 Polyline
0x4c7dac Polygon
0x4c7db0 PolyBezierTo
0x4c7db4 PolyBezier
0x4c7db8 PlayEnhMetaFile
0x4c7dbc Pie
0x4c7dc0 PatBlt
0x4c7dc4 MoveToEx
0x4c7dc8 MaskBlt
0x4c7dcc LineTo
0x4c7dd0 LPtoDP
0x4c7dd4 IntersectClipRect
0x4c7dd8 GetWindowOrgEx
0x4c7ddc GetWinMetaFileBits
0x4c7de0 GetTextMetricsW
0x4c7de4 GetTextExtentPoint32W
0x4c7de8 GetSystemPaletteEntries
0x4c7dec GetStockObject
0x4c7df0 GetRgnBox
0x4c7df4 GetPixel
0x4c7df8 GetPaletteEntries
0x4c7dfc GetObjectW
0x4c7e00 GetEnhMetaFilePaletteEntries
0x4c7e04 GetEnhMetaFileHeader
0x4c7e08 GetEnhMetaFileDescriptionW
0x4c7e0c GetEnhMetaFileBits
0x4c7e10 GetDeviceCaps
0x4c7e14 GetDIBits
0x4c7e18 GetDIBColorTable
0x4c7e1c GetDCOrgEx
0x4c7e20 GetCurrentPositionEx
0x4c7e24 GetClipBox
0x4c7e28 GetBrushOrgEx
0x4c7e2c GetBitmapBits
0x4c7e30 FrameRgn
0x4c7e34 ExtTextOutW
0x4c7e38 ExtFloodFill
0x4c7e3c ExcludeClipRect
0x4c7e40 EnumFontsW
0x4c7e44 EnumFontFamiliesExW
0x4c7e48 EndPage
0x4c7e4c EndDoc
0x4c7e50 Ellipse
0x4c7e54 DeleteObject
0x4c7e58 DeleteEnhMetaFile
0x4c7e5c DeleteDC
0x4c7e60 CreateSolidBrush
0x4c7e64 CreateRectRgn
0x4c7e68 CreatePenIndirect
0x4c7e6c CreatePalette
0x4c7e70 CreateICW
0x4c7e74 CreateHalftonePalette
0x4c7e78 CreateFontIndirectW
0x4c7e7c CreateEnhMetaFileW
0x4c7e80 CreateDIBitmap
0x4c7e84 CreateDIBSection
0x4c7e88 CreateDCW
0x4c7e8c CreateCompatibleDC
0x4c7e90 CreateCompatibleBitmap
0x4c7e94 CreateBrushIndirect
0x4c7e98 CreateBitmap
0x4c7e9c CopyEnhMetaFileW
0x4c7ea0 CloseEnhMetaFile
0x4c7ea4 Chord
0x4c7ea8 BitBlt
0x4c7eac Arc
0x4c7eb0 AbortDoc
version.dll
0x4c7eb8 VerQueryValueW
0x4c7ebc GetFileVersionInfoSizeW
0x4c7ec0 GetFileVersionInfoW
kernel32.dll
0x4c7ec8 lstrcpyW
0x4c7ecc WriteFile
0x4c7ed0 WideCharToMultiByte
0x4c7ed4 WaitForSingleObject
0x4c7ed8 WaitForMultipleObjectsEx
0x4c7edc VirtualQueryEx
0x4c7ee0 VirtualQuery
0x4c7ee4 VirtualFree
0x4c7ee8 VirtualAlloc
0x4c7eec TryEnterCriticalSection
0x4c7ef0 SwitchToThread
0x4c7ef4 SuspendThread
0x4c7ef8 SizeofResource
0x4c7efc SignalObjectAndWait
0x4c7f00 SetThreadPriority
0x4c7f04 SetThreadLocale
0x4c7f08 SetLastError
0x4c7f0c SetFilePointer
0x4c7f10 SetEvent
0x4c7f14 SetErrorMode
0x4c7f18 SetEndOfFile
0x4c7f1c ResumeThread
0x4c7f20 ResetEvent
0x4c7f24 ReadFile
0x4c7f28 RaiseException
0x4c7f2c IsDebuggerPresent
0x4c7f30 MultiByteToWideChar
0x4c7f34 MulDiv
0x4c7f38 LockResource
0x4c7f3c LoadResource
0x4c7f40 LoadLibraryW
0x4c7f44 LeaveCriticalSection
0x4c7f48 InitializeCriticalSection
0x4c7f4c GlobalUnlock
0x4c7f50 GlobalSize
0x4c7f54 GlobalLock
0x4c7f58 GlobalFree
0x4c7f5c GlobalFindAtomW
0x4c7f60 GlobalDeleteAtom
0x4c7f64 GlobalAlloc
0x4c7f68 GlobalAddAtomW
0x4c7f6c GetVersionExW
0x4c7f70 GetVersion
0x4c7f74 GetUserDefaultLCID
0x4c7f78 GetTickCount
0x4c7f7c GetThreadPriority
0x4c7f80 GetThreadLocale
0x4c7f84 GetStdHandle
0x4c7f88 GetProcAddress
0x4c7f8c GetModuleHandleW
0x4c7f90 GetModuleFileNameW
0x4c7f94 GetLocaleInfoW
0x4c7f98 GetLocalTime
0x4c7f9c GetLastError
0x4c7fa0 GetFullPathNameW
0x4c7fa4 GetExitCodeThread
0x4c7fa8 GetDiskFreeSpaceW
0x4c7fac GetDateFormatW
0x4c7fb0 GetCurrentThreadId
0x4c7fb4 GetCurrentThread
0x4c7fb8 GetCurrentProcessId
0x4c7fbc GetCurrentProcess
0x4c7fc0 GetComputerNameW
0x4c7fc4 GetCPInfo
0x4c7fc8 FreeResource
0x4c7fcc InterlockedExchangeAdd
0x4c7fd0 InterlockedExchange
0x4c7fd4 InterlockedCompareExchange
0x4c7fd8 FreeLibrary
0x4c7fdc FormatMessageW
0x4c7fe0 FindResourceW
0x4c7fe4 EnumCalendarInfoW
0x4c7fe8 EnterCriticalSection
0x4c7fec DeleteCriticalSection
0x4c7ff0 CreateThread
0x4c7ff4 CreateFileW
0x4c7ff8 CreateEventW
0x4c7ffc CompareStringW
0x4c8000 CloseHandle
advapi32.dll
0x4c8008 RegUnLoadKeyW
0x4c800c RegSetValueExW
0x4c8010 RegSaveKeyW
0x4c8014 RegRestoreKeyW
0x4c8018 RegReplaceKeyW
0x4c801c RegQueryValueExW
0x4c8020 RegQueryInfoKeyW
0x4c8024 RegOpenKeyExW
0x4c8028 RegLoadKeyW
0x4c802c RegFlushKey
0x4c8030 RegEnumValueW
0x4c8034 RegEnumKeyExW
0x4c8038 RegDeleteValueW
0x4c803c RegDeleteKeyW
0x4c8040 RegCreateKeyExW
0x4c8044 RegConnectRegistryW
0x4c8048 RegCloseKey
oleaut32.dll
0x4c8050 GetErrorInfo
0x4c8054 GetActiveObject
0x4c8058 SysFreeString
ole32.dll
0x4c8060 CreateStreamOnHGlobal
0x4c8064 OleRegEnumVerbs
0x4c8068 IsAccelerator
0x4c806c OleDraw
0x4c8070 OleSetMenuDescriptor
0x4c8074 OleUninitialize
0x4c8078 OleInitialize
0x4c807c CoTaskMemFree
0x4c8080 ProgIDFromCLSID
0x4c8084 StringFromCLSID
0x4c8088 CoCreateInstance
0x4c808c CoGetClassObject
0x4c8090 CoUninitialize
0x4c8094 CoInitialize
0x4c8098 IsEqualGUID
comctl32.dll
0x4c80a0 InitializeFlatSB
0x4c80a4 FlatSB_SetScrollProp
0x4c80a8 FlatSB_SetScrollPos
0x4c80ac FlatSB_SetScrollInfo
0x4c80b0 FlatSB_GetScrollPos
0x4c80b4 FlatSB_GetScrollInfo
0x4c80b8 _TrackMouseEvent
0x4c80bc ImageList_GetImageInfo
0x4c80c0 ImageList_SetIconSize
0x4c80c4 ImageList_GetIconSize
0x4c80c8 ImageList_Write
0x4c80cc ImageList_Read
0x4c80d0 ImageList_GetDragImage
0x4c80d4 ImageList_DragShowNolock
0x4c80d8 ImageList_DragMove
0x4c80dc ImageList_DragLeave
0x4c80e0 ImageList_DragEnter
0x4c80e4 ImageList_EndDrag
0x4c80e8 ImageList_BeginDrag
0x4c80ec ImageList_Copy
0x4c80f0 ImageList_LoadImageW
0x4c80f4 ImageList_GetIcon
0x4c80f8 ImageList_Remove
0x4c80fc ImageList_DrawEx
0x4c8100 ImageList_Replace
0x4c8104 ImageList_Draw
0x4c8108 ImageList_SetOverlayImage
0x4c810c ImageList_GetBkColor
0x4c8110 ImageList_SetBkColor
0x4c8114 ImageList_ReplaceIcon
0x4c8118 ImageList_Add
0x4c811c ImageList_SetImageCount
0x4c8120 ImageList_GetImageCount
0x4c8124 ImageList_Destroy
0x4c8128 ImageList_Create
kernel32.dll
0x4c8130 Sleep
ole32.dll
0x4c8138 IsEqualGUID
oleaut32.dll
0x4c8140 SafeArrayPtrOfIndex
0x4c8144 SafeArrayGetUBound
0x4c8148 SafeArrayGetLBound
0x4c814c SafeArrayCreate
0x4c8150 VariantChangeType
0x4c8154 VariantCopy
0x4c8158 VariantClear
0x4c815c VariantInit
winspool.drv
0x4c8164 OpenPrinterW
0x4c8168 EnumPrintersW
0x4c816c DocumentPropertiesW
0x4c8170 ClosePrinter
winspool.drv
0x4c8178 GetDefaultPrinterW
EAT(Export Address Table) is none