ScreenShot
| Created | 2024.12.02 10:02 | Machine | s1_win7_x6403 |
| Filename | purchaseorder.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 52 detected (AIDetectMalware, ModiLoader, Malicious, score, Zusy, Unsafe, Vh6m, confidence, DelphGen, Attribute, HighConfidence, high confidence, MalwareX, Generickdz, Noon, YzY0Ogv, qeSm3GfU, Nekark, avidg, Starter, Detected, Eldorado, Artemis, TScope, Delf, GdSda, Gencirc, susgen) | ||
| md5 | ff74865e59dc57289613c8acf736e684 | ||
| sha256 | 8ee464a74743e4ddc61f0afb0a555e5cd5d8c286eae283e80f3cbf77f6ca88d2 | ||
| ssdeep | 24576:kUFlmYzMQEOu53W2/AVTNFM9TfXx0IOnl6Q2G9RghhPHu:kKFzjboqFMRXx0IUl6Q2vh/u | ||
| imphash | 2ecd98434b0d8fca7b990c4042ffd038 | ||
| impfuzzy | 192:oN3MSbuuaDSUvK9D/o1Xy007/GQs8G1Q5POQHnDv:O3BaI98N1qPOQHT | ||
Network IP location
Signature (23cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 52 AntiVirus engines on VirusTotal as malicious |
| danger | Executed a process and injected code into it |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Attempts to create or modify system certificates |
| watch | Deletes executed files from disk |
| watch | Disables proxy possibly for traffic interception |
| watch | Installs itself for autorun at Windows startup |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| watch | Used NtSetContextThread to modify a thread in a remote process indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Downloads a file or document from Google Drive |
| notice | Drops a binary and executes it |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Uses Windows utilities for basic Windows functionality |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (11cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | ftp_command | ftp command | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (download) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | url_file_format | Microsoft Windows Internet Shortcut File Format | binaries (download) |
Network (6cnts) ?
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x4a6858 SysFreeString
0x4a685c SysReAllocStringLen
0x4a6860 SysAllocStringLen
advapi32.dll
0x4a6868 RegQueryValueExA
0x4a686c RegOpenKeyExA
0x4a6870 RegCloseKey
user32.dll
0x4a6878 GetKeyboardType
0x4a687c DestroyWindow
0x4a6880 LoadStringA
0x4a6884 MessageBoxA
0x4a6888 CharNextA
kernel32.dll
0x4a6890 GetACP
0x4a6894 Sleep
0x4a6898 VirtualFree
0x4a689c VirtualAlloc
0x4a68a0 GetCurrentThreadId
0x4a68a4 InterlockedDecrement
0x4a68a8 InterlockedIncrement
0x4a68ac VirtualQuery
0x4a68b0 WideCharToMultiByte
0x4a68b4 MultiByteToWideChar
0x4a68b8 lstrlenA
0x4a68bc lstrcpynA
0x4a68c0 LoadLibraryExA
0x4a68c4 GetThreadLocale
0x4a68c8 GetStartupInfoA
0x4a68cc GetProcAddress
0x4a68d0 GetModuleHandleA
0x4a68d4 GetModuleFileNameA
0x4a68d8 GetLocaleInfoA
0x4a68dc GetLastError
0x4a68e0 GetCommandLineA
0x4a68e4 FreeLibrary
0x4a68e8 FindFirstFileA
0x4a68ec FindClose
0x4a68f0 ExitProcess
0x4a68f4 CompareStringA
0x4a68f8 WriteFile
0x4a68fc UnhandledExceptionFilter
0x4a6900 SetFilePointer
0x4a6904 SetEndOfFile
0x4a6908 RtlUnwind
0x4a690c ReadFile
0x4a6910 RaiseException
0x4a6914 GetStdHandle
0x4a6918 GetFileSize
0x4a691c GetFileType
0x4a6920 CreateFileA
0x4a6924 CloseHandle
kernel32.dll
0x4a692c TlsSetValue
0x4a6930 TlsGetValue
0x4a6934 LocalAlloc
0x4a6938 GetModuleHandleA
user32.dll
0x4a6940 CreateWindowExA
0x4a6944 WindowFromPoint
0x4a6948 WaitMessage
0x4a694c UpdateWindow
0x4a6950 UnregisterClassA
0x4a6954 UnhookWindowsHookEx
0x4a6958 TranslateMessage
0x4a695c TranslateMDISysAccel
0x4a6960 TrackPopupMenu
0x4a6964 SystemParametersInfoA
0x4a6968 ShowWindow
0x4a696c ShowScrollBar
0x4a6970 ShowOwnedPopups
0x4a6974 SetWindowsHookExA
0x4a6978 SetWindowTextA
0x4a697c SetWindowPos
0x4a6980 SetWindowPlacement
0x4a6984 SetWindowLongW
0x4a6988 SetWindowLongA
0x4a698c SetTimer
0x4a6990 SetScrollRange
0x4a6994 SetScrollPos
0x4a6998 SetScrollInfo
0x4a699c SetRect
0x4a69a0 SetPropA
0x4a69a4 SetParent
0x4a69a8 SetMenuItemInfoA
0x4a69ac SetMenu
0x4a69b0 SetForegroundWindow
0x4a69b4 SetFocus
0x4a69b8 SetCursor
0x4a69bc SetClipboardData
0x4a69c0 SetClassLongA
0x4a69c4 SetCapture
0x4a69c8 SetActiveWindow
0x4a69cc SendMessageW
0x4a69d0 SendMessageA
0x4a69d4 ScrollWindow
0x4a69d8 ScreenToClient
0x4a69dc RemovePropA
0x4a69e0 RemoveMenu
0x4a69e4 ReleaseDC
0x4a69e8 ReleaseCapture
0x4a69ec RegisterWindowMessageA
0x4a69f0 RegisterClipboardFormatA
0x4a69f4 RegisterClassA
0x4a69f8 RedrawWindow
0x4a69fc PtInRect
0x4a6a00 PostQuitMessage
0x4a6a04 PostMessageA
0x4a6a08 PeekMessageW
0x4a6a0c PeekMessageA
0x4a6a10 OpenClipboard
0x4a6a14 OffsetRect
0x4a6a18 OemToCharA
0x4a6a1c MessageBoxA
0x4a6a20 MessageBeep
0x4a6a24 MapWindowPoints
0x4a6a28 MapVirtualKeyA
0x4a6a2c LoadStringA
0x4a6a30 LoadKeyboardLayoutA
0x4a6a34 LoadIconA
0x4a6a38 LoadCursorA
0x4a6a3c LoadBitmapA
0x4a6a40 KillTimer
0x4a6a44 IsZoomed
0x4a6a48 IsWindowVisible
0x4a6a4c IsWindowUnicode
0x4a6a50 IsWindowEnabled
0x4a6a54 IsWindow
0x4a6a58 IsRectEmpty
0x4a6a5c IsIconic
0x4a6a60 IsDialogMessageW
0x4a6a64 IsDialogMessageA
0x4a6a68 IsChild
0x4a6a6c InvalidateRect
0x4a6a70 IntersectRect
0x4a6a74 InsertMenuItemA
0x4a6a78 InsertMenuA
0x4a6a7c InflateRect
0x4a6a80 GetWindowThreadProcessId
0x4a6a84 GetWindowTextA
0x4a6a88 GetWindowRect
0x4a6a8c GetWindowPlacement
0x4a6a90 GetWindowLongW
0x4a6a94 GetWindowLongA
0x4a6a98 GetWindowDC
0x4a6a9c GetUpdateRect
0x4a6aa0 GetTopWindow
0x4a6aa4 GetSystemMetrics
0x4a6aa8 GetSystemMenu
0x4a6aac GetSysColorBrush
0x4a6ab0 GetSysColor
0x4a6ab4 GetSubMenu
0x4a6ab8 GetScrollRange
0x4a6abc GetScrollPos
0x4a6ac0 GetScrollInfo
0x4a6ac4 GetPropA
0x4a6ac8 GetParent
0x4a6acc GetWindow
0x4a6ad0 GetMessagePos
0x4a6ad4 GetMenuStringA
0x4a6ad8 GetMenuState
0x4a6adc GetMenuItemInfoA
0x4a6ae0 GetMenuItemID
0x4a6ae4 GetMenuItemCount
0x4a6ae8 GetMenu
0x4a6aec GetLastActivePopup
0x4a6af0 GetKeyboardState
0x4a6af4 GetKeyboardLayoutNameA
0x4a6af8 GetKeyboardLayoutList
0x4a6afc GetKeyboardLayout
0x4a6b00 GetKeyState
0x4a6b04 GetKeyNameTextA
0x4a6b08 GetIconInfo
0x4a6b0c GetForegroundWindow
0x4a6b10 GetFocus
0x4a6b14 GetDlgItem
0x4a6b18 GetDesktopWindow
0x4a6b1c GetDCEx
0x4a6b20 GetDC
0x4a6b24 GetCursorPos
0x4a6b28 GetCursor
0x4a6b2c GetClipboardData
0x4a6b30 GetClientRect
0x4a6b34 GetClassNameA
0x4a6b38 GetClassLongA
0x4a6b3c GetClassInfoA
0x4a6b40 GetCapture
0x4a6b44 GetActiveWindow
0x4a6b48 FrameRect
0x4a6b4c FindWindowA
0x4a6b50 FillRect
0x4a6b54 EqualRect
0x4a6b58 EnumWindows
0x4a6b5c EnumThreadWindows
0x4a6b60 EnumChildWindows
0x4a6b64 EndPaint
0x4a6b68 EnableWindow
0x4a6b6c EnableScrollBar
0x4a6b70 EnableMenuItem
0x4a6b74 EmptyClipboard
0x4a6b78 DrawTextA
0x4a6b7c DrawMenuBar
0x4a6b80 DrawIconEx
0x4a6b84 DrawIcon
0x4a6b88 DrawFrameControl
0x4a6b8c DrawFocusRect
0x4a6b90 DrawEdge
0x4a6b94 DispatchMessageW
0x4a6b98 DispatchMessageA
0x4a6b9c DestroyWindow
0x4a6ba0 DestroyMenu
0x4a6ba4 DestroyIcon
0x4a6ba8 DestroyCursor
0x4a6bac DeleteMenu
0x4a6bb0 DefWindowProcA
0x4a6bb4 DefMDIChildProcA
0x4a6bb8 DefFrameProcA
0x4a6bbc CreatePopupMenu
0x4a6bc0 CreateMenu
0x4a6bc4 CreateIcon
0x4a6bc8 CloseClipboard
0x4a6bcc ClientToScreen
0x4a6bd0 ChildWindowFromPoint
0x4a6bd4 CheckMenuItem
0x4a6bd8 CallWindowProcA
0x4a6bdc CallNextHookEx
0x4a6be0 BeginPaint
0x4a6be4 CharNextA
0x4a6be8 CharLowerBuffA
0x4a6bec CharLowerA
0x4a6bf0 CharUpperBuffA
0x4a6bf4 CharToOemA
0x4a6bf8 AdjustWindowRectEx
0x4a6bfc ActivateKeyboardLayout
msimg32.dll
0x4a6c04 GradientFill
gdi32.dll
0x4a6c0c UnrealizeObject
0x4a6c10 StretchBlt
0x4a6c14 StartPage
0x4a6c18 StartDocA
0x4a6c1c SetWindowOrgEx
0x4a6c20 SetWinMetaFileBits
0x4a6c24 SetViewportOrgEx
0x4a6c28 SetTextColor
0x4a6c2c SetStretchBltMode
0x4a6c30 SetROP2
0x4a6c34 SetPixel
0x4a6c38 SetMapMode
0x4a6c3c SetEnhMetaFileBits
0x4a6c40 SetDIBColorTable
0x4a6c44 SetBrushOrgEx
0x4a6c48 SetBkMode
0x4a6c4c SetBkColor
0x4a6c50 SetAbortProc
0x4a6c54 SelectPalette
0x4a6c58 SelectObject
0x4a6c5c SaveDC
0x4a6c60 RestoreDC
0x4a6c64 Rectangle
0x4a6c68 RectVisible
0x4a6c6c RealizePalette
0x4a6c70 Polyline
0x4a6c74 Polygon
0x4a6c78 PlayEnhMetaFile
0x4a6c7c PatBlt
0x4a6c80 MoveToEx
0x4a6c84 MaskBlt
0x4a6c88 LineTo
0x4a6c8c IntersectClipRect
0x4a6c90 GetWindowOrgEx
0x4a6c94 GetWinMetaFileBits
0x4a6c98 GetTextMetricsA
0x4a6c9c GetTextExtentPointA
0x4a6ca0 GetTextExtentPoint32A
0x4a6ca4 GetSystemPaletteEntries
0x4a6ca8 GetStockObject
0x4a6cac GetRgnBox
0x4a6cb0 GetPixel
0x4a6cb4 GetPaletteEntries
0x4a6cb8 GetObjectA
0x4a6cbc GetEnhMetaFilePaletteEntries
0x4a6cc0 GetEnhMetaFileHeader
0x4a6cc4 GetEnhMetaFileBits
0x4a6cc8 GetDeviceCaps
0x4a6ccc GetDIBits
0x4a6cd0 GetDIBColorTable
0x4a6cd4 GetDCOrgEx
0x4a6cd8 GetCurrentPositionEx
0x4a6cdc GetClipBox
0x4a6ce0 GetBrushOrgEx
0x4a6ce4 GetBitmapBits
0x4a6ce8 GdiFlush
0x4a6cec ExtTextOutA
0x4a6cf0 ExcludeClipRect
0x4a6cf4 EndPage
0x4a6cf8 EndDoc
0x4a6cfc DeleteObject
0x4a6d00 DeleteEnhMetaFile
0x4a6d04 DeleteDC
0x4a6d08 CreateSolidBrush
0x4a6d0c CreateRectRgn
0x4a6d10 CreatePenIndirect
0x4a6d14 CreatePalette
0x4a6d18 CreateICA
0x4a6d1c CreateHalftonePalette
0x4a6d20 CreateFontIndirectA
0x4a6d24 CreateDIBitmap
0x4a6d28 CreateDIBSection
0x4a6d2c CreateDCA
0x4a6d30 CreateCompatibleDC
0x4a6d34 CreateCompatibleBitmap
0x4a6d38 CreateBrushIndirect
0x4a6d3c CreateBitmap
0x4a6d40 CopyEnhMetaFileA
0x4a6d44 CombineRgn
0x4a6d48 BitBlt
version.dll
0x4a6d50 VerQueryValueA
0x4a6d54 GetFileVersionInfoSizeA
0x4a6d58 GetFileVersionInfoA
kernel32.dll
0x4a6d60 lstrcpyA
0x4a6d64 lstrcmpA
0x4a6d68 WriteFile
0x4a6d6c WaitForSingleObject
0x4a6d70 VirtualQuery
0x4a6d74 VirtualAlloc
0x4a6d78 SizeofResource
0x4a6d7c SetThreadLocale
0x4a6d80 SetFilePointer
0x4a6d84 SetEvent
0x4a6d88 SetErrorMode
0x4a6d8c SetEndOfFile
0x4a6d90 ResetEvent
0x4a6d94 ReadFile
0x4a6d98 MultiByteToWideChar
0x4a6d9c MulDiv
0x4a6da0 LockResource
0x4a6da4 LoadResource
0x4a6da8 LoadLibraryExA
0x4a6dac LoadLibraryA
0x4a6db0 LeaveCriticalSection
0x4a6db4 InitializeCriticalSection
0x4a6db8 GlobalUnlock
0x4a6dbc GlobalLock
0x4a6dc0 GlobalFree
0x4a6dc4 GlobalFindAtomA
0x4a6dc8 GlobalDeleteAtom
0x4a6dcc GlobalAlloc
0x4a6dd0 GlobalAddAtomA
0x4a6dd4 GetVersionExA
0x4a6dd8 GetVersion
0x4a6ddc GetTickCount
0x4a6de0 GetThreadLocale
0x4a6de4 GetStdHandle
0x4a6de8 GetProfileStringA
0x4a6dec GetProcAddress
0x4a6df0 GetModuleHandleA
0x4a6df4 GetModuleFileNameA
0x4a6df8 GetLocaleInfoA
0x4a6dfc GetLocalTime
0x4a6e00 GetLastError
0x4a6e04 GetFullPathNameA
0x4a6e08 GetDiskFreeSpaceA
0x4a6e0c GetDateFormatA
0x4a6e10 GetCurrentThreadId
0x4a6e14 GetCurrentProcessId
0x4a6e18 GetCPInfo
0x4a6e1c FreeResource
0x4a6e20 InterlockedExchange
0x4a6e24 FreeLibrary
0x4a6e28 FormatMessageA
0x4a6e2c FindResourceA
0x4a6e30 EnumCalendarInfoA
0x4a6e34 EnterCriticalSection
0x4a6e38 DeleteCriticalSection
0x4a6e3c CreateThread
0x4a6e40 CreateFileA
0x4a6e44 CreateEventA
0x4a6e48 CompareStringA
0x4a6e4c CloseHandle
advapi32.dll
0x4a6e54 RegQueryValueExA
0x4a6e58 RegOpenKeyExA
0x4a6e5c RegFlushKey
0x4a6e60 RegCloseKey
oleaut32.dll
0x4a6e68 GetErrorInfo
0x4a6e6c SysFreeString
ole32.dll
0x4a6e74 CoTaskMemAlloc
0x4a6e78 CoCreateInstance
0x4a6e7c CoUninitialize
0x4a6e80 CoInitialize
kernel32.dll
0x4a6e88 Sleep
oleaut32.dll
0x4a6e90 SafeArrayPtrOfIndex
0x4a6e94 SafeArrayGetUBound
0x4a6e98 SafeArrayGetLBound
0x4a6e9c SafeArrayCreate
0x4a6ea0 VariantChangeType
0x4a6ea4 VariantCopy
0x4a6ea8 VariantClear
0x4a6eac VariantInit
comctl32.dll
0x4a6eb4 _TrackMouseEvent
0x4a6eb8 ImageList_SetIconSize
0x4a6ebc ImageList_GetIconSize
0x4a6ec0 ImageList_Write
0x4a6ec4 ImageList_Read
0x4a6ec8 ImageList_GetDragImage
0x4a6ecc ImageList_DragShowNolock
0x4a6ed0 ImageList_DragMove
0x4a6ed4 ImageList_DragLeave
0x4a6ed8 ImageList_DragEnter
0x4a6edc ImageList_EndDrag
0x4a6ee0 ImageList_BeginDrag
0x4a6ee4 ImageList_Remove
0x4a6ee8 ImageList_DrawEx
0x4a6eec ImageList_Replace
0x4a6ef0 ImageList_Draw
0x4a6ef4 ImageList_GetBkColor
0x4a6ef8 ImageList_SetBkColor
0x4a6efc ImageList_Add
0x4a6f00 ImageList_GetImageCount
0x4a6f04 ImageList_Destroy
0x4a6f08 ImageList_Create
0x4a6f0c InitCommonControls
winspool.drv
0x4a6f14 OpenPrinterA
0x4a6f18 EnumPrintersA
0x4a6f1c DocumentPropertiesA
0x4a6f20 ClosePrinter
comdlg32.dll
0x4a6f28 GetSaveFileNameA
0x4a6f2c GetOpenFileNameA
EAT(Export Address Table) is none
oleaut32.dll
0x4a6858 SysFreeString
0x4a685c SysReAllocStringLen
0x4a6860 SysAllocStringLen
advapi32.dll
0x4a6868 RegQueryValueExA
0x4a686c RegOpenKeyExA
0x4a6870 RegCloseKey
user32.dll
0x4a6878 GetKeyboardType
0x4a687c DestroyWindow
0x4a6880 LoadStringA
0x4a6884 MessageBoxA
0x4a6888 CharNextA
kernel32.dll
0x4a6890 GetACP
0x4a6894 Sleep
0x4a6898 VirtualFree
0x4a689c VirtualAlloc
0x4a68a0 GetCurrentThreadId
0x4a68a4 InterlockedDecrement
0x4a68a8 InterlockedIncrement
0x4a68ac VirtualQuery
0x4a68b0 WideCharToMultiByte
0x4a68b4 MultiByteToWideChar
0x4a68b8 lstrlenA
0x4a68bc lstrcpynA
0x4a68c0 LoadLibraryExA
0x4a68c4 GetThreadLocale
0x4a68c8 GetStartupInfoA
0x4a68cc GetProcAddress
0x4a68d0 GetModuleHandleA
0x4a68d4 GetModuleFileNameA
0x4a68d8 GetLocaleInfoA
0x4a68dc GetLastError
0x4a68e0 GetCommandLineA
0x4a68e4 FreeLibrary
0x4a68e8 FindFirstFileA
0x4a68ec FindClose
0x4a68f0 ExitProcess
0x4a68f4 CompareStringA
0x4a68f8 WriteFile
0x4a68fc UnhandledExceptionFilter
0x4a6900 SetFilePointer
0x4a6904 SetEndOfFile
0x4a6908 RtlUnwind
0x4a690c ReadFile
0x4a6910 RaiseException
0x4a6914 GetStdHandle
0x4a6918 GetFileSize
0x4a691c GetFileType
0x4a6920 CreateFileA
0x4a6924 CloseHandle
kernel32.dll
0x4a692c TlsSetValue
0x4a6930 TlsGetValue
0x4a6934 LocalAlloc
0x4a6938 GetModuleHandleA
user32.dll
0x4a6940 CreateWindowExA
0x4a6944 WindowFromPoint
0x4a6948 WaitMessage
0x4a694c UpdateWindow
0x4a6950 UnregisterClassA
0x4a6954 UnhookWindowsHookEx
0x4a6958 TranslateMessage
0x4a695c TranslateMDISysAccel
0x4a6960 TrackPopupMenu
0x4a6964 SystemParametersInfoA
0x4a6968 ShowWindow
0x4a696c ShowScrollBar
0x4a6970 ShowOwnedPopups
0x4a6974 SetWindowsHookExA
0x4a6978 SetWindowTextA
0x4a697c SetWindowPos
0x4a6980 SetWindowPlacement
0x4a6984 SetWindowLongW
0x4a6988 SetWindowLongA
0x4a698c SetTimer
0x4a6990 SetScrollRange
0x4a6994 SetScrollPos
0x4a6998 SetScrollInfo
0x4a699c SetRect
0x4a69a0 SetPropA
0x4a69a4 SetParent
0x4a69a8 SetMenuItemInfoA
0x4a69ac SetMenu
0x4a69b0 SetForegroundWindow
0x4a69b4 SetFocus
0x4a69b8 SetCursor
0x4a69bc SetClipboardData
0x4a69c0 SetClassLongA
0x4a69c4 SetCapture
0x4a69c8 SetActiveWindow
0x4a69cc SendMessageW
0x4a69d0 SendMessageA
0x4a69d4 ScrollWindow
0x4a69d8 ScreenToClient
0x4a69dc RemovePropA
0x4a69e0 RemoveMenu
0x4a69e4 ReleaseDC
0x4a69e8 ReleaseCapture
0x4a69ec RegisterWindowMessageA
0x4a69f0 RegisterClipboardFormatA
0x4a69f4 RegisterClassA
0x4a69f8 RedrawWindow
0x4a69fc PtInRect
0x4a6a00 PostQuitMessage
0x4a6a04 PostMessageA
0x4a6a08 PeekMessageW
0x4a6a0c PeekMessageA
0x4a6a10 OpenClipboard
0x4a6a14 OffsetRect
0x4a6a18 OemToCharA
0x4a6a1c MessageBoxA
0x4a6a20 MessageBeep
0x4a6a24 MapWindowPoints
0x4a6a28 MapVirtualKeyA
0x4a6a2c LoadStringA
0x4a6a30 LoadKeyboardLayoutA
0x4a6a34 LoadIconA
0x4a6a38 LoadCursorA
0x4a6a3c LoadBitmapA
0x4a6a40 KillTimer
0x4a6a44 IsZoomed
0x4a6a48 IsWindowVisible
0x4a6a4c IsWindowUnicode
0x4a6a50 IsWindowEnabled
0x4a6a54 IsWindow
0x4a6a58 IsRectEmpty
0x4a6a5c IsIconic
0x4a6a60 IsDialogMessageW
0x4a6a64 IsDialogMessageA
0x4a6a68 IsChild
0x4a6a6c InvalidateRect
0x4a6a70 IntersectRect
0x4a6a74 InsertMenuItemA
0x4a6a78 InsertMenuA
0x4a6a7c InflateRect
0x4a6a80 GetWindowThreadProcessId
0x4a6a84 GetWindowTextA
0x4a6a88 GetWindowRect
0x4a6a8c GetWindowPlacement
0x4a6a90 GetWindowLongW
0x4a6a94 GetWindowLongA
0x4a6a98 GetWindowDC
0x4a6a9c GetUpdateRect
0x4a6aa0 GetTopWindow
0x4a6aa4 GetSystemMetrics
0x4a6aa8 GetSystemMenu
0x4a6aac GetSysColorBrush
0x4a6ab0 GetSysColor
0x4a6ab4 GetSubMenu
0x4a6ab8 GetScrollRange
0x4a6abc GetScrollPos
0x4a6ac0 GetScrollInfo
0x4a6ac4 GetPropA
0x4a6ac8 GetParent
0x4a6acc GetWindow
0x4a6ad0 GetMessagePos
0x4a6ad4 GetMenuStringA
0x4a6ad8 GetMenuState
0x4a6adc GetMenuItemInfoA
0x4a6ae0 GetMenuItemID
0x4a6ae4 GetMenuItemCount
0x4a6ae8 GetMenu
0x4a6aec GetLastActivePopup
0x4a6af0 GetKeyboardState
0x4a6af4 GetKeyboardLayoutNameA
0x4a6af8 GetKeyboardLayoutList
0x4a6afc GetKeyboardLayout
0x4a6b00 GetKeyState
0x4a6b04 GetKeyNameTextA
0x4a6b08 GetIconInfo
0x4a6b0c GetForegroundWindow
0x4a6b10 GetFocus
0x4a6b14 GetDlgItem
0x4a6b18 GetDesktopWindow
0x4a6b1c GetDCEx
0x4a6b20 GetDC
0x4a6b24 GetCursorPos
0x4a6b28 GetCursor
0x4a6b2c GetClipboardData
0x4a6b30 GetClientRect
0x4a6b34 GetClassNameA
0x4a6b38 GetClassLongA
0x4a6b3c GetClassInfoA
0x4a6b40 GetCapture
0x4a6b44 GetActiveWindow
0x4a6b48 FrameRect
0x4a6b4c FindWindowA
0x4a6b50 FillRect
0x4a6b54 EqualRect
0x4a6b58 EnumWindows
0x4a6b5c EnumThreadWindows
0x4a6b60 EnumChildWindows
0x4a6b64 EndPaint
0x4a6b68 EnableWindow
0x4a6b6c EnableScrollBar
0x4a6b70 EnableMenuItem
0x4a6b74 EmptyClipboard
0x4a6b78 DrawTextA
0x4a6b7c DrawMenuBar
0x4a6b80 DrawIconEx
0x4a6b84 DrawIcon
0x4a6b88 DrawFrameControl
0x4a6b8c DrawFocusRect
0x4a6b90 DrawEdge
0x4a6b94 DispatchMessageW
0x4a6b98 DispatchMessageA
0x4a6b9c DestroyWindow
0x4a6ba0 DestroyMenu
0x4a6ba4 DestroyIcon
0x4a6ba8 DestroyCursor
0x4a6bac DeleteMenu
0x4a6bb0 DefWindowProcA
0x4a6bb4 DefMDIChildProcA
0x4a6bb8 DefFrameProcA
0x4a6bbc CreatePopupMenu
0x4a6bc0 CreateMenu
0x4a6bc4 CreateIcon
0x4a6bc8 CloseClipboard
0x4a6bcc ClientToScreen
0x4a6bd0 ChildWindowFromPoint
0x4a6bd4 CheckMenuItem
0x4a6bd8 CallWindowProcA
0x4a6bdc CallNextHookEx
0x4a6be0 BeginPaint
0x4a6be4 CharNextA
0x4a6be8 CharLowerBuffA
0x4a6bec CharLowerA
0x4a6bf0 CharUpperBuffA
0x4a6bf4 CharToOemA
0x4a6bf8 AdjustWindowRectEx
0x4a6bfc ActivateKeyboardLayout
msimg32.dll
0x4a6c04 GradientFill
gdi32.dll
0x4a6c0c UnrealizeObject
0x4a6c10 StretchBlt
0x4a6c14 StartPage
0x4a6c18 StartDocA
0x4a6c1c SetWindowOrgEx
0x4a6c20 SetWinMetaFileBits
0x4a6c24 SetViewportOrgEx
0x4a6c28 SetTextColor
0x4a6c2c SetStretchBltMode
0x4a6c30 SetROP2
0x4a6c34 SetPixel
0x4a6c38 SetMapMode
0x4a6c3c SetEnhMetaFileBits
0x4a6c40 SetDIBColorTable
0x4a6c44 SetBrushOrgEx
0x4a6c48 SetBkMode
0x4a6c4c SetBkColor
0x4a6c50 SetAbortProc
0x4a6c54 SelectPalette
0x4a6c58 SelectObject
0x4a6c5c SaveDC
0x4a6c60 RestoreDC
0x4a6c64 Rectangle
0x4a6c68 RectVisible
0x4a6c6c RealizePalette
0x4a6c70 Polyline
0x4a6c74 Polygon
0x4a6c78 PlayEnhMetaFile
0x4a6c7c PatBlt
0x4a6c80 MoveToEx
0x4a6c84 MaskBlt
0x4a6c88 LineTo
0x4a6c8c IntersectClipRect
0x4a6c90 GetWindowOrgEx
0x4a6c94 GetWinMetaFileBits
0x4a6c98 GetTextMetricsA
0x4a6c9c GetTextExtentPointA
0x4a6ca0 GetTextExtentPoint32A
0x4a6ca4 GetSystemPaletteEntries
0x4a6ca8 GetStockObject
0x4a6cac GetRgnBox
0x4a6cb0 GetPixel
0x4a6cb4 GetPaletteEntries
0x4a6cb8 GetObjectA
0x4a6cbc GetEnhMetaFilePaletteEntries
0x4a6cc0 GetEnhMetaFileHeader
0x4a6cc4 GetEnhMetaFileBits
0x4a6cc8 GetDeviceCaps
0x4a6ccc GetDIBits
0x4a6cd0 GetDIBColorTable
0x4a6cd4 GetDCOrgEx
0x4a6cd8 GetCurrentPositionEx
0x4a6cdc GetClipBox
0x4a6ce0 GetBrushOrgEx
0x4a6ce4 GetBitmapBits
0x4a6ce8 GdiFlush
0x4a6cec ExtTextOutA
0x4a6cf0 ExcludeClipRect
0x4a6cf4 EndPage
0x4a6cf8 EndDoc
0x4a6cfc DeleteObject
0x4a6d00 DeleteEnhMetaFile
0x4a6d04 DeleteDC
0x4a6d08 CreateSolidBrush
0x4a6d0c CreateRectRgn
0x4a6d10 CreatePenIndirect
0x4a6d14 CreatePalette
0x4a6d18 CreateICA
0x4a6d1c CreateHalftonePalette
0x4a6d20 CreateFontIndirectA
0x4a6d24 CreateDIBitmap
0x4a6d28 CreateDIBSection
0x4a6d2c CreateDCA
0x4a6d30 CreateCompatibleDC
0x4a6d34 CreateCompatibleBitmap
0x4a6d38 CreateBrushIndirect
0x4a6d3c CreateBitmap
0x4a6d40 CopyEnhMetaFileA
0x4a6d44 CombineRgn
0x4a6d48 BitBlt
version.dll
0x4a6d50 VerQueryValueA
0x4a6d54 GetFileVersionInfoSizeA
0x4a6d58 GetFileVersionInfoA
kernel32.dll
0x4a6d60 lstrcpyA
0x4a6d64 lstrcmpA
0x4a6d68 WriteFile
0x4a6d6c WaitForSingleObject
0x4a6d70 VirtualQuery
0x4a6d74 VirtualAlloc
0x4a6d78 SizeofResource
0x4a6d7c SetThreadLocale
0x4a6d80 SetFilePointer
0x4a6d84 SetEvent
0x4a6d88 SetErrorMode
0x4a6d8c SetEndOfFile
0x4a6d90 ResetEvent
0x4a6d94 ReadFile
0x4a6d98 MultiByteToWideChar
0x4a6d9c MulDiv
0x4a6da0 LockResource
0x4a6da4 LoadResource
0x4a6da8 LoadLibraryExA
0x4a6dac LoadLibraryA
0x4a6db0 LeaveCriticalSection
0x4a6db4 InitializeCriticalSection
0x4a6db8 GlobalUnlock
0x4a6dbc GlobalLock
0x4a6dc0 GlobalFree
0x4a6dc4 GlobalFindAtomA
0x4a6dc8 GlobalDeleteAtom
0x4a6dcc GlobalAlloc
0x4a6dd0 GlobalAddAtomA
0x4a6dd4 GetVersionExA
0x4a6dd8 GetVersion
0x4a6ddc GetTickCount
0x4a6de0 GetThreadLocale
0x4a6de4 GetStdHandle
0x4a6de8 GetProfileStringA
0x4a6dec GetProcAddress
0x4a6df0 GetModuleHandleA
0x4a6df4 GetModuleFileNameA
0x4a6df8 GetLocaleInfoA
0x4a6dfc GetLocalTime
0x4a6e00 GetLastError
0x4a6e04 GetFullPathNameA
0x4a6e08 GetDiskFreeSpaceA
0x4a6e0c GetDateFormatA
0x4a6e10 GetCurrentThreadId
0x4a6e14 GetCurrentProcessId
0x4a6e18 GetCPInfo
0x4a6e1c FreeResource
0x4a6e20 InterlockedExchange
0x4a6e24 FreeLibrary
0x4a6e28 FormatMessageA
0x4a6e2c FindResourceA
0x4a6e30 EnumCalendarInfoA
0x4a6e34 EnterCriticalSection
0x4a6e38 DeleteCriticalSection
0x4a6e3c CreateThread
0x4a6e40 CreateFileA
0x4a6e44 CreateEventA
0x4a6e48 CompareStringA
0x4a6e4c CloseHandle
advapi32.dll
0x4a6e54 RegQueryValueExA
0x4a6e58 RegOpenKeyExA
0x4a6e5c RegFlushKey
0x4a6e60 RegCloseKey
oleaut32.dll
0x4a6e68 GetErrorInfo
0x4a6e6c SysFreeString
ole32.dll
0x4a6e74 CoTaskMemAlloc
0x4a6e78 CoCreateInstance
0x4a6e7c CoUninitialize
0x4a6e80 CoInitialize
kernel32.dll
0x4a6e88 Sleep
oleaut32.dll
0x4a6e90 SafeArrayPtrOfIndex
0x4a6e94 SafeArrayGetUBound
0x4a6e98 SafeArrayGetLBound
0x4a6e9c SafeArrayCreate
0x4a6ea0 VariantChangeType
0x4a6ea4 VariantCopy
0x4a6ea8 VariantClear
0x4a6eac VariantInit
comctl32.dll
0x4a6eb4 _TrackMouseEvent
0x4a6eb8 ImageList_SetIconSize
0x4a6ebc ImageList_GetIconSize
0x4a6ec0 ImageList_Write
0x4a6ec4 ImageList_Read
0x4a6ec8 ImageList_GetDragImage
0x4a6ecc ImageList_DragShowNolock
0x4a6ed0 ImageList_DragMove
0x4a6ed4 ImageList_DragLeave
0x4a6ed8 ImageList_DragEnter
0x4a6edc ImageList_EndDrag
0x4a6ee0 ImageList_BeginDrag
0x4a6ee4 ImageList_Remove
0x4a6ee8 ImageList_DrawEx
0x4a6eec ImageList_Replace
0x4a6ef0 ImageList_Draw
0x4a6ef4 ImageList_GetBkColor
0x4a6ef8 ImageList_SetBkColor
0x4a6efc ImageList_Add
0x4a6f00 ImageList_GetImageCount
0x4a6f04 ImageList_Destroy
0x4a6f08 ImageList_Create
0x4a6f0c InitCommonControls
winspool.drv
0x4a6f14 OpenPrinterA
0x4a6f18 EnumPrintersA
0x4a6f1c DocumentPropertiesA
0x4a6f20 ClosePrinter
comdlg32.dll
0x4a6f28 GetSaveFileNameA
0x4a6f2c GetOpenFileNameA
EAT(Export Address Table) is none