ScreenShot
| Created | 2025.01.10 16:50 | Machine | s1_win7_x6403 |
| Filename | svhost.exe | ||
| Type | PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 13 detected (Artemis, Unsafe, CoinMiner, MalwareX, Tedy, CLOUD, soicu, R002H09LB24, susgen) | ||
| md5 | 6b3b2c4cdcc210e868ca4c3dee9584e5 | ||
| sha256 | 5422a959db0ae7deadab5898df05405af64a12e3eacd0419644fd3078989f620 | ||
| ssdeep | 98304:Vm/6cbaX5jpmODW4pkIYbt9zWPlRcRE4DxMpGCEuP+OCN0x2qx+cOOXk2MokrMxg:4/v45DdyM35XkBfDn | ||
| imphash | d02deea2cbc989e599d4a58620d56372 | ||
| impfuzzy | 96:2NlUogx0yXR5SrcmXiZpAy42xQeXXiX1Pgb/lYJJG/2g48dVJlUnFqgUneS05x0L:MlpNcPSr5J+SForrP48dRhgUp73t | ||
Network IP location
Signature (2cnts)
| Level | Description |
|---|---|
| watch | File has been identified by 13 AntiVirus engines on VirusTotal as malicious |
| info | Checks amount of memory in system |
Rules (5cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
ADVAPI32.dll
0x1406a99e8 CryptAcquireContextW
0x1406a99f0 CryptGenRandom
0x1406a99f8 CryptReleaseContext
0x1406a9a00 DeregisterEventSource
0x1406a9a08 RegisterEventSourceW
0x1406a9a10 ReportEventW
CRYPT32.dll
0x1406a9a20 CertCloseStore
0x1406a9a28 CertFindCertificateInStore
0x1406a9a30 CertFreeCertificateContext
0x1406a9a38 CertOpenSystemStoreW
KERNEL32.dll
0x1406a9a48 CancelIoEx
0x1406a9a50 CloseHandle
0x1406a9a58 ConvertFiberToThread
0x1406a9a60 ConvertThreadToFiber
0x1406a9a68 CreateEventA
0x1406a9a70 CreateFiber
0x1406a9a78 CreateIoCompletionPort
0x1406a9a80 CreateSemaphoreA
0x1406a9a88 CreateWaitableTimerA
0x1406a9a90 DeleteCriticalSection
0x1406a9a98 DeleteFiber
0x1406a9aa0 DuplicateHandle
0x1406a9aa8 EnterCriticalSection
0x1406a9ab0 FileTimeToSystemTime
0x1406a9ab8 FindClose
0x1406a9ac0 FindFirstFileW
0x1406a9ac8 FindNextFileW
0x1406a9ad0 FormatMessageA
0x1406a9ad8 FormatMessageW
0x1406a9ae0 FreeLibrary
0x1406a9ae8 GetACP
0x1406a9af0 GetConsoleMode
0x1406a9af8 GetCurrentProcess
0x1406a9b00 GetCurrentProcessId
0x1406a9b08 GetCurrentThread
0x1406a9b10 GetCurrentThreadId
0x1406a9b18 GetEnvironmentVariableW
0x1406a9b20 GetExitCodeThread
0x1406a9b28 GetFileType
0x1406a9b30 GetHandleInformation
0x1406a9b38 GetLastError
0x1406a9b40 GetLogicalProcessorInformation
0x1406a9b48 GetModuleHandleA
0x1406a9b50 GetModuleHandleExW
0x1406a9b58 GetModuleHandleW
0x1406a9b60 GetProcAddress
0x1406a9b68 GetProcessAffinityMask
0x1406a9b70 GetProcessHeap
0x1406a9b78 GetProcessTimes
0x1406a9b80 GetQueuedCompletionStatus
0x1406a9b88 GetStdHandle
0x1406a9b90 GetSystemDirectoryA
0x1406a9b98 GetSystemInfo
0x1406a9ba0 GetSystemTime
0x1406a9ba8 GetSystemTimeAdjustment
0x1406a9bb0 GetSystemTimeAsFileTime
0x1406a9bb8 GetThreadContext
0x1406a9bc0 GetThreadPriority
0x1406a9bc8 GetThreadTimes
0x1406a9bd0 GetTickCount
0x1406a9bd8 GetVersion
0x1406a9be0 HeapAlloc
0x1406a9be8 HeapFree
0x1406a9bf0 InitializeCriticalSection
0x1406a9bf8 InitializeCriticalSectionAndSpinCount
0x1406a9c00 IsDBCSLeadByteEx
0x1406a9c08 IsDebuggerPresent
0x1406a9c10 IsProcessorFeaturePresent
0x1406a9c18 LeaveCriticalSection
0x1406a9c20 LoadLibraryA
0x1406a9c28 LoadLibraryW
0x1406a9c30 LocalFree
0x1406a9c38 MultiByteToWideChar
0x1406a9c40 OpenEventA
0x1406a9c48 OpenProcess
0x1406a9c50 OutputDebugStringA
0x1406a9c58 PostQueuedCompletionStatus
0x1406a9c60 QueryPerformanceCounter
0x1406a9c68 QueryPerformanceFrequency
0x1406a9c70 QueueUserAPC
0x1406a9c78 RaiseException
0x1406a9c80 ReadConsoleA
0x1406a9c88 ReadConsoleW
0x1406a9c90 ReleaseSemaphore
0x1406a9c98 ResetEvent
0x1406a9ca0 ResumeThread
0x1406a9ca8 RtlCaptureContext
0x1406a9cb0 RtlLookupFunctionEntry
0x1406a9cb8 RtlUnwindEx
0x1406a9cc0 RtlVirtualUnwind
0x1406a9cc8 SetConsoleMode
0x1406a9cd0 SetEvent
0x1406a9cd8 SetLastError
0x1406a9ce0 SetProcessAffinityMask
0x1406a9ce8 SetSystemTime
0x1406a9cf0 SetThreadContext
0x1406a9cf8 SetThreadPriority
0x1406a9d00 SetUnhandledExceptionFilter
0x1406a9d08 SetWaitableTimer
0x1406a9d10 Sleep
0x1406a9d18 SleepEx
0x1406a9d20 SuspendThread
0x1406a9d28 SwitchToFiber
0x1406a9d30 SystemTimeToFileTime
0x1406a9d38 TerminateProcess
0x1406a9d40 TerminateThread
0x1406a9d48 TlsAlloc
0x1406a9d50 TlsFree
0x1406a9d58 TlsGetValue
0x1406a9d60 TlsSetValue
0x1406a9d68 TryEnterCriticalSection
0x1406a9d70 VirtualAlloc
0x1406a9d78 VirtualFree
0x1406a9d80 VirtualLock
0x1406a9d88 VirtualProtect
0x1406a9d90 VirtualQuery
0x1406a9d98 WaitForMultipleObjects
0x1406a9da0 WaitForMultipleObjectsEx
0x1406a9da8 WaitForSingleObject
0x1406a9db0 WaitForSingleObjectEx
0x1406a9db8 WideCharToMultiByte
0x1406a9dc0 WriteFile
msvcrt.dll
0x1406a9dd0 __C_specific_handler
0x1406a9dd8 ___lc_codepage_func
0x1406a9de0 ___mb_cur_max_func
0x1406a9de8 __getmainargs
0x1406a9df0 __initenv
0x1406a9df8 __iob_func
0x1406a9e00 __set_app_type
0x1406a9e08 __setusermatherr
0x1406a9e10 _aligned_free
0x1406a9e18 _aligned_malloc
0x1406a9e20 _amsg_exit
0x1406a9e28 _assert
0x1406a9e30 _beginthreadex
0x1406a9e38 _cexit
0x1406a9e40 _commode
0x1406a9e48 _endthreadex
0x1406a9e50 _errno
0x1406a9e58 _exit
0x1406a9e60 _fdopen
0x1406a9e68 _filelengthi64
0x1406a9e70 _fileno
0x1406a9e78 _fileno
0x1406a9e80 _fmode
0x1406a9e88 _fstat64
0x1406a9e90 _gmtime64
0x1406a9e98 _initterm
0x1406a9ea0 _localtime64
0x1406a9ea8 _lock
0x1406a9eb0 _lseeki64
0x1406a9eb8 _mktime64
0x1406a9ec0 _onexit
0x1406a9ec8 _read
0x1406a9ed0 _setjmp
0x1406a9ed8 _setmode
0x1406a9ee0 _stat64
0x1406a9ee8 _strdup
0x1406a9ef0 _strdup
0x1406a9ef8 _strtoi64
0x1406a9f00 _strtoui64
0x1406a9f08 _time64
0x1406a9f10 _timezone
0x1406a9f18 _unlock
0x1406a9f20 _vscprintf
0x1406a9f28 _vsnprintf
0x1406a9f30 _vsnwprintf
0x1406a9f38 _wfopen
0x1406a9f40 _write
0x1406a9f48 abort
0x1406a9f50 atoi
0x1406a9f58 calloc
0x1406a9f60 exit
0x1406a9f68 fclose
0x1406a9f70 feof
0x1406a9f78 ferror
0x1406a9f80 fflush
0x1406a9f88 fgetpos
0x1406a9f90 fgets
0x1406a9f98 fopen
0x1406a9fa0 fprintf
0x1406a9fa8 fputc
0x1406a9fb0 fputs
0x1406a9fb8 fread
0x1406a9fc0 free
0x1406a9fc8 fsetpos
0x1406a9fd0 fseek
0x1406a9fd8 ftell
0x1406a9fe0 fwrite
0x1406a9fe8 getc
0x1406a9ff0 getenv
0x1406a9ff8 getwc
0x1406aa000 isspace
0x1406aa008 iswctype
0x1406aa010 localeconv
0x1406aa018 longjmp
0x1406aa020 malloc
0x1406aa028 memchr
0x1406aa030 memcmp
0x1406aa038 memcpy
0x1406aa040 memmove
0x1406aa048 memset
0x1406aa050 printf
0x1406aa058 putc
0x1406aa060 puts
0x1406aa068 putwc
0x1406aa070 qsort
0x1406aa078 raise
0x1406aa080 realloc
0x1406aa088 setlocale
0x1406aa090 setvbuf
0x1406aa098 signal
0x1406aa0a0 sprintf
0x1406aa0a8 sscanf
0x1406aa0b0 strcat
0x1406aa0b8 strchr
0x1406aa0c0 strcmp
0x1406aa0c8 strcoll
0x1406aa0d0 strcpy
0x1406aa0d8 strcspn
0x1406aa0e0 strerror
0x1406aa0e8 strftime
0x1406aa0f0 strlen
0x1406aa0f8 strncmp
0x1406aa100 strncpy
0x1406aa108 strrchr
0x1406aa110 strspn
0x1406aa118 strstr
0x1406aa120 strtol
0x1406aa128 strtoul
0x1406aa130 strxfrm
0x1406aa138 system
0x1406aa140 tolower
0x1406aa148 towlower
0x1406aa150 towupper
0x1406aa158 ungetwc
0x1406aa160 ungetc
0x1406aa168 vfprintf
0x1406aa170 wcscoll
0x1406aa178 wcscpy
0x1406aa180 wcsftime
0x1406aa188 wcslen
0x1406aa190 wcsstr
0x1406aa198 wcstombs
0x1406aa1a0 wcsxfrm
USER32.dll
0x1406aa1b0 GetProcessWindowStation
0x1406aa1b8 GetUserObjectInformationW
0x1406aa1c0 MessageBoxW
WS2_32.dll
0x1406aa1d0 WSACleanup
0x1406aa1d8 WSAGetLastError
0x1406aa1e0 WSAIoctl
0x1406aa1e8 WSARecv
0x1406aa1f0 WSASend
0x1406aa1f8 WSASetLastError
0x1406aa200 WSASocketW
0x1406aa208 WSAStartup
0x1406aa210 WSAStringToAddressA
0x1406aa218 __WSAFDIsSet
0x1406aa220 accept
0x1406aa228 ind
0x1406aa230 closesocket
0x1406aa238 connect
0x1406aa240 freeaddrinfo
0x1406aa248 getaddrinfo
0x1406aa250 gethostbyaddr
0x1406aa258 gethostbyname
0x1406aa260 gethostname
0x1406aa268 getpeername
0x1406aa270 getservbyname
0x1406aa278 getservbyport
0x1406aa280 getsockname
0x1406aa288 getsockopt
0x1406aa290 htonl
0x1406aa298 htons
0x1406aa2a0 inet_addr
0x1406aa2a8 inet_ntoa
0x1406aa2b0 ioctlsocket
0x1406aa2b8 listen
0x1406aa2c0 ntohl
0x1406aa2c8 ntohs
0x1406aa2d0 recv
0x1406aa2d8 recvfrom
0x1406aa2e0 select
0x1406aa2e8 send
0x1406aa2f0 sendto
0x1406aa2f8 setsockopt
0x1406aa300 shutdown
0x1406aa308 socket
WSOCK32.dll
0x1406aa318 AcceptEx
0x1406aa320 GetAcceptExSockaddrs
EAT(Export Address Table) Library
0x14008f0f0 jump_fcontext
0x14008f060 make_fcontext
0x14008f2c0 ontop_fcontext
ADVAPI32.dll
0x1406a99e8 CryptAcquireContextW
0x1406a99f0 CryptGenRandom
0x1406a99f8 CryptReleaseContext
0x1406a9a00 DeregisterEventSource
0x1406a9a08 RegisterEventSourceW
0x1406a9a10 ReportEventW
CRYPT32.dll
0x1406a9a20 CertCloseStore
0x1406a9a28 CertFindCertificateInStore
0x1406a9a30 CertFreeCertificateContext
0x1406a9a38 CertOpenSystemStoreW
KERNEL32.dll
0x1406a9a48 CancelIoEx
0x1406a9a50 CloseHandle
0x1406a9a58 ConvertFiberToThread
0x1406a9a60 ConvertThreadToFiber
0x1406a9a68 CreateEventA
0x1406a9a70 CreateFiber
0x1406a9a78 CreateIoCompletionPort
0x1406a9a80 CreateSemaphoreA
0x1406a9a88 CreateWaitableTimerA
0x1406a9a90 DeleteCriticalSection
0x1406a9a98 DeleteFiber
0x1406a9aa0 DuplicateHandle
0x1406a9aa8 EnterCriticalSection
0x1406a9ab0 FileTimeToSystemTime
0x1406a9ab8 FindClose
0x1406a9ac0 FindFirstFileW
0x1406a9ac8 FindNextFileW
0x1406a9ad0 FormatMessageA
0x1406a9ad8 FormatMessageW
0x1406a9ae0 FreeLibrary
0x1406a9ae8 GetACP
0x1406a9af0 GetConsoleMode
0x1406a9af8 GetCurrentProcess
0x1406a9b00 GetCurrentProcessId
0x1406a9b08 GetCurrentThread
0x1406a9b10 GetCurrentThreadId
0x1406a9b18 GetEnvironmentVariableW
0x1406a9b20 GetExitCodeThread
0x1406a9b28 GetFileType
0x1406a9b30 GetHandleInformation
0x1406a9b38 GetLastError
0x1406a9b40 GetLogicalProcessorInformation
0x1406a9b48 GetModuleHandleA
0x1406a9b50 GetModuleHandleExW
0x1406a9b58 GetModuleHandleW
0x1406a9b60 GetProcAddress
0x1406a9b68 GetProcessAffinityMask
0x1406a9b70 GetProcessHeap
0x1406a9b78 GetProcessTimes
0x1406a9b80 GetQueuedCompletionStatus
0x1406a9b88 GetStdHandle
0x1406a9b90 GetSystemDirectoryA
0x1406a9b98 GetSystemInfo
0x1406a9ba0 GetSystemTime
0x1406a9ba8 GetSystemTimeAdjustment
0x1406a9bb0 GetSystemTimeAsFileTime
0x1406a9bb8 GetThreadContext
0x1406a9bc0 GetThreadPriority
0x1406a9bc8 GetThreadTimes
0x1406a9bd0 GetTickCount
0x1406a9bd8 GetVersion
0x1406a9be0 HeapAlloc
0x1406a9be8 HeapFree
0x1406a9bf0 InitializeCriticalSection
0x1406a9bf8 InitializeCriticalSectionAndSpinCount
0x1406a9c00 IsDBCSLeadByteEx
0x1406a9c08 IsDebuggerPresent
0x1406a9c10 IsProcessorFeaturePresent
0x1406a9c18 LeaveCriticalSection
0x1406a9c20 LoadLibraryA
0x1406a9c28 LoadLibraryW
0x1406a9c30 LocalFree
0x1406a9c38 MultiByteToWideChar
0x1406a9c40 OpenEventA
0x1406a9c48 OpenProcess
0x1406a9c50 OutputDebugStringA
0x1406a9c58 PostQueuedCompletionStatus
0x1406a9c60 QueryPerformanceCounter
0x1406a9c68 QueryPerformanceFrequency
0x1406a9c70 QueueUserAPC
0x1406a9c78 RaiseException
0x1406a9c80 ReadConsoleA
0x1406a9c88 ReadConsoleW
0x1406a9c90 ReleaseSemaphore
0x1406a9c98 ResetEvent
0x1406a9ca0 ResumeThread
0x1406a9ca8 RtlCaptureContext
0x1406a9cb0 RtlLookupFunctionEntry
0x1406a9cb8 RtlUnwindEx
0x1406a9cc0 RtlVirtualUnwind
0x1406a9cc8 SetConsoleMode
0x1406a9cd0 SetEvent
0x1406a9cd8 SetLastError
0x1406a9ce0 SetProcessAffinityMask
0x1406a9ce8 SetSystemTime
0x1406a9cf0 SetThreadContext
0x1406a9cf8 SetThreadPriority
0x1406a9d00 SetUnhandledExceptionFilter
0x1406a9d08 SetWaitableTimer
0x1406a9d10 Sleep
0x1406a9d18 SleepEx
0x1406a9d20 SuspendThread
0x1406a9d28 SwitchToFiber
0x1406a9d30 SystemTimeToFileTime
0x1406a9d38 TerminateProcess
0x1406a9d40 TerminateThread
0x1406a9d48 TlsAlloc
0x1406a9d50 TlsFree
0x1406a9d58 TlsGetValue
0x1406a9d60 TlsSetValue
0x1406a9d68 TryEnterCriticalSection
0x1406a9d70 VirtualAlloc
0x1406a9d78 VirtualFree
0x1406a9d80 VirtualLock
0x1406a9d88 VirtualProtect
0x1406a9d90 VirtualQuery
0x1406a9d98 WaitForMultipleObjects
0x1406a9da0 WaitForMultipleObjectsEx
0x1406a9da8 WaitForSingleObject
0x1406a9db0 WaitForSingleObjectEx
0x1406a9db8 WideCharToMultiByte
0x1406a9dc0 WriteFile
msvcrt.dll
0x1406a9dd0 __C_specific_handler
0x1406a9dd8 ___lc_codepage_func
0x1406a9de0 ___mb_cur_max_func
0x1406a9de8 __getmainargs
0x1406a9df0 __initenv
0x1406a9df8 __iob_func
0x1406a9e00 __set_app_type
0x1406a9e08 __setusermatherr
0x1406a9e10 _aligned_free
0x1406a9e18 _aligned_malloc
0x1406a9e20 _amsg_exit
0x1406a9e28 _assert
0x1406a9e30 _beginthreadex
0x1406a9e38 _cexit
0x1406a9e40 _commode
0x1406a9e48 _endthreadex
0x1406a9e50 _errno
0x1406a9e58 _exit
0x1406a9e60 _fdopen
0x1406a9e68 _filelengthi64
0x1406a9e70 _fileno
0x1406a9e78 _fileno
0x1406a9e80 _fmode
0x1406a9e88 _fstat64
0x1406a9e90 _gmtime64
0x1406a9e98 _initterm
0x1406a9ea0 _localtime64
0x1406a9ea8 _lock
0x1406a9eb0 _lseeki64
0x1406a9eb8 _mktime64
0x1406a9ec0 _onexit
0x1406a9ec8 _read
0x1406a9ed0 _setjmp
0x1406a9ed8 _setmode
0x1406a9ee0 _stat64
0x1406a9ee8 _strdup
0x1406a9ef0 _strdup
0x1406a9ef8 _strtoi64
0x1406a9f00 _strtoui64
0x1406a9f08 _time64
0x1406a9f10 _timezone
0x1406a9f18 _unlock
0x1406a9f20 _vscprintf
0x1406a9f28 _vsnprintf
0x1406a9f30 _vsnwprintf
0x1406a9f38 _wfopen
0x1406a9f40 _write
0x1406a9f48 abort
0x1406a9f50 atoi
0x1406a9f58 calloc
0x1406a9f60 exit
0x1406a9f68 fclose
0x1406a9f70 feof
0x1406a9f78 ferror
0x1406a9f80 fflush
0x1406a9f88 fgetpos
0x1406a9f90 fgets
0x1406a9f98 fopen
0x1406a9fa0 fprintf
0x1406a9fa8 fputc
0x1406a9fb0 fputs
0x1406a9fb8 fread
0x1406a9fc0 free
0x1406a9fc8 fsetpos
0x1406a9fd0 fseek
0x1406a9fd8 ftell
0x1406a9fe0 fwrite
0x1406a9fe8 getc
0x1406a9ff0 getenv
0x1406a9ff8 getwc
0x1406aa000 isspace
0x1406aa008 iswctype
0x1406aa010 localeconv
0x1406aa018 longjmp
0x1406aa020 malloc
0x1406aa028 memchr
0x1406aa030 memcmp
0x1406aa038 memcpy
0x1406aa040 memmove
0x1406aa048 memset
0x1406aa050 printf
0x1406aa058 putc
0x1406aa060 puts
0x1406aa068 putwc
0x1406aa070 qsort
0x1406aa078 raise
0x1406aa080 realloc
0x1406aa088 setlocale
0x1406aa090 setvbuf
0x1406aa098 signal
0x1406aa0a0 sprintf
0x1406aa0a8 sscanf
0x1406aa0b0 strcat
0x1406aa0b8 strchr
0x1406aa0c0 strcmp
0x1406aa0c8 strcoll
0x1406aa0d0 strcpy
0x1406aa0d8 strcspn
0x1406aa0e0 strerror
0x1406aa0e8 strftime
0x1406aa0f0 strlen
0x1406aa0f8 strncmp
0x1406aa100 strncpy
0x1406aa108 strrchr
0x1406aa110 strspn
0x1406aa118 strstr
0x1406aa120 strtol
0x1406aa128 strtoul
0x1406aa130 strxfrm
0x1406aa138 system
0x1406aa140 tolower
0x1406aa148 towlower
0x1406aa150 towupper
0x1406aa158 ungetwc
0x1406aa160 ungetc
0x1406aa168 vfprintf
0x1406aa170 wcscoll
0x1406aa178 wcscpy
0x1406aa180 wcsftime
0x1406aa188 wcslen
0x1406aa190 wcsstr
0x1406aa198 wcstombs
0x1406aa1a0 wcsxfrm
USER32.dll
0x1406aa1b0 GetProcessWindowStation
0x1406aa1b8 GetUserObjectInformationW
0x1406aa1c0 MessageBoxW
WS2_32.dll
0x1406aa1d0 WSACleanup
0x1406aa1d8 WSAGetLastError
0x1406aa1e0 WSAIoctl
0x1406aa1e8 WSARecv
0x1406aa1f0 WSASend
0x1406aa1f8 WSASetLastError
0x1406aa200 WSASocketW
0x1406aa208 WSAStartup
0x1406aa210 WSAStringToAddressA
0x1406aa218 __WSAFDIsSet
0x1406aa220 accept
0x1406aa228 ind
0x1406aa230 closesocket
0x1406aa238 connect
0x1406aa240 freeaddrinfo
0x1406aa248 getaddrinfo
0x1406aa250 gethostbyaddr
0x1406aa258 gethostbyname
0x1406aa260 gethostname
0x1406aa268 getpeername
0x1406aa270 getservbyname
0x1406aa278 getservbyport
0x1406aa280 getsockname
0x1406aa288 getsockopt
0x1406aa290 htonl
0x1406aa298 htons
0x1406aa2a0 inet_addr
0x1406aa2a8 inet_ntoa
0x1406aa2b0 ioctlsocket
0x1406aa2b8 listen
0x1406aa2c0 ntohl
0x1406aa2c8 ntohs
0x1406aa2d0 recv
0x1406aa2d8 recvfrom
0x1406aa2e0 select
0x1406aa2e8 send
0x1406aa2f0 sendto
0x1406aa2f8 setsockopt
0x1406aa300 shutdown
0x1406aa308 socket
WSOCK32.dll
0x1406aa318 AcceptEx
0x1406aa320 GetAcceptExSockaddrs
EAT(Export Address Table) Library
0x14008f0f0 jump_fcontext
0x14008f060 make_fcontext
0x14008f2c0 ontop_fcontext