ScreenShot
| Created | 2025.01.16 22:07 | Machine | s1_win7_x6401 |
| Filename | Set-up.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score | Not founds | Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 41 detected (Common, Crack, Ghanarava, Artemis, Unsafe, Vbce, malicious, moderate confidence, HackTool, OH potentially unsafe, FileRepMalware, Misc, Agentb, mmni, CLOUD, PrivacyRisk, fpgny, Tool, Generic Reputation PUA, Patcher, ABApplication, CGEM, vzdHIc+VVIU, susgen) | ||
| md5 | 859db299e0810718e19c33f3802b7f74 | ||
| sha256 | 37bafe751e9307c119b84d7247f7c1d6b5c63810f4ad67dfc8c1a6d1479bf4b2 | ||
| ssdeep | 98304:eDNC89EF0yd7wyYnVz02/ZZmbZFu78XfrLTI4O6xr:eDNCQMrdxB2/XmbZ888fA | ||
| imphash | 337783faf868eb54d41c823f63ce0359 | ||
| impfuzzy | 192:nVhWzWHQPGH0YE6ZFhKfHRkHPzodmsdEfy7TAczcG0ZKa6F:nVIzWwHt6jhKyNs6+zcG0ZKaY | ||
Network IP location
Signature (4cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 41 AntiVirus engines on VirusTotal as malicious |
| info | One or more processes crashed |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (10cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| warning | PhysicalDrive_20181001 | (no description) | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| notice | anti_vm_detect | Possibly employs anti-virtualization techniques | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
COMCTL32.dll
0x7740a0 InitCommonControlsEx
SHLWAPI.dll
0x774518 PathIsUNCW
0x77451c PathIsRelativeW
0x774520 PathRemoveBackslashW
0x774524 PathIsNetworkPathW
0x774528 PathStripPathW
0x77452c UrlIsW
0x774530 SHGetValueW
0x774534 UrlEscapeW
0x774538 PathFindFileNameW
0x77453c PathRemoveFileSpecW
0x774540 PathRemoveExtensionW
0x774544 PathFileExistsW
0x774548 PathAddExtensionW
0x77454c PathIsFileSpecW
0x774550 PathAppendW
0x774554 PathIsDirectoryW
0x774558 PathRenameExtensionW
0x77455c PathIsSystemFolderW
0x774560 PathFileExistsA
0x774564 PathAddBackslashW
0x774568 PathIsRootW
0x77456c PathStripToRootW
SHELL32.dll
0x7744dc SHCreateDirectoryExW
0x7744e0 None
0x7744e4 SHGetKnownFolderPath
0x7744e8 ShellExecuteW
0x7744ec ShellExecuteExW
0x7744f0 SHGetSpecialFolderLocation
0x7744f4 SHBrowseForFolderW
0x7744f8 None
0x7744fc SHGetMalloc
0x774500 SHGetFolderLocation
0x774504 SHGetPathFromIDListW
0x774508 SHGetFolderPathW
0x77450c SHGetSpecialFolderPathW
0x774510 CommandLineToArgvW
KERNEL32.dll
0x774110 FindNextFileW
0x774114 WaitForMultipleObjects
0x774118 CreateFileW
0x77411c CreateEventW
0x774120 SetEvent
0x774124 ResetEvent
0x774128 GetOverlappedResult
0x77412c ReadDirectoryChangesW
0x774130 MultiByteToWideChar
0x774134 WideCharToMultiByte
0x774138 GetFileSizeEx
0x77413c FindClose
0x774140 GetFileAttributesW
0x774144 SetFileAttributesW
0x774148 DeleteFileW
0x77414c GetLocalTime
0x774150 GetTimeFormatW
0x774154 GetDateFormatW
0x774158 GetCurrentProcess
0x77415c DeviceIoControl
0x774160 GetTempPathW
0x774164 GetVersionExW
0x774168 GetComputerNameExW
0x77416c FileTimeToSystemTime
0x774170 GetNativeSystemInfo
0x774174 RaiseException
0x774178 LoadLibraryW
0x77417c GetProcAddress
0x774180 CreateProcessW
0x774184 GetModuleHandleW
0x774188 FreeLibrary
0x77418c InitializeCriticalSectionEx
0x774190 DecodePointer
0x774194 MulDiv
0x774198 GetModuleFileNameW
0x77419c TerminateProcess
0x7741a0 RemoveDirectoryW
0x7741a4 OpenProcess
0x7741a8 CreateToolhelp32Snapshot
0x7741ac Sleep
0x7741b0 Process32NextW
0x7741b4 Process32FirstW
0x7741b8 CopyFileW
0x7741bc GetExitCodeProcess
0x7741c0 ReadFile
0x7741c4 SetLastError
0x7741c8 lstrlenW
0x7741cc LocalAlloc
0x7741d0 GetDiskFreeSpaceExW
0x7741d4 GetCurrentDirectoryW
0x7741d8 SetCurrentDirectoryW
0x7741dc MoveFileExW
0x7741e0 GetFileSize
0x7741e4 lstrcpyW
0x7741e8 lstrcmpiW
0x7741ec lstrcmpW
0x7741f0 GetDriveTypeW
0x7741f4 GetFullPathNameW
0x7741f8 HeapSize
0x7741fc HeapReAlloc
0x774200 HeapDestroy
0x774204 GlobalAlloc
0x774208 GlobalLock
0x77420c GlobalUnlock
0x774210 GetSystemDirectoryW
0x774214 SetDllDirectoryW
0x774218 GetStdHandle
0x77421c AttachConsole
0x774220 FreeConsole
0x774224 GetConsoleWindow
0x774228 AreFileApisANSI
0x77422c TryEnterCriticalSection
0x774230 HeapCreate
0x774234 WriteFile
0x774238 GetDiskFreeSpaceW
0x77423c OutputDebugStringA
0x774240 LockFile
0x774244 SetFilePointer
0x774248 LeaveCriticalSection
0x77424c SetEndOfFile
0x774250 UnlockFileEx
0x774254 UnmapViewOfFile
0x774258 HeapValidate
0x77425c GetTempPathA
0x774260 GetDiskFreeSpaceA
0x774264 GetFileAttributesA
0x774268 GetFileAttributesExW
0x77426c OutputDebugStringW
0x774270 FlushViewOfFile
0x774274 CreateFileA
0x774278 LoadLibraryA
0x77427c WaitForSingleObjectEx
0x774280 GetVersionExA
0x774284 DeleteFileA
0x774288 GetSystemInfo
0x77428c HeapCompact
0x774290 UnlockFile
0x774294 CreateFileMappingA
0x774298 LockFileEx
0x77429c SystemTimeToFileTime
0x7742a0 GetSystemTimeAsFileTime
0x7742a4 GetSystemTime
0x7742a8 FormatMessageA
0x7742ac CreateFileMappingW
0x7742b0 MapViewOfFile
0x7742b4 QueryPerformanceCounter
0x7742b8 GetTickCount
0x7742bc FlushFileBuffers
0x7742c0 SizeofResource
0x7742c4 LockResource
0x7742c8 LoadResource
0x7742cc FindResourceW
0x7742d0 GlobalFree
0x7742d4 VerSetConditionMask
0x7742d8 FindFirstFileW
0x7742dc GetUserDefaultLCID
0x7742e0 LCMapStringW
0x7742e4 DuplicateHandle
0x7742e8 ProcessIdToSessionId
0x7742ec TerminateThread
0x7742f0 CreateThread
0x7742f4 FindResourceExW
0x7742f8 GetThreadTimes
0x7742fc QueryFullProcessImageNameW
0x774300 GetUserDefaultLangID
0x774304 GetUserDefaultUILanguage
0x774308 SetNamedPipeHandleState
0x77430c CreateNamedPipeW
0x774310 ConnectNamedPipe
0x774314 CreateDirectoryW
0x774318 ReleaseSemaphore
0x77431c OpenSemaphoreW
0x774320 CreateSemaphoreW
0x774324 GetTimeZoneInformation
0x774328 VirtualFree
0x77432c VirtualAlloc
0x774330 QueryPerformanceFrequency
0x774334 GetCurrentThread
0x774338 SetFilePointerEx
0x77433c ResumeThread
0x774340 SetThreadPriority
0x774344 EnterCriticalSection
0x774348 CompareStringW
0x77434c GetCPInfo
0x774350 EncodePointer
0x774354 TlsFree
0x774358 TlsSetValue
0x77435c TlsGetValue
0x774360 TlsAlloc
0x774364 InitializeCriticalSectionAndSpinCount
0x774368 GetStringTypeW
0x77436c GetExitCodeThread
0x774370 SwitchToThread
0x774374 GetModuleHandleExW
0x774378 QueueUserWorkItem
0x77437c IsProcessorFeaturePresent
0x774380 LoadLibraryExA
0x774384 VirtualQuery
0x774388 VirtualProtect
0x77438c GetCurrentProcessId
0x774390 GetCurrentThreadId
0x774394 OpenMutexW
0x774398 CloseHandle
0x77439c ReleaseMutex
0x7743a0 WaitForSingleObject
0x7743a4 CreateMutexW
0x7743a8 GetProcessHeap
0x7743ac HeapAlloc
0x7743b0 HeapFree
0x7743b4 LocalFree
0x7743b8 GetLastError
0x7743bc FormatMessageW
0x7743c0 GetLocaleInfoW
0x7743c4 UnhandledExceptionFilter
0x7743c8 SetUnhandledExceptionFilter
0x7743cc InitializeSListHead
0x7743d0 IsDebuggerPresent
0x7743d4 GetStartupInfoW
0x7743d8 InterlockedPopEntrySList
0x7743dc InterlockedPushEntrySList
0x7743e0 FlushInstructionCache
0x7743e4 CreateTimerQueue
0x7743e8 SignalObjectAndWait
0x7743ec GetThreadPriority
0x7743f0 GetLogicalProcessorInformation
0x7743f4 CreateTimerQueueTimer
0x7743f8 ChangeTimerQueueTimer
0x7743fc DeleteTimerQueueTimer
0x774400 GetNumaHighestNodeNumber
0x774404 GetProcessAffinityMask
0x774408 SetThreadAffinityMask
0x77440c DeleteCriticalSection
0x774410 RegisterWaitForSingleObject
0x774414 UnregisterWait
0x774418 FreeLibraryAndExitThread
0x77441c GetModuleHandleA
0x774420 LoadLibraryExW
0x774424 InterlockedFlushSList
0x774428 QueryDepthSList
0x77442c UnregisterWaitEx
0x774430 RtlUnwind
0x774434 ExitThread
0x774438 GetFileInformationByHandle
0x77443c GetFileType
0x774440 PeekNamedPipe
0x774444 SystemTimeToTzSpecificLocalTime
0x774448 SetStdHandle
0x77444c WriteConsoleW
0x774450 ExitProcess
0x774454 GetConsoleCP
0x774458 GetConsoleMode
0x77445c IsValidLocale
0x774460 EnumSystemLocalesW
0x774464 ReadConsoleW
0x774468 FindFirstFileExW
0x77446c IsValidCodePage
0x774470 GetACP
0x774474 VerifyVersionInfoW
0x774478 GetOEMCP
0x77447c GetCommandLineA
0x774480 GetCommandLineW
0x774484 GetEnvironmentStringsW
0x774488 FreeEnvironmentStringsW
0x77448c InitializeCriticalSection
0x774490 SetEnvironmentVariableW
0x774494 GetFullPathNameA
USER32.dll
0x77457c CharNextW
0x774580 BringWindowToTop
0x774584 TranslateAcceleratorW
0x774588 GetClassNameW
0x77458c SetCapture
0x774590 GetDlgItem
0x774594 GetParent
0x774598 RegisterWindowMessageW
0x77459c ReleaseCapture
0x7745a0 SetForegroundWindow
0x7745a4 InvalidateRect
0x7745a8 GetForegroundWindow
0x7745ac GetSysColor
0x7745b0 AttachThreadInput
0x7745b4 IsChild
0x7745b8 DestroyAcceleratorTable
0x7745bc ClientToScreen
0x7745c0 RedrawWindow
0x7745c4 InvalidateRgn
0x7745c8 IsWindow
0x7745cc SetFocus
0x7745d0 ScreenToClient
0x7745d4 FillRect
0x7745d8 GetFocus
0x7745dc GetWindow
0x7745e0 IsIconic
0x7745e4 BeginPaint
0x7745e8 EndPaint
0x7745ec GetWindowTextW
0x7745f0 GetSystemMetrics
0x7745f4 GetMessageW
0x7745f8 DefWindowProcW
0x7745fc GetWindowLongW
0x774600 DestroyWindow
0x774604 SetWindowPos
0x774608 CreateWindowExW
0x77460c SendMessageW
0x774610 RegisterClassExW
0x774614 GetActiveWindow
0x774618 DispatchMessageW
0x77461c CreateAcceleratorTableW
0x774620 SetWindowTextW
0x774624 CallWindowProcW
0x774628 GetWindowTextLengthW
0x77462c GetWindowThreadProcessId
0x774630 wsprintfW
0x774634 PostThreadMessageW
0x774638 TranslateMessage
0x77463c LoadCursorW
0x774640 SetWindowLongW
0x774644 PostQuitMessage
0x774648 GetDesktopWindow
0x77464c GetClassInfoExW
0x774650 GetDC
0x774654 MessageBoxW
0x774658 ShowWindow
0x77465c GetAsyncKeyState
0x774660 ReleaseDC
0x774664 PostMessageW
0x774668 UnregisterClassW
0x77466c GetClientRect
0x774670 EnumWindows
0x774674 MoveWindow
0x774678 GetShellWindow
0x77467c LoadImageW
0x774680 SystemParametersInfoW
0x774684 EnableMenuItem
0x774688 LoadIconW
0x77468c GetSystemMenu
0x774690 GetClassLongW
0x774694 AppendMenuW
0x774698 SetClassLongW
0x77469c GetWindowRect
GDI32.dll
0x7740e4 DeleteDC
0x7740e8 GetObjectW
0x7740ec DeleteObject
0x7740f0 CreateSolidBrush
0x7740f4 GetDeviceCaps
0x7740f8 SelectObject
0x7740fc CreateCompatibleBitmap
0x774100 GetStockObject
0x774104 BitBlt
0x774108 CreateCompatibleDC
ADVAPI32.dll
0x774000 SetEntriesInAclW
0x774004 SetNamedSecurityInfoW
0x774008 GetNamedSecurityInfoW
0x77400c GetTokenInformation
0x774010 CreateWellKnownSid
0x774014 LookupPrivilegeValueW
0x774018 OpenProcessToken
0x77401c RegFlushKey
0x774020 RegCloseKey
0x774024 RegDeleteKeyExW
0x774028 RegCreateKeyExW
0x77402c RegSetValueExW
0x774030 LookupAccountSidW
0x774034 RegOpenKeyExW
0x774038 RegEnumValueW
0x77403c EqualSid
0x774040 InitializeSecurityDescriptor
0x774044 FreeSid
0x774048 AllocateAndInitializeSid
0x77404c SetSecurityDescriptorDacl
0x774050 DuplicateTokenEx
0x774054 ConvertSidToStringSidW
0x774058 ImpersonateLoggedOnUser
0x77405c ConvertStringSidToSidW
0x774060 RevertToSelf
0x774064 CryptReleaseContext
0x774068 CryptGetHashParam
0x77406c CryptDestroyHash
0x774070 CryptHashData
0x774074 CryptCreateHash
0x774078 CryptAcquireContextW
0x77407c RegQueryValueExW
0x774080 GetUserNameW
0x774084 CredWriteW
0x774088 CredReadW
0x77408c CredDeleteW
0x774090 CredFree
0x774094 CredEnumerateW
0x774098 AdjustTokenPrivileges
ole32.dll
0x7746f0 CoCreateGuid
0x7746f4 CoAddRefServerProcess
0x7746f8 OleRun
0x7746fc CoUninitialize
0x774700 CoInitialize
0x774704 CLSIDFromString
0x774708 CreateStreamOnHGlobal
0x77470c CLSIDFromProgID
0x774710 CoGetClassObject
0x774714 CoCreateInstance
0x774718 StringFromGUID2
0x77471c OleInitialize
0x774720 OleUninitialize
0x774724 OleLockRunning
0x774728 CoTaskMemAlloc
0x77472c CoTaskMemFree
0x774730 CoReleaseServerProcess
OLEAUT32.dll
0x77449c VariantChangeType
0x7744a0 SysAllocStringLen
0x7744a4 SysStringLen
0x7744a8 SysFreeString
0x7744ac VariantInit
0x7744b0 SysAllocString
0x7744b4 OleCreateFontIndirect
0x7744b8 LoadTypeLib
0x7744bc LoadRegTypeLib
0x7744c0 SysAllocStringByteLen
0x7744c4 VariantCopy
0x7744c8 SysStringByteLen
0x7744cc DispCallFunc
0x7744d0 GetErrorInfo
0x7744d4 VariantClear
crypt.dll
0x7746b8 BCryptCloseAlgorithmProvider
0x7746bc BCryptVerifySignature
0x7746c0 BCryptGenerateSymmetricKey
0x7746c4 BCryptSetProperty
0x7746c8 BCryptDecrypt
0x7746cc BCryptDestroyKey
0x7746d0 BCryptEncrypt
0x7746d4 BCryptDestroyHash
0x7746d8 BCryptOpenAlgorithmProvider
0x7746dc BCryptCreateHash
0x7746e0 BCryptHashData
0x7746e4 BCryptFinishHash
0x7746e8 BCryptGetProperty
CRYPT32.dll
0x7740a8 CertGetIssuerCertificateFromStore
0x7740ac CertGetNameStringW
0x7740b0 CryptProtectData
0x7740b4 CryptUnprotectData
0x7740b8 CryptStringToBinaryW
0x7740bc CertOpenStore
0x7740c0 CertFindCertificateInStore
0x7740c4 CertFreeCertificateContext
0x7740c8 CertCreateCertificateContext
0x7740cc CryptHashCertificate2
0x7740d0 CryptImportPublicKeyInfoEx2
0x7740d4 CertVerifySubjectCertificateContext
0x7740d8 CertAddCertificateContextToStore
0x7740dc CertCloseStore
Secur32.dll
0x774574 GetUserNameExW
WINTRUST.dll
0x7746a4 WTHelperProvDataFromStateData
0x7746a8 WTHelperGetProvCertFromChain
0x7746ac WinVerifyTrust
0x7746b0 WTHelperGetProvSignerFromChain
EAT(Export Address Table) is none
COMCTL32.dll
0x7740a0 InitCommonControlsEx
SHLWAPI.dll
0x774518 PathIsUNCW
0x77451c PathIsRelativeW
0x774520 PathRemoveBackslashW
0x774524 PathIsNetworkPathW
0x774528 PathStripPathW
0x77452c UrlIsW
0x774530 SHGetValueW
0x774534 UrlEscapeW
0x774538 PathFindFileNameW
0x77453c PathRemoveFileSpecW
0x774540 PathRemoveExtensionW
0x774544 PathFileExistsW
0x774548 PathAddExtensionW
0x77454c PathIsFileSpecW
0x774550 PathAppendW
0x774554 PathIsDirectoryW
0x774558 PathRenameExtensionW
0x77455c PathIsSystemFolderW
0x774560 PathFileExistsA
0x774564 PathAddBackslashW
0x774568 PathIsRootW
0x77456c PathStripToRootW
SHELL32.dll
0x7744dc SHCreateDirectoryExW
0x7744e0 None
0x7744e4 SHGetKnownFolderPath
0x7744e8 ShellExecuteW
0x7744ec ShellExecuteExW
0x7744f0 SHGetSpecialFolderLocation
0x7744f4 SHBrowseForFolderW
0x7744f8 None
0x7744fc SHGetMalloc
0x774500 SHGetFolderLocation
0x774504 SHGetPathFromIDListW
0x774508 SHGetFolderPathW
0x77450c SHGetSpecialFolderPathW
0x774510 CommandLineToArgvW
KERNEL32.dll
0x774110 FindNextFileW
0x774114 WaitForMultipleObjects
0x774118 CreateFileW
0x77411c CreateEventW
0x774120 SetEvent
0x774124 ResetEvent
0x774128 GetOverlappedResult
0x77412c ReadDirectoryChangesW
0x774130 MultiByteToWideChar
0x774134 WideCharToMultiByte
0x774138 GetFileSizeEx
0x77413c FindClose
0x774140 GetFileAttributesW
0x774144 SetFileAttributesW
0x774148 DeleteFileW
0x77414c GetLocalTime
0x774150 GetTimeFormatW
0x774154 GetDateFormatW
0x774158 GetCurrentProcess
0x77415c DeviceIoControl
0x774160 GetTempPathW
0x774164 GetVersionExW
0x774168 GetComputerNameExW
0x77416c FileTimeToSystemTime
0x774170 GetNativeSystemInfo
0x774174 RaiseException
0x774178 LoadLibraryW
0x77417c GetProcAddress
0x774180 CreateProcessW
0x774184 GetModuleHandleW
0x774188 FreeLibrary
0x77418c InitializeCriticalSectionEx
0x774190 DecodePointer
0x774194 MulDiv
0x774198 GetModuleFileNameW
0x77419c TerminateProcess
0x7741a0 RemoveDirectoryW
0x7741a4 OpenProcess
0x7741a8 CreateToolhelp32Snapshot
0x7741ac Sleep
0x7741b0 Process32NextW
0x7741b4 Process32FirstW
0x7741b8 CopyFileW
0x7741bc GetExitCodeProcess
0x7741c0 ReadFile
0x7741c4 SetLastError
0x7741c8 lstrlenW
0x7741cc LocalAlloc
0x7741d0 GetDiskFreeSpaceExW
0x7741d4 GetCurrentDirectoryW
0x7741d8 SetCurrentDirectoryW
0x7741dc MoveFileExW
0x7741e0 GetFileSize
0x7741e4 lstrcpyW
0x7741e8 lstrcmpiW
0x7741ec lstrcmpW
0x7741f0 GetDriveTypeW
0x7741f4 GetFullPathNameW
0x7741f8 HeapSize
0x7741fc HeapReAlloc
0x774200 HeapDestroy
0x774204 GlobalAlloc
0x774208 GlobalLock
0x77420c GlobalUnlock
0x774210 GetSystemDirectoryW
0x774214 SetDllDirectoryW
0x774218 GetStdHandle
0x77421c AttachConsole
0x774220 FreeConsole
0x774224 GetConsoleWindow
0x774228 AreFileApisANSI
0x77422c TryEnterCriticalSection
0x774230 HeapCreate
0x774234 WriteFile
0x774238 GetDiskFreeSpaceW
0x77423c OutputDebugStringA
0x774240 LockFile
0x774244 SetFilePointer
0x774248 LeaveCriticalSection
0x77424c SetEndOfFile
0x774250 UnlockFileEx
0x774254 UnmapViewOfFile
0x774258 HeapValidate
0x77425c GetTempPathA
0x774260 GetDiskFreeSpaceA
0x774264 GetFileAttributesA
0x774268 GetFileAttributesExW
0x77426c OutputDebugStringW
0x774270 FlushViewOfFile
0x774274 CreateFileA
0x774278 LoadLibraryA
0x77427c WaitForSingleObjectEx
0x774280 GetVersionExA
0x774284 DeleteFileA
0x774288 GetSystemInfo
0x77428c HeapCompact
0x774290 UnlockFile
0x774294 CreateFileMappingA
0x774298 LockFileEx
0x77429c SystemTimeToFileTime
0x7742a0 GetSystemTimeAsFileTime
0x7742a4 GetSystemTime
0x7742a8 FormatMessageA
0x7742ac CreateFileMappingW
0x7742b0 MapViewOfFile
0x7742b4 QueryPerformanceCounter
0x7742b8 GetTickCount
0x7742bc FlushFileBuffers
0x7742c0 SizeofResource
0x7742c4 LockResource
0x7742c8 LoadResource
0x7742cc FindResourceW
0x7742d0 GlobalFree
0x7742d4 VerSetConditionMask
0x7742d8 FindFirstFileW
0x7742dc GetUserDefaultLCID
0x7742e0 LCMapStringW
0x7742e4 DuplicateHandle
0x7742e8 ProcessIdToSessionId
0x7742ec TerminateThread
0x7742f0 CreateThread
0x7742f4 FindResourceExW
0x7742f8 GetThreadTimes
0x7742fc QueryFullProcessImageNameW
0x774300 GetUserDefaultLangID
0x774304 GetUserDefaultUILanguage
0x774308 SetNamedPipeHandleState
0x77430c CreateNamedPipeW
0x774310 ConnectNamedPipe
0x774314 CreateDirectoryW
0x774318 ReleaseSemaphore
0x77431c OpenSemaphoreW
0x774320 CreateSemaphoreW
0x774324 GetTimeZoneInformation
0x774328 VirtualFree
0x77432c VirtualAlloc
0x774330 QueryPerformanceFrequency
0x774334 GetCurrentThread
0x774338 SetFilePointerEx
0x77433c ResumeThread
0x774340 SetThreadPriority
0x774344 EnterCriticalSection
0x774348 CompareStringW
0x77434c GetCPInfo
0x774350 EncodePointer
0x774354 TlsFree
0x774358 TlsSetValue
0x77435c TlsGetValue
0x774360 TlsAlloc
0x774364 InitializeCriticalSectionAndSpinCount
0x774368 GetStringTypeW
0x77436c GetExitCodeThread
0x774370 SwitchToThread
0x774374 GetModuleHandleExW
0x774378 QueueUserWorkItem
0x77437c IsProcessorFeaturePresent
0x774380 LoadLibraryExA
0x774384 VirtualQuery
0x774388 VirtualProtect
0x77438c GetCurrentProcessId
0x774390 GetCurrentThreadId
0x774394 OpenMutexW
0x774398 CloseHandle
0x77439c ReleaseMutex
0x7743a0 WaitForSingleObject
0x7743a4 CreateMutexW
0x7743a8 GetProcessHeap
0x7743ac HeapAlloc
0x7743b0 HeapFree
0x7743b4 LocalFree
0x7743b8 GetLastError
0x7743bc FormatMessageW
0x7743c0 GetLocaleInfoW
0x7743c4 UnhandledExceptionFilter
0x7743c8 SetUnhandledExceptionFilter
0x7743cc InitializeSListHead
0x7743d0 IsDebuggerPresent
0x7743d4 GetStartupInfoW
0x7743d8 InterlockedPopEntrySList
0x7743dc InterlockedPushEntrySList
0x7743e0 FlushInstructionCache
0x7743e4 CreateTimerQueue
0x7743e8 SignalObjectAndWait
0x7743ec GetThreadPriority
0x7743f0 GetLogicalProcessorInformation
0x7743f4 CreateTimerQueueTimer
0x7743f8 ChangeTimerQueueTimer
0x7743fc DeleteTimerQueueTimer
0x774400 GetNumaHighestNodeNumber
0x774404 GetProcessAffinityMask
0x774408 SetThreadAffinityMask
0x77440c DeleteCriticalSection
0x774410 RegisterWaitForSingleObject
0x774414 UnregisterWait
0x774418 FreeLibraryAndExitThread
0x77441c GetModuleHandleA
0x774420 LoadLibraryExW
0x774424 InterlockedFlushSList
0x774428 QueryDepthSList
0x77442c UnregisterWaitEx
0x774430 RtlUnwind
0x774434 ExitThread
0x774438 GetFileInformationByHandle
0x77443c GetFileType
0x774440 PeekNamedPipe
0x774444 SystemTimeToTzSpecificLocalTime
0x774448 SetStdHandle
0x77444c WriteConsoleW
0x774450 ExitProcess
0x774454 GetConsoleCP
0x774458 GetConsoleMode
0x77445c IsValidLocale
0x774460 EnumSystemLocalesW
0x774464 ReadConsoleW
0x774468 FindFirstFileExW
0x77446c IsValidCodePage
0x774470 GetACP
0x774474 VerifyVersionInfoW
0x774478 GetOEMCP
0x77447c GetCommandLineA
0x774480 GetCommandLineW
0x774484 GetEnvironmentStringsW
0x774488 FreeEnvironmentStringsW
0x77448c InitializeCriticalSection
0x774490 SetEnvironmentVariableW
0x774494 GetFullPathNameA
USER32.dll
0x77457c CharNextW
0x774580 BringWindowToTop
0x774584 TranslateAcceleratorW
0x774588 GetClassNameW
0x77458c SetCapture
0x774590 GetDlgItem
0x774594 GetParent
0x774598 RegisterWindowMessageW
0x77459c ReleaseCapture
0x7745a0 SetForegroundWindow
0x7745a4 InvalidateRect
0x7745a8 GetForegroundWindow
0x7745ac GetSysColor
0x7745b0 AttachThreadInput
0x7745b4 IsChild
0x7745b8 DestroyAcceleratorTable
0x7745bc ClientToScreen
0x7745c0 RedrawWindow
0x7745c4 InvalidateRgn
0x7745c8 IsWindow
0x7745cc SetFocus
0x7745d0 ScreenToClient
0x7745d4 FillRect
0x7745d8 GetFocus
0x7745dc GetWindow
0x7745e0 IsIconic
0x7745e4 BeginPaint
0x7745e8 EndPaint
0x7745ec GetWindowTextW
0x7745f0 GetSystemMetrics
0x7745f4 GetMessageW
0x7745f8 DefWindowProcW
0x7745fc GetWindowLongW
0x774600 DestroyWindow
0x774604 SetWindowPos
0x774608 CreateWindowExW
0x77460c SendMessageW
0x774610 RegisterClassExW
0x774614 GetActiveWindow
0x774618 DispatchMessageW
0x77461c CreateAcceleratorTableW
0x774620 SetWindowTextW
0x774624 CallWindowProcW
0x774628 GetWindowTextLengthW
0x77462c GetWindowThreadProcessId
0x774630 wsprintfW
0x774634 PostThreadMessageW
0x774638 TranslateMessage
0x77463c LoadCursorW
0x774640 SetWindowLongW
0x774644 PostQuitMessage
0x774648 GetDesktopWindow
0x77464c GetClassInfoExW
0x774650 GetDC
0x774654 MessageBoxW
0x774658 ShowWindow
0x77465c GetAsyncKeyState
0x774660 ReleaseDC
0x774664 PostMessageW
0x774668 UnregisterClassW
0x77466c GetClientRect
0x774670 EnumWindows
0x774674 MoveWindow
0x774678 GetShellWindow
0x77467c LoadImageW
0x774680 SystemParametersInfoW
0x774684 EnableMenuItem
0x774688 LoadIconW
0x77468c GetSystemMenu
0x774690 GetClassLongW
0x774694 AppendMenuW
0x774698 SetClassLongW
0x77469c GetWindowRect
GDI32.dll
0x7740e4 DeleteDC
0x7740e8 GetObjectW
0x7740ec DeleteObject
0x7740f0 CreateSolidBrush
0x7740f4 GetDeviceCaps
0x7740f8 SelectObject
0x7740fc CreateCompatibleBitmap
0x774100 GetStockObject
0x774104 BitBlt
0x774108 CreateCompatibleDC
ADVAPI32.dll
0x774000 SetEntriesInAclW
0x774004 SetNamedSecurityInfoW
0x774008 GetNamedSecurityInfoW
0x77400c GetTokenInformation
0x774010 CreateWellKnownSid
0x774014 LookupPrivilegeValueW
0x774018 OpenProcessToken
0x77401c RegFlushKey
0x774020 RegCloseKey
0x774024 RegDeleteKeyExW
0x774028 RegCreateKeyExW
0x77402c RegSetValueExW
0x774030 LookupAccountSidW
0x774034 RegOpenKeyExW
0x774038 RegEnumValueW
0x77403c EqualSid
0x774040 InitializeSecurityDescriptor
0x774044 FreeSid
0x774048 AllocateAndInitializeSid
0x77404c SetSecurityDescriptorDacl
0x774050 DuplicateTokenEx
0x774054 ConvertSidToStringSidW
0x774058 ImpersonateLoggedOnUser
0x77405c ConvertStringSidToSidW
0x774060 RevertToSelf
0x774064 CryptReleaseContext
0x774068 CryptGetHashParam
0x77406c CryptDestroyHash
0x774070 CryptHashData
0x774074 CryptCreateHash
0x774078 CryptAcquireContextW
0x77407c RegQueryValueExW
0x774080 GetUserNameW
0x774084 CredWriteW
0x774088 CredReadW
0x77408c CredDeleteW
0x774090 CredFree
0x774094 CredEnumerateW
0x774098 AdjustTokenPrivileges
ole32.dll
0x7746f0 CoCreateGuid
0x7746f4 CoAddRefServerProcess
0x7746f8 OleRun
0x7746fc CoUninitialize
0x774700 CoInitialize
0x774704 CLSIDFromString
0x774708 CreateStreamOnHGlobal
0x77470c CLSIDFromProgID
0x774710 CoGetClassObject
0x774714 CoCreateInstance
0x774718 StringFromGUID2
0x77471c OleInitialize
0x774720 OleUninitialize
0x774724 OleLockRunning
0x774728 CoTaskMemAlloc
0x77472c CoTaskMemFree
0x774730 CoReleaseServerProcess
OLEAUT32.dll
0x77449c VariantChangeType
0x7744a0 SysAllocStringLen
0x7744a4 SysStringLen
0x7744a8 SysFreeString
0x7744ac VariantInit
0x7744b0 SysAllocString
0x7744b4 OleCreateFontIndirect
0x7744b8 LoadTypeLib
0x7744bc LoadRegTypeLib
0x7744c0 SysAllocStringByteLen
0x7744c4 VariantCopy
0x7744c8 SysStringByteLen
0x7744cc DispCallFunc
0x7744d0 GetErrorInfo
0x7744d4 VariantClear
crypt.dll
0x7746b8 BCryptCloseAlgorithmProvider
0x7746bc BCryptVerifySignature
0x7746c0 BCryptGenerateSymmetricKey
0x7746c4 BCryptSetProperty
0x7746c8 BCryptDecrypt
0x7746cc BCryptDestroyKey
0x7746d0 BCryptEncrypt
0x7746d4 BCryptDestroyHash
0x7746d8 BCryptOpenAlgorithmProvider
0x7746dc BCryptCreateHash
0x7746e0 BCryptHashData
0x7746e4 BCryptFinishHash
0x7746e8 BCryptGetProperty
CRYPT32.dll
0x7740a8 CertGetIssuerCertificateFromStore
0x7740ac CertGetNameStringW
0x7740b0 CryptProtectData
0x7740b4 CryptUnprotectData
0x7740b8 CryptStringToBinaryW
0x7740bc CertOpenStore
0x7740c0 CertFindCertificateInStore
0x7740c4 CertFreeCertificateContext
0x7740c8 CertCreateCertificateContext
0x7740cc CryptHashCertificate2
0x7740d0 CryptImportPublicKeyInfoEx2
0x7740d4 CertVerifySubjectCertificateContext
0x7740d8 CertAddCertificateContextToStore
0x7740dc CertCloseStore
Secur32.dll
0x774574 GetUserNameExW
WINTRUST.dll
0x7746a4 WTHelperProvDataFromStateData
0x7746a8 WTHelperGetProvCertFromChain
0x7746ac WinVerifyTrust
0x7746b0 WTHelperGetProvSignerFromChain
EAT(Export Address Table) is none