ScreenShot
| Created | 2025.01.18 10:14 | Machine | s1_win7_x6401 |
| Filename | QGFQTHIU.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows, InstallShield self-extracting archive | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | 37 detected (Penguish, Zusy, Unsafe, malicious, confidence, Attribute, HighConfidence, multiple detections, Redcap, jxeie, LUMMASTEALER, YXFAQZ, Detected, Rugmi, ABTrojan, WOGJ, Artemis, Outbreak, susgen, PossibleThreat) | ||
| md5 | 6e3dc1be717861da3cd7c57e8a1e3911 | ||
| sha256 | d4a388cc151fa56379f9ac6ef8b7851b6750c2ecfc2c8f6904ac6002865c4f30 | ||
| ssdeep | 98304:UK/ZoaSs+bgcPlK+rSN2xeELJ4g1x3+FbdYapMDrEPxiJVwJyHLcnP6WfwCA+D://uVs+bH9K+OGeIBSHqDIPI7WOLyyWfF | ||
| imphash | 07c4dc6e132c507bcef10998173e3c81 | ||
| impfuzzy | 96:Wr+rDrvKk+FXFoteXGYIupucfpehMcOo5IAgfahaudBtYO2Q5FKombVL:WSvkFJpqzOxfahaQtX5oPVL | ||
Network IP location
Signature (10cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 37 AntiVirus engines on VirusTotal as malicious |
| watch | Drops a binary and executes it |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates (office) documents on the filesystem |
| notice | Creates executable files on the filesystem |
| notice | Queries for potentially installed applications |
| info | Checks if process is being debugged by a debugger |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | This executable has a PDB path |
| info | Tries to locate where the browsers are installed |
Rules (23cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (download) |
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | ASPack_Zero | ASPack packed file | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | CAB_file_format | CAB archive file | binaries (download) |
| info | CAB_file_format | CAB archive file | binaries (upload) |
| info | DllRegisterServer_Zero | execute regsvr32.exe | binaries (download) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE64 | (no description) | binaries (download) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x14007f1c0 GetUserDefaultUILanguage
0x14007f1c8 GetUserDefaultLangID
0x14007f1d0 GetSystemDefaultLangID
0x14007f1d8 GetStringTypeW
0x14007f1e0 ReadFile
0x14007f1e8 SetFilePointerEx
0x14007f1f0 CreateProcessW
0x14007f1f8 DuplicateHandle
0x14007f200 FreeLibrary
0x14007f208 ProcessIdToSessionId
0x14007f210 ConnectNamedPipe
0x14007f218 SetNamedPipeHandleState
0x14007f220 CreateNamedPipeW
0x14007f228 OpenProcess
0x14007f230 GetProcessId
0x14007f238 SetProcessShutdownParameters
0x14007f240 LocalFileTimeToFileTime
0x14007f248 SetEndOfFile
0x14007f250 SetFileTime
0x14007f258 GetExitCodeThread
0x14007f260 DosDateTimeToFileTime
0x14007f268 CompareStringA
0x14007f270 SetThreadExecutionState
0x14007f278 ReleaseSemaphore
0x14007f280 CreateMutexW
0x14007f288 GetExitCodeProcess
0x14007f290 CreateFileMappingW
0x14007f298 MapViewOfFile
0x14007f2a0 UnmapViewOfFile
0x14007f2a8 RtlCaptureContext
0x14007f2b0 RtlLookupFunctionEntry
0x14007f2b8 RtlVirtualUnwind
0x14007f2c0 UnhandledExceptionFilter
0x14007f2c8 SetUnhandledExceptionFilter
0x14007f2d0 TerminateProcess
0x14007f2d8 IsProcessorFeaturePresent
0x14007f2e0 QueryPerformanceCounter
0x14007f2e8 GetCurrentThreadId
0x14007f2f0 GetSystemTimeAsFileTime
0x14007f2f8 InitializeSListHead
0x14007f300 IsDebuggerPresent
0x14007f308 GetStartupInfoW
0x14007f310 RtlUnwindEx
0x14007f318 InitializeCriticalSectionAndSpinCount
0x14007f320 TlsAlloc
0x14007f328 TlsGetValue
0x14007f330 TlsSetValue
0x14007f338 TlsFree
0x14007f340 EncodePointer
0x14007f348 RaiseException
0x14007f350 RtlPcToFileHeader
0x14007f358 GetStdHandle
0x14007f360 ExitProcess
0x14007f368 VerifyVersionInfoW
0x14007f370 GetFileType
0x14007f378 FindFirstFileExW
0x14007f380 IsValidCodePage
0x14007f388 GetACP
0x14007f390 GetOEMCP
0x14007f398 GetCPInfo
0x14007f3a0 GetCommandLineA
0x14007f3a8 GetCommandLineW
0x14007f3b0 GetEnvironmentStringsW
0x14007f3b8 FreeEnvironmentStringsW
0x14007f3c0 SetStdHandle
0x14007f3c8 FlsAlloc
0x14007f3d0 FlsGetValue
0x14007f3d8 FlsSetValue
0x14007f3e0 FlsFree
0x14007f3e8 GetFileSizeEx
0x14007f3f0 FlushFileBuffers
0x14007f3f8 GetConsoleOutputCP
0x14007f400 GetConsoleMode
0x14007f408 WriteConsoleW
0x14007f410 GetComputerNameW
0x14007f418 GetSystemTime
0x14007f420 VerSetConditionMask
0x14007f428 CompareStringW
0x14007f430 GetNativeSystemInfo
0x14007f438 CreateThread
0x14007f440 GetCurrentProcess
0x14007f448 CreateSemaphoreW
0x14007f450 CreateEventW
0x14007f458 ReleaseMutex
0x14007f460 ResetEvent
0x14007f468 SetEvent
0x14007f470 DeleteCriticalSection
0x14007f478 LeaveCriticalSection
0x14007f480 EnterCriticalSection
0x14007f488 InitializeCriticalSection
0x14007f490 MoveFileExW
0x14007f498 SetFileAttributesW
0x14007f4a0 RemoveDirectoryW
0x14007f4a8 GetFileAttributesW
0x14007f4b0 FindNextFileW
0x14007f4b8 FindFirstFileW
0x14007f4c0 FindClose
0x14007f4c8 DeleteFileW
0x14007f4d0 GetCurrentDirectoryW
0x14007f4d8 ExpandEnvironmentStringsW
0x14007f4e0 GetProcessHeap
0x14007f4e8 HeapSize
0x14007f4f0 HeapFree
0x14007f4f8 GetDateFormatW
0x14007f500 HeapReAlloc
0x14007f508 HeapAlloc
0x14007f510 GetModuleFileNameW
0x14007f518 GetSystemWow64DirectoryW
0x14007f520 GetSystemDirectoryW
0x14007f528 GetLocalTime
0x14007f530 Sleep
0x14007f538 SetLastError
0x14007f540 GetTempPathW
0x14007f548 GetVolumePathNameW
0x14007f550 GetTempFileNameW
0x14007f558 GetFullPathNameW
0x14007f560 CreateDirectoryW
0x14007f568 LCMapStringW
0x14007f570 WideCharToMultiByte
0x14007f578 MultiByteToWideChar
0x14007f580 lstrlenW
0x14007f588 FormatMessageW
0x14007f590 LocalFree
0x14007f598 LoadLibraryExW
0x14007f5a0 GetProcAddress
0x14007f5a8 GetModuleHandleW
0x14007f5b0 WaitForMultipleObjects
0x14007f5b8 WaitForSingleObject
0x14007f5c0 HeapSetInformation
0x14007f5c8 GetLastError
0x14007f5d0 lstrlenA
0x14007f5d8 GetCurrentProcessId
0x14007f5e0 GetModuleHandleA
0x14007f5e8 MulDiv
0x14007f5f0 CompareStringOrdinal
0x14007f5f8 GetSystemWindowsDirectoryW
0x14007f600 GlobalAlloc
0x14007f608 GlobalFree
0x14007f610 CopyFileW
0x14007f618 LoadResource
0x14007f620 LockResource
0x14007f628 SizeofResource
0x14007f630 FindResourceExA
0x14007f638 VirtualAlloc
0x14007f640 VirtualFree
0x14007f648 SystemTimeToTzSpecificLocalTime
0x14007f650 SystemTimeToFileTime
0x14007f658 GetTimeZoneInformation
0x14007f660 GetSystemInfo
0x14007f668 VirtualProtect
0x14007f670 VirtualQuery
0x14007f678 LoadLibraryExA
0x14007f680 WriteFile
0x14007f688 SetFilePointer
0x14007f690 CreateFileA
0x14007f698 CloseHandle
0x14007f6a0 GetModuleHandleExW
0x14007f6a8 CreateFileW
USER32.dll
0x14007f710 GetDC
0x14007f718 ReleaseDC
0x14007f720 MonitorFromPoint
0x14007f728 ShowWindow
0x14007f730 IsDialogMessageW
0x14007f738 LoadBitmapW
0x14007f740 SetWindowLongPtrW
0x14007f748 GetWindowLongPtrW
0x14007f750 GetCursorPos
0x14007f758 MessageBoxW
0x14007f760 SetWindowPos
0x14007f768 CreateWindowExW
0x14007f770 UnregisterClassW
0x14007f778 RegisterClassW
0x14007f780 PostQuitMessage
0x14007f788 DefWindowProcW
0x14007f790 DispatchMessageW
0x14007f798 TranslateMessage
0x14007f7a0 GetMessageW
0x14007f7a8 WaitForInputIdle
0x14007f7b0 IsWindow
0x14007f7b8 PostMessageW
0x14007f7c0 GetMonitorInfoW
0x14007f7c8 LoadCursorW
0x14007f7d0 MonitorFromWindow
GDI32.dll
0x14007f178 DeleteObject
0x14007f180 SelectObject
0x14007f188 StretchBlt
0x14007f190 GetObjectW
0x14007f198 DeleteDC
0x14007f1a0 CreateDCW
0x14007f1a8 CreateCompatibleDC
0x14007f1b0 GetDeviceCaps
ADVAPI32.dll
0x14007f000 GetUserNameW
0x14007f008 CryptAcquireContextW
0x14007f010 QueryServiceConfigW
0x14007f018 CryptReleaseContext
0x14007f020 CryptGetHashParam
0x14007f028 CryptCreateHash
0x14007f030 CryptHashData
0x14007f038 CryptDestroyHash
0x14007f040 OpenProcessToken
0x14007f048 AllocateAndInitializeSid
0x14007f050 CheckTokenMembership
0x14007f058 GetTokenInformation
0x14007f060 AdjustTokenPrivileges
0x14007f068 IsWellKnownSid
0x14007f070 LookupPrivilegeValueW
0x14007f078 RegCreateKeyExW
0x14007f080 QueryServiceStatus
0x14007f088 OpenServiceW
0x14007f090 OpenSCManagerW
0x14007f098 ControlService
0x14007f0a0 CloseServiceHandle
0x14007f0a8 ChangeServiceConfigW
0x14007f0b0 SetEntriesInAclW
0x14007f0b8 DecryptFileW
0x14007f0c0 InitializeAcl
0x14007f0c8 CreateWellKnownSid
0x14007f0d0 ConvertStringSecurityDescriptorToSecurityDescriptorW
0x14007f0d8 ReportEventW
0x14007f0e0 OpenEventLogW
0x14007f0e8 CloseEventLog
0x14007f0f0 RegQueryInfoKeyW
0x14007f0f8 RegDeleteValueW
0x14007f100 RegQueryValueExW
0x14007f108 InitiateSystemShutdownExW
0x14007f110 RegOpenKeyExW
0x14007f118 RegCloseKey
0x14007f120 SetNamedSecurityInfoW
0x14007f128 RegDeleteKeyW
0x14007f130 RegEnumKeyExW
0x14007f138 RegEnumValueW
0x14007f140 RegSetValueExW
0x14007f148 InitializeSecurityDescriptor
0x14007f150 SetSecurityDescriptorDacl
0x14007f158 SetSecurityDescriptorGroup
0x14007f160 SetSecurityDescriptorOwner
0x14007f168 SetEntriesInAclA
ole32.dll
0x14007f7e0 CoInitializeEx
0x14007f7e8 CoInitialize
0x14007f7f0 CoInitializeSecurity
0x14007f7f8 CoUninitialize
0x14007f800 CLSIDFromProgID
0x14007f808 CoTaskMemFree
0x14007f810 StringFromGUID2
0x14007f818 CoCreateInstance
OLEAUT32.dll
0x14007f6b8 VariantClear
0x14007f6c0 SysFreeString
0x14007f6c8 VariantInit
0x14007f6d0 SysAllocString
RPCRT4.dll
0x14007f6e0 UuidCreate
SHELL32.dll
0x14007f6f0 CommandLineToArgvW
0x14007f6f8 ShellExecuteExW
0x14007f700 SHGetFolderPathW
EAT(Export Address Table) is none
KERNEL32.dll
0x14007f1c0 GetUserDefaultUILanguage
0x14007f1c8 GetUserDefaultLangID
0x14007f1d0 GetSystemDefaultLangID
0x14007f1d8 GetStringTypeW
0x14007f1e0 ReadFile
0x14007f1e8 SetFilePointerEx
0x14007f1f0 CreateProcessW
0x14007f1f8 DuplicateHandle
0x14007f200 FreeLibrary
0x14007f208 ProcessIdToSessionId
0x14007f210 ConnectNamedPipe
0x14007f218 SetNamedPipeHandleState
0x14007f220 CreateNamedPipeW
0x14007f228 OpenProcess
0x14007f230 GetProcessId
0x14007f238 SetProcessShutdownParameters
0x14007f240 LocalFileTimeToFileTime
0x14007f248 SetEndOfFile
0x14007f250 SetFileTime
0x14007f258 GetExitCodeThread
0x14007f260 DosDateTimeToFileTime
0x14007f268 CompareStringA
0x14007f270 SetThreadExecutionState
0x14007f278 ReleaseSemaphore
0x14007f280 CreateMutexW
0x14007f288 GetExitCodeProcess
0x14007f290 CreateFileMappingW
0x14007f298 MapViewOfFile
0x14007f2a0 UnmapViewOfFile
0x14007f2a8 RtlCaptureContext
0x14007f2b0 RtlLookupFunctionEntry
0x14007f2b8 RtlVirtualUnwind
0x14007f2c0 UnhandledExceptionFilter
0x14007f2c8 SetUnhandledExceptionFilter
0x14007f2d0 TerminateProcess
0x14007f2d8 IsProcessorFeaturePresent
0x14007f2e0 QueryPerformanceCounter
0x14007f2e8 GetCurrentThreadId
0x14007f2f0 GetSystemTimeAsFileTime
0x14007f2f8 InitializeSListHead
0x14007f300 IsDebuggerPresent
0x14007f308 GetStartupInfoW
0x14007f310 RtlUnwindEx
0x14007f318 InitializeCriticalSectionAndSpinCount
0x14007f320 TlsAlloc
0x14007f328 TlsGetValue
0x14007f330 TlsSetValue
0x14007f338 TlsFree
0x14007f340 EncodePointer
0x14007f348 RaiseException
0x14007f350 RtlPcToFileHeader
0x14007f358 GetStdHandle
0x14007f360 ExitProcess
0x14007f368 VerifyVersionInfoW
0x14007f370 GetFileType
0x14007f378 FindFirstFileExW
0x14007f380 IsValidCodePage
0x14007f388 GetACP
0x14007f390 GetOEMCP
0x14007f398 GetCPInfo
0x14007f3a0 GetCommandLineA
0x14007f3a8 GetCommandLineW
0x14007f3b0 GetEnvironmentStringsW
0x14007f3b8 FreeEnvironmentStringsW
0x14007f3c0 SetStdHandle
0x14007f3c8 FlsAlloc
0x14007f3d0 FlsGetValue
0x14007f3d8 FlsSetValue
0x14007f3e0 FlsFree
0x14007f3e8 GetFileSizeEx
0x14007f3f0 FlushFileBuffers
0x14007f3f8 GetConsoleOutputCP
0x14007f400 GetConsoleMode
0x14007f408 WriteConsoleW
0x14007f410 GetComputerNameW
0x14007f418 GetSystemTime
0x14007f420 VerSetConditionMask
0x14007f428 CompareStringW
0x14007f430 GetNativeSystemInfo
0x14007f438 CreateThread
0x14007f440 GetCurrentProcess
0x14007f448 CreateSemaphoreW
0x14007f450 CreateEventW
0x14007f458 ReleaseMutex
0x14007f460 ResetEvent
0x14007f468 SetEvent
0x14007f470 DeleteCriticalSection
0x14007f478 LeaveCriticalSection
0x14007f480 EnterCriticalSection
0x14007f488 InitializeCriticalSection
0x14007f490 MoveFileExW
0x14007f498 SetFileAttributesW
0x14007f4a0 RemoveDirectoryW
0x14007f4a8 GetFileAttributesW
0x14007f4b0 FindNextFileW
0x14007f4b8 FindFirstFileW
0x14007f4c0 FindClose
0x14007f4c8 DeleteFileW
0x14007f4d0 GetCurrentDirectoryW
0x14007f4d8 ExpandEnvironmentStringsW
0x14007f4e0 GetProcessHeap
0x14007f4e8 HeapSize
0x14007f4f0 HeapFree
0x14007f4f8 GetDateFormatW
0x14007f500 HeapReAlloc
0x14007f508 HeapAlloc
0x14007f510 GetModuleFileNameW
0x14007f518 GetSystemWow64DirectoryW
0x14007f520 GetSystemDirectoryW
0x14007f528 GetLocalTime
0x14007f530 Sleep
0x14007f538 SetLastError
0x14007f540 GetTempPathW
0x14007f548 GetVolumePathNameW
0x14007f550 GetTempFileNameW
0x14007f558 GetFullPathNameW
0x14007f560 CreateDirectoryW
0x14007f568 LCMapStringW
0x14007f570 WideCharToMultiByte
0x14007f578 MultiByteToWideChar
0x14007f580 lstrlenW
0x14007f588 FormatMessageW
0x14007f590 LocalFree
0x14007f598 LoadLibraryExW
0x14007f5a0 GetProcAddress
0x14007f5a8 GetModuleHandleW
0x14007f5b0 WaitForMultipleObjects
0x14007f5b8 WaitForSingleObject
0x14007f5c0 HeapSetInformation
0x14007f5c8 GetLastError
0x14007f5d0 lstrlenA
0x14007f5d8 GetCurrentProcessId
0x14007f5e0 GetModuleHandleA
0x14007f5e8 MulDiv
0x14007f5f0 CompareStringOrdinal
0x14007f5f8 GetSystemWindowsDirectoryW
0x14007f600 GlobalAlloc
0x14007f608 GlobalFree
0x14007f610 CopyFileW
0x14007f618 LoadResource
0x14007f620 LockResource
0x14007f628 SizeofResource
0x14007f630 FindResourceExA
0x14007f638 VirtualAlloc
0x14007f640 VirtualFree
0x14007f648 SystemTimeToTzSpecificLocalTime
0x14007f650 SystemTimeToFileTime
0x14007f658 GetTimeZoneInformation
0x14007f660 GetSystemInfo
0x14007f668 VirtualProtect
0x14007f670 VirtualQuery
0x14007f678 LoadLibraryExA
0x14007f680 WriteFile
0x14007f688 SetFilePointer
0x14007f690 CreateFileA
0x14007f698 CloseHandle
0x14007f6a0 GetModuleHandleExW
0x14007f6a8 CreateFileW
USER32.dll
0x14007f710 GetDC
0x14007f718 ReleaseDC
0x14007f720 MonitorFromPoint
0x14007f728 ShowWindow
0x14007f730 IsDialogMessageW
0x14007f738 LoadBitmapW
0x14007f740 SetWindowLongPtrW
0x14007f748 GetWindowLongPtrW
0x14007f750 GetCursorPos
0x14007f758 MessageBoxW
0x14007f760 SetWindowPos
0x14007f768 CreateWindowExW
0x14007f770 UnregisterClassW
0x14007f778 RegisterClassW
0x14007f780 PostQuitMessage
0x14007f788 DefWindowProcW
0x14007f790 DispatchMessageW
0x14007f798 TranslateMessage
0x14007f7a0 GetMessageW
0x14007f7a8 WaitForInputIdle
0x14007f7b0 IsWindow
0x14007f7b8 PostMessageW
0x14007f7c0 GetMonitorInfoW
0x14007f7c8 LoadCursorW
0x14007f7d0 MonitorFromWindow
GDI32.dll
0x14007f178 DeleteObject
0x14007f180 SelectObject
0x14007f188 StretchBlt
0x14007f190 GetObjectW
0x14007f198 DeleteDC
0x14007f1a0 CreateDCW
0x14007f1a8 CreateCompatibleDC
0x14007f1b0 GetDeviceCaps
ADVAPI32.dll
0x14007f000 GetUserNameW
0x14007f008 CryptAcquireContextW
0x14007f010 QueryServiceConfigW
0x14007f018 CryptReleaseContext
0x14007f020 CryptGetHashParam
0x14007f028 CryptCreateHash
0x14007f030 CryptHashData
0x14007f038 CryptDestroyHash
0x14007f040 OpenProcessToken
0x14007f048 AllocateAndInitializeSid
0x14007f050 CheckTokenMembership
0x14007f058 GetTokenInformation
0x14007f060 AdjustTokenPrivileges
0x14007f068 IsWellKnownSid
0x14007f070 LookupPrivilegeValueW
0x14007f078 RegCreateKeyExW
0x14007f080 QueryServiceStatus
0x14007f088 OpenServiceW
0x14007f090 OpenSCManagerW
0x14007f098 ControlService
0x14007f0a0 CloseServiceHandle
0x14007f0a8 ChangeServiceConfigW
0x14007f0b0 SetEntriesInAclW
0x14007f0b8 DecryptFileW
0x14007f0c0 InitializeAcl
0x14007f0c8 CreateWellKnownSid
0x14007f0d0 ConvertStringSecurityDescriptorToSecurityDescriptorW
0x14007f0d8 ReportEventW
0x14007f0e0 OpenEventLogW
0x14007f0e8 CloseEventLog
0x14007f0f0 RegQueryInfoKeyW
0x14007f0f8 RegDeleteValueW
0x14007f100 RegQueryValueExW
0x14007f108 InitiateSystemShutdownExW
0x14007f110 RegOpenKeyExW
0x14007f118 RegCloseKey
0x14007f120 SetNamedSecurityInfoW
0x14007f128 RegDeleteKeyW
0x14007f130 RegEnumKeyExW
0x14007f138 RegEnumValueW
0x14007f140 RegSetValueExW
0x14007f148 InitializeSecurityDescriptor
0x14007f150 SetSecurityDescriptorDacl
0x14007f158 SetSecurityDescriptorGroup
0x14007f160 SetSecurityDescriptorOwner
0x14007f168 SetEntriesInAclA
ole32.dll
0x14007f7e0 CoInitializeEx
0x14007f7e8 CoInitialize
0x14007f7f0 CoInitializeSecurity
0x14007f7f8 CoUninitialize
0x14007f800 CLSIDFromProgID
0x14007f808 CoTaskMemFree
0x14007f810 StringFromGUID2
0x14007f818 CoCreateInstance
OLEAUT32.dll
0x14007f6b8 VariantClear
0x14007f6c0 SysFreeString
0x14007f6c8 VariantInit
0x14007f6d0 SysAllocString
RPCRT4.dll
0x14007f6e0 UuidCreate
SHELL32.dll
0x14007f6f0 CommandLineToArgvW
0x14007f6f8 ShellExecuteExW
0x14007f700 SHGetFolderPathW
EAT(Export Address Table) is none