ScreenShot
| Created | 2025.02.03 10:12 | Machine | s1_win7_x6403 |
| Filename | 4422_8390.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | 52 detected (Common, Zenpak, Ghanarava, Artemis, Unsafe, malicious, confidence, 100%, GenusC, moderate confidence, a variant of Generik, KPBHAYJ, ccmw, CLASSIC, vkmrf, Inject5, GenKryptik, R002C0XAO25, Detected, Leonem, ABTrojan, YXBE, Injection, BScope, Floxif, FileInfector, Gencirc, Loader, susgen, PossibleThreat) | ||
| md5 | cd924dc9cb81d4fb6661bf3f0ce16f73 | ||
| sha256 | 128d93fde4a385b08849910b0e39792055b06c74a9955742511f056507778551 | ||
| ssdeep | 98304:6Z5XjIQUWoG7dPdVdjtT9jvwWJlslD86DtQXIAYCuPL8rn6M3M3tz:6XXUXG7dPdVdx+g+pL4na | ||
| imphash | 10d32482e7c4e2e0c811f5d7c438b820 | ||
| impfuzzy | 192:ZIF9tSJH+8yT7UBH3hUE3B0dkZksLUVhTg0qg5wqjcZcRcTaJRCUlEYpGUQPcQQa:A9tSQ83BH39BRk16tqjmExyjPQXNJC | ||
Network IP location
Signature (22cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 52 AntiVirus engines on VirusTotal as malicious |
| danger | Connects to an IP address that is no longer responding to requests (legitimate services will remain up-and-running usually) |
| danger | Executed a process and injected code into it |
| warning | Generates some ICMP traffic |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Communicates with host for which no DNS query was performed |
| watch | Installs itself for autorun at Windows startup |
| watch | One or more of the buffers contains an embedded PE file |
| watch | Potential code injection by writing to the memory of another process |
| watch | Used NtSetContextThread to modify a thread in a remote process indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates executable files on the filesystem |
| notice | One or more potentially interesting buffers were extracted |
| notice | Uses Windows utilities for basic Windows functionality |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
| info | Uses Windows APIs to generate a cryptographic key |
Rules (16cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (download) |
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (download) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
PE API
IAT(Import Address Table) Library
SHELL32.dll
0x64065c ExtractIconW
0x640660 DragFinish
0x640664 SHGetFileInfoW
0x640668 DragQueryFileW
0x64066c DragQueryPoint
0x640670 SHBrowseForFolderW
0x640674 SHGetPathFromIDListW
0x640678 Shell_NotifyIconW
0x64067c ShellExecuteExW
0x640680 SHChangeNotify
0x640684 SHGetSpecialFolderPathW
0x640688 ShellExecuteW
gdiplus.dll
0x640a9c GdipFillPolygonI
0x640aa0 GdipDrawEllipseI
0x640aa4 GdipFillPath
0x640aa8 GdipAddPathArcI
0x640aac GdipAddPathLineI
0x640ab0 GdipClosePathFigure
0x640ab4 GdipDeletePath
0x640ab8 GdipCreatePath
0x640abc GdiplusShutdown
0x640ac0 GdiplusStartup
0x640ac4 GdipCloneBrush
0x640ac8 GdipFillEllipseI
0x640acc GdipFillRectangleI
0x640ad0 GdipDrawArcI
0x640ad4 GdipDrawLineI
0x640ad8 GdipSetSmoothingMode
0x640adc GdipCreateFromHDC
0x640ae0 GdipCreateSolidFill
0x640ae4 GdipDeletePen
0x640ae8 GdipCreatePen1
0x640aec GdipAlloc
0x640af0 GdipFree
0x640af4 GdipDeleteBrush
0x640af8 GdipDeleteGraphics
WINMM.dll
0x6409e8 PlaySoundW
MSIMG32.dll
0x640594 AlphaBlend
KERNEL32.dll
0x640254 GlobalSize
0x640258 LocalAlloc
0x64025c InterlockedExchange
0x640260 RaiseException
0x640264 lstrcmpA
0x640268 GetModuleHandleA
0x64026c lstrcmpW
0x640270 CompareStringW
0x640274 GlobalDeleteAtom
0x640278 GlobalFindAtomW
0x64027c GlobalAddAtomW
0x640280 FreeResource
0x640284 InterlockedDecrement
0x640288 GlobalGetAtomNameW
0x64028c MoveFileW
0x640290 GetStringTypeExW
0x640294 GetThreadLocale
0x640298 lstrcmpiW
0x64029c GetVolumeInformationW
0x6402a0 GetShortPathNameW
0x6402a4 FileTimeToSystemTime
0x6402a8 FileTimeToLocalFileTime
0x6402ac LocalFileTimeToFileTime
0x6402b0 SetFileAttributesW
0x6402b4 GetFileSizeEx
0x6402b8 GetFileTime
0x6402bc CompareStringA
0x6402c0 EnumResourceLanguagesW
0x6402c4 ConvertDefaultLocale
0x6402c8 GetTempFileNameW
0x6402cc SetThreadPriority
0x6402d0 ResumeThread
0x6402d4 SetEvent
0x6402d8 SuspendThread
0x6402dc CreateEventW
0x6402e0 TlsGetValue
0x6402e4 GlobalReAlloc
0x6402e8 GlobalHandle
0x6402ec TlsAlloc
0x6402f0 TlsSetValue
0x6402f4 LocalReAlloc
0x6402f8 TlsFree
0x6402fc InterlockedIncrement
0x640300 GetAtomNameW
0x640304 GlobalFlags
0x640308 LocalUnlock
0x64030c LocalLock
0x640310 SetErrorMode
0x640314 GetPrivateProfileIntW
0x640318 WritePrivateProfileStringW
0x64031c GetPrivateProfileStringW
0x640320 GetStartupInfoW
0x640324 RtlUnwind
0x640328 GetDriveTypeW
0x64032c ExitProcess
0x640330 TerminateProcess
0x640334 UnhandledExceptionFilter
0x640338 SetUnhandledExceptionFilter
0x64033c IsDebuggerPresent
0x640340 ExitThread
0x640344 CreateThread
0x640348 VirtualProtect
0x64034c VirtualAlloc
0x640350 VirtualQuery
0x640354 SetStdHandle
0x640358 GetStdHandle
0x64035c GetModuleFileNameA
0x640360 FreeEnvironmentStringsW
0x640364 GetEnvironmentStringsW
0x640368 GetCommandLineW
0x64036c SetHandleCount
0x640370 GetStartupInfoA
0x640374 VirtualFree
0x640378 FatalAppExitA
0x64037c GetCPInfo
0x640380 GetOEMCP
0x640384 IsValidCodePage
0x640388 LCMapStringW
0x64038c GetCurrentDirectoryA
0x640390 SetCurrentDirectoryA
0x640394 SetConsoleCtrlHandler
0x640398 InitializeCriticalSectionAndSpinCount
0x64039c GetDriveTypeA
0x6403a0 GetConsoleCP
0x6403a4 GetConsoleMode
0x6403a8 LCMapStringA
0x6403ac GetStringTypeA
0x6403b0 GetTimeFormatA
0x6403b4 GetDateFormatA
0x6403b8 GetUserDefaultLCID
0x6403bc GetLocaleInfoA
0x6403c0 EnumSystemLocalesA
0x6403c4 IsValidLocale
0x6403c8 WriteConsoleA
0x6403cc GetConsoleOutputCP
0x6403d0 WriteConsoleW
0x6403d4 SetEnvironmentVariableA
0x6403d8 GlobalFree
0x6403dc lstrlenW
0x6403e0 GetTimeFormatEx
0x6403e4 GetDateFormatEx
0x6403e8 GetStringTypeW
0x6403ec GlobalAlloc
0x6403f0 GlobalLock
0x6403f4 GlobalUnlock
0x6403f8 SetFileTime
0x6403fc DosDateTimeToFileTime
0x640400 GetCurrentProcess
0x640404 DuplicateHandle
0x640408 GetFileType
0x64040c GetVersion
0x640410 GetACP
0x640414 GetLocaleInfoW
0x640418 TryEnterCriticalSection
0x64041c InitializeCriticalSection
0x640420 LeaveCriticalSection
0x640424 EnterCriticalSection
0x640428 DeleteCriticalSection
0x64042c AreFileApisANSI
0x640430 CreateFileA
0x640434 CreateFileMappingA
0x640438 CreateFileMappingW
0x64043c CreateMutexW
0x640440 DeleteFileA
0x640444 FlushFileBuffers
0x640448 FormatMessageA
0x64044c GetCurrentProcessId
0x640450 GetDiskFreeSpaceA
0x640454 GetDiskFreeSpaceW
0x640458 GetFileAttributesA
0x64045c GetFileAttributesW
0x640460 GetFileAttributesExW
0x640464 GetFullPathNameA
0x640468 GetFullPathNameW
0x64046c GetSystemInfo
0x640470 GetSystemTime
0x640474 GetSystemTimeAsFileTime
0x640478 GetTempPathA
0x64047c GetTempPathW
0x640480 GetTickCount
0x640484 GetVersionExA
0x640488 HeapAlloc
0x64048c HeapCreate
0x640490 HeapDestroy
0x640494 HeapFree
0x640498 HeapReAlloc
0x64049c HeapSize
0x6404a0 HeapValidate
0x6404a4 HeapCompact
0x6404a8 LoadLibraryA
0x6404ac LockFile
0x6404b0 LockFileEx
0x6404b4 MapViewOfFile
0x6404b8 QueryPerformanceCounter
0x6404bc SystemTimeToFileTime
0x6404c0 UnlockFile
0x6404c4 UnlockFileEx
0x6404c8 UnmapViewOfFile
0x6404cc WaitForSingleObjectEx
0x6404d0 OutputDebugStringA
0x6404d4 OutputDebugStringW
0x6404d8 GetProcessHeap
0x6404dc InterlockedCompareExchange
0x6404e0 FlushViewOfFile
0x6404e4 GetFileSize
0x6404e8 ReadFile
0x6404ec GetTimeZoneInformation
0x6404f0 GetLocalTime
0x6404f4 lstrlenA
0x6404f8 SetEndOfFile
0x6404fc SetFilePointer
0x640500 WriteFile
0x640504 GetSystemDirectoryW
0x640508 GetVersionExW
0x64050c GetLocaleInfoEx
0x640510 GetModuleFileNameW
0x640514 WaitForSingleObject
0x640518 GetCurrentDirectoryW
0x64051c CreateFileW
0x640520 CloseHandle
0x640524 CopyFileW
0x640528 CreateDirectoryW
0x64052c FindFirstFileW
0x640530 FindNextFileW
0x640534 FindClose
0x640538 DeleteFileW
0x64053c RemoveDirectoryW
0x640540 ExpandEnvironmentStringsW
0x640544 Sleep
0x640548 GetCurrentThreadId
0x64054c WideCharToMultiByte
0x640550 GetWindowsDirectoryW
0x640554 FreeLibrary
0x640558 SetLastError
0x64055c GetProcAddress
0x640560 GetModuleHandleW
0x640564 LoadLibraryW
0x640568 MulDiv
0x64056c GetLastError
0x640570 FormatMessageW
0x640574 LocalFree
0x640578 MultiByteToWideChar
0x64057c FindResourceW
0x640580 LoadResource
0x640584 LockResource
0x640588 SizeofResource
0x64058c GetCurrentThread
USER32.dll
0x6406b0 GetMenuBarInfo
0x6406b4 DestroyMenu
0x6406b8 ReuseDDElParam
0x6406bc UnpackDDElParam
0x6406c0 WaitMessage
0x6406c4 EndDialog
0x6406c8 GetNextDlgTabItem
0x6406cc CreateDialogIndirectParamW
0x6406d0 CharUpperW
0x6406d4 PostQuitMessage
0x6406d8 ValidateRect
0x6406dc GetMessageW
0x6406e0 ShowOwnedPopups
0x6406e4 RegisterClipboardFormatW
0x6406e8 GetSysColorBrush
0x6406ec UnregisterClassW
0x6406f0 IsRectEmpty
0x6406f4 DeleteMenu
0x6406f8 GetSystemMenu
0x6406fc GetDialogBaseUnits
0x640700 GetTabbedTextExtentW
0x640704 PostThreadMessageW
0x640708 GetDCEx
0x64070c LockWindowUpdate
0x640710 IsDialogMessageW
0x640714 IsDlgButtonChecked
0x640718 SetDlgItemTextW
0x64071c SetDlgItemInt
0x640720 GetDlgItemTextW
0x640724 GetDlgItemInt
0x640728 CheckRadioButton
0x64072c CheckDlgButton
0x640730 SetMenuItemBitmaps
0x640734 EnableMenuItem
0x640738 MapVirtualKeyW
0x64073c GetKeyNameTextW
0x640740 SendDlgItemMessageW
0x640744 SendDlgItemMessageA
0x640748 WinHelpW
0x64074c IsChild
0x640750 GetCapture
0x640754 SetWindowsHookExW
0x640758 CallNextHookEx
0x64075c GetClassLongW
0x640760 SetPropW
0x640764 GetPropW
0x640768 RemovePropW
0x64076c GetWindowTextLengthW
0x640770 UnhookWindowsHookEx
0x640774 GetMessageTime
0x640778 GetMessagePos
0x64077c MapWindowPoints
0x640780 ScrollWindow
0x640784 TrackPopupMenuEx
0x640788 SetMenu
0x64078c SetScrollRange
0x640790 GetScrollRange
0x640794 SetScrollPos
0x640798 GetScrollPos
0x64079c ShowScrollBar
0x6407a0 GetClassInfoExW
0x6407a4 AdjustWindowRectEx
0x6407a8 GetScrollInfo
0x6407ac SetScrollInfo
0x6407b0 SetWindowPlacement
0x6407b4 CallWindowProcW
0x6407b8 GetMenu
0x6407bc IntersectRect
0x6407c0 SystemParametersInfoA
0x6407c4 EndPaint
0x6407c8 BeginPaint
0x6407cc GrayStringW
0x6407d0 GetLastActivePopup
0x6407d4 IsWindowEnabled
0x6407d8 RemoveMenu
0x6407dc GetIconInfo
0x6407e0 RegisterClassExW
0x6407e4 ShowWindow
0x6407e8 DestroyWindow
0x6407ec DefWindowProcW
0x6407f0 TranslateMessage
0x6407f4 DispatchMessageW
0x6407f8 GetClipboardData
0x6407fc SetCursorPos
0x640800 CheckMenuItem
0x640804 DrawTextExW
0x640808 SetLayeredWindowAttributes
0x64080c SetWindowPos
0x640810 GetActiveWindow
0x640814 PeekMessageW
0x640818 GetMenuStringW
0x64081c GetMenuCheckMarkDimensions
0x640820 SetMenuItemInfoW
0x640824 GetMenuItemInfoW
0x640828 GetMenuState
0x64082c DrawEdge
0x640830 WindowFromPoint
0x640834 GetWindowPlacement
0x640838 ScreenToClient
0x64083c GetDlgItem
0x640840 SetFocus
0x640844 EmptyClipboard
0x640848 SetClipboardData
0x64084c CreateWindowExW
0x640850 CharLowerBuffW
0x640854 CharUpperBuffW
0x640858 IsClipboardFormatAvailable
0x64085c ModifyMenuW
0x640860 UnionRect
0x640864 GetWindowDC
0x640868 DrawTextW
0x64086c GetWindowLongW
0x640870 GetDlgCtrlID
0x640874 TrackMouseEvent
0x640878 TrackPopupMenu
0x64087c SetMenuDefaultItem
0x640880 SetParent
0x640884 LoadMenuW
0x640888 InsertMenuW
0x64088c GetSubMenu
0x640890 GetMenuItemID
0x640894 GetMenuItemCount
0x640898 AppendMenuW
0x64089c CreatePopupMenu
0x6408a0 SystemParametersInfoW
0x6408a4 PostMessageW
0x6408a8 LoadIconW
0x6408ac FindWindowW
0x6408b0 MessageBoxW
0x6408b4 BeginDeferWindowPos
0x6408b8 EndDeferWindowPos
0x6408bc DeferWindowPos
0x6408c0 LoadBitmapW
0x6408c4 RegisterWindowMessageW
0x6408c8 LoadImageW
0x6408cc GetClassInfoW
0x6408d0 RegisterClassW
0x6408d4 DestroyIcon
0x6408d8 EnumClipboardFormats
0x6408dc CloseClipboard
0x6408e0 GetTopWindow
0x6408e4 GetWindowTextW
0x6408e8 GetClassNameW
0x6408ec IsIconic
0x6408f0 GetKeyState
0x6408f4 ReleaseDC
0x6408f8 GetDC
0x6408fc CreateIconIndirect
0x640900 PtInRect
0x640904 SendMessageW
0x640908 RegisterHotKey
0x64090c GetForegroundWindow
0x640910 GetWindowThreadProcessId
0x640914 AttachThreadInput
0x640918 EnumDisplayMonitors
0x64091c GetMonitorInfoW
0x640920 GetSystemMetrics
0x640924 OpenClipboard
0x640928 SetActiveWindow
0x64092c IsWindowVisible
0x640930 IsZoomed
0x640934 MonitorFromWindow
0x640938 UnregisterHotKey
0x64093c SetForegroundWindow
0x640940 EqualRect
0x640944 OffsetRect
0x640948 SetRect
0x64094c GetDesktopWindow
0x640950 GetWindow
0x640954 GetFocus
0x640958 UpdateWindow
0x64095c DrawFocusRect
0x640960 FillRect
0x640964 CopyRect
0x640968 DestroyCursor
0x64096c SetWindowLongW
0x640970 MessageBeep
0x640974 LoadCursorW
0x640978 LoadAcceleratorsW
0x64097c InsertMenuItemW
0x640980 SetRectEmpty
0x640984 BringWindowToTop
0x640988 TranslateAcceleratorW
0x64098c ScrollWindowEx
0x640990 MoveWindow
0x640994 SetWindowTextW
0x640998 GetWindowRect
0x64099c GetClientRect
0x6409a0 ClientToScreen
0x6409a4 InvalidateRect
0x6409a8 SetTimer
0x6409ac KillTimer
0x6409b0 SetCapture
0x6409b4 GetParent
0x6409b8 EnableWindow
0x6409bc GetCursorPos
0x6409c0 GetAsyncKeyState
0x6409c4 ReleaseCapture
0x6409c8 IsWindow
0x6409cc SetCursor
0x6409d0 InflateRect
0x6409d4 RedrawWindow
0x6409d8 GetSysColor
0x6409dc CopyIcon
0x6409e0 TabbedTextOutW
GDI32.dll
0x640080 ExtTextOutW
0x640084 AddFontMemResourceEx
0x640088 Rectangle
0x64008c ExcludeClipRect
0x640090 CreateBitmap
0x640094 SetBitmapBits
0x640098 GetBitmapBits
0x64009c SetPolyFillMode
0x6400a0 SetROP2
0x6400a4 SetGraphicsMode
0x6400a8 SetWorldTransform
0x6400ac ModifyWorldTransform
0x6400b0 SetMapMode
0x6400b4 IntersectClipRect
0x6400b8 OffsetClipRgn
0x6400bc LineTo
0x6400c0 MoveToEx
0x6400c4 SetTextAlign
0x6400c8 SetTextJustification
0x6400cc SetTextCharacterExtra
0x6400d0 SetMapperFlags
0x6400d4 SetArcDirection
0x6400d8 SetColorAdjustment
0x6400dc SelectClipRgn
0x6400e0 GetClipRgn
0x6400e4 CreateRectRgn
0x6400e8 SelectClipPath
0x6400ec GetViewportExtEx
0x6400f0 GetWindowExtEx
0x6400f4 PtVisible
0x6400f8 SetBkMode
0x6400fc Escape
0x640100 SetViewportOrgEx
0x640104 OffsetViewportOrgEx
0x640108 SetViewportExtEx
0x64010c ScaleViewportExtEx
0x640110 SetWindowOrgEx
0x640114 OffsetWindowOrgEx
0x640118 SetWindowExtEx
0x64011c ScaleWindowExtEx
0x640120 GetCurrentPositionEx
0x640124 ArcTo
0x640128 PolyDraw
0x64012c PolylineTo
0x640130 PolyBezierTo
0x640134 PlayMetaFileRecord
0x640138 GetObjectType
0x64013c EnumMetaFile
0x640140 PlayMetaFile
0x640144 ExtCreatePen
0x640148 CreateHatchBrush
0x64014c GetDCOrgEx
0x640150 SetAbortProc
0x640154 AbortDoc
0x640158 SetRectRgn
0x64015c CombineRgn
0x640160 GetCharWidthW
0x640164 CreateFontW
0x640168 GetTextMetricsW
0x64016c GetBkColor
0x640170 SetTextColor
0x640174 CreateDCW
0x640178 CreateDIBSection
0x64017c CreatePen
0x640180 CreateSolidBrush
0x640184 EndDoc
0x640188 EndPage
0x64018c StartPage
0x640190 StartDocW
0x640194 StretchBlt
0x640198 BitBlt
0x64019c DPtoLP
0x6401a0 GetMapMode
0x6401a4 GetDeviceCaps
0x6401a8 GetDIBits
0x6401ac SetDIBits
0x6401b0 CreateBitmapIndirect
0x6401b4 CreatePatternBrush
0x6401b8 GetCurrentObject
0x6401bc CreateRectRgnIndirect
0x6401c0 GetTextExtentPoint32W
0x6401c4 GetStockObject
0x6401c8 DeleteObject
0x6401cc CreateFontIndirectW
0x6401d0 CreateCompatibleDC
0x6401d4 GetObjectW
0x6401d8 CreateCompatibleBitmap
0x6401dc SelectObject
0x6401e0 SetPixel
0x6401e4 GetPixel
0x6401e8 TextOutW
0x6401ec DeleteDC
0x6401f0 SetEnhMetaFileBits
0x6401f4 GetEnhMetaFileHeader
0x6401f8 SetWinMetaFileBits
0x6401fc DeleteEnhMetaFile
0x640200 GetEnhMetaFilePaletteEntries
0x640204 CreatePalette
0x640208 SelectPalette
0x64020c PlayEnhMetaFile
0x640210 RectVisible
0x640214 SetBkColor
0x640218 SaveDC
0x64021c GetClipBox
0x640220 ExtSelectClipRgn
0x640224 SetStretchBltMode
0x640228 StretchDIBits
0x64022c SetDIBitsToDevice
0x640230 RestoreDC
0x640234 RealizePalette
0x640238 CreateDIBPatternBrushPt
0x64023c SetBrushOrgEx
0x640240 PatBlt
0x640244 Ellipse
0x640248 CreateBrushIndirect
0x64024c CopyMetaFileW
COMDLG32.dll
0x640070 GetOpenFileNameW
0x640074 GetSaveFileNameW
0x640078 GetFileTitleW
WINSPOOL.DRV
0x6409f0 GetJobW
0x6409f4 ClosePrinter
0x6409f8 DocumentPropertiesW
0x6409fc OpenPrinterW
ADVAPI32.dll
0x640000 RegDeleteKeyW
0x640004 CryptDestroyKey
0x640008 GetFileSecurityW
0x64000c SetFileSecurityW
0x640010 RegDeleteValueW
0x640014 RegCreateKeyW
0x640018 RegEnumKeyW
0x64001c RegOpenKeyW
0x640020 RegSetValueW
0x640024 CryptGetHashParam
0x640028 RegCreateKeyExW
0x64002c RegSetValueExW
0x640030 CryptReleaseContext
0x640034 RegQueryValueExW
0x640038 RegOpenKeyExW
0x64003c RegQueryValueW
0x640040 RegCloseKey
0x640044 CryptAcquireContextW
0x640048 CryptCreateHash
0x64004c CryptHashData
0x640050 CryptDeriveKey
0x640054 CryptDecrypt
0x640058 CryptEncrypt
0x64005c CryptDestroyHash
COMCTL32.dll
0x640064 InitCommonControlsEx
0x640068 _TrackMouseEvent
SHLWAPI.dll
0x640690 PathFindFileNameW
0x640694 PathRemoveExtensionW
0x640698 PathFindExtensionW
0x64069c PathIsUNCW
0x6406a0 PathStripToRootW
0x6406a4 SHStrDupW
0x6406a8 PathRemoveFileSpecW
oledlg.dll
0x640b94 OleUIBusyW
ole32.dll
0x640b00 CLSIDFromProgID
0x640b04 CoTreatAsClass
0x640b08 StgCreateDocfileOnILockBytes
0x640b0c CreateILockBytesOnHGlobal
0x640b10 CoInitialize
0x640b14 PropVariantClear
0x640b18 CoCreateInstance
0x640b1c CreateStreamOnHGlobal
0x640b20 CoTaskMemFree
0x640b24 SetConvertStg
0x640b28 WriteFmtUserTypeStg
0x640b2c WriteClassStg
0x640b30 OleRegGetUserType
0x640b34 ReadFmtUserTypeStg
0x640b38 ReadClassStg
0x640b3c CreateBindCtx
0x640b40 ReleaseStgMedium
0x640b44 CoTaskMemAlloc
0x640b48 StringFromCLSID
0x640b4c OleRun
0x640b50 CoRegisterMessageFilter
0x640b54 OleFlushClipboard
0x640b58 OleIsCurrentClipboard
0x640b5c OleSetClipboard
0x640b60 CoRevokeClassObject
0x640b64 CoRegisterClassObject
0x640b68 CoGetClassObject
0x640b6c CoInitializeEx
0x640b70 CoUninitialize
0x640b74 CLSIDFromString
0x640b78 StringFromGUID2
0x640b7c CoDisconnectObject
0x640b80 OleInitialize
0x640b84 CoFreeUnusedLibraries
0x640b88 OleUninitialize
0x640b8c OleDuplicateData
OLEAUT32.dll
0x64059c VarDateFromStr
0x6405a0 OleLoadPicture
0x6405a4 OleLoadPicturePath
0x6405a8 SysFreeString
0x6405ac SysStringLen
0x6405b0 SysAllocStringByteLen
0x6405b4 SysStringByteLen
0x6405b8 SysAllocStringLen
0x6405bc VariantClear
0x6405c0 VariantChangeType
0x6405c4 SystemTimeToVariantTime
0x6405c8 RegisterTypeLib
0x6405cc LoadTypeLib
0x6405d0 LoadRegTypeLib
0x6405d4 SafeArrayUnaccessData
0x6405d8 SafeArrayAccessData
0x6405dc SafeArrayGetUBound
0x6405e0 SafeArrayGetLBound
0x6405e4 SafeArrayGetElemsize
0x6405e8 SafeArrayGetDim
0x6405ec SafeArrayCreate
0x6405f0 VariantInit
0x6405f4 VariantTimeToSystemTime
0x6405f8 SafeArrayRedim
0x6405fc VariantCopy
0x640600 SafeArrayAllocData
0x640604 SafeArrayAllocDescriptor
0x640608 SafeArrayCopy
0x64060c SafeArrayGetElement
0x640610 SafeArrayPtrOfIndex
0x640614 SafeArrayPutElement
0x640618 SafeArrayLock
0x64061c SafeArrayUnlock
0x640620 SafeArrayDestroy
0x640624 SafeArrayDestroyData
0x640628 SafeArrayDestroyDescriptor
0x64062c SysReAllocStringLen
0x640630 VarCyFromStr
0x640634 VarBstrFromCy
0x640638 VarBstrFromDec
0x64063c VarDecFromStr
0x640640 VarBstrFromDate
0x640644 SysAllocString
WS2_32.dll
0x640a04 WSASetLastError
0x640a08 WSAAsyncSelect
0x640a0c htons
0x640a10 htonl
0x640a14 getnameinfo
0x640a18 ntohs
0x640a1c select
0x640a20 socket
0x640a24 shutdown
0x640a28 sendto
0x640a2c send
0x640a30 recvfrom
0x640a34 recv
0x640a38 WSACreateEvent
0x640a3c gethostname
0x640a40 WSAEnumNetworkEvents
0x640a44 ioctlsocket
0x640a48 connect
0x640a4c ind
0x640a50 getsockopt
0x640a54 setsockopt
0x640a58 accept
0x640a5c getsockname
0x640a60 getpeername
0x640a64 GetAddrInfoW
0x640a68 FreeAddrInfoW
0x640a6c closesocket
0x640a70 WSAGetLastError
0x640a74 inet_addr
0x640a78 gethostbyaddr
0x640a7c gethostbyname
0x640a80 listen
0x640a84 WSACleanup
0x640a88 WSACloseEvent
0x640a8c inet_ntoa
0x640a90 WSAEventSelect
0x640a94 WSAStartup
RPCRT4.dll
0x64064c RpcStringFreeW
0x640650 UuidToStringW
0x640654 UuidCreate
EAT(Export Address Table) is none
SHELL32.dll
0x64065c ExtractIconW
0x640660 DragFinish
0x640664 SHGetFileInfoW
0x640668 DragQueryFileW
0x64066c DragQueryPoint
0x640670 SHBrowseForFolderW
0x640674 SHGetPathFromIDListW
0x640678 Shell_NotifyIconW
0x64067c ShellExecuteExW
0x640680 SHChangeNotify
0x640684 SHGetSpecialFolderPathW
0x640688 ShellExecuteW
gdiplus.dll
0x640a9c GdipFillPolygonI
0x640aa0 GdipDrawEllipseI
0x640aa4 GdipFillPath
0x640aa8 GdipAddPathArcI
0x640aac GdipAddPathLineI
0x640ab0 GdipClosePathFigure
0x640ab4 GdipDeletePath
0x640ab8 GdipCreatePath
0x640abc GdiplusShutdown
0x640ac0 GdiplusStartup
0x640ac4 GdipCloneBrush
0x640ac8 GdipFillEllipseI
0x640acc GdipFillRectangleI
0x640ad0 GdipDrawArcI
0x640ad4 GdipDrawLineI
0x640ad8 GdipSetSmoothingMode
0x640adc GdipCreateFromHDC
0x640ae0 GdipCreateSolidFill
0x640ae4 GdipDeletePen
0x640ae8 GdipCreatePen1
0x640aec GdipAlloc
0x640af0 GdipFree
0x640af4 GdipDeleteBrush
0x640af8 GdipDeleteGraphics
WINMM.dll
0x6409e8 PlaySoundW
MSIMG32.dll
0x640594 AlphaBlend
KERNEL32.dll
0x640254 GlobalSize
0x640258 LocalAlloc
0x64025c InterlockedExchange
0x640260 RaiseException
0x640264 lstrcmpA
0x640268 GetModuleHandleA
0x64026c lstrcmpW
0x640270 CompareStringW
0x640274 GlobalDeleteAtom
0x640278 GlobalFindAtomW
0x64027c GlobalAddAtomW
0x640280 FreeResource
0x640284 InterlockedDecrement
0x640288 GlobalGetAtomNameW
0x64028c MoveFileW
0x640290 GetStringTypeExW
0x640294 GetThreadLocale
0x640298 lstrcmpiW
0x64029c GetVolumeInformationW
0x6402a0 GetShortPathNameW
0x6402a4 FileTimeToSystemTime
0x6402a8 FileTimeToLocalFileTime
0x6402ac LocalFileTimeToFileTime
0x6402b0 SetFileAttributesW
0x6402b4 GetFileSizeEx
0x6402b8 GetFileTime
0x6402bc CompareStringA
0x6402c0 EnumResourceLanguagesW
0x6402c4 ConvertDefaultLocale
0x6402c8 GetTempFileNameW
0x6402cc SetThreadPriority
0x6402d0 ResumeThread
0x6402d4 SetEvent
0x6402d8 SuspendThread
0x6402dc CreateEventW
0x6402e0 TlsGetValue
0x6402e4 GlobalReAlloc
0x6402e8 GlobalHandle
0x6402ec TlsAlloc
0x6402f0 TlsSetValue
0x6402f4 LocalReAlloc
0x6402f8 TlsFree
0x6402fc InterlockedIncrement
0x640300 GetAtomNameW
0x640304 GlobalFlags
0x640308 LocalUnlock
0x64030c LocalLock
0x640310 SetErrorMode
0x640314 GetPrivateProfileIntW
0x640318 WritePrivateProfileStringW
0x64031c GetPrivateProfileStringW
0x640320 GetStartupInfoW
0x640324 RtlUnwind
0x640328 GetDriveTypeW
0x64032c ExitProcess
0x640330 TerminateProcess
0x640334 UnhandledExceptionFilter
0x640338 SetUnhandledExceptionFilter
0x64033c IsDebuggerPresent
0x640340 ExitThread
0x640344 CreateThread
0x640348 VirtualProtect
0x64034c VirtualAlloc
0x640350 VirtualQuery
0x640354 SetStdHandle
0x640358 GetStdHandle
0x64035c GetModuleFileNameA
0x640360 FreeEnvironmentStringsW
0x640364 GetEnvironmentStringsW
0x640368 GetCommandLineW
0x64036c SetHandleCount
0x640370 GetStartupInfoA
0x640374 VirtualFree
0x640378 FatalAppExitA
0x64037c GetCPInfo
0x640380 GetOEMCP
0x640384 IsValidCodePage
0x640388 LCMapStringW
0x64038c GetCurrentDirectoryA
0x640390 SetCurrentDirectoryA
0x640394 SetConsoleCtrlHandler
0x640398 InitializeCriticalSectionAndSpinCount
0x64039c GetDriveTypeA
0x6403a0 GetConsoleCP
0x6403a4 GetConsoleMode
0x6403a8 LCMapStringA
0x6403ac GetStringTypeA
0x6403b0 GetTimeFormatA
0x6403b4 GetDateFormatA
0x6403b8 GetUserDefaultLCID
0x6403bc GetLocaleInfoA
0x6403c0 EnumSystemLocalesA
0x6403c4 IsValidLocale
0x6403c8 WriteConsoleA
0x6403cc GetConsoleOutputCP
0x6403d0 WriteConsoleW
0x6403d4 SetEnvironmentVariableA
0x6403d8 GlobalFree
0x6403dc lstrlenW
0x6403e0 GetTimeFormatEx
0x6403e4 GetDateFormatEx
0x6403e8 GetStringTypeW
0x6403ec GlobalAlloc
0x6403f0 GlobalLock
0x6403f4 GlobalUnlock
0x6403f8 SetFileTime
0x6403fc DosDateTimeToFileTime
0x640400 GetCurrentProcess
0x640404 DuplicateHandle
0x640408 GetFileType
0x64040c GetVersion
0x640410 GetACP
0x640414 GetLocaleInfoW
0x640418 TryEnterCriticalSection
0x64041c InitializeCriticalSection
0x640420 LeaveCriticalSection
0x640424 EnterCriticalSection
0x640428 DeleteCriticalSection
0x64042c AreFileApisANSI
0x640430 CreateFileA
0x640434 CreateFileMappingA
0x640438 CreateFileMappingW
0x64043c CreateMutexW
0x640440 DeleteFileA
0x640444 FlushFileBuffers
0x640448 FormatMessageA
0x64044c GetCurrentProcessId
0x640450 GetDiskFreeSpaceA
0x640454 GetDiskFreeSpaceW
0x640458 GetFileAttributesA
0x64045c GetFileAttributesW
0x640460 GetFileAttributesExW
0x640464 GetFullPathNameA
0x640468 GetFullPathNameW
0x64046c GetSystemInfo
0x640470 GetSystemTime
0x640474 GetSystemTimeAsFileTime
0x640478 GetTempPathA
0x64047c GetTempPathW
0x640480 GetTickCount
0x640484 GetVersionExA
0x640488 HeapAlloc
0x64048c HeapCreate
0x640490 HeapDestroy
0x640494 HeapFree
0x640498 HeapReAlloc
0x64049c HeapSize
0x6404a0 HeapValidate
0x6404a4 HeapCompact
0x6404a8 LoadLibraryA
0x6404ac LockFile
0x6404b0 LockFileEx
0x6404b4 MapViewOfFile
0x6404b8 QueryPerformanceCounter
0x6404bc SystemTimeToFileTime
0x6404c0 UnlockFile
0x6404c4 UnlockFileEx
0x6404c8 UnmapViewOfFile
0x6404cc WaitForSingleObjectEx
0x6404d0 OutputDebugStringA
0x6404d4 OutputDebugStringW
0x6404d8 GetProcessHeap
0x6404dc InterlockedCompareExchange
0x6404e0 FlushViewOfFile
0x6404e4 GetFileSize
0x6404e8 ReadFile
0x6404ec GetTimeZoneInformation
0x6404f0 GetLocalTime
0x6404f4 lstrlenA
0x6404f8 SetEndOfFile
0x6404fc SetFilePointer
0x640500 WriteFile
0x640504 GetSystemDirectoryW
0x640508 GetVersionExW
0x64050c GetLocaleInfoEx
0x640510 GetModuleFileNameW
0x640514 WaitForSingleObject
0x640518 GetCurrentDirectoryW
0x64051c CreateFileW
0x640520 CloseHandle
0x640524 CopyFileW
0x640528 CreateDirectoryW
0x64052c FindFirstFileW
0x640530 FindNextFileW
0x640534 FindClose
0x640538 DeleteFileW
0x64053c RemoveDirectoryW
0x640540 ExpandEnvironmentStringsW
0x640544 Sleep
0x640548 GetCurrentThreadId
0x64054c WideCharToMultiByte
0x640550 GetWindowsDirectoryW
0x640554 FreeLibrary
0x640558 SetLastError
0x64055c GetProcAddress
0x640560 GetModuleHandleW
0x640564 LoadLibraryW
0x640568 MulDiv
0x64056c GetLastError
0x640570 FormatMessageW
0x640574 LocalFree
0x640578 MultiByteToWideChar
0x64057c FindResourceW
0x640580 LoadResource
0x640584 LockResource
0x640588 SizeofResource
0x64058c GetCurrentThread
USER32.dll
0x6406b0 GetMenuBarInfo
0x6406b4 DestroyMenu
0x6406b8 ReuseDDElParam
0x6406bc UnpackDDElParam
0x6406c0 WaitMessage
0x6406c4 EndDialog
0x6406c8 GetNextDlgTabItem
0x6406cc CreateDialogIndirectParamW
0x6406d0 CharUpperW
0x6406d4 PostQuitMessage
0x6406d8 ValidateRect
0x6406dc GetMessageW
0x6406e0 ShowOwnedPopups
0x6406e4 RegisterClipboardFormatW
0x6406e8 GetSysColorBrush
0x6406ec UnregisterClassW
0x6406f0 IsRectEmpty
0x6406f4 DeleteMenu
0x6406f8 GetSystemMenu
0x6406fc GetDialogBaseUnits
0x640700 GetTabbedTextExtentW
0x640704 PostThreadMessageW
0x640708 GetDCEx
0x64070c LockWindowUpdate
0x640710 IsDialogMessageW
0x640714 IsDlgButtonChecked
0x640718 SetDlgItemTextW
0x64071c SetDlgItemInt
0x640720 GetDlgItemTextW
0x640724 GetDlgItemInt
0x640728 CheckRadioButton
0x64072c CheckDlgButton
0x640730 SetMenuItemBitmaps
0x640734 EnableMenuItem
0x640738 MapVirtualKeyW
0x64073c GetKeyNameTextW
0x640740 SendDlgItemMessageW
0x640744 SendDlgItemMessageA
0x640748 WinHelpW
0x64074c IsChild
0x640750 GetCapture
0x640754 SetWindowsHookExW
0x640758 CallNextHookEx
0x64075c GetClassLongW
0x640760 SetPropW
0x640764 GetPropW
0x640768 RemovePropW
0x64076c GetWindowTextLengthW
0x640770 UnhookWindowsHookEx
0x640774 GetMessageTime
0x640778 GetMessagePos
0x64077c MapWindowPoints
0x640780 ScrollWindow
0x640784 TrackPopupMenuEx
0x640788 SetMenu
0x64078c SetScrollRange
0x640790 GetScrollRange
0x640794 SetScrollPos
0x640798 GetScrollPos
0x64079c ShowScrollBar
0x6407a0 GetClassInfoExW
0x6407a4 AdjustWindowRectEx
0x6407a8 GetScrollInfo
0x6407ac SetScrollInfo
0x6407b0 SetWindowPlacement
0x6407b4 CallWindowProcW
0x6407b8 GetMenu
0x6407bc IntersectRect
0x6407c0 SystemParametersInfoA
0x6407c4 EndPaint
0x6407c8 BeginPaint
0x6407cc GrayStringW
0x6407d0 GetLastActivePopup
0x6407d4 IsWindowEnabled
0x6407d8 RemoveMenu
0x6407dc GetIconInfo
0x6407e0 RegisterClassExW
0x6407e4 ShowWindow
0x6407e8 DestroyWindow
0x6407ec DefWindowProcW
0x6407f0 TranslateMessage
0x6407f4 DispatchMessageW
0x6407f8 GetClipboardData
0x6407fc SetCursorPos
0x640800 CheckMenuItem
0x640804 DrawTextExW
0x640808 SetLayeredWindowAttributes
0x64080c SetWindowPos
0x640810 GetActiveWindow
0x640814 PeekMessageW
0x640818 GetMenuStringW
0x64081c GetMenuCheckMarkDimensions
0x640820 SetMenuItemInfoW
0x640824 GetMenuItemInfoW
0x640828 GetMenuState
0x64082c DrawEdge
0x640830 WindowFromPoint
0x640834 GetWindowPlacement
0x640838 ScreenToClient
0x64083c GetDlgItem
0x640840 SetFocus
0x640844 EmptyClipboard
0x640848 SetClipboardData
0x64084c CreateWindowExW
0x640850 CharLowerBuffW
0x640854 CharUpperBuffW
0x640858 IsClipboardFormatAvailable
0x64085c ModifyMenuW
0x640860 UnionRect
0x640864 GetWindowDC
0x640868 DrawTextW
0x64086c GetWindowLongW
0x640870 GetDlgCtrlID
0x640874 TrackMouseEvent
0x640878 TrackPopupMenu
0x64087c SetMenuDefaultItem
0x640880 SetParent
0x640884 LoadMenuW
0x640888 InsertMenuW
0x64088c GetSubMenu
0x640890 GetMenuItemID
0x640894 GetMenuItemCount
0x640898 AppendMenuW
0x64089c CreatePopupMenu
0x6408a0 SystemParametersInfoW
0x6408a4 PostMessageW
0x6408a8 LoadIconW
0x6408ac FindWindowW
0x6408b0 MessageBoxW
0x6408b4 BeginDeferWindowPos
0x6408b8 EndDeferWindowPos
0x6408bc DeferWindowPos
0x6408c0 LoadBitmapW
0x6408c4 RegisterWindowMessageW
0x6408c8 LoadImageW
0x6408cc GetClassInfoW
0x6408d0 RegisterClassW
0x6408d4 DestroyIcon
0x6408d8 EnumClipboardFormats
0x6408dc CloseClipboard
0x6408e0 GetTopWindow
0x6408e4 GetWindowTextW
0x6408e8 GetClassNameW
0x6408ec IsIconic
0x6408f0 GetKeyState
0x6408f4 ReleaseDC
0x6408f8 GetDC
0x6408fc CreateIconIndirect
0x640900 PtInRect
0x640904 SendMessageW
0x640908 RegisterHotKey
0x64090c GetForegroundWindow
0x640910 GetWindowThreadProcessId
0x640914 AttachThreadInput
0x640918 EnumDisplayMonitors
0x64091c GetMonitorInfoW
0x640920 GetSystemMetrics
0x640924 OpenClipboard
0x640928 SetActiveWindow
0x64092c IsWindowVisible
0x640930 IsZoomed
0x640934 MonitorFromWindow
0x640938 UnregisterHotKey
0x64093c SetForegroundWindow
0x640940 EqualRect
0x640944 OffsetRect
0x640948 SetRect
0x64094c GetDesktopWindow
0x640950 GetWindow
0x640954 GetFocus
0x640958 UpdateWindow
0x64095c DrawFocusRect
0x640960 FillRect
0x640964 CopyRect
0x640968 DestroyCursor
0x64096c SetWindowLongW
0x640970 MessageBeep
0x640974 LoadCursorW
0x640978 LoadAcceleratorsW
0x64097c InsertMenuItemW
0x640980 SetRectEmpty
0x640984 BringWindowToTop
0x640988 TranslateAcceleratorW
0x64098c ScrollWindowEx
0x640990 MoveWindow
0x640994 SetWindowTextW
0x640998 GetWindowRect
0x64099c GetClientRect
0x6409a0 ClientToScreen
0x6409a4 InvalidateRect
0x6409a8 SetTimer
0x6409ac KillTimer
0x6409b0 SetCapture
0x6409b4 GetParent
0x6409b8 EnableWindow
0x6409bc GetCursorPos
0x6409c0 GetAsyncKeyState
0x6409c4 ReleaseCapture
0x6409c8 IsWindow
0x6409cc SetCursor
0x6409d0 InflateRect
0x6409d4 RedrawWindow
0x6409d8 GetSysColor
0x6409dc CopyIcon
0x6409e0 TabbedTextOutW
GDI32.dll
0x640080 ExtTextOutW
0x640084 AddFontMemResourceEx
0x640088 Rectangle
0x64008c ExcludeClipRect
0x640090 CreateBitmap
0x640094 SetBitmapBits
0x640098 GetBitmapBits
0x64009c SetPolyFillMode
0x6400a0 SetROP2
0x6400a4 SetGraphicsMode
0x6400a8 SetWorldTransform
0x6400ac ModifyWorldTransform
0x6400b0 SetMapMode
0x6400b4 IntersectClipRect
0x6400b8 OffsetClipRgn
0x6400bc LineTo
0x6400c0 MoveToEx
0x6400c4 SetTextAlign
0x6400c8 SetTextJustification
0x6400cc SetTextCharacterExtra
0x6400d0 SetMapperFlags
0x6400d4 SetArcDirection
0x6400d8 SetColorAdjustment
0x6400dc SelectClipRgn
0x6400e0 GetClipRgn
0x6400e4 CreateRectRgn
0x6400e8 SelectClipPath
0x6400ec GetViewportExtEx
0x6400f0 GetWindowExtEx
0x6400f4 PtVisible
0x6400f8 SetBkMode
0x6400fc Escape
0x640100 SetViewportOrgEx
0x640104 OffsetViewportOrgEx
0x640108 SetViewportExtEx
0x64010c ScaleViewportExtEx
0x640110 SetWindowOrgEx
0x640114 OffsetWindowOrgEx
0x640118 SetWindowExtEx
0x64011c ScaleWindowExtEx
0x640120 GetCurrentPositionEx
0x640124 ArcTo
0x640128 PolyDraw
0x64012c PolylineTo
0x640130 PolyBezierTo
0x640134 PlayMetaFileRecord
0x640138 GetObjectType
0x64013c EnumMetaFile
0x640140 PlayMetaFile
0x640144 ExtCreatePen
0x640148 CreateHatchBrush
0x64014c GetDCOrgEx
0x640150 SetAbortProc
0x640154 AbortDoc
0x640158 SetRectRgn
0x64015c CombineRgn
0x640160 GetCharWidthW
0x640164 CreateFontW
0x640168 GetTextMetricsW
0x64016c GetBkColor
0x640170 SetTextColor
0x640174 CreateDCW
0x640178 CreateDIBSection
0x64017c CreatePen
0x640180 CreateSolidBrush
0x640184 EndDoc
0x640188 EndPage
0x64018c StartPage
0x640190 StartDocW
0x640194 StretchBlt
0x640198 BitBlt
0x64019c DPtoLP
0x6401a0 GetMapMode
0x6401a4 GetDeviceCaps
0x6401a8 GetDIBits
0x6401ac SetDIBits
0x6401b0 CreateBitmapIndirect
0x6401b4 CreatePatternBrush
0x6401b8 GetCurrentObject
0x6401bc CreateRectRgnIndirect
0x6401c0 GetTextExtentPoint32W
0x6401c4 GetStockObject
0x6401c8 DeleteObject
0x6401cc CreateFontIndirectW
0x6401d0 CreateCompatibleDC
0x6401d4 GetObjectW
0x6401d8 CreateCompatibleBitmap
0x6401dc SelectObject
0x6401e0 SetPixel
0x6401e4 GetPixel
0x6401e8 TextOutW
0x6401ec DeleteDC
0x6401f0 SetEnhMetaFileBits
0x6401f4 GetEnhMetaFileHeader
0x6401f8 SetWinMetaFileBits
0x6401fc DeleteEnhMetaFile
0x640200 GetEnhMetaFilePaletteEntries
0x640204 CreatePalette
0x640208 SelectPalette
0x64020c PlayEnhMetaFile
0x640210 RectVisible
0x640214 SetBkColor
0x640218 SaveDC
0x64021c GetClipBox
0x640220 ExtSelectClipRgn
0x640224 SetStretchBltMode
0x640228 StretchDIBits
0x64022c SetDIBitsToDevice
0x640230 RestoreDC
0x640234 RealizePalette
0x640238 CreateDIBPatternBrushPt
0x64023c SetBrushOrgEx
0x640240 PatBlt
0x640244 Ellipse
0x640248 CreateBrushIndirect
0x64024c CopyMetaFileW
COMDLG32.dll
0x640070 GetOpenFileNameW
0x640074 GetSaveFileNameW
0x640078 GetFileTitleW
WINSPOOL.DRV
0x6409f0 GetJobW
0x6409f4 ClosePrinter
0x6409f8 DocumentPropertiesW
0x6409fc OpenPrinterW
ADVAPI32.dll
0x640000 RegDeleteKeyW
0x640004 CryptDestroyKey
0x640008 GetFileSecurityW
0x64000c SetFileSecurityW
0x640010 RegDeleteValueW
0x640014 RegCreateKeyW
0x640018 RegEnumKeyW
0x64001c RegOpenKeyW
0x640020 RegSetValueW
0x640024 CryptGetHashParam
0x640028 RegCreateKeyExW
0x64002c RegSetValueExW
0x640030 CryptReleaseContext
0x640034 RegQueryValueExW
0x640038 RegOpenKeyExW
0x64003c RegQueryValueW
0x640040 RegCloseKey
0x640044 CryptAcquireContextW
0x640048 CryptCreateHash
0x64004c CryptHashData
0x640050 CryptDeriveKey
0x640054 CryptDecrypt
0x640058 CryptEncrypt
0x64005c CryptDestroyHash
COMCTL32.dll
0x640064 InitCommonControlsEx
0x640068 _TrackMouseEvent
SHLWAPI.dll
0x640690 PathFindFileNameW
0x640694 PathRemoveExtensionW
0x640698 PathFindExtensionW
0x64069c PathIsUNCW
0x6406a0 PathStripToRootW
0x6406a4 SHStrDupW
0x6406a8 PathRemoveFileSpecW
oledlg.dll
0x640b94 OleUIBusyW
ole32.dll
0x640b00 CLSIDFromProgID
0x640b04 CoTreatAsClass
0x640b08 StgCreateDocfileOnILockBytes
0x640b0c CreateILockBytesOnHGlobal
0x640b10 CoInitialize
0x640b14 PropVariantClear
0x640b18 CoCreateInstance
0x640b1c CreateStreamOnHGlobal
0x640b20 CoTaskMemFree
0x640b24 SetConvertStg
0x640b28 WriteFmtUserTypeStg
0x640b2c WriteClassStg
0x640b30 OleRegGetUserType
0x640b34 ReadFmtUserTypeStg
0x640b38 ReadClassStg
0x640b3c CreateBindCtx
0x640b40 ReleaseStgMedium
0x640b44 CoTaskMemAlloc
0x640b48 StringFromCLSID
0x640b4c OleRun
0x640b50 CoRegisterMessageFilter
0x640b54 OleFlushClipboard
0x640b58 OleIsCurrentClipboard
0x640b5c OleSetClipboard
0x640b60 CoRevokeClassObject
0x640b64 CoRegisterClassObject
0x640b68 CoGetClassObject
0x640b6c CoInitializeEx
0x640b70 CoUninitialize
0x640b74 CLSIDFromString
0x640b78 StringFromGUID2
0x640b7c CoDisconnectObject
0x640b80 OleInitialize
0x640b84 CoFreeUnusedLibraries
0x640b88 OleUninitialize
0x640b8c OleDuplicateData
OLEAUT32.dll
0x64059c VarDateFromStr
0x6405a0 OleLoadPicture
0x6405a4 OleLoadPicturePath
0x6405a8 SysFreeString
0x6405ac SysStringLen
0x6405b0 SysAllocStringByteLen
0x6405b4 SysStringByteLen
0x6405b8 SysAllocStringLen
0x6405bc VariantClear
0x6405c0 VariantChangeType
0x6405c4 SystemTimeToVariantTime
0x6405c8 RegisterTypeLib
0x6405cc LoadTypeLib
0x6405d0 LoadRegTypeLib
0x6405d4 SafeArrayUnaccessData
0x6405d8 SafeArrayAccessData
0x6405dc SafeArrayGetUBound
0x6405e0 SafeArrayGetLBound
0x6405e4 SafeArrayGetElemsize
0x6405e8 SafeArrayGetDim
0x6405ec SafeArrayCreate
0x6405f0 VariantInit
0x6405f4 VariantTimeToSystemTime
0x6405f8 SafeArrayRedim
0x6405fc VariantCopy
0x640600 SafeArrayAllocData
0x640604 SafeArrayAllocDescriptor
0x640608 SafeArrayCopy
0x64060c SafeArrayGetElement
0x640610 SafeArrayPtrOfIndex
0x640614 SafeArrayPutElement
0x640618 SafeArrayLock
0x64061c SafeArrayUnlock
0x640620 SafeArrayDestroy
0x640624 SafeArrayDestroyData
0x640628 SafeArrayDestroyDescriptor
0x64062c SysReAllocStringLen
0x640630 VarCyFromStr
0x640634 VarBstrFromCy
0x640638 VarBstrFromDec
0x64063c VarDecFromStr
0x640640 VarBstrFromDate
0x640644 SysAllocString
WS2_32.dll
0x640a04 WSASetLastError
0x640a08 WSAAsyncSelect
0x640a0c htons
0x640a10 htonl
0x640a14 getnameinfo
0x640a18 ntohs
0x640a1c select
0x640a20 socket
0x640a24 shutdown
0x640a28 sendto
0x640a2c send
0x640a30 recvfrom
0x640a34 recv
0x640a38 WSACreateEvent
0x640a3c gethostname
0x640a40 WSAEnumNetworkEvents
0x640a44 ioctlsocket
0x640a48 connect
0x640a4c ind
0x640a50 getsockopt
0x640a54 setsockopt
0x640a58 accept
0x640a5c getsockname
0x640a60 getpeername
0x640a64 GetAddrInfoW
0x640a68 FreeAddrInfoW
0x640a6c closesocket
0x640a70 WSAGetLastError
0x640a74 inet_addr
0x640a78 gethostbyaddr
0x640a7c gethostbyname
0x640a80 listen
0x640a84 WSACleanup
0x640a88 WSACloseEvent
0x640a8c inet_ntoa
0x640a90 WSAEventSelect
0x640a94 WSAStartup
RPCRT4.dll
0x64064c RpcStringFreeW
0x640650 UuidToStringW
0x640654 UuidCreate
EAT(Export Address Table) is none