ScreenShot
| Created | 2025.02.05 11:09 | Machine | s1_win7_x6401 |
| Filename | purple.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 53 detected (AIDetectMalware, Malicious, score, Ghanarava, Barys, Unsafe, confidence, 100%, Attribute, HighConfidence, high confidence, SpywareX, ClipBanker, aclg, RustyStealer, kskzic, JmfshrYaWwS, krnio, Static AI, Suspicious PE, Detected, Eldorado, R550345, Artemis, GdSda, Gencirc, susgen, Luca) | ||
| md5 | 7f9e6ae4381a4d660ccd36287de98a4e | ||
| sha256 | 3275c8f409a58e9f6b3c85abe1603ad00d5c7349f7cf55ef7a9256bd0fa2c0e1 | ||
| ssdeep | 49152:6UdlBxm7aR7ls7zo5XKdYTfKwNnBGS2fg3pkD8UIzRwj4zigu3NsWSJS+zktYhHE:3dlN7d5XKXfQqJCHWx8M/Z9 | ||
| imphash | 38c4cd74b500cfc8c22c9298e1a309c6 | ||
| impfuzzy | 96:SQKRTxK9WZ6Sfnn4ZazaH5fcg+PxXPcWqHp+so5HT9Wv9sNgSqEfMJdd:SRaWLn4ZazaE/cW2G5HxWFCqeMJdd | ||
Network IP location
Signature (1cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 53 AntiVirus engines on VirusTotal as malicious |
Rules (7cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
kernel32.dll
0x1402ad2e8 GetFileInformationByHandle
0x1402ad2f0 GetModuleHandleA
0x1402ad2f8 GetCurrentThread
0x1402ad300 GetStdHandle
0x1402ad308 GetConsoleMode
0x1402ad310 WaitForSingleObject
0x1402ad318 WriteConsoleW
0x1402ad320 WaitForSingleObjectEx
0x1402ad328 CreateMutexA
0x1402ad330 ReleaseMutex
0x1402ad338 GetEnvironmentVariableW
0x1402ad340 RtlLookupFunctionEntry
0x1402ad348 GetModuleHandleW
0x1402ad350 FormatMessageW
0x1402ad358 GetTempPathW
0x1402ad360 GetModuleFileNameW
0x1402ad368 CreateFileW
0x1402ad370 GlobalAlloc
0x1402ad378 GetFullPathNameW
0x1402ad380 MultiByteToWideChar
0x1402ad388 FindNextFileW
0x1402ad390 CreateDirectoryW
0x1402ad398 FindFirstFileW
0x1402ad3a0 FindClose
0x1402ad3a8 WideCharToMultiByte
0x1402ad3b0 GlobalSize
0x1402ad3b8 GlobalLock
0x1402ad3c0 Sleep
0x1402ad3c8 GetEnvironmentStringsW
0x1402ad3d0 FreeEnvironmentStringsW
0x1402ad3d8 CompareStringOrdinal
0x1402ad3e0 GetSystemDirectoryW
0x1402ad3e8 GetWindowsDirectoryW
0x1402ad3f0 CreateProcessW
0x1402ad3f8 GetFileAttributesW
0x1402ad400 DuplicateHandle
0x1402ad408 GetCurrentProcessId
0x1402ad410 CreateNamedPipeW
0x1402ad418 CreateThread
0x1402ad420 ReadFileEx
0x1402ad428 SleepEx
0x1402ad430 WriteFileEx
0x1402ad438 ReleaseSRWLockExclusive
0x1402ad440 ExitProcess
0x1402ad448 QueryPerformanceCounter
0x1402ad450 QueryPerformanceFrequency
0x1402ad458 GetSystemTimeAsFileTime
0x1402ad460 GetCurrentDirectoryW
0x1402ad468 RtlCaptureContext
0x1402ad470 AcquireSRWLockShared
0x1402ad478 ReleaseSRWLockShared
0x1402ad480 CopyFileExW
0x1402ad488 SleepConditionVariableSRW
0x1402ad490 SetHandleInformation
0x1402ad498 WakeConditionVariable
0x1402ad4a0 PostQueuedCompletionStatus
0x1402ad4a8 SetFileCompletionNotificationModes
0x1402ad4b0 CreateIoCompletionPort
0x1402ad4b8 TryAcquireSRWLockExclusive
0x1402ad4c0 GetFinalPathNameByHandleW
0x1402ad4c8 SetLastError
0x1402ad4d0 GetQueuedCompletionStatusEx
0x1402ad4d8 UnhandledExceptionFilter
0x1402ad4e0 SwitchToThread
0x1402ad4e8 SetUnhandledExceptionFilter
0x1402ad4f0 GlobalUnlock
0x1402ad4f8 GlobalFree
0x1402ad500 GetProcessHeap
0x1402ad508 HeapAlloc
0x1402ad510 FileTimeToSystemTime
0x1402ad518 SystemTimeToTzSpecificLocalTime
0x1402ad520 SystemTimeToFileTime
0x1402ad528 GetTimeZoneInformation
0x1402ad530 RtlVirtualUnwind
0x1402ad538 FlushFileBuffers
0x1402ad540 GetTickCount
0x1402ad548 MapViewOfFile
0x1402ad550 CreateFileMappingW
0x1402ad558 FormatMessageA
0x1402ad560 GetSystemTime
0x1402ad568 FreeLibrary
0x1402ad570 GetFileSize
0x1402ad578 LockFileEx
0x1402ad580 LocalFree
0x1402ad588 UnlockFile
0x1402ad590 HeapDestroy
0x1402ad598 HeapCompact
0x1402ad5a0 LoadLibraryW
0x1402ad5a8 DeleteFileW
0x1402ad5b0 DeleteFileA
0x1402ad5b8 CreateFileA
0x1402ad5c0 FlushViewOfFile
0x1402ad5c8 OutputDebugStringW
0x1402ad5d0 GetFileAttributesExW
0x1402ad5d8 GetFileAttributesA
0x1402ad5e0 GetDiskFreeSpaceA
0x1402ad5e8 GetTempPathA
0x1402ad5f0 HeapSize
0x1402ad5f8 HeapValidate
0x1402ad600 UnmapViewOfFile
0x1402ad608 CreateMutexW
0x1402ad610 UnlockFileEx
0x1402ad618 SetEndOfFile
0x1402ad620 GetFullPathNameA
0x1402ad628 SetFilePointer
0x1402ad630 LockFile
0x1402ad638 OutputDebugStringA
0x1402ad640 GetDiskFreeSpaceW
0x1402ad648 WriteFile
0x1402ad650 HeapCreate
0x1402ad658 ReadFile
0x1402ad660 AreFileApisANSI
0x1402ad668 InitializeCriticalSection
0x1402ad670 EnterCriticalSection
0x1402ad678 LeaveCriticalSection
0x1402ad680 TryEnterCriticalSection
0x1402ad688 DeleteCriticalSection
0x1402ad690 GetCurrentThreadId
0x1402ad698 SetThreadStackGuarantee
0x1402ad6a0 AddVectoredExceptionHandler
0x1402ad6a8 GetCurrentProcess
0x1402ad6b0 GetProcAddress
0x1402ad6b8 LoadLibraryA
0x1402ad6c0 WakeAllConditionVariable
0x1402ad6c8 HeapReAlloc
0x1402ad6d0 GetLastError
0x1402ad6d8 GetSystemInfo
0x1402ad6e0 SetFilePointerEx
0x1402ad6e8 TerminateProcess
0x1402ad6f0 CloseHandle
0x1402ad6f8 AcquireSRWLockExclusive
0x1402ad700 IsProcessorFeaturePresent
0x1402ad708 InitializeSListHead
0x1402ad710 IsDebuggerPresent
0x1402ad718 GetFileInformationByHandleEx
0x1402ad720 HeapFree
oleaut32.dll
0x1402ad780 SafeArrayDestroy
0x1402ad788 SafeArrayAccessData
0x1402ad790 SafeArrayGetUBound
0x1402ad798 SafeArrayGetLBound
0x1402ad7a0 VariantClear
0x1402ad7a8 SysFreeString
0x1402ad7b0 SafeArrayUnaccessData
0x1402ad7b8 SysAllocStringLen
ws2_32.dll
0x1402ad868 ioctlsocket
0x1402ad870 WSASocketW
0x1402ad878 ind
0x1402ad880 listen
0x1402ad888 WSASend
0x1402ad890 accept
0x1402ad898 setsockopt
0x1402ad8a0 connect
0x1402ad8a8 getaddrinfo
0x1402ad8b0 getsockopt
0x1402ad8b8 WSAIoctl
0x1402ad8c0 freeaddrinfo
0x1402ad8c8 WSAStartup
0x1402ad8d0 WSACleanup
0x1402ad8d8 getsockname
0x1402ad8e0 WSAGetLastError
0x1402ad8e8 getpeername
0x1402ad8f0 recv
0x1402ad8f8 closesocket
0x1402ad900 send
0x1402ad908 shutdown
0x1402ad910 socket
crypt32.dll
0x1402ad220 CertFreeCertificateContext
0x1402ad228 CertFreeCertificateChain
0x1402ad230 CertCloseStore
0x1402ad238 CertDuplicateStore
0x1402ad240 CertDuplicateCertificateContext
0x1402ad248 CertVerifyCertificateChainPolicy
0x1402ad250 CryptUnprotectData
0x1402ad258 CertGetCertificateChain
0x1402ad260 CertAddCertificateContextToStore
0x1402ad268 CertEnumCertificatesInStore
0x1402ad270 CertOpenStore
0x1402ad278 CertDuplicateCertificateChain
advapi32.dll
0x1402ad050 RegCreateKeyExA
0x1402ad058 RegSetValueExA
0x1402ad060 AllocateAndInitializeSid
0x1402ad068 FreeSid
0x1402ad070 CheckTokenMembership
0x1402ad078 RegQueryValueExW
0x1402ad080 RegCloseKey
0x1402ad088 SystemFunction036
0x1402ad090 RegOpenKeyExW
crypt.dll
0x1402ad210 BCryptGenRandom
user32.dll
0x1402ad820 EnumDisplaySettingsExW
0x1402ad828 SetClipboardData
0x1402ad830 EmptyClipboard
0x1402ad838 CloseClipboard
0x1402ad840 GetClipboardData
0x1402ad848 OpenClipboard
0x1402ad850 GetMonitorInfoW
0x1402ad858 EnumDisplayMonitors
ntdll.dll
0x1402ad730 NtCreateFile
0x1402ad738 NtCancelIoFileEx
0x1402ad740 NtDeviceIoControlFile
0x1402ad748 RtlNtStatusToDosError
secur32.dll
0x1402ad7c8 InitializeSecurityContextW
0x1402ad7d0 QueryContextAttributesW
0x1402ad7d8 FreeContextBuffer
0x1402ad7e0 DeleteSecurityContext
0x1402ad7e8 EncryptMessage
0x1402ad7f0 AcceptSecurityContext
0x1402ad7f8 FreeCredentialsHandle
0x1402ad800 AcquireCredentialsHandleA
0x1402ad808 ApplyControlToken
0x1402ad810 DecryptMessage
gdi32.dll
0x1402ad288 GetDeviceCaps
0x1402ad290 DeleteDC
0x1402ad298 DeleteObject
0x1402ad2a0 CreateCompatibleDC
0x1402ad2a8 CreateCompatibleBitmap
0x1402ad2b0 SelectObject
0x1402ad2b8 SetStretchBltMode
0x1402ad2c0 StretchBlt
0x1402ad2c8 GetDIBits
0x1402ad2d0 GetObjectW
0x1402ad2d8 CreateDCW
ole32.dll
0x1402ad758 CoSetProxyBlanket
0x1402ad760 CoCreateInstance
0x1402ad768 CoInitializeSecurity
0x1402ad770 CoInitializeEx
VCRUNTIME140.dll
0x1402ad000 strrchr
0x1402ad008 memmove
0x1402ad010 memset
0x1402ad018 memcpy
0x1402ad020 memcmp
0x1402ad028 __C_specific_handler
0x1402ad030 __current_exception
0x1402ad038 __current_exception_context
0x1402ad040 __CxxFrameHandler3
api-ms-win-crt-string-l1-1-0.dll
0x1402ad1c0 strcspn
0x1402ad1c8 strcmp
0x1402ad1d0 strncmp
0x1402ad1d8 strlen
api-ms-win-crt-utility-l1-1-0.dll
0x1402ad1f8 qsort
0x1402ad200 _rotl64
api-ms-win-crt-heap-l1-1-0.dll
0x1402ad0a0 malloc
0x1402ad0a8 realloc
0x1402ad0b0 _msize
0x1402ad0b8 free
0x1402ad0c0 _set_new_mode
api-ms-win-crt-time-l1-1-0.dll
0x1402ad1e8 _localtime64_s
api-ms-win-crt-math-l1-1-0.dll
0x1402ad0e0 _dclass
0x1402ad0e8 __setusermatherr
0x1402ad0f0 log
api-ms-win-crt-runtime-l1-1-0.dll
0x1402ad100 _initialize_onexit_table
0x1402ad108 _cexit
0x1402ad110 _c_exit
0x1402ad118 _configure_narrow_argv
0x1402ad120 _initialize_narrow_environment
0x1402ad128 _beginthreadex
0x1402ad130 _get_initial_narrow_environment
0x1402ad138 _set_app_type
0x1402ad140 _initterm
0x1402ad148 _initterm_e
0x1402ad150 exit
0x1402ad158 _exit
0x1402ad160 __p___argv
0x1402ad168 terminate
0x1402ad170 __p___argc
0x1402ad178 _crt_atexit
0x1402ad180 _seh_filter_exe
0x1402ad188 _register_onexit_function
0x1402ad190 _endthreadex
0x1402ad198 _register_thread_local_exe_atexit_callback
api-ms-win-crt-stdio-l1-1-0.dll
0x1402ad1a8 __p__commode
0x1402ad1b0 _set_fmode
api-ms-win-crt-locale-l1-1-0.dll
0x1402ad0d0 _configthreadlocale
EAT(Export Address Table) is none
kernel32.dll
0x1402ad2e8 GetFileInformationByHandle
0x1402ad2f0 GetModuleHandleA
0x1402ad2f8 GetCurrentThread
0x1402ad300 GetStdHandle
0x1402ad308 GetConsoleMode
0x1402ad310 WaitForSingleObject
0x1402ad318 WriteConsoleW
0x1402ad320 WaitForSingleObjectEx
0x1402ad328 CreateMutexA
0x1402ad330 ReleaseMutex
0x1402ad338 GetEnvironmentVariableW
0x1402ad340 RtlLookupFunctionEntry
0x1402ad348 GetModuleHandleW
0x1402ad350 FormatMessageW
0x1402ad358 GetTempPathW
0x1402ad360 GetModuleFileNameW
0x1402ad368 CreateFileW
0x1402ad370 GlobalAlloc
0x1402ad378 GetFullPathNameW
0x1402ad380 MultiByteToWideChar
0x1402ad388 FindNextFileW
0x1402ad390 CreateDirectoryW
0x1402ad398 FindFirstFileW
0x1402ad3a0 FindClose
0x1402ad3a8 WideCharToMultiByte
0x1402ad3b0 GlobalSize
0x1402ad3b8 GlobalLock
0x1402ad3c0 Sleep
0x1402ad3c8 GetEnvironmentStringsW
0x1402ad3d0 FreeEnvironmentStringsW
0x1402ad3d8 CompareStringOrdinal
0x1402ad3e0 GetSystemDirectoryW
0x1402ad3e8 GetWindowsDirectoryW
0x1402ad3f0 CreateProcessW
0x1402ad3f8 GetFileAttributesW
0x1402ad400 DuplicateHandle
0x1402ad408 GetCurrentProcessId
0x1402ad410 CreateNamedPipeW
0x1402ad418 CreateThread
0x1402ad420 ReadFileEx
0x1402ad428 SleepEx
0x1402ad430 WriteFileEx
0x1402ad438 ReleaseSRWLockExclusive
0x1402ad440 ExitProcess
0x1402ad448 QueryPerformanceCounter
0x1402ad450 QueryPerformanceFrequency
0x1402ad458 GetSystemTimeAsFileTime
0x1402ad460 GetCurrentDirectoryW
0x1402ad468 RtlCaptureContext
0x1402ad470 AcquireSRWLockShared
0x1402ad478 ReleaseSRWLockShared
0x1402ad480 CopyFileExW
0x1402ad488 SleepConditionVariableSRW
0x1402ad490 SetHandleInformation
0x1402ad498 WakeConditionVariable
0x1402ad4a0 PostQueuedCompletionStatus
0x1402ad4a8 SetFileCompletionNotificationModes
0x1402ad4b0 CreateIoCompletionPort
0x1402ad4b8 TryAcquireSRWLockExclusive
0x1402ad4c0 GetFinalPathNameByHandleW
0x1402ad4c8 SetLastError
0x1402ad4d0 GetQueuedCompletionStatusEx
0x1402ad4d8 UnhandledExceptionFilter
0x1402ad4e0 SwitchToThread
0x1402ad4e8 SetUnhandledExceptionFilter
0x1402ad4f0 GlobalUnlock
0x1402ad4f8 GlobalFree
0x1402ad500 GetProcessHeap
0x1402ad508 HeapAlloc
0x1402ad510 FileTimeToSystemTime
0x1402ad518 SystemTimeToTzSpecificLocalTime
0x1402ad520 SystemTimeToFileTime
0x1402ad528 GetTimeZoneInformation
0x1402ad530 RtlVirtualUnwind
0x1402ad538 FlushFileBuffers
0x1402ad540 GetTickCount
0x1402ad548 MapViewOfFile
0x1402ad550 CreateFileMappingW
0x1402ad558 FormatMessageA
0x1402ad560 GetSystemTime
0x1402ad568 FreeLibrary
0x1402ad570 GetFileSize
0x1402ad578 LockFileEx
0x1402ad580 LocalFree
0x1402ad588 UnlockFile
0x1402ad590 HeapDestroy
0x1402ad598 HeapCompact
0x1402ad5a0 LoadLibraryW
0x1402ad5a8 DeleteFileW
0x1402ad5b0 DeleteFileA
0x1402ad5b8 CreateFileA
0x1402ad5c0 FlushViewOfFile
0x1402ad5c8 OutputDebugStringW
0x1402ad5d0 GetFileAttributesExW
0x1402ad5d8 GetFileAttributesA
0x1402ad5e0 GetDiskFreeSpaceA
0x1402ad5e8 GetTempPathA
0x1402ad5f0 HeapSize
0x1402ad5f8 HeapValidate
0x1402ad600 UnmapViewOfFile
0x1402ad608 CreateMutexW
0x1402ad610 UnlockFileEx
0x1402ad618 SetEndOfFile
0x1402ad620 GetFullPathNameA
0x1402ad628 SetFilePointer
0x1402ad630 LockFile
0x1402ad638 OutputDebugStringA
0x1402ad640 GetDiskFreeSpaceW
0x1402ad648 WriteFile
0x1402ad650 HeapCreate
0x1402ad658 ReadFile
0x1402ad660 AreFileApisANSI
0x1402ad668 InitializeCriticalSection
0x1402ad670 EnterCriticalSection
0x1402ad678 LeaveCriticalSection
0x1402ad680 TryEnterCriticalSection
0x1402ad688 DeleteCriticalSection
0x1402ad690 GetCurrentThreadId
0x1402ad698 SetThreadStackGuarantee
0x1402ad6a0 AddVectoredExceptionHandler
0x1402ad6a8 GetCurrentProcess
0x1402ad6b0 GetProcAddress
0x1402ad6b8 LoadLibraryA
0x1402ad6c0 WakeAllConditionVariable
0x1402ad6c8 HeapReAlloc
0x1402ad6d0 GetLastError
0x1402ad6d8 GetSystemInfo
0x1402ad6e0 SetFilePointerEx
0x1402ad6e8 TerminateProcess
0x1402ad6f0 CloseHandle
0x1402ad6f8 AcquireSRWLockExclusive
0x1402ad700 IsProcessorFeaturePresent
0x1402ad708 InitializeSListHead
0x1402ad710 IsDebuggerPresent
0x1402ad718 GetFileInformationByHandleEx
0x1402ad720 HeapFree
oleaut32.dll
0x1402ad780 SafeArrayDestroy
0x1402ad788 SafeArrayAccessData
0x1402ad790 SafeArrayGetUBound
0x1402ad798 SafeArrayGetLBound
0x1402ad7a0 VariantClear
0x1402ad7a8 SysFreeString
0x1402ad7b0 SafeArrayUnaccessData
0x1402ad7b8 SysAllocStringLen
ws2_32.dll
0x1402ad868 ioctlsocket
0x1402ad870 WSASocketW
0x1402ad878 ind
0x1402ad880 listen
0x1402ad888 WSASend
0x1402ad890 accept
0x1402ad898 setsockopt
0x1402ad8a0 connect
0x1402ad8a8 getaddrinfo
0x1402ad8b0 getsockopt
0x1402ad8b8 WSAIoctl
0x1402ad8c0 freeaddrinfo
0x1402ad8c8 WSAStartup
0x1402ad8d0 WSACleanup
0x1402ad8d8 getsockname
0x1402ad8e0 WSAGetLastError
0x1402ad8e8 getpeername
0x1402ad8f0 recv
0x1402ad8f8 closesocket
0x1402ad900 send
0x1402ad908 shutdown
0x1402ad910 socket
crypt32.dll
0x1402ad220 CertFreeCertificateContext
0x1402ad228 CertFreeCertificateChain
0x1402ad230 CertCloseStore
0x1402ad238 CertDuplicateStore
0x1402ad240 CertDuplicateCertificateContext
0x1402ad248 CertVerifyCertificateChainPolicy
0x1402ad250 CryptUnprotectData
0x1402ad258 CertGetCertificateChain
0x1402ad260 CertAddCertificateContextToStore
0x1402ad268 CertEnumCertificatesInStore
0x1402ad270 CertOpenStore
0x1402ad278 CertDuplicateCertificateChain
advapi32.dll
0x1402ad050 RegCreateKeyExA
0x1402ad058 RegSetValueExA
0x1402ad060 AllocateAndInitializeSid
0x1402ad068 FreeSid
0x1402ad070 CheckTokenMembership
0x1402ad078 RegQueryValueExW
0x1402ad080 RegCloseKey
0x1402ad088 SystemFunction036
0x1402ad090 RegOpenKeyExW
crypt.dll
0x1402ad210 BCryptGenRandom
user32.dll
0x1402ad820 EnumDisplaySettingsExW
0x1402ad828 SetClipboardData
0x1402ad830 EmptyClipboard
0x1402ad838 CloseClipboard
0x1402ad840 GetClipboardData
0x1402ad848 OpenClipboard
0x1402ad850 GetMonitorInfoW
0x1402ad858 EnumDisplayMonitors
ntdll.dll
0x1402ad730 NtCreateFile
0x1402ad738 NtCancelIoFileEx
0x1402ad740 NtDeviceIoControlFile
0x1402ad748 RtlNtStatusToDosError
secur32.dll
0x1402ad7c8 InitializeSecurityContextW
0x1402ad7d0 QueryContextAttributesW
0x1402ad7d8 FreeContextBuffer
0x1402ad7e0 DeleteSecurityContext
0x1402ad7e8 EncryptMessage
0x1402ad7f0 AcceptSecurityContext
0x1402ad7f8 FreeCredentialsHandle
0x1402ad800 AcquireCredentialsHandleA
0x1402ad808 ApplyControlToken
0x1402ad810 DecryptMessage
gdi32.dll
0x1402ad288 GetDeviceCaps
0x1402ad290 DeleteDC
0x1402ad298 DeleteObject
0x1402ad2a0 CreateCompatibleDC
0x1402ad2a8 CreateCompatibleBitmap
0x1402ad2b0 SelectObject
0x1402ad2b8 SetStretchBltMode
0x1402ad2c0 StretchBlt
0x1402ad2c8 GetDIBits
0x1402ad2d0 GetObjectW
0x1402ad2d8 CreateDCW
ole32.dll
0x1402ad758 CoSetProxyBlanket
0x1402ad760 CoCreateInstance
0x1402ad768 CoInitializeSecurity
0x1402ad770 CoInitializeEx
VCRUNTIME140.dll
0x1402ad000 strrchr
0x1402ad008 memmove
0x1402ad010 memset
0x1402ad018 memcpy
0x1402ad020 memcmp
0x1402ad028 __C_specific_handler
0x1402ad030 __current_exception
0x1402ad038 __current_exception_context
0x1402ad040 __CxxFrameHandler3
api-ms-win-crt-string-l1-1-0.dll
0x1402ad1c0 strcspn
0x1402ad1c8 strcmp
0x1402ad1d0 strncmp
0x1402ad1d8 strlen
api-ms-win-crt-utility-l1-1-0.dll
0x1402ad1f8 qsort
0x1402ad200 _rotl64
api-ms-win-crt-heap-l1-1-0.dll
0x1402ad0a0 malloc
0x1402ad0a8 realloc
0x1402ad0b0 _msize
0x1402ad0b8 free
0x1402ad0c0 _set_new_mode
api-ms-win-crt-time-l1-1-0.dll
0x1402ad1e8 _localtime64_s
api-ms-win-crt-math-l1-1-0.dll
0x1402ad0e0 _dclass
0x1402ad0e8 __setusermatherr
0x1402ad0f0 log
api-ms-win-crt-runtime-l1-1-0.dll
0x1402ad100 _initialize_onexit_table
0x1402ad108 _cexit
0x1402ad110 _c_exit
0x1402ad118 _configure_narrow_argv
0x1402ad120 _initialize_narrow_environment
0x1402ad128 _beginthreadex
0x1402ad130 _get_initial_narrow_environment
0x1402ad138 _set_app_type
0x1402ad140 _initterm
0x1402ad148 _initterm_e
0x1402ad150 exit
0x1402ad158 _exit
0x1402ad160 __p___argv
0x1402ad168 terminate
0x1402ad170 __p___argc
0x1402ad178 _crt_atexit
0x1402ad180 _seh_filter_exe
0x1402ad188 _register_onexit_function
0x1402ad190 _endthreadex
0x1402ad198 _register_thread_local_exe_atexit_callback
api-ms-win-crt-stdio-l1-1-0.dll
0x1402ad1a8 __p__commode
0x1402ad1b0 _set_fmode
api-ms-win-crt-locale-l1-1-0.dll
0x1402ad0d0 _configthreadlocale
EAT(Export Address Table) is none