ScreenShot
| Created | 2025.02.26 10:03 | Machine | s1_win7_x6401 |
| Filename | pccleaner_setup.exe | ||
| Type | PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 48 detected (AIDetectMalware, Chaos, Malicious, score, Ransomware, Small, Unsafe, Save, confidence, 100%, Attribute, HighConfidence, high confidence, Filecoder, FileRepMalware, Misc, Hydracrypt, Destructor, CLASSIC, AGEN, SMLKC, Static AI, Suspicious PE, Reconyc, bqgj, Detected, Remind, Azorult, Eldorado, Artemis, DelShad, Yylw) | ||
| md5 | afc111650ae361b1842619760fa91be2 | ||
| sha256 | c475aaae514ef35c9606a262481087a8a29fe59d2df132c8737e44c8e234bb73 | ||
| ssdeep | 24576:UDLjcheV9PUNZoMe+wL8On+wKGi0JPrVI+myKwOS6zs65v:EJUxwFPrXKqIZt | ||
| imphash | c4dfd81799750b8216e23427ad6f5f1c | ||
| impfuzzy | 96:z+RG1w8qx42FqrTaJorYgrdiccpF1s3W0EIOZfARv+m/KsXW14W:z91axBFqrNrYgpv3GIOZIRv+mCsU1 | ||
Network IP location
Signature (3cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 48 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| info | The executable uses a known packer |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_2_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Antivirus | Contains references to security software | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
MSVCRT.dll
0x4ed330 system
0x4ed334 setlocale
0x4ed338 _except_handler3
0x4ed33c __set_app_type
0x4ed340 __p__fmode
0x4ed344 __p__commode
0x4ed348 _adjust_fdiv
0x4ed34c __setusermatherr
0x4ed350 _initterm
0x4ed354 __getmainargs
0x4ed358 _acmdln
0x4ed35c exit
0x4ed360 _XcptFilter
0x4ed364 _exit
0x4ed368 _onexit
0x4ed36c __dllonexit
0x4ed370 _controlfp
0x4ed374 memcpy
0x4ed378 memset
0x4ed37c log10
0x4ed380 _wfopen
0x4ed384 fseek
0x4ed388 fclose
0x4ed38c wcsncpy
0x4ed390 wcslen
0x4ed394 wcscpy
0x4ed398 wcscat
0x4ed39c wcscmp
0x4ed3a0 memmove
0x4ed3a4 memcmp
0x4ed3a8 _stricmp
0x4ed3ac sscanf
0x4ed3b0 atoi
0x4ed3b4 strlen
0x4ed3b8 strcpy
0x4ed3bc strcat
0x4ed3c0 sprintf
0x4ed3c4 malloc
0x4ed3c8 free
0x4ed3cc _wstat
0x4ed3d0 _wcsdup
0x4ed3d4 strcmp
0x4ed3d8 _isnan
0x4ed3dc _finite
0x4ed3e0 fread
0x4ed3e4 longjmp
0x4ed3e8 _setjmp3
0x4ed3ec ftell
0x4ed3f0 _wcsicmp
0x4ed3f4 wcsncmp
0x4ed3f8 _snwprintf
0x4ed3fc tolower
0x4ed400 floor
0x4ed404 localtime
0x4ed408 mktime
0x4ed40c _wcsnicmp
0x4ed410 _itow
0x4ed414 gmtime
0x4ed418 pow
0x4ed41c ??3@YAXPAX@Z
0x4ed420 wcsstr
0x4ed424 ceil
0x4ed428 _CIpow
0x4ed42c calloc
0x4ed430 _errno
0x4ed434 strrchr
0x4ed438 strchr
0x4ed43c strncpy
0x4ed440 memchr
0x4ed444 strncmp
0x4ed448 _strdup
0x4ed44c _close
0x4ed450 _lseeki64
0x4ed454 realloc
0x4ed458 _snprintf
0x4ed45c abort
0x4ed460 _wopen
0x4ed464 _setmode
0x4ed468 wcschr
0x4ed46c _open_osfhandle
0x4ed470 wctomb
0x4ed474 _get_osfhandle
0x4ed478 _open
0x4ed47c toupper
0x4ed480 mbstowcs
0x4ed484 time
0x4ed488 qsort
0x4ed48c ctime
0x4ed490 strcspn
0x4ed494 strftime
0x4ed498 frexp
0x4ed49c modf
0x4ed4a0 fopen
0x4ed4a4 strerror
0x4ed4a8 atof
0x4ed4ac fflush
0x4ed4b0 fwrite
0x4ed4b4 __p__iob
0x4ed4b8 fprintf
0x4ed4bc getenv
0x4ed4c0 _stati64
0x4ed4c4 _ftime
0x4ed4c8 _vsnwprintf
0x4ed4cc cos
0x4ed4d0 fmod
0x4ed4d4 sin
0x4ed4d8 abs
KERNEL32.dll
0x4ed4e0 GetSystemInfo
0x4ed4e4 GetDiskFreeSpaceExW
0x4ed4e8 HeapDestroy
0x4ed4ec ExitProcess
0x4ed4f0 GetUserDefaultLangID
0x4ed4f4 GetModuleHandleW
0x4ed4f8 HeapCreate
0x4ed4fc CreateMutexW
0x4ed500 LoadLibraryW
0x4ed504 GetLastError
0x4ed508 CloseHandle
0x4ed50c FindResourceW
0x4ed510 LoadResource
0x4ed514 FreeLibrary
0x4ed518 SizeofResource
0x4ed51c LockResource
0x4ed520 ExpandEnvironmentStringsW
0x4ed524 GetCurrentProcess
0x4ed528 GetStartupInfoA
0x4ed52c GetModuleHandleA
0x4ed530 EnterCriticalSection
0x4ed534 LeaveCriticalSection
0x4ed538 InitializeCriticalSection
0x4ed53c WaitForSingleObject
0x4ed540 CreateThread
0x4ed544 HeapAlloc
0x4ed548 HeapFree
0x4ed54c Sleep
0x4ed550 CreateFileW
0x4ed554 GetFileSize
0x4ed558 ReadFile
0x4ed55c GetProcAddress
0x4ed560 GetCurrentProcessId
0x4ed564 GetCurrentThreadId
0x4ed568 GetEnvironmentVariableW
0x4ed56c SetEnvironmentVariableW
0x4ed570 DuplicateHandle
0x4ed574 CreatePipe
0x4ed578 GetStdHandle
0x4ed57c CreateProcessW
0x4ed580 GetModuleFileNameW
0x4ed584 GetProfileStringW
0x4ed588 SetFilePointer
0x4ed58c WideCharToMultiByte
0x4ed590 MultiByteToWideChar
0x4ed594 SetEndOfFile
0x4ed598 WriteFile
0x4ed59c DeleteFileW
0x4ed5a0 HeapReAlloc
0x4ed5a4 GetVersionExW
0x4ed5a8 SetLastError
0x4ed5ac FindFirstFileW
0x4ed5b0 FindNextFileW
0x4ed5b4 FindClose
0x4ed5b8 SetFileAttributesW
0x4ed5bc RemoveDirectoryW
0x4ed5c0 GetDriveTypeW
0x4ed5c4 GetFileAttributesW
0x4ed5c8 CopyFileW
0x4ed5cc GetTempPathW
0x4ed5d0 MulDiv
0x4ed5d4 GetLocalTime
0x4ed5d8 TlsSetValue
0x4ed5dc TlsGetValue
0x4ed5e0 TlsAlloc
0x4ed5e4 GlobalFree
0x4ed5e8 GlobalAlloc
0x4ed5ec TlsFree
0x4ed5f0 DeleteCriticalSection
0x4ed5f4 InterlockedCompareExchange
0x4ed5f8 InterlockedExchange
0x4ed5fc HeapSize
0x4ed600 VirtualAlloc
0x4ed604 VirtualFree
0x4ed608 IsProcessorFeaturePresent
0x4ed60c IsValidCodePage
0x4ed610 GetACP
0x4ed614 GetOEMCP
0x4ed618 GetFileType
0x4ed61c PeekNamedPipe
0x4ed620 GetFileInformationByHandle
0x4ed624 GetFileAttributesA
0x4ed628 CreateFileA
0x4ed62c GetExitCodeProcess
0x4ed630 GetFullPathNameW
0x4ed634 UnregisterWait
0x4ed638 GetCurrentThread
0x4ed63c RegisterWaitForSingleObject
USER32.dll
0x4ed644 SendMessageW
0x4ed648 GetSysColor
0x4ed64c RedrawWindow
0x4ed650 SetRect
0x4ed654 GetWindowTextLengthW
0x4ed658 GetWindowLongW
0x4ed65c GetDlgCtrlID
0x4ed660 GetActiveWindow
0x4ed664 DestroyIcon
0x4ed668 SetWindowLongW
0x4ed66c UpdateLayeredWindow
0x4ed670 IsWindowEnabled
0x4ed674 IsWindowVisible
0x4ed678 ExitWindowsEx
0x4ed67c LoadIconW
0x4ed680 RegisterClassExW
0x4ed684 CreateWindowExW
0x4ed688 BeginPaint
0x4ed68c EndPaint
0x4ed690 DefWindowProcW
0x4ed694 MessageBoxW
0x4ed698 PostMessageW
0x4ed69c GetForegroundWindow
0x4ed6a0 GetWindowThreadProcessId
0x4ed6a4 EnableWindow
0x4ed6a8 EnumWindows
0x4ed6ac SetWindowPos
0x4ed6b0 GetWindowTextW
0x4ed6b4 GetWindowRect
0x4ed6b8 GetParent
0x4ed6bc MapWindowPoints
0x4ed6c0 MoveWindow
0x4ed6c4 InvalidateRect
0x4ed6c8 DestroyWindow
0x4ed6cc GetDC
0x4ed6d0 GetSystemMetrics
0x4ed6d4 ReleaseDC
0x4ed6d8 ScreenToClient
0x4ed6dc ClientToScreen
0x4ed6e0 SetFocus
0x4ed6e4 ShowWindow
0x4ed6e8 CallWindowProcW
0x4ed6ec GetClientRect
0x4ed6f0 FillRect
0x4ed6f4 LoadCursorW
0x4ed6f8 SetClassLongW
0x4ed6fc GetIconInfo
0x4ed700 UpdateWindow
0x4ed704 ReleaseCapture
0x4ed708 DrawStateW
0x4ed70c SetCapture
0x4ed710 GetSysColorBrush
0x4ed714 DrawTextW
0x4ed718 ValidateRect
0x4ed71c RemovePropW
0x4ed720 SetPropW
0x4ed724 GetWindow
0x4ed728 GetAsyncKeyState
0x4ed72c SetWindowTextW
0x4ed730 GetPropW
0x4ed734 SetScrollPos
0x4ed738 InflateRect
0x4ed73c GetWindowDC
0x4ed740 SystemParametersInfoW
0x4ed744 GetFocus
0x4ed748 GetClassNameW
0x4ed74c EnumPropsExW
0x4ed750 RegisterClassW
0x4ed754 AdjustWindowRectEx
0x4ed758 UnregisterClassW
0x4ed75c CreateAcceleratorTableW
0x4ed760 GetMenu
0x4ed764 DestroyAcceleratorTable
0x4ed768 SetActiveWindow
0x4ed76c IsZoomed
0x4ed770 IsIconic
0x4ed774 SetTimer
0x4ed778 PeekMessageW
0x4ed77c MsgWaitForMultipleObjects
0x4ed780 GetMessageW
0x4ed784 TranslateAcceleratorW
0x4ed788 TranslateMessage
0x4ed78c DispatchMessageW
0x4ed790 KillTimer
0x4ed794 DefFrameProcW
0x4ed798 EnumChildWindows
0x4ed79c GetKeyState
0x4ed7a0 IsChild
0x4ed7a4 RegisterWindowMessageW
0x4ed7a8 CreateIconFromResourceEx
0x4ed7ac CreateIconFromResource
0x4ed7b0 CharLowerW
0x4ed7b4 DrawIconEx
GDI32.dll
0x4ed7bc StartDocW
0x4ed7c0 GetMapMode
0x4ed7c4 SetMapMode
0x4ed7c8 GetDeviceCaps
0x4ed7cc DPtoLP
0x4ed7d0 StartPage
0x4ed7d4 EndPage
0x4ed7d8 EndDoc
0x4ed7dc SetBkColor
0x4ed7e0 GetStockObject
0x4ed7e4 CreateDCW
0x4ed7e8 SelectObject
0x4ed7ec GetTextExtentPoint32W
0x4ed7f0 GetObjectType
0x4ed7f4 GetObjectW
0x4ed7f8 DeleteObject
0x4ed7fc SetTextColor
0x4ed800 ExcludeClipRect
0x4ed804 CreateFontIndirectW
0x4ed808 CreateSolidBrush
0x4ed80c SelectClipRgn
0x4ed810 CreateRectRgnIndirect
0x4ed814 GetClipRgn
0x4ed818 ExtSelectClipRgn
0x4ed81c CreateCompatibleBitmap
0x4ed820 CreateCompatibleDC
0x4ed824 DeleteDC
0x4ed828 GdiGetBatchLimit
0x4ed82c GdiSetBatchLimit
0x4ed830 BitBlt
0x4ed834 SetStretchBltMode
0x4ed838 SetBrushOrgEx
0x4ed83c StretchBlt
0x4ed840 CreateDIBSection
0x4ed844 CreateBitmap
0x4ed848 SetPixel
0x4ed84c GetDIBits
0x4ed850 CreateFontW
0x4ed854 SetBkMode
0x4ed858 SetTextAlign
0x4ed85c TextOutW
0x4ed860 GetTextMetricsW
0x4ed864 GetPixel
COMDLG32.dll
0x4ed86c PrintDlgW
ADVAPI32.dll
0x4ed874 RegCreateKeyExW
0x4ed878 RegCloseKey
0x4ed87c RegSetValueExW
0x4ed880 RegQueryValueExW
0x4ed884 RegOpenKeyExW
0x4ed888 OpenProcessToken
0x4ed88c LookupPrivilegeValueW
0x4ed890 AdjustTokenPrivileges
0x4ed894 GetUserNameW
0x4ed898 CryptAcquireContextW
0x4ed89c CryptGenRandom
0x4ed8a0 CryptReleaseContext
0x4ed8a4 CryptHashData
0x4ed8a8 CryptGetHashParam
0x4ed8ac CryptDestroyHash
0x4ed8b0 CryptCreateHash
ole32.dll
0x4ed8b8 CoTaskMemFree
0x4ed8bc CoUninitialize
0x4ed8c0 CoInitialize
0x4ed8c4 CoCreateInstance
0x4ed8c8 CoCreateGuid
0x4ed8cc StringFromGUID2
0x4ed8d0 RevokeDragDrop
SHELL32.dll
0x4ed8d8 None
0x4ed8dc SHGetSpecialFolderLocation
0x4ed8e0 SHGetPathFromIDListW
0x4ed8e4 SHGetFileInfoW
0x4ed8e8 SHBrowseForFolderW
0x4ed8ec ExtractIconW
0x4ed8f0 ShellExecuteExW
gdiplus.dll
0x4ed8f8 GdipDeleteFont
0x4ed8fc GdipDeleteGraphics
0x4ed900 GdipDeletePath
0x4ed904 GdipDeleteMatrix
0x4ed908 GdipDeletePen
0x4ed90c GdipDeleteStringFormat
0x4ed910 GdipFree
0x4ed914 GdipGetDpiX
0x4ed918 GdipGetDpiY
COMCTL32.dll
0x4ed920 InitCommonControlsEx
0x4ed924 ImageList_Replace
0x4ed928 ImageList_Add
0x4ed92c ImageList_ReplaceIcon
0x4ed930 ImageList_Remove
0x4ed934 ImageList_AddMasked
0x4ed938 ImageList_Destroy
0x4ed93c ImageList_Create
EAT(Export Address Table) is none
MSVCRT.dll
0x4ed330 system
0x4ed334 setlocale
0x4ed338 _except_handler3
0x4ed33c __set_app_type
0x4ed340 __p__fmode
0x4ed344 __p__commode
0x4ed348 _adjust_fdiv
0x4ed34c __setusermatherr
0x4ed350 _initterm
0x4ed354 __getmainargs
0x4ed358 _acmdln
0x4ed35c exit
0x4ed360 _XcptFilter
0x4ed364 _exit
0x4ed368 _onexit
0x4ed36c __dllonexit
0x4ed370 _controlfp
0x4ed374 memcpy
0x4ed378 memset
0x4ed37c log10
0x4ed380 _wfopen
0x4ed384 fseek
0x4ed388 fclose
0x4ed38c wcsncpy
0x4ed390 wcslen
0x4ed394 wcscpy
0x4ed398 wcscat
0x4ed39c wcscmp
0x4ed3a0 memmove
0x4ed3a4 memcmp
0x4ed3a8 _stricmp
0x4ed3ac sscanf
0x4ed3b0 atoi
0x4ed3b4 strlen
0x4ed3b8 strcpy
0x4ed3bc strcat
0x4ed3c0 sprintf
0x4ed3c4 malloc
0x4ed3c8 free
0x4ed3cc _wstat
0x4ed3d0 _wcsdup
0x4ed3d4 strcmp
0x4ed3d8 _isnan
0x4ed3dc _finite
0x4ed3e0 fread
0x4ed3e4 longjmp
0x4ed3e8 _setjmp3
0x4ed3ec ftell
0x4ed3f0 _wcsicmp
0x4ed3f4 wcsncmp
0x4ed3f8 _snwprintf
0x4ed3fc tolower
0x4ed400 floor
0x4ed404 localtime
0x4ed408 mktime
0x4ed40c _wcsnicmp
0x4ed410 _itow
0x4ed414 gmtime
0x4ed418 pow
0x4ed41c ??3@YAXPAX@Z
0x4ed420 wcsstr
0x4ed424 ceil
0x4ed428 _CIpow
0x4ed42c calloc
0x4ed430 _errno
0x4ed434 strrchr
0x4ed438 strchr
0x4ed43c strncpy
0x4ed440 memchr
0x4ed444 strncmp
0x4ed448 _strdup
0x4ed44c _close
0x4ed450 _lseeki64
0x4ed454 realloc
0x4ed458 _snprintf
0x4ed45c abort
0x4ed460 _wopen
0x4ed464 _setmode
0x4ed468 wcschr
0x4ed46c _open_osfhandle
0x4ed470 wctomb
0x4ed474 _get_osfhandle
0x4ed478 _open
0x4ed47c toupper
0x4ed480 mbstowcs
0x4ed484 time
0x4ed488 qsort
0x4ed48c ctime
0x4ed490 strcspn
0x4ed494 strftime
0x4ed498 frexp
0x4ed49c modf
0x4ed4a0 fopen
0x4ed4a4 strerror
0x4ed4a8 atof
0x4ed4ac fflush
0x4ed4b0 fwrite
0x4ed4b4 __p__iob
0x4ed4b8 fprintf
0x4ed4bc getenv
0x4ed4c0 _stati64
0x4ed4c4 _ftime
0x4ed4c8 _vsnwprintf
0x4ed4cc cos
0x4ed4d0 fmod
0x4ed4d4 sin
0x4ed4d8 abs
KERNEL32.dll
0x4ed4e0 GetSystemInfo
0x4ed4e4 GetDiskFreeSpaceExW
0x4ed4e8 HeapDestroy
0x4ed4ec ExitProcess
0x4ed4f0 GetUserDefaultLangID
0x4ed4f4 GetModuleHandleW
0x4ed4f8 HeapCreate
0x4ed4fc CreateMutexW
0x4ed500 LoadLibraryW
0x4ed504 GetLastError
0x4ed508 CloseHandle
0x4ed50c FindResourceW
0x4ed510 LoadResource
0x4ed514 FreeLibrary
0x4ed518 SizeofResource
0x4ed51c LockResource
0x4ed520 ExpandEnvironmentStringsW
0x4ed524 GetCurrentProcess
0x4ed528 GetStartupInfoA
0x4ed52c GetModuleHandleA
0x4ed530 EnterCriticalSection
0x4ed534 LeaveCriticalSection
0x4ed538 InitializeCriticalSection
0x4ed53c WaitForSingleObject
0x4ed540 CreateThread
0x4ed544 HeapAlloc
0x4ed548 HeapFree
0x4ed54c Sleep
0x4ed550 CreateFileW
0x4ed554 GetFileSize
0x4ed558 ReadFile
0x4ed55c GetProcAddress
0x4ed560 GetCurrentProcessId
0x4ed564 GetCurrentThreadId
0x4ed568 GetEnvironmentVariableW
0x4ed56c SetEnvironmentVariableW
0x4ed570 DuplicateHandle
0x4ed574 CreatePipe
0x4ed578 GetStdHandle
0x4ed57c CreateProcessW
0x4ed580 GetModuleFileNameW
0x4ed584 GetProfileStringW
0x4ed588 SetFilePointer
0x4ed58c WideCharToMultiByte
0x4ed590 MultiByteToWideChar
0x4ed594 SetEndOfFile
0x4ed598 WriteFile
0x4ed59c DeleteFileW
0x4ed5a0 HeapReAlloc
0x4ed5a4 GetVersionExW
0x4ed5a8 SetLastError
0x4ed5ac FindFirstFileW
0x4ed5b0 FindNextFileW
0x4ed5b4 FindClose
0x4ed5b8 SetFileAttributesW
0x4ed5bc RemoveDirectoryW
0x4ed5c0 GetDriveTypeW
0x4ed5c4 GetFileAttributesW
0x4ed5c8 CopyFileW
0x4ed5cc GetTempPathW
0x4ed5d0 MulDiv
0x4ed5d4 GetLocalTime
0x4ed5d8 TlsSetValue
0x4ed5dc TlsGetValue
0x4ed5e0 TlsAlloc
0x4ed5e4 GlobalFree
0x4ed5e8 GlobalAlloc
0x4ed5ec TlsFree
0x4ed5f0 DeleteCriticalSection
0x4ed5f4 InterlockedCompareExchange
0x4ed5f8 InterlockedExchange
0x4ed5fc HeapSize
0x4ed600 VirtualAlloc
0x4ed604 VirtualFree
0x4ed608 IsProcessorFeaturePresent
0x4ed60c IsValidCodePage
0x4ed610 GetACP
0x4ed614 GetOEMCP
0x4ed618 GetFileType
0x4ed61c PeekNamedPipe
0x4ed620 GetFileInformationByHandle
0x4ed624 GetFileAttributesA
0x4ed628 CreateFileA
0x4ed62c GetExitCodeProcess
0x4ed630 GetFullPathNameW
0x4ed634 UnregisterWait
0x4ed638 GetCurrentThread
0x4ed63c RegisterWaitForSingleObject
USER32.dll
0x4ed644 SendMessageW
0x4ed648 GetSysColor
0x4ed64c RedrawWindow
0x4ed650 SetRect
0x4ed654 GetWindowTextLengthW
0x4ed658 GetWindowLongW
0x4ed65c GetDlgCtrlID
0x4ed660 GetActiveWindow
0x4ed664 DestroyIcon
0x4ed668 SetWindowLongW
0x4ed66c UpdateLayeredWindow
0x4ed670 IsWindowEnabled
0x4ed674 IsWindowVisible
0x4ed678 ExitWindowsEx
0x4ed67c LoadIconW
0x4ed680 RegisterClassExW
0x4ed684 CreateWindowExW
0x4ed688 BeginPaint
0x4ed68c EndPaint
0x4ed690 DefWindowProcW
0x4ed694 MessageBoxW
0x4ed698 PostMessageW
0x4ed69c GetForegroundWindow
0x4ed6a0 GetWindowThreadProcessId
0x4ed6a4 EnableWindow
0x4ed6a8 EnumWindows
0x4ed6ac SetWindowPos
0x4ed6b0 GetWindowTextW
0x4ed6b4 GetWindowRect
0x4ed6b8 GetParent
0x4ed6bc MapWindowPoints
0x4ed6c0 MoveWindow
0x4ed6c4 InvalidateRect
0x4ed6c8 DestroyWindow
0x4ed6cc GetDC
0x4ed6d0 GetSystemMetrics
0x4ed6d4 ReleaseDC
0x4ed6d8 ScreenToClient
0x4ed6dc ClientToScreen
0x4ed6e0 SetFocus
0x4ed6e4 ShowWindow
0x4ed6e8 CallWindowProcW
0x4ed6ec GetClientRect
0x4ed6f0 FillRect
0x4ed6f4 LoadCursorW
0x4ed6f8 SetClassLongW
0x4ed6fc GetIconInfo
0x4ed700 UpdateWindow
0x4ed704 ReleaseCapture
0x4ed708 DrawStateW
0x4ed70c SetCapture
0x4ed710 GetSysColorBrush
0x4ed714 DrawTextW
0x4ed718 ValidateRect
0x4ed71c RemovePropW
0x4ed720 SetPropW
0x4ed724 GetWindow
0x4ed728 GetAsyncKeyState
0x4ed72c SetWindowTextW
0x4ed730 GetPropW
0x4ed734 SetScrollPos
0x4ed738 InflateRect
0x4ed73c GetWindowDC
0x4ed740 SystemParametersInfoW
0x4ed744 GetFocus
0x4ed748 GetClassNameW
0x4ed74c EnumPropsExW
0x4ed750 RegisterClassW
0x4ed754 AdjustWindowRectEx
0x4ed758 UnregisterClassW
0x4ed75c CreateAcceleratorTableW
0x4ed760 GetMenu
0x4ed764 DestroyAcceleratorTable
0x4ed768 SetActiveWindow
0x4ed76c IsZoomed
0x4ed770 IsIconic
0x4ed774 SetTimer
0x4ed778 PeekMessageW
0x4ed77c MsgWaitForMultipleObjects
0x4ed780 GetMessageW
0x4ed784 TranslateAcceleratorW
0x4ed788 TranslateMessage
0x4ed78c DispatchMessageW
0x4ed790 KillTimer
0x4ed794 DefFrameProcW
0x4ed798 EnumChildWindows
0x4ed79c GetKeyState
0x4ed7a0 IsChild
0x4ed7a4 RegisterWindowMessageW
0x4ed7a8 CreateIconFromResourceEx
0x4ed7ac CreateIconFromResource
0x4ed7b0 CharLowerW
0x4ed7b4 DrawIconEx
GDI32.dll
0x4ed7bc StartDocW
0x4ed7c0 GetMapMode
0x4ed7c4 SetMapMode
0x4ed7c8 GetDeviceCaps
0x4ed7cc DPtoLP
0x4ed7d0 StartPage
0x4ed7d4 EndPage
0x4ed7d8 EndDoc
0x4ed7dc SetBkColor
0x4ed7e0 GetStockObject
0x4ed7e4 CreateDCW
0x4ed7e8 SelectObject
0x4ed7ec GetTextExtentPoint32W
0x4ed7f0 GetObjectType
0x4ed7f4 GetObjectW
0x4ed7f8 DeleteObject
0x4ed7fc SetTextColor
0x4ed800 ExcludeClipRect
0x4ed804 CreateFontIndirectW
0x4ed808 CreateSolidBrush
0x4ed80c SelectClipRgn
0x4ed810 CreateRectRgnIndirect
0x4ed814 GetClipRgn
0x4ed818 ExtSelectClipRgn
0x4ed81c CreateCompatibleBitmap
0x4ed820 CreateCompatibleDC
0x4ed824 DeleteDC
0x4ed828 GdiGetBatchLimit
0x4ed82c GdiSetBatchLimit
0x4ed830 BitBlt
0x4ed834 SetStretchBltMode
0x4ed838 SetBrushOrgEx
0x4ed83c StretchBlt
0x4ed840 CreateDIBSection
0x4ed844 CreateBitmap
0x4ed848 SetPixel
0x4ed84c GetDIBits
0x4ed850 CreateFontW
0x4ed854 SetBkMode
0x4ed858 SetTextAlign
0x4ed85c TextOutW
0x4ed860 GetTextMetricsW
0x4ed864 GetPixel
COMDLG32.dll
0x4ed86c PrintDlgW
ADVAPI32.dll
0x4ed874 RegCreateKeyExW
0x4ed878 RegCloseKey
0x4ed87c RegSetValueExW
0x4ed880 RegQueryValueExW
0x4ed884 RegOpenKeyExW
0x4ed888 OpenProcessToken
0x4ed88c LookupPrivilegeValueW
0x4ed890 AdjustTokenPrivileges
0x4ed894 GetUserNameW
0x4ed898 CryptAcquireContextW
0x4ed89c CryptGenRandom
0x4ed8a0 CryptReleaseContext
0x4ed8a4 CryptHashData
0x4ed8a8 CryptGetHashParam
0x4ed8ac CryptDestroyHash
0x4ed8b0 CryptCreateHash
ole32.dll
0x4ed8b8 CoTaskMemFree
0x4ed8bc CoUninitialize
0x4ed8c0 CoInitialize
0x4ed8c4 CoCreateInstance
0x4ed8c8 CoCreateGuid
0x4ed8cc StringFromGUID2
0x4ed8d0 RevokeDragDrop
SHELL32.dll
0x4ed8d8 None
0x4ed8dc SHGetSpecialFolderLocation
0x4ed8e0 SHGetPathFromIDListW
0x4ed8e4 SHGetFileInfoW
0x4ed8e8 SHBrowseForFolderW
0x4ed8ec ExtractIconW
0x4ed8f0 ShellExecuteExW
gdiplus.dll
0x4ed8f8 GdipDeleteFont
0x4ed8fc GdipDeleteGraphics
0x4ed900 GdipDeletePath
0x4ed904 GdipDeleteMatrix
0x4ed908 GdipDeletePen
0x4ed90c GdipDeleteStringFormat
0x4ed910 GdipFree
0x4ed914 GdipGetDpiX
0x4ed918 GdipGetDpiY
COMCTL32.dll
0x4ed920 InitCommonControlsEx
0x4ed924 ImageList_Replace
0x4ed928 ImageList_Add
0x4ed92c ImageList_ReplaceIcon
0x4ed930 ImageList_Remove
0x4ed934 ImageList_AddMasked
0x4ed938 ImageList_Destroy
0x4ed93c ImageList_Create
EAT(Export Address Table) is none