ScreenShot
| Created | 2025.03.21 09:09 | Machine | s1_win7_x6401 |
| Filename | cvvs.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | 49 detected (AIDetectMalware, ModiLoader, Malicious, score, Fareit, Jaik, Unsafe, confidence, Cerbu, Attribute, HighConfidence, high confidence, DropperX, CLASSIC, AGEN, moderate, Static AI, Suspicious PE, Detected, Wacatac, Eldorado, Artemis, PE04C9V, susgen) | ||
| md5 | 17ffd8a0d8bf24a59671db67e0910e80 | ||
| sha256 | fa6ec12f35910f73e041be58cd4ac6b7b1ae836879e2960f6d38fc66e2f870c5 | ||
| ssdeep | 24576:Y7Xq053vvr3puceyFtyPLmE5APTE6LCTRny15RGmff3+fxXNfgM:8Dv6BAbEAMnyvR9Xcxd4M | ||
| imphash | 4d829affd21396c7cefcdebb532b5ea2 | ||
| impfuzzy | 192:o13MDbuu0xSUvK9kso1XEpeFLtQG1QpPOQO:C3m0q9uh1OPOQO | ||
Network IP location
Signature (19cnts)
| Level | Description |
|---|---|
| danger | File has been identified by 49 AntiVirus engines on VirusTotal as malicious |
| danger | Executed a process and injected code into it |
| watch | Allocates execute permission to another process indicative of possible code injection |
| watch | Deletes executed files from disk |
| watch | Manipulates memory of a non-child process indicative of process injection |
| watch | Resumed a suspended thread in a remote process potentially indicative of process injection |
| watch | Used NtSetContextThread to modify a thread in a remote process indicative of process injection |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Changes read-write memory protection to read-execute (probably to avoid detection when setting all RWX flags at the same time) |
| notice | Creates a suspicious process |
| notice | Creates executable files on the filesystem |
| notice | Drops a binary and executes it |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Uses Windows utilities for basic Windows functionality |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Command line console output was observed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (10cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Admin_Tool_IN_Zero | Admin Tool Sysinternals | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (download) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x583744 SysFreeString
0x583748 SysReAllocStringLen
0x58374c SysAllocStringLen
advapi32.dll
0x583754 RegQueryValueExA
0x583758 RegOpenKeyExA
0x58375c RegCloseKey
user32.dll
0x583764 GetKeyboardType
0x583768 DestroyWindow
0x58376c LoadStringA
0x583770 MessageBoxA
0x583774 CharNextA
kernel32.dll
0x58377c GetACP
0x583780 Sleep
0x583784 VirtualFree
0x583788 VirtualAlloc
0x58378c GetCurrentThreadId
0x583790 InterlockedDecrement
0x583794 InterlockedIncrement
0x583798 VirtualQuery
0x58379c WideCharToMultiByte
0x5837a0 MultiByteToWideChar
0x5837a4 lstrlenA
0x5837a8 lstrcpynA
0x5837ac LoadLibraryExA
0x5837b0 GetThreadLocale
0x5837b4 GetStartupInfoA
0x5837b8 GetProcAddress
0x5837bc GetModuleHandleA
0x5837c0 GetModuleFileNameA
0x5837c4 GetLocaleInfoA
0x5837c8 GetCommandLineA
0x5837cc FreeLibrary
0x5837d0 FindFirstFileA
0x5837d4 FindClose
0x5837d8 ExitProcess
0x5837dc CompareStringA
0x5837e0 WriteFile
0x5837e4 UnhandledExceptionFilter
0x5837e8 RtlUnwind
0x5837ec RaiseException
0x5837f0 GetStdHandle
kernel32.dll
0x5837f8 TlsSetValue
0x5837fc TlsGetValue
0x583800 LocalAlloc
0x583804 GetModuleHandleA
user32.dll
0x58380c CreateWindowExA
0x583810 WindowFromPoint
0x583814 WaitMessage
0x583818 UpdateWindow
0x58381c UnregisterClassA
0x583820 UnhookWindowsHookEx
0x583824 TranslateMessage
0x583828 TranslateMDISysAccel
0x58382c TrackPopupMenu
0x583830 SystemParametersInfoA
0x583834 ShowWindow
0x583838 ShowScrollBar
0x58383c ShowOwnedPopups
0x583840 SetWindowsHookExA
0x583844 SetWindowPos
0x583848 SetWindowPlacement
0x58384c SetWindowLongW
0x583850 SetWindowLongA
0x583854 SetTimer
0x583858 SetScrollRange
0x58385c SetScrollPos
0x583860 SetScrollInfo
0x583864 SetRect
0x583868 SetPropA
0x58386c SetParent
0x583870 SetMenuItemInfoA
0x583874 SetMenu
0x583878 SetForegroundWindow
0x58387c SetFocus
0x583880 SetCursor
0x583884 SetClassLongA
0x583888 SetCapture
0x58388c SetActiveWindow
0x583890 SendMessageW
0x583894 SendMessageA
0x583898 ScrollWindow
0x58389c ScreenToClient
0x5838a0 RemovePropA
0x5838a4 RemoveMenu
0x5838a8 ReleaseDC
0x5838ac ReleaseCapture
0x5838b0 RegisterWindowMessageA
0x5838b4 RegisterClipboardFormatA
0x5838b8 RegisterClassA
0x5838bc RedrawWindow
0x5838c0 PtInRect
0x5838c4 PostQuitMessage
0x5838c8 PostMessageA
0x5838cc PeekMessageW
0x5838d0 PeekMessageA
0x5838d4 OffsetRect
0x5838d8 OemToCharA
0x5838dc MessageBoxA
0x5838e0 MapWindowPoints
0x5838e4 MapVirtualKeyA
0x5838e8 LoadStringA
0x5838ec LoadKeyboardLayoutA
0x5838f0 LoadIconA
0x5838f4 LoadCursorA
0x5838f8 LoadBitmapA
0x5838fc KillTimer
0x583900 IsZoomed
0x583904 IsWindowVisible
0x583908 IsWindowUnicode
0x58390c IsWindowEnabled
0x583910 IsWindow
0x583914 IsRectEmpty
0x583918 IsIconic
0x58391c IsDialogMessageW
0x583920 IsDialogMessageA
0x583924 IsChild
0x583928 InvalidateRect
0x58392c IntersectRect
0x583930 InsertMenuItemA
0x583934 InsertMenuA
0x583938 InflateRect
0x58393c GetWindowThreadProcessId
0x583940 GetWindowTextA
0x583944 GetWindowRect
0x583948 GetWindowPlacement
0x58394c GetWindowLongW
0x583950 GetWindowLongA
0x583954 GetWindowDC
0x583958 GetTopWindow
0x58395c GetSystemMetrics
0x583960 GetSystemMenu
0x583964 GetSysColorBrush
0x583968 GetSysColor
0x58396c GetSubMenu
0x583970 GetScrollRange
0x583974 GetScrollPos
0x583978 GetScrollInfo
0x58397c GetPropA
0x583980 GetParent
0x583984 GetWindow
0x583988 GetMessagePos
0x58398c GetMenuStringA
0x583990 GetMenuState
0x583994 GetMenuItemInfoA
0x583998 GetMenuItemID
0x58399c GetMenuItemCount
0x5839a0 GetMenu
0x5839a4 GetLastActivePopup
0x5839a8 GetKeyboardState
0x5839ac GetKeyboardLayoutNameA
0x5839b0 GetKeyboardLayoutList
0x5839b4 GetKeyboardLayout
0x5839b8 GetKeyState
0x5839bc GetKeyNameTextA
0x5839c0 GetIconInfo
0x5839c4 GetForegroundWindow
0x5839c8 GetFocus
0x5839cc GetDesktopWindow
0x5839d0 GetDCEx
0x5839d4 GetDC
0x5839d8 GetCursorPos
0x5839dc GetCursor
0x5839e0 GetClipboardData
0x5839e4 GetClientRect
0x5839e8 GetClassLongA
0x5839ec GetClassInfoA
0x5839f0 GetCapture
0x5839f4 GetActiveWindow
0x5839f8 FrameRect
0x5839fc FindWindowA
0x583a00 FillRect
0x583a04 EqualRect
0x583a08 EnumWindows
0x583a0c EnumThreadWindows
0x583a10 EnumChildWindows
0x583a14 EndPaint
0x583a18 EnableWindow
0x583a1c EnableScrollBar
0x583a20 EnableMenuItem
0x583a24 DrawTextA
0x583a28 DrawMenuBar
0x583a2c DrawIconEx
0x583a30 DrawIcon
0x583a34 DrawFrameControl
0x583a38 DrawEdge
0x583a3c DispatchMessageW
0x583a40 DispatchMessageA
0x583a44 DestroyWindow
0x583a48 DestroyMenu
0x583a4c DestroyIcon
0x583a50 DestroyCursor
0x583a54 DeleteMenu
0x583a58 DefWindowProcA
0x583a5c DefMDIChildProcA
0x583a60 DefFrameProcA
0x583a64 CreatePopupMenu
0x583a68 CreateMenu
0x583a6c CreateIcon
0x583a70 ClientToScreen
0x583a74 CheckMenuItem
0x583a78 CallWindowProcA
0x583a7c CallNextHookEx
0x583a80 BeginPaint
0x583a84 CharNextA
0x583a88 CharLowerBuffA
0x583a8c CharLowerA
0x583a90 CharToOemA
0x583a94 AdjustWindowRectEx
0x583a98 ActivateKeyboardLayout
gdi32.dll
0x583aa0 UnrealizeObject
0x583aa4 StretchBlt
0x583aa8 SetWindowOrgEx
0x583aac SetWinMetaFileBits
0x583ab0 SetViewportOrgEx
0x583ab4 SetTextColor
0x583ab8 SetStretchBltMode
0x583abc SetROP2
0x583ac0 SetPixel
0x583ac4 SetEnhMetaFileBits
0x583ac8 SetDIBColorTable
0x583acc SetBrushOrgEx
0x583ad0 SetBkMode
0x583ad4 SetBkColor
0x583ad8 SelectPalette
0x583adc SelectObject
0x583ae0 SaveDC
0x583ae4 RestoreDC
0x583ae8 Rectangle
0x583aec RectVisible
0x583af0 RealizePalette
0x583af4 PlayEnhMetaFile
0x583af8 PatBlt
0x583afc MoveToEx
0x583b00 MaskBlt
0x583b04 LineTo
0x583b08 IntersectClipRect
0x583b0c GetWindowOrgEx
0x583b10 GetWinMetaFileBits
0x583b14 GetTextMetricsA
0x583b18 GetTextExtentPoint32A
0x583b1c GetSystemPaletteEntries
0x583b20 GetStockObject
0x583b24 GetRgnBox
0x583b28 GetPixel
0x583b2c GetPaletteEntries
0x583b30 GetObjectA
0x583b34 GetEnhMetaFilePaletteEntries
0x583b38 GetEnhMetaFileHeader
0x583b3c GetEnhMetaFileBits
0x583b40 GetDeviceCaps
0x583b44 GetDIBits
0x583b48 GetDIBColorTable
0x583b4c GetDCOrgEx
0x583b50 GetCurrentPositionEx
0x583b54 GetClipBox
0x583b58 GetBrushOrgEx
0x583b5c GetBitmapBits
0x583b60 GdiFlush
0x583b64 ExcludeClipRect
0x583b68 DeleteObject
0x583b6c DeleteEnhMetaFile
0x583b70 DeleteDC
0x583b74 CreateSolidBrush
0x583b78 CreatePenIndirect
0x583b7c CreatePalette
0x583b80 CreateHalftonePalette
0x583b84 CreateFontIndirectA
0x583b88 CreateDIBitmap
0x583b8c CreateDIBSection
0x583b90 CreateCompatibleDC
0x583b94 CreateCompatibleBitmap
0x583b98 CreateBrushIndirect
0x583b9c CreateBitmap
0x583ba0 CopyEnhMetaFileA
0x583ba4 BitBlt
version.dll
0x583bac VerQueryValueA
0x583bb0 GetFileVersionInfoSizeA
0x583bb4 GetFileVersionInfoA
kernel32.dll
0x583bbc lstrcpyA
0x583bc0 WriteFile
0x583bc4 WaitForSingleObject
0x583bc8 VirtualQuery
0x583bcc VirtualAlloc
0x583bd0 SizeofResource
0x583bd4 SetThreadLocale
0x583bd8 SetFilePointer
0x583bdc SetEvent
0x583be0 SetErrorMode
0x583be4 SetEndOfFile
0x583be8 ResetEvent
0x583bec ReadFile
0x583bf0 MultiByteToWideChar
0x583bf4 MulDiv
0x583bf8 LockResource
0x583bfc LoadResource
0x583c00 LoadLibraryA
0x583c04 LeaveCriticalSection
0x583c08 InitializeCriticalSection
0x583c0c GlobalFindAtomA
0x583c10 GlobalDeleteAtom
0x583c14 GlobalAddAtomA
0x583c18 GetVersionExA
0x583c1c GetVersion
0x583c20 GetTickCount
0x583c24 GetThreadLocale
0x583c28 GetStdHandle
0x583c2c GetProcAddress
0x583c30 GetModuleHandleW
0x583c34 GetModuleHandleA
0x583c38 GetModuleFileNameA
0x583c3c GetLocaleInfoA
0x583c40 GetLocalTime
0x583c44 GetLastError
0x583c48 GetFullPathNameA
0x583c4c GetDiskFreeSpaceA
0x583c50 GetDateFormatA
0x583c54 GetCurrentThreadId
0x583c58 GetCurrentProcessId
0x583c5c GetCPInfo
0x583c60 FreeResource
0x583c64 InterlockedExchange
0x583c68 FreeLibrary
0x583c6c FormatMessageA
0x583c70 FindResourceA
0x583c74 EnumCalendarInfoA
0x583c78 EnterCriticalSection
0x583c7c DeleteCriticalSection
0x583c80 CreateThread
0x583c84 CreateFileA
0x583c88 CreateEventA
0x583c8c CompareStringA
0x583c90 CloseHandle
advapi32.dll
0x583c98 RegQueryValueExA
0x583c9c RegOpenKeyExA
0x583ca0 RegFlushKey
0x583ca4 RegCloseKey
oleaut32.dll
0x583cac GetErrorInfo
0x583cb0 SysFreeString
ole32.dll
0x583cb8 CoUninitialize
0x583cbc CoInitialize
kernel32.dll
0x583cc4 Sleep
oleaut32.dll
0x583ccc SafeArrayPtrOfIndex
0x583cd0 SafeArrayGetUBound
0x583cd4 SafeArrayGetLBound
0x583cd8 SafeArrayCreate
0x583cdc VariantChangeType
0x583ce0 VariantCopy
0x583ce4 VariantClear
0x583ce8 VariantInit
comctl32.dll
0x583cf0 _TrackMouseEvent
0x583cf4 ImageList_SetIconSize
0x583cf8 ImageList_GetIconSize
0x583cfc ImageList_Write
0x583d00 ImageList_Read
0x583d04 ImageList_DragShowNolock
0x583d08 ImageList_DragMove
0x583d0c ImageList_DragLeave
0x583d10 ImageList_DragEnter
0x583d14 ImageList_EndDrag
0x583d18 ImageList_BeginDrag
0x583d1c ImageList_Remove
0x583d20 ImageList_DrawEx
0x583d24 ImageList_Draw
0x583d28 ImageList_GetBkColor
0x583d2c ImageList_SetBkColor
0x583d30 ImageList_Add
0x583d34 ImageList_GetImageCount
0x583d38 ImageList_Destroy
0x583d3c ImageList_Create
0x583d40 InitCommonControls
EAT(Export Address Table) is none
oleaut32.dll
0x583744 SysFreeString
0x583748 SysReAllocStringLen
0x58374c SysAllocStringLen
advapi32.dll
0x583754 RegQueryValueExA
0x583758 RegOpenKeyExA
0x58375c RegCloseKey
user32.dll
0x583764 GetKeyboardType
0x583768 DestroyWindow
0x58376c LoadStringA
0x583770 MessageBoxA
0x583774 CharNextA
kernel32.dll
0x58377c GetACP
0x583780 Sleep
0x583784 VirtualFree
0x583788 VirtualAlloc
0x58378c GetCurrentThreadId
0x583790 InterlockedDecrement
0x583794 InterlockedIncrement
0x583798 VirtualQuery
0x58379c WideCharToMultiByte
0x5837a0 MultiByteToWideChar
0x5837a4 lstrlenA
0x5837a8 lstrcpynA
0x5837ac LoadLibraryExA
0x5837b0 GetThreadLocale
0x5837b4 GetStartupInfoA
0x5837b8 GetProcAddress
0x5837bc GetModuleHandleA
0x5837c0 GetModuleFileNameA
0x5837c4 GetLocaleInfoA
0x5837c8 GetCommandLineA
0x5837cc FreeLibrary
0x5837d0 FindFirstFileA
0x5837d4 FindClose
0x5837d8 ExitProcess
0x5837dc CompareStringA
0x5837e0 WriteFile
0x5837e4 UnhandledExceptionFilter
0x5837e8 RtlUnwind
0x5837ec RaiseException
0x5837f0 GetStdHandle
kernel32.dll
0x5837f8 TlsSetValue
0x5837fc TlsGetValue
0x583800 LocalAlloc
0x583804 GetModuleHandleA
user32.dll
0x58380c CreateWindowExA
0x583810 WindowFromPoint
0x583814 WaitMessage
0x583818 UpdateWindow
0x58381c UnregisterClassA
0x583820 UnhookWindowsHookEx
0x583824 TranslateMessage
0x583828 TranslateMDISysAccel
0x58382c TrackPopupMenu
0x583830 SystemParametersInfoA
0x583834 ShowWindow
0x583838 ShowScrollBar
0x58383c ShowOwnedPopups
0x583840 SetWindowsHookExA
0x583844 SetWindowPos
0x583848 SetWindowPlacement
0x58384c SetWindowLongW
0x583850 SetWindowLongA
0x583854 SetTimer
0x583858 SetScrollRange
0x58385c SetScrollPos
0x583860 SetScrollInfo
0x583864 SetRect
0x583868 SetPropA
0x58386c SetParent
0x583870 SetMenuItemInfoA
0x583874 SetMenu
0x583878 SetForegroundWindow
0x58387c SetFocus
0x583880 SetCursor
0x583884 SetClassLongA
0x583888 SetCapture
0x58388c SetActiveWindow
0x583890 SendMessageW
0x583894 SendMessageA
0x583898 ScrollWindow
0x58389c ScreenToClient
0x5838a0 RemovePropA
0x5838a4 RemoveMenu
0x5838a8 ReleaseDC
0x5838ac ReleaseCapture
0x5838b0 RegisterWindowMessageA
0x5838b4 RegisterClipboardFormatA
0x5838b8 RegisterClassA
0x5838bc RedrawWindow
0x5838c0 PtInRect
0x5838c4 PostQuitMessage
0x5838c8 PostMessageA
0x5838cc PeekMessageW
0x5838d0 PeekMessageA
0x5838d4 OffsetRect
0x5838d8 OemToCharA
0x5838dc MessageBoxA
0x5838e0 MapWindowPoints
0x5838e4 MapVirtualKeyA
0x5838e8 LoadStringA
0x5838ec LoadKeyboardLayoutA
0x5838f0 LoadIconA
0x5838f4 LoadCursorA
0x5838f8 LoadBitmapA
0x5838fc KillTimer
0x583900 IsZoomed
0x583904 IsWindowVisible
0x583908 IsWindowUnicode
0x58390c IsWindowEnabled
0x583910 IsWindow
0x583914 IsRectEmpty
0x583918 IsIconic
0x58391c IsDialogMessageW
0x583920 IsDialogMessageA
0x583924 IsChild
0x583928 InvalidateRect
0x58392c IntersectRect
0x583930 InsertMenuItemA
0x583934 InsertMenuA
0x583938 InflateRect
0x58393c GetWindowThreadProcessId
0x583940 GetWindowTextA
0x583944 GetWindowRect
0x583948 GetWindowPlacement
0x58394c GetWindowLongW
0x583950 GetWindowLongA
0x583954 GetWindowDC
0x583958 GetTopWindow
0x58395c GetSystemMetrics
0x583960 GetSystemMenu
0x583964 GetSysColorBrush
0x583968 GetSysColor
0x58396c GetSubMenu
0x583970 GetScrollRange
0x583974 GetScrollPos
0x583978 GetScrollInfo
0x58397c GetPropA
0x583980 GetParent
0x583984 GetWindow
0x583988 GetMessagePos
0x58398c GetMenuStringA
0x583990 GetMenuState
0x583994 GetMenuItemInfoA
0x583998 GetMenuItemID
0x58399c GetMenuItemCount
0x5839a0 GetMenu
0x5839a4 GetLastActivePopup
0x5839a8 GetKeyboardState
0x5839ac GetKeyboardLayoutNameA
0x5839b0 GetKeyboardLayoutList
0x5839b4 GetKeyboardLayout
0x5839b8 GetKeyState
0x5839bc GetKeyNameTextA
0x5839c0 GetIconInfo
0x5839c4 GetForegroundWindow
0x5839c8 GetFocus
0x5839cc GetDesktopWindow
0x5839d0 GetDCEx
0x5839d4 GetDC
0x5839d8 GetCursorPos
0x5839dc GetCursor
0x5839e0 GetClipboardData
0x5839e4 GetClientRect
0x5839e8 GetClassLongA
0x5839ec GetClassInfoA
0x5839f0 GetCapture
0x5839f4 GetActiveWindow
0x5839f8 FrameRect
0x5839fc FindWindowA
0x583a00 FillRect
0x583a04 EqualRect
0x583a08 EnumWindows
0x583a0c EnumThreadWindows
0x583a10 EnumChildWindows
0x583a14 EndPaint
0x583a18 EnableWindow
0x583a1c EnableScrollBar
0x583a20 EnableMenuItem
0x583a24 DrawTextA
0x583a28 DrawMenuBar
0x583a2c DrawIconEx
0x583a30 DrawIcon
0x583a34 DrawFrameControl
0x583a38 DrawEdge
0x583a3c DispatchMessageW
0x583a40 DispatchMessageA
0x583a44 DestroyWindow
0x583a48 DestroyMenu
0x583a4c DestroyIcon
0x583a50 DestroyCursor
0x583a54 DeleteMenu
0x583a58 DefWindowProcA
0x583a5c DefMDIChildProcA
0x583a60 DefFrameProcA
0x583a64 CreatePopupMenu
0x583a68 CreateMenu
0x583a6c CreateIcon
0x583a70 ClientToScreen
0x583a74 CheckMenuItem
0x583a78 CallWindowProcA
0x583a7c CallNextHookEx
0x583a80 BeginPaint
0x583a84 CharNextA
0x583a88 CharLowerBuffA
0x583a8c CharLowerA
0x583a90 CharToOemA
0x583a94 AdjustWindowRectEx
0x583a98 ActivateKeyboardLayout
gdi32.dll
0x583aa0 UnrealizeObject
0x583aa4 StretchBlt
0x583aa8 SetWindowOrgEx
0x583aac SetWinMetaFileBits
0x583ab0 SetViewportOrgEx
0x583ab4 SetTextColor
0x583ab8 SetStretchBltMode
0x583abc SetROP2
0x583ac0 SetPixel
0x583ac4 SetEnhMetaFileBits
0x583ac8 SetDIBColorTable
0x583acc SetBrushOrgEx
0x583ad0 SetBkMode
0x583ad4 SetBkColor
0x583ad8 SelectPalette
0x583adc SelectObject
0x583ae0 SaveDC
0x583ae4 RestoreDC
0x583ae8 Rectangle
0x583aec RectVisible
0x583af0 RealizePalette
0x583af4 PlayEnhMetaFile
0x583af8 PatBlt
0x583afc MoveToEx
0x583b00 MaskBlt
0x583b04 LineTo
0x583b08 IntersectClipRect
0x583b0c GetWindowOrgEx
0x583b10 GetWinMetaFileBits
0x583b14 GetTextMetricsA
0x583b18 GetTextExtentPoint32A
0x583b1c GetSystemPaletteEntries
0x583b20 GetStockObject
0x583b24 GetRgnBox
0x583b28 GetPixel
0x583b2c GetPaletteEntries
0x583b30 GetObjectA
0x583b34 GetEnhMetaFilePaletteEntries
0x583b38 GetEnhMetaFileHeader
0x583b3c GetEnhMetaFileBits
0x583b40 GetDeviceCaps
0x583b44 GetDIBits
0x583b48 GetDIBColorTable
0x583b4c GetDCOrgEx
0x583b50 GetCurrentPositionEx
0x583b54 GetClipBox
0x583b58 GetBrushOrgEx
0x583b5c GetBitmapBits
0x583b60 GdiFlush
0x583b64 ExcludeClipRect
0x583b68 DeleteObject
0x583b6c DeleteEnhMetaFile
0x583b70 DeleteDC
0x583b74 CreateSolidBrush
0x583b78 CreatePenIndirect
0x583b7c CreatePalette
0x583b80 CreateHalftonePalette
0x583b84 CreateFontIndirectA
0x583b88 CreateDIBitmap
0x583b8c CreateDIBSection
0x583b90 CreateCompatibleDC
0x583b94 CreateCompatibleBitmap
0x583b98 CreateBrushIndirect
0x583b9c CreateBitmap
0x583ba0 CopyEnhMetaFileA
0x583ba4 BitBlt
version.dll
0x583bac VerQueryValueA
0x583bb0 GetFileVersionInfoSizeA
0x583bb4 GetFileVersionInfoA
kernel32.dll
0x583bbc lstrcpyA
0x583bc0 WriteFile
0x583bc4 WaitForSingleObject
0x583bc8 VirtualQuery
0x583bcc VirtualAlloc
0x583bd0 SizeofResource
0x583bd4 SetThreadLocale
0x583bd8 SetFilePointer
0x583bdc SetEvent
0x583be0 SetErrorMode
0x583be4 SetEndOfFile
0x583be8 ResetEvent
0x583bec ReadFile
0x583bf0 MultiByteToWideChar
0x583bf4 MulDiv
0x583bf8 LockResource
0x583bfc LoadResource
0x583c00 LoadLibraryA
0x583c04 LeaveCriticalSection
0x583c08 InitializeCriticalSection
0x583c0c GlobalFindAtomA
0x583c10 GlobalDeleteAtom
0x583c14 GlobalAddAtomA
0x583c18 GetVersionExA
0x583c1c GetVersion
0x583c20 GetTickCount
0x583c24 GetThreadLocale
0x583c28 GetStdHandle
0x583c2c GetProcAddress
0x583c30 GetModuleHandleW
0x583c34 GetModuleHandleA
0x583c38 GetModuleFileNameA
0x583c3c GetLocaleInfoA
0x583c40 GetLocalTime
0x583c44 GetLastError
0x583c48 GetFullPathNameA
0x583c4c GetDiskFreeSpaceA
0x583c50 GetDateFormatA
0x583c54 GetCurrentThreadId
0x583c58 GetCurrentProcessId
0x583c5c GetCPInfo
0x583c60 FreeResource
0x583c64 InterlockedExchange
0x583c68 FreeLibrary
0x583c6c FormatMessageA
0x583c70 FindResourceA
0x583c74 EnumCalendarInfoA
0x583c78 EnterCriticalSection
0x583c7c DeleteCriticalSection
0x583c80 CreateThread
0x583c84 CreateFileA
0x583c88 CreateEventA
0x583c8c CompareStringA
0x583c90 CloseHandle
advapi32.dll
0x583c98 RegQueryValueExA
0x583c9c RegOpenKeyExA
0x583ca0 RegFlushKey
0x583ca4 RegCloseKey
oleaut32.dll
0x583cac GetErrorInfo
0x583cb0 SysFreeString
ole32.dll
0x583cb8 CoUninitialize
0x583cbc CoInitialize
kernel32.dll
0x583cc4 Sleep
oleaut32.dll
0x583ccc SafeArrayPtrOfIndex
0x583cd0 SafeArrayGetUBound
0x583cd4 SafeArrayGetLBound
0x583cd8 SafeArrayCreate
0x583cdc VariantChangeType
0x583ce0 VariantCopy
0x583ce4 VariantClear
0x583ce8 VariantInit
comctl32.dll
0x583cf0 _TrackMouseEvent
0x583cf4 ImageList_SetIconSize
0x583cf8 ImageList_GetIconSize
0x583cfc ImageList_Write
0x583d00 ImageList_Read
0x583d04 ImageList_DragShowNolock
0x583d08 ImageList_DragMove
0x583d0c ImageList_DragLeave
0x583d10 ImageList_DragEnter
0x583d14 ImageList_EndDrag
0x583d18 ImageList_BeginDrag
0x583d1c ImageList_Remove
0x583d20 ImageList_DrawEx
0x583d24 ImageList_Draw
0x583d28 ImageList_GetBkColor
0x583d2c ImageList_SetBkColor
0x583d30 ImageList_Add
0x583d34 ImageList_GetImageCount
0x583d38 ImageList_Destroy
0x583d3c ImageList_Create
0x583d40 InitCommonControls
EAT(Export Address Table) is none