ScreenShot
| Created | 2025.03.27 09:39 | Machine | s1_win7_x6403 |
| Filename | loader.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | |||
| VT API (file) | 27 detected (Unsafe, Tedy, malicious, confidence, Attribute, HighConfidence, high confidence, ModiLoader, CLASSIC, Static AI, Suspicious PE, Detected, Wacapew, PE04C9V, susgen) | ||
| md5 | e6bd18c05b4c856a0465f5c539b5873f | ||
| sha256 | c8355eb495a616f39fabfd22ae778ac3b111ccc271914a423087920c6f25c034 | ||
| ssdeep | 24576:oTvqQGUu/OBrPScMD54umx43TKg4OCS3mTpvB2HyFZbLX46RJn/dCW:ok+h2e83TKg46oUaZbLjX | ||
| imphash | d883edc8738a259c4bdb6e3b7d73c601 | ||
| impfuzzy | 192:o13MreuuasSUvK9DpoHX8jBf7XccLZ1F1QAPOQY:C35a59GOhb13POQY | ||
Network IP location
Signature (16cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| warning | File has been identified by 27 AntiVirus engines on VirusTotal as malicious |
| warning | Generates some ICMP traffic |
| watch | Communicates with host for which no DNS query was performed |
| watch | Creates a windows hook that monitors keyboard input (keylogger) |
| notice | A process attempted to delay the analysis task. |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Connects to a Dynamic DNS Domain |
| notice | Creates a suspicious process |
| notice | Drops a binary and executes it |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Uses Windows utilities for basic Windows functionality |
| info | Checks amount of memory in system |
| info | Command line console output was observed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The executable uses a known packer |
Rules (11cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (download) |
| info | mzp_file_format | MZP(Delphi) file format | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
| info | url_file_format | Microsoft Windows Internet Shortcut File Format | binaries (download) |
Suricata ids
ET HUNTING DNS Lookup for 8+ hexadecimal only duckdns domain
ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
PE API
IAT(Import Address Table) Library
oleaut32.dll
0x47a818 SysFreeString
0x47a81c SysReAllocStringLen
0x47a820 SysAllocStringLen
advapi32.dll
0x47a828 RegQueryValueExA
0x47a82c RegOpenKeyExA
0x47a830 RegCloseKey
user32.dll
0x47a838 GetKeyboardType
0x47a83c DestroyWindow
0x47a840 LoadStringA
0x47a844 MessageBoxA
0x47a848 CharNextA
kernel32.dll
0x47a850 GetACP
0x47a854 Sleep
0x47a858 VirtualFree
0x47a85c VirtualAlloc
0x47a860 GetCurrentThreadId
0x47a864 InterlockedDecrement
0x47a868 InterlockedIncrement
0x47a86c VirtualQuery
0x47a870 WideCharToMultiByte
0x47a874 MultiByteToWideChar
0x47a878 lstrlenA
0x47a87c lstrcpynA
0x47a880 LoadLibraryExA
0x47a884 GetThreadLocale
0x47a888 GetStartupInfoA
0x47a88c GetProcAddress
0x47a890 GetModuleHandleA
0x47a894 GetModuleFileNameA
0x47a898 GetLocaleInfoA
0x47a89c GetCommandLineA
0x47a8a0 FreeLibrary
0x47a8a4 FindFirstFileA
0x47a8a8 FindClose
0x47a8ac ExitProcess
0x47a8b0 CompareStringA
0x47a8b4 WriteFile
0x47a8b8 UnhandledExceptionFilter
0x47a8bc RtlUnwind
0x47a8c0 RaiseException
0x47a8c4 GetStdHandle
kernel32.dll
0x47a8cc TlsSetValue
0x47a8d0 TlsGetValue
0x47a8d4 LocalAlloc
0x47a8d8 GetModuleHandleA
user32.dll
0x47a8e0 CreateWindowExA
0x47a8e4 WindowFromPoint
0x47a8e8 WaitMessage
0x47a8ec ValidateRect
0x47a8f0 UpdateWindow
0x47a8f4 UnregisterClassA
0x47a8f8 UnionRect
0x47a8fc UnhookWindowsHookEx
0x47a900 TranslateMessage
0x47a904 TranslateMDISysAccel
0x47a908 TrackPopupMenu
0x47a90c SystemParametersInfoA
0x47a910 ShowWindow
0x47a914 ShowScrollBar
0x47a918 ShowOwnedPopups
0x47a91c SetWindowsHookExA
0x47a920 SetWindowTextA
0x47a924 SetWindowPos
0x47a928 SetWindowPlacement
0x47a92c SetWindowLongW
0x47a930 SetWindowLongA
0x47a934 SetTimer
0x47a938 SetScrollRange
0x47a93c SetScrollPos
0x47a940 SetScrollInfo
0x47a944 SetRect
0x47a948 SetPropA
0x47a94c SetParent
0x47a950 SetMenuItemInfoA
0x47a954 SetMenu
0x47a958 SetKeyboardState
0x47a95c SetForegroundWindow
0x47a960 SetFocus
0x47a964 SetCursor
0x47a968 SetClipboardData
0x47a96c SetClassLongA
0x47a970 SetCaretPos
0x47a974 SetCapture
0x47a978 SetActiveWindow
0x47a97c SendMessageW
0x47a980 SendMessageA
0x47a984 ScrollWindowEx
0x47a988 ScrollWindow
0x47a98c ScreenToClient
0x47a990 RemovePropA
0x47a994 RemoveMenu
0x47a998 ReleaseDC
0x47a99c ReleaseCapture
0x47a9a0 RegisterWindowMessageA
0x47a9a4 RegisterClipboardFormatA
0x47a9a8 RegisterClassA
0x47a9ac RedrawWindow
0x47a9b0 PtInRect
0x47a9b4 PostQuitMessage
0x47a9b8 PostMessageA
0x47a9bc PeekMessageW
0x47a9c0 PeekMessageA
0x47a9c4 OpenClipboard
0x47a9c8 OffsetRect
0x47a9cc OemToCharA
0x47a9d0 MessageBoxA
0x47a9d4 MessageBeep
0x47a9d8 MapWindowPoints
0x47a9dc MapVirtualKeyA
0x47a9e0 LoadStringA
0x47a9e4 LoadKeyboardLayoutA
0x47a9e8 LoadIconA
0x47a9ec LoadCursorA
0x47a9f0 LoadBitmapA
0x47a9f4 KillTimer
0x47a9f8 IsZoomed
0x47a9fc IsWindowVisible
0x47aa00 IsWindowUnicode
0x47aa04 IsWindowEnabled
0x47aa08 IsWindow
0x47aa0c IsRectEmpty
0x47aa10 IsIconic
0x47aa14 IsDialogMessageW
0x47aa18 IsDialogMessageA
0x47aa1c IsChild
0x47aa20 IsCharAlphaNumericA
0x47aa24 IsCharAlphaA
0x47aa28 InvalidateRect
0x47aa2c IntersectRect
0x47aa30 InsertMenuItemA
0x47aa34 InsertMenuA
0x47aa38 InflateRect
0x47aa3c GetWindowThreadProcessId
0x47aa40 GetWindowTextA
0x47aa44 GetWindowRect
0x47aa48 GetWindowPlacement
0x47aa4c GetWindowLongW
0x47aa50 GetWindowLongA
0x47aa54 GetWindowDC
0x47aa58 GetTopWindow
0x47aa5c GetSystemMetrics
0x47aa60 GetSystemMenu
0x47aa64 GetSysColorBrush
0x47aa68 GetSysColor
0x47aa6c GetSubMenu
0x47aa70 GetScrollRange
0x47aa74 GetScrollPos
0x47aa78 GetScrollInfo
0x47aa7c GetPropA
0x47aa80 GetParent
0x47aa84 GetWindow
0x47aa88 GetMessageTime
0x47aa8c GetMessagePos
0x47aa90 GetMenuStringA
0x47aa94 GetMenuState
0x47aa98 GetMenuItemInfoA
0x47aa9c GetMenuItemID
0x47aaa0 GetMenuItemCount
0x47aaa4 GetMenu
0x47aaa8 GetLastActivePopup
0x47aaac GetKeyboardState
0x47aab0 GetKeyboardLayoutNameA
0x47aab4 GetKeyboardLayoutList
0x47aab8 GetKeyboardLayout
0x47aabc GetKeyState
0x47aac0 GetKeyNameTextA
0x47aac4 GetIconInfo
0x47aac8 GetForegroundWindow
0x47aacc GetFocus
0x47aad0 GetDoubleClickTime
0x47aad4 GetDlgItem
0x47aad8 GetDesktopWindow
0x47aadc GetDCEx
0x47aae0 GetDC
0x47aae4 GetCursorPos
0x47aae8 GetCursor
0x47aaec GetClipboardData
0x47aaf0 GetClientRect
0x47aaf4 GetClassLongA
0x47aaf8 GetClassInfoA
0x47aafc GetCaretPos
0x47ab00 GetCapture
0x47ab04 GetActiveWindow
0x47ab08 FrameRect
0x47ab0c FindWindowA
0x47ab10 FillRect
0x47ab14 EqualRect
0x47ab18 EnumWindows
0x47ab1c EnumThreadWindows
0x47ab20 EnumClipboardFormats
0x47ab24 EnumChildWindows
0x47ab28 EndPaint
0x47ab2c EnableWindow
0x47ab30 EnableScrollBar
0x47ab34 EnableMenuItem
0x47ab38 EmptyClipboard
0x47ab3c DrawTextA
0x47ab40 DrawMenuBar
0x47ab44 DrawIconEx
0x47ab48 DrawIcon
0x47ab4c DrawFrameControl
0x47ab50 DrawFocusRect
0x47ab54 DrawEdge
0x47ab58 DispatchMessageW
0x47ab5c DispatchMessageA
0x47ab60 DestroyWindow
0x47ab64 DestroyMenu
0x47ab68 DestroyIcon
0x47ab6c DestroyCursor
0x47ab70 DestroyCaret
0x47ab74 DeleteMenu
0x47ab78 DefWindowProcA
0x47ab7c DefMDIChildProcA
0x47ab80 DefFrameProcA
0x47ab84 CreatePopupMenu
0x47ab88 CreateMenu
0x47ab8c CreateIcon
0x47ab90 CreateCaret
0x47ab94 CloseClipboard
0x47ab98 ClientToScreen
0x47ab9c CheckMenuItem
0x47aba0 CallWindowProcA
0x47aba4 CallNextHookEx
0x47aba8 BeginPaint
0x47abac CharNextA
0x47abb0 CharLowerBuffA
0x47abb4 CharLowerA
0x47abb8 CharUpperBuffA
0x47abbc CharToOemA
0x47abc0 AdjustWindowRectEx
0x47abc4 ActivateKeyboardLayout
gdi32.dll
0x47abcc UnrealizeObject
0x47abd0 StretchBlt
0x47abd4 SetWindowOrgEx
0x47abd8 SetWindowExtEx
0x47abdc SetWinMetaFileBits
0x47abe0 SetViewportOrgEx
0x47abe4 SetViewportExtEx
0x47abe8 SetTextColor
0x47abec SetStretchBltMode
0x47abf0 SetROP2
0x47abf4 SetPixel
0x47abf8 SetMapMode
0x47abfc SetEnhMetaFileBits
0x47ac00 SetDIBColorTable
0x47ac04 SetBrushOrgEx
0x47ac08 SetBkMode
0x47ac0c SetBkColor
0x47ac10 SelectPalette
0x47ac14 SelectObject
0x47ac18 SaveDC
0x47ac1c RestoreDC
0x47ac20 Rectangle
0x47ac24 RectVisible
0x47ac28 RealizePalette
0x47ac2c Polyline
0x47ac30 PolyPolyline
0x47ac34 PlayEnhMetaFile
0x47ac38 PatBlt
0x47ac3c MoveToEx
0x47ac40 MaskBlt
0x47ac44 LineTo
0x47ac48 IntersectClipRect
0x47ac4c GetWindowOrgEx
0x47ac50 GetWinMetaFileBits
0x47ac54 GetTextMetricsA
0x47ac58 GetTextExtentPoint32A
0x47ac5c GetSystemPaletteEntries
0x47ac60 GetStockObject
0x47ac64 GetRgnBox
0x47ac68 GetPixel
0x47ac6c GetPaletteEntries
0x47ac70 GetObjectA
0x47ac74 GetEnhMetaFilePaletteEntries
0x47ac78 GetEnhMetaFileHeader
0x47ac7c GetEnhMetaFileBits
0x47ac80 GetDeviceCaps
0x47ac84 GetDIBits
0x47ac88 GetDIBColorTable
0x47ac8c GetDCOrgEx
0x47ac90 GetCurrentPositionEx
0x47ac94 GetClipBox
0x47ac98 GetBrushOrgEx
0x47ac9c GetBitmapBits
0x47aca0 ExtTextOutA
0x47aca4 ExtCreatePen
0x47aca8 ExcludeClipRect
0x47acac DeleteObject
0x47acb0 DeleteEnhMetaFile
0x47acb4 DeleteDC
0x47acb8 CreateSolidBrush
0x47acbc CreatePenIndirect
0x47acc0 CreatePalette
0x47acc4 CreateHalftonePalette
0x47acc8 CreateFontIndirectA
0x47accc CreateDIBitmap
0x47acd0 CreateDIBSection
0x47acd4 CreateCompatibleDC
0x47acd8 CreateCompatibleBitmap
0x47acdc CreateBrushIndirect
0x47ace0 CreateBitmap
0x47ace4 CopyEnhMetaFileA
0x47ace8 BitBlt
version.dll
0x47acf0 VerQueryValueA
0x47acf4 GetFileVersionInfoSizeA
0x47acf8 GetFileVersionInfoA
kernel32.dll
0x47ad00 lstrcpyA
0x47ad04 WriteFile
0x47ad08 WaitForSingleObject
0x47ad0c VirtualQuery
0x47ad10 VirtualAlloc
0x47ad14 SizeofResource
0x47ad18 SetThreadLocale
0x47ad1c SetFilePointer
0x47ad20 SetEvent
0x47ad24 SetErrorMode
0x47ad28 SetEndOfFile
0x47ad2c ResetEvent
0x47ad30 ReadFile
0x47ad34 MultiByteToWideChar
0x47ad38 MulDiv
0x47ad3c LockResource
0x47ad40 LoadResource
0x47ad44 LoadLibraryA
0x47ad48 LeaveCriticalSection
0x47ad4c InitializeCriticalSection
0x47ad50 GlobalUnlock
0x47ad54 GlobalLock
0x47ad58 GlobalFree
0x47ad5c GlobalFindAtomA
0x47ad60 GlobalDeleteAtom
0x47ad64 GlobalAlloc
0x47ad68 GlobalAddAtomA
0x47ad6c GetVersionExA
0x47ad70 GetVersion
0x47ad74 GetTickCount
0x47ad78 GetThreadLocale
0x47ad7c GetStdHandle
0x47ad80 GetProcAddress
0x47ad84 GetModuleHandleA
0x47ad88 GetModuleFileNameA
0x47ad8c GetLocaleInfoA
0x47ad90 GetLocalTime
0x47ad94 GetLastError
0x47ad98 GetFullPathNameA
0x47ad9c GetFileAttributesA
0x47ada0 GetDiskFreeSpaceA
0x47ada4 GetDateFormatA
0x47ada8 GetCurrentThreadId
0x47adac GetCurrentProcessId
0x47adb0 GetComputerNameA
0x47adb4 GetCPInfo
0x47adb8 FreeResource
0x47adbc InterlockedExchange
0x47adc0 FreeLibrary
0x47adc4 FormatMessageA
0x47adc8 FindResourceA
0x47adcc EnumCalendarInfoA
0x47add0 EnterCriticalSection
0x47add4 DeleteCriticalSection
0x47add8 CreateThread
0x47addc CreateFileA
0x47ade0 CreateEventA
0x47ade4 CompareStringA
0x47ade8 CloseHandle
advapi32.dll
0x47adf0 RegQueryValueExA
0x47adf4 RegOpenKeyExA
0x47adf8 RegFlushKey
0x47adfc RegCloseKey
oleaut32.dll
0x47ae04 GetErrorInfo
0x47ae08 GetActiveObject
0x47ae0c SysFreeString
ole32.dll
0x47ae14 CoTaskMemFree
0x47ae18 ProgIDFromCLSID
0x47ae1c StringFromCLSID
0x47ae20 CoCreateInstance
0x47ae24 CoUninitialize
0x47ae28 CoInitialize
0x47ae2c IsEqualGUID
kernel32.dll
0x47ae34 Sleep
oleaut32.dll
0x47ae3c SafeArrayPtrOfIndex
0x47ae40 SafeArrayGetUBound
0x47ae44 SafeArrayGetLBound
0x47ae48 SafeArrayCreate
0x47ae4c VariantChangeType
0x47ae50 VariantCopy
0x47ae54 VariantClear
0x47ae58 VariantInit
comctl32.dll
0x47ae60 _TrackMouseEvent
0x47ae64 ImageList_SetIconSize
0x47ae68 ImageList_GetIconSize
0x47ae6c ImageList_Write
0x47ae70 ImageList_Read
0x47ae74 ImageList_DragShowNolock
0x47ae78 ImageList_DragMove
0x47ae7c ImageList_DragLeave
0x47ae80 ImageList_DragEnter
0x47ae84 ImageList_EndDrag
0x47ae88 ImageList_BeginDrag
0x47ae8c ImageList_Remove
0x47ae90 ImageList_DrawEx
0x47ae94 ImageList_Draw
0x47ae98 ImageList_GetBkColor
0x47ae9c ImageList_SetBkColor
0x47aea0 ImageList_Add
0x47aea4 ImageList_GetImageCount
0x47aea8 ImageList_Destroy
0x47aeac ImageList_Create
comdlg32.dll
0x47aeb4 GetSaveFileNameA
0x47aeb8 GetOpenFileNameA
kernel32.dll
0x47aec0 MulDiv
EAT(Export Address Table) is none
oleaut32.dll
0x47a818 SysFreeString
0x47a81c SysReAllocStringLen
0x47a820 SysAllocStringLen
advapi32.dll
0x47a828 RegQueryValueExA
0x47a82c RegOpenKeyExA
0x47a830 RegCloseKey
user32.dll
0x47a838 GetKeyboardType
0x47a83c DestroyWindow
0x47a840 LoadStringA
0x47a844 MessageBoxA
0x47a848 CharNextA
kernel32.dll
0x47a850 GetACP
0x47a854 Sleep
0x47a858 VirtualFree
0x47a85c VirtualAlloc
0x47a860 GetCurrentThreadId
0x47a864 InterlockedDecrement
0x47a868 InterlockedIncrement
0x47a86c VirtualQuery
0x47a870 WideCharToMultiByte
0x47a874 MultiByteToWideChar
0x47a878 lstrlenA
0x47a87c lstrcpynA
0x47a880 LoadLibraryExA
0x47a884 GetThreadLocale
0x47a888 GetStartupInfoA
0x47a88c GetProcAddress
0x47a890 GetModuleHandleA
0x47a894 GetModuleFileNameA
0x47a898 GetLocaleInfoA
0x47a89c GetCommandLineA
0x47a8a0 FreeLibrary
0x47a8a4 FindFirstFileA
0x47a8a8 FindClose
0x47a8ac ExitProcess
0x47a8b0 CompareStringA
0x47a8b4 WriteFile
0x47a8b8 UnhandledExceptionFilter
0x47a8bc RtlUnwind
0x47a8c0 RaiseException
0x47a8c4 GetStdHandle
kernel32.dll
0x47a8cc TlsSetValue
0x47a8d0 TlsGetValue
0x47a8d4 LocalAlloc
0x47a8d8 GetModuleHandleA
user32.dll
0x47a8e0 CreateWindowExA
0x47a8e4 WindowFromPoint
0x47a8e8 WaitMessage
0x47a8ec ValidateRect
0x47a8f0 UpdateWindow
0x47a8f4 UnregisterClassA
0x47a8f8 UnionRect
0x47a8fc UnhookWindowsHookEx
0x47a900 TranslateMessage
0x47a904 TranslateMDISysAccel
0x47a908 TrackPopupMenu
0x47a90c SystemParametersInfoA
0x47a910 ShowWindow
0x47a914 ShowScrollBar
0x47a918 ShowOwnedPopups
0x47a91c SetWindowsHookExA
0x47a920 SetWindowTextA
0x47a924 SetWindowPos
0x47a928 SetWindowPlacement
0x47a92c SetWindowLongW
0x47a930 SetWindowLongA
0x47a934 SetTimer
0x47a938 SetScrollRange
0x47a93c SetScrollPos
0x47a940 SetScrollInfo
0x47a944 SetRect
0x47a948 SetPropA
0x47a94c SetParent
0x47a950 SetMenuItemInfoA
0x47a954 SetMenu
0x47a958 SetKeyboardState
0x47a95c SetForegroundWindow
0x47a960 SetFocus
0x47a964 SetCursor
0x47a968 SetClipboardData
0x47a96c SetClassLongA
0x47a970 SetCaretPos
0x47a974 SetCapture
0x47a978 SetActiveWindow
0x47a97c SendMessageW
0x47a980 SendMessageA
0x47a984 ScrollWindowEx
0x47a988 ScrollWindow
0x47a98c ScreenToClient
0x47a990 RemovePropA
0x47a994 RemoveMenu
0x47a998 ReleaseDC
0x47a99c ReleaseCapture
0x47a9a0 RegisterWindowMessageA
0x47a9a4 RegisterClipboardFormatA
0x47a9a8 RegisterClassA
0x47a9ac RedrawWindow
0x47a9b0 PtInRect
0x47a9b4 PostQuitMessage
0x47a9b8 PostMessageA
0x47a9bc PeekMessageW
0x47a9c0 PeekMessageA
0x47a9c4 OpenClipboard
0x47a9c8 OffsetRect
0x47a9cc OemToCharA
0x47a9d0 MessageBoxA
0x47a9d4 MessageBeep
0x47a9d8 MapWindowPoints
0x47a9dc MapVirtualKeyA
0x47a9e0 LoadStringA
0x47a9e4 LoadKeyboardLayoutA
0x47a9e8 LoadIconA
0x47a9ec LoadCursorA
0x47a9f0 LoadBitmapA
0x47a9f4 KillTimer
0x47a9f8 IsZoomed
0x47a9fc IsWindowVisible
0x47aa00 IsWindowUnicode
0x47aa04 IsWindowEnabled
0x47aa08 IsWindow
0x47aa0c IsRectEmpty
0x47aa10 IsIconic
0x47aa14 IsDialogMessageW
0x47aa18 IsDialogMessageA
0x47aa1c IsChild
0x47aa20 IsCharAlphaNumericA
0x47aa24 IsCharAlphaA
0x47aa28 InvalidateRect
0x47aa2c IntersectRect
0x47aa30 InsertMenuItemA
0x47aa34 InsertMenuA
0x47aa38 InflateRect
0x47aa3c GetWindowThreadProcessId
0x47aa40 GetWindowTextA
0x47aa44 GetWindowRect
0x47aa48 GetWindowPlacement
0x47aa4c GetWindowLongW
0x47aa50 GetWindowLongA
0x47aa54 GetWindowDC
0x47aa58 GetTopWindow
0x47aa5c GetSystemMetrics
0x47aa60 GetSystemMenu
0x47aa64 GetSysColorBrush
0x47aa68 GetSysColor
0x47aa6c GetSubMenu
0x47aa70 GetScrollRange
0x47aa74 GetScrollPos
0x47aa78 GetScrollInfo
0x47aa7c GetPropA
0x47aa80 GetParent
0x47aa84 GetWindow
0x47aa88 GetMessageTime
0x47aa8c GetMessagePos
0x47aa90 GetMenuStringA
0x47aa94 GetMenuState
0x47aa98 GetMenuItemInfoA
0x47aa9c GetMenuItemID
0x47aaa0 GetMenuItemCount
0x47aaa4 GetMenu
0x47aaa8 GetLastActivePopup
0x47aaac GetKeyboardState
0x47aab0 GetKeyboardLayoutNameA
0x47aab4 GetKeyboardLayoutList
0x47aab8 GetKeyboardLayout
0x47aabc GetKeyState
0x47aac0 GetKeyNameTextA
0x47aac4 GetIconInfo
0x47aac8 GetForegroundWindow
0x47aacc GetFocus
0x47aad0 GetDoubleClickTime
0x47aad4 GetDlgItem
0x47aad8 GetDesktopWindow
0x47aadc GetDCEx
0x47aae0 GetDC
0x47aae4 GetCursorPos
0x47aae8 GetCursor
0x47aaec GetClipboardData
0x47aaf0 GetClientRect
0x47aaf4 GetClassLongA
0x47aaf8 GetClassInfoA
0x47aafc GetCaretPos
0x47ab00 GetCapture
0x47ab04 GetActiveWindow
0x47ab08 FrameRect
0x47ab0c FindWindowA
0x47ab10 FillRect
0x47ab14 EqualRect
0x47ab18 EnumWindows
0x47ab1c EnumThreadWindows
0x47ab20 EnumClipboardFormats
0x47ab24 EnumChildWindows
0x47ab28 EndPaint
0x47ab2c EnableWindow
0x47ab30 EnableScrollBar
0x47ab34 EnableMenuItem
0x47ab38 EmptyClipboard
0x47ab3c DrawTextA
0x47ab40 DrawMenuBar
0x47ab44 DrawIconEx
0x47ab48 DrawIcon
0x47ab4c DrawFrameControl
0x47ab50 DrawFocusRect
0x47ab54 DrawEdge
0x47ab58 DispatchMessageW
0x47ab5c DispatchMessageA
0x47ab60 DestroyWindow
0x47ab64 DestroyMenu
0x47ab68 DestroyIcon
0x47ab6c DestroyCursor
0x47ab70 DestroyCaret
0x47ab74 DeleteMenu
0x47ab78 DefWindowProcA
0x47ab7c DefMDIChildProcA
0x47ab80 DefFrameProcA
0x47ab84 CreatePopupMenu
0x47ab88 CreateMenu
0x47ab8c CreateIcon
0x47ab90 CreateCaret
0x47ab94 CloseClipboard
0x47ab98 ClientToScreen
0x47ab9c CheckMenuItem
0x47aba0 CallWindowProcA
0x47aba4 CallNextHookEx
0x47aba8 BeginPaint
0x47abac CharNextA
0x47abb0 CharLowerBuffA
0x47abb4 CharLowerA
0x47abb8 CharUpperBuffA
0x47abbc CharToOemA
0x47abc0 AdjustWindowRectEx
0x47abc4 ActivateKeyboardLayout
gdi32.dll
0x47abcc UnrealizeObject
0x47abd0 StretchBlt
0x47abd4 SetWindowOrgEx
0x47abd8 SetWindowExtEx
0x47abdc SetWinMetaFileBits
0x47abe0 SetViewportOrgEx
0x47abe4 SetViewportExtEx
0x47abe8 SetTextColor
0x47abec SetStretchBltMode
0x47abf0 SetROP2
0x47abf4 SetPixel
0x47abf8 SetMapMode
0x47abfc SetEnhMetaFileBits
0x47ac00 SetDIBColorTable
0x47ac04 SetBrushOrgEx
0x47ac08 SetBkMode
0x47ac0c SetBkColor
0x47ac10 SelectPalette
0x47ac14 SelectObject
0x47ac18 SaveDC
0x47ac1c RestoreDC
0x47ac20 Rectangle
0x47ac24 RectVisible
0x47ac28 RealizePalette
0x47ac2c Polyline
0x47ac30 PolyPolyline
0x47ac34 PlayEnhMetaFile
0x47ac38 PatBlt
0x47ac3c MoveToEx
0x47ac40 MaskBlt
0x47ac44 LineTo
0x47ac48 IntersectClipRect
0x47ac4c GetWindowOrgEx
0x47ac50 GetWinMetaFileBits
0x47ac54 GetTextMetricsA
0x47ac58 GetTextExtentPoint32A
0x47ac5c GetSystemPaletteEntries
0x47ac60 GetStockObject
0x47ac64 GetRgnBox
0x47ac68 GetPixel
0x47ac6c GetPaletteEntries
0x47ac70 GetObjectA
0x47ac74 GetEnhMetaFilePaletteEntries
0x47ac78 GetEnhMetaFileHeader
0x47ac7c GetEnhMetaFileBits
0x47ac80 GetDeviceCaps
0x47ac84 GetDIBits
0x47ac88 GetDIBColorTable
0x47ac8c GetDCOrgEx
0x47ac90 GetCurrentPositionEx
0x47ac94 GetClipBox
0x47ac98 GetBrushOrgEx
0x47ac9c GetBitmapBits
0x47aca0 ExtTextOutA
0x47aca4 ExtCreatePen
0x47aca8 ExcludeClipRect
0x47acac DeleteObject
0x47acb0 DeleteEnhMetaFile
0x47acb4 DeleteDC
0x47acb8 CreateSolidBrush
0x47acbc CreatePenIndirect
0x47acc0 CreatePalette
0x47acc4 CreateHalftonePalette
0x47acc8 CreateFontIndirectA
0x47accc CreateDIBitmap
0x47acd0 CreateDIBSection
0x47acd4 CreateCompatibleDC
0x47acd8 CreateCompatibleBitmap
0x47acdc CreateBrushIndirect
0x47ace0 CreateBitmap
0x47ace4 CopyEnhMetaFileA
0x47ace8 BitBlt
version.dll
0x47acf0 VerQueryValueA
0x47acf4 GetFileVersionInfoSizeA
0x47acf8 GetFileVersionInfoA
kernel32.dll
0x47ad00 lstrcpyA
0x47ad04 WriteFile
0x47ad08 WaitForSingleObject
0x47ad0c VirtualQuery
0x47ad10 VirtualAlloc
0x47ad14 SizeofResource
0x47ad18 SetThreadLocale
0x47ad1c SetFilePointer
0x47ad20 SetEvent
0x47ad24 SetErrorMode
0x47ad28 SetEndOfFile
0x47ad2c ResetEvent
0x47ad30 ReadFile
0x47ad34 MultiByteToWideChar
0x47ad38 MulDiv
0x47ad3c LockResource
0x47ad40 LoadResource
0x47ad44 LoadLibraryA
0x47ad48 LeaveCriticalSection
0x47ad4c InitializeCriticalSection
0x47ad50 GlobalUnlock
0x47ad54 GlobalLock
0x47ad58 GlobalFree
0x47ad5c GlobalFindAtomA
0x47ad60 GlobalDeleteAtom
0x47ad64 GlobalAlloc
0x47ad68 GlobalAddAtomA
0x47ad6c GetVersionExA
0x47ad70 GetVersion
0x47ad74 GetTickCount
0x47ad78 GetThreadLocale
0x47ad7c GetStdHandle
0x47ad80 GetProcAddress
0x47ad84 GetModuleHandleA
0x47ad88 GetModuleFileNameA
0x47ad8c GetLocaleInfoA
0x47ad90 GetLocalTime
0x47ad94 GetLastError
0x47ad98 GetFullPathNameA
0x47ad9c GetFileAttributesA
0x47ada0 GetDiskFreeSpaceA
0x47ada4 GetDateFormatA
0x47ada8 GetCurrentThreadId
0x47adac GetCurrentProcessId
0x47adb0 GetComputerNameA
0x47adb4 GetCPInfo
0x47adb8 FreeResource
0x47adbc InterlockedExchange
0x47adc0 FreeLibrary
0x47adc4 FormatMessageA
0x47adc8 FindResourceA
0x47adcc EnumCalendarInfoA
0x47add0 EnterCriticalSection
0x47add4 DeleteCriticalSection
0x47add8 CreateThread
0x47addc CreateFileA
0x47ade0 CreateEventA
0x47ade4 CompareStringA
0x47ade8 CloseHandle
advapi32.dll
0x47adf0 RegQueryValueExA
0x47adf4 RegOpenKeyExA
0x47adf8 RegFlushKey
0x47adfc RegCloseKey
oleaut32.dll
0x47ae04 GetErrorInfo
0x47ae08 GetActiveObject
0x47ae0c SysFreeString
ole32.dll
0x47ae14 CoTaskMemFree
0x47ae18 ProgIDFromCLSID
0x47ae1c StringFromCLSID
0x47ae20 CoCreateInstance
0x47ae24 CoUninitialize
0x47ae28 CoInitialize
0x47ae2c IsEqualGUID
kernel32.dll
0x47ae34 Sleep
oleaut32.dll
0x47ae3c SafeArrayPtrOfIndex
0x47ae40 SafeArrayGetUBound
0x47ae44 SafeArrayGetLBound
0x47ae48 SafeArrayCreate
0x47ae4c VariantChangeType
0x47ae50 VariantCopy
0x47ae54 VariantClear
0x47ae58 VariantInit
comctl32.dll
0x47ae60 _TrackMouseEvent
0x47ae64 ImageList_SetIconSize
0x47ae68 ImageList_GetIconSize
0x47ae6c ImageList_Write
0x47ae70 ImageList_Read
0x47ae74 ImageList_DragShowNolock
0x47ae78 ImageList_DragMove
0x47ae7c ImageList_DragLeave
0x47ae80 ImageList_DragEnter
0x47ae84 ImageList_EndDrag
0x47ae88 ImageList_BeginDrag
0x47ae8c ImageList_Remove
0x47ae90 ImageList_DrawEx
0x47ae94 ImageList_Draw
0x47ae98 ImageList_GetBkColor
0x47ae9c ImageList_SetBkColor
0x47aea0 ImageList_Add
0x47aea4 ImageList_GetImageCount
0x47aea8 ImageList_Destroy
0x47aeac ImageList_Create
comdlg32.dll
0x47aeb4 GetSaveFileNameA
0x47aeb8 GetOpenFileNameA
kernel32.dll
0x47aec0 MulDiv
EAT(Export Address Table) is none