ScreenShot
| Created | 2025.04.21 12:05 | Machine | s1_win7_x6401 |
| Filename | Updater.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 12 detected (Unsafe, GenusT, DOFW, Detected, Artemis, MALICIOUS, susgen, PossibleThreat) | ||
| md5 | a968075b9c1e15e66653aa28e70f2494 | ||
| sha256 | 928f683fac0d06907a892d0c476e7adfe1dbccdb1ea7e228096fe07c0db9025f | ||
| ssdeep | 24576:Hy07u12dt5Cnx/3FCEKb+lINSO28Q3k+hlUj/geBw8yVyQtvi1UtNe9MqZl:Hy0MCt5Cnx/3FCEC+lIQO28Q3k+hEIeL | ||
| imphash | b66b962f1654841b6655c9e59651771a | ||
| impfuzzy | 192:Qn6Uc0NCwFILKThgjWV95+LQfCR4e5EV9Pq:dB0NC2JTHz+LobPq | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| watch | Creates a windows hook that monitors keyboard input (keylogger) |
| watch | File has been identified by 12 AntiVirus engines on VirusTotal as malicious |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Creates executable files on the filesystem |
| notice | Drops an executable to the user AppData folder |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | Collects information to fingerprint the system (MachineGuid |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
Rules (16cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (download) |
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (download) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (download) |
| watch | Malicious_Packer_Zero | Malicious Packer | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (download) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | Is_DotNET_DLL | (no description) | binaries (download) |
| info | IsDLL | (no description) | binaries (download) |
| info | IsPE32 | (no description) | binaries (download) |
| info | IsPE64 | (no description) | binaries (download) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (download) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Suricata ids
SSLBL: Malicious JA3 SSL-Client Fingerprint detected (Tofsee)
PE API
IAT(Import Address Table) Library
WSOCK32.dll
0x1400dfe30 gethostbyname
0x1400dfe38 inet_addr
0x1400dfe40 WSACleanup
0x1400dfe48 gethostname
0x1400dfe50 WSAStartup
WINMM.dll
0x1400dfdc8 mixerGetLineInfoW
0x1400dfdd0 mixerGetDevCapsW
0x1400dfdd8 mixerOpen
0x1400dfde0 mciSendStringW
0x1400dfde8 joyGetPosEx
0x1400dfdf0 mixerGetLineControlsW
0x1400dfdf8 mixerGetControlDetailsW
0x1400dfe00 mixerSetControlDetails
0x1400dfe08 waveOutGetVolume
0x1400dfe10 mixerClose
0x1400dfe18 waveOutSetVolume
0x1400dfe20 joyGetDevCapsW
VERSION.dll
0x1400dfd78 GetFileVersionInfoW
0x1400dfd80 VerQueryValueW
0x1400dfd88 GetFileVersionInfoSizeW
COMCTL32.dll
0x1400df0a0 ImageList_Create
0x1400df0a8 CreateStatusWindowW
0x1400df0b0 ImageList_ReplaceIcon
0x1400df0b8 ImageList_GetIconSize
0x1400df0c0 ImageList_Destroy
0x1400df0c8 ImageList_AddMasked
PSAPI.DLL
0x1400df780 GetProcessImageFileNameW
0x1400df788 GetModuleBaseNameW
0x1400df790 GetModuleFileNameExW
WININET.dll
0x1400dfd98 InternetOpenW
0x1400dfda0 InternetOpenUrlW
0x1400dfda8 InternetCloseHandle
0x1400dfdb0 InternetReadFileExA
0x1400dfdb8 InternetReadFile
KERNEL32.dll
0x1400df210 GetModuleFileNameW
0x1400df218 GetSystemTimeAsFileTime
0x1400df220 FindResourceW
0x1400df228 SizeofResource
0x1400df230 LoadResource
0x1400df238 LockResource
0x1400df240 GetFullPathNameW
0x1400df248 GetShortPathNameW
0x1400df250 FindFirstFileW
0x1400df258 FindNextFileW
0x1400df260 FindClose
0x1400df268 FileTimeToLocalFileTime
0x1400df270 SetEnvironmentVariableW
0x1400df278 Beep
0x1400df280 MoveFileW
0x1400df288 OutputDebugStringW
0x1400df290 CreateProcessW
0x1400df298 GetFileAttributesW
0x1400df2a0 WideCharToMultiByte
0x1400df2a8 MultiByteToWideChar
0x1400df2b0 GetExitCodeProcess
0x1400df2b8 WriteProcessMemory
0x1400df2c0 ReadProcessMemory
0x1400df2c8 GetCurrentProcessId
0x1400df2d0 OpenProcess
0x1400df2d8 TerminateProcess
0x1400df2e0 SetPriorityClass
0x1400df2e8 SetLastError
0x1400df2f0 GetEnvironmentVariableW
0x1400df2f8 GetLocalTime
0x1400df300 GetDateFormatW
0x1400df308 GetTimeFormatW
0x1400df310 GetDiskFreeSpaceExW
0x1400df318 SetVolumeLabelW
0x1400df320 CreateFileW
0x1400df328 DeviceIoControl
0x1400df330 GetDriveTypeW
0x1400df338 GetVolumeInformationW
0x1400df340 GetDiskFreeSpaceW
0x1400df348 GetCurrentDirectoryW
0x1400df350 CreateDirectoryW
0x1400df358 ReadFile
0x1400df360 WriteFile
0x1400df368 DeleteFileW
0x1400df370 SetFileAttributesW
0x1400df378 LocalFileTimeToFileTime
0x1400df380 SetFileTime
0x1400df388 DeleteCriticalSection
0x1400df390 GetSystemTime
0x1400df398 GetSystemDefaultUILanguage
0x1400df3a0 GetComputerNameW
0x1400df3a8 GetSystemWindowsDirectoryW
0x1400df3b0 GetTempPathW
0x1400df3b8 EnterCriticalSection
0x1400df3c0 LeaveCriticalSection
0x1400df3c8 VirtualProtect
0x1400df3d0 QueryDosDeviceW
0x1400df3d8 CompareStringW
0x1400df3e0 RemoveDirectoryW
0x1400df3e8 CopyFileW
0x1400df3f0 GetCurrentProcess
0x1400df3f8 CreateToolhelp32Snapshot
0x1400df400 Process32FirstW
0x1400df408 Process32NextW
0x1400df410 FormatMessageW
0x1400df418 GetPrivateProfileStringW
0x1400df420 GetPrivateProfileSectionW
0x1400df428 GetPrivateProfileSectionNamesW
0x1400df430 WritePrivateProfileStringW
0x1400df438 WritePrivateProfileSectionW
0x1400df440 SetEndOfFile
0x1400df448 GetACP
0x1400df450 GetFileType
0x1400df458 GetStdHandle
0x1400df460 SetFilePointerEx
0x1400df468 SystemTimeToFileTime
0x1400df470 FileTimeToSystemTime
0x1400df478 GetFileSize
0x1400df480 IsWow64Process
0x1400df488 VirtualAllocEx
0x1400df490 VirtualFreeEx
0x1400df498 EnumResourceNamesW
0x1400df4a0 LoadLibraryExW
0x1400df4a8 GlobalSize
0x1400df4b0 HeapReAlloc
0x1400df4b8 EncodePointer
0x1400df4c0 HeapFree
0x1400df4c8 DecodePointer
0x1400df4d0 ExitProcess
0x1400df4d8 HeapAlloc
0x1400df4e0 IsValidCodePage
0x1400df4e8 FlsGetValue
0x1400df4f0 FlsSetValue
0x1400df4f8 FlsFree
0x1400df500 FlsAlloc
0x1400df508 UnhandledExceptionFilter
0x1400df510 SetUnhandledExceptionFilter
0x1400df518 IsDebuggerPresent
0x1400df520 RtlVirtualUnwind
0x1400df528 RtlLookupFunctionEntry
0x1400df530 GetCPInfo
0x1400df538 GetVersionExW
0x1400df540 GetModuleHandleW
0x1400df548 FreeLibrary
0x1400df550 GetProcAddress
0x1400df558 LoadLibraryW
0x1400df560 GetLastError
0x1400df568 CreateMutexW
0x1400df570 CloseHandle
0x1400df578 GetExitCodeThread
0x1400df580 SetThreadPriority
0x1400df588 CreateThread
0x1400df590 GetStringTypeExW
0x1400df598 lstrcmpiW
0x1400df5a0 GetCurrentThreadId
0x1400df5a8 GlobalUnlock
0x1400df5b0 GlobalFree
0x1400df5b8 GlobalAlloc
0x1400df5c0 GlobalLock
0x1400df5c8 SetErrorMode
0x1400df5d0 InitializeCriticalSection
0x1400df5d8 SetCurrentDirectoryW
0x1400df5e0 Sleep
0x1400df5e8 GetTickCount
0x1400df5f0 MulDiv
0x1400df5f8 RtlCaptureContext
0x1400df600 HeapSetInformation
0x1400df608 GetVersion
0x1400df610 HeapCreate
0x1400df618 InitializeCriticalSectionAndSpinCount
0x1400df620 HeapSize
0x1400df628 HeapQueryInformation
0x1400df630 GetCommandLineW
0x1400df638 GetStartupInfoW
0x1400df640 RtlUnwindEx
0x1400df648 SetHandleCount
0x1400df650 GetStringTypeW
0x1400df658 RaiseException
0x1400df660 RtlPcToFileHeader
0x1400df668 LCMapStringW
0x1400df670 GetConsoleCP
0x1400df678 GetConsoleMode
0x1400df680 FreeEnvironmentStringsW
0x1400df688 GetEnvironmentStringsW
0x1400df690 QueryPerformanceCounter
0x1400df698 GetOEMCP
0x1400df6a0 FlushFileBuffers
0x1400df6a8 SetFilePointer
0x1400df6b0 WriteConsoleW
0x1400df6b8 SetStdHandle
0x1400df6c0 GetFileSizeEx
0x1400df6c8 GetProcessHeap
USER32.dll
0x1400df810 GetDlgItem
0x1400df818 SetDlgItemTextW
0x1400df820 MessageBeep
0x1400df828 GetCursorInfo
0x1400df830 GetLastInputInfo
0x1400df838 GetSystemMenu
0x1400df840 GetMenuItemCount
0x1400df848 GetMenuItemID
0x1400df850 GetSubMenu
0x1400df858 GetMenuStringW
0x1400df860 ExitWindowsEx
0x1400df868 SetMenu
0x1400df870 FlashWindow
0x1400df878 GetPropW
0x1400df880 SetPropW
0x1400df888 RemovePropW
0x1400df890 MapWindowPoints
0x1400df898 RedrawWindow
0x1400df8a0 SetWindowLongPtrW
0x1400df8a8 SetParent
0x1400df8b0 GetClassInfoExW
0x1400df8b8 DefDlgProcW
0x1400df8c0 GetAncestor
0x1400df8c8 UpdateWindow
0x1400df8d0 GetMessagePos
0x1400df8d8 GetClassLongPtrW
0x1400df8e0 CallWindowProcW
0x1400df8e8 CheckRadioButton
0x1400df8f0 IntersectRect
0x1400df8f8 GetUpdateRect
0x1400df900 PtInRect
0x1400df908 CreateDialogIndirectParamW
0x1400df910 GetWindowLongPtrW
0x1400df918 CreateAcceleratorTableW
0x1400df920 DestroyAcceleratorTable
0x1400df928 InsertMenuItemW
0x1400df930 SetMenuDefaultItem
0x1400df938 RemoveMenu
0x1400df940 SetMenuItemInfoW
0x1400df948 IsMenu
0x1400df950 GetMenuItemInfoW
0x1400df958 CreateMenu
0x1400df960 CreatePopupMenu
0x1400df968 SetMenuInfo
0x1400df970 AppendMenuW
0x1400df978 DestroyMenu
0x1400df980 TrackPopupMenuEx
0x1400df988 CopyImage
0x1400df990 CreateIconIndirect
0x1400df998 CreateIconFromResourceEx
0x1400df9a0 EnumClipboardFormats
0x1400df9a8 GetWindow
0x1400df9b0 BringWindowToTop
0x1400df9b8 MessageBoxW
0x1400df9c0 GetTopWindow
0x1400df9c8 GetQueueStatus
0x1400df9d0 SendDlgItemMessageW
0x1400df9d8 LoadAcceleratorsW
0x1400df9e0 EnableMenuItem
0x1400df9e8 GetMenu
0x1400df9f0 CreateWindowExW
0x1400df9f8 RegisterClassExW
0x1400dfa00 LoadCursorW
0x1400dfa08 DestroyIcon
0x1400dfa10 IsCharAlphaW
0x1400dfa18 EnableWindow
0x1400dfa20 VkKeyScanExW
0x1400dfa28 MapVirtualKeyExW
0x1400dfa30 GetKeyboardLayoutNameW
0x1400dfa38 ActivateKeyboardLayout
0x1400dfa40 GetGUIThreadInfo
0x1400dfa48 GetWindowTextW
0x1400dfa50 mouse_event
0x1400dfa58 WindowFromPoint
0x1400dfa60 GetSystemMetrics
0x1400dfa68 keybd_event
0x1400dfa70 SetKeyboardState
0x1400dfa78 GetKeyboardState
0x1400dfa80 GetCursorPos
0x1400dfa88 GetAsyncKeyState
0x1400dfa90 AttachThreadInput
0x1400dfa98 SendInput
0x1400dfaa0 UnregisterHotKey
0x1400dfaa8 RegisterHotKey
0x1400dfab0 PostQuitMessage
0x1400dfab8 SendMessageTimeoutW
0x1400dfac0 UnhookWindowsHookEx
0x1400dfac8 SetWindowsHookExW
0x1400dfad0 PostThreadMessageW
0x1400dfad8 IsCharAlphaNumericW
0x1400dfae0 IsCharUpperW
0x1400dfae8 IsCharLowerW
0x1400dfaf0 ToUnicodeEx
0x1400dfaf8 GetKeyboardLayout
0x1400dfb00 CallNextHookEx
0x1400dfb08 CharLowerW
0x1400dfb10 ReleaseDC
0x1400dfb18 GetDC
0x1400dfb20 OpenClipboard
0x1400dfb28 GetClipboardData
0x1400dfb30 GetClipboardFormatNameW
0x1400dfb38 CloseClipboard
0x1400dfb40 SetClipboardData
0x1400dfb48 EmptyClipboard
0x1400dfb50 PostMessageW
0x1400dfb58 FindWindowW
0x1400dfb60 EndDialog
0x1400dfb68 IsWindow
0x1400dfb70 DispatchMessageW
0x1400dfb78 TranslateMessage
0x1400dfb80 ShowWindow
0x1400dfb88 CountClipboardFormats
0x1400dfb90 SetWindowLongW
0x1400dfb98 ScreenToClient
0x1400dfba0 IsDialogMessageW
0x1400dfba8 DialogBoxParamW
0x1400dfbb0 SetForegroundWindow
0x1400dfbb8 DefWindowProcW
0x1400dfbc0 FillRect
0x1400dfbc8 DrawIconEx
0x1400dfbd0 GetSysColorBrush
0x1400dfbd8 GetSysColor
0x1400dfbe0 RegisterWindowMessageW
0x1400dfbe8 EnumDisplayMonitors
0x1400dfbf0 IsIconic
0x1400dfbf8 IsZoomed
0x1400dfc00 EnumWindows
0x1400dfc08 SetClipboardViewer
0x1400dfc10 GetWindowTextLengthW
0x1400dfc18 SendMessageW
0x1400dfc20 IsWindowEnabled
0x1400dfc28 GetWindowLongW
0x1400dfc30 GetKeyState
0x1400dfc38 TranslateAcceleratorW
0x1400dfc40 KillTimer
0x1400dfc48 PeekMessageW
0x1400dfc50 GetFocus
0x1400dfc58 GetClassNameW
0x1400dfc60 GetWindowThreadProcessId
0x1400dfc68 GetForegroundWindow
0x1400dfc70 InvalidateRect
0x1400dfc78 SetLayeredWindowAttributes
0x1400dfc80 SetWindowPos
0x1400dfc88 SetWindowRgn
0x1400dfc90 SetFocus
0x1400dfc98 SetActiveWindow
0x1400dfca0 ClientToScreen
0x1400dfca8 EnumChildWindows
0x1400dfcb0 MoveWindow
0x1400dfcb8 GetWindowRect
0x1400dfcc0 GetMonitorInfoW
0x1400dfcc8 MonitorFromPoint
0x1400dfcd0 GetClientRect
0x1400dfcd8 SystemParametersInfoW
0x1400dfce0 AdjustWindowRectEx
0x1400dfce8 DrawTextW
0x1400dfcf0 SetRect
0x1400dfcf8 GetIconInfo
0x1400dfd00 SetWindowTextW
0x1400dfd08 IsWindowVisible
0x1400dfd10 BlockInput
0x1400dfd18 GetMessageW
0x1400dfd20 SetTimer
0x1400dfd28 GetParent
0x1400dfd30 GetDlgCtrlID
0x1400dfd38 CharUpperW
0x1400dfd40 IsClipboardFormatAvailable
0x1400dfd48 CheckMenuItem
0x1400dfd50 LoadImageW
0x1400dfd58 MapVirtualKeyW
0x1400dfd60 ChangeClipboardChain
0x1400dfd68 DestroyWindow
GDI32.dll
0x1400df0f8 GetPixel
0x1400df100 GetClipRgn
0x1400df108 GetCharABCWidthsW
0x1400df110 SetBkMode
0x1400df118 CreatePatternBrush
0x1400df120 SetBrushOrgEx
0x1400df128 EnumFontFamiliesExW
0x1400df130 CreateDIBSection
0x1400df138 GdiFlush
0x1400df140 SetBkColor
0x1400df148 ExcludeClipRect
0x1400df150 SetTextColor
0x1400df158 GetClipBox
0x1400df160 BitBlt
0x1400df168 CreateCompatibleBitmap
0x1400df170 GetSystemPaletteEntries
0x1400df178 GetDIBits
0x1400df180 CreateCompatibleDC
0x1400df188 CreatePolygonRgn
0x1400df190 CreateRectRgn
0x1400df198 CreateRoundRectRgn
0x1400df1a0 CreateEllipticRgn
0x1400df1a8 DeleteDC
0x1400df1b0 GetObjectW
0x1400df1b8 GetTextMetricsW
0x1400df1c0 GetTextFaceW
0x1400df1c8 SelectObject
0x1400df1d0 GetStockObject
0x1400df1d8 CreateDCW
0x1400df1e0 CreateSolidBrush
0x1400df1e8 CreateFontW
0x1400df1f0 FillRgn
0x1400df1f8 GetDeviceCaps
0x1400df200 DeleteObject
COMDLG32.dll
0x1400df0d8 CommDlgExtendedError
0x1400df0e0 GetSaveFileNameW
0x1400df0e8 GetOpenFileNameW
ADVAPI32.dll
0x1400df000 RegDeleteKeyW
0x1400df008 RegSetValueExW
0x1400df010 RegCreateKeyExW
0x1400df018 RegQueryValueExW
0x1400df020 AdjustTokenPrivileges
0x1400df028 LookupPrivilegeValueW
0x1400df030 OpenProcessToken
0x1400df038 CloseServiceHandle
0x1400df040 UnlockServiceDatabase
0x1400df048 LockServiceDatabase
0x1400df050 OpenSCManagerW
0x1400df058 GetUserNameW
0x1400df060 RegEnumKeyExW
0x1400df068 RegEnumValueW
0x1400df070 RegQueryInfoKeyW
0x1400df078 RegOpenKeyExW
0x1400df080 RegCloseKey
0x1400df088 RegConnectRegistryW
0x1400df090 RegDeleteValueW
SHELL32.dll
0x1400df7a0 DragQueryPoint
0x1400df7a8 SHEmptyRecycleBinW
0x1400df7b0 SHFileOperationW
0x1400df7b8 SHGetPathFromIDListW
0x1400df7c0 SHBrowseForFolderW
0x1400df7c8 SHGetDesktopFolder
0x1400df7d0 SHGetMalloc
0x1400df7d8 SHGetFolderPathW
0x1400df7e0 ShellExecuteExW
0x1400df7e8 Shell_NotifyIconW
0x1400df7f0 DragFinish
0x1400df7f8 DragQueryFileW
0x1400df800 ExtractIconW
ole32.dll
0x1400dfe60 OleInitialize
0x1400dfe68 OleUninitialize
0x1400dfe70 CoCreateInstance
0x1400dfe78 CoInitialize
0x1400dfe80 CoUninitialize
0x1400dfe88 CLSIDFromString
0x1400dfe90 CLSIDFromProgID
0x1400dfe98 CoGetObject
0x1400dfea0 StringFromGUID2
0x1400dfea8 CreateStreamOnHGlobal
OLEAUT32.dll
0x1400df6d8 SafeArrayGetLBound
0x1400df6e0 GetActiveObject
0x1400df6e8 SysStringLen
0x1400df6f0 OleLoadPicture
0x1400df6f8 SafeArrayUnaccessData
0x1400df700 SafeArrayGetElemsize
0x1400df708 SafeArrayAccessData
0x1400df710 SafeArrayUnlock
0x1400df718 SafeArrayPtrOfIndex
0x1400df720 SafeArrayLock
0x1400df728 SafeArrayGetDim
0x1400df730 SafeArrayDestroy
0x1400df738 SafeArrayGetUBound
0x1400df740 VariantCopyInd
0x1400df748 SafeArrayCopy
0x1400df750 SysAllocString
0x1400df758 VariantChangeType
0x1400df760 VariantClear
0x1400df768 SafeArrayCreate
0x1400df770 SysFreeString
EAT(Export Address Table) is none
WSOCK32.dll
0x1400dfe30 gethostbyname
0x1400dfe38 inet_addr
0x1400dfe40 WSACleanup
0x1400dfe48 gethostname
0x1400dfe50 WSAStartup
WINMM.dll
0x1400dfdc8 mixerGetLineInfoW
0x1400dfdd0 mixerGetDevCapsW
0x1400dfdd8 mixerOpen
0x1400dfde0 mciSendStringW
0x1400dfde8 joyGetPosEx
0x1400dfdf0 mixerGetLineControlsW
0x1400dfdf8 mixerGetControlDetailsW
0x1400dfe00 mixerSetControlDetails
0x1400dfe08 waveOutGetVolume
0x1400dfe10 mixerClose
0x1400dfe18 waveOutSetVolume
0x1400dfe20 joyGetDevCapsW
VERSION.dll
0x1400dfd78 GetFileVersionInfoW
0x1400dfd80 VerQueryValueW
0x1400dfd88 GetFileVersionInfoSizeW
COMCTL32.dll
0x1400df0a0 ImageList_Create
0x1400df0a8 CreateStatusWindowW
0x1400df0b0 ImageList_ReplaceIcon
0x1400df0b8 ImageList_GetIconSize
0x1400df0c0 ImageList_Destroy
0x1400df0c8 ImageList_AddMasked
PSAPI.DLL
0x1400df780 GetProcessImageFileNameW
0x1400df788 GetModuleBaseNameW
0x1400df790 GetModuleFileNameExW
WININET.dll
0x1400dfd98 InternetOpenW
0x1400dfda0 InternetOpenUrlW
0x1400dfda8 InternetCloseHandle
0x1400dfdb0 InternetReadFileExA
0x1400dfdb8 InternetReadFile
KERNEL32.dll
0x1400df210 GetModuleFileNameW
0x1400df218 GetSystemTimeAsFileTime
0x1400df220 FindResourceW
0x1400df228 SizeofResource
0x1400df230 LoadResource
0x1400df238 LockResource
0x1400df240 GetFullPathNameW
0x1400df248 GetShortPathNameW
0x1400df250 FindFirstFileW
0x1400df258 FindNextFileW
0x1400df260 FindClose
0x1400df268 FileTimeToLocalFileTime
0x1400df270 SetEnvironmentVariableW
0x1400df278 Beep
0x1400df280 MoveFileW
0x1400df288 OutputDebugStringW
0x1400df290 CreateProcessW
0x1400df298 GetFileAttributesW
0x1400df2a0 WideCharToMultiByte
0x1400df2a8 MultiByteToWideChar
0x1400df2b0 GetExitCodeProcess
0x1400df2b8 WriteProcessMemory
0x1400df2c0 ReadProcessMemory
0x1400df2c8 GetCurrentProcessId
0x1400df2d0 OpenProcess
0x1400df2d8 TerminateProcess
0x1400df2e0 SetPriorityClass
0x1400df2e8 SetLastError
0x1400df2f0 GetEnvironmentVariableW
0x1400df2f8 GetLocalTime
0x1400df300 GetDateFormatW
0x1400df308 GetTimeFormatW
0x1400df310 GetDiskFreeSpaceExW
0x1400df318 SetVolumeLabelW
0x1400df320 CreateFileW
0x1400df328 DeviceIoControl
0x1400df330 GetDriveTypeW
0x1400df338 GetVolumeInformationW
0x1400df340 GetDiskFreeSpaceW
0x1400df348 GetCurrentDirectoryW
0x1400df350 CreateDirectoryW
0x1400df358 ReadFile
0x1400df360 WriteFile
0x1400df368 DeleteFileW
0x1400df370 SetFileAttributesW
0x1400df378 LocalFileTimeToFileTime
0x1400df380 SetFileTime
0x1400df388 DeleteCriticalSection
0x1400df390 GetSystemTime
0x1400df398 GetSystemDefaultUILanguage
0x1400df3a0 GetComputerNameW
0x1400df3a8 GetSystemWindowsDirectoryW
0x1400df3b0 GetTempPathW
0x1400df3b8 EnterCriticalSection
0x1400df3c0 LeaveCriticalSection
0x1400df3c8 VirtualProtect
0x1400df3d0 QueryDosDeviceW
0x1400df3d8 CompareStringW
0x1400df3e0 RemoveDirectoryW
0x1400df3e8 CopyFileW
0x1400df3f0 GetCurrentProcess
0x1400df3f8 CreateToolhelp32Snapshot
0x1400df400 Process32FirstW
0x1400df408 Process32NextW
0x1400df410 FormatMessageW
0x1400df418 GetPrivateProfileStringW
0x1400df420 GetPrivateProfileSectionW
0x1400df428 GetPrivateProfileSectionNamesW
0x1400df430 WritePrivateProfileStringW
0x1400df438 WritePrivateProfileSectionW
0x1400df440 SetEndOfFile
0x1400df448 GetACP
0x1400df450 GetFileType
0x1400df458 GetStdHandle
0x1400df460 SetFilePointerEx
0x1400df468 SystemTimeToFileTime
0x1400df470 FileTimeToSystemTime
0x1400df478 GetFileSize
0x1400df480 IsWow64Process
0x1400df488 VirtualAllocEx
0x1400df490 VirtualFreeEx
0x1400df498 EnumResourceNamesW
0x1400df4a0 LoadLibraryExW
0x1400df4a8 GlobalSize
0x1400df4b0 HeapReAlloc
0x1400df4b8 EncodePointer
0x1400df4c0 HeapFree
0x1400df4c8 DecodePointer
0x1400df4d0 ExitProcess
0x1400df4d8 HeapAlloc
0x1400df4e0 IsValidCodePage
0x1400df4e8 FlsGetValue
0x1400df4f0 FlsSetValue
0x1400df4f8 FlsFree
0x1400df500 FlsAlloc
0x1400df508 UnhandledExceptionFilter
0x1400df510 SetUnhandledExceptionFilter
0x1400df518 IsDebuggerPresent
0x1400df520 RtlVirtualUnwind
0x1400df528 RtlLookupFunctionEntry
0x1400df530 GetCPInfo
0x1400df538 GetVersionExW
0x1400df540 GetModuleHandleW
0x1400df548 FreeLibrary
0x1400df550 GetProcAddress
0x1400df558 LoadLibraryW
0x1400df560 GetLastError
0x1400df568 CreateMutexW
0x1400df570 CloseHandle
0x1400df578 GetExitCodeThread
0x1400df580 SetThreadPriority
0x1400df588 CreateThread
0x1400df590 GetStringTypeExW
0x1400df598 lstrcmpiW
0x1400df5a0 GetCurrentThreadId
0x1400df5a8 GlobalUnlock
0x1400df5b0 GlobalFree
0x1400df5b8 GlobalAlloc
0x1400df5c0 GlobalLock
0x1400df5c8 SetErrorMode
0x1400df5d0 InitializeCriticalSection
0x1400df5d8 SetCurrentDirectoryW
0x1400df5e0 Sleep
0x1400df5e8 GetTickCount
0x1400df5f0 MulDiv
0x1400df5f8 RtlCaptureContext
0x1400df600 HeapSetInformation
0x1400df608 GetVersion
0x1400df610 HeapCreate
0x1400df618 InitializeCriticalSectionAndSpinCount
0x1400df620 HeapSize
0x1400df628 HeapQueryInformation
0x1400df630 GetCommandLineW
0x1400df638 GetStartupInfoW
0x1400df640 RtlUnwindEx
0x1400df648 SetHandleCount
0x1400df650 GetStringTypeW
0x1400df658 RaiseException
0x1400df660 RtlPcToFileHeader
0x1400df668 LCMapStringW
0x1400df670 GetConsoleCP
0x1400df678 GetConsoleMode
0x1400df680 FreeEnvironmentStringsW
0x1400df688 GetEnvironmentStringsW
0x1400df690 QueryPerformanceCounter
0x1400df698 GetOEMCP
0x1400df6a0 FlushFileBuffers
0x1400df6a8 SetFilePointer
0x1400df6b0 WriteConsoleW
0x1400df6b8 SetStdHandle
0x1400df6c0 GetFileSizeEx
0x1400df6c8 GetProcessHeap
USER32.dll
0x1400df810 GetDlgItem
0x1400df818 SetDlgItemTextW
0x1400df820 MessageBeep
0x1400df828 GetCursorInfo
0x1400df830 GetLastInputInfo
0x1400df838 GetSystemMenu
0x1400df840 GetMenuItemCount
0x1400df848 GetMenuItemID
0x1400df850 GetSubMenu
0x1400df858 GetMenuStringW
0x1400df860 ExitWindowsEx
0x1400df868 SetMenu
0x1400df870 FlashWindow
0x1400df878 GetPropW
0x1400df880 SetPropW
0x1400df888 RemovePropW
0x1400df890 MapWindowPoints
0x1400df898 RedrawWindow
0x1400df8a0 SetWindowLongPtrW
0x1400df8a8 SetParent
0x1400df8b0 GetClassInfoExW
0x1400df8b8 DefDlgProcW
0x1400df8c0 GetAncestor
0x1400df8c8 UpdateWindow
0x1400df8d0 GetMessagePos
0x1400df8d8 GetClassLongPtrW
0x1400df8e0 CallWindowProcW
0x1400df8e8 CheckRadioButton
0x1400df8f0 IntersectRect
0x1400df8f8 GetUpdateRect
0x1400df900 PtInRect
0x1400df908 CreateDialogIndirectParamW
0x1400df910 GetWindowLongPtrW
0x1400df918 CreateAcceleratorTableW
0x1400df920 DestroyAcceleratorTable
0x1400df928 InsertMenuItemW
0x1400df930 SetMenuDefaultItem
0x1400df938 RemoveMenu
0x1400df940 SetMenuItemInfoW
0x1400df948 IsMenu
0x1400df950 GetMenuItemInfoW
0x1400df958 CreateMenu
0x1400df960 CreatePopupMenu
0x1400df968 SetMenuInfo
0x1400df970 AppendMenuW
0x1400df978 DestroyMenu
0x1400df980 TrackPopupMenuEx
0x1400df988 CopyImage
0x1400df990 CreateIconIndirect
0x1400df998 CreateIconFromResourceEx
0x1400df9a0 EnumClipboardFormats
0x1400df9a8 GetWindow
0x1400df9b0 BringWindowToTop
0x1400df9b8 MessageBoxW
0x1400df9c0 GetTopWindow
0x1400df9c8 GetQueueStatus
0x1400df9d0 SendDlgItemMessageW
0x1400df9d8 LoadAcceleratorsW
0x1400df9e0 EnableMenuItem
0x1400df9e8 GetMenu
0x1400df9f0 CreateWindowExW
0x1400df9f8 RegisterClassExW
0x1400dfa00 LoadCursorW
0x1400dfa08 DestroyIcon
0x1400dfa10 IsCharAlphaW
0x1400dfa18 EnableWindow
0x1400dfa20 VkKeyScanExW
0x1400dfa28 MapVirtualKeyExW
0x1400dfa30 GetKeyboardLayoutNameW
0x1400dfa38 ActivateKeyboardLayout
0x1400dfa40 GetGUIThreadInfo
0x1400dfa48 GetWindowTextW
0x1400dfa50 mouse_event
0x1400dfa58 WindowFromPoint
0x1400dfa60 GetSystemMetrics
0x1400dfa68 keybd_event
0x1400dfa70 SetKeyboardState
0x1400dfa78 GetKeyboardState
0x1400dfa80 GetCursorPos
0x1400dfa88 GetAsyncKeyState
0x1400dfa90 AttachThreadInput
0x1400dfa98 SendInput
0x1400dfaa0 UnregisterHotKey
0x1400dfaa8 RegisterHotKey
0x1400dfab0 PostQuitMessage
0x1400dfab8 SendMessageTimeoutW
0x1400dfac0 UnhookWindowsHookEx
0x1400dfac8 SetWindowsHookExW
0x1400dfad0 PostThreadMessageW
0x1400dfad8 IsCharAlphaNumericW
0x1400dfae0 IsCharUpperW
0x1400dfae8 IsCharLowerW
0x1400dfaf0 ToUnicodeEx
0x1400dfaf8 GetKeyboardLayout
0x1400dfb00 CallNextHookEx
0x1400dfb08 CharLowerW
0x1400dfb10 ReleaseDC
0x1400dfb18 GetDC
0x1400dfb20 OpenClipboard
0x1400dfb28 GetClipboardData
0x1400dfb30 GetClipboardFormatNameW
0x1400dfb38 CloseClipboard
0x1400dfb40 SetClipboardData
0x1400dfb48 EmptyClipboard
0x1400dfb50 PostMessageW
0x1400dfb58 FindWindowW
0x1400dfb60 EndDialog
0x1400dfb68 IsWindow
0x1400dfb70 DispatchMessageW
0x1400dfb78 TranslateMessage
0x1400dfb80 ShowWindow
0x1400dfb88 CountClipboardFormats
0x1400dfb90 SetWindowLongW
0x1400dfb98 ScreenToClient
0x1400dfba0 IsDialogMessageW
0x1400dfba8 DialogBoxParamW
0x1400dfbb0 SetForegroundWindow
0x1400dfbb8 DefWindowProcW
0x1400dfbc0 FillRect
0x1400dfbc8 DrawIconEx
0x1400dfbd0 GetSysColorBrush
0x1400dfbd8 GetSysColor
0x1400dfbe0 RegisterWindowMessageW
0x1400dfbe8 EnumDisplayMonitors
0x1400dfbf0 IsIconic
0x1400dfbf8 IsZoomed
0x1400dfc00 EnumWindows
0x1400dfc08 SetClipboardViewer
0x1400dfc10 GetWindowTextLengthW
0x1400dfc18 SendMessageW
0x1400dfc20 IsWindowEnabled
0x1400dfc28 GetWindowLongW
0x1400dfc30 GetKeyState
0x1400dfc38 TranslateAcceleratorW
0x1400dfc40 KillTimer
0x1400dfc48 PeekMessageW
0x1400dfc50 GetFocus
0x1400dfc58 GetClassNameW
0x1400dfc60 GetWindowThreadProcessId
0x1400dfc68 GetForegroundWindow
0x1400dfc70 InvalidateRect
0x1400dfc78 SetLayeredWindowAttributes
0x1400dfc80 SetWindowPos
0x1400dfc88 SetWindowRgn
0x1400dfc90 SetFocus
0x1400dfc98 SetActiveWindow
0x1400dfca0 ClientToScreen
0x1400dfca8 EnumChildWindows
0x1400dfcb0 MoveWindow
0x1400dfcb8 GetWindowRect
0x1400dfcc0 GetMonitorInfoW
0x1400dfcc8 MonitorFromPoint
0x1400dfcd0 GetClientRect
0x1400dfcd8 SystemParametersInfoW
0x1400dfce0 AdjustWindowRectEx
0x1400dfce8 DrawTextW
0x1400dfcf0 SetRect
0x1400dfcf8 GetIconInfo
0x1400dfd00 SetWindowTextW
0x1400dfd08 IsWindowVisible
0x1400dfd10 BlockInput
0x1400dfd18 GetMessageW
0x1400dfd20 SetTimer
0x1400dfd28 GetParent
0x1400dfd30 GetDlgCtrlID
0x1400dfd38 CharUpperW
0x1400dfd40 IsClipboardFormatAvailable
0x1400dfd48 CheckMenuItem
0x1400dfd50 LoadImageW
0x1400dfd58 MapVirtualKeyW
0x1400dfd60 ChangeClipboardChain
0x1400dfd68 DestroyWindow
GDI32.dll
0x1400df0f8 GetPixel
0x1400df100 GetClipRgn
0x1400df108 GetCharABCWidthsW
0x1400df110 SetBkMode
0x1400df118 CreatePatternBrush
0x1400df120 SetBrushOrgEx
0x1400df128 EnumFontFamiliesExW
0x1400df130 CreateDIBSection
0x1400df138 GdiFlush
0x1400df140 SetBkColor
0x1400df148 ExcludeClipRect
0x1400df150 SetTextColor
0x1400df158 GetClipBox
0x1400df160 BitBlt
0x1400df168 CreateCompatibleBitmap
0x1400df170 GetSystemPaletteEntries
0x1400df178 GetDIBits
0x1400df180 CreateCompatibleDC
0x1400df188 CreatePolygonRgn
0x1400df190 CreateRectRgn
0x1400df198 CreateRoundRectRgn
0x1400df1a0 CreateEllipticRgn
0x1400df1a8 DeleteDC
0x1400df1b0 GetObjectW
0x1400df1b8 GetTextMetricsW
0x1400df1c0 GetTextFaceW
0x1400df1c8 SelectObject
0x1400df1d0 GetStockObject
0x1400df1d8 CreateDCW
0x1400df1e0 CreateSolidBrush
0x1400df1e8 CreateFontW
0x1400df1f0 FillRgn
0x1400df1f8 GetDeviceCaps
0x1400df200 DeleteObject
COMDLG32.dll
0x1400df0d8 CommDlgExtendedError
0x1400df0e0 GetSaveFileNameW
0x1400df0e8 GetOpenFileNameW
ADVAPI32.dll
0x1400df000 RegDeleteKeyW
0x1400df008 RegSetValueExW
0x1400df010 RegCreateKeyExW
0x1400df018 RegQueryValueExW
0x1400df020 AdjustTokenPrivileges
0x1400df028 LookupPrivilegeValueW
0x1400df030 OpenProcessToken
0x1400df038 CloseServiceHandle
0x1400df040 UnlockServiceDatabase
0x1400df048 LockServiceDatabase
0x1400df050 OpenSCManagerW
0x1400df058 GetUserNameW
0x1400df060 RegEnumKeyExW
0x1400df068 RegEnumValueW
0x1400df070 RegQueryInfoKeyW
0x1400df078 RegOpenKeyExW
0x1400df080 RegCloseKey
0x1400df088 RegConnectRegistryW
0x1400df090 RegDeleteValueW
SHELL32.dll
0x1400df7a0 DragQueryPoint
0x1400df7a8 SHEmptyRecycleBinW
0x1400df7b0 SHFileOperationW
0x1400df7b8 SHGetPathFromIDListW
0x1400df7c0 SHBrowseForFolderW
0x1400df7c8 SHGetDesktopFolder
0x1400df7d0 SHGetMalloc
0x1400df7d8 SHGetFolderPathW
0x1400df7e0 ShellExecuteExW
0x1400df7e8 Shell_NotifyIconW
0x1400df7f0 DragFinish
0x1400df7f8 DragQueryFileW
0x1400df800 ExtractIconW
ole32.dll
0x1400dfe60 OleInitialize
0x1400dfe68 OleUninitialize
0x1400dfe70 CoCreateInstance
0x1400dfe78 CoInitialize
0x1400dfe80 CoUninitialize
0x1400dfe88 CLSIDFromString
0x1400dfe90 CLSIDFromProgID
0x1400dfe98 CoGetObject
0x1400dfea0 StringFromGUID2
0x1400dfea8 CreateStreamOnHGlobal
OLEAUT32.dll
0x1400df6d8 SafeArrayGetLBound
0x1400df6e0 GetActiveObject
0x1400df6e8 SysStringLen
0x1400df6f0 OleLoadPicture
0x1400df6f8 SafeArrayUnaccessData
0x1400df700 SafeArrayGetElemsize
0x1400df708 SafeArrayAccessData
0x1400df710 SafeArrayUnlock
0x1400df718 SafeArrayPtrOfIndex
0x1400df720 SafeArrayLock
0x1400df728 SafeArrayGetDim
0x1400df730 SafeArrayDestroy
0x1400df738 SafeArrayGetUBound
0x1400df740 VariantCopyInd
0x1400df748 SafeArrayCopy
0x1400df750 SysAllocString
0x1400df758 VariantChangeType
0x1400df760 VariantClear
0x1400df768 SafeArrayCreate
0x1400df770 SysFreeString
EAT(Export Address Table) is none