ScreenShot
| Created | 2025.04.28 09:02 | Machine | s1_win7_x6403 |
| Filename | svchosts.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : mailcious | ||
| VT API (file) | 3 detected (CLOUD) | ||
| md5 | 5c7c5ce42b1507c12d71fbaf2488f283 | ||
| sha256 | f1e505fe96b8f83c84a20995e992b3794b1882df4954406e227bd7b75f13c779 | ||
| ssdeep | 24576:eFLfAfgVNpNPsTQu2F9NpdOg6lEb6jZJRam8g6D+MxRZt/rTQKXZ242gzk8lu:6egVNpNUTcJQqkJRMg6D5rjIn8 | ||
| imphash | 85774b155baf9114ca5909eefff55bb1 | ||
| impfuzzy | 96:7OoaGQ/SyoLAmX3xoJJQhxMVN6kMSu9ts8FTU2OYcfZSlSp1dK0lHvR/:7OWbRosk9w42OYcfolQ1ASV | ||
Network IP location
Signature (5cnts)
| Level | Description |
|---|---|
| notice | File has been identified by 3 AntiVirus engines on VirusTotal as malicious |
| info | One or more processes crashed |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
| info | This executable has a PDB path |
Rules (6cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| warning | Generic_Malware_Zero | Generic Malware | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1400e6278 HeapCreate
0x1400e6280 Sleep
0x1400e6288 GetModuleHandleA
0x1400e6290 GetSystemInfo
0x1400e6298 LoadLibraryA
0x1400e62a0 OpenThread
0x1400e62a8 FileTimeToLocalFileTime
0x1400e62b0 QueryInformationJobObject
0x1400e62b8 FileTimeToSystemTime
0x1400e62c0 CreateDirectoryW
0x1400e62c8 MulDiv
0x1400e62d0 lstrcmpW
0x1400e62d8 FreeResource
0x1400e62e0 FormatMessageW
0x1400e62e8 DecodePointer
0x1400e62f0 GetTickCount64
0x1400e62f8 GetCurrentProcessId
0x1400e6300 lstrcmpiW
0x1400e6308 WriteConsoleW
0x1400e6310 ReadFile
0x1400e6318 SetFilePointerEx
0x1400e6320 GetFileSizeEx
0x1400e6328 GetConsoleOutputCP
0x1400e6330 FlushFileBuffers
0x1400e6338 GetTimeZoneInformation
0x1400e6340 SetStdHandle
0x1400e6348 SetEnvironmentVariableW
0x1400e6350 FreeEnvironmentStringsW
0x1400e6358 GetEnvironmentStringsW
0x1400e6360 GetCommandLineA
0x1400e6368 GetOEMCP
0x1400e6370 GetACP
0x1400e6378 IsValidCodePage
0x1400e6380 FindNextFileW
0x1400e6388 FindFirstFileExW
0x1400e6390 FindClose
0x1400e6398 SetConsoleCtrlHandler
0x1400e63a0 ReadConsoleW
0x1400e63a8 PeekConsoleInputA
0x1400e63b0 ReadConsoleInputW
0x1400e63b8 GetNumberOfConsoleInputEvents
0x1400e63c0 SetConsoleMode
0x1400e63c8 GetConsoleMode
0x1400e63d0 VirtualQuery
0x1400e63d8 GetUserDefaultLCID
0x1400e63e0 IsValidLocale
0x1400e63e8 GetLocaleInfoW
0x1400e63f0 LCMapStringW
0x1400e63f8 CompareStringW
0x1400e6400 GetTimeFormatW
0x1400e6408 GetDateFormatW
0x1400e6410 GetConsoleCP
0x1400e6418 GetModuleHandleExW
0x1400e6420 TlsFree
0x1400e6428 TlsSetValue
0x1400e6430 TlsGetValue
0x1400e6438 TlsAlloc
0x1400e6440 InterlockedFlushSList
0x1400e6448 RtlPcToFileHeader
0x1400e6450 RtlUnwindEx
0x1400e6458 GetCPInfo
0x1400e6460 CompareStringEx
0x1400e6468 GetLocaleInfoEx
0x1400e6470 LCMapStringEx
0x1400e6478 GetStringTypeW
0x1400e6480 WideCharToMultiByte
0x1400e6488 FormatMessageA
0x1400e6490 InterlockedPushEntrySList
0x1400e6498 InterlockedPopEntrySList
0x1400e64a0 EncodePointer
0x1400e64a8 InitializeSListHead
0x1400e64b0 GetSystemTimeAsFileTime
0x1400e64b8 QueryPerformanceCounter
0x1400e64c0 GetStartupInfoW
0x1400e64c8 IsDebuggerPresent
0x1400e64d0 IsProcessorFeaturePresent
0x1400e64d8 SetUnhandledExceptionFilter
0x1400e64e0 UnhandledExceptionFilter
0x1400e64e8 RtlVirtualUnwind
0x1400e64f0 RtlLookupFunctionEntry
0x1400e64f8 RtlCaptureContext
0x1400e6500 CreateEventW
0x1400e6508 WaitForSingleObjectEx
0x1400e6510 ResetEvent
0x1400e6518 SetEvent
0x1400e6520 InitializeCriticalSectionAndSpinCount
0x1400e6528 VirtualFree
0x1400e6530 VirtualProtect
0x1400e6538 VirtualAlloc
0x1400e6540 FlushInstructionCache
0x1400e6548 SetThreadContext
0x1400e6550 GetThreadContext
0x1400e6558 SuspendThread
0x1400e6560 MultiByteToWideChar
0x1400e6568 IsWow64Process
0x1400e6570 WriteProcessMemory
0x1400e6578 ReadProcessMemory
0x1400e6580 VirtualQueryEx
0x1400e6588 VirtualProtectEx
0x1400e6590 VirtualAllocEx
0x1400e6598 OpenProcess
0x1400e65a0 CreateProcessW
0x1400e65a8 CreateProcessA
0x1400e65b0 GetExitCodeProcess
0x1400e65b8 TerminateProcess
0x1400e65c0 ExitProcess
0x1400e65c8 WaitForSingleObject
0x1400e65d0 OutputDebugStringW
0x1400e65d8 GetEnvironmentVariableW
0x1400e65e0 GetEnvironmentVariableA
0x1400e65e8 VerifyVersionInfoW
0x1400e65f0 lstrlenW
0x1400e65f8 LoadLibraryW
0x1400e6600 GetModuleFileNameW
0x1400e6608 FreeLibrary
0x1400e6610 CreateRemoteThreadEx
0x1400e6618 GetThreadId
0x1400e6620 ResumeThread
0x1400e6628 GetCurrentThread
0x1400e6630 CloseHandle
0x1400e6638 GetTempPathW
0x1400e6640 WriteFile
0x1400e6648 CreateFileW
0x1400e6650 VerSetConditionMask
0x1400e6658 GetCurrentThreadId
0x1400e6660 DeleteCriticalSection
0x1400e6668 DebugBreak
0x1400e6670 InitializeCriticalSectionEx
0x1400e6678 LeaveCriticalSection
0x1400e6680 RtlUnwind
0x1400e6688 EnterCriticalSection
0x1400e6690 GetLastError
0x1400e6698 WritePrivateProfileStructW
0x1400e66a0 GetPrivateProfileStructW
0x1400e66a8 GetPrivateProfileSectionW
0x1400e66b0 WritePrivateProfileStringW
0x1400e66b8 GetPrivateProfileStringW
0x1400e66c0 GetPrivateProfileIntW
0x1400e66c8 FindResourceW
0x1400e66d0 SizeofResource
0x1400e66d8 LockResource
0x1400e66e0 LoadResource
0x1400e66e8 FindResourceExW
0x1400e66f0 GetProcessHeap
0x1400e66f8 HeapSize
0x1400e6700 HeapFree
0x1400e6708 HeapReAlloc
0x1400e6710 HeapAlloc
0x1400e6718 HeapDestroy
0x1400e6720 RaiseException
0x1400e6728 GetFileAttributesW
0x1400e6730 GetCurrentProcess
0x1400e6738 GlobalLock
0x1400e6740 GlobalUnlock
0x1400e6748 GlobalAlloc
0x1400e6750 LocalFree
0x1400e6758 LocalAlloc
0x1400e6760 GetProcAddress
0x1400e6768 GetModuleHandleW
0x1400e6770 GetFileType
0x1400e6778 GetCommandLineW
0x1400e6780 GetStdHandle
0x1400e6788 LoadLibraryExW
0x1400e6790 GetVersionExW
0x1400e6798 EnumSystemLocalesW
0x1400e67a0 SetLastError
USER32.dll
0x1400e6800 CreatePopupMenu
0x1400e6808 LoadAcceleratorsW
0x1400e6810 GetCapture
0x1400e6818 GetKeyState
0x1400e6820 CharNextW
0x1400e6828 CharLowerW
0x1400e6830 PostQuitMessage
0x1400e6838 GetMessagePos
0x1400e6840 PeekMessageW
0x1400e6848 DispatchMessageW
0x1400e6850 TranslateMessage
0x1400e6858 GetMessageW
0x1400e6860 DrawFrameControl
0x1400e6868 DrawEdge
0x1400e6870 RegisterWindowMessageW
0x1400e6878 LoadStringA
0x1400e6880 EnableMenuItem
0x1400e6888 GetCursorPos
0x1400e6890 EndDeferWindowPos
0x1400e6898 DeferWindowPos
0x1400e68a0 EnableWindow
0x1400e68a8 MessageBoxW
0x1400e68b0 GetMenuItemID
0x1400e68b8 UnhookWindowsHookEx
0x1400e68c0 LockWindowUpdate
0x1400e68c8 GetMenuItemInfoW
0x1400e68d0 SetCursorPos
0x1400e68d8 InsertMenuW
0x1400e68e0 GetMenuItemCount
0x1400e68e8 GetSubMenu
0x1400e68f0 GetMenuStringW
0x1400e68f8 SetMenu
0x1400e6900 GetMenu
0x1400e6908 LoadMenuW
0x1400e6910 TranslateAcceleratorW
0x1400e6918 GetWindowThreadProcessId
0x1400e6920 GetDlgCtrlID
0x1400e6928 DialogBoxParamW
0x1400e6930 CreateDialogParamW
0x1400e6938 SetWindowPlacement
0x1400e6940 GetWindowPlacement
0x1400e6948 DestroyWindow
0x1400e6950 IsMenu
0x1400e6958 IsWindow
0x1400e6960 LoadStringW
0x1400e6968 AppendMenuW
0x1400e6970 RemoveMenu
0x1400e6978 SetMenuDefaultItem
0x1400e6980 MonitorFromPoint
0x1400e6988 MessageBeep
0x1400e6990 CheckMenuRadioItem
0x1400e6998 SendMessageW
0x1400e69a0 DialogBoxIndirectParamW
0x1400e69a8 EndDialog
0x1400e69b0 GetDlgItem
0x1400e69b8 SetWindowTextW
0x1400e69c0 SetCursor
0x1400e69c8 GetSysColorBrush
0x1400e69d0 WindowFromPoint
0x1400e69d8 ModifyMenuW
0x1400e69e0 SetRectEmpty
0x1400e69e8 GetIconInfo
0x1400e69f0 SetMenuItemInfoW
0x1400e69f8 DestroyMenu
0x1400e6a00 LoadImageW
0x1400e6a08 CheckDlgButton
0x1400e6a10 SetDlgItemInt
0x1400e6a18 GetWindow
0x1400e6a20 MapWindowPoints
0x1400e6a28 GetWindowRect
0x1400e6a30 SetDlgItemTextW
0x1400e6a38 GetAncestor
0x1400e6a40 GetMonitorInfoW
0x1400e6a48 MonitorFromWindow
0x1400e6a50 SystemParametersInfoW
0x1400e6a58 BeginDeferWindowPos
0x1400e6a60 SetScrollInfo
0x1400e6a68 InflateRect
0x1400e6a70 LoadCursorW
0x1400e6a78 OpenClipboard
0x1400e6a80 CloseClipboard
0x1400e6a88 GetActiveWindow
0x1400e6a90 GetScrollInfo
0x1400e6a98 SetClipboardData
0x1400e6aa0 EmptyClipboard
0x1400e6aa8 DefWindowProcW
0x1400e6ab0 CallWindowProcW
0x1400e6ab8 UnregisterClassW
0x1400e6ac0 RegisterClassExW
0x1400e6ac8 GetClassInfoExW
0x1400e6ad0 DestroyIcon
0x1400e6ad8 CallNextHookEx
0x1400e6ae0 SetWindowsHookExW
0x1400e6ae8 GetClassNameW
0x1400e6af0 SetClassLongPtrW
0x1400e6af8 SetWindowLongW
0x1400e6b00 GetWindowLongW
0x1400e6b08 PtInRect
0x1400e6b10 OffsetRect
0x1400e6b18 CopyRect
0x1400e6b20 FrameRect
0x1400e6b28 FillRect
0x1400e6b30 DrawFocusRect
0x1400e6b38 ScreenToClient
0x1400e6b40 ShowScrollBar
0x1400e6b48 SetScrollPos
0x1400e6b50 RedrawWindow
0x1400e6b58 ValidateRect
0x1400e6b60 ReleaseDC
0x1400e6b68 GetWindowDC
0x1400e6b70 GetDC
0x1400e6b78 UpdateWindow
0x1400e6b80 TrackPopupMenuEx
0x1400e6b88 GetSystemMetrics
0x1400e6b90 IsWindowEnabled
0x1400e6b98 ReleaseCapture
0x1400e6ba0 SetCapture
0x1400e6ba8 IsZoomed
0x1400e6bb0 IsWindowVisible
0x1400e6bb8 SetWindowPos
0x1400e6bc0 MoveWindow
0x1400e6bc8 ShowWindow
0x1400e6bd0 IsChild
0x1400e6bd8 PostMessageW
0x1400e6be0 DrawIconEx
0x1400e6be8 GetParent
0x1400e6bf0 SetWindowLongPtrW
0x1400e6bf8 GetWindowLongPtrW
0x1400e6c00 GetSysColor
0x1400e6c08 GetClientRect
0x1400e6c10 GetWindowTextLengthW
0x1400e6c18 GetWindowTextW
0x1400e6c20 InvalidateRect
0x1400e6c28 EndPaint
0x1400e6c30 BeginPaint
0x1400e6c38 DrawTextW
0x1400e6c40 KillTimer
0x1400e6c48 SetTimer
0x1400e6c50 GetFocus
0x1400e6c58 SetFocus
0x1400e6c60 CreateWindowExW
GDI32.dll
0x1400e6140 SetBrushOrgEx
0x1400e6148 PatBlt
0x1400e6150 ExcludeClipRect
0x1400e6158 CreatePatternBrush
0x1400e6160 CreateBitmap
0x1400e6168 CreateDIBSection
0x1400e6170 GetCurrentObject
0x1400e6178 SetViewportOrgEx
0x1400e6180 Polyline
0x1400e6188 Polygon
0x1400e6190 TextOutW
0x1400e6198 MoveToEx
0x1400e61a0 GetTextMetricsW
0x1400e61a8 SetTextAlign
0x1400e61b0 Rectangle
0x1400e61b8 LineTo
0x1400e61c0 GetTextExtentPoint32W
0x1400e61c8 GetStockObject
0x1400e61d0 CreatePen
0x1400e61d8 CreateCompatibleDC
0x1400e61e0 CreateCompatibleBitmap
0x1400e61e8 BitBlt
0x1400e61f0 CreateSolidBrush
0x1400e61f8 ExtTextOutW
0x1400e6200 GetObjectW
0x1400e6208 SetTextColor
0x1400e6210 SetBkMode
0x1400e6218 SetBkColor
0x1400e6220 SelectObject
0x1400e6228 DeleteObject
0x1400e6230 DeleteDC
0x1400e6238 CreateFontIndirectW
0x1400e6240 EndPage
0x1400e6248 GetDeviceCaps
0x1400e6250 SetMapMode
0x1400e6258 StartDocW
0x1400e6260 StartPage
0x1400e6268 EndDoc
COMDLG32.dll
0x1400e6128 PrintDlgW
0x1400e6130 ChooseFontW
ADVAPI32.dll
0x1400e6010 RegCreateKeyW
0x1400e6018 RegOpenKeyW
0x1400e6020 RegOpenKeyExW
0x1400e6028 RegQueryValueExW
0x1400e6030 RegSetValueExW
0x1400e6038 OpenProcessToken
0x1400e6040 AllocateAndInitializeSid
0x1400e6048 EqualSid
0x1400e6050 FreeSid
0x1400e6058 GetTokenInformation
0x1400e6060 GetKernelObjectSecurity
0x1400e6068 MapGenericMask
0x1400e6070 RegCreateKeyExW
0x1400e6078 RegDeleteKeyW
0x1400e6080 RegDeleteValueW
0x1400e6088 RegEnumKeyExW
0x1400e6090 RegCloseKey
0x1400e6098 RegQueryInfoKeyW
SHELL32.dll
0x1400e67d8 SHGetStockIconInfo
0x1400e67e0 ShellExecuteW
0x1400e67e8 ExtractIconExW
0x1400e67f0 SHGetFolderPathW
ole32.dll
0x1400e6cc8 CoTaskMemFree
0x1400e6cd0 CoTaskMemRealloc
0x1400e6cd8 CoTaskMemAlloc
0x1400e6ce0 CoCreateInstance
0x1400e6ce8 CoUninitialize
0x1400e6cf0 CoInitializeEx
0x1400e6cf8 CoInitialize
OLEAUT32.dll
0x1400e67c0 SysFreeString
0x1400e67c8 VarUI4FromStr
COMCTL32.dll
0x1400e60a8 ImageList_DrawEx
0x1400e60b0 ImageList_GetIconSize
0x1400e60b8 ImageList_Create
0x1400e60c0 ImageList_GetImageCount
0x1400e60c8 ImageList_ReplaceIcon
0x1400e60d0 ImageList_DrawIndirect
0x1400e60d8 CreateStatusWindowW
0x1400e60e0 CreatePropertySheetPageW
0x1400e60e8 DestroyPropertySheetPage
0x1400e60f0 PropertySheetW
0x1400e60f8 ImageList_Duplicate
0x1400e6100 ImageList_GetIcon
0x1400e6108 InitCommonControlsEx
0x1400e6110 ImageList_Draw
0x1400e6118 ImageList_Destroy
UxTheme.dll
0x1400e6c70 SetWindowTheme
0x1400e6c78 IsThemeActive
0x1400e6c80 IsAppThemed
MSIMG32.dll
0x1400e67b0 GradientFill
dwmapi.dll
0x1400e6cb0 DwmDefWindowProc
0x1400e6cb8 DwmSetWindowAttribute
VERSION.dll
0x1400e6c90 GetFileVersionInfoW
0x1400e6c98 VerQueryValueW
0x1400e6ca0 GetFileVersionInfoSizeW
ACLUI.dll
0x1400e6000 None
EAT(Export Address Table) is none
KERNEL32.dll
0x1400e6278 HeapCreate
0x1400e6280 Sleep
0x1400e6288 GetModuleHandleA
0x1400e6290 GetSystemInfo
0x1400e6298 LoadLibraryA
0x1400e62a0 OpenThread
0x1400e62a8 FileTimeToLocalFileTime
0x1400e62b0 QueryInformationJobObject
0x1400e62b8 FileTimeToSystemTime
0x1400e62c0 CreateDirectoryW
0x1400e62c8 MulDiv
0x1400e62d0 lstrcmpW
0x1400e62d8 FreeResource
0x1400e62e0 FormatMessageW
0x1400e62e8 DecodePointer
0x1400e62f0 GetTickCount64
0x1400e62f8 GetCurrentProcessId
0x1400e6300 lstrcmpiW
0x1400e6308 WriteConsoleW
0x1400e6310 ReadFile
0x1400e6318 SetFilePointerEx
0x1400e6320 GetFileSizeEx
0x1400e6328 GetConsoleOutputCP
0x1400e6330 FlushFileBuffers
0x1400e6338 GetTimeZoneInformation
0x1400e6340 SetStdHandle
0x1400e6348 SetEnvironmentVariableW
0x1400e6350 FreeEnvironmentStringsW
0x1400e6358 GetEnvironmentStringsW
0x1400e6360 GetCommandLineA
0x1400e6368 GetOEMCP
0x1400e6370 GetACP
0x1400e6378 IsValidCodePage
0x1400e6380 FindNextFileW
0x1400e6388 FindFirstFileExW
0x1400e6390 FindClose
0x1400e6398 SetConsoleCtrlHandler
0x1400e63a0 ReadConsoleW
0x1400e63a8 PeekConsoleInputA
0x1400e63b0 ReadConsoleInputW
0x1400e63b8 GetNumberOfConsoleInputEvents
0x1400e63c0 SetConsoleMode
0x1400e63c8 GetConsoleMode
0x1400e63d0 VirtualQuery
0x1400e63d8 GetUserDefaultLCID
0x1400e63e0 IsValidLocale
0x1400e63e8 GetLocaleInfoW
0x1400e63f0 LCMapStringW
0x1400e63f8 CompareStringW
0x1400e6400 GetTimeFormatW
0x1400e6408 GetDateFormatW
0x1400e6410 GetConsoleCP
0x1400e6418 GetModuleHandleExW
0x1400e6420 TlsFree
0x1400e6428 TlsSetValue
0x1400e6430 TlsGetValue
0x1400e6438 TlsAlloc
0x1400e6440 InterlockedFlushSList
0x1400e6448 RtlPcToFileHeader
0x1400e6450 RtlUnwindEx
0x1400e6458 GetCPInfo
0x1400e6460 CompareStringEx
0x1400e6468 GetLocaleInfoEx
0x1400e6470 LCMapStringEx
0x1400e6478 GetStringTypeW
0x1400e6480 WideCharToMultiByte
0x1400e6488 FormatMessageA
0x1400e6490 InterlockedPushEntrySList
0x1400e6498 InterlockedPopEntrySList
0x1400e64a0 EncodePointer
0x1400e64a8 InitializeSListHead
0x1400e64b0 GetSystemTimeAsFileTime
0x1400e64b8 QueryPerformanceCounter
0x1400e64c0 GetStartupInfoW
0x1400e64c8 IsDebuggerPresent
0x1400e64d0 IsProcessorFeaturePresent
0x1400e64d8 SetUnhandledExceptionFilter
0x1400e64e0 UnhandledExceptionFilter
0x1400e64e8 RtlVirtualUnwind
0x1400e64f0 RtlLookupFunctionEntry
0x1400e64f8 RtlCaptureContext
0x1400e6500 CreateEventW
0x1400e6508 WaitForSingleObjectEx
0x1400e6510 ResetEvent
0x1400e6518 SetEvent
0x1400e6520 InitializeCriticalSectionAndSpinCount
0x1400e6528 VirtualFree
0x1400e6530 VirtualProtect
0x1400e6538 VirtualAlloc
0x1400e6540 FlushInstructionCache
0x1400e6548 SetThreadContext
0x1400e6550 GetThreadContext
0x1400e6558 SuspendThread
0x1400e6560 MultiByteToWideChar
0x1400e6568 IsWow64Process
0x1400e6570 WriteProcessMemory
0x1400e6578 ReadProcessMemory
0x1400e6580 VirtualQueryEx
0x1400e6588 VirtualProtectEx
0x1400e6590 VirtualAllocEx
0x1400e6598 OpenProcess
0x1400e65a0 CreateProcessW
0x1400e65a8 CreateProcessA
0x1400e65b0 GetExitCodeProcess
0x1400e65b8 TerminateProcess
0x1400e65c0 ExitProcess
0x1400e65c8 WaitForSingleObject
0x1400e65d0 OutputDebugStringW
0x1400e65d8 GetEnvironmentVariableW
0x1400e65e0 GetEnvironmentVariableA
0x1400e65e8 VerifyVersionInfoW
0x1400e65f0 lstrlenW
0x1400e65f8 LoadLibraryW
0x1400e6600 GetModuleFileNameW
0x1400e6608 FreeLibrary
0x1400e6610 CreateRemoteThreadEx
0x1400e6618 GetThreadId
0x1400e6620 ResumeThread
0x1400e6628 GetCurrentThread
0x1400e6630 CloseHandle
0x1400e6638 GetTempPathW
0x1400e6640 WriteFile
0x1400e6648 CreateFileW
0x1400e6650 VerSetConditionMask
0x1400e6658 GetCurrentThreadId
0x1400e6660 DeleteCriticalSection
0x1400e6668 DebugBreak
0x1400e6670 InitializeCriticalSectionEx
0x1400e6678 LeaveCriticalSection
0x1400e6680 RtlUnwind
0x1400e6688 EnterCriticalSection
0x1400e6690 GetLastError
0x1400e6698 WritePrivateProfileStructW
0x1400e66a0 GetPrivateProfileStructW
0x1400e66a8 GetPrivateProfileSectionW
0x1400e66b0 WritePrivateProfileStringW
0x1400e66b8 GetPrivateProfileStringW
0x1400e66c0 GetPrivateProfileIntW
0x1400e66c8 FindResourceW
0x1400e66d0 SizeofResource
0x1400e66d8 LockResource
0x1400e66e0 LoadResource
0x1400e66e8 FindResourceExW
0x1400e66f0 GetProcessHeap
0x1400e66f8 HeapSize
0x1400e6700 HeapFree
0x1400e6708 HeapReAlloc
0x1400e6710 HeapAlloc
0x1400e6718 HeapDestroy
0x1400e6720 RaiseException
0x1400e6728 GetFileAttributesW
0x1400e6730 GetCurrentProcess
0x1400e6738 GlobalLock
0x1400e6740 GlobalUnlock
0x1400e6748 GlobalAlloc
0x1400e6750 LocalFree
0x1400e6758 LocalAlloc
0x1400e6760 GetProcAddress
0x1400e6768 GetModuleHandleW
0x1400e6770 GetFileType
0x1400e6778 GetCommandLineW
0x1400e6780 GetStdHandle
0x1400e6788 LoadLibraryExW
0x1400e6790 GetVersionExW
0x1400e6798 EnumSystemLocalesW
0x1400e67a0 SetLastError
USER32.dll
0x1400e6800 CreatePopupMenu
0x1400e6808 LoadAcceleratorsW
0x1400e6810 GetCapture
0x1400e6818 GetKeyState
0x1400e6820 CharNextW
0x1400e6828 CharLowerW
0x1400e6830 PostQuitMessage
0x1400e6838 GetMessagePos
0x1400e6840 PeekMessageW
0x1400e6848 DispatchMessageW
0x1400e6850 TranslateMessage
0x1400e6858 GetMessageW
0x1400e6860 DrawFrameControl
0x1400e6868 DrawEdge
0x1400e6870 RegisterWindowMessageW
0x1400e6878 LoadStringA
0x1400e6880 EnableMenuItem
0x1400e6888 GetCursorPos
0x1400e6890 EndDeferWindowPos
0x1400e6898 DeferWindowPos
0x1400e68a0 EnableWindow
0x1400e68a8 MessageBoxW
0x1400e68b0 GetMenuItemID
0x1400e68b8 UnhookWindowsHookEx
0x1400e68c0 LockWindowUpdate
0x1400e68c8 GetMenuItemInfoW
0x1400e68d0 SetCursorPos
0x1400e68d8 InsertMenuW
0x1400e68e0 GetMenuItemCount
0x1400e68e8 GetSubMenu
0x1400e68f0 GetMenuStringW
0x1400e68f8 SetMenu
0x1400e6900 GetMenu
0x1400e6908 LoadMenuW
0x1400e6910 TranslateAcceleratorW
0x1400e6918 GetWindowThreadProcessId
0x1400e6920 GetDlgCtrlID
0x1400e6928 DialogBoxParamW
0x1400e6930 CreateDialogParamW
0x1400e6938 SetWindowPlacement
0x1400e6940 GetWindowPlacement
0x1400e6948 DestroyWindow
0x1400e6950 IsMenu
0x1400e6958 IsWindow
0x1400e6960 LoadStringW
0x1400e6968 AppendMenuW
0x1400e6970 RemoveMenu
0x1400e6978 SetMenuDefaultItem
0x1400e6980 MonitorFromPoint
0x1400e6988 MessageBeep
0x1400e6990 CheckMenuRadioItem
0x1400e6998 SendMessageW
0x1400e69a0 DialogBoxIndirectParamW
0x1400e69a8 EndDialog
0x1400e69b0 GetDlgItem
0x1400e69b8 SetWindowTextW
0x1400e69c0 SetCursor
0x1400e69c8 GetSysColorBrush
0x1400e69d0 WindowFromPoint
0x1400e69d8 ModifyMenuW
0x1400e69e0 SetRectEmpty
0x1400e69e8 GetIconInfo
0x1400e69f0 SetMenuItemInfoW
0x1400e69f8 DestroyMenu
0x1400e6a00 LoadImageW
0x1400e6a08 CheckDlgButton
0x1400e6a10 SetDlgItemInt
0x1400e6a18 GetWindow
0x1400e6a20 MapWindowPoints
0x1400e6a28 GetWindowRect
0x1400e6a30 SetDlgItemTextW
0x1400e6a38 GetAncestor
0x1400e6a40 GetMonitorInfoW
0x1400e6a48 MonitorFromWindow
0x1400e6a50 SystemParametersInfoW
0x1400e6a58 BeginDeferWindowPos
0x1400e6a60 SetScrollInfo
0x1400e6a68 InflateRect
0x1400e6a70 LoadCursorW
0x1400e6a78 OpenClipboard
0x1400e6a80 CloseClipboard
0x1400e6a88 GetActiveWindow
0x1400e6a90 GetScrollInfo
0x1400e6a98 SetClipboardData
0x1400e6aa0 EmptyClipboard
0x1400e6aa8 DefWindowProcW
0x1400e6ab0 CallWindowProcW
0x1400e6ab8 UnregisterClassW
0x1400e6ac0 RegisterClassExW
0x1400e6ac8 GetClassInfoExW
0x1400e6ad0 DestroyIcon
0x1400e6ad8 CallNextHookEx
0x1400e6ae0 SetWindowsHookExW
0x1400e6ae8 GetClassNameW
0x1400e6af0 SetClassLongPtrW
0x1400e6af8 SetWindowLongW
0x1400e6b00 GetWindowLongW
0x1400e6b08 PtInRect
0x1400e6b10 OffsetRect
0x1400e6b18 CopyRect
0x1400e6b20 FrameRect
0x1400e6b28 FillRect
0x1400e6b30 DrawFocusRect
0x1400e6b38 ScreenToClient
0x1400e6b40 ShowScrollBar
0x1400e6b48 SetScrollPos
0x1400e6b50 RedrawWindow
0x1400e6b58 ValidateRect
0x1400e6b60 ReleaseDC
0x1400e6b68 GetWindowDC
0x1400e6b70 GetDC
0x1400e6b78 UpdateWindow
0x1400e6b80 TrackPopupMenuEx
0x1400e6b88 GetSystemMetrics
0x1400e6b90 IsWindowEnabled
0x1400e6b98 ReleaseCapture
0x1400e6ba0 SetCapture
0x1400e6ba8 IsZoomed
0x1400e6bb0 IsWindowVisible
0x1400e6bb8 SetWindowPos
0x1400e6bc0 MoveWindow
0x1400e6bc8 ShowWindow
0x1400e6bd0 IsChild
0x1400e6bd8 PostMessageW
0x1400e6be0 DrawIconEx
0x1400e6be8 GetParent
0x1400e6bf0 SetWindowLongPtrW
0x1400e6bf8 GetWindowLongPtrW
0x1400e6c00 GetSysColor
0x1400e6c08 GetClientRect
0x1400e6c10 GetWindowTextLengthW
0x1400e6c18 GetWindowTextW
0x1400e6c20 InvalidateRect
0x1400e6c28 EndPaint
0x1400e6c30 BeginPaint
0x1400e6c38 DrawTextW
0x1400e6c40 KillTimer
0x1400e6c48 SetTimer
0x1400e6c50 GetFocus
0x1400e6c58 SetFocus
0x1400e6c60 CreateWindowExW
GDI32.dll
0x1400e6140 SetBrushOrgEx
0x1400e6148 PatBlt
0x1400e6150 ExcludeClipRect
0x1400e6158 CreatePatternBrush
0x1400e6160 CreateBitmap
0x1400e6168 CreateDIBSection
0x1400e6170 GetCurrentObject
0x1400e6178 SetViewportOrgEx
0x1400e6180 Polyline
0x1400e6188 Polygon
0x1400e6190 TextOutW
0x1400e6198 MoveToEx
0x1400e61a0 GetTextMetricsW
0x1400e61a8 SetTextAlign
0x1400e61b0 Rectangle
0x1400e61b8 LineTo
0x1400e61c0 GetTextExtentPoint32W
0x1400e61c8 GetStockObject
0x1400e61d0 CreatePen
0x1400e61d8 CreateCompatibleDC
0x1400e61e0 CreateCompatibleBitmap
0x1400e61e8 BitBlt
0x1400e61f0 CreateSolidBrush
0x1400e61f8 ExtTextOutW
0x1400e6200 GetObjectW
0x1400e6208 SetTextColor
0x1400e6210 SetBkMode
0x1400e6218 SetBkColor
0x1400e6220 SelectObject
0x1400e6228 DeleteObject
0x1400e6230 DeleteDC
0x1400e6238 CreateFontIndirectW
0x1400e6240 EndPage
0x1400e6248 GetDeviceCaps
0x1400e6250 SetMapMode
0x1400e6258 StartDocW
0x1400e6260 StartPage
0x1400e6268 EndDoc
COMDLG32.dll
0x1400e6128 PrintDlgW
0x1400e6130 ChooseFontW
ADVAPI32.dll
0x1400e6010 RegCreateKeyW
0x1400e6018 RegOpenKeyW
0x1400e6020 RegOpenKeyExW
0x1400e6028 RegQueryValueExW
0x1400e6030 RegSetValueExW
0x1400e6038 OpenProcessToken
0x1400e6040 AllocateAndInitializeSid
0x1400e6048 EqualSid
0x1400e6050 FreeSid
0x1400e6058 GetTokenInformation
0x1400e6060 GetKernelObjectSecurity
0x1400e6068 MapGenericMask
0x1400e6070 RegCreateKeyExW
0x1400e6078 RegDeleteKeyW
0x1400e6080 RegDeleteValueW
0x1400e6088 RegEnumKeyExW
0x1400e6090 RegCloseKey
0x1400e6098 RegQueryInfoKeyW
SHELL32.dll
0x1400e67d8 SHGetStockIconInfo
0x1400e67e0 ShellExecuteW
0x1400e67e8 ExtractIconExW
0x1400e67f0 SHGetFolderPathW
ole32.dll
0x1400e6cc8 CoTaskMemFree
0x1400e6cd0 CoTaskMemRealloc
0x1400e6cd8 CoTaskMemAlloc
0x1400e6ce0 CoCreateInstance
0x1400e6ce8 CoUninitialize
0x1400e6cf0 CoInitializeEx
0x1400e6cf8 CoInitialize
OLEAUT32.dll
0x1400e67c0 SysFreeString
0x1400e67c8 VarUI4FromStr
COMCTL32.dll
0x1400e60a8 ImageList_DrawEx
0x1400e60b0 ImageList_GetIconSize
0x1400e60b8 ImageList_Create
0x1400e60c0 ImageList_GetImageCount
0x1400e60c8 ImageList_ReplaceIcon
0x1400e60d0 ImageList_DrawIndirect
0x1400e60d8 CreateStatusWindowW
0x1400e60e0 CreatePropertySheetPageW
0x1400e60e8 DestroyPropertySheetPage
0x1400e60f0 PropertySheetW
0x1400e60f8 ImageList_Duplicate
0x1400e6100 ImageList_GetIcon
0x1400e6108 InitCommonControlsEx
0x1400e6110 ImageList_Draw
0x1400e6118 ImageList_Destroy
UxTheme.dll
0x1400e6c70 SetWindowTheme
0x1400e6c78 IsThemeActive
0x1400e6c80 IsAppThemed
MSIMG32.dll
0x1400e67b0 GradientFill
dwmapi.dll
0x1400e6cb0 DwmDefWindowProc
0x1400e6cb8 DwmSetWindowAttribute
VERSION.dll
0x1400e6c90 GetFileVersionInfoW
0x1400e6c98 VerQueryValueW
0x1400e6ca0 GetFileVersionInfoSizeW
ACLUI.dll
0x1400e6000 None
EAT(Export Address Table) is none