ScreenShot
| Created | 2021.03.17 13:34 | Machine | s1_win7_x6401 |
| Filename | putty.exe | ||
| Type | PE32+ executable (GUI) x86-64, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 1 detected (Malicious) | ||
| md5 | 6fa14b3b1c54a26f0b9bbcd2f6b45899 | ||
| sha256 | 601cdbddfe6ac894daff506167c164c65446f893d1d5e4b95e92d960ff5f52b0 | ||
| ssdeep | 24576:cy2Xx8ZbQ63aRtpjmi9CBBjP0rQw/6zSYUZrpdSdwwDtrmqb:cy2gbQ63Kj1CBSrQwZ1pdSdvDtrmK | ||
| imphash | 2e3215acc61253e5fa73a840384e9720 | ||
| impfuzzy | 96:oO0b11txH/63OxfUvDaS375tKN2Sm68BXTCdjAwhmypAhiONvR83un:oO411txH/63OxfUvDaS37vJ52djk | ||
Network IP location
Signature (9cnts)
| Level | Description |
|---|---|
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | File has been identified by one AntiVirus engine on VirusTotal as malicious |
| notice | Potentially malicious URLs were found in the process memory dump |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| notice | Yara rule detected in process memory |
| info | Checks amount of memory in system |
| info | Checks if process is being debugged by a debugger |
| info | The executable contains unknown PE section names indicative of a packer (could be a false positive) |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (59cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| notice | Str_Win32_Http_API | Match Windows Http API call | memory |
| notice | Str_Win32_Internet_API | Match Windows Inet API call | memory |
| info | anti_dbg | Checks if being debugged | memory |
| info | antisb_threatExpert | Anti-Sandbox checks for ThreatExpert | memory |
| info | Check_Dlls | (no description) | memory |
| info | DebuggerCheck__GlobalFlags | (no description) | memory |
| info | DebuggerCheck__QueryInfo | (no description) | memory |
| info | DebuggerCheck__RemoteAPI | (no description) | memory |
| info | DebuggerException__ConsoleCtrl | (no description) | memory |
| info | DebuggerException__SetConsoleCtrl | (no description) | memory |
| info | DebuggerHiding__Active | (no description) | memory |
| info | DebuggerHiding__Thread | (no description) | memory |
| info | disable_dep | Bypass DEP | memory |
| info | IsPE64 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check Signature Zero | binaries (upload) |
| info | PE_Header_Zero | PE File Signature Zero | binaries (upload) |
| info | SEH__vectored | (no description) | memory |
| info | ThreadControl__Context | (no description) | memory |
| info | win_hook | Affect hook table | memory |
| info | create_com_service | Create a COM server | memory |
| info | create_service | Create a windows service | memory |
| info | cred_local | Steal credential | memory |
| info | escalate_priv | Escalade priviledges | memory |
| info | HasDigitalSignature | DigitalSignature Check | binaries (upload) |
| info | HasOverlay | Overlay Check | binaries (upload) |
| info | inject_thread | Code injection with CreateRemoteThread in a remote process | memory |
| info | IsPacked | Entropy Check | binaries (upload) |
| info | IsWindowsGUI | (no description) | binaries (upload) |
| info | keylogger | Run a keylogger | memory |
| info | migrate_apc | APC queue tasks migration | memory |
| info | network_dga | Communication using dga | memory |
| info | network_dns | Communications use DNS | binaries (upload) |
| info | network_dns | Communications use DNS | memory |
| info | network_dropper | File downloader/dropper | memory |
| info | network_ftp | Communications over FTP | memory |
| info | network_http | Communications over HTTP | memory |
| info | network_p2p_win | Communications over P2P network | memory |
| info | network_tcp_listen | Listen for incoming communication | binaries (upload) |
| info | network_tcp_listen | Listen for incoming communication | memory |
| info | network_tcp_socket | Communications over RAW socket | binaries (upload) |
| info | network_tcp_socket | Communications over RAW socket | memory |
| info | network_udp_sock | Communications over UDP network | memory |
| info | screenshot | Take screenshot | binaries (upload) |
| info | screenshot | Take screenshot | memory |
| info | sniff_audio | Record Audio | memory |
| info | spreading_file | Malware can spread east-west file | memory |
| info | spreading_share | Malware can spread east-west using share drive | memory |
| info | Str_Win32_Wininet_Library | Match Windows Inet API library declaration | memory |
| info | Str_Win32_Winsock2_Library | Match Winsock 2 API library declaration | binaries (upload) |
| info | Str_Win32_Winsock2_Library | Match Winsock 2 API library declaration | memory |
| info | win_files_operation | Affect private profile | binaries (upload) |
| info | win_files_operation | Affect private profile | memory |
| info | win_mutex | Create or check mutex | binaries (upload) |
| info | win_mutex | Create or check mutex | memory |
| info | win_private_profile | Affect private profile | memory |
| info | win_registry | Affect system registries | binaries (upload) |
| info | win_registry | Affect system registries | memory |
| info | win_token | Affect system token | binaries (upload) |
| info | win_token | Affect system token | memory |
Network (0cnts) ?
| Request | CC | ASN Co | IP4 | Rule ? | ZERO ? |
|---|
Suricata ids
PE API
IAT(Import Address Table) Library
GDI32.dll
0x1400c5d00 CreateBitmap
0x1400c5d08 CreateCompatibleBitmap
0x1400c5d10 CreateCompatibleDC
0x1400c5d18 CreateFontA
0x1400c5d20 CreateFontIndirectA
0x1400c5d28 CreatePalette
0x1400c5d30 CreatePen
0x1400c5d38 CreateSolidBrush
0x1400c5d40 DeleteDC
0x1400c5d48 DeleteObject
0x1400c5d50 ExcludeClipRect
0x1400c5d58 ExtTextOutA
0x1400c5d60 ExtTextOutW
0x1400c5d68 GetBkMode
0x1400c5d70 GetCharABCWidthsFloatA
0x1400c5d78 GetCharWidth32A
0x1400c5d80 GetCharWidth32W
0x1400c5d88 GetCharWidthA
0x1400c5d90 GetCharWidthW
0x1400c5d98 GetCharacterPlacementW
0x1400c5da0 GetDeviceCaps
0x1400c5da8 GetObjectA
0x1400c5db0 GetPixel
0x1400c5db8 GetStockObject
0x1400c5dc0 GetTextExtentExPointA
0x1400c5dc8 GetTextExtentPoint32A
0x1400c5dd0 GetTextMetricsA
0x1400c5dd8 IntersectClipRect
0x1400c5de0 LineTo
0x1400c5de8 MoveToEx
0x1400c5df0 Polyline
0x1400c5df8 RealizePalette
0x1400c5e00 Rectangle
0x1400c5e08 SelectObject
0x1400c5e10 SelectPalette
0x1400c5e18 SetBkColor
0x1400c5e20 SetBkMode
0x1400c5e28 SetMapMode
0x1400c5e30 SetPaletteEntries
0x1400c5e38 SetPixel
0x1400c5e40 SetTextAlign
0x1400c5e48 SetTextColor
0x1400c5e50 TextOutA
0x1400c5e58 TranslateCharsetInfo
0x1400c5e60 UnrealizeObject
0x1400c5e68 UpdateColors
USER32.dll
0x1400c5e78 AppendMenuA
0x1400c5e80 BeginPaint
0x1400c5e88 CheckDlgButton
0x1400c5e90 CheckMenuItem
0x1400c5e98 CheckRadioButton
0x1400c5ea0 CloseClipboard
0x1400c5ea8 CreateCaret
0x1400c5eb0 CreateDialogParamA
0x1400c5eb8 CreateMenu
0x1400c5ec0 CreatePopupMenu
0x1400c5ec8 CreateWindowExA
0x1400c5ed0 CreateWindowExW
0x1400c5ed8 DefDlgProcA
0x1400c5ee0 DefWindowProcA
0x1400c5ee8 DefWindowProcW
0x1400c5ef0 DeleteMenu
0x1400c5ef8 DestroyCaret
0x1400c5f00 DestroyIcon
0x1400c5f08 DestroyWindow
0x1400c5f10 DialogBoxParamA
0x1400c5f18 DispatchMessageA
0x1400c5f20 DispatchMessageW
0x1400c5f28 DrawEdge
0x1400c5f30 DrawIconEx
0x1400c5f38 EmptyClipboard
0x1400c5f40 EnableMenuItem
0x1400c5f48 EnableWindow
0x1400c5f50 EndDialog
0x1400c5f58 EndPaint
0x1400c5f60 FindWindowA
0x1400c5f68 FlashWindow
0x1400c5f70 GetCapture
0x1400c5f78 GetCaretBlinkTime
0x1400c5f80 GetClientRect
0x1400c5f88 GetClipboardData
0x1400c5f90 GetClipboardOwner
0x1400c5f98 GetCursorPos
0x1400c5fa0 GetDC
0x1400c5fa8 GetDesktopWindow
0x1400c5fb0 GetDlgItem
0x1400c5fb8 GetDlgItemTextA
0x1400c5fc0 GetDoubleClickTime
0x1400c5fc8 GetForegroundWindow
0x1400c5fd0 GetKeyboardLayout
0x1400c5fd8 GetKeyboardState
0x1400c5fe0 GetMessageA
0x1400c5fe8 GetMessageTime
0x1400c5ff0 GetParent
0x1400c5ff8 GetQueueStatus
0x1400c6000 GetScrollInfo
0x1400c6008 GetSysColor
0x1400c6010 GetSystemMenu
0x1400c6018 GetSystemMetrics
0x1400c6020 GetWindowLongPtrA
0x1400c6028 GetWindowPlacement
0x1400c6030 GetWindowRect
0x1400c6038 GetWindowTextA
0x1400c6040 GetWindowTextLengthA
0x1400c6048 HideCaret
0x1400c6050 InsertMenuA
0x1400c6058 InvalidateRect
0x1400c6060 IsDialogMessageA
0x1400c6068 IsDlgButtonChecked
0x1400c6070 IsIconic
0x1400c6078 IsWindow
0x1400c6080 IsZoomed
0x1400c6088 KillTimer
0x1400c6090 LoadCursorA
0x1400c6098 LoadIconA
0x1400c60a0 LoadImageA
0x1400c60a8 MapDialogRect
0x1400c60b0 MessageBeep
0x1400c60b8 MessageBoxA
0x1400c60c0 MessageBoxIndirectA
0x1400c60c8 MoveWindow
0x1400c60d0 MsgWaitForMultipleObjects
0x1400c60d8 OpenClipboard
0x1400c60e0 PeekMessageA
0x1400c60e8 PeekMessageW
0x1400c60f0 PostMessageA
0x1400c60f8 PostQuitMessage
0x1400c6100 RegisterClassA
0x1400c6108 RegisterClassW
0x1400c6110 RegisterClipboardFormatA
0x1400c6118 RegisterWindowMessageA
0x1400c6120 ReleaseCapture
0x1400c6128 ReleaseDC
0x1400c6130 ScreenToClient
0x1400c6138 SendDlgItemMessageA
0x1400c6140 SendMessageA
0x1400c6148 SetActiveWindow
0x1400c6150 SetCapture
0x1400c6158 SetCaretPos
0x1400c6160 SetClassLongPtrA
0x1400c6168 SetClipboardData
0x1400c6170 SetCursor
0x1400c6178 SetDlgItemTextA
0x1400c6180 SetFocus
0x1400c6188 SetForegroundWindow
0x1400c6190 SetKeyboardState
0x1400c6198 SetScrollInfo
0x1400c61a0 SetTimer
0x1400c61a8 SetWindowLongPtrA
0x1400c61b0 SetWindowPlacement
0x1400c61b8 SetWindowPos
0x1400c61c0 SetWindowTextA
0x1400c61c8 ShowCaret
0x1400c61d0 ShowCursor
0x1400c61d8 ShowWindow
0x1400c61e0 SystemParametersInfoA
0x1400c61e8 ToAsciiEx
0x1400c61f0 TrackPopupMenu
0x1400c61f8 TranslateMessage
0x1400c6200 UpdateWindow
COMDLG32.dll
0x1400c6210 ChooseColorA
0x1400c6218 ChooseFontA
0x1400c6220 GetOpenFileNameA
0x1400c6228 GetSaveFileNameA
SHELL32.dll
0x1400c6238 ShellExecuteA
ole32.dll
0x1400c6248 CoCreateInstance
0x1400c6250 CoInitialize
0x1400c6258 CoUninitialize
IMM32.dll
0x1400c6268 ImmGetCompositionStringW
0x1400c6270 ImmGetContext
0x1400c6278 ImmReleaseContext
0x1400c6280 ImmSetCompositionFontA
0x1400c6288 ImmSetCompositionWindow
ADVAPI32.dll
0x1400c6298 AllocateAndInitializeSid
0x1400c62a0 CopySid
0x1400c62a8 EqualSid
0x1400c62b0 GetLengthSid
0x1400c62b8 GetUserNameA
0x1400c62c0 InitializeSecurityDescriptor
0x1400c62c8 RegCloseKey
0x1400c62d0 RegCreateKeyA
0x1400c62d8 RegCreateKeyExA
0x1400c62e0 RegDeleteKeyA
0x1400c62e8 RegDeleteValueA
0x1400c62f0 RegEnumKeyA
0x1400c62f8 RegOpenKeyA
0x1400c6300 RegQueryValueExA
0x1400c6308 RegSetValueExA
0x1400c6310 SetSecurityDescriptorDacl
0x1400c6318 SetSecurityDescriptorOwner
KERNEL32.dll
0x1400c6328 Beep
0x1400c6330 ClearCommBreak
0x1400c6338 CloseHandle
0x1400c6340 CompareStringW
0x1400c6348 ConnectNamedPipe
0x1400c6350 CreateEventA
0x1400c6358 CreateFileA
0x1400c6360 CreateFileMappingA
0x1400c6368 CreateFileW
0x1400c6370 CreateMutexA
0x1400c6378 CreateNamedPipeA
0x1400c6380 CreatePipe
0x1400c6388 CreateProcessA
0x1400c6390 CreateThread
0x1400c6398 DeleteCriticalSection
0x1400c63a0 DeleteFileA
0x1400c63a8 EnterCriticalSection
0x1400c63b0 ExitProcess
0x1400c63b8 FindClose
0x1400c63c0 FindFirstFileA
0x1400c63c8 FindFirstFileExA
0x1400c63d0 FindNextFileA
0x1400c63d8 FindResourceA
0x1400c63e0 FlushFileBuffers
0x1400c63e8 FormatMessageA
0x1400c63f0 FreeEnvironmentStringsW
0x1400c63f8 FreeLibrary
0x1400c6400 GetACP
0x1400c6408 GetCPInfo
0x1400c6410 GetCommState
0x1400c6418 GetCommandLineA
0x1400c6420 GetCommandLineW
0x1400c6428 GetConsoleCP
0x1400c6430 GetConsoleMode
0x1400c6438 GetCurrentDirectoryA
0x1400c6440 GetCurrentProcess
0x1400c6448 GetCurrentProcessId
0x1400c6450 GetCurrentThread
0x1400c6458 GetCurrentThreadId
0x1400c6460 GetDateFormatW
0x1400c6468 GetEnvironmentStringsW
0x1400c6470 GetEnvironmentVariableA
0x1400c6478 GetFileAttributesExA
0x1400c6480 GetFileType
0x1400c6488 GetLastError
0x1400c6490 GetLocalTime
0x1400c6498 GetLocaleInfoA
0x1400c64a0 GetModuleFileNameA
0x1400c64a8 GetModuleFileNameW
0x1400c64b0 GetModuleHandleA
0x1400c64b8 GetModuleHandleExW
0x1400c64c0 GetModuleHandleW
0x1400c64c8 GetOEMCP
0x1400c64d0 GetOverlappedResult
0x1400c64d8 GetProcAddress
0x1400c64e0 GetProcessHeap
0x1400c64e8 GetProcessTimes
0x1400c64f0 GetStartupInfoW
0x1400c64f8 GetStdHandle
0x1400c6500 GetStringTypeW
0x1400c6508 GetSystemDirectoryA
0x1400c6510 GetSystemTimeAsFileTime
0x1400c6518 GetTempPathA
0x1400c6520 GetThreadTimes
0x1400c6528 GetTickCount
0x1400c6530 GetTimeFormatW
0x1400c6538 GetTimeZoneInformation
0x1400c6540 GetVersionExA
0x1400c6548 GetWindowsDirectoryA
0x1400c6550 GlobalAlloc
0x1400c6558 GlobalFree
0x1400c6560 GlobalLock
0x1400c6568 GlobalMemoryStatus
0x1400c6570 GlobalUnlock
0x1400c6578 HeapAlloc
0x1400c6580 HeapFree
0x1400c6588 HeapReAlloc
0x1400c6590 HeapSize
0x1400c6598 InitializeCriticalSectionAndSpinCount
0x1400c65a0 InitializeSListHead
0x1400c65a8 IsDBCSLeadByteEx
0x1400c65b0 IsDebuggerPresent
0x1400c65b8 IsProcessorFeaturePresent
0x1400c65c0 IsValidCodePage
0x1400c65c8 LCMapStringW
0x1400c65d0 LeaveCriticalSection
0x1400c65d8 LoadLibraryA
0x1400c65e0 LoadLibraryExA
0x1400c65e8 LoadLibraryExW
0x1400c65f0 LoadResource
0x1400c65f8 LocalAlloc
0x1400c6600 LocalFileTimeToFileTime
0x1400c6608 LocalFree
0x1400c6610 LockResource
0x1400c6618 MapViewOfFile
0x1400c6620 MulDiv
0x1400c6628 MultiByteToWideChar
0x1400c6630 OpenProcess
0x1400c6638 OutputDebugStringW
0x1400c6640 QueryPerformanceCounter
0x1400c6648 RaiseException
0x1400c6650 ReadConsoleW
0x1400c6658 ReadFile
0x1400c6660 ReleaseMutex
0x1400c6668 RtlCaptureContext
0x1400c6670 RtlLookupFunctionEntry
0x1400c6678 RtlUnwindEx
0x1400c6680 RtlVirtualUnwind
0x1400c6688 SetCommBreak
0x1400c6690 SetCommState
0x1400c6698 SetCommTimeouts
0x1400c66a0 SetCurrentDirectoryA
0x1400c66a8 SetEndOfFile
0x1400c66b0 SetEnvironmentVariableA
0x1400c66b8 SetEvent
0x1400c66c0 SetFilePointerEx
0x1400c66c8 SetHandleInformation
0x1400c66d0 SetLastError
0x1400c66d8 SetStdHandle
0x1400c66e0 SetUnhandledExceptionFilter
0x1400c66e8 SizeofResource
0x1400c66f0 TerminateProcess
0x1400c66f8 TlsAlloc
0x1400c6700 TlsFree
0x1400c6708 TlsGetValue
0x1400c6710 TlsSetValue
0x1400c6718 UnhandledExceptionFilter
0x1400c6720 UnmapViewOfFile
0x1400c6728 WaitForSingleObject
0x1400c6730 WaitForSingleObjectEx
0x1400c6738 WaitNamedPipeA
0x1400c6740 WideCharToMultiByte
0x1400c6748 WriteConsoleW
0x1400c6750 WriteFile
EAT(Export Address Table) is none
GDI32.dll
0x1400c5d00 CreateBitmap
0x1400c5d08 CreateCompatibleBitmap
0x1400c5d10 CreateCompatibleDC
0x1400c5d18 CreateFontA
0x1400c5d20 CreateFontIndirectA
0x1400c5d28 CreatePalette
0x1400c5d30 CreatePen
0x1400c5d38 CreateSolidBrush
0x1400c5d40 DeleteDC
0x1400c5d48 DeleteObject
0x1400c5d50 ExcludeClipRect
0x1400c5d58 ExtTextOutA
0x1400c5d60 ExtTextOutW
0x1400c5d68 GetBkMode
0x1400c5d70 GetCharABCWidthsFloatA
0x1400c5d78 GetCharWidth32A
0x1400c5d80 GetCharWidth32W
0x1400c5d88 GetCharWidthA
0x1400c5d90 GetCharWidthW
0x1400c5d98 GetCharacterPlacementW
0x1400c5da0 GetDeviceCaps
0x1400c5da8 GetObjectA
0x1400c5db0 GetPixel
0x1400c5db8 GetStockObject
0x1400c5dc0 GetTextExtentExPointA
0x1400c5dc8 GetTextExtentPoint32A
0x1400c5dd0 GetTextMetricsA
0x1400c5dd8 IntersectClipRect
0x1400c5de0 LineTo
0x1400c5de8 MoveToEx
0x1400c5df0 Polyline
0x1400c5df8 RealizePalette
0x1400c5e00 Rectangle
0x1400c5e08 SelectObject
0x1400c5e10 SelectPalette
0x1400c5e18 SetBkColor
0x1400c5e20 SetBkMode
0x1400c5e28 SetMapMode
0x1400c5e30 SetPaletteEntries
0x1400c5e38 SetPixel
0x1400c5e40 SetTextAlign
0x1400c5e48 SetTextColor
0x1400c5e50 TextOutA
0x1400c5e58 TranslateCharsetInfo
0x1400c5e60 UnrealizeObject
0x1400c5e68 UpdateColors
USER32.dll
0x1400c5e78 AppendMenuA
0x1400c5e80 BeginPaint
0x1400c5e88 CheckDlgButton
0x1400c5e90 CheckMenuItem
0x1400c5e98 CheckRadioButton
0x1400c5ea0 CloseClipboard
0x1400c5ea8 CreateCaret
0x1400c5eb0 CreateDialogParamA
0x1400c5eb8 CreateMenu
0x1400c5ec0 CreatePopupMenu
0x1400c5ec8 CreateWindowExA
0x1400c5ed0 CreateWindowExW
0x1400c5ed8 DefDlgProcA
0x1400c5ee0 DefWindowProcA
0x1400c5ee8 DefWindowProcW
0x1400c5ef0 DeleteMenu
0x1400c5ef8 DestroyCaret
0x1400c5f00 DestroyIcon
0x1400c5f08 DestroyWindow
0x1400c5f10 DialogBoxParamA
0x1400c5f18 DispatchMessageA
0x1400c5f20 DispatchMessageW
0x1400c5f28 DrawEdge
0x1400c5f30 DrawIconEx
0x1400c5f38 EmptyClipboard
0x1400c5f40 EnableMenuItem
0x1400c5f48 EnableWindow
0x1400c5f50 EndDialog
0x1400c5f58 EndPaint
0x1400c5f60 FindWindowA
0x1400c5f68 FlashWindow
0x1400c5f70 GetCapture
0x1400c5f78 GetCaretBlinkTime
0x1400c5f80 GetClientRect
0x1400c5f88 GetClipboardData
0x1400c5f90 GetClipboardOwner
0x1400c5f98 GetCursorPos
0x1400c5fa0 GetDC
0x1400c5fa8 GetDesktopWindow
0x1400c5fb0 GetDlgItem
0x1400c5fb8 GetDlgItemTextA
0x1400c5fc0 GetDoubleClickTime
0x1400c5fc8 GetForegroundWindow
0x1400c5fd0 GetKeyboardLayout
0x1400c5fd8 GetKeyboardState
0x1400c5fe0 GetMessageA
0x1400c5fe8 GetMessageTime
0x1400c5ff0 GetParent
0x1400c5ff8 GetQueueStatus
0x1400c6000 GetScrollInfo
0x1400c6008 GetSysColor
0x1400c6010 GetSystemMenu
0x1400c6018 GetSystemMetrics
0x1400c6020 GetWindowLongPtrA
0x1400c6028 GetWindowPlacement
0x1400c6030 GetWindowRect
0x1400c6038 GetWindowTextA
0x1400c6040 GetWindowTextLengthA
0x1400c6048 HideCaret
0x1400c6050 InsertMenuA
0x1400c6058 InvalidateRect
0x1400c6060 IsDialogMessageA
0x1400c6068 IsDlgButtonChecked
0x1400c6070 IsIconic
0x1400c6078 IsWindow
0x1400c6080 IsZoomed
0x1400c6088 KillTimer
0x1400c6090 LoadCursorA
0x1400c6098 LoadIconA
0x1400c60a0 LoadImageA
0x1400c60a8 MapDialogRect
0x1400c60b0 MessageBeep
0x1400c60b8 MessageBoxA
0x1400c60c0 MessageBoxIndirectA
0x1400c60c8 MoveWindow
0x1400c60d0 MsgWaitForMultipleObjects
0x1400c60d8 OpenClipboard
0x1400c60e0 PeekMessageA
0x1400c60e8 PeekMessageW
0x1400c60f0 PostMessageA
0x1400c60f8 PostQuitMessage
0x1400c6100 RegisterClassA
0x1400c6108 RegisterClassW
0x1400c6110 RegisterClipboardFormatA
0x1400c6118 RegisterWindowMessageA
0x1400c6120 ReleaseCapture
0x1400c6128 ReleaseDC
0x1400c6130 ScreenToClient
0x1400c6138 SendDlgItemMessageA
0x1400c6140 SendMessageA
0x1400c6148 SetActiveWindow
0x1400c6150 SetCapture
0x1400c6158 SetCaretPos
0x1400c6160 SetClassLongPtrA
0x1400c6168 SetClipboardData
0x1400c6170 SetCursor
0x1400c6178 SetDlgItemTextA
0x1400c6180 SetFocus
0x1400c6188 SetForegroundWindow
0x1400c6190 SetKeyboardState
0x1400c6198 SetScrollInfo
0x1400c61a0 SetTimer
0x1400c61a8 SetWindowLongPtrA
0x1400c61b0 SetWindowPlacement
0x1400c61b8 SetWindowPos
0x1400c61c0 SetWindowTextA
0x1400c61c8 ShowCaret
0x1400c61d0 ShowCursor
0x1400c61d8 ShowWindow
0x1400c61e0 SystemParametersInfoA
0x1400c61e8 ToAsciiEx
0x1400c61f0 TrackPopupMenu
0x1400c61f8 TranslateMessage
0x1400c6200 UpdateWindow
COMDLG32.dll
0x1400c6210 ChooseColorA
0x1400c6218 ChooseFontA
0x1400c6220 GetOpenFileNameA
0x1400c6228 GetSaveFileNameA
SHELL32.dll
0x1400c6238 ShellExecuteA
ole32.dll
0x1400c6248 CoCreateInstance
0x1400c6250 CoInitialize
0x1400c6258 CoUninitialize
IMM32.dll
0x1400c6268 ImmGetCompositionStringW
0x1400c6270 ImmGetContext
0x1400c6278 ImmReleaseContext
0x1400c6280 ImmSetCompositionFontA
0x1400c6288 ImmSetCompositionWindow
ADVAPI32.dll
0x1400c6298 AllocateAndInitializeSid
0x1400c62a0 CopySid
0x1400c62a8 EqualSid
0x1400c62b0 GetLengthSid
0x1400c62b8 GetUserNameA
0x1400c62c0 InitializeSecurityDescriptor
0x1400c62c8 RegCloseKey
0x1400c62d0 RegCreateKeyA
0x1400c62d8 RegCreateKeyExA
0x1400c62e0 RegDeleteKeyA
0x1400c62e8 RegDeleteValueA
0x1400c62f0 RegEnumKeyA
0x1400c62f8 RegOpenKeyA
0x1400c6300 RegQueryValueExA
0x1400c6308 RegSetValueExA
0x1400c6310 SetSecurityDescriptorDacl
0x1400c6318 SetSecurityDescriptorOwner
KERNEL32.dll
0x1400c6328 Beep
0x1400c6330 ClearCommBreak
0x1400c6338 CloseHandle
0x1400c6340 CompareStringW
0x1400c6348 ConnectNamedPipe
0x1400c6350 CreateEventA
0x1400c6358 CreateFileA
0x1400c6360 CreateFileMappingA
0x1400c6368 CreateFileW
0x1400c6370 CreateMutexA
0x1400c6378 CreateNamedPipeA
0x1400c6380 CreatePipe
0x1400c6388 CreateProcessA
0x1400c6390 CreateThread
0x1400c6398 DeleteCriticalSection
0x1400c63a0 DeleteFileA
0x1400c63a8 EnterCriticalSection
0x1400c63b0 ExitProcess
0x1400c63b8 FindClose
0x1400c63c0 FindFirstFileA
0x1400c63c8 FindFirstFileExA
0x1400c63d0 FindNextFileA
0x1400c63d8 FindResourceA
0x1400c63e0 FlushFileBuffers
0x1400c63e8 FormatMessageA
0x1400c63f0 FreeEnvironmentStringsW
0x1400c63f8 FreeLibrary
0x1400c6400 GetACP
0x1400c6408 GetCPInfo
0x1400c6410 GetCommState
0x1400c6418 GetCommandLineA
0x1400c6420 GetCommandLineW
0x1400c6428 GetConsoleCP
0x1400c6430 GetConsoleMode
0x1400c6438 GetCurrentDirectoryA
0x1400c6440 GetCurrentProcess
0x1400c6448 GetCurrentProcessId
0x1400c6450 GetCurrentThread
0x1400c6458 GetCurrentThreadId
0x1400c6460 GetDateFormatW
0x1400c6468 GetEnvironmentStringsW
0x1400c6470 GetEnvironmentVariableA
0x1400c6478 GetFileAttributesExA
0x1400c6480 GetFileType
0x1400c6488 GetLastError
0x1400c6490 GetLocalTime
0x1400c6498 GetLocaleInfoA
0x1400c64a0 GetModuleFileNameA
0x1400c64a8 GetModuleFileNameW
0x1400c64b0 GetModuleHandleA
0x1400c64b8 GetModuleHandleExW
0x1400c64c0 GetModuleHandleW
0x1400c64c8 GetOEMCP
0x1400c64d0 GetOverlappedResult
0x1400c64d8 GetProcAddress
0x1400c64e0 GetProcessHeap
0x1400c64e8 GetProcessTimes
0x1400c64f0 GetStartupInfoW
0x1400c64f8 GetStdHandle
0x1400c6500 GetStringTypeW
0x1400c6508 GetSystemDirectoryA
0x1400c6510 GetSystemTimeAsFileTime
0x1400c6518 GetTempPathA
0x1400c6520 GetThreadTimes
0x1400c6528 GetTickCount
0x1400c6530 GetTimeFormatW
0x1400c6538 GetTimeZoneInformation
0x1400c6540 GetVersionExA
0x1400c6548 GetWindowsDirectoryA
0x1400c6550 GlobalAlloc
0x1400c6558 GlobalFree
0x1400c6560 GlobalLock
0x1400c6568 GlobalMemoryStatus
0x1400c6570 GlobalUnlock
0x1400c6578 HeapAlloc
0x1400c6580 HeapFree
0x1400c6588 HeapReAlloc
0x1400c6590 HeapSize
0x1400c6598 InitializeCriticalSectionAndSpinCount
0x1400c65a0 InitializeSListHead
0x1400c65a8 IsDBCSLeadByteEx
0x1400c65b0 IsDebuggerPresent
0x1400c65b8 IsProcessorFeaturePresent
0x1400c65c0 IsValidCodePage
0x1400c65c8 LCMapStringW
0x1400c65d0 LeaveCriticalSection
0x1400c65d8 LoadLibraryA
0x1400c65e0 LoadLibraryExA
0x1400c65e8 LoadLibraryExW
0x1400c65f0 LoadResource
0x1400c65f8 LocalAlloc
0x1400c6600 LocalFileTimeToFileTime
0x1400c6608 LocalFree
0x1400c6610 LockResource
0x1400c6618 MapViewOfFile
0x1400c6620 MulDiv
0x1400c6628 MultiByteToWideChar
0x1400c6630 OpenProcess
0x1400c6638 OutputDebugStringW
0x1400c6640 QueryPerformanceCounter
0x1400c6648 RaiseException
0x1400c6650 ReadConsoleW
0x1400c6658 ReadFile
0x1400c6660 ReleaseMutex
0x1400c6668 RtlCaptureContext
0x1400c6670 RtlLookupFunctionEntry
0x1400c6678 RtlUnwindEx
0x1400c6680 RtlVirtualUnwind
0x1400c6688 SetCommBreak
0x1400c6690 SetCommState
0x1400c6698 SetCommTimeouts
0x1400c66a0 SetCurrentDirectoryA
0x1400c66a8 SetEndOfFile
0x1400c66b0 SetEnvironmentVariableA
0x1400c66b8 SetEvent
0x1400c66c0 SetFilePointerEx
0x1400c66c8 SetHandleInformation
0x1400c66d0 SetLastError
0x1400c66d8 SetStdHandle
0x1400c66e0 SetUnhandledExceptionFilter
0x1400c66e8 SizeofResource
0x1400c66f0 TerminateProcess
0x1400c66f8 TlsAlloc
0x1400c6700 TlsFree
0x1400c6708 TlsGetValue
0x1400c6710 TlsSetValue
0x1400c6718 UnhandledExceptionFilter
0x1400c6720 UnmapViewOfFile
0x1400c6728 WaitForSingleObject
0x1400c6730 WaitForSingleObjectEx
0x1400c6738 WaitNamedPipeA
0x1400c6740 WideCharToMultiByte
0x1400c6748 WriteConsoleW
0x1400c6750 WriteFile
EAT(Export Address Table) is none