ScreenShot
| Created | 2021.03.24 10:30 | Machine | s1_win7_x6401 |
| Filename | maza54ter.exe | ||
| Type | PE32 executable (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : malware | ||
| VT API (file) | 8 detected (malicious, high confidence, Generic@ML, RDML, VSEtmkkSAetxOIiyg2uwHw, Emotet, score, confidence) | ||
| md5 | 06bab8c2471bf909b73801d1cb458678 | ||
| sha256 | 055234a3607c09868727f44eb871614aba6b3b01ac60174501f127ca0be24642 | ||
| ssdeep | 12288:0GrOiraom1pPA1sGPdqdr6NuR4BKbydWwkBnO7WlK:RhaH1pPYdurWuReqh0WU | ||
| imphash | 7dae3610b92e1224c0550f535f27ee05 | ||
| impfuzzy | 192:Y8zcuSlKJQu7kZ5cP+zU0H/3MVIGGcRcXcxy6KPSDK/3Q3FE:0u0b6kl3MVcEIjSDc3Q3FE | ||
Network IP location
Signature (16cnts)
| Level | Description |
|---|---|
| watch | Communicates with host for which no DNS query was performed |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Checks adapter addresses which can be used to detect virtual network interfaces |
| notice | Checks for the Locally Unique Identifier on the system for a suspicious privilege |
| notice | Creates a suspicious process |
| notice | Creates hidden or system file |
| notice | File has been identified by 8 AntiVirus engines on VirusTotal as malicious |
| notice | HTTP traffic contains suspicious features which may be indicative of malware related traffic |
| notice | One or more potentially interesting buffers were extracted |
| notice | Performs some HTTP requests |
| notice | Terminates another process |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | One or more processes crashed |
| info | Queries for the computername |
| info | The executable uses a known packer |
| info | The file contains an unknown PE resource name possibly indicative of a packer |
Rules (13cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Gen_1_0904B0_Zero | Win32 Trojan Emotet | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check Signature Zero | binaries (upload) |
| info | PE_Header_Zero | PE File Signature Zero | binaries (upload) |
| info | HasRichSignature | Rich Signature Check | binaries (upload) |
| info | IsPacked | Entropy Check | binaries (upload) |
| info | IsWindowsGUI | (no description) | binaries (upload) |
| info | keylogger | Run a keylogger | binaries (upload) |
| info | screenshot | Take screenshot | binaries (upload) |
| info | win_files_operation | Affect private profile | binaries (upload) |
| info | win_private_profile | Affect private profile | binaries (upload) |
| info | win_registry | Affect system registries | binaries (upload) |
Network (5cnts) ?
Suricata ids
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)
ET POLICY OpenSSL Demo CA - Internet Widgits Pty (O)
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x44018c SetUnhandledExceptionFilter
0x440190 LCMapStringA
0x440194 LCMapStringW
0x440198 GetStringTypeA
0x44019c GetStringTypeW
0x4401a0 Sleep
0x4401a4 IsBadReadPtr
0x4401a8 IsBadCodePtr
0x4401ac IsBadWritePtr
0x4401b0 SetStdHandle
0x4401b4 CompareStringA
0x4401b8 CompareStringW
0x4401bc SetEnvironmentVariableA
0x4401c0 VirtualAlloc
0x4401c4 GetProfileStringA
0x4401c8 InterlockedExchange
0x4401cc VirtualFree
0x4401d0 HeapCreate
0x4401d4 HeapDestroy
0x4401d8 GetFileType
0x4401dc GetStdHandle
0x4401e0 SetHandleCount
0x4401e4 GetEnvironmentStringsW
0x4401e8 GetEnvironmentStrings
0x4401ec FreeEnvironmentStringsW
0x4401f0 FreeEnvironmentStringsA
0x4401f4 UnhandledExceptionFilter
0x4401f8 GetTimeZoneInformation
0x4401fc GetACP
0x440200 HeapSize
0x440204 HeapReAlloc
0x440208 RaiseException
0x44020c TerminateProcess
0x440210 HeapFree
0x440214 HeapAlloc
0x440218 GetCommandLineA
0x44021c GetStartupInfoA
0x440220 RtlUnwind
0x440224 FileTimeToLocalFileTime
0x440228 FileTimeToSystemTime
0x44022c SetErrorMode
0x440230 CopyFileA
0x440234 FormatMessageA
0x440238 lstrlenW
0x44023c GlobalSize
0x440240 SystemTimeToFileTime
0x440244 LocalFileTimeToFileTime
0x440248 GetFileSize
0x44024c GetShortPathNameA
0x440250 GetStringTypeExA
0x440254 GetVolumeInformationA
0x440258 FindFirstFileA
0x44025c FindClose
0x440260 DeleteFileA
0x440264 MoveFileA
0x440268 SetEndOfFile
0x44026c UnlockFile
0x440270 LockFile
0x440274 FlushFileBuffers
0x440278 SetFilePointer
0x44027c WriteFile
0x440280 ReadFile
0x440284 CreateFileA
0x440288 GetCurrentProcess
0x44028c DuplicateHandle
0x440290 GetOEMCP
0x440294 GetCPInfo
0x440298 GetThreadLocale
0x44029c GetProcessVersion
0x4402a0 GetCurrentDirectoryA
0x4402a4 TlsGetValue
0x4402a8 LocalReAlloc
0x4402ac TlsSetValue
0x4402b0 EnterCriticalSection
0x4402b4 GlobalReAlloc
0x4402b8 LeaveCriticalSection
0x4402bc TlsFree
0x4402c0 GlobalHandle
0x4402c4 DeleteCriticalSection
0x4402c8 TlsAlloc
0x4402cc InitializeCriticalSection
0x4402d0 LocalFree
0x4402d4 LocalAlloc
0x4402d8 SizeofResource
0x4402dc GlobalFlags
0x4402e0 SetLastError
0x4402e4 WideCharToMultiByte
0x4402e8 InterlockedDecrement
0x4402ec InterlockedIncrement
0x4402f0 GetProfileIntA
0x4402f4 MulDiv
0x4402f8 MultiByteToWideChar
0x4402fc GetLastError
0x440300 GetDiskFreeSpaceA
0x440304 GetFileTime
0x440308 SetFileTime
0x44030c GetFullPathNameA
0x440310 GetTempFileNameA
0x440314 lstrcpynA
0x440318 GetFileAttributesA
0x44031c LoadLibraryA
0x440320 FreeLibrary
0x440324 GetVersion
0x440328 lstrcatA
0x44032c GlobalGetAtomNameA
0x440330 GlobalFindAtomA
0x440334 lstrcpyA
0x440338 GetModuleHandleA
0x44033c GetTickCount
0x440340 lstrlenA
0x440344 WritePrivateProfileStringA
0x440348 GetPrivateProfileStringA
0x44034c GetPrivateProfileIntA
0x440350 GlobalAddAtomA
0x440354 CloseHandle
0x440358 GetModuleFileNameA
0x44035c GlobalDeleteAtom
0x440360 lstrcmpiA
0x440364 GetCurrentThread
0x440368 GetCurrentThreadId
0x44036c lstrcmpA
0x440370 LockResource
0x440374 FindResourceA
0x440378 LoadResource
0x44037c ExitProcess
0x440380 LoadLibraryW
0x440384 GetProcAddress
0x440388 GlobalUnlock
0x44038c GlobalAlloc
0x440390 GlobalLock
0x440394 GlobalFree
USER32.dll
0x4403e0 LockWindowUpdate
0x4403e4 ReleaseCapture
0x4403e8 IsClipboardFormatAvailable
0x4403ec InflateRect
0x4403f0 InvalidateRect
0x4403f4 PtInRect
0x4403f8 FillRect
0x4403fc SetRect
0x440400 GetDC
0x440404 ReleaseDC
0x440408 LoadCursorA
0x44040c DestroyCursor
0x440410 LoadIconA
0x440414 MapWindowPoints
0x440418 GetSysColor
0x44041c AdjustWindowRectEx
0x440420 ScreenToClient
0x440424 EqualRect
0x440428 DeferWindowPos
0x44042c BeginDeferWindowPos
0x440430 CopyRect
0x440434 EndDeferWindowPos
0x440438 ScrollWindow
0x44043c GetScrollInfo
0x440440 SetScrollInfo
0x440444 ShowScrollBar
0x440448 GetScrollRange
0x44044c SetScrollRange
0x440450 GetScrollPos
0x440454 SetScrollPos
0x440458 GetTopWindow
0x44045c IsChild
0x440460 GetCapture
0x440464 WinHelpA
0x440468 GetClassInfoA
0x44046c RegisterClassA
0x440470 GetMenu
0x440474 GetMenuItemCount
0x440478 GetSubMenu
0x44047c GetMenuItemID
0x440480 DefWindowProcA
0x440484 CreateWindowExA
0x440488 GetClassLongA
0x44048c SetPropA
0x440490 UnhookWindowsHookEx
0x440494 GetPropA
0x440498 CallWindowProcA
0x44049c RemovePropA
0x4404a0 GetMessageTime
0x4404a4 GetMessagePos
0x4404a8 GetForegroundWindow
0x4404ac SetForegroundWindow
0x4404b0 RegisterWindowMessageA
0x4404b4 OffsetRect
0x4404b8 IntersectRect
0x4404bc SystemParametersInfoA
0x4404c0 IsIconic
0x4404c4 GetWindowPlacement
0x4404c8 GetWindowRect
0x4404cc GetDCEx
0x4404d0 GetWindow
0x4404d4 SetWindowContextHelpId
0x4404d8 RegisterClipboardFormatA
0x4404dc GetTabbedTextExtentA
0x4404e0 SetFocus
0x4404e4 ShowWindow
0x4404e8 SetWindowPos
0x4404ec MoveWindow
0x4404f0 SetWindowLongA
0x4404f4 GetDlgCtrlID
0x4404f8 GetWindowTextLengthA
0x4404fc GetWindowTextA
0x440500 SetWindowTextA
0x440504 IsDialogMessageA
0x440508 SetDlgItemTextA
0x44050c SendDlgItemMessageA
0x440510 GetMenuCheckMarkDimensions
0x440514 LoadBitmapA
0x440518 GetMenuState
0x44051c ModifyMenuA
0x440520 SetMenuItemBitmaps
0x440524 CheckMenuItem
0x440528 EnableMenuItem
0x44052c GetFocus
0x440530 GetMessageA
0x440534 TranslateMessage
0x440538 DispatchMessageA
0x44053c GetKeyState
0x440540 CallNextHookEx
0x440544 ValidateRect
0x440548 IsWindowVisible
0x44054c PeekMessageA
0x440550 UpdateWindow
0x440554 UnregisterClassA
0x440558 HideCaret
0x44055c ShowCaret
0x440560 ExcludeUpdateRgn
0x440564 DrawFocusRect
0x440568 DefDlgProcA
0x44056c IsWindowUnicode
0x440570 EnableWindow
0x440574 GetClientRect
0x440578 FindWindowA
0x44057c GetCursorPos
0x440580 SetWindowsHookExA
0x440584 GetLastActivePopup
0x440588 MessageBoxA
0x44058c SetCursor
0x440590 ShowOwnedPopups
0x440594 PostMessageA
0x440598 PostQuitMessage
0x44059c GetNextDlgTabItem
0x4405a0 EndDialog
0x4405a4 GetActiveWindow
0x4405a8 SetActiveWindow
0x4405ac IsWindow
0x4405b0 GetSystemMetrics
0x4405b4 CreateDialogIndirectParamA
0x4405b8 InvertRect
0x4405bc WindowFromPoint
0x4405c0 KillTimer
0x4405c4 SetTimer
0x4405c8 MapDialogRect
0x4405cc DestroyWindow
0x4405d0 GetParent
0x4405d4 GetWindowLongA
0x4405d8 GetDlgItem
0x4405dc IsWindowEnabled
0x4405e0 OpenClipboard
0x4405e4 EmptyClipboard
0x4405e8 SetClipboardData
0x4405ec CloseClipboard
0x4405f0 SendMessageA
0x4405f4 CharUpperA
0x4405f8 MessageBeep
0x4405fc GetNextDlgGroupItem
0x440600 CopyAcceleratorTableA
0x440604 CharNextA
0x440608 PostThreadMessageA
0x44060c DestroyIcon
0x440610 LoadStringA
0x440614 GetSysColorBrush
0x440618 GetMenuStringA
0x44061c InsertMenuA
0x440620 GrayStringA
0x440624 DrawTextA
0x440628 TabbedTextOutA
0x44062c EndPaint
0x440630 BeginPaint
0x440634 GetWindowDC
0x440638 ClientToScreen
0x44063c GetClassNameA
0x440640 GetSystemMenu
0x440644 DeleteMenu
0x440648 AppendMenuA
0x44064c SetParent
0x440650 IsZoomed
0x440654 BringWindowToTop
0x440658 UnpackDDElParam
0x44065c ReuseDDElParam
0x440660 SetMenu
0x440664 LoadMenuA
0x440668 DestroyMenu
0x44066c GetDesktopWindow
0x440670 TranslateAcceleratorA
0x440674 LoadAcceleratorsA
0x440678 SetRectEmpty
0x44067c wsprintfA
0x440680 IsRectEmpty
0x440684 SetCapture
GDI32.dll
0x440048 StretchDIBits
0x44004c CreateCompatibleDC
0x440050 CreateCompatibleBitmap
0x440054 DeleteObject
0x440058 GetCharWidthA
0x44005c CreateFontA
0x440060 CreateFontIndirectA
0x440064 SaveDC
0x440068 RestoreDC
0x44006c SetBkMode
0x440070 SetPolyFillMode
0x440074 SetROP2
0x440078 SetStretchBltMode
0x44007c SetMapMode
0x440080 SetViewportOrgEx
0x440084 OffsetViewportOrgEx
0x440088 SetViewportExtEx
0x44008c ScaleViewportExtEx
0x440090 SetWindowOrgEx
0x440094 SetWindowExtEx
0x440098 ScaleWindowExtEx
0x44009c SelectClipRgn
0x4400a0 ExcludeClipRect
0x4400a4 IntersectClipRect
0x4400a8 MoveToEx
0x4400ac LineTo
0x4400b0 SetTextAlign
0x4400b4 GetCurrentPositionEx
0x4400b8 GetTextMetricsA
0x4400bc CreateRectRgn
0x4400c0 GetViewportExtEx
0x4400c4 GetWindowExtEx
0x4400c8 CreateSolidBrush
0x4400cc CreatePatternBrush
0x4400d0 PtVisible
0x4400d4 RectVisible
0x4400d8 TextOutA
0x4400dc ExtTextOutA
0x4400e0 Escape
0x4400e4 GetTextColor
0x4400e8 GetBkColor
0x4400ec LPtoDP
0x4400f0 GetNearestColor
0x4400f4 GetStretchBltMode
0x4400f8 GetPolyFillMode
0x4400fc GetTextAlign
0x440100 GetBkMode
0x440104 GetROP2
0x440108 GetTextFaceA
0x44010c GetWindowOrgEx
0x440110 GetMapMode
0x440114 SetRectRgn
0x440118 CombineRgn
0x44011c CopyMetaFileA
0x440120 BitBlt
0x440124 SelectObject
0x440128 GetTextExtentPoint32A
0x44012c CreateRectRgnIndirect
0x440130 DeleteDC
0x440134 CreateDCA
0x440138 SetAbortProc
0x44013c StartDocA
0x440140 StartPage
0x440144 EndPage
0x440148 EndDoc
0x44014c AbortDoc
0x440150 GetViewportOrgEx
0x440154 CreatePen
0x440158 DPtoLP
0x44015c Rectangle
0x440160 GetStockObject
0x440164 PatBlt
0x440168 GetDeviceCaps
0x44016c GetObjectA
0x440170 SetBkColor
0x440174 SetTextColor
0x440178 GetClipBox
0x44017c CreateDIBitmap
0x440180 GetTextExtentPointA
0x440184 CreateBitmap
comdlg32.dll
0x44069c GetSaveFileNameA
0x4406a0 GetFileTitleA
0x4406a4 GetOpenFileNameA
0x4406a8 CommDlgExtendedError
0x4406ac PrintDlgA
WINSPOOL.DRV
0x44068c OpenPrinterA
0x440690 DocumentPropertiesA
0x440694 ClosePrinter
ADVAPI32.dll
0x440000 GetFileSecurityA
0x440004 RegCloseKey
0x440008 RegEnumKeyA
0x44000c RegOpenKeyA
0x440010 RegDeleteKeyA
0x440014 RegCreateKeyExA
0x440018 RegOpenKeyExA
0x44001c RegQueryValueExA
0x440020 RegSetValueExA
0x440024 RegSetValueA
0x440028 RegCreateKeyA
0x44002c RegQueryValueA
0x440030 SetFileSecurityA
0x440034 RegDeleteValueA
SHELL32.dll
0x4403cc ExtractIconA
0x4403d0 DragFinish
0x4403d4 DragQueryFileA
0x4403d8 SHGetFileInfoA
COMCTL32.dll
0x44003c None
0x440040 ImageList_Destroy
oledlg.dll
0x440714 None
ole32.dll
0x4406b4 OleDuplicateData
0x4406b8 CreateStreamOnHGlobal
0x4406bc CoTaskMemAlloc
0x4406c0 CreateILockBytesOnHGlobal
0x4406c4 StgCreateDocfileOnILockBytes
0x4406c8 StgOpenStorageOnILockBytes
0x4406cc CoRevokeClassObject
0x4406d0 CoGetClassObject
0x4406d4 CoRegisterMessageFilter
0x4406d8 DoDragDrop
0x4406dc OleFlushClipboard
0x4406e0 OleGetClipboard
0x4406e4 ReleaseStgMedium
0x4406e8 CoTaskMemFree
0x4406ec RevokeDragDrop
0x4406f0 CoLockObjectExternal
0x4406f4 RegisterDragDrop
0x4406f8 CLSIDFromString
0x4406fc CLSIDFromProgID
0x440700 CoFreeUnusedLibraries
0x440704 OleUninitialize
0x440708 OleInitialize
0x44070c OleIsCurrentClipboard
OLEPRO32.DLL
0x4403c4 None
OLEAUT32.dll
0x44039c SysAllocStringByteLen
0x4403a0 SysFreeString
0x4403a4 SysAllocStringLen
0x4403a8 VariantClear
0x4403ac VariantTimeToSystemTime
0x4403b0 VariantChangeType
0x4403b4 SysAllocString
0x4403b8 VariantCopy
0x4403bc SysStringLen
EAT(Export Address Table) is none
KERNEL32.dll
0x44018c SetUnhandledExceptionFilter
0x440190 LCMapStringA
0x440194 LCMapStringW
0x440198 GetStringTypeA
0x44019c GetStringTypeW
0x4401a0 Sleep
0x4401a4 IsBadReadPtr
0x4401a8 IsBadCodePtr
0x4401ac IsBadWritePtr
0x4401b0 SetStdHandle
0x4401b4 CompareStringA
0x4401b8 CompareStringW
0x4401bc SetEnvironmentVariableA
0x4401c0 VirtualAlloc
0x4401c4 GetProfileStringA
0x4401c8 InterlockedExchange
0x4401cc VirtualFree
0x4401d0 HeapCreate
0x4401d4 HeapDestroy
0x4401d8 GetFileType
0x4401dc GetStdHandle
0x4401e0 SetHandleCount
0x4401e4 GetEnvironmentStringsW
0x4401e8 GetEnvironmentStrings
0x4401ec FreeEnvironmentStringsW
0x4401f0 FreeEnvironmentStringsA
0x4401f4 UnhandledExceptionFilter
0x4401f8 GetTimeZoneInformation
0x4401fc GetACP
0x440200 HeapSize
0x440204 HeapReAlloc
0x440208 RaiseException
0x44020c TerminateProcess
0x440210 HeapFree
0x440214 HeapAlloc
0x440218 GetCommandLineA
0x44021c GetStartupInfoA
0x440220 RtlUnwind
0x440224 FileTimeToLocalFileTime
0x440228 FileTimeToSystemTime
0x44022c SetErrorMode
0x440230 CopyFileA
0x440234 FormatMessageA
0x440238 lstrlenW
0x44023c GlobalSize
0x440240 SystemTimeToFileTime
0x440244 LocalFileTimeToFileTime
0x440248 GetFileSize
0x44024c GetShortPathNameA
0x440250 GetStringTypeExA
0x440254 GetVolumeInformationA
0x440258 FindFirstFileA
0x44025c FindClose
0x440260 DeleteFileA
0x440264 MoveFileA
0x440268 SetEndOfFile
0x44026c UnlockFile
0x440270 LockFile
0x440274 FlushFileBuffers
0x440278 SetFilePointer
0x44027c WriteFile
0x440280 ReadFile
0x440284 CreateFileA
0x440288 GetCurrentProcess
0x44028c DuplicateHandle
0x440290 GetOEMCP
0x440294 GetCPInfo
0x440298 GetThreadLocale
0x44029c GetProcessVersion
0x4402a0 GetCurrentDirectoryA
0x4402a4 TlsGetValue
0x4402a8 LocalReAlloc
0x4402ac TlsSetValue
0x4402b0 EnterCriticalSection
0x4402b4 GlobalReAlloc
0x4402b8 LeaveCriticalSection
0x4402bc TlsFree
0x4402c0 GlobalHandle
0x4402c4 DeleteCriticalSection
0x4402c8 TlsAlloc
0x4402cc InitializeCriticalSection
0x4402d0 LocalFree
0x4402d4 LocalAlloc
0x4402d8 SizeofResource
0x4402dc GlobalFlags
0x4402e0 SetLastError
0x4402e4 WideCharToMultiByte
0x4402e8 InterlockedDecrement
0x4402ec InterlockedIncrement
0x4402f0 GetProfileIntA
0x4402f4 MulDiv
0x4402f8 MultiByteToWideChar
0x4402fc GetLastError
0x440300 GetDiskFreeSpaceA
0x440304 GetFileTime
0x440308 SetFileTime
0x44030c GetFullPathNameA
0x440310 GetTempFileNameA
0x440314 lstrcpynA
0x440318 GetFileAttributesA
0x44031c LoadLibraryA
0x440320 FreeLibrary
0x440324 GetVersion
0x440328 lstrcatA
0x44032c GlobalGetAtomNameA
0x440330 GlobalFindAtomA
0x440334 lstrcpyA
0x440338 GetModuleHandleA
0x44033c GetTickCount
0x440340 lstrlenA
0x440344 WritePrivateProfileStringA
0x440348 GetPrivateProfileStringA
0x44034c GetPrivateProfileIntA
0x440350 GlobalAddAtomA
0x440354 CloseHandle
0x440358 GetModuleFileNameA
0x44035c GlobalDeleteAtom
0x440360 lstrcmpiA
0x440364 GetCurrentThread
0x440368 GetCurrentThreadId
0x44036c lstrcmpA
0x440370 LockResource
0x440374 FindResourceA
0x440378 LoadResource
0x44037c ExitProcess
0x440380 LoadLibraryW
0x440384 GetProcAddress
0x440388 GlobalUnlock
0x44038c GlobalAlloc
0x440390 GlobalLock
0x440394 GlobalFree
USER32.dll
0x4403e0 LockWindowUpdate
0x4403e4 ReleaseCapture
0x4403e8 IsClipboardFormatAvailable
0x4403ec InflateRect
0x4403f0 InvalidateRect
0x4403f4 PtInRect
0x4403f8 FillRect
0x4403fc SetRect
0x440400 GetDC
0x440404 ReleaseDC
0x440408 LoadCursorA
0x44040c DestroyCursor
0x440410 LoadIconA
0x440414 MapWindowPoints
0x440418 GetSysColor
0x44041c AdjustWindowRectEx
0x440420 ScreenToClient
0x440424 EqualRect
0x440428 DeferWindowPos
0x44042c BeginDeferWindowPos
0x440430 CopyRect
0x440434 EndDeferWindowPos
0x440438 ScrollWindow
0x44043c GetScrollInfo
0x440440 SetScrollInfo
0x440444 ShowScrollBar
0x440448 GetScrollRange
0x44044c SetScrollRange
0x440450 GetScrollPos
0x440454 SetScrollPos
0x440458 GetTopWindow
0x44045c IsChild
0x440460 GetCapture
0x440464 WinHelpA
0x440468 GetClassInfoA
0x44046c RegisterClassA
0x440470 GetMenu
0x440474 GetMenuItemCount
0x440478 GetSubMenu
0x44047c GetMenuItemID
0x440480 DefWindowProcA
0x440484 CreateWindowExA
0x440488 GetClassLongA
0x44048c SetPropA
0x440490 UnhookWindowsHookEx
0x440494 GetPropA
0x440498 CallWindowProcA
0x44049c RemovePropA
0x4404a0 GetMessageTime
0x4404a4 GetMessagePos
0x4404a8 GetForegroundWindow
0x4404ac SetForegroundWindow
0x4404b0 RegisterWindowMessageA
0x4404b4 OffsetRect
0x4404b8 IntersectRect
0x4404bc SystemParametersInfoA
0x4404c0 IsIconic
0x4404c4 GetWindowPlacement
0x4404c8 GetWindowRect
0x4404cc GetDCEx
0x4404d0 GetWindow
0x4404d4 SetWindowContextHelpId
0x4404d8 RegisterClipboardFormatA
0x4404dc GetTabbedTextExtentA
0x4404e0 SetFocus
0x4404e4 ShowWindow
0x4404e8 SetWindowPos
0x4404ec MoveWindow
0x4404f0 SetWindowLongA
0x4404f4 GetDlgCtrlID
0x4404f8 GetWindowTextLengthA
0x4404fc GetWindowTextA
0x440500 SetWindowTextA
0x440504 IsDialogMessageA
0x440508 SetDlgItemTextA
0x44050c SendDlgItemMessageA
0x440510 GetMenuCheckMarkDimensions
0x440514 LoadBitmapA
0x440518 GetMenuState
0x44051c ModifyMenuA
0x440520 SetMenuItemBitmaps
0x440524 CheckMenuItem
0x440528 EnableMenuItem
0x44052c GetFocus
0x440530 GetMessageA
0x440534 TranslateMessage
0x440538 DispatchMessageA
0x44053c GetKeyState
0x440540 CallNextHookEx
0x440544 ValidateRect
0x440548 IsWindowVisible
0x44054c PeekMessageA
0x440550 UpdateWindow
0x440554 UnregisterClassA
0x440558 HideCaret
0x44055c ShowCaret
0x440560 ExcludeUpdateRgn
0x440564 DrawFocusRect
0x440568 DefDlgProcA
0x44056c IsWindowUnicode
0x440570 EnableWindow
0x440574 GetClientRect
0x440578 FindWindowA
0x44057c GetCursorPos
0x440580 SetWindowsHookExA
0x440584 GetLastActivePopup
0x440588 MessageBoxA
0x44058c SetCursor
0x440590 ShowOwnedPopups
0x440594 PostMessageA
0x440598 PostQuitMessage
0x44059c GetNextDlgTabItem
0x4405a0 EndDialog
0x4405a4 GetActiveWindow
0x4405a8 SetActiveWindow
0x4405ac IsWindow
0x4405b0 GetSystemMetrics
0x4405b4 CreateDialogIndirectParamA
0x4405b8 InvertRect
0x4405bc WindowFromPoint
0x4405c0 KillTimer
0x4405c4 SetTimer
0x4405c8 MapDialogRect
0x4405cc DestroyWindow
0x4405d0 GetParent
0x4405d4 GetWindowLongA
0x4405d8 GetDlgItem
0x4405dc IsWindowEnabled
0x4405e0 OpenClipboard
0x4405e4 EmptyClipboard
0x4405e8 SetClipboardData
0x4405ec CloseClipboard
0x4405f0 SendMessageA
0x4405f4 CharUpperA
0x4405f8 MessageBeep
0x4405fc GetNextDlgGroupItem
0x440600 CopyAcceleratorTableA
0x440604 CharNextA
0x440608 PostThreadMessageA
0x44060c DestroyIcon
0x440610 LoadStringA
0x440614 GetSysColorBrush
0x440618 GetMenuStringA
0x44061c InsertMenuA
0x440620 GrayStringA
0x440624 DrawTextA
0x440628 TabbedTextOutA
0x44062c EndPaint
0x440630 BeginPaint
0x440634 GetWindowDC
0x440638 ClientToScreen
0x44063c GetClassNameA
0x440640 GetSystemMenu
0x440644 DeleteMenu
0x440648 AppendMenuA
0x44064c SetParent
0x440650 IsZoomed
0x440654 BringWindowToTop
0x440658 UnpackDDElParam
0x44065c ReuseDDElParam
0x440660 SetMenu
0x440664 LoadMenuA
0x440668 DestroyMenu
0x44066c GetDesktopWindow
0x440670 TranslateAcceleratorA
0x440674 LoadAcceleratorsA
0x440678 SetRectEmpty
0x44067c wsprintfA
0x440680 IsRectEmpty
0x440684 SetCapture
GDI32.dll
0x440048 StretchDIBits
0x44004c CreateCompatibleDC
0x440050 CreateCompatibleBitmap
0x440054 DeleteObject
0x440058 GetCharWidthA
0x44005c CreateFontA
0x440060 CreateFontIndirectA
0x440064 SaveDC
0x440068 RestoreDC
0x44006c SetBkMode
0x440070 SetPolyFillMode
0x440074 SetROP2
0x440078 SetStretchBltMode
0x44007c SetMapMode
0x440080 SetViewportOrgEx
0x440084 OffsetViewportOrgEx
0x440088 SetViewportExtEx
0x44008c ScaleViewportExtEx
0x440090 SetWindowOrgEx
0x440094 SetWindowExtEx
0x440098 ScaleWindowExtEx
0x44009c SelectClipRgn
0x4400a0 ExcludeClipRect
0x4400a4 IntersectClipRect
0x4400a8 MoveToEx
0x4400ac LineTo
0x4400b0 SetTextAlign
0x4400b4 GetCurrentPositionEx
0x4400b8 GetTextMetricsA
0x4400bc CreateRectRgn
0x4400c0 GetViewportExtEx
0x4400c4 GetWindowExtEx
0x4400c8 CreateSolidBrush
0x4400cc CreatePatternBrush
0x4400d0 PtVisible
0x4400d4 RectVisible
0x4400d8 TextOutA
0x4400dc ExtTextOutA
0x4400e0 Escape
0x4400e4 GetTextColor
0x4400e8 GetBkColor
0x4400ec LPtoDP
0x4400f0 GetNearestColor
0x4400f4 GetStretchBltMode
0x4400f8 GetPolyFillMode
0x4400fc GetTextAlign
0x440100 GetBkMode
0x440104 GetROP2
0x440108 GetTextFaceA
0x44010c GetWindowOrgEx
0x440110 GetMapMode
0x440114 SetRectRgn
0x440118 CombineRgn
0x44011c CopyMetaFileA
0x440120 BitBlt
0x440124 SelectObject
0x440128 GetTextExtentPoint32A
0x44012c CreateRectRgnIndirect
0x440130 DeleteDC
0x440134 CreateDCA
0x440138 SetAbortProc
0x44013c StartDocA
0x440140 StartPage
0x440144 EndPage
0x440148 EndDoc
0x44014c AbortDoc
0x440150 GetViewportOrgEx
0x440154 CreatePen
0x440158 DPtoLP
0x44015c Rectangle
0x440160 GetStockObject
0x440164 PatBlt
0x440168 GetDeviceCaps
0x44016c GetObjectA
0x440170 SetBkColor
0x440174 SetTextColor
0x440178 GetClipBox
0x44017c CreateDIBitmap
0x440180 GetTextExtentPointA
0x440184 CreateBitmap
comdlg32.dll
0x44069c GetSaveFileNameA
0x4406a0 GetFileTitleA
0x4406a4 GetOpenFileNameA
0x4406a8 CommDlgExtendedError
0x4406ac PrintDlgA
WINSPOOL.DRV
0x44068c OpenPrinterA
0x440690 DocumentPropertiesA
0x440694 ClosePrinter
ADVAPI32.dll
0x440000 GetFileSecurityA
0x440004 RegCloseKey
0x440008 RegEnumKeyA
0x44000c RegOpenKeyA
0x440010 RegDeleteKeyA
0x440014 RegCreateKeyExA
0x440018 RegOpenKeyExA
0x44001c RegQueryValueExA
0x440020 RegSetValueExA
0x440024 RegSetValueA
0x440028 RegCreateKeyA
0x44002c RegQueryValueA
0x440030 SetFileSecurityA
0x440034 RegDeleteValueA
SHELL32.dll
0x4403cc ExtractIconA
0x4403d0 DragFinish
0x4403d4 DragQueryFileA
0x4403d8 SHGetFileInfoA
COMCTL32.dll
0x44003c None
0x440040 ImageList_Destroy
oledlg.dll
0x440714 None
ole32.dll
0x4406b4 OleDuplicateData
0x4406b8 CreateStreamOnHGlobal
0x4406bc CoTaskMemAlloc
0x4406c0 CreateILockBytesOnHGlobal
0x4406c4 StgCreateDocfileOnILockBytes
0x4406c8 StgOpenStorageOnILockBytes
0x4406cc CoRevokeClassObject
0x4406d0 CoGetClassObject
0x4406d4 CoRegisterMessageFilter
0x4406d8 DoDragDrop
0x4406dc OleFlushClipboard
0x4406e0 OleGetClipboard
0x4406e4 ReleaseStgMedium
0x4406e8 CoTaskMemFree
0x4406ec RevokeDragDrop
0x4406f0 CoLockObjectExternal
0x4406f4 RegisterDragDrop
0x4406f8 CLSIDFromString
0x4406fc CLSIDFromProgID
0x440700 CoFreeUnusedLibraries
0x440704 OleUninitialize
0x440708 OleInitialize
0x44070c OleIsCurrentClipboard
OLEPRO32.DLL
0x4403c4 None
OLEAUT32.dll
0x44039c SysAllocStringByteLen
0x4403a0 SysFreeString
0x4403a4 SysAllocStringLen
0x4403a8 VariantClear
0x4403ac VariantTimeToSystemTime
0x4403b0 VariantChangeType
0x4403b4 SysAllocString
0x4403b8 VariantCopy
0x4403bc SysStringLen
EAT(Export Address Table) is none