ScreenShot
| Created | 2021.12.01 07:45 | Machine | s1_win7_x6403 |
| Filename | Lni | ||
| Type | PE32 executable (DLL) (GUI) Intel 80386, for MS Windows | ||
| AI Score |
|
Behavior Score |
|
| ZERO API | file : clean | ||
| VT API (file) | 5 detected (AIDetect, malware2, malicious, high confidence, confidence, 100%) | ||
| md5 | 1c6cee8b4c857f9b9a6da5d1c7e6b36b | ||
| sha256 | 9ec34c2224f0ebc8dda40787593369d520a71048b95d7994875aeadba507548c | ||
| ssdeep | 12288:U3NDmdLBdNdbrQtl5gS1dC/uwhu76l8Eem:KLLJCRhUBEJ | ||
| imphash | 54f1713c13186d34739a582206cbc5b7 | ||
| impfuzzy | 192:gbl2JiFCjPhEkZggW1VntgJbeg9cRc/c794C+wCkA:oJCjPqkzJn9EQkCkA | ||
Network IP location
Signature (11cnts)
| Level | Description |
|---|---|
| danger | Connects to IP addresses that are no longer responding to requests (legitimate services will remain up-and-running usually) |
| watch | Communicates with host for which no DNS query was performed |
| notice | Allocates read-write-execute memory (usually to unpack itself) |
| notice | Communication to multiple IPs on high port numbers possibly indicative of a peer-to-peer (P2P) or non-standard command and control protocol |
| notice | Expresses interest in specific running processes |
| notice | File has been identified by 5 AntiVirus engines on VirusTotal as malicious |
| notice | One or more potentially interesting buffers were extracted |
| notice | The binary likely contains encrypted or compressed data indicative of a packer |
| info | Checks if process is being debugged by a debugger |
| info | Queries for the computername |
| info | The executable uses a known packer |
Rules (8cnts)
| Level | Name | Description | Collection |
|---|---|---|---|
| danger | Win32_Trojan_Emotet_1_Zero | Win32 Trojan Emotet | binaries (upload) |
| danger | Win32_Trojan_Emotet_RL_Gen_Zero | Win32 Trojan Emotet | binaries (upload) |
| watch | Malicious_Library_Zero | Malicious_Library | binaries (upload) |
| watch | UPX_Zero | UPX packed file | binaries (upload) |
| info | IsDLL | (no description) | binaries (upload) |
| info | IsPE32 | (no description) | binaries (upload) |
| info | OS_Processor_Check_Zero | OS Processor Check | binaries (upload) |
| info | PE_Header_Zero | PE File Signature | binaries (upload) |
Network (29cnts) ?
Suricata ids
ET JA3 Hash - Possible Malware - Various Trickbot/Kovter/Dridex
ET INFO TLS Handshake Failure
ET CNC Feodo Tracker Reported CnC Server group 13
ET CNC Feodo Tracker Reported CnC Server group 8
ET CNC Feodo Tracker Reported CnC Server group 2
ET CNC Feodo Tracker Reported CnC Server group 18
ET INFO TLS Handshake Failure
ET CNC Feodo Tracker Reported CnC Server group 13
ET CNC Feodo Tracker Reported CnC Server group 8
ET CNC Feodo Tracker Reported CnC Server group 2
ET CNC Feodo Tracker Reported CnC Server group 18
PE API
IAT(Import Address Table) Library
KERNEL32.dll
0x1008fd8c GetFullPathNameA
0x1008fd90 GetStringTypeExA
0x1008fd94 GetThreadLocale
0x1008fd98 GetShortPathNameA
0x1008fd9c GetFileAttributesA
0x1008fda0 GetFileSize
0x1008fda4 GetFileTime
0x1008fda8 LocalFileTimeToFileTime
0x1008fdac SystemTimeToFileTime
0x1008fdb0 SetFileTime
0x1008fdb4 SetFileAttributesA
0x1008fdb8 RtlUnwind
0x1008fdbc HeapAlloc
0x1008fdc0 RaiseException
0x1008fdc4 GetCommandLineA
0x1008fdc8 HeapFree
0x1008fdcc TerminateProcess
0x1008fdd0 CreateThread
0x1008fdd4 ExitThread
0x1008fdd8 HeapReAlloc
0x1008fddc HeapSize
0x1008fde0 GetACP
0x1008fde4 GetTimeZoneInformation
0x1008fde8 GetSystemTime
0x1008fdec GetLocalTime
0x1008fdf0 HeapDestroy
0x1008fdf4 HeapCreate
0x1008fdf8 VirtualFree
0x1008fdfc FatalAppExitA
0x1008fe00 VirtualAlloc
0x1008fe04 IsBadWritePtr
0x1008fe08 SetUnhandledExceptionFilter
0x1008fe0c GetVolumeInformationA
0x1008fe10 GetStdHandle
0x1008fe14 GetFileType
0x1008fe18 GetStartupInfoA
0x1008fe1c FreeEnvironmentStringsA
0x1008fe20 FreeEnvironmentStringsW
0x1008fe24 GetEnvironmentStrings
0x1008fe28 GetEnvironmentStringsW
0x1008fe2c LCMapStringA
0x1008fe30 LCMapStringW
0x1008fe34 GetStringTypeA
0x1008fe38 GetStringTypeW
0x1008fe3c UnhandledExceptionFilter
0x1008fe40 Sleep
0x1008fe44 IsBadReadPtr
0x1008fe48 IsBadCodePtr
0x1008fe4c IsValidLocale
0x1008fe50 IsValidCodePage
0x1008fe54 GetLocaleInfoA
0x1008fe58 EnumSystemLocalesA
0x1008fe5c GetUserDefaultLCID
0x1008fe60 GetVersionExA
0x1008fe64 SetConsoleCtrlHandler
0x1008fe68 SetStdHandle
0x1008fe6c CompareStringA
0x1008fe70 CompareStringW
0x1008fe74 SetEnvironmentVariableA
0x1008fe78 GetLocaleInfoW
0x1008fe7c MoveFileExA
0x1008fe80 LocalLock
0x1008fe84 LocalUnlock
0x1008fe88 GetModuleHandleW
0x1008fe8c FindFirstFileA
0x1008fe90 FindClose
0x1008fe94 DeleteFileA
0x1008fe98 MoveFileA
0x1008fe9c SetEndOfFile
0x1008fea0 UnlockFile
0x1008fea4 LockFile
0x1008fea8 FlushFileBuffers
0x1008feac SetFilePointer
0x1008feb0 WriteFile
0x1008feb4 ReadFile
0x1008feb8 CreateFileA
0x1008febc GetCurrentProcess
0x1008fec0 DuplicateHandle
0x1008fec4 SetErrorMode
0x1008fec8 CopyFileA
0x1008fecc GetCurrentDirectoryA
0x1008fed0 WritePrivateProfileStringA
0x1008fed4 GetPrivateProfileStringA
0x1008fed8 GetPrivateProfileIntA
0x1008fedc lstrlenW
0x1008fee0 FileTimeToLocalFileTime
0x1008fee4 FileTimeToSystemTime
0x1008fee8 GetOEMCP
0x1008feec GetCPInfo
0x1008fef0 GetProcessVersion
0x1008fef4 TlsGetValue
0x1008fef8 LocalReAlloc
0x1008fefc TlsSetValue
0x1008ff00 EnterCriticalSection
0x1008ff04 LeaveCriticalSection
0x1008ff08 TlsFree
0x1008ff0c GlobalHandle
0x1008ff10 DeleteCriticalSection
0x1008ff14 TlsAlloc
0x1008ff18 InitializeCriticalSection
0x1008ff1c LocalAlloc
0x1008ff20 SizeofResource
0x1008ff24 GlobalFlags
0x1008ff28 GetLastError
0x1008ff2c CreateEventA
0x1008ff30 SuspendThread
0x1008ff34 SetThreadPriority
0x1008ff38 ResumeThread
0x1008ff3c SetEvent
0x1008ff40 WaitForSingleObject
0x1008ff44 CloseHandle
0x1008ff48 GetModuleFileNameA
0x1008ff4c GetCurrentThread
0x1008ff50 MulDiv
0x1008ff54 SetLastError
0x1008ff58 GlobalSize
0x1008ff5c GlobalReAlloc
0x1008ff60 GlobalAlloc
0x1008ff64 lstrcpynA
0x1008ff68 lstrcmpA
0x1008ff6c FormatMessageA
0x1008ff70 LocalFree
0x1008ff74 MultiByteToWideChar
0x1008ff78 WideCharToMultiByte
0x1008ff7c lstrlenA
0x1008ff80 InterlockedDecrement
0x1008ff84 InterlockedIncrement
0x1008ff88 FreeLibrary
0x1008ff8c GetVersion
0x1008ff90 lstrcatA
0x1008ff94 GetCurrentThreadId
0x1008ff98 GlobalGetAtomNameA
0x1008ff9c lstrcmpiA
0x1008ffa0 GlobalAddAtomA
0x1008ffa4 GlobalFindAtomA
0x1008ffa8 GlobalDeleteAtom
0x1008ffac lstrcpyA
0x1008ffb0 GetModuleHandleA
0x1008ffb4 GetProcAddress
0x1008ffb8 GlobalLock
0x1008ffbc GlobalUnlock
0x1008ffc0 GlobalFree
0x1008ffc4 LockResource
0x1008ffc8 FindResourceA
0x1008ffcc LoadResource
0x1008ffd0 LoadLibraryA
0x1008ffd4 SetHandleCount
0x1008ffd8 ExitProcess
0x1008ffdc GetSystemDirectoryA
USER32.dll
0x10090240 PeekMessageA
0x10090244 DispatchMessageA
0x10090248 GetFocus
0x1009024c SetFocus
0x10090250 AdjustWindowRectEx
0x10090254 ScreenToClient
0x10090258 EqualRect
0x1009025c DeferWindowPos
0x10090260 BeginDeferWindowPos
0x10090264 CopyRect
0x10090268 EndDeferWindowPos
0x1009026c IsWindowVisible
0x10090270 ScrollWindow
0x10090274 GetScrollInfo
0x10090278 SetScrollInfo
0x1009027c ShowScrollBar
0x10090280 GetScrollRange
0x10090284 SetScrollRange
0x10090288 GetScrollPos
0x1009028c SetScrollPos
0x10090290 GetTopWindow
0x10090294 IsChild
0x10090298 GetCapture
0x1009029c WinHelpA
0x100902a0 wsprintfA
0x100902a4 GetClassInfoA
0x100902a8 RegisterClassA
0x100902ac GetMenu
0x100902b0 GetMenuItemCount
0x100902b4 GetSubMenu
0x100902b8 GetMenuItemID
0x100902bc TrackPopupMenu
0x100902c0 SetWindowPlacement
0x100902c4 GetWindowTextLengthA
0x100902c8 GetWindowTextA
0x100902cc GetDlgCtrlID
0x100902d0 GetKeyState
0x100902d4 DefWindowProcA
0x100902d8 CreateWindowExA
0x100902dc SetWindowsHookExA
0x100902e0 GetSysColor
0x100902e4 GetClassLongA
0x100902e8 SetPropA
0x100902ec UnhookWindowsHookEx
0x100902f0 GetPropA
0x100902f4 CallWindowProcA
0x100902f8 RemovePropA
0x100902fc GetMessageTime
0x10090300 GetMessagePos
0x10090304 GetLastActivePopup
0x10090308 GetForegroundWindow
0x1009030c SetForegroundWindow
0x10090310 GetWindow
0x10090314 SetWindowLongA
0x10090318 SetWindowPos
0x1009031c RegisterWindowMessageA
0x10090320 OffsetRect
0x10090324 IntersectRect
0x10090328 SystemParametersInfoA
0x1009032c GetWindowPlacement
0x10090330 GetWindowRect
0x10090334 GetNextDlgTabItem
0x10090338 EndDialog
0x1009033c GetActiveWindow
0x10090340 SetActiveWindow
0x10090344 IsWindow
0x10090348 EnableWindow
0x1009034c SendMessageA
0x10090350 MessageBoxA
0x10090354 LoadIconA
0x10090358 CharUpperA
0x1009035c CreateDialogIndirectParamA
0x10090360 DestroyWindow
0x10090364 GetParent
0x10090368 GetWindowLongA
0x1009036c GetDlgItem
0x10090370 IsWindowEnabled
0x10090374 IsIconic
0x10090378 GetSystemMetrics
0x1009037c GetClientRect
0x10090380 DrawIcon
0x10090384 MapWindowPoints
0x10090388 SendDlgItemMessageA
0x1009038c UpdateWindow
0x10090390 EnableMenuItem
0x10090394 PostMessageA
0x10090398 GetSystemMenu
0x1009039c AppendMenuA
0x100903a0 BringWindowToTop
0x100903a4 InvalidateRect
0x100903a8 UnpackDDElParam
0x100903ac ReuseDDElParam
0x100903b0 SetMenu
0x100903b4 LoadMenuA
0x100903b8 TranslateAcceleratorA
0x100903bc LoadAcceleratorsA
0x100903c0 SetRectEmpty
0x100903c4 RemoveMenu
0x100903c8 GetMenuStringA
0x100903cc DeleteMenu
0x100903d0 InsertMenuA
0x100903d4 WindowFromPoint
0x100903d8 GetWindowThreadProcessId
0x100903dc WaitMessage
0x100903e0 ReleaseCapture
0x100903e4 SetCapture
0x100903e8 GetSysColorBrush
0x100903ec LoadCursorA
0x100903f0 GetDialogBaseUnits
0x100903f4 PtInRect
0x100903f8 GetClassNameA
0x100903fc GetMessageA
0x10090400 TranslateMessage
0x10090404 ValidateRect
0x10090408 GetCursorPos
0x1009040c SetCursor
0x10090410 ShowOwnedPopups
0x10090414 PostQuitMessage
0x10090418 GrayStringA
0x1009041c DrawTextA
0x10090420 TabbedTextOutA
0x10090424 EndPaint
0x10090428 BeginPaint
0x1009042c GetWindowDC
0x10090430 ReleaseDC
0x10090434 GetDC
0x10090438 ClientToScreen
0x1009043c DestroyMenu
0x10090440 GetDesktopWindow
0x10090444 LoadStringA
0x10090448 wvsprintfA
0x1009044c OemToCharA
0x10090450 CharToOemA
0x10090454 ShowWindow
0x10090458 MoveWindow
0x1009045c SetWindowTextA
0x10090460 IsDialogMessageA
0x10090464 ScrollWindowEx
0x10090468 IsDlgButtonChecked
0x1009046c SetDlgItemTextA
0x10090470 SetDlgItemInt
0x10090474 GetDlgItemTextA
0x10090478 GetDlgItemInt
0x1009047c CheckRadioButton
0x10090480 CheckMenuItem
0x10090484 GetMenuCheckMarkDimensions
0x10090488 LoadBitmapA
0x1009048c GetMenuState
0x10090490 ModifyMenuA
0x10090494 CallNextHookEx
0x10090498 SetMenuItemBitmaps
0x1009049c CheckDlgButton
GDI32.dll
0x1008fc0c SetBkMode
0x1008fc10 SetPolyFillMode
0x1008fc14 SetROP2
0x1008fc18 SetStretchBltMode
0x1008fc1c SetMapMode
0x1008fc20 SetViewportOrgEx
0x1008fc24 OffsetViewportOrgEx
0x1008fc28 SetViewportExtEx
0x1008fc2c ScaleViewportExtEx
0x1008fc30 SetWindowOrgEx
0x1008fc34 OffsetWindowOrgEx
0x1008fc38 SetWindowExtEx
0x1008fc3c ScaleWindowExtEx
0x1008fc40 SelectClipRgn
0x1008fc44 ExcludeClipRect
0x1008fc48 IntersectClipRect
0x1008fc4c OffsetClipRgn
0x1008fc50 MoveToEx
0x1008fc54 LineTo
0x1008fc58 SetTextAlign
0x1008fc5c SetTextJustification
0x1008fc60 SetTextCharacterExtra
0x1008fc64 SetMapperFlags
0x1008fc68 GetCurrentPositionEx
0x1008fc6c ArcTo
0x1008fc70 SetArcDirection
0x1008fc74 PolyDraw
0x1008fc78 PolylineTo
0x1008fc7c SetColorAdjustment
0x1008fc80 SelectPalette
0x1008fc84 DeleteObject
0x1008fc88 GetClipRgn
0x1008fc8c CreateRectRgn
0x1008fc90 SelectClipPath
0x1008fc94 ExtSelectClipRgn
0x1008fc98 PlayMetaFileRecord
0x1008fc9c GetObjectType
0x1008fca0 EnumMetaFile
0x1008fca4 PlayMetaFile
0x1008fca8 GetDeviceCaps
0x1008fcac GetViewportExtEx
0x1008fcb0 GetWindowExtEx
0x1008fcb4 CreatePen
0x1008fcb8 ExtCreatePen
0x1008fcbc CreateSolidBrush
0x1008fcc0 CreateHatchBrush
0x1008fcc4 CreatePatternBrush
0x1008fcc8 CreateDIBPatternBrushPt
0x1008fccc PtVisible
0x1008fcd0 RectVisible
0x1008fcd4 TextOutA
0x1008fcd8 ExtTextOutA
0x1008fcdc Escape
0x1008fce0 GetTextExtentPoint32A
0x1008fce4 GetTextMetricsA
0x1008fce8 CreateFontIndirectA
0x1008fcec CopyMetaFileA
0x1008fcf0 CreateDCA
0x1008fcf4 GetStockObject
0x1008fcf8 SelectObject
0x1008fcfc RestoreDC
0x1008fd00 SaveDC
0x1008fd04 StartDocA
0x1008fd08 DeleteDC
0x1008fd0c CreateBitmap
0x1008fd10 GetObjectA
0x1008fd14 SetBkColor
0x1008fd18 SetTextColor
0x1008fd1c PolyBezierTo
0x1008fd20 GetDCOrgEx
0x1008fd24 GetClipBox
comdlg32.dll
0x1009057c GetFileTitleA
WINSPOOL.DRV
0x10090544 ClosePrinter
0x10090548 DocumentPropertiesA
0x1009054c OpenPrinterA
ADVAPI32.dll
0x1008fb88 RegDeleteValueA
0x1008fb8c RegOpenKeyA
0x1008fb90 RegSetValueA
0x1008fb94 RegDeleteKeyA
0x1008fb98 RegCloseKey
0x1008fb9c RegSetValueExA
0x1008fba0 RegQueryValueExA
0x1008fba4 RegOpenKeyExA
0x1008fba8 RegCreateKeyExA
SHELL32.dll
0x10090204 DragQueryFileA
0x10090208 DragFinish
0x1009020c DragAcceptFiles
0x10090210 SHGetFileInfoA
COMCTL32.dll
0x1008fbdc None
ODBC32.dll
0x10090080 None
0x10090084 None
0x10090088 None
0x1009008c None
0x10090090 None
0x10090094 None
0x10090098 None
0x1009009c None
0x100900a0 None
0x100900a4 None
0x100900a8 None
0x100900ac None
0x100900b0 None
0x100900b4 None
0x100900b8 None
0x100900bc None
0x100900c0 None
0x100900c4 None
0x100900c8 None
0x100900cc None
0x100900d0 None
0x100900d4 None
0x100900d8 None
0x100900dc None
0x100900e0 None
0x100900e4 None
0x100900e8 None
0x100900ec None
0x100900f0 None
0x100900f4 None
0x100900f8 None
0x100900fc None
0x10090100 None
ole32.dll
0x100905ac OleRegGetUserType
0x100905b0 WriteClassStg
0x100905b4 WriteFmtUserTypeStg
0x100905b8 SetConvertStg
0x100905bc ReadFmtUserTypeStg
0x100905c0 CreateBindCtx
0x100905c4 CoTaskMemAlloc
0x100905c8 OleDuplicateData
0x100905cc CoCreateInstance
0x100905d0 ReadClassStg
0x100905d4 StringFromCLSID
0x100905d8 CoTreatAsClass
0x100905dc ReleaseStgMedium
0x100905e0 CoDisconnectObject
0x100905e4 CoTaskMemFree
OLEAUT32.dll
0x10090148 SafeArrayDestroyDescriptor
0x1009014c SafeArrayDestroyData
0x10090150 SafeArrayDestroy
0x10090154 SafeArrayUnlock
0x10090158 SafeArrayLock
0x1009015c SafeArrayPutElement
0x10090160 SafeArrayPtrOfIndex
0x10090164 SafeArrayGetElement
0x10090168 SafeArrayAllocDescriptor
0x1009016c SafeArrayAllocData
0x10090170 SafeArrayCopy
0x10090174 VarBstrFromDate
0x10090178 VarDateFromStr
0x1009017c VarBstrFromCy
0x10090180 VarCyFromStr
0x10090184 SysStringByteLen
0x10090188 SafeArrayUnaccessData
0x1009018c SafeArrayAccessData
0x10090190 SafeArrayGetUBound
0x10090194 SafeArrayGetLBound
0x10090198 SafeArrayGetElemsize
0x1009019c SafeArrayGetDim
0x100901a0 SafeArrayCreate
0x100901a4 VariantClear
0x100901a8 SafeArrayRedim
0x100901ac VariantCopy
0x100901b0 SysAllocString
0x100901b4 VariantChangeType
0x100901b8 SysStringLen
0x100901bc SysAllocStringByteLen
EAT(Export Address Table) Library
0x10001181 Control_RunDLL
KERNEL32.dll
0x1008fd8c GetFullPathNameA
0x1008fd90 GetStringTypeExA
0x1008fd94 GetThreadLocale
0x1008fd98 GetShortPathNameA
0x1008fd9c GetFileAttributesA
0x1008fda0 GetFileSize
0x1008fda4 GetFileTime
0x1008fda8 LocalFileTimeToFileTime
0x1008fdac SystemTimeToFileTime
0x1008fdb0 SetFileTime
0x1008fdb4 SetFileAttributesA
0x1008fdb8 RtlUnwind
0x1008fdbc HeapAlloc
0x1008fdc0 RaiseException
0x1008fdc4 GetCommandLineA
0x1008fdc8 HeapFree
0x1008fdcc TerminateProcess
0x1008fdd0 CreateThread
0x1008fdd4 ExitThread
0x1008fdd8 HeapReAlloc
0x1008fddc HeapSize
0x1008fde0 GetACP
0x1008fde4 GetTimeZoneInformation
0x1008fde8 GetSystemTime
0x1008fdec GetLocalTime
0x1008fdf0 HeapDestroy
0x1008fdf4 HeapCreate
0x1008fdf8 VirtualFree
0x1008fdfc FatalAppExitA
0x1008fe00 VirtualAlloc
0x1008fe04 IsBadWritePtr
0x1008fe08 SetUnhandledExceptionFilter
0x1008fe0c GetVolumeInformationA
0x1008fe10 GetStdHandle
0x1008fe14 GetFileType
0x1008fe18 GetStartupInfoA
0x1008fe1c FreeEnvironmentStringsA
0x1008fe20 FreeEnvironmentStringsW
0x1008fe24 GetEnvironmentStrings
0x1008fe28 GetEnvironmentStringsW
0x1008fe2c LCMapStringA
0x1008fe30 LCMapStringW
0x1008fe34 GetStringTypeA
0x1008fe38 GetStringTypeW
0x1008fe3c UnhandledExceptionFilter
0x1008fe40 Sleep
0x1008fe44 IsBadReadPtr
0x1008fe48 IsBadCodePtr
0x1008fe4c IsValidLocale
0x1008fe50 IsValidCodePage
0x1008fe54 GetLocaleInfoA
0x1008fe58 EnumSystemLocalesA
0x1008fe5c GetUserDefaultLCID
0x1008fe60 GetVersionExA
0x1008fe64 SetConsoleCtrlHandler
0x1008fe68 SetStdHandle
0x1008fe6c CompareStringA
0x1008fe70 CompareStringW
0x1008fe74 SetEnvironmentVariableA
0x1008fe78 GetLocaleInfoW
0x1008fe7c MoveFileExA
0x1008fe80 LocalLock
0x1008fe84 LocalUnlock
0x1008fe88 GetModuleHandleW
0x1008fe8c FindFirstFileA
0x1008fe90 FindClose
0x1008fe94 DeleteFileA
0x1008fe98 MoveFileA
0x1008fe9c SetEndOfFile
0x1008fea0 UnlockFile
0x1008fea4 LockFile
0x1008fea8 FlushFileBuffers
0x1008feac SetFilePointer
0x1008feb0 WriteFile
0x1008feb4 ReadFile
0x1008feb8 CreateFileA
0x1008febc GetCurrentProcess
0x1008fec0 DuplicateHandle
0x1008fec4 SetErrorMode
0x1008fec8 CopyFileA
0x1008fecc GetCurrentDirectoryA
0x1008fed0 WritePrivateProfileStringA
0x1008fed4 GetPrivateProfileStringA
0x1008fed8 GetPrivateProfileIntA
0x1008fedc lstrlenW
0x1008fee0 FileTimeToLocalFileTime
0x1008fee4 FileTimeToSystemTime
0x1008fee8 GetOEMCP
0x1008feec GetCPInfo
0x1008fef0 GetProcessVersion
0x1008fef4 TlsGetValue
0x1008fef8 LocalReAlloc
0x1008fefc TlsSetValue
0x1008ff00 EnterCriticalSection
0x1008ff04 LeaveCriticalSection
0x1008ff08 TlsFree
0x1008ff0c GlobalHandle
0x1008ff10 DeleteCriticalSection
0x1008ff14 TlsAlloc
0x1008ff18 InitializeCriticalSection
0x1008ff1c LocalAlloc
0x1008ff20 SizeofResource
0x1008ff24 GlobalFlags
0x1008ff28 GetLastError
0x1008ff2c CreateEventA
0x1008ff30 SuspendThread
0x1008ff34 SetThreadPriority
0x1008ff38 ResumeThread
0x1008ff3c SetEvent
0x1008ff40 WaitForSingleObject
0x1008ff44 CloseHandle
0x1008ff48 GetModuleFileNameA
0x1008ff4c GetCurrentThread
0x1008ff50 MulDiv
0x1008ff54 SetLastError
0x1008ff58 GlobalSize
0x1008ff5c GlobalReAlloc
0x1008ff60 GlobalAlloc
0x1008ff64 lstrcpynA
0x1008ff68 lstrcmpA
0x1008ff6c FormatMessageA
0x1008ff70 LocalFree
0x1008ff74 MultiByteToWideChar
0x1008ff78 WideCharToMultiByte
0x1008ff7c lstrlenA
0x1008ff80 InterlockedDecrement
0x1008ff84 InterlockedIncrement
0x1008ff88 FreeLibrary
0x1008ff8c GetVersion
0x1008ff90 lstrcatA
0x1008ff94 GetCurrentThreadId
0x1008ff98 GlobalGetAtomNameA
0x1008ff9c lstrcmpiA
0x1008ffa0 GlobalAddAtomA
0x1008ffa4 GlobalFindAtomA
0x1008ffa8 GlobalDeleteAtom
0x1008ffac lstrcpyA
0x1008ffb0 GetModuleHandleA
0x1008ffb4 GetProcAddress
0x1008ffb8 GlobalLock
0x1008ffbc GlobalUnlock
0x1008ffc0 GlobalFree
0x1008ffc4 LockResource
0x1008ffc8 FindResourceA
0x1008ffcc LoadResource
0x1008ffd0 LoadLibraryA
0x1008ffd4 SetHandleCount
0x1008ffd8 ExitProcess
0x1008ffdc GetSystemDirectoryA
USER32.dll
0x10090240 PeekMessageA
0x10090244 DispatchMessageA
0x10090248 GetFocus
0x1009024c SetFocus
0x10090250 AdjustWindowRectEx
0x10090254 ScreenToClient
0x10090258 EqualRect
0x1009025c DeferWindowPos
0x10090260 BeginDeferWindowPos
0x10090264 CopyRect
0x10090268 EndDeferWindowPos
0x1009026c IsWindowVisible
0x10090270 ScrollWindow
0x10090274 GetScrollInfo
0x10090278 SetScrollInfo
0x1009027c ShowScrollBar
0x10090280 GetScrollRange
0x10090284 SetScrollRange
0x10090288 GetScrollPos
0x1009028c SetScrollPos
0x10090290 GetTopWindow
0x10090294 IsChild
0x10090298 GetCapture
0x1009029c WinHelpA
0x100902a0 wsprintfA
0x100902a4 GetClassInfoA
0x100902a8 RegisterClassA
0x100902ac GetMenu
0x100902b0 GetMenuItemCount
0x100902b4 GetSubMenu
0x100902b8 GetMenuItemID
0x100902bc TrackPopupMenu
0x100902c0 SetWindowPlacement
0x100902c4 GetWindowTextLengthA
0x100902c8 GetWindowTextA
0x100902cc GetDlgCtrlID
0x100902d0 GetKeyState
0x100902d4 DefWindowProcA
0x100902d8 CreateWindowExA
0x100902dc SetWindowsHookExA
0x100902e0 GetSysColor
0x100902e4 GetClassLongA
0x100902e8 SetPropA
0x100902ec UnhookWindowsHookEx
0x100902f0 GetPropA
0x100902f4 CallWindowProcA
0x100902f8 RemovePropA
0x100902fc GetMessageTime
0x10090300 GetMessagePos
0x10090304 GetLastActivePopup
0x10090308 GetForegroundWindow
0x1009030c SetForegroundWindow
0x10090310 GetWindow
0x10090314 SetWindowLongA
0x10090318 SetWindowPos
0x1009031c RegisterWindowMessageA
0x10090320 OffsetRect
0x10090324 IntersectRect
0x10090328 SystemParametersInfoA
0x1009032c GetWindowPlacement
0x10090330 GetWindowRect
0x10090334 GetNextDlgTabItem
0x10090338 EndDialog
0x1009033c GetActiveWindow
0x10090340 SetActiveWindow
0x10090344 IsWindow
0x10090348 EnableWindow
0x1009034c SendMessageA
0x10090350 MessageBoxA
0x10090354 LoadIconA
0x10090358 CharUpperA
0x1009035c CreateDialogIndirectParamA
0x10090360 DestroyWindow
0x10090364 GetParent
0x10090368 GetWindowLongA
0x1009036c GetDlgItem
0x10090370 IsWindowEnabled
0x10090374 IsIconic
0x10090378 GetSystemMetrics
0x1009037c GetClientRect
0x10090380 DrawIcon
0x10090384 MapWindowPoints
0x10090388 SendDlgItemMessageA
0x1009038c UpdateWindow
0x10090390 EnableMenuItem
0x10090394 PostMessageA
0x10090398 GetSystemMenu
0x1009039c AppendMenuA
0x100903a0 BringWindowToTop
0x100903a4 InvalidateRect
0x100903a8 UnpackDDElParam
0x100903ac ReuseDDElParam
0x100903b0 SetMenu
0x100903b4 LoadMenuA
0x100903b8 TranslateAcceleratorA
0x100903bc LoadAcceleratorsA
0x100903c0 SetRectEmpty
0x100903c4 RemoveMenu
0x100903c8 GetMenuStringA
0x100903cc DeleteMenu
0x100903d0 InsertMenuA
0x100903d4 WindowFromPoint
0x100903d8 GetWindowThreadProcessId
0x100903dc WaitMessage
0x100903e0 ReleaseCapture
0x100903e4 SetCapture
0x100903e8 GetSysColorBrush
0x100903ec LoadCursorA
0x100903f0 GetDialogBaseUnits
0x100903f4 PtInRect
0x100903f8 GetClassNameA
0x100903fc GetMessageA
0x10090400 TranslateMessage
0x10090404 ValidateRect
0x10090408 GetCursorPos
0x1009040c SetCursor
0x10090410 ShowOwnedPopups
0x10090414 PostQuitMessage
0x10090418 GrayStringA
0x1009041c DrawTextA
0x10090420 TabbedTextOutA
0x10090424 EndPaint
0x10090428 BeginPaint
0x1009042c GetWindowDC
0x10090430 ReleaseDC
0x10090434 GetDC
0x10090438 ClientToScreen
0x1009043c DestroyMenu
0x10090440 GetDesktopWindow
0x10090444 LoadStringA
0x10090448 wvsprintfA
0x1009044c OemToCharA
0x10090450 CharToOemA
0x10090454 ShowWindow
0x10090458 MoveWindow
0x1009045c SetWindowTextA
0x10090460 IsDialogMessageA
0x10090464 ScrollWindowEx
0x10090468 IsDlgButtonChecked
0x1009046c SetDlgItemTextA
0x10090470 SetDlgItemInt
0x10090474 GetDlgItemTextA
0x10090478 GetDlgItemInt
0x1009047c CheckRadioButton
0x10090480 CheckMenuItem
0x10090484 GetMenuCheckMarkDimensions
0x10090488 LoadBitmapA
0x1009048c GetMenuState
0x10090490 ModifyMenuA
0x10090494 CallNextHookEx
0x10090498 SetMenuItemBitmaps
0x1009049c CheckDlgButton
GDI32.dll
0x1008fc0c SetBkMode
0x1008fc10 SetPolyFillMode
0x1008fc14 SetROP2
0x1008fc18 SetStretchBltMode
0x1008fc1c SetMapMode
0x1008fc20 SetViewportOrgEx
0x1008fc24 OffsetViewportOrgEx
0x1008fc28 SetViewportExtEx
0x1008fc2c ScaleViewportExtEx
0x1008fc30 SetWindowOrgEx
0x1008fc34 OffsetWindowOrgEx
0x1008fc38 SetWindowExtEx
0x1008fc3c ScaleWindowExtEx
0x1008fc40 SelectClipRgn
0x1008fc44 ExcludeClipRect
0x1008fc48 IntersectClipRect
0x1008fc4c OffsetClipRgn
0x1008fc50 MoveToEx
0x1008fc54 LineTo
0x1008fc58 SetTextAlign
0x1008fc5c SetTextJustification
0x1008fc60 SetTextCharacterExtra
0x1008fc64 SetMapperFlags
0x1008fc68 GetCurrentPositionEx
0x1008fc6c ArcTo
0x1008fc70 SetArcDirection
0x1008fc74 PolyDraw
0x1008fc78 PolylineTo
0x1008fc7c SetColorAdjustment
0x1008fc80 SelectPalette
0x1008fc84 DeleteObject
0x1008fc88 GetClipRgn
0x1008fc8c CreateRectRgn
0x1008fc90 SelectClipPath
0x1008fc94 ExtSelectClipRgn
0x1008fc98 PlayMetaFileRecord
0x1008fc9c GetObjectType
0x1008fca0 EnumMetaFile
0x1008fca4 PlayMetaFile
0x1008fca8 GetDeviceCaps
0x1008fcac GetViewportExtEx
0x1008fcb0 GetWindowExtEx
0x1008fcb4 CreatePen
0x1008fcb8 ExtCreatePen
0x1008fcbc CreateSolidBrush
0x1008fcc0 CreateHatchBrush
0x1008fcc4 CreatePatternBrush
0x1008fcc8 CreateDIBPatternBrushPt
0x1008fccc PtVisible
0x1008fcd0 RectVisible
0x1008fcd4 TextOutA
0x1008fcd8 ExtTextOutA
0x1008fcdc Escape
0x1008fce0 GetTextExtentPoint32A
0x1008fce4 GetTextMetricsA
0x1008fce8 CreateFontIndirectA
0x1008fcec CopyMetaFileA
0x1008fcf0 CreateDCA
0x1008fcf4 GetStockObject
0x1008fcf8 SelectObject
0x1008fcfc RestoreDC
0x1008fd00 SaveDC
0x1008fd04 StartDocA
0x1008fd08 DeleteDC
0x1008fd0c CreateBitmap
0x1008fd10 GetObjectA
0x1008fd14 SetBkColor
0x1008fd18 SetTextColor
0x1008fd1c PolyBezierTo
0x1008fd20 GetDCOrgEx
0x1008fd24 GetClipBox
comdlg32.dll
0x1009057c GetFileTitleA
WINSPOOL.DRV
0x10090544 ClosePrinter
0x10090548 DocumentPropertiesA
0x1009054c OpenPrinterA
ADVAPI32.dll
0x1008fb88 RegDeleteValueA
0x1008fb8c RegOpenKeyA
0x1008fb90 RegSetValueA
0x1008fb94 RegDeleteKeyA
0x1008fb98 RegCloseKey
0x1008fb9c RegSetValueExA
0x1008fba0 RegQueryValueExA
0x1008fba4 RegOpenKeyExA
0x1008fba8 RegCreateKeyExA
SHELL32.dll
0x10090204 DragQueryFileA
0x10090208 DragFinish
0x1009020c DragAcceptFiles
0x10090210 SHGetFileInfoA
COMCTL32.dll
0x1008fbdc None
ODBC32.dll
0x10090080 None
0x10090084 None
0x10090088 None
0x1009008c None
0x10090090 None
0x10090094 None
0x10090098 None
0x1009009c None
0x100900a0 None
0x100900a4 None
0x100900a8 None
0x100900ac None
0x100900b0 None
0x100900b4 None
0x100900b8 None
0x100900bc None
0x100900c0 None
0x100900c4 None
0x100900c8 None
0x100900cc None
0x100900d0 None
0x100900d4 None
0x100900d8 None
0x100900dc None
0x100900e0 None
0x100900e4 None
0x100900e8 None
0x100900ec None
0x100900f0 None
0x100900f4 None
0x100900f8 None
0x100900fc None
0x10090100 None
ole32.dll
0x100905ac OleRegGetUserType
0x100905b0 WriteClassStg
0x100905b4 WriteFmtUserTypeStg
0x100905b8 SetConvertStg
0x100905bc ReadFmtUserTypeStg
0x100905c0 CreateBindCtx
0x100905c4 CoTaskMemAlloc
0x100905c8 OleDuplicateData
0x100905cc CoCreateInstance
0x100905d0 ReadClassStg
0x100905d4 StringFromCLSID
0x100905d8 CoTreatAsClass
0x100905dc ReleaseStgMedium
0x100905e0 CoDisconnectObject
0x100905e4 CoTaskMemFree
OLEAUT32.dll
0x10090148 SafeArrayDestroyDescriptor
0x1009014c SafeArrayDestroyData
0x10090150 SafeArrayDestroy
0x10090154 SafeArrayUnlock
0x10090158 SafeArrayLock
0x1009015c SafeArrayPutElement
0x10090160 SafeArrayPtrOfIndex
0x10090164 SafeArrayGetElement
0x10090168 SafeArrayAllocDescriptor
0x1009016c SafeArrayAllocData
0x10090170 SafeArrayCopy
0x10090174 VarBstrFromDate
0x10090178 VarDateFromStr
0x1009017c VarBstrFromCy
0x10090180 VarCyFromStr
0x10090184 SysStringByteLen
0x10090188 SafeArrayUnaccessData
0x1009018c SafeArrayAccessData
0x10090190 SafeArrayGetUBound
0x10090194 SafeArrayGetLBound
0x10090198 SafeArrayGetElemsize
0x1009019c SafeArrayGetDim
0x100901a0 SafeArrayCreate
0x100901a4 VariantClear
0x100901a8 SafeArrayRedim
0x100901ac VariantCopy
0x100901b0 SysAllocString
0x100901b4 VariantChangeType
0x100901b8 SysStringLen
0x100901bc SysAllocStringByteLen
EAT(Export Address Table) Library
0x10001181 Control_RunDLL