Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Syrian backdoor (388707_304019782967678_1371539363240931_76888_135985994_...) import table:
- Syrian backdoor (388707_304019782967678_1371539363240931_76...) import table:
- Syrian backdoor 1: http://pastebin.com/6UuLFqq2
- Syrian backdoor 2: http://pastebin.com/MRxSxWY6
- Walking-> COMCTL32
- 0041302c: InitCommonControlsEx (ord#0)
- Walking-> SHLWAPI
- 004131bc: SHAutoComplete (ord#0)
- Walking-> KERNEL32
- 00413068: DeleteFileW (ord#0)
- 0041306c: DeleteFileA (ord#0)
- 00413070: CreateDirectoryA (ord#0)
- 00413074: CreateDirectoryW (ord#0)
- 00413078: FindClose (ord#0)
- 0041307c: FindNextFileA (ord#0)
- 00413080: FindFirstFileA (ord#0)
- 00413084: FindNextFileW (ord#0)
- 00413088: FindFirstFileW (ord#0)
- 0041308c: GetTickCount (ord#0)
- 00413090: WideCharToMultiByte (ord#0)
- 00413094: GlobalAlloc (ord#0)
- 00413098: GetVersionExW (ord#0)
- 0041309c: GetFullPathNameA (ord#0)
- 004130a0: GetFullPathNameW (ord#0)
- 004130a4: MultiByteToWideChar (ord#0)
- 004130a8: GetModuleFileNameW (ord#0)
- 004130ac: FindResourceW (ord#0)
- 004130b0: GetModuleHandleW (ord#0)
- 004130b4: HeapAlloc (ord#0)
- 004130b8: GetProcessHeap (ord#0)
- 004130bc: HeapFree (ord#0)
- 004130c0: HeapReAlloc (ord#0)
- 004130c4: CompareStringA (ord#0)
- 004130c8: ExitProcess (ord#0)
- 004130cc: GetLocaleInfoW (ord#0)
- 004130d0: SetFileAttributesW (ord#0)
- 004130d4: DosDateTimeToFileTime (ord#0)
- 004130d8: GetDateFormatW (ord#0)
- 004130dc: GetTimeFormatW (ord#0)
- 004130e0: FileTimeToSystemTime (ord#0)
- 004130e4: FileTimeToLocalFileTime (ord#0)
- 004130e8: ExpandEnvironmentStringsW (ord#0)
- 004130ec: WaitForSingleObject (ord#0)
- 004130f0: Sleep (ord#0)
- 004130f4: GetExitCodeProcess (ord#0)
- 004130f8: GetTempPathW (ord#0)
- 004130fc: MoveFileExW (ord#0)
- 00413100: UnmapViewOfFile (ord#0)
- 00413104: MapViewOfFile (ord#0)
- 00413108: GetCommandLineW (ord#0)
- 0041310c: CreateFileMappingW (ord#0)
- 00413110: SetEnvironmentVariableW (ord#0)
- 00413114: OpenFileMappingW (ord#0)
- 00413118: GetProcAddress (ord#0)
- 0041311c: LocalFileTimeToFileTime (ord#0)
- 00413120: SystemTimeToFileTime (ord#0)
- 00413124: GetSystemTime (ord#0)
- 00413128: CompareStringW (ord#0)
- 0041312c: IsDBCSLeadByte (ord#0)
- 00413130: GetCPInfo (ord#0)
- 00413134: SetCurrentDirectoryW (ord#0)
- 00413138: LoadLibraryW (ord#0)
- 0041313c: FreeLibrary (ord#0)
- 00413140: SetFileAttributesA (ord#0)
- 00413144: GetFileAttributesW (ord#0)
- 00413148: GetFileAttributesA (ord#0)
- 0041314c: WriteFile (ord#0)
- 00413150: GetStdHandle (ord#0)
- 00413154: ReadFile (ord#0)
- 00413158: CreateFileW (ord#0)
- 0041315c: GetCurrentDirectoryW (ord#0)
- 00413160: CreateFileA (ord#0)
- 00413164: GetFileType (ord#0)
- 00413168: SetEndOfFile (ord#0)
- 0041316c: SetFilePointer (ord#0)
- 00413170: MoveFileW (ord#0)
- 00413174: SetFileTime (ord#0)
- 00413178: GetCurrentProcess (ord#0)
- 0041317c: CloseHandle (ord#0)
- 00413180: SetLastError (ord#0)
- 00413184: GetLastError (ord#0)
- 00413188: GetNumberFormatW (ord#0)
- Walking-> USER32
- 004131c4: wvsprintfA (ord#0)
- 004131c8: wvsprintfW (ord#0)
- 004131cc: ReleaseDC (ord#0)
- 004131d0: GetDC (ord#0)
- 004131d4: SendMessageW (ord#0)
- 004131d8: SetDlgItemTextW (ord#0)
- 004131dc: SetFocus (ord#0)
- 004131e0: EndDialog (ord#0)
- 004131e4: DestroyIcon (ord#0)
- 004131e8: SendDlgItemMessageW (ord#0)
- 004131ec: GetDlgItemTextW (ord#0)
- 004131f0: GetClassNameW (ord#0)
- 004131f4: DialogBoxParamW (ord#0)
- 004131f8: IsWindowVisible (ord#0)
- 004131fc: WaitForInputIdle (ord#0)
- 00413200: SetForegroundWindow (ord#0)
- 00413204: GetSysColor (ord#0)
- 00413208: PostMessageW (ord#0)
- 0041320c: LoadBitmapW (ord#0)
- 00413210: LoadIconW (ord#0)
- 00413214: CharToOemA (ord#0)
- 00413218: OemToCharA (ord#0)
- 0041321c: GetParent (ord#0)
- 00413220: MapWindowPoints (ord#0)
- 00413224: CreateWindowExW (ord#0)
- 00413228: UpdateWindow (ord#0)
- 0041322c: LoadCursorW (ord#0)
- 00413230: RegisterClassExW (ord#0)
- 00413234: SetWindowLongW (ord#0)
- 00413238: GetWindowLongW (ord#0)
- 0041323c: DefWindowProcW (ord#0)
- 00413240: PeekMessageW (ord#0)
- 00413244: GetMessageW (ord#0)
- 00413248: TranslateMessage (ord#0)
- 0041324c: DispatchMessageW (ord#0)
- 00413250: DestroyWindow (ord#0)
- 00413254: CopyRect (ord#0)
- 00413258: IsWindow (ord#0)
- 0041325c: CharToOemBuffW (ord#0)
- 00413260: MessageBoxW (ord#0)
- 00413264: ShowWindow (ord#0)
- 00413268: GetDlgItem (ord#0)
- 0041326c: EnableWindow (ord#0)
- 00413270: OemToCharBuffA (ord#0)
- 00413274: CharUpperA (ord#0)
- 00413278: CharToOemBuffA (ord#0)
- 0041327c: LoadStringW (ord#0)
- 00413280: SetWindowPos (ord#0)
- 00413284: GetWindowTextW (ord#0)
- 00413288: SetWindowTextW (ord#0)
- 0041328c: GetSystemMetrics (ord#0)
- 00413290: GetWindow (ord#0)
- 00413294: CharUpperW (ord#0)
- 00413298: FindWindowExW (ord#0)
- 0041329c: GetWindowRect (ord#0)
- 004132a0: GetClientRect (ord#0)
- Walking-> GDI32
- 00413044: GetDeviceCaps (ord#0)
- 00413048: GetObjectW (ord#0)
- 0041304c: CreateCompatibleBitmap (ord#0)
- 00413050: SelectObject (ord#0)
- 00413054: StretchBlt (ord#0)
- 00413058: CreateCompatibleDC (ord#0)
- 0041305c: DeleteObject (ord#0)
- 00413060: DeleteDC (ord#0)
- Walking-> COMDLG32
- 00413034: GetOpenFileNameW (ord#0)
- 00413038: CommDlgExtendedError (ord#0)
- 0041303c: GetSaveFileNameW (ord#0)
- Walking-> ADVAPI32
- 00413000: RegOpenKeyExW (ord#0)
- 00413004: LookupPrivilegeValueW (ord#0)
- 00413008: RegQueryValueExW (ord#0)
- 0041300c: RegCreateKeyExW (ord#0)
- 00413010: RegSetValueExW (ord#0)
- 00413014: RegCloseKey (ord#0)
- 00413018: SetFileSecurityW (ord#0)
- 0041301c: SetFileSecurityA (ord#0)
- 00413020: OpenProcessToken (ord#0)
- 00413024: AdjustTokenPrivileges (ord#0)
- Walking-> SHELL32
- 00413198: SHChangeNotify (ord#0)
- 0041319c: ShellExecuteExW (ord#0)
- 004131a0: SHFileOperationW (ord#0)
- 004131a4: SHGetFileInfoW (ord#0)
- 004131a8: SHGetSpecialFolderLocation (ord#0)
- 004131ac: SHGetMalloc (ord#0)
- 004131b0: SHBrowseForFolderW (ord#0)
- 004131b4: SHGetPathFromIDListW (ord#0)
- Walking-> ole32
- 004132a8: OleUninitialize (ord#0)
- 004132ac: OleInitialize (ord#0)
- 004132b0: CoCreateInstance (ord#0)
- 004132b4: CreateStreamOnHGlobal (ord#0)
- 004132b8: CLSIDFromString (ord#0)
- Walking-> OLEAUT32
- 00413190: ord#8
- Walking-> COMCTL32
- 0041302c: InitCommonControlsEx (ord#0)
- Walking-> SHLWAPI
- 004131bc: SHAutoComplete (ord#0)
- Walking-> KERNEL32
- 00413068: DeleteFileW (ord#0)
- 0041306c: DeleteFileA (ord#0)
- 00413070: CreateDirectoryA (ord#0)
- 00413074: CreateDirectoryW (ord#0)
- 00413078: FindClose (ord#0)
- 0041307c: FindNextFileA (ord#0)
- 00413080: FindFirstFileA (ord#0)
- 00413084: FindNextFileW (ord#0)
- 00413088: FindFirstFileW (ord#0)
- 0041308c: GetTickCount (ord#0)
- 00413090: WideCharToMultiByte (ord#0)
- 00413094: GlobalAlloc (ord#0)
- 00413098: GetVersionExW (ord#0)
- 0041309c: GetFullPathNameA (ord#0)
- 004130a0: GetFullPathNameW (ord#0)
- 004130a4: MultiByteToWideChar (ord#0)
- 004130a8: GetModuleFileNameW (ord#0)
- 004130ac: FindResourceW (ord#0)
- 004130b0: GetModuleHandleW (ord#0)
- 004130b4: HeapAlloc (ord#0)
- 004130b8: GetProcessHeap (ord#0)
- 004130bc: HeapFree (ord#0)
- 004130c0: HeapReAlloc (ord#0)
- 004130c4: CompareStringA (ord#0)
- 004130c8: ExitProcess (ord#0)
- 004130cc: GetLocaleInfoW (ord#0)
- 004130d0: SetFileAttributesW (ord#0)
- 004130d4: DosDateTimeToFileTime (ord#0)
- 004130d8: GetDateFormatW (ord#0)
- 004130dc: GetTimeFormatW (ord#0)
- 004130e0: FileTimeToSystemTime (ord#0)
- 004130e4: FileTimeToLocalFileTime (ord#0)
- 004130e8: ExpandEnvironmentStringsW (ord#0)
- 004130ec: WaitForSingleObject (ord#0)
- 004130f0: Sleep (ord#0)
- 004130f4: GetExitCodeProcess (ord#0)
- 004130f8: GetTempPathW (ord#0)
- 004130fc: MoveFileExW (ord#0)
- 00413100: UnmapViewOfFile (ord#0)
- 00413104: MapViewOfFile (ord#0)
- 00413108: GetCommandLineW (ord#0)
- 0041310c: CreateFileMappingW (ord#0)
- 00413110: SetEnvironmentVariableW (ord#0)
- 00413114: OpenFileMappingW (ord#0)
- 00413118: GetProcAddress (ord#0)
- 0041311c: LocalFileTimeToFileTime (ord#0)
- 00413120: SystemTimeToFileTime (ord#0)
- 00413124: GetSystemTime (ord#0)
- 00413128: CompareStringW (ord#0)
- 0041312c: IsDBCSLeadByte (ord#0)
- 00413130: GetCPInfo (ord#0)
- 00413134: SetCurrentDirectoryW (ord#0)
- 00413138: LoadLibraryW (ord#0)
- 0041313c: FreeLibrary (ord#0)
- 00413140: SetFileAttributesA (ord#0)
- 00413144: GetFileAttributesW (ord#0)
- 00413148: GetFileAttributesA (ord#0)
- 0041314c: WriteFile (ord#0)
- 00413150: GetStdHandle (ord#0)
- 00413154: ReadFile (ord#0)
- 00413158: CreateFileW (ord#0)
- 0041315c: GetCurrentDirectoryW (ord#0)
- 00413160: CreateFileA (ord#0)
- 00413164: GetFileType (ord#0)
- 00413168: SetEndOfFile (ord#0)
- 0041316c: SetFilePointer (ord#0)
- 00413170: MoveFileW (ord#0)
- 00413174: SetFileTime (ord#0)
- 00413178: GetCurrentProcess (ord#0)
- 0041317c: CloseHandle (ord#0)
- 00413180: SetLastError (ord#0)
- 00413184: GetLastError (ord#0)
- 00413188: GetNumberFormatW (ord#0)
- Walking-> USER32
- 004131c4: wvsprintfA (ord#0)
- 004131c8: wvsprintfW (ord#0)
- 004131cc: ReleaseDC (ord#0)
- 004131d0: GetDC (ord#0)
- 004131d4: SendMessageW (ord#0)
- 004131d8: SetDlgItemTextW (ord#0)
- 004131dc: SetFocus (ord#0)
- 004131e0: EndDialog (ord#0)
- 004131e4: DestroyIcon (ord#0)
- 004131e8: SendDlgItemMessageW (ord#0)
- 004131ec: GetDlgItemTextW (ord#0)
- 004131f0: GetClassNameW (ord#0)
- 004131f4: DialogBoxParamW (ord#0)
- 004131f8: IsWindowVisible (ord#0)
- 004131fc: WaitForInputIdle (ord#0)
- 00413200: SetForegroundWindow (ord#0)
- 00413204: GetSysColor (ord#0)
- 00413208: PostMessageW (ord#0)
- 0041320c: LoadBitmapW (ord#0)
- 00413210: LoadIconW (ord#0)
- 00413214: CharToOemA (ord#0)
- 00413218: OemToCharA (ord#0)
- 0041321c: GetParent (ord#0)
- 00413220: MapWindowPoints (ord#0)
- 00413224: CreateWindowExW (ord#0)
- 00413228: UpdateWindow (ord#0)
- 0041322c: LoadCursorW (ord#0)
- 00413230: RegisterClassExW (ord#0)
- 00413234: SetWindowLongW (ord#0)
- 00413238: GetWindowLongW (ord#0)
- 0041323c: DefWindowProcW (ord#0)
- 00413240: PeekMessageW (ord#0)
- 00413244: GetMessageW (ord#0)
- 00413248: TranslateMessage (ord#0)
- 0041324c: DispatchMessageW (ord#0)
- 00413250: DestroyWindow (ord#0)
- 00413254: CopyRect (ord#0)
- 00413258: IsWindow (ord#0)
- 0041325c: CharToOemBuffW (ord#0)
- 00413260: MessageBoxW (ord#0)
- 00413264: ShowWindow (ord#0)
- 00413268: GetDlgItem (ord#0)
- 0041326c: EnableWindow (ord#0)
- 00413270: OemToCharBuffA (ord#0)
- 00413274: CharUpperA (ord#0)
- 00413278: CharToOemBuffA (ord#0)
- 0041327c: LoadStringW (ord#0)
- 00413280: SetWindowPos (ord#0)
- 00413284: GetWindowTextW (ord#0)
- 00413288: SetWindowTextW (ord#0)
- 0041328c: GetSystemMetrics (ord#0)
- 00413290: GetWindow (ord#0)
- 00413294: CharUpperW (ord#0)
- 00413298: FindWindowExW (ord#0)
- 0041329c: GetWindowRect (ord#0)
- 004132a0: GetClientRect (ord#0)
- Walking-> GDI32
- 00413044: GetDeviceCaps (ord#0)
- 00413048: GetObjectW (ord#0)
- 0041304c: CreateCompatibleBitmap (ord#0)
- 00413050: SelectObject (ord#0)
- 00413054: StretchBlt (ord#0)
- 00413058: CreateCompatibleDC (ord#0)
- 0041305c: DeleteObject (ord#0)
- 00413060: DeleteDC (ord#0)
- Walking-> COMDLG32
- 00413034: GetOpenFileNameW (ord#0)
- 00413038: CommDlgExtendedError (ord#0)
- 0041303c: GetSaveFileNameW (ord#0)
- Walking-> ADVAPI32
- 00413000: RegOpenKeyExW (ord#0)
- 00413004: LookupPrivilegeValueW (ord#0)
- 00413008: RegQueryValueExW (ord#0)
- 0041300c: RegCreateKeyExW (ord#0)
- 00413010: RegSetValueExW (ord#0)
- 00413014: RegCloseKey (ord#0)
- 00413018: SetFileSecurityW (ord#0)
- 0041301c: SetFileSecurityA (ord#0)
- 00413020: OpenProcessToken (ord#0)
- 00413024: AdjustTokenPrivileges (ord#0)
- Walking-> SHELL32
- 00413198: SHChangeNotify (ord#0)
- 0041319c: ShellExecuteExW (ord#0)
- 004131a0: SHFileOperationW (ord#0)
- 004131a4: SHGetFileInfoW (ord#0)
- 004131a8: SHGetSpecialFolderLocation (ord#0)
- 004131ac: SHGetMalloc (ord#0)
- 004131b0: SHBrowseForFolderW (ord#0)
- 004131b4: SHGetPathFromIDListW (ord#0)
- Walking-> ole32
- 004132a8: OleUninitialize (ord#0)
- 004132ac: OleInitialize (ord#0)
- 004132b0: CoCreateInstance (ord#0)
- 004132b4: CreateStreamOnHGlobal (ord#0)
- 004132b8: CLSIDFromString (ord#0)
- Walking-> OLEAUT32
- 00413190: ord#8
- Walking-> COMCTL32
- 0041302c: InitCommonControlsEx (ord#0)
- Walking-> SHLWAPI
- 004131bc: SHAutoComplete (ord#0)
- Walking-> KERNEL32
- 00413068: DeleteFileW (ord#0)
- 0041306c: DeleteFileA (ord#0)
- 00413070: CreateDirectoryA (ord#0)
- 00413074: CreateDirectoryW (ord#0)
- 00413078: FindClose (ord#0)
- 0041307c: FindNextFileA (ord#0)
- 00413080: FindFirstFileA (ord#0)
- 00413084: FindNextFileW (ord#0)
- 00413088: FindFirstFileW (ord#0)
- 0041308c: GetTickCount (ord#0)
- 00413090: WideCharToMultiByte (ord#0)
- 00413094: GlobalAlloc (ord#0)
- 00413098: GetVersionExW (ord#0)
- 0041309c: GetFullPathNameA (ord#0)
- 004130a0: GetFullPathNameW (ord#0)
- 004130a4: MultiByteToWideChar (ord#0)
- 004130a8: GetModuleFileNameW (ord#0)
- 004130ac: FindResourceW (ord#0)
- 004130b0: GetModuleHandleW (ord#0)
- 004130b4: HeapAlloc (ord#0)
- 004130b8: GetProcessHeap (ord#0)
- 004130bc: HeapFree (ord#0)
- 004130c0: HeapReAlloc (ord#0)
- 004130c4: CompareStringA (ord#0)
- 004130c8: ExitProcess (ord#0)
- 004130cc: GetLocaleInfoW (ord#0)
- 004130d0: SetFileAttributesW (ord#0)
- 004130d4: DosDateTimeToFileTime (ord#0)
- 004130d8: GetDateFormatW (ord#0)
- 004130dc: GetTimeFormatW (ord#0)
- 004130e0: FileTimeToSystemTime (ord#0)
- 004130e4: FileTimeToLocalFileTime (ord#0)
- 004130e8: ExpandEnvironmentStringsW (ord#0)
- 004130ec: WaitForSingleObject (ord#0)
- 004130f0: Sleep (ord#0)
- 004130f4: GetExitCodeProcess (ord#0)
- 004130f8: GetTempPathW (ord#0)
- 004130fc: MoveFileExW (ord#0)
- 00413100: UnmapViewOfFile (ord#0)
- 00413104: MapViewOfFile (ord#0)
- 00413108: GetCommandLineW (ord#0)
- 0041310c: CreateFileMappingW (ord#0)
- 00413110: SetEnvironmentVariableW (ord#0)
- 00413114: OpenFileMappingW (ord#0)
- 00413118: GetProcAddress (ord#0)
- 0041311c: LocalFileTimeToFileTime (ord#0)
- 00413120: SystemTimeToFileTime (ord#0)
- 00413124: GetSystemTime (ord#0)
- 00413128: CompareStringW (ord#0)
- 0041312c: IsDBCSLeadByte (ord#0)
- 00413130: GetCPInfo (ord#0)
- 00413134: SetCurrentDirectoryW (ord#0)
- 00413138: LoadLibraryW (ord#0)
- 0041313c: FreeLibrary (ord#0)
- 00413140: SetFileAttributesA (ord#0)
- 00413144: GetFileAttributesW (ord#0)
- 00413148: GetFileAttributesA (ord#0)
- 0041314c: WriteFile (ord#0)
- 00413150: GetStdHandle (ord#0)
- 00413154: ReadFile (ord#0)
- 00413158: CreateFileW (ord#0)
- 0041315c: GetCurrentDirectoryW (ord#0)
- 00413160: CreateFileA (ord#0)
- 00413164: GetFileType (ord#0)
- 00413168: SetEndOfFile (ord#0)
- 0041316c: SetFilePointer (ord#0)
- 00413170: MoveFileW (ord#0)
- 00413174: SetFileTime (ord#0)
- 00413178: GetCurrentProcess (ord#0)
- 0041317c: CloseHandle (ord#0)
- 00413180: SetLastError (ord#0)
- 00413184: GetLastError (ord#0)
- 00413188: GetNumberFormatW (ord#0)
- Walking-> USER32
- 004131c4: wvsprintfA (ord#0)
- 004131c8: wvsprintfW (ord#0)
- 004131cc: ReleaseDC (ord#0)
- 004131d0: GetDC (ord#0)
- 004131d4: SendMessageW (ord#0)
- 004131d8: SetDlgItemTextW (ord#0)
- 004131dc: SetFocus (ord#0)
- 004131e0: EndDialog (ord#0)
- 004131e4: DestroyIcon (ord#0)
- 004131e8: SendDlgItemMessageW (ord#0)
- 004131ec: GetDlgItemTextW (ord#0)
- 004131f0: GetClassNameW (ord#0)
- 004131f4: DialogBoxParamW (ord#0)
- 004131f8: IsWindowVisible (ord#0)
- 004131fc: WaitForInputIdle (ord#0)
- 00413200: SetForegroundWindow (ord#0)
- 00413204: GetSysColor (ord#0)
- 00413208: PostMessageW (ord#0)
- 0041320c: LoadBitmapW (ord#0)
- 00413210: LoadIconW (ord#0)
- 00413214: CharToOemA (ord#0)
- 00413218: OemToCharA (ord#0)
- 0041321c: GetParent (ord#0)
- 00413220: MapWindowPoints (ord#0)
- 00413224: CreateWindowExW (ord#0)
- 00413228: UpdateWindow (ord#0)
- 0041322c: LoadCursorW (ord#0)
- 00413230: RegisterClassExW (ord#0)
- 00413234: SetWindowLongW (ord#0)
- 00413238: GetWindowLongW (ord#0)
- 0041323c: DefWindowProcW (ord#0)
- 00413240: PeekMessageW (ord#0)
- 00413244: GetMessageW (ord#0)
- 00413248: TranslateMessage (ord#0)
- 0041324c: DispatchMessageW (ord#0)
- 00413250: DestroyWindow (ord#0)
- 00413254: CopyRect (ord#0)
- 00413258: IsWindow (ord#0)
- 0041325c: CharToOemBuffW (ord#0)
- 00413260: MessageBoxW (ord#0)
- 00413264: ShowWindow (ord#0)
- 00413268: GetDlgItem (ord#0)
- 0041326c: EnableWindow (ord#0)
- 00413270: OemToCharBuffA (ord#0)
- 00413274: CharUpperA (ord#0)
- 00413278: CharToOemBuffA (ord#0)
- 0041327c: LoadStringW (ord#0)
- 00413280: SetWindowPos (ord#0)
- 00413284: GetWindowTextW (ord#0)
- 00413288: SetWindowTextW (ord#0)
- 0041328c: GetSystemMetrics (ord#0)
- 00413290: GetWindow (ord#0)
- 00413294: CharUpperW (ord#0)
- 00413298: FindWindowExW (ord#0)
- 0041329c: GetWindowRect (ord#0)
- 004132a0: GetClientRect (ord#0)
- Walking-> GDI32
- 00413044: GetDeviceCaps (ord#0)
- 00413048: GetObjectW (ord#0)
- 0041304c: CreateCompatibleBitmap (ord#0)
- 00413050: SelectObject (ord#0)
- 00413054: StretchBlt (ord#0)
- 00413058: CreateCompatibleDC (ord#0)
- 0041305c: DeleteObject (ord#0)
- 00413060: DeleteDC (ord#0)
- Walking-> COMDLG32
- 00413034: GetOpenFileNameW (ord#0)
- 00413038: CommDlgExtendedError (ord#0)
- 0041303c: GetSaveFileNameW (ord#0)
- Walking-> ADVAPI32
- 00413000: RegOpenKeyExW (ord#0)
- 00413004: LookupPrivilegeValueW (ord#0)
- 00413008: RegQueryValueExW (ord#0)
- 0041300c: RegCreateKeyExW (ord#0)
- 00413010: RegSetValueExW (ord#0)
- 00413014: RegCloseKey (ord#0)
- 00413018: SetFileSecurityW (ord#0)
- 0041301c: SetFileSecurityA (ord#0)
- 00413020: OpenProcessToken (ord#0)
- 00413024: AdjustTokenPrivileges (ord#0)
- Walking-> SHELL32
- 00413198: SHChangeNotify (ord#0)
- 0041319c: ShellExecuteExW (ord#0)
- 004131a0: SHFileOperationW (ord#0)
- 004131a4: SHGetFileInfoW (ord#0)
- 004131a8: SHGetSpecialFolderLocation (ord#0)
- 004131ac: SHGetMalloc (ord#0)
- 004131b0: SHBrowseForFolderW (ord#0)
- 004131b4: SHGetPathFromIDListW (ord#0)
- Walking-> ole32
- 004132a8: OleUninitialize (ord#0)
- 004132ac: OleInitialize (ord#0)
- 004132b0: CoCreateInstance (ord#0)
- 004132b4: CreateStreamOnHGlobal (ord#0)
- 004132b8: CLSIDFromString (ord#0)
- Walking-> OLEAUT32
- 00413190: ord#8
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement