Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [*] MalFamily: ""
- [*] MalScore: 10.0
- [*] File Name: "Formbook_172de562dc178cee37fb9516b5048047.exe"
- [*] File Size: 693760
- [*] File Type: "PE32 executable (GUI) Intel 80386, for MS Windows"
- [*] SHA256: "bdc020ed4558d54b6c6769355b378a1bc11c4411bc4512fe79921a8239c17a4f"
- [*] MD5: "172de562dc178cee37fb9516b5048047"
- [*] SHA1: "9be26721f1deda6e34157affd85e12b38df8c129"
- [*] SHA512: "f92168387c6cb8d7e3e97100549c0b45a5692ec2dedb351b7bc863186ebc1f896a92ec09bbf0d1eb1bc72e8554018c730435ccb0fdbef5873e2e8506c20dfc3f"
- [*] CRC32: "95E2D3DC"
- [*] SSDEEP: "12288:2MnlidvN1rCQFC53qWagQ3nbA8Lx/BFKjyTiAjzl5T:2mQFzDFCRUg2VxvTiAPj"
- [*] Process Execution: []
- [*] Signatures Detected: [
- {
- "Description": "The binary likely contains encrypted or compressed data.",
- "Details": [
- {
- "section": "name: .rsrc, entropy: 7.46, characteristics: IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ, raw_size: 0x00033e00, virtual_size: 0x00033d2c"
- }
- ]
- },
- {
- "Description": "File has been identified by 38 Antiviruses on VirusTotal as malicious",
- "Details": [
- {
- "MicroWorld-eScan": "Trojan.Agent.DZHI"
- },
- {
- "FireEye": "Generic.mg.172de562dc178cee"
- },
- {
- "McAfee": "Packed-FUC!172DE562DC17"
- },
- {
- "BitDefender": "Trojan.Agent.DZHI"
- },
- {
- "TrendMicro": "TSPY_HPFAREIT.SMROX"
- },
- {
- "Cyren": "W32/Trojan.JKZJ-5669"
- },
- {
- "Symantec": "ML.Attribute.HighConfidence"
- },
- {
- "APEX": "Malicious"
- },
- {
- "Kaspersky": "HEUR:Trojan.Win32.Kryptik.gen"
- },
- {
- "Ad-Aware": "Trojan.Agent.DZHI"
- },
- {
- "Sophos": "Mal/Fareit-V"
- },
- {
- "F-Secure": "Trojan.TR/Kryptik.tthhb"
- },
- {
- "DrWeb": "Trojan.PWS.Stealer.23680"
- },
- {
- "Invincea": "heuristic"
- },
- {
- "McAfee-GW-Edition": "BehavesLike.Win32.Fareit.jc"
- },
- {
- "Emsisoft": "Trojan.Agent.DZHI (B)"
- },
- {
- "SentinelOne": "DFI - Malicious PE"
- },
- {
- "F-Prot": "W32/Trojan3.AOCN"
- },
- {
- "Avira": "TR/Kryptik.tthhb"
- },
- {
- "Fortinet": "W32/GenKryptik.DLKJ!tr"
- },
- {
- "Endgame": "malicious (high confidence)"
- },
- {
- "Arcabit": "Trojan.Agent.DZHI"
- },
- {
- "ZoneAlarm": "HEUR:Trojan.Win32.Kryptik.gen"
- },
- {
- "Microsoft": "Trojan:Win32/Wacatac.B!ml"
- },
- {
- "AhnLab-V3": "Win-Trojan/Delphiless.Exp"
- },
- {
- "Acronis": "suspicious"
- },
- {
- "MAX": "malware (ai score=83)"
- },
- {
- "Cylance": "Unsafe"
- },
- {
- "Panda": "Trj/CI.A"
- },
- {
- "ESET-NOD32": "a variant of Win32/Injector.EGGP"
- },
- {
- "TrendMicro-HouseCall": "TSPY_HPFAREIT.SMROX"
- },
- {
- "Rising": "Trojan.GenKryptik!8.AA55/N3#92% (RDM+:cmRtazquFb0dSKO1QUGRgA66hGHb)"
- },
- {
- "GData": "Trojan.Agent.DZHI"
- },
- {
- "AVG": "Win32:Malware-gen"
- },
- {
- "Cybereason": "malicious.1f1ded"
- },
- {
- "Avast": "Win32:Malware-gen"
- },
- {
- "CrowdStrike": "win/malicious_confidence_100% (D)"
- },
- {
- "Qihoo-360": "HEUR/QVM05.1.216B.Malware.Gen"
- }
- ]
- },
- {
- "Description": "Anomalous binary characteristics",
- "Details": [
- {
- "anomaly": "Timestamp on binary predates the release date of the OS version it requires by at least a year"
- }
- ]
- }
- ]
- [*] Started Service: []
- [*] Executed Commands: []
- [*] Mutexes: []
- [*] Modified Files: []
- [*] Deleted Files: []
- [*] Modified Registry Keys: []
- [*] Deleted Registry Keys: []
- [*] DNS Communications: []
- [*] Domains: []
- [*] Network Communication - ICMP: []
- [*] Network Communication - HTTP: []
- [*] Network Communication - SMTP: []
- [*] Network Communication - Hosts: []
- [*] Network Communication - IRC: []
- [*] Static Analysis: {
- "pe": {
- "peid_signatures": null,
- "imports": [
- {
- "imports": [
- {
- "name": "DeleteCriticalSection",
- "address": "0x46f168"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x46f16c"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x46f170"
- },
- {
- "name": "InitializeCriticalSection",
- "address": "0x46f174"
- },
- {
- "name": "VirtualFree",
- "address": "0x46f178"
- },
- {
- "name": "VirtualAlloc",
- "address": "0x46f17c"
- },
- {
- "name": "LocalFree",
- "address": "0x46f180"
- },
- {
- "name": "LocalAlloc",
- "address": "0x46f184"
- },
- {
- "name": "GetVersion",
- "address": "0x46f188"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x46f18c"
- },
- {
- "name": "InterlockedDecrement",
- "address": "0x46f190"
- },
- {
- "name": "InterlockedIncrement",
- "address": "0x46f194"
- },
- {
- "name": "VirtualQuery",
- "address": "0x46f198"
- },
- {
- "name": "WideCharToMultiByte",
- "address": "0x46f19c"
- },
- {
- "name": "MultiByteToWideChar",
- "address": "0x46f1a0"
- },
- {
- "name": "lstrlenA",
- "address": "0x46f1a4"
- },
- {
- "name": "lstrcpynA",
- "address": "0x46f1a8"
- },
- {
- "name": "LoadLibraryExA",
- "address": "0x46f1ac"
- },
- {
- "name": "GetThreadLocale",
- "address": "0x46f1b0"
- },
- {
- "name": "GetStartupInfoA",
- "address": "0x46f1b4"
- },
- {
- "name": "GetProcAddress",
- "address": "0x46f1b8"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46f1bc"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x46f1c0"
- },
- {
- "name": "GetLocaleInfoA",
- "address": "0x46f1c4"
- },
- {
- "name": "GetCommandLineA",
- "address": "0x46f1c8"
- },
- {
- "name": "FreeLibrary",
- "address": "0x46f1cc"
- },
- {
- "name": "FindFirstFileA",
- "address": "0x46f1d0"
- },
- {
- "name": "FindClose",
- "address": "0x46f1d4"
- },
- {
- "name": "ExitProcess",
- "address": "0x46f1d8"
- },
- {
- "name": "WriteFile",
- "address": "0x46f1dc"
- },
- {
- "name": "UnhandledExceptionFilter",
- "address": "0x46f1e0"
- },
- {
- "name": "RtlUnwind",
- "address": "0x46f1e4"
- },
- {
- "name": "RaiseException",
- "address": "0x46f1e8"
- },
- {
- "name": "GetStdHandle",
- "address": "0x46f1ec"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "GetKeyboardType",
- "address": "0x46f1f4"
- },
- {
- "name": "LoadStringA",
- "address": "0x46f1f8"
- },
- {
- "name": "MessageBoxA",
- "address": "0x46f1fc"
- },
- {
- "name": "CharNextA",
- "address": "0x46f200"
- }
- ],
- "dll": "user32.dll"
- },
- {
- "imports": [
- {
- "name": "RegQueryValueExA",
- "address": "0x46f208"
- },
- {
- "name": "RegOpenKeyExA",
- "address": "0x46f20c"
- },
- {
- "name": "RegCloseKey",
- "address": "0x46f210"
- }
- ],
- "dll": "advapi32.dll"
- },
- {
- "imports": [
- {
- "name": "SysFreeString",
- "address": "0x46f218"
- },
- {
- "name": "SysReAllocStringLen",
- "address": "0x46f21c"
- },
- {
- "name": "SysAllocStringLen",
- "address": "0x46f220"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "TlsSetValue",
- "address": "0x46f228"
- },
- {
- "name": "TlsGetValue",
- "address": "0x46f22c"
- },
- {
- "name": "LocalAlloc",
- "address": "0x46f230"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46f234"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "RegQueryValueExA",
- "address": "0x46f23c"
- },
- {
- "name": "RegOpenKeyExA",
- "address": "0x46f240"
- },
- {
- "name": "RegCloseKey",
- "address": "0x46f244"
- }
- ],
- "dll": "advapi32.dll"
- },
- {
- "imports": [
- {
- "name": "lstrcpyA",
- "address": "0x46f24c"
- },
- {
- "name": "WriteFile",
- "address": "0x46f250"
- },
- {
- "name": "WaitForSingleObject",
- "address": "0x46f254"
- },
- {
- "name": "VirtualQuery",
- "address": "0x46f258"
- },
- {
- "name": "VirtualAlloc",
- "address": "0x46f25c"
- },
- {
- "name": "Sleep",
- "address": "0x46f260"
- },
- {
- "name": "SizeofResource",
- "address": "0x46f264"
- },
- {
- "name": "SetThreadLocale",
- "address": "0x46f268"
- },
- {
- "name": "SetFilePointer",
- "address": "0x46f26c"
- },
- {
- "name": "SetEvent",
- "address": "0x46f270"
- },
- {
- "name": "SetErrorMode",
- "address": "0x46f274"
- },
- {
- "name": "SetEndOfFile",
- "address": "0x46f278"
- },
- {
- "name": "ResetEvent",
- "address": "0x46f27c"
- },
- {
- "name": "ReadFile",
- "address": "0x46f280"
- },
- {
- "name": "MultiByteToWideChar",
- "address": "0x46f284"
- },
- {
- "name": "MulDiv",
- "address": "0x46f288"
- },
- {
- "name": "LockResource",
- "address": "0x46f28c"
- },
- {
- "name": "LoadResource",
- "address": "0x46f290"
- },
- {
- "name": "LoadLibraryA",
- "address": "0x46f294"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x46f298"
- },
- {
- "name": "InitializeCriticalSection",
- "address": "0x46f29c"
- },
- {
- "name": "GlobalUnlock",
- "address": "0x46f2a0"
- },
- {
- "name": "GlobalSize",
- "address": "0x46f2a4"
- },
- {
- "name": "GlobalReAlloc",
- "address": "0x46f2a8"
- },
- {
- "name": "GlobalHandle",
- "address": "0x46f2ac"
- },
- {
- "name": "GlobalLock",
- "address": "0x46f2b0"
- },
- {
- "name": "GlobalFree",
- "address": "0x46f2b4"
- },
- {
- "name": "GlobalFindAtomA",
- "address": "0x46f2b8"
- },
- {
- "name": "GlobalDeleteAtom",
- "address": "0x46f2bc"
- },
- {
- "name": "GlobalAlloc",
- "address": "0x46f2c0"
- },
- {
- "name": "GlobalAddAtomA",
- "address": "0x46f2c4"
- },
- {
- "name": "GetVersionExA",
- "address": "0x46f2c8"
- },
- {
- "name": "GetVersion",
- "address": "0x46f2cc"
- },
- {
- "name": "GetUserDefaultLCID",
- "address": "0x46f2d0"
- },
- {
- "name": "GetTickCount",
- "address": "0x46f2d4"
- },
- {
- "name": "GetThreadLocale",
- "address": "0x46f2d8"
- },
- {
- "name": "GetSystemInfo",
- "address": "0x46f2dc"
- },
- {
- "name": "GetStringTypeExA",
- "address": "0x46f2e0"
- },
- {
- "name": "GetStdHandle",
- "address": "0x46f2e4"
- },
- {
- "name": "GetProfileStringA",
- "address": "0x46f2e8"
- },
- {
- "name": "GetProcAddress",
- "address": "0x46f2ec"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46f2f0"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x46f2f4"
- },
- {
- "name": "GetLocaleInfoA",
- "address": "0x46f2f8"
- },
- {
- "name": "GetLocalTime",
- "address": "0x46f2fc"
- },
- {
- "name": "GetLastError",
- "address": "0x46f300"
- },
- {
- "name": "GetFullPathNameA",
- "address": "0x46f304"
- },
- {
- "name": "GetDiskFreeSpaceA",
- "address": "0x46f308"
- },
- {
- "name": "GetDateFormatA",
- "address": "0x46f30c"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x46f310"
- },
- {
- "name": "GetCurrentProcessId",
- "address": "0x46f314"
- },
- {
- "name": "GetComputerNameA",
- "address": "0x46f318"
- },
- {
- "name": "GetCPInfo",
- "address": "0x46f31c"
- },
- {
- "name": "GetACP",
- "address": "0x46f320"
- },
- {
- "name": "FreeResource",
- "address": "0x46f324"
- },
- {
- "name": "InterlockedExchange",
- "address": "0x46f328"
- },
- {
- "name": "FreeLibrary",
- "address": "0x46f32c"
- },
- {
- "name": "FormatMessageA",
- "address": "0x46f330"
- },
- {
- "name": "FindResourceA",
- "address": "0x46f334"
- },
- {
- "name": "EnumCalendarInfoA",
- "address": "0x46f338"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x46f33c"
- },
- {
- "name": "DeleteCriticalSection",
- "address": "0x46f340"
- },
- {
- "name": "CreateThread",
- "address": "0x46f344"
- },
- {
- "name": "CreateFileA",
- "address": "0x46f348"
- },
- {
- "name": "CreateEventA",
- "address": "0x46f34c"
- },
- {
- "name": "CompareStringA",
- "address": "0x46f350"
- },
- {
- "name": "CloseHandle",
- "address": "0x46f354"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "VerQueryValueA",
- "address": "0x46f35c"
- },
- {
- "name": "GetFileVersionInfoSizeA",
- "address": "0x46f360"
- },
- {
- "name": "GetFileVersionInfoA",
- "address": "0x46f364"
- }
- ],
- "dll": "version.dll"
- },
- {
- "imports": [
- {
- "name": "UnrealizeObject",
- "address": "0x46f36c"
- },
- {
- "name": "StretchBlt",
- "address": "0x46f370"
- },
- {
- "name": "SetWindowOrgEx",
- "address": "0x46f374"
- },
- {
- "name": "SetWinMetaFileBits",
- "address": "0x46f378"
- },
- {
- "name": "SetViewportOrgEx",
- "address": "0x46f37c"
- },
- {
- "name": "SetTextColor",
- "address": "0x46f380"
- },
- {
- "name": "SetStretchBltMode",
- "address": "0x46f384"
- },
- {
- "name": "SetROP2",
- "address": "0x46f388"
- },
- {
- "name": "SetPixel",
- "address": "0x46f38c"
- },
- {
- "name": "SetMapMode",
- "address": "0x46f390"
- },
- {
- "name": "SetEnhMetaFileBits",
- "address": "0x46f394"
- },
- {
- "name": "SetDIBColorTable",
- "address": "0x46f398"
- },
- {
- "name": "SetBrushOrgEx",
- "address": "0x46f39c"
- },
- {
- "name": "SetBkMode",
- "address": "0x46f3a0"
- },
- {
- "name": "SetBkColor",
- "address": "0x46f3a4"
- },
- {
- "name": "SelectPalette",
- "address": "0x46f3a8"
- },
- {
- "name": "SelectObject",
- "address": "0x46f3ac"
- },
- {
- "name": "SelectClipRgn",
- "address": "0x46f3b0"
- },
- {
- "name": "ScaleWindowExtEx",
- "address": "0x46f3b4"
- },
- {
- "name": "SaveDC",
- "address": "0x46f3b8"
- },
- {
- "name": "RestoreDC",
- "address": "0x46f3bc"
- },
- {
- "name": "RectVisible",
- "address": "0x46f3c0"
- },
- {
- "name": "RealizePalette",
- "address": "0x46f3c4"
- },
- {
- "name": "PlayEnhMetaFile",
- "address": "0x46f3c8"
- },
- {
- "name": "PathToRegion",
- "address": "0x46f3cc"
- },
- {
- "name": "PatBlt",
- "address": "0x46f3d0"
- },
- {
- "name": "MoveToEx",
- "address": "0x46f3d4"
- },
- {
- "name": "MaskBlt",
- "address": "0x46f3d8"
- },
- {
- "name": "LineTo",
- "address": "0x46f3dc"
- },
- {
- "name": "LPtoDP",
- "address": "0x46f3e0"
- },
- {
- "name": "IntersectClipRect",
- "address": "0x46f3e4"
- },
- {
- "name": "GetWindowOrgEx",
- "address": "0x46f3e8"
- },
- {
- "name": "GetWinMetaFileBits",
- "address": "0x46f3ec"
- },
- {
- "name": "GetTextMetricsA",
- "address": "0x46f3f0"
- },
- {
- "name": "GetTextExtentPoint32A",
- "address": "0x46f3f4"
- },
- {
- "name": "GetSystemPaletteEntries",
- "address": "0x46f3f8"
- },
- {
- "name": "GetStockObject",
- "address": "0x46f3fc"
- },
- {
- "name": "GetPixel",
- "address": "0x46f400"
- },
- {
- "name": "GetPaletteEntries",
- "address": "0x46f404"
- },
- {
- "name": "GetObjectA",
- "address": "0x46f408"
- },
- {
- "name": "GetEnhMetaFilePaletteEntries",
- "address": "0x46f40c"
- },
- {
- "name": "GetEnhMetaFileHeader",
- "address": "0x46f410"
- },
- {
- "name": "GetEnhMetaFileDescriptionA",
- "address": "0x46f414"
- },
- {
- "name": "GetEnhMetaFileBits",
- "address": "0x46f418"
- },
- {
- "name": "GetDeviceCaps",
- "address": "0x46f41c"
- },
- {
- "name": "GetDIBits",
- "address": "0x46f420"
- },
- {
- "name": "GetDIBColorTable",
- "address": "0x46f424"
- },
- {
- "name": "GetDCOrgEx",
- "address": "0x46f428"
- },
- {
- "name": "GetCurrentPositionEx",
- "address": "0x46f42c"
- },
- {
- "name": "GetClipBox",
- "address": "0x46f430"
- },
- {
- "name": "GetBrushOrgEx",
- "address": "0x46f434"
- },
- {
- "name": "GetBitmapBits",
- "address": "0x46f438"
- },
- {
- "name": "ExcludeClipRect",
- "address": "0x46f43c"
- },
- {
- "name": "EndPage",
- "address": "0x46f440"
- },
- {
- "name": "EndDoc",
- "address": "0x46f444"
- },
- {
- "name": "DeleteObject",
- "address": "0x46f448"
- },
- {
- "name": "DeleteEnhMetaFile",
- "address": "0x46f44c"
- },
- {
- "name": "DeleteDC",
- "address": "0x46f450"
- },
- {
- "name": "CreateSolidBrush",
- "address": "0x46f454"
- },
- {
- "name": "CreatePenIndirect",
- "address": "0x46f458"
- },
- {
- "name": "CreatePalette",
- "address": "0x46f45c"
- },
- {
- "name": "CreateICA",
- "address": "0x46f460"
- },
- {
- "name": "CreateHalftonePalette",
- "address": "0x46f464"
- },
- {
- "name": "CreateFontIndirectA",
- "address": "0x46f468"
- },
- {
- "name": "CreateEnhMetaFileA",
- "address": "0x46f46c"
- },
- {
- "name": "CreateDIBitmap",
- "address": "0x46f470"
- },
- {
- "name": "CreateDIBSection",
- "address": "0x46f474"
- },
- {
- "name": "CreateDCA",
- "address": "0x46f478"
- },
- {
- "name": "CreateCompatibleDC",
- "address": "0x46f47c"
- },
- {
- "name": "CreateCompatibleBitmap",
- "address": "0x46f480"
- },
- {
- "name": "CreateBrushIndirect",
- "address": "0x46f484"
- },
- {
- "name": "CreateBitmap",
- "address": "0x46f488"
- },
- {
- "name": "CopyEnhMetaFileA",
- "address": "0x46f48c"
- },
- {
- "name": "CloseEnhMetaFile",
- "address": "0x46f490"
- },
- {
- "name": "BitBlt",
- "address": "0x46f494"
- }
- ],
- "dll": "gdi32.dll"
- },
- {
- "imports": [
- {
- "name": "CreateWindowExA",
- "address": "0x46f49c"
- },
- {
- "name": "WindowFromPoint",
- "address": "0x46f4a0"
- },
- {
- "name": "WinHelpA",
- "address": "0x46f4a4"
- },
- {
- "name": "WaitMessage",
- "address": "0x46f4a8"
- },
- {
- "name": "UpdateWindow",
- "address": "0x46f4ac"
- },
- {
- "name": "UnregisterClassA",
- "address": "0x46f4b0"
- },
- {
- "name": "UnhookWindowsHookEx",
- "address": "0x46f4b4"
- },
- {
- "name": "TranslateMessage",
- "address": "0x46f4b8"
- },
- {
- "name": "TranslateMDISysAccel",
- "address": "0x46f4bc"
- },
- {
- "name": "TrackPopupMenu",
- "address": "0x46f4c0"
- },
- {
- "name": "SystemParametersInfoA",
- "address": "0x46f4c4"
- },
- {
- "name": "ShowWindow",
- "address": "0x46f4c8"
- },
- {
- "name": "ShowScrollBar",
- "address": "0x46f4cc"
- },
- {
- "name": "ShowOwnedPopups",
- "address": "0x46f4d0"
- },
- {
- "name": "ShowCursor",
- "address": "0x46f4d4"
- },
- {
- "name": "SetWindowsHookExA",
- "address": "0x46f4d8"
- },
- {
- "name": "SetWindowTextA",
- "address": "0x46f4dc"
- },
- {
- "name": "SetWindowPos",
- "address": "0x46f4e0"
- },
- {
- "name": "SetWindowPlacement",
- "address": "0x46f4e4"
- },
- {
- "name": "SetWindowLongA",
- "address": "0x46f4e8"
- },
- {
- "name": "SetTimer",
- "address": "0x46f4ec"
- },
- {
- "name": "SetScrollRange",
- "address": "0x46f4f0"
- },
- {
- "name": "SetScrollPos",
- "address": "0x46f4f4"
- },
- {
- "name": "SetScrollInfo",
- "address": "0x46f4f8"
- },
- {
- "name": "SetRect",
- "address": "0x46f4fc"
- },
- {
- "name": "SetPropA",
- "address": "0x46f500"
- },
- {
- "name": "SetParent",
- "address": "0x46f504"
- },
- {
- "name": "SetMenuItemInfoA",
- "address": "0x46f508"
- },
- {
- "name": "SetMenu",
- "address": "0x46f50c"
- },
- {
- "name": "SetKeyboardState",
- "address": "0x46f510"
- },
- {
- "name": "SetForegroundWindow",
- "address": "0x46f514"
- },
- {
- "name": "SetFocus",
- "address": "0x46f518"
- },
- {
- "name": "SetCursor",
- "address": "0x46f51c"
- },
- {
- "name": "SetClipboardData",
- "address": "0x46f520"
- },
- {
- "name": "SetClassLongA",
- "address": "0x46f524"
- },
- {
- "name": "SetCapture",
- "address": "0x46f528"
- },
- {
- "name": "SetActiveWindow",
- "address": "0x46f52c"
- },
- {
- "name": "SendMessageA",
- "address": "0x46f530"
- },
- {
- "name": "ScrollWindow",
- "address": "0x46f534"
- },
- {
- "name": "ScreenToClient",
- "address": "0x46f538"
- },
- {
- "name": "RemovePropA",
- "address": "0x46f53c"
- },
- {
- "name": "RemoveMenu",
- "address": "0x46f540"
- },
- {
- "name": "ReleaseDC",
- "address": "0x46f544"
- },
- {
- "name": "ReleaseCapture",
- "address": "0x46f548"
- },
- {
- "name": "RegisterWindowMessageA",
- "address": "0x46f54c"
- },
- {
- "name": "RegisterClipboardFormatA",
- "address": "0x46f550"
- },
- {
- "name": "RegisterClassA",
- "address": "0x46f554"
- },
- {
- "name": "RedrawWindow",
- "address": "0x46f558"
- },
- {
- "name": "PtInRect",
- "address": "0x46f55c"
- },
- {
- "name": "PostQuitMessage",
- "address": "0x46f560"
- },
- {
- "name": "PostMessageA",
- "address": "0x46f564"
- },
- {
- "name": "PeekMessageA",
- "address": "0x46f568"
- },
- {
- "name": "OpenClipboard",
- "address": "0x46f56c"
- },
- {
- "name": "OffsetRect",
- "address": "0x46f570"
- },
- {
- "name": "OemToCharA",
- "address": "0x46f574"
- },
- {
- "name": "MessageBoxA",
- "address": "0x46f578"
- },
- {
- "name": "MessageBeep",
- "address": "0x46f57c"
- },
- {
- "name": "MapWindowPoints",
- "address": "0x46f580"
- },
- {
- "name": "MapVirtualKeyA",
- "address": "0x46f584"
- },
- {
- "name": "LoadStringA",
- "address": "0x46f588"
- },
- {
- "name": "LoadKeyboardLayoutA",
- "address": "0x46f58c"
- },
- {
- "name": "LoadIconA",
- "address": "0x46f590"
- },
- {
- "name": "LoadCursorA",
- "address": "0x46f594"
- },
- {
- "name": "LoadBitmapA",
- "address": "0x46f598"
- },
- {
- "name": "KillTimer",
- "address": "0x46f59c"
- },
- {
- "name": "IsZoomed",
- "address": "0x46f5a0"
- },
- {
- "name": "IsWindowVisible",
- "address": "0x46f5a4"
- },
- {
- "name": "IsWindowEnabled",
- "address": "0x46f5a8"
- },
- {
- "name": "IsWindow",
- "address": "0x46f5ac"
- },
- {
- "name": "IsRectEmpty",
- "address": "0x46f5b0"
- },
- {
- "name": "IsIconic",
- "address": "0x46f5b4"
- },
- {
- "name": "IsDialogMessageA",
- "address": "0x46f5b8"
- },
- {
- "name": "IsChild",
- "address": "0x46f5bc"
- },
- {
- "name": "IsCharAlphaNumericA",
- "address": "0x46f5c0"
- },
- {
- "name": "IsCharAlphaA",
- "address": "0x46f5c4"
- },
- {
- "name": "InvalidateRect",
- "address": "0x46f5c8"
- },
- {
- "name": "IntersectRect",
- "address": "0x46f5cc"
- },
- {
- "name": "InsertMenuItemA",
- "address": "0x46f5d0"
- },
- {
- "name": "InsertMenuA",
- "address": "0x46f5d4"
- },
- {
- "name": "InflateRect",
- "address": "0x46f5d8"
- },
- {
- "name": "GetWindowThreadProcessId",
- "address": "0x46f5dc"
- },
- {
- "name": "GetWindowTextA",
- "address": "0x46f5e0"
- },
- {
- "name": "GetWindowRect",
- "address": "0x46f5e4"
- },
- {
- "name": "GetWindowPlacement",
- "address": "0x46f5e8"
- },
- {
- "name": "GetWindowLongA",
- "address": "0x46f5ec"
- },
- {
- "name": "GetWindowDC",
- "address": "0x46f5f0"
- },
- {
- "name": "GetTopWindow",
- "address": "0x46f5f4"
- },
- {
- "name": "GetSystemMetrics",
- "address": "0x46f5f8"
- },
- {
- "name": "GetSystemMenu",
- "address": "0x46f5fc"
- },
- {
- "name": "GetSysColorBrush",
- "address": "0x46f600"
- },
- {
- "name": "GetSysColor",
- "address": "0x46f604"
- },
- {
- "name": "GetSubMenu",
- "address": "0x46f608"
- },
- {
- "name": "GetScrollRange",
- "address": "0x46f60c"
- },
- {
- "name": "GetScrollPos",
- "address": "0x46f610"
- },
- {
- "name": "GetScrollInfo",
- "address": "0x46f614"
- },
- {
- "name": "GetPropA",
- "address": "0x46f618"
- },
- {
- "name": "GetParent",
- "address": "0x46f61c"
- },
- {
- "name": "GetWindow",
- "address": "0x46f620"
- },
- {
- "name": "GetMessageTime",
- "address": "0x46f624"
- },
- {
- "name": "GetMenuStringA",
- "address": "0x46f628"
- },
- {
- "name": "GetMenuState",
- "address": "0x46f62c"
- },
- {
- "name": "GetMenuItemInfoA",
- "address": "0x46f630"
- },
- {
- "name": "GetMenuItemID",
- "address": "0x46f634"
- },
- {
- "name": "GetMenuItemCount",
- "address": "0x46f638"
- },
- {
- "name": "GetMenu",
- "address": "0x46f63c"
- },
- {
- "name": "GetLastActivePopup",
- "address": "0x46f640"
- },
- {
- "name": "GetKeyboardState",
- "address": "0x46f644"
- },
- {
- "name": "GetKeyboardLayoutList",
- "address": "0x46f648"
- },
- {
- "name": "GetKeyboardLayout",
- "address": "0x46f64c"
- },
- {
- "name": "GetKeyState",
- "address": "0x46f650"
- },
- {
- "name": "GetKeyNameTextA",
- "address": "0x46f654"
- },
- {
- "name": "GetIconInfo",
- "address": "0x46f658"
- },
- {
- "name": "GetForegroundWindow",
- "address": "0x46f65c"
- },
- {
- "name": "GetFocus",
- "address": "0x46f660"
- },
- {
- "name": "GetDesktopWindow",
- "address": "0x46f664"
- },
- {
- "name": "GetDCEx",
- "address": "0x46f668"
- },
- {
- "name": "GetDC",
- "address": "0x46f66c"
- },
- {
- "name": "GetCursorPos",
- "address": "0x46f670"
- },
- {
- "name": "GetCursor",
- "address": "0x46f674"
- },
- {
- "name": "GetClipboardData",
- "address": "0x46f678"
- },
- {
- "name": "GetClientRect",
- "address": "0x46f67c"
- },
- {
- "name": "GetClassNameA",
- "address": "0x46f680"
- },
- {
- "name": "GetClassInfoA",
- "address": "0x46f684"
- },
- {
- "name": "GetCapture",
- "address": "0x46f688"
- },
- {
- "name": "GetActiveWindow",
- "address": "0x46f68c"
- },
- {
- "name": "FrameRect",
- "address": "0x46f690"
- },
- {
- "name": "FindWindowA",
- "address": "0x46f694"
- },
- {
- "name": "FillRect",
- "address": "0x46f698"
- },
- {
- "name": "EqualRect",
- "address": "0x46f69c"
- },
- {
- "name": "EnumWindows",
- "address": "0x46f6a0"
- },
- {
- "name": "EnumThreadWindows",
- "address": "0x46f6a4"
- },
- {
- "name": "EnumClipboardFormats",
- "address": "0x46f6a8"
- },
- {
- "name": "EndPaint",
- "address": "0x46f6ac"
- },
- {
- "name": "EndDeferWindowPos",
- "address": "0x46f6b0"
- },
- {
- "name": "EnableWindow",
- "address": "0x46f6b4"
- },
- {
- "name": "EnableScrollBar",
- "address": "0x46f6b8"
- },
- {
- "name": "EnableMenuItem",
- "address": "0x46f6bc"
- },
- {
- "name": "EmptyClipboard",
- "address": "0x46f6c0"
- },
- {
- "name": "DrawTextA",
- "address": "0x46f6c4"
- },
- {
- "name": "DrawMenuBar",
- "address": "0x46f6c8"
- },
- {
- "name": "DrawIconEx",
- "address": "0x46f6cc"
- },
- {
- "name": "DrawIcon",
- "address": "0x46f6d0"
- },
- {
- "name": "DrawFrameControl",
- "address": "0x46f6d4"
- },
- {
- "name": "DrawEdge",
- "address": "0x46f6d8"
- },
- {
- "name": "DispatchMessageA",
- "address": "0x46f6dc"
- },
- {
- "name": "DestroyWindow",
- "address": "0x46f6e0"
- },
- {
- "name": "DestroyMenu",
- "address": "0x46f6e4"
- },
- {
- "name": "DestroyIcon",
- "address": "0x46f6e8"
- },
- {
- "name": "DestroyCursor",
- "address": "0x46f6ec"
- },
- {
- "name": "DeleteMenu",
- "address": "0x46f6f0"
- },
- {
- "name": "DeferWindowPos",
- "address": "0x46f6f4"
- },
- {
- "name": "DefWindowProcA",
- "address": "0x46f6f8"
- },
- {
- "name": "DefMDIChildProcA",
- "address": "0x46f6fc"
- },
- {
- "name": "DefFrameProcA",
- "address": "0x46f700"
- },
- {
- "name": "CreatePopupMenu",
- "address": "0x46f704"
- },
- {
- "name": "CreateMenu",
- "address": "0x46f708"
- },
- {
- "name": "CreateIcon",
- "address": "0x46f70c"
- },
- {
- "name": "CloseClipboard",
- "address": "0x46f710"
- },
- {
- "name": "ClientToScreen",
- "address": "0x46f714"
- },
- {
- "name": "CheckMenuItem",
- "address": "0x46f718"
- },
- {
- "name": "CallWindowProcA",
- "address": "0x46f71c"
- },
- {
- "name": "CallNextHookEx",
- "address": "0x46f720"
- },
- {
- "name": "BeginPaint",
- "address": "0x46f724"
- },
- {
- "name": "BeginDeferWindowPos",
- "address": "0x46f728"
- },
- {
- "name": "CharNextA",
- "address": "0x46f72c"
- },
- {
- "name": "CharLowerBuffA",
- "address": "0x46f730"
- },
- {
- "name": "CharLowerA",
- "address": "0x46f734"
- },
- {
- "name": "CharUpperBuffA",
- "address": "0x46f738"
- },
- {
- "name": "CharToOemA",
- "address": "0x46f73c"
- },
- {
- "name": "AdjustWindowRectEx",
- "address": "0x46f740"
- },
- {
- "name": "ActivateKeyboardLayout",
- "address": "0x46f744"
- }
- ],
- "dll": "user32.dll"
- },
- {
- "imports": [
- {
- "name": "Sleep",
- "address": "0x46f74c"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "SafeArrayPtrOfIndex",
- "address": "0x46f754"
- },
- {
- "name": "SafeArrayGetUBound",
- "address": "0x46f758"
- },
- {
- "name": "SafeArrayGetLBound",
- "address": "0x46f75c"
- },
- {
- "name": "SafeArrayCreate",
- "address": "0x46f760"
- },
- {
- "name": "VariantChangeType",
- "address": "0x46f764"
- },
- {
- "name": "VariantCopy",
- "address": "0x46f768"
- },
- {
- "name": "VariantClear",
- "address": "0x46f76c"
- },
- {
- "name": "VariantInit",
- "address": "0x46f770"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "CreateStreamOnHGlobal",
- "address": "0x46f778"
- },
- {
- "name": "IsAccelerator",
- "address": "0x46f77c"
- },
- {
- "name": "OleDraw",
- "address": "0x46f780"
- },
- {
- "name": "OleSetMenuDescriptor",
- "address": "0x46f784"
- },
- {
- "name": "CoTaskMemFree",
- "address": "0x46f788"
- },
- {
- "name": "ProgIDFromCLSID",
- "address": "0x46f78c"
- },
- {
- "name": "StringFromCLSID",
- "address": "0x46f790"
- },
- {
- "name": "CoCreateInstance",
- "address": "0x46f794"
- },
- {
- "name": "CoGetClassObject",
- "address": "0x46f798"
- },
- {
- "name": "CoUninitialize",
- "address": "0x46f79c"
- },
- {
- "name": "CoInitialize",
- "address": "0x46f7a0"
- },
- {
- "name": "IsEqualGUID",
- "address": "0x46f7a4"
- }
- ],
- "dll": "ole32.dll"
- },
- {
- "imports": [
- {
- "name": "GetErrorInfo",
- "address": "0x46f7ac"
- },
- {
- "name": "GetActiveObject",
- "address": "0x46f7b0"
- },
- {
- "name": "SysFreeString",
- "address": "0x46f7b4"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "ImageList_SetIconSize",
- "address": "0x46f7bc"
- },
- {
- "name": "ImageList_GetIconSize",
- "address": "0x46f7c0"
- },
- {
- "name": "ImageList_Write",
- "address": "0x46f7c4"
- },
- {
- "name": "ImageList_Read",
- "address": "0x46f7c8"
- },
- {
- "name": "ImageList_GetDragImage",
- "address": "0x46f7cc"
- },
- {
- "name": "ImageList_DragShowNolock",
- "address": "0x46f7d0"
- },
- {
- "name": "ImageList_SetDragCursorImage",
- "address": "0x46f7d4"
- },
- {
- "name": "ImageList_DragMove",
- "address": "0x46f7d8"
- },
- {
- "name": "ImageList_DragLeave",
- "address": "0x46f7dc"
- },
- {
- "name": "ImageList_DragEnter",
- "address": "0x46f7e0"
- },
- {
- "name": "ImageList_EndDrag",
- "address": "0x46f7e4"
- },
- {
- "name": "ImageList_BeginDrag",
- "address": "0x46f7e8"
- },
- {
- "name": "ImageList_Remove",
- "address": "0x46f7ec"
- },
- {
- "name": "ImageList_DrawEx",
- "address": "0x46f7f0"
- },
- {
- "name": "ImageList_Draw",
- "address": "0x46f7f4"
- },
- {
- "name": "ImageList_GetBkColor",
- "address": "0x46f7f8"
- },
- {
- "name": "ImageList_SetBkColor",
- "address": "0x46f7fc"
- },
- {
- "name": "ImageList_ReplaceIcon",
- "address": "0x46f800"
- },
- {
- "name": "ImageList_Add",
- "address": "0x46f804"
- },
- {
- "name": "ImageList_GetImageCount",
- "address": "0x46f808"
- },
- {
- "name": "ImageList_Destroy",
- "address": "0x46f80c"
- },
- {
- "name": "ImageList_Create",
- "address": "0x46f810"
- }
- ],
- "dll": "comctl32.dll"
- },
- {
- "imports": [
- {
- "name": "OpenPrinterA",
- "address": "0x46f818"
- },
- {
- "name": "EnumPrintersA",
- "address": "0x46f81c"
- },
- {
- "name": "DocumentPropertiesA",
- "address": "0x46f820"
- },
- {
- "name": "ClosePrinter",
- "address": "0x46f824"
- }
- ],
- "dll": "winspool.drv"
- },
- {
- "imports": [
- {
- "name": "PrintDlgA",
- "address": "0x46f82c"
- }
- ],
- "dll": "comdlg32.dll"
- }
- ],
- "digital_signers": null,
- "exported_dll_name": null,
- "actual_checksum": "0x000a9d6f",
- "overlay": {
- "size": "0x00000200",
- "offset": "0x000a9400"
- },
- "imagebase": "0x00400000",
- "reported_checksum": "0x00000000",
- "icon_hash": null,
- "entrypoint": "0x0046304c",
- "timestamp": "1992-05-04 23:58:21",
- "osversion": "4.0",
- "sections": [
- {
- "name": "CODE",
- "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00001000",
- "size_of_data": "0x00062200",
- "entropy": "6.54",
- "raw_address": "0x00000400",
- "virtual_size": "0x00062094",
- "characteristics_raw": "0x60000020"
- },
- {
- "name": "DATA",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x00064000",
- "size_of_data": "0x00009600",
- "entropy": "4.97",
- "raw_address": "0x00062600",
- "virtual_size": "0x00009528",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": "BSS",
- "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006e000",
- "size_of_data": "0x00000000",
- "entropy": "0.00",
- "raw_address": "0x0006bc00",
- "virtual_size": "0x00000d59",
- "characteristics_raw": "0xc0000000"
- },
- {
- "name": ".idata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006f000",
- "size_of_data": "0x00002600",
- "entropy": "5.01",
- "raw_address": "0x0006bc00",
- "virtual_size": "0x00002540",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": ".tls",
- "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x00072000",
- "size_of_data": "0x00000000",
- "entropy": "0.00",
- "raw_address": "0x0006e200",
- "virtual_size": "0x00000010",
- "characteristics_raw": "0xc0000000"
- },
- {
- "name": ".rdata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00073000",
- "size_of_data": "0x00000200",
- "entropy": "0.21",
- "raw_address": "0x0006e200",
- "virtual_size": "0x00000018",
- "characteristics_raw": "0x50000040"
- },
- {
- "name": ".reloc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00074000",
- "size_of_data": "0x00007200",
- "entropy": "6.67",
- "raw_address": "0x0006e400",
- "virtual_size": "0x00007108",
- "characteristics_raw": "0x50000040"
- },
- {
- "name": ".rsrc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x0007c000",
- "size_of_data": "0x00033e00",
- "entropy": "7.46",
- "raw_address": "0x00075600",
- "virtual_size": "0x00033d2c",
- "characteristics_raw": "0x50000040"
- }
- ],
- "resources": [],
- "dirents": [
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x0006f000",
- "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
- "size": "0x00002540"
- },
- {
- "virtual_address": "0x0007c000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
- "size": "0x00033d2c"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00074000",
- "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
- "size": "0x00007108"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00073000",
- "name": "IMAGE_DIRECTORY_ENTRY_TLS",
- "size": "0x00000018"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_IAT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
- "size": "0x00000000"
- }
- ],
- "exports": [],
- "guest_signers": {},
- "imphash": "46116a2f8090728368dbf9ef96584273",
- "icon_fuzzy": null,
- "icon": null,
- "pdbpath": null,
- "imported_dll_count": 17,
- "versioninfo": []
- }
- }
- [*] Resolved APIs: []
- [*] Static Analysis: {
- "pe": {
- "peid_signatures": null,
- "imports": [
- {
- "imports": [
- {
- "name": "DeleteCriticalSection",
- "address": "0x46f168"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x46f16c"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x46f170"
- },
- {
- "name": "InitializeCriticalSection",
- "address": "0x46f174"
- },
- {
- "name": "VirtualFree",
- "address": "0x46f178"
- },
- {
- "name": "VirtualAlloc",
- "address": "0x46f17c"
- },
- {
- "name": "LocalFree",
- "address": "0x46f180"
- },
- {
- "name": "LocalAlloc",
- "address": "0x46f184"
- },
- {
- "name": "GetVersion",
- "address": "0x46f188"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x46f18c"
- },
- {
- "name": "InterlockedDecrement",
- "address": "0x46f190"
- },
- {
- "name": "InterlockedIncrement",
- "address": "0x46f194"
- },
- {
- "name": "VirtualQuery",
- "address": "0x46f198"
- },
- {
- "name": "WideCharToMultiByte",
- "address": "0x46f19c"
- },
- {
- "name": "MultiByteToWideChar",
- "address": "0x46f1a0"
- },
- {
- "name": "lstrlenA",
- "address": "0x46f1a4"
- },
- {
- "name": "lstrcpynA",
- "address": "0x46f1a8"
- },
- {
- "name": "LoadLibraryExA",
- "address": "0x46f1ac"
- },
- {
- "name": "GetThreadLocale",
- "address": "0x46f1b0"
- },
- {
- "name": "GetStartupInfoA",
- "address": "0x46f1b4"
- },
- {
- "name": "GetProcAddress",
- "address": "0x46f1b8"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46f1bc"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x46f1c0"
- },
- {
- "name": "GetLocaleInfoA",
- "address": "0x46f1c4"
- },
- {
- "name": "GetCommandLineA",
- "address": "0x46f1c8"
- },
- {
- "name": "FreeLibrary",
- "address": "0x46f1cc"
- },
- {
- "name": "FindFirstFileA",
- "address": "0x46f1d0"
- },
- {
- "name": "FindClose",
- "address": "0x46f1d4"
- },
- {
- "name": "ExitProcess",
- "address": "0x46f1d8"
- },
- {
- "name": "WriteFile",
- "address": "0x46f1dc"
- },
- {
- "name": "UnhandledExceptionFilter",
- "address": "0x46f1e0"
- },
- {
- "name": "RtlUnwind",
- "address": "0x46f1e4"
- },
- {
- "name": "RaiseException",
- "address": "0x46f1e8"
- },
- {
- "name": "GetStdHandle",
- "address": "0x46f1ec"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "GetKeyboardType",
- "address": "0x46f1f4"
- },
- {
- "name": "LoadStringA",
- "address": "0x46f1f8"
- },
- {
- "name": "MessageBoxA",
- "address": "0x46f1fc"
- },
- {
- "name": "CharNextA",
- "address": "0x46f200"
- }
- ],
- "dll": "user32.dll"
- },
- {
- "imports": [
- {
- "name": "RegQueryValueExA",
- "address": "0x46f208"
- },
- {
- "name": "RegOpenKeyExA",
- "address": "0x46f20c"
- },
- {
- "name": "RegCloseKey",
- "address": "0x46f210"
- }
- ],
- "dll": "advapi32.dll"
- },
- {
- "imports": [
- {
- "name": "SysFreeString",
- "address": "0x46f218"
- },
- {
- "name": "SysReAllocStringLen",
- "address": "0x46f21c"
- },
- {
- "name": "SysAllocStringLen",
- "address": "0x46f220"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "TlsSetValue",
- "address": "0x46f228"
- },
- {
- "name": "TlsGetValue",
- "address": "0x46f22c"
- },
- {
- "name": "LocalAlloc",
- "address": "0x46f230"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46f234"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "RegQueryValueExA",
- "address": "0x46f23c"
- },
- {
- "name": "RegOpenKeyExA",
- "address": "0x46f240"
- },
- {
- "name": "RegCloseKey",
- "address": "0x46f244"
- }
- ],
- "dll": "advapi32.dll"
- },
- {
- "imports": [
- {
- "name": "lstrcpyA",
- "address": "0x46f24c"
- },
- {
- "name": "WriteFile",
- "address": "0x46f250"
- },
- {
- "name": "WaitForSingleObject",
- "address": "0x46f254"
- },
- {
- "name": "VirtualQuery",
- "address": "0x46f258"
- },
- {
- "name": "VirtualAlloc",
- "address": "0x46f25c"
- },
- {
- "name": "Sleep",
- "address": "0x46f260"
- },
- {
- "name": "SizeofResource",
- "address": "0x46f264"
- },
- {
- "name": "SetThreadLocale",
- "address": "0x46f268"
- },
- {
- "name": "SetFilePointer",
- "address": "0x46f26c"
- },
- {
- "name": "SetEvent",
- "address": "0x46f270"
- },
- {
- "name": "SetErrorMode",
- "address": "0x46f274"
- },
- {
- "name": "SetEndOfFile",
- "address": "0x46f278"
- },
- {
- "name": "ResetEvent",
- "address": "0x46f27c"
- },
- {
- "name": "ReadFile",
- "address": "0x46f280"
- },
- {
- "name": "MultiByteToWideChar",
- "address": "0x46f284"
- },
- {
- "name": "MulDiv",
- "address": "0x46f288"
- },
- {
- "name": "LockResource",
- "address": "0x46f28c"
- },
- {
- "name": "LoadResource",
- "address": "0x46f290"
- },
- {
- "name": "LoadLibraryA",
- "address": "0x46f294"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x46f298"
- },
- {
- "name": "InitializeCriticalSection",
- "address": "0x46f29c"
- },
- {
- "name": "GlobalUnlock",
- "address": "0x46f2a0"
- },
- {
- "name": "GlobalSize",
- "address": "0x46f2a4"
- },
- {
- "name": "GlobalReAlloc",
- "address": "0x46f2a8"
- },
- {
- "name": "GlobalHandle",
- "address": "0x46f2ac"
- },
- {
- "name": "GlobalLock",
- "address": "0x46f2b0"
- },
- {
- "name": "GlobalFree",
- "address": "0x46f2b4"
- },
- {
- "name": "GlobalFindAtomA",
- "address": "0x46f2b8"
- },
- {
- "name": "GlobalDeleteAtom",
- "address": "0x46f2bc"
- },
- {
- "name": "GlobalAlloc",
- "address": "0x46f2c0"
- },
- {
- "name": "GlobalAddAtomA",
- "address": "0x46f2c4"
- },
- {
- "name": "GetVersionExA",
- "address": "0x46f2c8"
- },
- {
- "name": "GetVersion",
- "address": "0x46f2cc"
- },
- {
- "name": "GetUserDefaultLCID",
- "address": "0x46f2d0"
- },
- {
- "name": "GetTickCount",
- "address": "0x46f2d4"
- },
- {
- "name": "GetThreadLocale",
- "address": "0x46f2d8"
- },
- {
- "name": "GetSystemInfo",
- "address": "0x46f2dc"
- },
- {
- "name": "GetStringTypeExA",
- "address": "0x46f2e0"
- },
- {
- "name": "GetStdHandle",
- "address": "0x46f2e4"
- },
- {
- "name": "GetProfileStringA",
- "address": "0x46f2e8"
- },
- {
- "name": "GetProcAddress",
- "address": "0x46f2ec"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46f2f0"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x46f2f4"
- },
- {
- "name": "GetLocaleInfoA",
- "address": "0x46f2f8"
- },
- {
- "name": "GetLocalTime",
- "address": "0x46f2fc"
- },
- {
- "name": "GetLastError",
- "address": "0x46f300"
- },
- {
- "name": "GetFullPathNameA",
- "address": "0x46f304"
- },
- {
- "name": "GetDiskFreeSpaceA",
- "address": "0x46f308"
- },
- {
- "name": "GetDateFormatA",
- "address": "0x46f30c"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x46f310"
- },
- {
- "name": "GetCurrentProcessId",
- "address": "0x46f314"
- },
- {
- "name": "GetComputerNameA",
- "address": "0x46f318"
- },
- {
- "name": "GetCPInfo",
- "address": "0x46f31c"
- },
- {
- "name": "GetACP",
- "address": "0x46f320"
- },
- {
- "name": "FreeResource",
- "address": "0x46f324"
- },
- {
- "name": "InterlockedExchange",
- "address": "0x46f328"
- },
- {
- "name": "FreeLibrary",
- "address": "0x46f32c"
- },
- {
- "name": "FormatMessageA",
- "address": "0x46f330"
- },
- {
- "name": "FindResourceA",
- "address": "0x46f334"
- },
- {
- "name": "EnumCalendarInfoA",
- "address": "0x46f338"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x46f33c"
- },
- {
- "name": "DeleteCriticalSection",
- "address": "0x46f340"
- },
- {
- "name": "CreateThread",
- "address": "0x46f344"
- },
- {
- "name": "CreateFileA",
- "address": "0x46f348"
- },
- {
- "name": "CreateEventA",
- "address": "0x46f34c"
- },
- {
- "name": "CompareStringA",
- "address": "0x46f350"
- },
- {
- "name": "CloseHandle",
- "address": "0x46f354"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "VerQueryValueA",
- "address": "0x46f35c"
- },
- {
- "name": "GetFileVersionInfoSizeA",
- "address": "0x46f360"
- },
- {
- "name": "GetFileVersionInfoA",
- "address": "0x46f364"
- }
- ],
- "dll": "version.dll"
- },
- {
- "imports": [
- {
- "name": "UnrealizeObject",
- "address": "0x46f36c"
- },
- {
- "name": "StretchBlt",
- "address": "0x46f370"
- },
- {
- "name": "SetWindowOrgEx",
- "address": "0x46f374"
- },
- {
- "name": "SetWinMetaFileBits",
- "address": "0x46f378"
- },
- {
- "name": "SetViewportOrgEx",
- "address": "0x46f37c"
- },
- {
- "name": "SetTextColor",
- "address": "0x46f380"
- },
- {
- "name": "SetStretchBltMode",
- "address": "0x46f384"
- },
- {
- "name": "SetROP2",
- "address": "0x46f388"
- },
- {
- "name": "SetPixel",
- "address": "0x46f38c"
- },
- {
- "name": "SetMapMode",
- "address": "0x46f390"
- },
- {
- "name": "SetEnhMetaFileBits",
- "address": "0x46f394"
- },
- {
- "name": "SetDIBColorTable",
- "address": "0x46f398"
- },
- {
- "name": "SetBrushOrgEx",
- "address": "0x46f39c"
- },
- {
- "name": "SetBkMode",
- "address": "0x46f3a0"
- },
- {
- "name": "SetBkColor",
- "address": "0x46f3a4"
- },
- {
- "name": "SelectPalette",
- "address": "0x46f3a8"
- },
- {
- "name": "SelectObject",
- "address": "0x46f3ac"
- },
- {
- "name": "SelectClipRgn",
- "address": "0x46f3b0"
- },
- {
- "name": "ScaleWindowExtEx",
- "address": "0x46f3b4"
- },
- {
- "name": "SaveDC",
- "address": "0x46f3b8"
- },
- {
- "name": "RestoreDC",
- "address": "0x46f3bc"
- },
- {
- "name": "RectVisible",
- "address": "0x46f3c0"
- },
- {
- "name": "RealizePalette",
- "address": "0x46f3c4"
- },
- {
- "name": "PlayEnhMetaFile",
- "address": "0x46f3c8"
- },
- {
- "name": "PathToRegion",
- "address": "0x46f3cc"
- },
- {
- "name": "PatBlt",
- "address": "0x46f3d0"
- },
- {
- "name": "MoveToEx",
- "address": "0x46f3d4"
- },
- {
- "name": "MaskBlt",
- "address": "0x46f3d8"
- },
- {
- "name": "LineTo",
- "address": "0x46f3dc"
- },
- {
- "name": "LPtoDP",
- "address": "0x46f3e0"
- },
- {
- "name": "IntersectClipRect",
- "address": "0x46f3e4"
- },
- {
- "name": "GetWindowOrgEx",
- "address": "0x46f3e8"
- },
- {
- "name": "GetWinMetaFileBits",
- "address": "0x46f3ec"
- },
- {
- "name": "GetTextMetricsA",
- "address": "0x46f3f0"
- },
- {
- "name": "GetTextExtentPoint32A",
- "address": "0x46f3f4"
- },
- {
- "name": "GetSystemPaletteEntries",
- "address": "0x46f3f8"
- },
- {
- "name": "GetStockObject",
- "address": "0x46f3fc"
- },
- {
- "name": "GetPixel",
- "address": "0x46f400"
- },
- {
- "name": "GetPaletteEntries",
- "address": "0x46f404"
- },
- {
- "name": "GetObjectA",
- "address": "0x46f408"
- },
- {
- "name": "GetEnhMetaFilePaletteEntries",
- "address": "0x46f40c"
- },
- {
- "name": "GetEnhMetaFileHeader",
- "address": "0x46f410"
- },
- {
- "name": "GetEnhMetaFileDescriptionA",
- "address": "0x46f414"
- },
- {
- "name": "GetEnhMetaFileBits",
- "address": "0x46f418"
- },
- {
- "name": "GetDeviceCaps",
- "address": "0x46f41c"
- },
- {
- "name": "GetDIBits",
- "address": "0x46f420"
- },
- {
- "name": "GetDIBColorTable",
- "address": "0x46f424"
- },
- {
- "name": "GetDCOrgEx",
- "address": "0x46f428"
- },
- {
- "name": "GetCurrentPositionEx",
- "address": "0x46f42c"
- },
- {
- "name": "GetClipBox",
- "address": "0x46f430"
- },
- {
- "name": "GetBrushOrgEx",
- "address": "0x46f434"
- },
- {
- "name": "GetBitmapBits",
- "address": "0x46f438"
- },
- {
- "name": "ExcludeClipRect",
- "address": "0x46f43c"
- },
- {
- "name": "EndPage",
- "address": "0x46f440"
- },
- {
- "name": "EndDoc",
- "address": "0x46f444"
- },
- {
- "name": "DeleteObject",
- "address": "0x46f448"
- },
- {
- "name": "DeleteEnhMetaFile",
- "address": "0x46f44c"
- },
- {
- "name": "DeleteDC",
- "address": "0x46f450"
- },
- {
- "name": "CreateSolidBrush",
- "address": "0x46f454"
- },
- {
- "name": "CreatePenIndirect",
- "address": "0x46f458"
- },
- {
- "name": "CreatePalette",
- "address": "0x46f45c"
- },
- {
- "name": "CreateICA",
- "address": "0x46f460"
- },
- {
- "name": "CreateHalftonePalette",
- "address": "0x46f464"
- },
- {
- "name": "CreateFontIndirectA",
- "address": "0x46f468"
- },
- {
- "name": "CreateEnhMetaFileA",
- "address": "0x46f46c"
- },
- {
- "name": "CreateDIBitmap",
- "address": "0x46f470"
- },
- {
- "name": "CreateDIBSection",
- "address": "0x46f474"
- },
- {
- "name": "CreateDCA",
- "address": "0x46f478"
- },
- {
- "name": "CreateCompatibleDC",
- "address": "0x46f47c"
- },
- {
- "name": "CreateCompatibleBitmap",
- "address": "0x46f480"
- },
- {
- "name": "CreateBrushIndirect",
- "address": "0x46f484"
- },
- {
- "name": "CreateBitmap",
- "address": "0x46f488"
- },
- {
- "name": "CopyEnhMetaFileA",
- "address": "0x46f48c"
- },
- {
- "name": "CloseEnhMetaFile",
- "address": "0x46f490"
- },
- {
- "name": "BitBlt",
- "address": "0x46f494"
- }
- ],
- "dll": "gdi32.dll"
- },
- {
- "imports": [
- {
- "name": "CreateWindowExA",
- "address": "0x46f49c"
- },
- {
- "name": "WindowFromPoint",
- "address": "0x46f4a0"
- },
- {
- "name": "WinHelpA",
- "address": "0x46f4a4"
- },
- {
- "name": "WaitMessage",
- "address": "0x46f4a8"
- },
- {
- "name": "UpdateWindow",
- "address": "0x46f4ac"
- },
- {
- "name": "UnregisterClassA",
- "address": "0x46f4b0"
- },
- {
- "name": "UnhookWindowsHookEx",
- "address": "0x46f4b4"
- },
- {
- "name": "TranslateMessage",
- "address": "0x46f4b8"
- },
- {
- "name": "TranslateMDISysAccel",
- "address": "0x46f4bc"
- },
- {
- "name": "TrackPopupMenu",
- "address": "0x46f4c0"
- },
- {
- "name": "SystemParametersInfoA",
- "address": "0x46f4c4"
- },
- {
- "name": "ShowWindow",
- "address": "0x46f4c8"
- },
- {
- "name": "ShowScrollBar",
- "address": "0x46f4cc"
- },
- {
- "name": "ShowOwnedPopups",
- "address": "0x46f4d0"
- },
- {
- "name": "ShowCursor",
- "address": "0x46f4d4"
- },
- {
- "name": "SetWindowsHookExA",
- "address": "0x46f4d8"
- },
- {
- "name": "SetWindowTextA",
- "address": "0x46f4dc"
- },
- {
- "name": "SetWindowPos",
- "address": "0x46f4e0"
- },
- {
- "name": "SetWindowPlacement",
- "address": "0x46f4e4"
- },
- {
- "name": "SetWindowLongA",
- "address": "0x46f4e8"
- },
- {
- "name": "SetTimer",
- "address": "0x46f4ec"
- },
- {
- "name": "SetScrollRange",
- "address": "0x46f4f0"
- },
- {
- "name": "SetScrollPos",
- "address": "0x46f4f4"
- },
- {
- "name": "SetScrollInfo",
- "address": "0x46f4f8"
- },
- {
- "name": "SetRect",
- "address": "0x46f4fc"
- },
- {
- "name": "SetPropA",
- "address": "0x46f500"
- },
- {
- "name": "SetParent",
- "address": "0x46f504"
- },
- {
- "name": "SetMenuItemInfoA",
- "address": "0x46f508"
- },
- {
- "name": "SetMenu",
- "address": "0x46f50c"
- },
- {
- "name": "SetKeyboardState",
- "address": "0x46f510"
- },
- {
- "name": "SetForegroundWindow",
- "address": "0x46f514"
- },
- {
- "name": "SetFocus",
- "address": "0x46f518"
- },
- {
- "name": "SetCursor",
- "address": "0x46f51c"
- },
- {
- "name": "SetClipboardData",
- "address": "0x46f520"
- },
- {
- "name": "SetClassLongA",
- "address": "0x46f524"
- },
- {
- "name": "SetCapture",
- "address": "0x46f528"
- },
- {
- "name": "SetActiveWindow",
- "address": "0x46f52c"
- },
- {
- "name": "SendMessageA",
- "address": "0x46f530"
- },
- {
- "name": "ScrollWindow",
- "address": "0x46f534"
- },
- {
- "name": "ScreenToClient",
- "address": "0x46f538"
- },
- {
- "name": "RemovePropA",
- "address": "0x46f53c"
- },
- {
- "name": "RemoveMenu",
- "address": "0x46f540"
- },
- {
- "name": "ReleaseDC",
- "address": "0x46f544"
- },
- {
- "name": "ReleaseCapture",
- "address": "0x46f548"
- },
- {
- "name": "RegisterWindowMessageA",
- "address": "0x46f54c"
- },
- {
- "name": "RegisterClipboardFormatA",
- "address": "0x46f550"
- },
- {
- "name": "RegisterClassA",
- "address": "0x46f554"
- },
- {
- "name": "RedrawWindow",
- "address": "0x46f558"
- },
- {
- "name": "PtInRect",
- "address": "0x46f55c"
- },
- {
- "name": "PostQuitMessage",
- "address": "0x46f560"
- },
- {
- "name": "PostMessageA",
- "address": "0x46f564"
- },
- {
- "name": "PeekMessageA",
- "address": "0x46f568"
- },
- {
- "name": "OpenClipboard",
- "address": "0x46f56c"
- },
- {
- "name": "OffsetRect",
- "address": "0x46f570"
- },
- {
- "name": "OemToCharA",
- "address": "0x46f574"
- },
- {
- "name": "MessageBoxA",
- "address": "0x46f578"
- },
- {
- "name": "MessageBeep",
- "address": "0x46f57c"
- },
- {
- "name": "MapWindowPoints",
- "address": "0x46f580"
- },
- {
- "name": "MapVirtualKeyA",
- "address": "0x46f584"
- },
- {
- "name": "LoadStringA",
- "address": "0x46f588"
- },
- {
- "name": "LoadKeyboardLayoutA",
- "address": "0x46f58c"
- },
- {
- "name": "LoadIconA",
- "address": "0x46f590"
- },
- {
- "name": "LoadCursorA",
- "address": "0x46f594"
- },
- {
- "name": "LoadBitmapA",
- "address": "0x46f598"
- },
- {
- "name": "KillTimer",
- "address": "0x46f59c"
- },
- {
- "name": "IsZoomed",
- "address": "0x46f5a0"
- },
- {
- "name": "IsWindowVisible",
- "address": "0x46f5a4"
- },
- {
- "name": "IsWindowEnabled",
- "address": "0x46f5a8"
- },
- {
- "name": "IsWindow",
- "address": "0x46f5ac"
- },
- {
- "name": "IsRectEmpty",
- "address": "0x46f5b0"
- },
- {
- "name": "IsIconic",
- "address": "0x46f5b4"
- },
- {
- "name": "IsDialogMessageA",
- "address": "0x46f5b8"
- },
- {
- "name": "IsChild",
- "address": "0x46f5bc"
- },
- {
- "name": "IsCharAlphaNumericA",
- "address": "0x46f5c0"
- },
- {
- "name": "IsCharAlphaA",
- "address": "0x46f5c4"
- },
- {
- "name": "InvalidateRect",
- "address": "0x46f5c8"
- },
- {
- "name": "IntersectRect",
- "address": "0x46f5cc"
- },
- {
- "name": "InsertMenuItemA",
- "address": "0x46f5d0"
- },
- {
- "name": "InsertMenuA",
- "address": "0x46f5d4"
- },
- {
- "name": "InflateRect",
- "address": "0x46f5d8"
- },
- {
- "name": "GetWindowThreadProcessId",
- "address": "0x46f5dc"
- },
- {
- "name": "GetWindowTextA",
- "address": "0x46f5e0"
- },
- {
- "name": "GetWindowRect",
- "address": "0x46f5e4"
- },
- {
- "name": "GetWindowPlacement",
- "address": "0x46f5e8"
- },
- {
- "name": "GetWindowLongA",
- "address": "0x46f5ec"
- },
- {
- "name": "GetWindowDC",
- "address": "0x46f5f0"
- },
- {
- "name": "GetTopWindow",
- "address": "0x46f5f4"
- },
- {
- "name": "GetSystemMetrics",
- "address": "0x46f5f8"
- },
- {
- "name": "GetSystemMenu",
- "address": "0x46f5fc"
- },
- {
- "name": "GetSysColorBrush",
- "address": "0x46f600"
- },
- {
- "name": "GetSysColor",
- "address": "0x46f604"
- },
- {
- "name": "GetSubMenu",
- "address": "0x46f608"
- },
- {
- "name": "GetScrollRange",
- "address": "0x46f60c"
- },
- {
- "name": "GetScrollPos",
- "address": "0x46f610"
- },
- {
- "name": "GetScrollInfo",
- "address": "0x46f614"
- },
- {
- "name": "GetPropA",
- "address": "0x46f618"
- },
- {
- "name": "GetParent",
- "address": "0x46f61c"
- },
- {
- "name": "GetWindow",
- "address": "0x46f620"
- },
- {
- "name": "GetMessageTime",
- "address": "0x46f624"
- },
- {
- "name": "GetMenuStringA",
- "address": "0x46f628"
- },
- {
- "name": "GetMenuState",
- "address": "0x46f62c"
- },
- {
- "name": "GetMenuItemInfoA",
- "address": "0x46f630"
- },
- {
- "name": "GetMenuItemID",
- "address": "0x46f634"
- },
- {
- "name": "GetMenuItemCount",
- "address": "0x46f638"
- },
- {
- "name": "GetMenu",
- "address": "0x46f63c"
- },
- {
- "name": "GetLastActivePopup",
- "address": "0x46f640"
- },
- {
- "name": "GetKeyboardState",
- "address": "0x46f644"
- },
- {
- "name": "GetKeyboardLayoutList",
- "address": "0x46f648"
- },
- {
- "name": "GetKeyboardLayout",
- "address": "0x46f64c"
- },
- {
- "name": "GetKeyState",
- "address": "0x46f650"
- },
- {
- "name": "GetKeyNameTextA",
- "address": "0x46f654"
- },
- {
- "name": "GetIconInfo",
- "address": "0x46f658"
- },
- {
- "name": "GetForegroundWindow",
- "address": "0x46f65c"
- },
- {
- "name": "GetFocus",
- "address": "0x46f660"
- },
- {
- "name": "GetDesktopWindow",
- "address": "0x46f664"
- },
- {
- "name": "GetDCEx",
- "address": "0x46f668"
- },
- {
- "name": "GetDC",
- "address": "0x46f66c"
- },
- {
- "name": "GetCursorPos",
- "address": "0x46f670"
- },
- {
- "name": "GetCursor",
- "address": "0x46f674"
- },
- {
- "name": "GetClipboardData",
- "address": "0x46f678"
- },
- {
- "name": "GetClientRect",
- "address": "0x46f67c"
- },
- {
- "name": "GetClassNameA",
- "address": "0x46f680"
- },
- {
- "name": "GetClassInfoA",
- "address": "0x46f684"
- },
- {
- "name": "GetCapture",
- "address": "0x46f688"
- },
- {
- "name": "GetActiveWindow",
- "address": "0x46f68c"
- },
- {
- "name": "FrameRect",
- "address": "0x46f690"
- },
- {
- "name": "FindWindowA",
- "address": "0x46f694"
- },
- {
- "name": "FillRect",
- "address": "0x46f698"
- },
- {
- "name": "EqualRect",
- "address": "0x46f69c"
- },
- {
- "name": "EnumWindows",
- "address": "0x46f6a0"
- },
- {
- "name": "EnumThreadWindows",
- "address": "0x46f6a4"
- },
- {
- "name": "EnumClipboardFormats",
- "address": "0x46f6a8"
- },
- {
- "name": "EndPaint",
- "address": "0x46f6ac"
- },
- {
- "name": "EndDeferWindowPos",
- "address": "0x46f6b0"
- },
- {
- "name": "EnableWindow",
- "address": "0x46f6b4"
- },
- {
- "name": "EnableScrollBar",
- "address": "0x46f6b8"
- },
- {
- "name": "EnableMenuItem",
- "address": "0x46f6bc"
- },
- {
- "name": "EmptyClipboard",
- "address": "0x46f6c0"
- },
- {
- "name": "DrawTextA",
- "address": "0x46f6c4"
- },
- {
- "name": "DrawMenuBar",
- "address": "0x46f6c8"
- },
- {
- "name": "DrawIconEx",
- "address": "0x46f6cc"
- },
- {
- "name": "DrawIcon",
- "address": "0x46f6d0"
- },
- {
- "name": "DrawFrameControl",
- "address": "0x46f6d4"
- },
- {
- "name": "DrawEdge",
- "address": "0x46f6d8"
- },
- {
- "name": "DispatchMessageA",
- "address": "0x46f6dc"
- },
- {
- "name": "DestroyWindow",
- "address": "0x46f6e0"
- },
- {
- "name": "DestroyMenu",
- "address": "0x46f6e4"
- },
- {
- "name": "DestroyIcon",
- "address": "0x46f6e8"
- },
- {
- "name": "DestroyCursor",
- "address": "0x46f6ec"
- },
- {
- "name": "DeleteMenu",
- "address": "0x46f6f0"
- },
- {
- "name": "DeferWindowPos",
- "address": "0x46f6f4"
- },
- {
- "name": "DefWindowProcA",
- "address": "0x46f6f8"
- },
- {
- "name": "DefMDIChildProcA",
- "address": "0x46f6fc"
- },
- {
- "name": "DefFrameProcA",
- "address": "0x46f700"
- },
- {
- "name": "CreatePopupMenu",
- "address": "0x46f704"
- },
- {
- "name": "CreateMenu",
- "address": "0x46f708"
- },
- {
- "name": "CreateIcon",
- "address": "0x46f70c"
- },
- {
- "name": "CloseClipboard",
- "address": "0x46f710"
- },
- {
- "name": "ClientToScreen",
- "address": "0x46f714"
- },
- {
- "name": "CheckMenuItem",
- "address": "0x46f718"
- },
- {
- "name": "CallWindowProcA",
- "address": "0x46f71c"
- },
- {
- "name": "CallNextHookEx",
- "address": "0x46f720"
- },
- {
- "name": "BeginPaint",
- "address": "0x46f724"
- },
- {
- "name": "BeginDeferWindowPos",
- "address": "0x46f728"
- },
- {
- "name": "CharNextA",
- "address": "0x46f72c"
- },
- {
- "name": "CharLowerBuffA",
- "address": "0x46f730"
- },
- {
- "name": "CharLowerA",
- "address": "0x46f734"
- },
- {
- "name": "CharUpperBuffA",
- "address": "0x46f738"
- },
- {
- "name": "CharToOemA",
- "address": "0x46f73c"
- },
- {
- "name": "AdjustWindowRectEx",
- "address": "0x46f740"
- },
- {
- "name": "ActivateKeyboardLayout",
- "address": "0x46f744"
- }
- ],
- "dll": "user32.dll"
- },
- {
- "imports": [
- {
- "name": "Sleep",
- "address": "0x46f74c"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "SafeArrayPtrOfIndex",
- "address": "0x46f754"
- },
- {
- "name": "SafeArrayGetUBound",
- "address": "0x46f758"
- },
- {
- "name": "SafeArrayGetLBound",
- "address": "0x46f75c"
- },
- {
- "name": "SafeArrayCreate",
- "address": "0x46f760"
- },
- {
- "name": "VariantChangeType",
- "address": "0x46f764"
- },
- {
- "name": "VariantCopy",
- "address": "0x46f768"
- },
- {
- "name": "VariantClear",
- "address": "0x46f76c"
- },
- {
- "name": "VariantInit",
- "address": "0x46f770"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "CreateStreamOnHGlobal",
- "address": "0x46f778"
- },
- {
- "name": "IsAccelerator",
- "address": "0x46f77c"
- },
- {
- "name": "OleDraw",
- "address": "0x46f780"
- },
- {
- "name": "OleSetMenuDescriptor",
- "address": "0x46f784"
- },
- {
- "name": "CoTaskMemFree",
- "address": "0x46f788"
- },
- {
- "name": "ProgIDFromCLSID",
- "address": "0x46f78c"
- },
- {
- "name": "StringFromCLSID",
- "address": "0x46f790"
- },
- {
- "name": "CoCreateInstance",
- "address": "0x46f794"
- },
- {
- "name": "CoGetClassObject",
- "address": "0x46f798"
- },
- {
- "name": "CoUninitialize",
- "address": "0x46f79c"
- },
- {
- "name": "CoInitialize",
- "address": "0x46f7a0"
- },
- {
- "name": "IsEqualGUID",
- "address": "0x46f7a4"
- }
- ],
- "dll": "ole32.dll"
- },
- {
- "imports": [
- {
- "name": "GetErrorInfo",
- "address": "0x46f7ac"
- },
- {
- "name": "GetActiveObject",
- "address": "0x46f7b0"
- },
- {
- "name": "SysFreeString",
- "address": "0x46f7b4"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "ImageList_SetIconSize",
- "address": "0x46f7bc"
- },
- {
- "name": "ImageList_GetIconSize",
- "address": "0x46f7c0"
- },
- {
- "name": "ImageList_Write",
- "address": "0x46f7c4"
- },
- {
- "name": "ImageList_Read",
- "address": "0x46f7c8"
- },
- {
- "name": "ImageList_GetDragImage",
- "address": "0x46f7cc"
- },
- {
- "name": "ImageList_DragShowNolock",
- "address": "0x46f7d0"
- },
- {
- "name": "ImageList_SetDragCursorImage",
- "address": "0x46f7d4"
- },
- {
- "name": "ImageList_DragMove",
- "address": "0x46f7d8"
- },
- {
- "name": "ImageList_DragLeave",
- "address": "0x46f7dc"
- },
- {
- "name": "ImageList_DragEnter",
- "address": "0x46f7e0"
- },
- {
- "name": "ImageList_EndDrag",
- "address": "0x46f7e4"
- },
- {
- "name": "ImageList_BeginDrag",
- "address": "0x46f7e8"
- },
- {
- "name": "ImageList_Remove",
- "address": "0x46f7ec"
- },
- {
- "name": "ImageList_DrawEx",
- "address": "0x46f7f0"
- },
- {
- "name": "ImageList_Draw",
- "address": "0x46f7f4"
- },
- {
- "name": "ImageList_GetBkColor",
- "address": "0x46f7f8"
- },
- {
- "name": "ImageList_SetBkColor",
- "address": "0x46f7fc"
- },
- {
- "name": "ImageList_ReplaceIcon",
- "address": "0x46f800"
- },
- {
- "name": "ImageList_Add",
- "address": "0x46f804"
- },
- {
- "name": "ImageList_GetImageCount",
- "address": "0x46f808"
- },
- {
- "name": "ImageList_Destroy",
- "address": "0x46f80c"
- },
- {
- "name": "ImageList_Create",
- "address": "0x46f810"
- }
- ],
- "dll": "comctl32.dll"
- },
- {
- "imports": [
- {
- "name": "OpenPrinterA",
- "address": "0x46f818"
- },
- {
- "name": "EnumPrintersA",
- "address": "0x46f81c"
- },
- {
- "name": "DocumentPropertiesA",
- "address": "0x46f820"
- },
- {
- "name": "ClosePrinter",
- "address": "0x46f824"
- }
- ],
- "dll": "winspool.drv"
- },
- {
- "imports": [
- {
- "name": "PrintDlgA",
- "address": "0x46f82c"
- }
- ],
- "dll": "comdlg32.dll"
- }
- ],
- "digital_signers": null,
- "exported_dll_name": null,
- "actual_checksum": "0x000a9d6f",
- "overlay": {
- "size": "0x00000200",
- "offset": "0x000a9400"
- },
- "imagebase": "0x00400000",
- "reported_checksum": "0x00000000",
- "icon_hash": null,
- "entrypoint": "0x0046304c",
- "timestamp": "1992-05-04 23:58:21",
- "osversion": "4.0",
- "sections": [
- {
- "name": "CODE",
- "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00001000",
- "size_of_data": "0x00062200",
- "entropy": "6.54",
- "raw_address": "0x00000400",
- "virtual_size": "0x00062094",
- "characteristics_raw": "0x60000020"
- },
- {
- "name": "DATA",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x00064000",
- "size_of_data": "0x00009600",
- "entropy": "4.97",
- "raw_address": "0x00062600",
- "virtual_size": "0x00009528",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": "BSS",
- "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006e000",
- "size_of_data": "0x00000000",
- "entropy": "0.00",
- "raw_address": "0x0006bc00",
- "virtual_size": "0x00000d59",
- "characteristics_raw": "0xc0000000"
- },
- {
- "name": ".idata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006f000",
- "size_of_data": "0x00002600",
- "entropy": "5.01",
- "raw_address": "0x0006bc00",
- "virtual_size": "0x00002540",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": ".tls",
- "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x00072000",
- "size_of_data": "0x00000000",
- "entropy": "0.00",
- "raw_address": "0x0006e200",
- "virtual_size": "0x00000010",
- "characteristics_raw": "0xc0000000"
- },
- {
- "name": ".rdata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00073000",
- "size_of_data": "0x00000200",
- "entropy": "0.21",
- "raw_address": "0x0006e200",
- "virtual_size": "0x00000018",
- "characteristics_raw": "0x50000040"
- },
- {
- "name": ".reloc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00074000",
- "size_of_data": "0x00007200",
- "entropy": "6.67",
- "raw_address": "0x0006e400",
- "virtual_size": "0x00007108",
- "characteristics_raw": "0x50000040"
- },
- {
- "name": ".rsrc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x0007c000",
- "size_of_data": "0x00033e00",
- "entropy": "7.46",
- "raw_address": "0x00075600",
- "virtual_size": "0x00033d2c",
- "characteristics_raw": "0x50000040"
- }
- ],
- "resources": [],
- "dirents": [
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x0006f000",
- "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
- "size": "0x00002540"
- },
- {
- "virtual_address": "0x0007c000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
- "size": "0x00033d2c"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00074000",
- "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
- "size": "0x00007108"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00073000",
- "name": "IMAGE_DIRECTORY_ENTRY_TLS",
- "size": "0x00000018"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_IAT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
- "size": "0x00000000"
- }
- ],
- "exports": [],
- "guest_signers": {},
- "imphash": "46116a2f8090728368dbf9ef96584273",
- "icon_fuzzy": null,
- "icon": null,
- "pdbpath": null,
- "imported_dll_count": 17,
- "versioninfo": []
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
