Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [*] MalFamily: ""
- [*] MalScore: 10.0
- [*] File Name: "986107"
- [*] File Size: 1426376
- [*] File Type: "PE32 executable (GUI) Intel 80386, for MS Windows"
- [*] SHA256: "d14b33b60ae3037c3059fbe807e0bf7b50927f90ad1aaf59646139ef8dd95ab2"
- [*] MD5: "72356d0f96620067d52f5ae8bfb75288"
- [*] SHA1: "398d28f2132543f29cfbb61981f313cf62abc00a"
- [*] SHA512: "2928b2d5ff4ee78cb4fd17a458579ea126c876a1b382180e4e1b015ab70867eb7e6ce0acf01881f399de76095d2f15b15913d8ee4a24fb19d808ccebd11571d3"
- [*] CRC32: "339596BE"
- [*] SSDEEP: "24576:Rw6Basswrd5/BCQ8GZIFqkmf6eeeZMI/8E18iHWYBRV17ADa:RwOa0rP8GZHky6LMz/8K8iHPBfB"
- [*] Process Execution: []
- [*] Signatures Detected: [
- {
- "Description": "File has been identified by 35 Antiviruses on VirusTotal as malicious",
- "Details": [
- {
- "MicroWorld-eScan": "Trojan.Agent.DZAA"
- },
- {
- "FireEye": "Generic.mg.72356d0f96620067"
- },
- {
- "Qihoo-360": "Win32/Virus.Adware.b51"
- },
- {
- "McAfee": "Artemis!72356D0F9662"
- },
- {
- "Cylance": "Unsafe"
- },
- {
- "Alibaba": "AdWare:Win32/Generic.ae6d06b3"
- },
- {
- "Symantec": "ML.Attribute.HighConfidence"
- },
- {
- "ESET-NOD32": "a variant of Win32/Injector.EGEZ"
- },
- {
- "APEX": "Malicious"
- },
- {
- "Paloalto": "generic.ml"
- },
- {
- "GData": "Trojan.Agent.DZAA"
- },
- {
- "Kaspersky": "HEUR:Trojan-PSW.Win32.Agent.gen"
- },
- {
- "BitDefender": "Trojan.Agent.DZAA"
- },
- {
- "Endgame": "malicious (high confidence)"
- },
- {
- "Sophos": "Mal/Generic-S"
- },
- {
- "F-Secure": "Trojan.TR/AD.LokiBot.yecpp"
- },
- {
- "DrWeb": "Trojan.Inject3.17998"
- },
- {
- "Invincea": "heuristic"
- },
- {
- "McAfee-GW-Edition": "BehavesLike.Win32.Generic.th"
- },
- {
- "Emsisoft": "Trojan.Agent.DZAA (B)"
- },
- {
- "Ikarus": "Win32.Outbreak"
- },
- {
- "Jiangmin": "Trojan.BypassUAC.o"
- },
- {
- "Avira": "TR/AD.LokiBot.yecpp"
- },
- {
- "Microsoft": "Trojan:Win32/Conteban.B!ml"
- },
- {
- "Arcabit": "Trojan.Agent.DZAA"
- },
- {
- "ZoneAlarm": "HEUR:Trojan-PSW.Win32.Agent.gen"
- },
- {
- "VBA32": "BScope.Trojan.Inject"
- },
- {
- "Ad-Aware": "Trojan.Agent.DZAA"
- },
- {
- "Panda": "Trj/GdSda.A"
- },
- {
- "SentinelOne": "DFI - Malicious PE"
- },
- {
- "Fortinet": "Adware/Generic"
- },
- {
- "AVG": "Win32:PWSX-gen [Trj]"
- },
- {
- "Cybereason": "malicious.213254"
- },
- {
- "Avast": "Win32:PWSX-gen [Trj]"
- },
- {
- "CrowdStrike": "win/malicious_confidence_90% (W)"
- }
- ]
- },
- {
- "Description": "Anomalous binary characteristics",
- "Details": [
- {
- "anomaly": "Timestamp on binary predates the release date of the OS version it requires by at least a year"
- },
- {
- "anomaly": "Actual checksum does not match that reported in PE header"
- }
- ]
- }
- ]
- [*] Started Service: []
- [*] Executed Commands: []
- [*] Mutexes: []
- [*] Modified Files: []
- [*] Deleted Files: []
- [*] Modified Registry Keys: []
- [*] Deleted Registry Keys: []
- [*] DNS Communications: []
- [*] Domains: []
- [*] Network Communication - ICMP: []
- [*] Network Communication - HTTP: []
- [*] Network Communication - SMTP: []
- [*] Network Communication - Hosts: []
- [*] Network Communication - IRC: []
- [*] Static Analysis: {
- "pe": {
- "peid_signatures": null,
- "imports": [
- {
- "imports": [
- {
- "name": "DeleteCriticalSection",
- "address": "0x46e140"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x46e144"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x46e148"
- },
- {
- "name": "InitializeCriticalSection",
- "address": "0x46e14c"
- },
- {
- "name": "VirtualFree",
- "address": "0x46e150"
- },
- {
- "name": "VirtualAlloc",
- "address": "0x46e154"
- },
- {
- "name": "LocalFree",
- "address": "0x46e158"
- },
- {
- "name": "LocalAlloc",
- "address": "0x46e15c"
- },
- {
- "name": "GetVersion",
- "address": "0x46e160"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x46e164"
- },
- {
- "name": "InterlockedDecrement",
- "address": "0x46e168"
- },
- {
- "name": "InterlockedIncrement",
- "address": "0x46e16c"
- },
- {
- "name": "VirtualQuery",
- "address": "0x46e170"
- },
- {
- "name": "WideCharToMultiByte",
- "address": "0x46e174"
- },
- {
- "name": "MultiByteToWideChar",
- "address": "0x46e178"
- },
- {
- "name": "lstrlenA",
- "address": "0x46e17c"
- },
- {
- "name": "lstrcpynA",
- "address": "0x46e180"
- },
- {
- "name": "LoadLibraryExA",
- "address": "0x46e184"
- },
- {
- "name": "GetThreadLocale",
- "address": "0x46e188"
- },
- {
- "name": "GetStartupInfoA",
- "address": "0x46e18c"
- },
- {
- "name": "GetProcAddress",
- "address": "0x46e190"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46e194"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x46e198"
- },
- {
- "name": "GetLocaleInfoA",
- "address": "0x46e19c"
- },
- {
- "name": "GetLastError",
- "address": "0x46e1a0"
- },
- {
- "name": "GetCommandLineA",
- "address": "0x46e1a4"
- },
- {
- "name": "FreeLibrary",
- "address": "0x46e1a8"
- },
- {
- "name": "FindFirstFileA",
- "address": "0x46e1ac"
- },
- {
- "name": "FindClose",
- "address": "0x46e1b0"
- },
- {
- "name": "ExitProcess",
- "address": "0x46e1b4"
- },
- {
- "name": "ExitThread",
- "address": "0x46e1b8"
- },
- {
- "name": "CreateThread",
- "address": "0x46e1bc"
- },
- {
- "name": "WriteFile",
- "address": "0x46e1c0"
- },
- {
- "name": "UnhandledExceptionFilter",
- "address": "0x46e1c4"
- },
- {
- "name": "SetFilePointer",
- "address": "0x46e1c8"
- },
- {
- "name": "SetEndOfFile",
- "address": "0x46e1cc"
- },
- {
- "name": "RtlUnwind",
- "address": "0x46e1d0"
- },
- {
- "name": "ReadFile",
- "address": "0x46e1d4"
- },
- {
- "name": "RaiseException",
- "address": "0x46e1d8"
- },
- {
- "name": "GetStdHandle",
- "address": "0x46e1dc"
- },
- {
- "name": "GetFileSize",
- "address": "0x46e1e0"
- },
- {
- "name": "GetFileType",
- "address": "0x46e1e4"
- },
- {
- "name": "CreateFileA",
- "address": "0x46e1e8"
- },
- {
- "name": "CloseHandle",
- "address": "0x46e1ec"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "GetKeyboardType",
- "address": "0x46e1f4"
- },
- {
- "name": "LoadStringA",
- "address": "0x46e1f8"
- },
- {
- "name": "MessageBoxA",
- "address": "0x46e1fc"
- },
- {
- "name": "CharNextA",
- "address": "0x46e200"
- }
- ],
- "dll": "user32.dll"
- },
- {
- "imports": [
- {
- "name": "RegQueryValueExA",
- "address": "0x46e208"
- },
- {
- "name": "RegOpenKeyExA",
- "address": "0x46e20c"
- },
- {
- "name": "RegCloseKey",
- "address": "0x46e210"
- }
- ],
- "dll": "advapi32.dll"
- },
- {
- "imports": [
- {
- "name": "SysFreeString",
- "address": "0x46e218"
- },
- {
- "name": "SysReAllocStringLen",
- "address": "0x46e21c"
- },
- {
- "name": "SysAllocStringLen",
- "address": "0x46e220"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "TlsSetValue",
- "address": "0x46e228"
- },
- {
- "name": "TlsGetValue",
- "address": "0x46e22c"
- },
- {
- "name": "LocalAlloc",
- "address": "0x46e230"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46e234"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "RegQueryValueExA",
- "address": "0x46e23c"
- },
- {
- "name": "RegOpenKeyExA",
- "address": "0x46e240"
- },
- {
- "name": "RegCloseKey",
- "address": "0x46e244"
- }
- ],
- "dll": "advapi32.dll"
- },
- {
- "imports": [
- {
- "name": "lstrcpyA",
- "address": "0x46e24c"
- },
- {
- "name": "WriteFile",
- "address": "0x46e250"
- },
- {
- "name": "WaitForSingleObject",
- "address": "0x46e254"
- },
- {
- "name": "VirtualQuery",
- "address": "0x46e258"
- },
- {
- "name": "VirtualAlloc",
- "address": "0x46e25c"
- },
- {
- "name": "Sleep",
- "address": "0x46e260"
- },
- {
- "name": "SizeofResource",
- "address": "0x46e264"
- },
- {
- "name": "SetThreadLocale",
- "address": "0x46e268"
- },
- {
- "name": "SetFilePointer",
- "address": "0x46e26c"
- },
- {
- "name": "SetEvent",
- "address": "0x46e270"
- },
- {
- "name": "SetErrorMode",
- "address": "0x46e274"
- },
- {
- "name": "SetEndOfFile",
- "address": "0x46e278"
- },
- {
- "name": "ResumeThread",
- "address": "0x46e27c"
- },
- {
- "name": "ResetEvent",
- "address": "0x46e280"
- },
- {
- "name": "ReadFile",
- "address": "0x46e284"
- },
- {
- "name": "MulDiv",
- "address": "0x46e288"
- },
- {
- "name": "LockResource",
- "address": "0x46e28c"
- },
- {
- "name": "LoadResource",
- "address": "0x46e290"
- },
- {
- "name": "LoadLibraryA",
- "address": "0x46e294"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x46e298"
- },
- {
- "name": "IsBadWritePtr",
- "address": "0x46e29c"
- },
- {
- "name": "IsBadReadPtr",
- "address": "0x46e2a0"
- },
- {
- "name": "InitializeCriticalSection",
- "address": "0x46e2a4"
- },
- {
- "name": "GlobalUnlock",
- "address": "0x46e2a8"
- },
- {
- "name": "GlobalReAlloc",
- "address": "0x46e2ac"
- },
- {
- "name": "GlobalMemoryStatus",
- "address": "0x46e2b0"
- },
- {
- "name": "GlobalHandle",
- "address": "0x46e2b4"
- },
- {
- "name": "GlobalLock",
- "address": "0x46e2b8"
- },
- {
- "name": "GlobalFree",
- "address": "0x46e2bc"
- },
- {
- "name": "GlobalFindAtomA",
- "address": "0x46e2c0"
- },
- {
- "name": "GlobalDeleteAtom",
- "address": "0x46e2c4"
- },
- {
- "name": "GlobalAlloc",
- "address": "0x46e2c8"
- },
- {
- "name": "GlobalAddAtomA",
- "address": "0x46e2cc"
- },
- {
- "name": "GetVersionExA",
- "address": "0x46e2d0"
- },
- {
- "name": "GetVersion",
- "address": "0x46e2d4"
- },
- {
- "name": "GetTickCount",
- "address": "0x46e2d8"
- },
- {
- "name": "GetThreadLocale",
- "address": "0x46e2dc"
- },
- {
- "name": "GetTempPathA",
- "address": "0x46e2e0"
- },
- {
- "name": "GetTempFileNameA",
- "address": "0x46e2e4"
- },
- {
- "name": "GetSystemInfo",
- "address": "0x46e2e8"
- },
- {
- "name": "GetStringTypeExA",
- "address": "0x46e2ec"
- },
- {
- "name": "GetStdHandle",
- "address": "0x46e2f0"
- },
- {
- "name": "GetProcAddress",
- "address": "0x46e2f4"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46e2f8"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x46e2fc"
- },
- {
- "name": "GetLocaleInfoA",
- "address": "0x46e300"
- },
- {
- "name": "GetLocalTime",
- "address": "0x46e304"
- },
- {
- "name": "GetLastError",
- "address": "0x46e308"
- },
- {
- "name": "GetFullPathNameA",
- "address": "0x46e30c"
- },
- {
- "name": "GetExitCodeThread",
- "address": "0x46e310"
- },
- {
- "name": "GetDiskFreeSpaceA",
- "address": "0x46e314"
- },
- {
- "name": "GetDateFormatA",
- "address": "0x46e318"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x46e31c"
- },
- {
- "name": "GetCurrentProcessId",
- "address": "0x46e320"
- },
- {
- "name": "GetCPInfo",
- "address": "0x46e324"
- },
- {
- "name": "GetACP",
- "address": "0x46e328"
- },
- {
- "name": "FreeResource",
- "address": "0x46e32c"
- },
- {
- "name": "InterlockedIncrement",
- "address": "0x46e330"
- },
- {
- "name": "InterlockedExchange",
- "address": "0x46e334"
- },
- {
- "name": "InterlockedDecrement",
- "address": "0x46e338"
- },
- {
- "name": "FreeLibrary",
- "address": "0x46e33c"
- },
- {
- "name": "FormatMessageA",
- "address": "0x46e340"
- },
- {
- "name": "FindResourceA",
- "address": "0x46e344"
- },
- {
- "name": "ExitProcess",
- "address": "0x46e348"
- },
- {
- "name": "EnumCalendarInfoA",
- "address": "0x46e34c"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x46e350"
- },
- {
- "name": "DeleteFileA",
- "address": "0x46e354"
- },
- {
- "name": "DeleteCriticalSection",
- "address": "0x46e358"
- },
- {
- "name": "CreateThread",
- "address": "0x46e35c"
- },
- {
- "name": "CreateProcessA",
- "address": "0x46e360"
- },
- {
- "name": "CreateFileA",
- "address": "0x46e364"
- },
- {
- "name": "CreateEventA",
- "address": "0x46e368"
- },
- {
- "name": "CompareStringA",
- "address": "0x46e36c"
- },
- {
- "name": "CloseHandle",
- "address": "0x46e370"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "VerQueryValueA",
- "address": "0x46e378"
- },
- {
- "name": "GetFileVersionInfoSizeA",
- "address": "0x46e37c"
- },
- {
- "name": "GetFileVersionInfoA",
- "address": "0x46e380"
- }
- ],
- "dll": "version.dll"
- },
- {
- "imports": [
- {
- "name": "UnrealizeObject",
- "address": "0x46e388"
- },
- {
- "name": "StretchBlt",
- "address": "0x46e38c"
- },
- {
- "name": "SetWindowOrgEx",
- "address": "0x46e390"
- },
- {
- "name": "SetWinMetaFileBits",
- "address": "0x46e394"
- },
- {
- "name": "SetViewportOrgEx",
- "address": "0x46e398"
- },
- {
- "name": "SetTextColor",
- "address": "0x46e39c"
- },
- {
- "name": "SetStretchBltMode",
- "address": "0x46e3a0"
- },
- {
- "name": "SetROP2",
- "address": "0x46e3a4"
- },
- {
- "name": "SetPixel",
- "address": "0x46e3a8"
- },
- {
- "name": "SetEnhMetaFileBits",
- "address": "0x46e3ac"
- },
- {
- "name": "SetDIBColorTable",
- "address": "0x46e3b0"
- },
- {
- "name": "SetBrushOrgEx",
- "address": "0x46e3b4"
- },
- {
- "name": "SetBkMode",
- "address": "0x46e3b8"
- },
- {
- "name": "SetBkColor",
- "address": "0x46e3bc"
- },
- {
- "name": "SelectPalette",
- "address": "0x46e3c0"
- },
- {
- "name": "SelectObject",
- "address": "0x46e3c4"
- },
- {
- "name": "SaveDC",
- "address": "0x46e3c8"
- },
- {
- "name": "RestoreDC",
- "address": "0x46e3cc"
- },
- {
- "name": "Rectangle",
- "address": "0x46e3d0"
- },
- {
- "name": "RectVisible",
- "address": "0x46e3d4"
- },
- {
- "name": "RealizePalette",
- "address": "0x46e3d8"
- },
- {
- "name": "PlayEnhMetaFile",
- "address": "0x46e3dc"
- },
- {
- "name": "PatBlt",
- "address": "0x46e3e0"
- },
- {
- "name": "MoveToEx",
- "address": "0x46e3e4"
- },
- {
- "name": "MaskBlt",
- "address": "0x46e3e8"
- },
- {
- "name": "LineTo",
- "address": "0x46e3ec"
- },
- {
- "name": "IntersectClipRect",
- "address": "0x46e3f0"
- },
- {
- "name": "GetWindowOrgEx",
- "address": "0x46e3f4"
- },
- {
- "name": "GetWinMetaFileBits",
- "address": "0x46e3f8"
- },
- {
- "name": "GetTextMetricsA",
- "address": "0x46e3fc"
- },
- {
- "name": "GetTextExtentPointA",
- "address": "0x46e400"
- },
- {
- "name": "GetTextExtentPoint32A",
- "address": "0x46e404"
- },
- {
- "name": "GetSystemPaletteEntries",
- "address": "0x46e408"
- },
- {
- "name": "GetStockObject",
- "address": "0x46e40c"
- },
- {
- "name": "GetPixelFormat",
- "address": "0x46e410"
- },
- {
- "name": "GetPixel",
- "address": "0x46e414"
- },
- {
- "name": "GetPaletteEntries",
- "address": "0x46e418"
- },
- {
- "name": "GetObjectA",
- "address": "0x46e41c"
- },
- {
- "name": "GetMapMode",
- "address": "0x46e420"
- },
- {
- "name": "GetEnhMetaFilePaletteEntries",
- "address": "0x46e424"
- },
- {
- "name": "GetEnhMetaFileHeader",
- "address": "0x46e428"
- },
- {
- "name": "GetEnhMetaFileBits",
- "address": "0x46e42c"
- },
- {
- "name": "GetDeviceCaps",
- "address": "0x46e430"
- },
- {
- "name": "GetDIBits",
- "address": "0x46e434"
- },
- {
- "name": "GetDIBColorTable",
- "address": "0x46e438"
- },
- {
- "name": "GetDCOrgEx",
- "address": "0x46e43c"
- },
- {
- "name": "GetCurrentPositionEx",
- "address": "0x46e440"
- },
- {
- "name": "GetClipBox",
- "address": "0x46e444"
- },
- {
- "name": "GetBrushOrgEx",
- "address": "0x46e448"
- },
- {
- "name": "GetBkColor",
- "address": "0x46e44c"
- },
- {
- "name": "GetBitmapBits",
- "address": "0x46e450"
- },
- {
- "name": "ExcludeClipRect",
- "address": "0x46e454"
- },
- {
- "name": "DeleteObject",
- "address": "0x46e458"
- },
- {
- "name": "DeleteEnhMetaFile",
- "address": "0x46e45c"
- },
- {
- "name": "DeleteDC",
- "address": "0x46e460"
- },
- {
- "name": "CreateSolidBrush",
- "address": "0x46e464"
- },
- {
- "name": "CreatePenIndirect",
- "address": "0x46e468"
- },
- {
- "name": "CreatePalette",
- "address": "0x46e46c"
- },
- {
- "name": "CreateHalftonePalette",
- "address": "0x46e470"
- },
- {
- "name": "CreateFontIndirectA",
- "address": "0x46e474"
- },
- {
- "name": "CreateDIBitmap",
- "address": "0x46e478"
- },
- {
- "name": "CreateDIBSection",
- "address": "0x46e47c"
- },
- {
- "name": "CreateCompatibleDC",
- "address": "0x46e480"
- },
- {
- "name": "CreateCompatibleBitmap",
- "address": "0x46e484"
- },
- {
- "name": "CreateBrushIndirect",
- "address": "0x46e488"
- },
- {
- "name": "CreateBitmap",
- "address": "0x46e48c"
- },
- {
- "name": "CopyEnhMetaFileA",
- "address": "0x46e490"
- },
- {
- "name": "BitBlt",
- "address": "0x46e494"
- }
- ],
- "dll": "gdi32.dll"
- },
- {
- "imports": [
- {
- "name": "CreateWindowExA",
- "address": "0x46e49c"
- },
- {
- "name": "WindowFromPoint",
- "address": "0x46e4a0"
- },
- {
- "name": "WinHelpA",
- "address": "0x46e4a4"
- },
- {
- "name": "WaitMessage",
- "address": "0x46e4a8"
- },
- {
- "name": "UpdateWindow",
- "address": "0x46e4ac"
- },
- {
- "name": "UnregisterClassA",
- "address": "0x46e4b0"
- },
- {
- "name": "UnhookWindowsHookEx",
- "address": "0x46e4b4"
- },
- {
- "name": "TranslateMessage",
- "address": "0x46e4b8"
- },
- {
- "name": "TranslateMDISysAccel",
- "address": "0x46e4bc"
- },
- {
- "name": "TrackPopupMenu",
- "address": "0x46e4c0"
- },
- {
- "name": "SystemParametersInfoA",
- "address": "0x46e4c4"
- },
- {
- "name": "ShowWindow",
- "address": "0x46e4c8"
- },
- {
- "name": "ShowScrollBar",
- "address": "0x46e4cc"
- },
- {
- "name": "ShowOwnedPopups",
- "address": "0x46e4d0"
- },
- {
- "name": "ShowCursor",
- "address": "0x46e4d4"
- },
- {
- "name": "SetWindowsHookExA",
- "address": "0x46e4d8"
- },
- {
- "name": "SetWindowTextA",
- "address": "0x46e4dc"
- },
- {
- "name": "SetWindowPos",
- "address": "0x46e4e0"
- },
- {
- "name": "SetWindowPlacement",
- "address": "0x46e4e4"
- },
- {
- "name": "SetWindowLongA",
- "address": "0x46e4e8"
- },
- {
- "name": "SetTimer",
- "address": "0x46e4ec"
- },
- {
- "name": "SetScrollRange",
- "address": "0x46e4f0"
- },
- {
- "name": "SetScrollPos",
- "address": "0x46e4f4"
- },
- {
- "name": "SetScrollInfo",
- "address": "0x46e4f8"
- },
- {
- "name": "SetRect",
- "address": "0x46e4fc"
- },
- {
- "name": "SetPropA",
- "address": "0x46e500"
- },
- {
- "name": "SetParent",
- "address": "0x46e504"
- },
- {
- "name": "SetMenuItemInfoA",
- "address": "0x46e508"
- },
- {
- "name": "SetMenu",
- "address": "0x46e50c"
- },
- {
- "name": "SetForegroundWindow",
- "address": "0x46e510"
- },
- {
- "name": "SetFocus",
- "address": "0x46e514"
- },
- {
- "name": "SetCursor",
- "address": "0x46e518"
- },
- {
- "name": "SetClipboardData",
- "address": "0x46e51c"
- },
- {
- "name": "SetClassLongA",
- "address": "0x46e520"
- },
- {
- "name": "SetCapture",
- "address": "0x46e524"
- },
- {
- "name": "SetActiveWindow",
- "address": "0x46e528"
- },
- {
- "name": "SendMessageA",
- "address": "0x46e52c"
- },
- {
- "name": "ScrollWindow",
- "address": "0x46e530"
- },
- {
- "name": "ScreenToClient",
- "address": "0x46e534"
- },
- {
- "name": "RemovePropA",
- "address": "0x46e538"
- },
- {
- "name": "RemoveMenu",
- "address": "0x46e53c"
- },
- {
- "name": "ReleaseDC",
- "address": "0x46e540"
- },
- {
- "name": "ReleaseCapture",
- "address": "0x46e544"
- },
- {
- "name": "RegisterWindowMessageA",
- "address": "0x46e548"
- },
- {
- "name": "RegisterClipboardFormatA",
- "address": "0x46e54c"
- },
- {
- "name": "RegisterClassA",
- "address": "0x46e550"
- },
- {
- "name": "RedrawWindow",
- "address": "0x46e554"
- },
- {
- "name": "PtInRect",
- "address": "0x46e558"
- },
- {
- "name": "PostQuitMessage",
- "address": "0x46e55c"
- },
- {
- "name": "PostMessageA",
- "address": "0x46e560"
- },
- {
- "name": "PeekMessageA",
- "address": "0x46e564"
- },
- {
- "name": "OpenClipboard",
- "address": "0x46e568"
- },
- {
- "name": "OffsetRect",
- "address": "0x46e56c"
- },
- {
- "name": "OemToCharA",
- "address": "0x46e570"
- },
- {
- "name": "MsgWaitForMultipleObjects",
- "address": "0x46e574"
- },
- {
- "name": "MessageBoxA",
- "address": "0x46e578"
- },
- {
- "name": "MessageBeep",
- "address": "0x46e57c"
- },
- {
- "name": "MapWindowPoints",
- "address": "0x46e580"
- },
- {
- "name": "MapVirtualKeyA",
- "address": "0x46e584"
- },
- {
- "name": "LoadStringA",
- "address": "0x46e588"
- },
- {
- "name": "LoadKeyboardLayoutA",
- "address": "0x46e58c"
- },
- {
- "name": "LoadIconA",
- "address": "0x46e590"
- },
- {
- "name": "LoadCursorA",
- "address": "0x46e594"
- },
- {
- "name": "LoadBitmapA",
- "address": "0x46e598"
- },
- {
- "name": "KillTimer",
- "address": "0x46e59c"
- },
- {
- "name": "IsZoomed",
- "address": "0x46e5a0"
- },
- {
- "name": "IsWindowVisible",
- "address": "0x46e5a4"
- },
- {
- "name": "IsWindowEnabled",
- "address": "0x46e5a8"
- },
- {
- "name": "IsWindow",
- "address": "0x46e5ac"
- },
- {
- "name": "IsRectEmpty",
- "address": "0x46e5b0"
- },
- {
- "name": "IsIconic",
- "address": "0x46e5b4"
- },
- {
- "name": "IsDialogMessageA",
- "address": "0x46e5b8"
- },
- {
- "name": "IsChild",
- "address": "0x46e5bc"
- },
- {
- "name": "InvalidateRect",
- "address": "0x46e5c0"
- },
- {
- "name": "IntersectRect",
- "address": "0x46e5c4"
- },
- {
- "name": "InsertMenuItemA",
- "address": "0x46e5c8"
- },
- {
- "name": "InsertMenuA",
- "address": "0x46e5cc"
- },
- {
- "name": "InflateRect",
- "address": "0x46e5d0"
- },
- {
- "name": "GetWindowThreadProcessId",
- "address": "0x46e5d4"
- },
- {
- "name": "GetWindowTextA",
- "address": "0x46e5d8"
- },
- {
- "name": "GetWindowRect",
- "address": "0x46e5dc"
- },
- {
- "name": "GetWindowPlacement",
- "address": "0x46e5e0"
- },
- {
- "name": "GetWindowLongA",
- "address": "0x46e5e4"
- },
- {
- "name": "GetWindowDC",
- "address": "0x46e5e8"
- },
- {
- "name": "GetTopWindow",
- "address": "0x46e5ec"
- },
- {
- "name": "GetSystemMetrics",
- "address": "0x46e5f0"
- },
- {
- "name": "GetSystemMenu",
- "address": "0x46e5f4"
- },
- {
- "name": "GetSysColorBrush",
- "address": "0x46e5f8"
- },
- {
- "name": "GetSysColor",
- "address": "0x46e5fc"
- },
- {
- "name": "GetSubMenu",
- "address": "0x46e600"
- },
- {
- "name": "GetScrollRange",
- "address": "0x46e604"
- },
- {
- "name": "GetScrollPos",
- "address": "0x46e608"
- },
- {
- "name": "GetScrollInfo",
- "address": "0x46e60c"
- },
- {
- "name": "GetPropA",
- "address": "0x46e610"
- },
- {
- "name": "GetParent",
- "address": "0x46e614"
- },
- {
- "name": "GetWindow",
- "address": "0x46e618"
- },
- {
- "name": "GetMenuStringA",
- "address": "0x46e61c"
- },
- {
- "name": "GetMenuState",
- "address": "0x46e620"
- },
- {
- "name": "GetMenuItemInfoA",
- "address": "0x46e624"
- },
- {
- "name": "GetMenuItemID",
- "address": "0x46e628"
- },
- {
- "name": "GetMenuItemCount",
- "address": "0x46e62c"
- },
- {
- "name": "GetMenu",
- "address": "0x46e630"
- },
- {
- "name": "GetLastActivePopup",
- "address": "0x46e634"
- },
- {
- "name": "GetKeyboardState",
- "address": "0x46e638"
- },
- {
- "name": "GetKeyboardLayoutList",
- "address": "0x46e63c"
- },
- {
- "name": "GetKeyboardLayout",
- "address": "0x46e640"
- },
- {
- "name": "GetKeyState",
- "address": "0x46e644"
- },
- {
- "name": "GetKeyNameTextA",
- "address": "0x46e648"
- },
- {
- "name": "GetIconInfo",
- "address": "0x46e64c"
- },
- {
- "name": "GetForegroundWindow",
- "address": "0x46e650"
- },
- {
- "name": "GetFocus",
- "address": "0x46e654"
- },
- {
- "name": "GetDlgItem",
- "address": "0x46e658"
- },
- {
- "name": "GetDesktopWindow",
- "address": "0x46e65c"
- },
- {
- "name": "GetDCEx",
- "address": "0x46e660"
- },
- {
- "name": "GetDC",
- "address": "0x46e664"
- },
- {
- "name": "GetCursorPos",
- "address": "0x46e668"
- },
- {
- "name": "GetCursor",
- "address": "0x46e66c"
- },
- {
- "name": "GetClipboardData",
- "address": "0x46e670"
- },
- {
- "name": "GetClientRect",
- "address": "0x46e674"
- },
- {
- "name": "GetClassNameA",
- "address": "0x46e678"
- },
- {
- "name": "GetClassInfoA",
- "address": "0x46e67c"
- },
- {
- "name": "GetCapture",
- "address": "0x46e680"
- },
- {
- "name": "GetActiveWindow",
- "address": "0x46e684"
- },
- {
- "name": "FrameRect",
- "address": "0x46e688"
- },
- {
- "name": "FindWindowA",
- "address": "0x46e68c"
- },
- {
- "name": "FillRect",
- "address": "0x46e690"
- },
- {
- "name": "EqualRect",
- "address": "0x46e694"
- },
- {
- "name": "EnumWindows",
- "address": "0x46e698"
- },
- {
- "name": "EnumThreadWindows",
- "address": "0x46e69c"
- },
- {
- "name": "EndPaint",
- "address": "0x46e6a0"
- },
- {
- "name": "EnableWindow",
- "address": "0x46e6a4"
- },
- {
- "name": "EnableScrollBar",
- "address": "0x46e6a8"
- },
- {
- "name": "EnableMenuItem",
- "address": "0x46e6ac"
- },
- {
- "name": "EmptyClipboard",
- "address": "0x46e6b0"
- },
- {
- "name": "DrawTextA",
- "address": "0x46e6b4"
- },
- {
- "name": "DrawMenuBar",
- "address": "0x46e6b8"
- },
- {
- "name": "DrawIconEx",
- "address": "0x46e6bc"
- },
- {
- "name": "DrawIcon",
- "address": "0x46e6c0"
- },
- {
- "name": "DrawFrameControl",
- "address": "0x46e6c4"
- },
- {
- "name": "DrawFocusRect",
- "address": "0x46e6c8"
- },
- {
- "name": "DrawEdge",
- "address": "0x46e6cc"
- },
- {
- "name": "DispatchMessageA",
- "address": "0x46e6d0"
- },
- {
- "name": "DestroyWindow",
- "address": "0x46e6d4"
- },
- {
- "name": "DestroyMenu",
- "address": "0x46e6d8"
- },
- {
- "name": "DestroyIcon",
- "address": "0x46e6dc"
- },
- {
- "name": "DestroyCursor",
- "address": "0x46e6e0"
- },
- {
- "name": "DeleteMenu",
- "address": "0x46e6e4"
- },
- {
- "name": "DefWindowProcA",
- "address": "0x46e6e8"
- },
- {
- "name": "DefMDIChildProcA",
- "address": "0x46e6ec"
- },
- {
- "name": "DefFrameProcA",
- "address": "0x46e6f0"
- },
- {
- "name": "CreatePopupMenu",
- "address": "0x46e6f4"
- },
- {
- "name": "CreateMenu",
- "address": "0x46e6f8"
- },
- {
- "name": "CreateIcon",
- "address": "0x46e6fc"
- },
- {
- "name": "CloseClipboard",
- "address": "0x46e700"
- },
- {
- "name": "ClientToScreen",
- "address": "0x46e704"
- },
- {
- "name": "CheckMenuItem",
- "address": "0x46e708"
- },
- {
- "name": "CallWindowProcA",
- "address": "0x46e70c"
- },
- {
- "name": "CallNextHookEx",
- "address": "0x46e710"
- },
- {
- "name": "BeginPaint",
- "address": "0x46e714"
- },
- {
- "name": "CharNextA",
- "address": "0x46e718"
- },
- {
- "name": "CharLowerBuffA",
- "address": "0x46e71c"
- },
- {
- "name": "CharLowerA",
- "address": "0x46e720"
- },
- {
- "name": "CharUpperBuffA",
- "address": "0x46e724"
- },
- {
- "name": "CharToOemA",
- "address": "0x46e728"
- },
- {
- "name": "AdjustWindowRectEx",
- "address": "0x46e72c"
- },
- {
- "name": "ActivateKeyboardLayout",
- "address": "0x46e730"
- }
- ],
- "dll": "user32.dll"
- },
- {
- "imports": [
- {
- "name": "Sleep",
- "address": "0x46e738"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "SafeArrayPtrOfIndex",
- "address": "0x46e740"
- },
- {
- "name": "SafeArrayGetUBound",
- "address": "0x46e744"
- },
- {
- "name": "SafeArrayGetLBound",
- "address": "0x46e748"
- },
- {
- "name": "SafeArrayCreate",
- "address": "0x46e74c"
- },
- {
- "name": "VariantChangeType",
- "address": "0x46e750"
- },
- {
- "name": "VariantCopy",
- "address": "0x46e754"
- },
- {
- "name": "VariantClear",
- "address": "0x46e758"
- },
- {
- "name": "VariantInit",
- "address": "0x46e75c"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "ImageList_SetIconSize",
- "address": "0x46e764"
- },
- {
- "name": "ImageList_GetIconSize",
- "address": "0x46e768"
- },
- {
- "name": "ImageList_Write",
- "address": "0x46e76c"
- },
- {
- "name": "ImageList_Read",
- "address": "0x46e770"
- },
- {
- "name": "ImageList_GetDragImage",
- "address": "0x46e774"
- },
- {
- "name": "ImageList_DragShowNolock",
- "address": "0x46e778"
- },
- {
- "name": "ImageList_SetDragCursorImage",
- "address": "0x46e77c"
- },
- {
- "name": "ImageList_DragMove",
- "address": "0x46e780"
- },
- {
- "name": "ImageList_DragLeave",
- "address": "0x46e784"
- },
- {
- "name": "ImageList_DragEnter",
- "address": "0x46e788"
- },
- {
- "name": "ImageList_EndDrag",
- "address": "0x46e78c"
- },
- {
- "name": "ImageList_BeginDrag",
- "address": "0x46e790"
- },
- {
- "name": "ImageList_Remove",
- "address": "0x46e794"
- },
- {
- "name": "ImageList_DrawEx",
- "address": "0x46e798"
- },
- {
- "name": "ImageList_Replace",
- "address": "0x46e79c"
- },
- {
- "name": "ImageList_Draw",
- "address": "0x46e7a0"
- },
- {
- "name": "ImageList_GetBkColor",
- "address": "0x46e7a4"
- },
- {
- "name": "ImageList_SetBkColor",
- "address": "0x46e7a8"
- },
- {
- "name": "ImageList_ReplaceIcon",
- "address": "0x46e7ac"
- },
- {
- "name": "ImageList_Add",
- "address": "0x46e7b0"
- },
- {
- "name": "ImageList_SetImageCount",
- "address": "0x46e7b4"
- },
- {
- "name": "ImageList_GetImageCount",
- "address": "0x46e7b8"
- },
- {
- "name": "ImageList_Destroy",
- "address": "0x46e7bc"
- },
- {
- "name": "ImageList_Create",
- "address": "0x46e7c0"
- }
- ],
- "dll": "comctl32.dll"
- },
- {
- "imports": [
- {
- "name": "GetOpenFileNameA",
- "address": "0x46e7c8"
- }
- ],
- "dll": "comdlg32.dll"
- },
- {
- "imports": [
- {
- "name": "WSACleanup",
- "address": "0x46e7d0"
- },
- {
- "name": "WSAStartup",
- "address": "0x46e7d4"
- },
- {
- "name": "WSAGetLastError",
- "address": "0x46e7d8"
- },
- {
- "name": "WSAAsyncGetHostByName",
- "address": "0x46e7dc"
- },
- {
- "name": "WSAAsyncSelect",
- "address": "0x46e7e0"
- },
- {
- "name": "socket",
- "address": "0x46e7e4"
- },
- {
- "name": "setsockopt",
- "address": "0x46e7e8"
- },
- {
- "name": "send",
- "address": "0x46e7ec"
- },
- {
- "name": "recv",
- "address": "0x46e7f0"
- },
- {
- "name": "inet_addr",
- "address": "0x46e7f4"
- },
- {
- "name": "htons",
- "address": "0x46e7f8"
- },
- {
- "name": "connect",
- "address": "0x46e7fc"
- },
- {
- "name": "closesocket",
- "address": "0x46e800"
- },
- {
- "name": "accept",
- "address": "0x46e804"
- }
- ],
- "dll": "wsock32.dll"
- }
- ],
- "digital_signers": null,
- "exported_dll_name": null,
- "actual_checksum": "0x0015ecfd",
- "overlay": {
- "size": "0x0009b7c8",
- "offset": "0x000c0c00"
- },
- "imagebase": "0x00400000",
- "reported_checksum": "0x000d0b4d",
- "icon_hash": null,
- "entrypoint": "0x00469844",
- "timestamp": "1992-06-19 22:22:17",
- "osversion": "4.0",
- "sections": [
- {
- "name": "CODE",
- "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00001000",
- "size_of_data": "0x00068a00",
- "entropy": "6.51",
- "raw_address": "0x00000400",
- "virtual_size": "0x000688b8",
- "characteristics_raw": "0x60000020"
- },
- {
- "name": "DATA",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006a000",
- "size_of_data": "0x00002000",
- "entropy": "4.12",
- "raw_address": "0x00068e00",
- "virtual_size": "0x00001f0c",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": "BSS",
- "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006c000",
- "size_of_data": "0x00000000",
- "entropy": "0.00",
- "raw_address": "0x0006ae00",
- "virtual_size": "0x000010b9",
- "characteristics_raw": "0xc0000000"
- },
- {
- "name": ".idata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006e000",
- "size_of_data": "0x00002600",
- "entropy": "4.97",
- "raw_address": "0x0006ae00",
- "virtual_size": "0x000024d4",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": ".tls",
- "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x00071000",
- "size_of_data": "0x00000000",
- "entropy": "0.00",
- "raw_address": "0x0006d400",
- "virtual_size": "0x00000010",
- "characteristics_raw": "0xc0000000"
- },
- {
- "name": ".rdata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00072000",
- "size_of_data": "0x00000200",
- "entropy": "0.20",
- "raw_address": "0x0006d400",
- "virtual_size": "0x00000018",
- "characteristics_raw": "0x50000040"
- },
- {
- "name": ".reloc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00073000",
- "size_of_data": "0x00007c00",
- "entropy": "6.65",
- "raw_address": "0x0006d600",
- "virtual_size": "0x00007adc",
- "characteristics_raw": "0x50000040"
- },
- {
- "name": ".rsrc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x0007b000",
- "size_of_data": "0x0004ba00",
- "entropy": "5.80",
- "raw_address": "0x00075200",
- "virtual_size": "0x0004b9ac",
- "characteristics_raw": "0x50000040"
- }
- ],
- "resources": [],
- "dirents": [
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x0006e000",
- "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
- "size": "0x000024d4"
- },
- {
- "virtual_address": "0x0007b000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
- "size": "0x0004b9ac"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00073000",
- "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
- "size": "0x00007adc"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00072000",
- "name": "IMAGE_DIRECTORY_ENTRY_TLS",
- "size": "0x00000018"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_IAT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
- "size": "0x00000000"
- }
- ],
- "exports": [],
- "guest_signers": {},
- "imphash": "5ae4cca98b2f15124dd50272f7881db7",
- "icon_fuzzy": null,
- "icon": null,
- "pdbpath": null,
- "imported_dll_count": 15,
- "versioninfo": []
- }
- }
- [*] Resolved APIs: []
- [*] Static Analysis: {
- "pe": {
- "peid_signatures": null,
- "imports": [
- {
- "imports": [
- {
- "name": "DeleteCriticalSection",
- "address": "0x46e140"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x46e144"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x46e148"
- },
- {
- "name": "InitializeCriticalSection",
- "address": "0x46e14c"
- },
- {
- "name": "VirtualFree",
- "address": "0x46e150"
- },
- {
- "name": "VirtualAlloc",
- "address": "0x46e154"
- },
- {
- "name": "LocalFree",
- "address": "0x46e158"
- },
- {
- "name": "LocalAlloc",
- "address": "0x46e15c"
- },
- {
- "name": "GetVersion",
- "address": "0x46e160"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x46e164"
- },
- {
- "name": "InterlockedDecrement",
- "address": "0x46e168"
- },
- {
- "name": "InterlockedIncrement",
- "address": "0x46e16c"
- },
- {
- "name": "VirtualQuery",
- "address": "0x46e170"
- },
- {
- "name": "WideCharToMultiByte",
- "address": "0x46e174"
- },
- {
- "name": "MultiByteToWideChar",
- "address": "0x46e178"
- },
- {
- "name": "lstrlenA",
- "address": "0x46e17c"
- },
- {
- "name": "lstrcpynA",
- "address": "0x46e180"
- },
- {
- "name": "LoadLibraryExA",
- "address": "0x46e184"
- },
- {
- "name": "GetThreadLocale",
- "address": "0x46e188"
- },
- {
- "name": "GetStartupInfoA",
- "address": "0x46e18c"
- },
- {
- "name": "GetProcAddress",
- "address": "0x46e190"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46e194"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x46e198"
- },
- {
- "name": "GetLocaleInfoA",
- "address": "0x46e19c"
- },
- {
- "name": "GetLastError",
- "address": "0x46e1a0"
- },
- {
- "name": "GetCommandLineA",
- "address": "0x46e1a4"
- },
- {
- "name": "FreeLibrary",
- "address": "0x46e1a8"
- },
- {
- "name": "FindFirstFileA",
- "address": "0x46e1ac"
- },
- {
- "name": "FindClose",
- "address": "0x46e1b0"
- },
- {
- "name": "ExitProcess",
- "address": "0x46e1b4"
- },
- {
- "name": "ExitThread",
- "address": "0x46e1b8"
- },
- {
- "name": "CreateThread",
- "address": "0x46e1bc"
- },
- {
- "name": "WriteFile",
- "address": "0x46e1c0"
- },
- {
- "name": "UnhandledExceptionFilter",
- "address": "0x46e1c4"
- },
- {
- "name": "SetFilePointer",
- "address": "0x46e1c8"
- },
- {
- "name": "SetEndOfFile",
- "address": "0x46e1cc"
- },
- {
- "name": "RtlUnwind",
- "address": "0x46e1d0"
- },
- {
- "name": "ReadFile",
- "address": "0x46e1d4"
- },
- {
- "name": "RaiseException",
- "address": "0x46e1d8"
- },
- {
- "name": "GetStdHandle",
- "address": "0x46e1dc"
- },
- {
- "name": "GetFileSize",
- "address": "0x46e1e0"
- },
- {
- "name": "GetFileType",
- "address": "0x46e1e4"
- },
- {
- "name": "CreateFileA",
- "address": "0x46e1e8"
- },
- {
- "name": "CloseHandle",
- "address": "0x46e1ec"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "GetKeyboardType",
- "address": "0x46e1f4"
- },
- {
- "name": "LoadStringA",
- "address": "0x46e1f8"
- },
- {
- "name": "MessageBoxA",
- "address": "0x46e1fc"
- },
- {
- "name": "CharNextA",
- "address": "0x46e200"
- }
- ],
- "dll": "user32.dll"
- },
- {
- "imports": [
- {
- "name": "RegQueryValueExA",
- "address": "0x46e208"
- },
- {
- "name": "RegOpenKeyExA",
- "address": "0x46e20c"
- },
- {
- "name": "RegCloseKey",
- "address": "0x46e210"
- }
- ],
- "dll": "advapi32.dll"
- },
- {
- "imports": [
- {
- "name": "SysFreeString",
- "address": "0x46e218"
- },
- {
- "name": "SysReAllocStringLen",
- "address": "0x46e21c"
- },
- {
- "name": "SysAllocStringLen",
- "address": "0x46e220"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "TlsSetValue",
- "address": "0x46e228"
- },
- {
- "name": "TlsGetValue",
- "address": "0x46e22c"
- },
- {
- "name": "LocalAlloc",
- "address": "0x46e230"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46e234"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "RegQueryValueExA",
- "address": "0x46e23c"
- },
- {
- "name": "RegOpenKeyExA",
- "address": "0x46e240"
- },
- {
- "name": "RegCloseKey",
- "address": "0x46e244"
- }
- ],
- "dll": "advapi32.dll"
- },
- {
- "imports": [
- {
- "name": "lstrcpyA",
- "address": "0x46e24c"
- },
- {
- "name": "WriteFile",
- "address": "0x46e250"
- },
- {
- "name": "WaitForSingleObject",
- "address": "0x46e254"
- },
- {
- "name": "VirtualQuery",
- "address": "0x46e258"
- },
- {
- "name": "VirtualAlloc",
- "address": "0x46e25c"
- },
- {
- "name": "Sleep",
- "address": "0x46e260"
- },
- {
- "name": "SizeofResource",
- "address": "0x46e264"
- },
- {
- "name": "SetThreadLocale",
- "address": "0x46e268"
- },
- {
- "name": "SetFilePointer",
- "address": "0x46e26c"
- },
- {
- "name": "SetEvent",
- "address": "0x46e270"
- },
- {
- "name": "SetErrorMode",
- "address": "0x46e274"
- },
- {
- "name": "SetEndOfFile",
- "address": "0x46e278"
- },
- {
- "name": "ResumeThread",
- "address": "0x46e27c"
- },
- {
- "name": "ResetEvent",
- "address": "0x46e280"
- },
- {
- "name": "ReadFile",
- "address": "0x46e284"
- },
- {
- "name": "MulDiv",
- "address": "0x46e288"
- },
- {
- "name": "LockResource",
- "address": "0x46e28c"
- },
- {
- "name": "LoadResource",
- "address": "0x46e290"
- },
- {
- "name": "LoadLibraryA",
- "address": "0x46e294"
- },
- {
- "name": "LeaveCriticalSection",
- "address": "0x46e298"
- },
- {
- "name": "IsBadWritePtr",
- "address": "0x46e29c"
- },
- {
- "name": "IsBadReadPtr",
- "address": "0x46e2a0"
- },
- {
- "name": "InitializeCriticalSection",
- "address": "0x46e2a4"
- },
- {
- "name": "GlobalUnlock",
- "address": "0x46e2a8"
- },
- {
- "name": "GlobalReAlloc",
- "address": "0x46e2ac"
- },
- {
- "name": "GlobalMemoryStatus",
- "address": "0x46e2b0"
- },
- {
- "name": "GlobalHandle",
- "address": "0x46e2b4"
- },
- {
- "name": "GlobalLock",
- "address": "0x46e2b8"
- },
- {
- "name": "GlobalFree",
- "address": "0x46e2bc"
- },
- {
- "name": "GlobalFindAtomA",
- "address": "0x46e2c0"
- },
- {
- "name": "GlobalDeleteAtom",
- "address": "0x46e2c4"
- },
- {
- "name": "GlobalAlloc",
- "address": "0x46e2c8"
- },
- {
- "name": "GlobalAddAtomA",
- "address": "0x46e2cc"
- },
- {
- "name": "GetVersionExA",
- "address": "0x46e2d0"
- },
- {
- "name": "GetVersion",
- "address": "0x46e2d4"
- },
- {
- "name": "GetTickCount",
- "address": "0x46e2d8"
- },
- {
- "name": "GetThreadLocale",
- "address": "0x46e2dc"
- },
- {
- "name": "GetTempPathA",
- "address": "0x46e2e0"
- },
- {
- "name": "GetTempFileNameA",
- "address": "0x46e2e4"
- },
- {
- "name": "GetSystemInfo",
- "address": "0x46e2e8"
- },
- {
- "name": "GetStringTypeExA",
- "address": "0x46e2ec"
- },
- {
- "name": "GetStdHandle",
- "address": "0x46e2f0"
- },
- {
- "name": "GetProcAddress",
- "address": "0x46e2f4"
- },
- {
- "name": "GetModuleHandleA",
- "address": "0x46e2f8"
- },
- {
- "name": "GetModuleFileNameA",
- "address": "0x46e2fc"
- },
- {
- "name": "GetLocaleInfoA",
- "address": "0x46e300"
- },
- {
- "name": "GetLocalTime",
- "address": "0x46e304"
- },
- {
- "name": "GetLastError",
- "address": "0x46e308"
- },
- {
- "name": "GetFullPathNameA",
- "address": "0x46e30c"
- },
- {
- "name": "GetExitCodeThread",
- "address": "0x46e310"
- },
- {
- "name": "GetDiskFreeSpaceA",
- "address": "0x46e314"
- },
- {
- "name": "GetDateFormatA",
- "address": "0x46e318"
- },
- {
- "name": "GetCurrentThreadId",
- "address": "0x46e31c"
- },
- {
- "name": "GetCurrentProcessId",
- "address": "0x46e320"
- },
- {
- "name": "GetCPInfo",
- "address": "0x46e324"
- },
- {
- "name": "GetACP",
- "address": "0x46e328"
- },
- {
- "name": "FreeResource",
- "address": "0x46e32c"
- },
- {
- "name": "InterlockedIncrement",
- "address": "0x46e330"
- },
- {
- "name": "InterlockedExchange",
- "address": "0x46e334"
- },
- {
- "name": "InterlockedDecrement",
- "address": "0x46e338"
- },
- {
- "name": "FreeLibrary",
- "address": "0x46e33c"
- },
- {
- "name": "FormatMessageA",
- "address": "0x46e340"
- },
- {
- "name": "FindResourceA",
- "address": "0x46e344"
- },
- {
- "name": "ExitProcess",
- "address": "0x46e348"
- },
- {
- "name": "EnumCalendarInfoA",
- "address": "0x46e34c"
- },
- {
- "name": "EnterCriticalSection",
- "address": "0x46e350"
- },
- {
- "name": "DeleteFileA",
- "address": "0x46e354"
- },
- {
- "name": "DeleteCriticalSection",
- "address": "0x46e358"
- },
- {
- "name": "CreateThread",
- "address": "0x46e35c"
- },
- {
- "name": "CreateProcessA",
- "address": "0x46e360"
- },
- {
- "name": "CreateFileA",
- "address": "0x46e364"
- },
- {
- "name": "CreateEventA",
- "address": "0x46e368"
- },
- {
- "name": "CompareStringA",
- "address": "0x46e36c"
- },
- {
- "name": "CloseHandle",
- "address": "0x46e370"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "VerQueryValueA",
- "address": "0x46e378"
- },
- {
- "name": "GetFileVersionInfoSizeA",
- "address": "0x46e37c"
- },
- {
- "name": "GetFileVersionInfoA",
- "address": "0x46e380"
- }
- ],
- "dll": "version.dll"
- },
- {
- "imports": [
- {
- "name": "UnrealizeObject",
- "address": "0x46e388"
- },
- {
- "name": "StretchBlt",
- "address": "0x46e38c"
- },
- {
- "name": "SetWindowOrgEx",
- "address": "0x46e390"
- },
- {
- "name": "SetWinMetaFileBits",
- "address": "0x46e394"
- },
- {
- "name": "SetViewportOrgEx",
- "address": "0x46e398"
- },
- {
- "name": "SetTextColor",
- "address": "0x46e39c"
- },
- {
- "name": "SetStretchBltMode",
- "address": "0x46e3a0"
- },
- {
- "name": "SetROP2",
- "address": "0x46e3a4"
- },
- {
- "name": "SetPixel",
- "address": "0x46e3a8"
- },
- {
- "name": "SetEnhMetaFileBits",
- "address": "0x46e3ac"
- },
- {
- "name": "SetDIBColorTable",
- "address": "0x46e3b0"
- },
- {
- "name": "SetBrushOrgEx",
- "address": "0x46e3b4"
- },
- {
- "name": "SetBkMode",
- "address": "0x46e3b8"
- },
- {
- "name": "SetBkColor",
- "address": "0x46e3bc"
- },
- {
- "name": "SelectPalette",
- "address": "0x46e3c0"
- },
- {
- "name": "SelectObject",
- "address": "0x46e3c4"
- },
- {
- "name": "SaveDC",
- "address": "0x46e3c8"
- },
- {
- "name": "RestoreDC",
- "address": "0x46e3cc"
- },
- {
- "name": "Rectangle",
- "address": "0x46e3d0"
- },
- {
- "name": "RectVisible",
- "address": "0x46e3d4"
- },
- {
- "name": "RealizePalette",
- "address": "0x46e3d8"
- },
- {
- "name": "PlayEnhMetaFile",
- "address": "0x46e3dc"
- },
- {
- "name": "PatBlt",
- "address": "0x46e3e0"
- },
- {
- "name": "MoveToEx",
- "address": "0x46e3e4"
- },
- {
- "name": "MaskBlt",
- "address": "0x46e3e8"
- },
- {
- "name": "LineTo",
- "address": "0x46e3ec"
- },
- {
- "name": "IntersectClipRect",
- "address": "0x46e3f0"
- },
- {
- "name": "GetWindowOrgEx",
- "address": "0x46e3f4"
- },
- {
- "name": "GetWinMetaFileBits",
- "address": "0x46e3f8"
- },
- {
- "name": "GetTextMetricsA",
- "address": "0x46e3fc"
- },
- {
- "name": "GetTextExtentPointA",
- "address": "0x46e400"
- },
- {
- "name": "GetTextExtentPoint32A",
- "address": "0x46e404"
- },
- {
- "name": "GetSystemPaletteEntries",
- "address": "0x46e408"
- },
- {
- "name": "GetStockObject",
- "address": "0x46e40c"
- },
- {
- "name": "GetPixelFormat",
- "address": "0x46e410"
- },
- {
- "name": "GetPixel",
- "address": "0x46e414"
- },
- {
- "name": "GetPaletteEntries",
- "address": "0x46e418"
- },
- {
- "name": "GetObjectA",
- "address": "0x46e41c"
- },
- {
- "name": "GetMapMode",
- "address": "0x46e420"
- },
- {
- "name": "GetEnhMetaFilePaletteEntries",
- "address": "0x46e424"
- },
- {
- "name": "GetEnhMetaFileHeader",
- "address": "0x46e428"
- },
- {
- "name": "GetEnhMetaFileBits",
- "address": "0x46e42c"
- },
- {
- "name": "GetDeviceCaps",
- "address": "0x46e430"
- },
- {
- "name": "GetDIBits",
- "address": "0x46e434"
- },
- {
- "name": "GetDIBColorTable",
- "address": "0x46e438"
- },
- {
- "name": "GetDCOrgEx",
- "address": "0x46e43c"
- },
- {
- "name": "GetCurrentPositionEx",
- "address": "0x46e440"
- },
- {
- "name": "GetClipBox",
- "address": "0x46e444"
- },
- {
- "name": "GetBrushOrgEx",
- "address": "0x46e448"
- },
- {
- "name": "GetBkColor",
- "address": "0x46e44c"
- },
- {
- "name": "GetBitmapBits",
- "address": "0x46e450"
- },
- {
- "name": "ExcludeClipRect",
- "address": "0x46e454"
- },
- {
- "name": "DeleteObject",
- "address": "0x46e458"
- },
- {
- "name": "DeleteEnhMetaFile",
- "address": "0x46e45c"
- },
- {
- "name": "DeleteDC",
- "address": "0x46e460"
- },
- {
- "name": "CreateSolidBrush",
- "address": "0x46e464"
- },
- {
- "name": "CreatePenIndirect",
- "address": "0x46e468"
- },
- {
- "name": "CreatePalette",
- "address": "0x46e46c"
- },
- {
- "name": "CreateHalftonePalette",
- "address": "0x46e470"
- },
- {
- "name": "CreateFontIndirectA",
- "address": "0x46e474"
- },
- {
- "name": "CreateDIBitmap",
- "address": "0x46e478"
- },
- {
- "name": "CreateDIBSection",
- "address": "0x46e47c"
- },
- {
- "name": "CreateCompatibleDC",
- "address": "0x46e480"
- },
- {
- "name": "CreateCompatibleBitmap",
- "address": "0x46e484"
- },
- {
- "name": "CreateBrushIndirect",
- "address": "0x46e488"
- },
- {
- "name": "CreateBitmap",
- "address": "0x46e48c"
- },
- {
- "name": "CopyEnhMetaFileA",
- "address": "0x46e490"
- },
- {
- "name": "BitBlt",
- "address": "0x46e494"
- }
- ],
- "dll": "gdi32.dll"
- },
- {
- "imports": [
- {
- "name": "CreateWindowExA",
- "address": "0x46e49c"
- },
- {
- "name": "WindowFromPoint",
- "address": "0x46e4a0"
- },
- {
- "name": "WinHelpA",
- "address": "0x46e4a4"
- },
- {
- "name": "WaitMessage",
- "address": "0x46e4a8"
- },
- {
- "name": "UpdateWindow",
- "address": "0x46e4ac"
- },
- {
- "name": "UnregisterClassA",
- "address": "0x46e4b0"
- },
- {
- "name": "UnhookWindowsHookEx",
- "address": "0x46e4b4"
- },
- {
- "name": "TranslateMessage",
- "address": "0x46e4b8"
- },
- {
- "name": "TranslateMDISysAccel",
- "address": "0x46e4bc"
- },
- {
- "name": "TrackPopupMenu",
- "address": "0x46e4c0"
- },
- {
- "name": "SystemParametersInfoA",
- "address": "0x46e4c4"
- },
- {
- "name": "ShowWindow",
- "address": "0x46e4c8"
- },
- {
- "name": "ShowScrollBar",
- "address": "0x46e4cc"
- },
- {
- "name": "ShowOwnedPopups",
- "address": "0x46e4d0"
- },
- {
- "name": "ShowCursor",
- "address": "0x46e4d4"
- },
- {
- "name": "SetWindowsHookExA",
- "address": "0x46e4d8"
- },
- {
- "name": "SetWindowTextA",
- "address": "0x46e4dc"
- },
- {
- "name": "SetWindowPos",
- "address": "0x46e4e0"
- },
- {
- "name": "SetWindowPlacement",
- "address": "0x46e4e4"
- },
- {
- "name": "SetWindowLongA",
- "address": "0x46e4e8"
- },
- {
- "name": "SetTimer",
- "address": "0x46e4ec"
- },
- {
- "name": "SetScrollRange",
- "address": "0x46e4f0"
- },
- {
- "name": "SetScrollPos",
- "address": "0x46e4f4"
- },
- {
- "name": "SetScrollInfo",
- "address": "0x46e4f8"
- },
- {
- "name": "SetRect",
- "address": "0x46e4fc"
- },
- {
- "name": "SetPropA",
- "address": "0x46e500"
- },
- {
- "name": "SetParent",
- "address": "0x46e504"
- },
- {
- "name": "SetMenuItemInfoA",
- "address": "0x46e508"
- },
- {
- "name": "SetMenu",
- "address": "0x46e50c"
- },
- {
- "name": "SetForegroundWindow",
- "address": "0x46e510"
- },
- {
- "name": "SetFocus",
- "address": "0x46e514"
- },
- {
- "name": "SetCursor",
- "address": "0x46e518"
- },
- {
- "name": "SetClipboardData",
- "address": "0x46e51c"
- },
- {
- "name": "SetClassLongA",
- "address": "0x46e520"
- },
- {
- "name": "SetCapture",
- "address": "0x46e524"
- },
- {
- "name": "SetActiveWindow",
- "address": "0x46e528"
- },
- {
- "name": "SendMessageA",
- "address": "0x46e52c"
- },
- {
- "name": "ScrollWindow",
- "address": "0x46e530"
- },
- {
- "name": "ScreenToClient",
- "address": "0x46e534"
- },
- {
- "name": "RemovePropA",
- "address": "0x46e538"
- },
- {
- "name": "RemoveMenu",
- "address": "0x46e53c"
- },
- {
- "name": "ReleaseDC",
- "address": "0x46e540"
- },
- {
- "name": "ReleaseCapture",
- "address": "0x46e544"
- },
- {
- "name": "RegisterWindowMessageA",
- "address": "0x46e548"
- },
- {
- "name": "RegisterClipboardFormatA",
- "address": "0x46e54c"
- },
- {
- "name": "RegisterClassA",
- "address": "0x46e550"
- },
- {
- "name": "RedrawWindow",
- "address": "0x46e554"
- },
- {
- "name": "PtInRect",
- "address": "0x46e558"
- },
- {
- "name": "PostQuitMessage",
- "address": "0x46e55c"
- },
- {
- "name": "PostMessageA",
- "address": "0x46e560"
- },
- {
- "name": "PeekMessageA",
- "address": "0x46e564"
- },
- {
- "name": "OpenClipboard",
- "address": "0x46e568"
- },
- {
- "name": "OffsetRect",
- "address": "0x46e56c"
- },
- {
- "name": "OemToCharA",
- "address": "0x46e570"
- },
- {
- "name": "MsgWaitForMultipleObjects",
- "address": "0x46e574"
- },
- {
- "name": "MessageBoxA",
- "address": "0x46e578"
- },
- {
- "name": "MessageBeep",
- "address": "0x46e57c"
- },
- {
- "name": "MapWindowPoints",
- "address": "0x46e580"
- },
- {
- "name": "MapVirtualKeyA",
- "address": "0x46e584"
- },
- {
- "name": "LoadStringA",
- "address": "0x46e588"
- },
- {
- "name": "LoadKeyboardLayoutA",
- "address": "0x46e58c"
- },
- {
- "name": "LoadIconA",
- "address": "0x46e590"
- },
- {
- "name": "LoadCursorA",
- "address": "0x46e594"
- },
- {
- "name": "LoadBitmapA",
- "address": "0x46e598"
- },
- {
- "name": "KillTimer",
- "address": "0x46e59c"
- },
- {
- "name": "IsZoomed",
- "address": "0x46e5a0"
- },
- {
- "name": "IsWindowVisible",
- "address": "0x46e5a4"
- },
- {
- "name": "IsWindowEnabled",
- "address": "0x46e5a8"
- },
- {
- "name": "IsWindow",
- "address": "0x46e5ac"
- },
- {
- "name": "IsRectEmpty",
- "address": "0x46e5b0"
- },
- {
- "name": "IsIconic",
- "address": "0x46e5b4"
- },
- {
- "name": "IsDialogMessageA",
- "address": "0x46e5b8"
- },
- {
- "name": "IsChild",
- "address": "0x46e5bc"
- },
- {
- "name": "InvalidateRect",
- "address": "0x46e5c0"
- },
- {
- "name": "IntersectRect",
- "address": "0x46e5c4"
- },
- {
- "name": "InsertMenuItemA",
- "address": "0x46e5c8"
- },
- {
- "name": "InsertMenuA",
- "address": "0x46e5cc"
- },
- {
- "name": "InflateRect",
- "address": "0x46e5d0"
- },
- {
- "name": "GetWindowThreadProcessId",
- "address": "0x46e5d4"
- },
- {
- "name": "GetWindowTextA",
- "address": "0x46e5d8"
- },
- {
- "name": "GetWindowRect",
- "address": "0x46e5dc"
- },
- {
- "name": "GetWindowPlacement",
- "address": "0x46e5e0"
- },
- {
- "name": "GetWindowLongA",
- "address": "0x46e5e4"
- },
- {
- "name": "GetWindowDC",
- "address": "0x46e5e8"
- },
- {
- "name": "GetTopWindow",
- "address": "0x46e5ec"
- },
- {
- "name": "GetSystemMetrics",
- "address": "0x46e5f0"
- },
- {
- "name": "GetSystemMenu",
- "address": "0x46e5f4"
- },
- {
- "name": "GetSysColorBrush",
- "address": "0x46e5f8"
- },
- {
- "name": "GetSysColor",
- "address": "0x46e5fc"
- },
- {
- "name": "GetSubMenu",
- "address": "0x46e600"
- },
- {
- "name": "GetScrollRange",
- "address": "0x46e604"
- },
- {
- "name": "GetScrollPos",
- "address": "0x46e608"
- },
- {
- "name": "GetScrollInfo",
- "address": "0x46e60c"
- },
- {
- "name": "GetPropA",
- "address": "0x46e610"
- },
- {
- "name": "GetParent",
- "address": "0x46e614"
- },
- {
- "name": "GetWindow",
- "address": "0x46e618"
- },
- {
- "name": "GetMenuStringA",
- "address": "0x46e61c"
- },
- {
- "name": "GetMenuState",
- "address": "0x46e620"
- },
- {
- "name": "GetMenuItemInfoA",
- "address": "0x46e624"
- },
- {
- "name": "GetMenuItemID",
- "address": "0x46e628"
- },
- {
- "name": "GetMenuItemCount",
- "address": "0x46e62c"
- },
- {
- "name": "GetMenu",
- "address": "0x46e630"
- },
- {
- "name": "GetLastActivePopup",
- "address": "0x46e634"
- },
- {
- "name": "GetKeyboardState",
- "address": "0x46e638"
- },
- {
- "name": "GetKeyboardLayoutList",
- "address": "0x46e63c"
- },
- {
- "name": "GetKeyboardLayout",
- "address": "0x46e640"
- },
- {
- "name": "GetKeyState",
- "address": "0x46e644"
- },
- {
- "name": "GetKeyNameTextA",
- "address": "0x46e648"
- },
- {
- "name": "GetIconInfo",
- "address": "0x46e64c"
- },
- {
- "name": "GetForegroundWindow",
- "address": "0x46e650"
- },
- {
- "name": "GetFocus",
- "address": "0x46e654"
- },
- {
- "name": "GetDlgItem",
- "address": "0x46e658"
- },
- {
- "name": "GetDesktopWindow",
- "address": "0x46e65c"
- },
- {
- "name": "GetDCEx",
- "address": "0x46e660"
- },
- {
- "name": "GetDC",
- "address": "0x46e664"
- },
- {
- "name": "GetCursorPos",
- "address": "0x46e668"
- },
- {
- "name": "GetCursor",
- "address": "0x46e66c"
- },
- {
- "name": "GetClipboardData",
- "address": "0x46e670"
- },
- {
- "name": "GetClientRect",
- "address": "0x46e674"
- },
- {
- "name": "GetClassNameA",
- "address": "0x46e678"
- },
- {
- "name": "GetClassInfoA",
- "address": "0x46e67c"
- },
- {
- "name": "GetCapture",
- "address": "0x46e680"
- },
- {
- "name": "GetActiveWindow",
- "address": "0x46e684"
- },
- {
- "name": "FrameRect",
- "address": "0x46e688"
- },
- {
- "name": "FindWindowA",
- "address": "0x46e68c"
- },
- {
- "name": "FillRect",
- "address": "0x46e690"
- },
- {
- "name": "EqualRect",
- "address": "0x46e694"
- },
- {
- "name": "EnumWindows",
- "address": "0x46e698"
- },
- {
- "name": "EnumThreadWindows",
- "address": "0x46e69c"
- },
- {
- "name": "EndPaint",
- "address": "0x46e6a0"
- },
- {
- "name": "EnableWindow",
- "address": "0x46e6a4"
- },
- {
- "name": "EnableScrollBar",
- "address": "0x46e6a8"
- },
- {
- "name": "EnableMenuItem",
- "address": "0x46e6ac"
- },
- {
- "name": "EmptyClipboard",
- "address": "0x46e6b0"
- },
- {
- "name": "DrawTextA",
- "address": "0x46e6b4"
- },
- {
- "name": "DrawMenuBar",
- "address": "0x46e6b8"
- },
- {
- "name": "DrawIconEx",
- "address": "0x46e6bc"
- },
- {
- "name": "DrawIcon",
- "address": "0x46e6c0"
- },
- {
- "name": "DrawFrameControl",
- "address": "0x46e6c4"
- },
- {
- "name": "DrawFocusRect",
- "address": "0x46e6c8"
- },
- {
- "name": "DrawEdge",
- "address": "0x46e6cc"
- },
- {
- "name": "DispatchMessageA",
- "address": "0x46e6d0"
- },
- {
- "name": "DestroyWindow",
- "address": "0x46e6d4"
- },
- {
- "name": "DestroyMenu",
- "address": "0x46e6d8"
- },
- {
- "name": "DestroyIcon",
- "address": "0x46e6dc"
- },
- {
- "name": "DestroyCursor",
- "address": "0x46e6e0"
- },
- {
- "name": "DeleteMenu",
- "address": "0x46e6e4"
- },
- {
- "name": "DefWindowProcA",
- "address": "0x46e6e8"
- },
- {
- "name": "DefMDIChildProcA",
- "address": "0x46e6ec"
- },
- {
- "name": "DefFrameProcA",
- "address": "0x46e6f0"
- },
- {
- "name": "CreatePopupMenu",
- "address": "0x46e6f4"
- },
- {
- "name": "CreateMenu",
- "address": "0x46e6f8"
- },
- {
- "name": "CreateIcon",
- "address": "0x46e6fc"
- },
- {
- "name": "CloseClipboard",
- "address": "0x46e700"
- },
- {
- "name": "ClientToScreen",
- "address": "0x46e704"
- },
- {
- "name": "CheckMenuItem",
- "address": "0x46e708"
- },
- {
- "name": "CallWindowProcA",
- "address": "0x46e70c"
- },
- {
- "name": "CallNextHookEx",
- "address": "0x46e710"
- },
- {
- "name": "BeginPaint",
- "address": "0x46e714"
- },
- {
- "name": "CharNextA",
- "address": "0x46e718"
- },
- {
- "name": "CharLowerBuffA",
- "address": "0x46e71c"
- },
- {
- "name": "CharLowerA",
- "address": "0x46e720"
- },
- {
- "name": "CharUpperBuffA",
- "address": "0x46e724"
- },
- {
- "name": "CharToOemA",
- "address": "0x46e728"
- },
- {
- "name": "AdjustWindowRectEx",
- "address": "0x46e72c"
- },
- {
- "name": "ActivateKeyboardLayout",
- "address": "0x46e730"
- }
- ],
- "dll": "user32.dll"
- },
- {
- "imports": [
- {
- "name": "Sleep",
- "address": "0x46e738"
- }
- ],
- "dll": "kernel32.dll"
- },
- {
- "imports": [
- {
- "name": "SafeArrayPtrOfIndex",
- "address": "0x46e740"
- },
- {
- "name": "SafeArrayGetUBound",
- "address": "0x46e744"
- },
- {
- "name": "SafeArrayGetLBound",
- "address": "0x46e748"
- },
- {
- "name": "SafeArrayCreate",
- "address": "0x46e74c"
- },
- {
- "name": "VariantChangeType",
- "address": "0x46e750"
- },
- {
- "name": "VariantCopy",
- "address": "0x46e754"
- },
- {
- "name": "VariantClear",
- "address": "0x46e758"
- },
- {
- "name": "VariantInit",
- "address": "0x46e75c"
- }
- ],
- "dll": "oleaut32.dll"
- },
- {
- "imports": [
- {
- "name": "ImageList_SetIconSize",
- "address": "0x46e764"
- },
- {
- "name": "ImageList_GetIconSize",
- "address": "0x46e768"
- },
- {
- "name": "ImageList_Write",
- "address": "0x46e76c"
- },
- {
- "name": "ImageList_Read",
- "address": "0x46e770"
- },
- {
- "name": "ImageList_GetDragImage",
- "address": "0x46e774"
- },
- {
- "name": "ImageList_DragShowNolock",
- "address": "0x46e778"
- },
- {
- "name": "ImageList_SetDragCursorImage",
- "address": "0x46e77c"
- },
- {
- "name": "ImageList_DragMove",
- "address": "0x46e780"
- },
- {
- "name": "ImageList_DragLeave",
- "address": "0x46e784"
- },
- {
- "name": "ImageList_DragEnter",
- "address": "0x46e788"
- },
- {
- "name": "ImageList_EndDrag",
- "address": "0x46e78c"
- },
- {
- "name": "ImageList_BeginDrag",
- "address": "0x46e790"
- },
- {
- "name": "ImageList_Remove",
- "address": "0x46e794"
- },
- {
- "name": "ImageList_DrawEx",
- "address": "0x46e798"
- },
- {
- "name": "ImageList_Replace",
- "address": "0x46e79c"
- },
- {
- "name": "ImageList_Draw",
- "address": "0x46e7a0"
- },
- {
- "name": "ImageList_GetBkColor",
- "address": "0x46e7a4"
- },
- {
- "name": "ImageList_SetBkColor",
- "address": "0x46e7a8"
- },
- {
- "name": "ImageList_ReplaceIcon",
- "address": "0x46e7ac"
- },
- {
- "name": "ImageList_Add",
- "address": "0x46e7b0"
- },
- {
- "name": "ImageList_SetImageCount",
- "address": "0x46e7b4"
- },
- {
- "name": "ImageList_GetImageCount",
- "address": "0x46e7b8"
- },
- {
- "name": "ImageList_Destroy",
- "address": "0x46e7bc"
- },
- {
- "name": "ImageList_Create",
- "address": "0x46e7c0"
- }
- ],
- "dll": "comctl32.dll"
- },
- {
- "imports": [
- {
- "name": "GetOpenFileNameA",
- "address": "0x46e7c8"
- }
- ],
- "dll": "comdlg32.dll"
- },
- {
- "imports": [
- {
- "name": "WSACleanup",
- "address": "0x46e7d0"
- },
- {
- "name": "WSAStartup",
- "address": "0x46e7d4"
- },
- {
- "name": "WSAGetLastError",
- "address": "0x46e7d8"
- },
- {
- "name": "WSAAsyncGetHostByName",
- "address": "0x46e7dc"
- },
- {
- "name": "WSAAsyncSelect",
- "address": "0x46e7e0"
- },
- {
- "name": "socket",
- "address": "0x46e7e4"
- },
- {
- "name": "setsockopt",
- "address": "0x46e7e8"
- },
- {
- "name": "send",
- "address": "0x46e7ec"
- },
- {
- "name": "recv",
- "address": "0x46e7f0"
- },
- {
- "name": "inet_addr",
- "address": "0x46e7f4"
- },
- {
- "name": "htons",
- "address": "0x46e7f8"
- },
- {
- "name": "connect",
- "address": "0x46e7fc"
- },
- {
- "name": "closesocket",
- "address": "0x46e800"
- },
- {
- "name": "accept",
- "address": "0x46e804"
- }
- ],
- "dll": "wsock32.dll"
- }
- ],
- "digital_signers": null,
- "exported_dll_name": null,
- "actual_checksum": "0x0015ecfd",
- "overlay": {
- "size": "0x0009b7c8",
- "offset": "0x000c0c00"
- },
- "imagebase": "0x00400000",
- "reported_checksum": "0x000d0b4d",
- "icon_hash": null,
- "entrypoint": "0x00469844",
- "timestamp": "1992-06-19 22:22:17",
- "osversion": "4.0",
- "sections": [
- {
- "name": "CODE",
- "characteristics": "IMAGE_SCN_CNT_CODE|IMAGE_SCN_MEM_EXECUTE|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00001000",
- "size_of_data": "0x00068a00",
- "entropy": "6.51",
- "raw_address": "0x00000400",
- "virtual_size": "0x000688b8",
- "characteristics_raw": "0x60000020"
- },
- {
- "name": "DATA",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006a000",
- "size_of_data": "0x00002000",
- "entropy": "4.12",
- "raw_address": "0x00068e00",
- "virtual_size": "0x00001f0c",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": "BSS",
- "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006c000",
- "size_of_data": "0x00000000",
- "entropy": "0.00",
- "raw_address": "0x0006ae00",
- "virtual_size": "0x000010b9",
- "characteristics_raw": "0xc0000000"
- },
- {
- "name": ".idata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x0006e000",
- "size_of_data": "0x00002600",
- "entropy": "4.97",
- "raw_address": "0x0006ae00",
- "virtual_size": "0x000024d4",
- "characteristics_raw": "0xc0000040"
- },
- {
- "name": ".tls",
- "characteristics": "IMAGE_SCN_MEM_READ|IMAGE_SCN_MEM_WRITE",
- "virtual_address": "0x00071000",
- "size_of_data": "0x00000000",
- "entropy": "0.00",
- "raw_address": "0x0006d400",
- "virtual_size": "0x00000010",
- "characteristics_raw": "0xc0000000"
- },
- {
- "name": ".rdata",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00072000",
- "size_of_data": "0x00000200",
- "entropy": "0.20",
- "raw_address": "0x0006d400",
- "virtual_size": "0x00000018",
- "characteristics_raw": "0x50000040"
- },
- {
- "name": ".reloc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x00073000",
- "size_of_data": "0x00007c00",
- "entropy": "6.65",
- "raw_address": "0x0006d600",
- "virtual_size": "0x00007adc",
- "characteristics_raw": "0x50000040"
- },
- {
- "name": ".rsrc",
- "characteristics": "IMAGE_SCN_CNT_INITIALIZED_DATA|IMAGE_SCN_MEM_SHARED|IMAGE_SCN_MEM_READ",
- "virtual_address": "0x0007b000",
- "size_of_data": "0x0004ba00",
- "entropy": "5.80",
- "raw_address": "0x00075200",
- "virtual_size": "0x0004b9ac",
- "characteristics_raw": "0x50000040"
- }
- ],
- "resources": [],
- "dirents": [
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x0006e000",
- "name": "IMAGE_DIRECTORY_ENTRY_IMPORT",
- "size": "0x000024d4"
- },
- {
- "virtual_address": "0x0007b000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESOURCE",
- "size": "0x0004b9ac"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_EXCEPTION",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_SECURITY",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00073000",
- "name": "IMAGE_DIRECTORY_ENTRY_BASERELOC",
- "size": "0x00007adc"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DEBUG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COPYRIGHT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_GLOBALPTR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00072000",
- "name": "IMAGE_DIRECTORY_ENTRY_TLS",
- "size": "0x00000018"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_IAT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR",
- "size": "0x00000000"
- },
- {
- "virtual_address": "0x00000000",
- "name": "IMAGE_DIRECTORY_ENTRY_RESERVED",
- "size": "0x00000000"
- }
- ],
- "exports": [],
- "guest_signers": {},
- "imphash": "5ae4cca98b2f15124dd50272f7881db7",
- "icon_fuzzy": null,
- "icon": null,
- "pdbpath": null,
- "imported_dll_count": 15,
- "versioninfo": []
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
