Malicious
Classifications
-
Threat Names
CryptOne
Dynamic Analysis Report
Created on 2021-09-27T18:05:00
2a0a88a2e5f9cafa10a48d63bdfcdf965b72c25978ab46cf28e795dbedc9624a.dll
Windows DLL (x86-32)
Remarks (1/1)
(0x02000009): DLL files normally need to be submitted with an appropriate loader. Analysis result may be incomplete if an appropriate loader was not submitted.
This is a filtered view
This list contains only the embedded files, downloaded files, and dropped files
| Filters: |
There are no files for this filter
There are no files in this analysis
| File Name | Category | Type | Verdict | Actions |
|---|
| C:\Users\RDhJ0CNFevzX\Desktop\2a0a88a2e5f9cafa10a48d63bdfcdf965b72c25978ab46cf28e795dbedc9624a.dll | Sample File | Binary |
malicious
|
...
|
»
| MIME Type | application/vnd.microsoft.portable-executable |
| File Size | 506.98 KB |
| MD5 |
803768a34f7e59b8a9a2f3969624c47e
|
| SHA1 |
09a38940ef023929897fdc9c996de0b0f39116e2
|
| SHA256 |
2a0a88a2e5f9cafa10a48d63bdfcdf965b72c25978ab46cf28e795dbedc9624a
|
| SSDeep |
12288:+xyHC8LAE/azElTT4c7Bo+526Tb/jXiQle601:eb8LxazE9X7C96Tz7iA/C
|
| ImpHash |
5097c68ca7573db2997ab353ba37473b
|
PE Information
»
| Image Base | 0x400000 |
| Entry Point | 0x459424 |
| Size Of Code | 0x58600 |
| Size Of Initialized Data | 0x20000 |
| File Type | FileType.dll |
| Subsystem | Subsystem.windows_gui |
| Machine Type | MachineType.i386 |
| Compile Timestamp | 1992-06-19 22:22:17+00:00 |
Sections (6)
»
| Name | Virtual Address | Virtual Size | Raw Data Size | Raw Data Offset | Flags | Entropy |
|---|---|---|---|---|---|---|
| CODE | 0x401000 | 0x58448 | 0x58600 | 0x400 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ | 6.54 |
| DATA | 0x45a000 | 0x1238 | 0x1400 | 0x58a00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 4.07 |
| BSS | 0x45c000 | 0xc81 | 0x0 | 0x59e00 | IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 0.0 |
| .idata | 0x45d000 | 0x206e | 0x2200 | 0x59e00 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 4.89 |
| .reloc | 0x460000 | 0x6510 | 0x6600 | 0x5c000 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ | 6.68 |
| .rsrc | 0x467000 | 0x16400 | 0x16400 | 0x62600 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ | 6.58 |
Imports (15)
»
kernel32.dll (34)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| DeleteCriticalSection | - | 0x45d140 | 0x5d140 | 0x59f40 | 0x0 |
| LeaveCriticalSection | - | 0x45d144 | 0x5d144 | 0x59f44 | 0x0 |
| EnterCriticalSection | - | 0x45d148 | 0x5d148 | 0x59f48 | 0x0 |
| InitializeCriticalSection | - | 0x45d14c | 0x5d14c | 0x59f4c | 0x0 |
| VirtualFree | - | 0x45d150 | 0x5d150 | 0x59f50 | 0x0 |
| VirtualAlloc | - | 0x45d154 | 0x5d154 | 0x59f54 | 0x0 |
| LocalFree | - | 0x45d158 | 0x5d158 | 0x59f58 | 0x0 |
| LocalAlloc | - | 0x45d15c | 0x5d15c | 0x59f5c | 0x0 |
| GetVersion | - | 0x45d160 | 0x5d160 | 0x59f60 | 0x0 |
| GetCurrentThreadId | - | 0x45d164 | 0x5d164 | 0x59f64 | 0x0 |
| InterlockedDecrement | - | 0x45d168 | 0x5d168 | 0x59f68 | 0x0 |
| InterlockedIncrement | - | 0x45d16c | 0x5d16c | 0x59f6c | 0x0 |
| VirtualQuery | - | 0x45d170 | 0x5d170 | 0x59f70 | 0x0 |
| WideCharToMultiByte | - | 0x45d174 | 0x5d174 | 0x59f74 | 0x0 |
| MultiByteToWideChar | - | 0x45d178 | 0x5d178 | 0x59f78 | 0x0 |
| lstrlenA | - | 0x45d17c | 0x5d17c | 0x59f7c | 0x0 |
| lstrcpynA | - | 0x45d180 | 0x5d180 | 0x59f80 | 0x0 |
| LoadLibraryExA | - | 0x45d184 | 0x5d184 | 0x59f84 | 0x0 |
| GetThreadLocale | - | 0x45d188 | 0x5d188 | 0x59f88 | 0x0 |
| GetStartupInfoA | - | 0x45d18c | 0x5d18c | 0x59f8c | 0x0 |
| GetProcAddress | - | 0x45d190 | 0x5d190 | 0x59f90 | 0x0 |
| GetModuleHandleA | - | 0x45d194 | 0x5d194 | 0x59f94 | 0x0 |
| GetModuleFileNameA | - | 0x45d198 | 0x5d198 | 0x59f98 | 0x0 |
| GetLocaleInfoA | - | 0x45d19c | 0x5d19c | 0x59f9c | 0x0 |
| GetCommandLineA | - | 0x45d1a0 | 0x5d1a0 | 0x59fa0 | 0x0 |
| FreeLibrary | - | 0x45d1a4 | 0x5d1a4 | 0x59fa4 | 0x0 |
| FindFirstFileA | - | 0x45d1a8 | 0x5d1a8 | 0x59fa8 | 0x0 |
| FindClose | - | 0x45d1ac | 0x5d1ac | 0x59fac | 0x0 |
| ExitProcess | - | 0x45d1b0 | 0x5d1b0 | 0x59fb0 | 0x0 |
| WriteFile | - | 0x45d1b4 | 0x5d1b4 | 0x59fb4 | 0x0 |
| UnhandledExceptionFilter | - | 0x45d1b8 | 0x5d1b8 | 0x59fb8 | 0x0 |
| RtlUnwind | - | 0x45d1bc | 0x5d1bc | 0x59fbc | 0x0 |
| RaiseException | - | 0x45d1c0 | 0x5d1c0 | 0x59fc0 | 0x0 |
| GetStdHandle | - | 0x45d1c4 | 0x5d1c4 | 0x59fc4 | 0x0 |
user32.dll (4)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| GetKeyboardType | - | 0x45d1cc | 0x5d1cc | 0x59fcc | 0x0 |
| LoadStringA | - | 0x45d1d0 | 0x5d1d0 | 0x59fd0 | 0x0 |
| MessageBoxA | - | 0x45d1d4 | 0x5d1d4 | 0x59fd4 | 0x0 |
| CharNextA | - | 0x45d1d8 | 0x5d1d8 | 0x59fd8 | 0x0 |
advapi32.dll (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| RegQueryValueExA | - | 0x45d1e0 | 0x5d1e0 | 0x59fe0 | 0x0 |
| RegOpenKeyExA | - | 0x45d1e4 | 0x5d1e4 | 0x59fe4 | 0x0 |
| RegCloseKey | - | 0x45d1e8 | 0x5d1e8 | 0x59fe8 | 0x0 |
oleaut32.dll (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| SysFreeString | - | 0x45d1f0 | 0x5d1f0 | 0x59ff0 | 0x0 |
| SysReAllocStringLen | - | 0x45d1f4 | 0x5d1f4 | 0x59ff4 | 0x0 |
| SysAllocStringLen | - | 0x45d1f8 | 0x5d1f8 | 0x59ff8 | 0x0 |
kernel32.dll (6)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| TlsSetValue | - | 0x45d200 | 0x5d200 | 0x5a000 | 0x0 |
| TlsGetValue | - | 0x45d204 | 0x5d204 | 0x5a004 | 0x0 |
| TlsFree | - | 0x45d208 | 0x5d208 | 0x5a008 | 0x0 |
| TlsAlloc | - | 0x45d20c | 0x5d20c | 0x5a00c | 0x0 |
| LocalFree | - | 0x45d210 | 0x5d210 | 0x5a010 | 0x0 |
| LocalAlloc | - | 0x45d214 | 0x5d214 | 0x5a014 | 0x0 |
advapi32.dll (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| RegQueryValueExA | - | 0x45d21c | 0x5d21c | 0x5a01c | 0x0 |
| RegOpenKeyExA | - | 0x45d220 | 0x5d220 | 0x5a020 | 0x0 |
| RegCloseKey | - | 0x45d224 | 0x5d224 | 0x5a024 | 0x0 |
kernel32.dll (63)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| lstrcpyA | - | 0x45d22c | 0x5d22c | 0x5a02c | 0x0 |
| WriteFile | - | 0x45d230 | 0x5d230 | 0x5a030 | 0x0 |
| WaitForSingleObject | - | 0x45d234 | 0x5d234 | 0x5a034 | 0x0 |
| VirtualQuery | - | 0x45d238 | 0x5d238 | 0x5a038 | 0x0 |
| VirtualAlloc | - | 0x45d23c | 0x5d23c | 0x5a03c | 0x0 |
| Sleep | - | 0x45d240 | 0x5d240 | 0x5a040 | 0x0 |
| SizeofResource | - | 0x45d244 | 0x5d244 | 0x5a044 | 0x0 |
| SetThreadLocale | - | 0x45d248 | 0x5d248 | 0x5a048 | 0x0 |
| SetFilePointer | - | 0x45d24c | 0x5d24c | 0x5a04c | 0x0 |
| SetEvent | - | 0x45d250 | 0x5d250 | 0x5a050 | 0x0 |
| SetErrorMode | - | 0x45d254 | 0x5d254 | 0x5a054 | 0x0 |
| SetEndOfFile | - | 0x45d258 | 0x5d258 | 0x5a058 | 0x0 |
| ResetEvent | - | 0x45d25c | 0x5d25c | 0x5a05c | 0x0 |
| ReadFile | - | 0x45d260 | 0x5d260 | 0x5a060 | 0x0 |
| MultiByteToWideChar | - | 0x45d264 | 0x5d264 | 0x5a064 | 0x0 |
| MulDiv | - | 0x45d268 | 0x5d268 | 0x5a068 | 0x0 |
| LockResource | - | 0x45d26c | 0x5d26c | 0x5a06c | 0x0 |
| LoadResource | - | 0x45d270 | 0x5d270 | 0x5a070 | 0x0 |
| LoadLibraryA | - | 0x45d274 | 0x5d274 | 0x5a074 | 0x0 |
| LeaveCriticalSection | - | 0x45d278 | 0x5d278 | 0x5a078 | 0x0 |
| InitializeCriticalSection | - | 0x45d27c | 0x5d27c | 0x5a07c | 0x0 |
| GlobalUnlock | - | 0x45d280 | 0x5d280 | 0x5a080 | 0x0 |
| GlobalReAlloc | - | 0x45d284 | 0x5d284 | 0x5a084 | 0x0 |
| GlobalHandle | - | 0x45d288 | 0x5d288 | 0x5a088 | 0x0 |
| GlobalLock | - | 0x45d28c | 0x5d28c | 0x5a08c | 0x0 |
| GlobalFree | - | 0x45d290 | 0x5d290 | 0x5a090 | 0x0 |
| GlobalFindAtomA | - | 0x45d294 | 0x5d294 | 0x5a094 | 0x0 |
| GlobalDeleteAtom | - | 0x45d298 | 0x5d298 | 0x5a098 | 0x0 |
| GlobalAlloc | - | 0x45d29c | 0x5d29c | 0x5a09c | 0x0 |
| GlobalAddAtomA | - | 0x45d2a0 | 0x5d2a0 | 0x5a0a0 | 0x0 |
| GetVersionExA | - | 0x45d2a4 | 0x5d2a4 | 0x5a0a4 | 0x0 |
| GetVersion | - | 0x45d2a8 | 0x5d2a8 | 0x5a0a8 | 0x0 |
| GetTickCount | - | 0x45d2ac | 0x5d2ac | 0x5a0ac | 0x0 |
| GetThreadLocale | - | 0x45d2b0 | 0x5d2b0 | 0x5a0b0 | 0x0 |
| GetSystemInfo | - | 0x45d2b4 | 0x5d2b4 | 0x5a0b4 | 0x0 |
| GetStringTypeExA | - | 0x45d2b8 | 0x5d2b8 | 0x5a0b8 | 0x0 |
| GetStdHandle | - | 0x45d2bc | 0x5d2bc | 0x5a0bc | 0x0 |
| GetProcAddress | - | 0x45d2c0 | 0x5d2c0 | 0x5a0c0 | 0x0 |
| GetModuleHandleA | - | 0x45d2c4 | 0x5d2c4 | 0x5a0c4 | 0x0 |
| GetModuleFileNameA | - | 0x45d2c8 | 0x5d2c8 | 0x5a0c8 | 0x0 |
| GetLocaleInfoA | - | 0x45d2cc | 0x5d2cc | 0x5a0cc | 0x0 |
| GetLocalTime | - | 0x45d2d0 | 0x5d2d0 | 0x5a0d0 | 0x0 |
| GetLastError | - | 0x45d2d4 | 0x5d2d4 | 0x5a0d4 | 0x0 |
| GetFullPathNameA | - | 0x45d2d8 | 0x5d2d8 | 0x5a0d8 | 0x0 |
| GetDiskFreeSpaceA | - | 0x45d2dc | 0x5d2dc | 0x5a0dc | 0x0 |
| GetDateFormatA | - | 0x45d2e0 | 0x5d2e0 | 0x5a0e0 | 0x0 |
| GetCurrentThreadId | - | 0x45d2e4 | 0x5d2e4 | 0x5a0e4 | 0x0 |
| GetCurrentProcessId | - | 0x45d2e8 | 0x5d2e8 | 0x5a0e8 | 0x0 |
| GetCPInfo | - | 0x45d2ec | 0x5d2ec | 0x5a0ec | 0x0 |
| GetACP | - | 0x45d2f0 | 0x5d2f0 | 0x5a0f0 | 0x0 |
| FreeResource | - | 0x45d2f4 | 0x5d2f4 | 0x5a0f4 | 0x0 |
| InterlockedExchange | - | 0x45d2f8 | 0x5d2f8 | 0x5a0f8 | 0x0 |
| FreeLibrary | - | 0x45d2fc | 0x5d2fc | 0x5a0fc | 0x0 |
| FormatMessageA | - | 0x45d300 | 0x5d300 | 0x5a100 | 0x0 |
| FindResourceA | - | 0x45d304 | 0x5d304 | 0x5a104 | 0x0 |
| EnumCalendarInfoA | - | 0x45d308 | 0x5d308 | 0x5a108 | 0x0 |
| EnterCriticalSection | - | 0x45d30c | 0x5d30c | 0x5a10c | 0x0 |
| DeleteCriticalSection | - | 0x45d310 | 0x5d310 | 0x5a110 | 0x0 |
| CreateThread | - | 0x45d314 | 0x5d314 | 0x5a114 | 0x0 |
| CreateFileA | - | 0x45d318 | 0x5d318 | 0x5a118 | 0x0 |
| CreateEventA | - | 0x45d31c | 0x5d31c | 0x5a11c | 0x0 |
| CompareStringA | - | 0x45d320 | 0x5d320 | 0x5a120 | 0x0 |
| CloseHandle | - | 0x45d324 | 0x5d324 | 0x5a124 | 0x0 |
version.dll (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| VerQueryValueA | - | 0x45d32c | 0x5d32c | 0x5a12c | 0x0 |
| GetFileVersionInfoSizeA | - | 0x45d330 | 0x5d330 | 0x5a130 | 0x0 |
| GetFileVersionInfoA | - | 0x45d334 | 0x5d334 | 0x5a134 | 0x0 |
gdi32.dll (57)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| UnrealizeObject | - | 0x45d33c | 0x5d33c | 0x5a13c | 0x0 |
| StretchBlt | - | 0x45d340 | 0x5d340 | 0x5a140 | 0x0 |
| SetWindowOrgEx | - | 0x45d344 | 0x5d344 | 0x5a144 | 0x0 |
| SetViewportOrgEx | - | 0x45d348 | 0x5d348 | 0x5a148 | 0x0 |
| SetTextColor | - | 0x45d34c | 0x5d34c | 0x5a14c | 0x0 |
| SetStretchBltMode | - | 0x45d350 | 0x5d350 | 0x5a150 | 0x0 |
| SetROP2 | - | 0x45d354 | 0x5d354 | 0x5a154 | 0x0 |
| SetPixel | - | 0x45d358 | 0x5d358 | 0x5a158 | 0x0 |
| SetDIBColorTable | - | 0x45d35c | 0x5d35c | 0x5a15c | 0x0 |
| SetBrushOrgEx | - | 0x45d360 | 0x5d360 | 0x5a160 | 0x0 |
| SetBkMode | - | 0x45d364 | 0x5d364 | 0x5a164 | 0x0 |
| SetBkColor | - | 0x45d368 | 0x5d368 | 0x5a168 | 0x0 |
| SelectPalette | - | 0x45d36c | 0x5d36c | 0x5a16c | 0x0 |
| SelectObject | - | 0x45d370 | 0x5d370 | 0x5a170 | 0x0 |
| SaveDC | - | 0x45d374 | 0x5d374 | 0x5a174 | 0x0 |
| RestoreDC | - | 0x45d378 | 0x5d378 | 0x5a178 | 0x0 |
| RectVisible | - | 0x45d37c | 0x5d37c | 0x5a17c | 0x0 |
| RealizePalette | - | 0x45d380 | 0x5d380 | 0x5a180 | 0x0 |
| PatBlt | - | 0x45d384 | 0x5d384 | 0x5a184 | 0x0 |
| MoveToEx | - | 0x45d388 | 0x5d388 | 0x5a188 | 0x0 |
| MaskBlt | - | 0x45d38c | 0x5d38c | 0x5a18c | 0x0 |
| LineTo | - | 0x45d390 | 0x5d390 | 0x5a190 | 0x0 |
| IntersectClipRect | - | 0x45d394 | 0x5d394 | 0x5a194 | 0x0 |
| GetWindowOrgEx | - | 0x45d398 | 0x5d398 | 0x5a198 | 0x0 |
| GetTextMetricsA | - | 0x45d39c | 0x5d39c | 0x5a19c | 0x0 |
| GetTextExtentPoint32A | - | 0x45d3a0 | 0x5d3a0 | 0x5a1a0 | 0x0 |
| GetTextColor | - | 0x45d3a4 | 0x5d3a4 | 0x5a1a4 | 0x0 |
| GetSystemPaletteEntries | - | 0x45d3a8 | 0x5d3a8 | 0x5a1a8 | 0x0 |
| GetStockObject | - | 0x45d3ac | 0x5d3ac | 0x5a1ac | 0x0 |
| GetROP2 | - | 0x45d3b0 | 0x5d3b0 | 0x5a1b0 | 0x0 |
| GetPixelFormat | - | 0x45d3b4 | 0x5d3b4 | 0x5a1b4 | 0x0 |
| GetPixel | - | 0x45d3b8 | 0x5d3b8 | 0x5a1b8 | 0x0 |
| GetPaletteEntries | - | 0x45d3bc | 0x5d3bc | 0x5a1bc | 0x0 |
| GetObjectA | - | 0x45d3c0 | 0x5d3c0 | 0x5a1c0 | 0x0 |
| GetDeviceCaps | - | 0x45d3c4 | 0x5d3c4 | 0x5a1c4 | 0x0 |
| GetDIBits | - | 0x45d3c8 | 0x5d3c8 | 0x5a1c8 | 0x0 |
| GetDIBColorTable | - | 0x45d3cc | 0x5d3cc | 0x5a1cc | 0x0 |
| GetDCOrgEx | - | 0x45d3d0 | 0x5d3d0 | 0x5a1d0 | 0x0 |
| GetCurrentPositionEx | - | 0x45d3d4 | 0x5d3d4 | 0x5a1d4 | 0x0 |
| GetClipBox | - | 0x45d3d8 | 0x5d3d8 | 0x5a1d8 | 0x0 |
| GetBrushOrgEx | - | 0x45d3dc | 0x5d3dc | 0x5a1dc | 0x0 |
| GetBitmapBits | - | 0x45d3e0 | 0x5d3e0 | 0x5a1e0 | 0x0 |
| ExcludeClipRect | - | 0x45d3e4 | 0x5d3e4 | 0x5a1e4 | 0x0 |
| DeleteObject | - | 0x45d3e8 | 0x5d3e8 | 0x5a1e8 | 0x0 |
| DeleteDC | - | 0x45d3ec | 0x5d3ec | 0x5a1ec | 0x0 |
| CreateSolidBrush | - | 0x45d3f0 | 0x5d3f0 | 0x5a1f0 | 0x0 |
| CreatePenIndirect | - | 0x45d3f4 | 0x5d3f4 | 0x5a1f4 | 0x0 |
| CreatePalette | - | 0x45d3f8 | 0x5d3f8 | 0x5a1f8 | 0x0 |
| CreateHalftonePalette | - | 0x45d3fc | 0x5d3fc | 0x5a1fc | 0x0 |
| CreateFontIndirectA | - | 0x45d400 | 0x5d400 | 0x5a200 | 0x0 |
| CreateDIBitmap | - | 0x45d404 | 0x5d404 | 0x5a204 | 0x0 |
| CreateDIBSection | - | 0x45d408 | 0x5d408 | 0x5a208 | 0x0 |
| CreateCompatibleDC | - | 0x45d40c | 0x5d40c | 0x5a20c | 0x0 |
| CreateCompatibleBitmap | - | 0x45d410 | 0x5d410 | 0x5a210 | 0x0 |
| CreateBrushIndirect | - | 0x45d414 | 0x5d414 | 0x5a214 | 0x0 |
| CreateBitmap | - | 0x45d418 | 0x5d418 | 0x5a218 | 0x0 |
| BitBlt | - | 0x45d41c | 0x5d41c | 0x5a21c | 0x0 |
user32.dll (154)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| CreateWindowExA | - | 0x45d424 | 0x5d424 | 0x5a224 | 0x0 |
| WindowFromPoint | - | 0x45d428 | 0x5d428 | 0x5a228 | 0x0 |
| WinHelpA | - | 0x45d42c | 0x5d42c | 0x5a22c | 0x0 |
| WaitMessage | - | 0x45d430 | 0x5d430 | 0x5a230 | 0x0 |
| UpdateWindow | - | 0x45d434 | 0x5d434 | 0x5a234 | 0x0 |
| UnregisterClassA | - | 0x45d438 | 0x5d438 | 0x5a238 | 0x0 |
| UnhookWindowsHookEx | - | 0x45d43c | 0x5d43c | 0x5a23c | 0x0 |
| TranslateMessage | - | 0x45d440 | 0x5d440 | 0x5a240 | 0x0 |
| TranslateMDISysAccel | - | 0x45d444 | 0x5d444 | 0x5a244 | 0x0 |
| TrackPopupMenu | - | 0x45d448 | 0x5d448 | 0x5a248 | 0x0 |
| SystemParametersInfoA | - | 0x45d44c | 0x5d44c | 0x5a24c | 0x0 |
| ShowWindow | - | 0x45d450 | 0x5d450 | 0x5a250 | 0x0 |
| ShowScrollBar | - | 0x45d454 | 0x5d454 | 0x5a254 | 0x0 |
| ShowOwnedPopups | - | 0x45d458 | 0x5d458 | 0x5a258 | 0x0 |
| ShowCursor | - | 0x45d45c | 0x5d45c | 0x5a25c | 0x0 |
| SetWindowsHookExA | - | 0x45d460 | 0x5d460 | 0x5a260 | 0x0 |
| SetWindowPos | - | 0x45d464 | 0x5d464 | 0x5a264 | 0x0 |
| SetWindowPlacement | - | 0x45d468 | 0x5d468 | 0x5a268 | 0x0 |
| SetWindowLongA | - | 0x45d46c | 0x5d46c | 0x5a26c | 0x0 |
| SetTimer | - | 0x45d470 | 0x5d470 | 0x5a270 | 0x0 |
| SetScrollRange | - | 0x45d474 | 0x5d474 | 0x5a274 | 0x0 |
| SetScrollPos | - | 0x45d478 | 0x5d478 | 0x5a278 | 0x0 |
| SetScrollInfo | - | 0x45d47c | 0x5d47c | 0x5a27c | 0x0 |
| SetRect | - | 0x45d480 | 0x5d480 | 0x5a280 | 0x0 |
| SetPropA | - | 0x45d484 | 0x5d484 | 0x5a284 | 0x0 |
| SetParent | - | 0x45d488 | 0x5d488 | 0x5a288 | 0x0 |
| SetMenuItemInfoA | - | 0x45d48c | 0x5d48c | 0x5a28c | 0x0 |
| SetMenu | - | 0x45d490 | 0x5d490 | 0x5a290 | 0x0 |
| SetForegroundWindow | - | 0x45d494 | 0x5d494 | 0x5a294 | 0x0 |
| SetFocus | - | 0x45d498 | 0x5d498 | 0x5a298 | 0x0 |
| SetCursor | - | 0x45d49c | 0x5d49c | 0x5a29c | 0x0 |
| SetClassLongA | - | 0x45d4a0 | 0x5d4a0 | 0x5a2a0 | 0x0 |
| SetCapture | - | 0x45d4a4 | 0x5d4a4 | 0x5a2a4 | 0x0 |
| SetActiveWindow | - | 0x45d4a8 | 0x5d4a8 | 0x5a2a8 | 0x0 |
| SendMessageA | - | 0x45d4ac | 0x5d4ac | 0x5a2ac | 0x0 |
| ScrollWindow | - | 0x45d4b0 | 0x5d4b0 | 0x5a2b0 | 0x0 |
| ScreenToClient | - | 0x45d4b4 | 0x5d4b4 | 0x5a2b4 | 0x0 |
| RemovePropA | - | 0x45d4b8 | 0x5d4b8 | 0x5a2b8 | 0x0 |
| RemoveMenu | - | 0x45d4bc | 0x5d4bc | 0x5a2bc | 0x0 |
| ReleaseDC | - | 0x45d4c0 | 0x5d4c0 | 0x5a2c0 | 0x0 |
| ReleaseCapture | - | 0x45d4c4 | 0x5d4c4 | 0x5a2c4 | 0x0 |
| RegisterWindowMessageA | - | 0x45d4c8 | 0x5d4c8 | 0x5a2c8 | 0x0 |
| RegisterClipboardFormatA | - | 0x45d4cc | 0x5d4cc | 0x5a2cc | 0x0 |
| RegisterClassA | - | 0x45d4d0 | 0x5d4d0 | 0x5a2d0 | 0x0 |
| RedrawWindow | - | 0x45d4d4 | 0x5d4d4 | 0x5a2d4 | 0x0 |
| PtInRect | - | 0x45d4d8 | 0x5d4d8 | 0x5a2d8 | 0x0 |
| PostQuitMessage | - | 0x45d4dc | 0x5d4dc | 0x5a2dc | 0x0 |
| PostMessageA | - | 0x45d4e0 | 0x5d4e0 | 0x5a2e0 | 0x0 |
| PeekMessageA | - | 0x45d4e4 | 0x5d4e4 | 0x5a2e4 | 0x0 |
| OffsetRect | - | 0x45d4e8 | 0x5d4e8 | 0x5a2e8 | 0x0 |
| OemToCharA | - | 0x45d4ec | 0x5d4ec | 0x5a2ec | 0x0 |
| MessageBoxA | - | 0x45d4f0 | 0x5d4f0 | 0x5a2f0 | 0x0 |
| MapWindowPoints | - | 0x45d4f4 | 0x5d4f4 | 0x5a2f4 | 0x0 |
| MapVirtualKeyA | - | 0x45d4f8 | 0x5d4f8 | 0x5a2f8 | 0x0 |
| LoadStringA | - | 0x45d4fc | 0x5d4fc | 0x5a2fc | 0x0 |
| LoadKeyboardLayoutA | - | 0x45d500 | 0x5d500 | 0x5a300 | 0x0 |
| LoadIconA | - | 0x45d504 | 0x5d504 | 0x5a304 | 0x0 |
| LoadCursorA | - | 0x45d508 | 0x5d508 | 0x5a308 | 0x0 |
| LoadBitmapA | - | 0x45d50c | 0x5d50c | 0x5a30c | 0x0 |
| KillTimer | - | 0x45d510 | 0x5d510 | 0x5a310 | 0x0 |
| IsZoomed | - | 0x45d514 | 0x5d514 | 0x5a314 | 0x0 |
| IsWindowVisible | - | 0x45d518 | 0x5d518 | 0x5a318 | 0x0 |
| IsWindowEnabled | - | 0x45d51c | 0x5d51c | 0x5a31c | 0x0 |
| IsWindow | - | 0x45d520 | 0x5d520 | 0x5a320 | 0x0 |
| IsRectEmpty | - | 0x45d524 | 0x5d524 | 0x5a324 | 0x0 |
| IsIconic | - | 0x45d528 | 0x5d528 | 0x5a328 | 0x0 |
| IsDialogMessageA | - | 0x45d52c | 0x5d52c | 0x5a32c | 0x0 |
| IsChild | - | 0x45d530 | 0x5d530 | 0x5a330 | 0x0 |
| InvalidateRect | - | 0x45d534 | 0x5d534 | 0x5a334 | 0x0 |
| IntersectRect | - | 0x45d538 | 0x5d538 | 0x5a338 | 0x0 |
| InsertMenuItemA | - | 0x45d53c | 0x5d53c | 0x5a33c | 0x0 |
| InsertMenuA | - | 0x45d540 | 0x5d540 | 0x5a340 | 0x0 |
| InflateRect | - | 0x45d544 | 0x5d544 | 0x5a344 | 0x0 |
| GetWindowThreadProcessId | - | 0x45d548 | 0x5d548 | 0x5a348 | 0x0 |
| GetWindowTextA | - | 0x45d54c | 0x5d54c | 0x5a34c | 0x0 |
| GetWindowRect | - | 0x45d550 | 0x5d550 | 0x5a350 | 0x0 |
| GetWindowPlacement | - | 0x45d554 | 0x5d554 | 0x5a354 | 0x0 |
| GetWindowLongA | - | 0x45d558 | 0x5d558 | 0x5a358 | 0x0 |
| GetWindowDC | - | 0x45d55c | 0x5d55c | 0x5a35c | 0x0 |
| GetTopWindow | - | 0x45d560 | 0x5d560 | 0x5a360 | 0x0 |
| GetSystemMetrics | - | 0x45d564 | 0x5d564 | 0x5a364 | 0x0 |
| GetSystemMenu | - | 0x45d568 | 0x5d568 | 0x5a368 | 0x0 |
| GetSysColorBrush | - | 0x45d56c | 0x5d56c | 0x5a36c | 0x0 |
| GetSysColor | - | 0x45d570 | 0x5d570 | 0x5a370 | 0x0 |
| GetSubMenu | - | 0x45d574 | 0x5d574 | 0x5a374 | 0x0 |
| GetScrollRange | - | 0x45d578 | 0x5d578 | 0x5a378 | 0x0 |
| GetScrollPos | - | 0x45d57c | 0x5d57c | 0x5a37c | 0x0 |
| GetScrollInfo | - | 0x45d580 | 0x5d580 | 0x5a380 | 0x0 |
| GetPropA | - | 0x45d584 | 0x5d584 | 0x5a384 | 0x0 |
| GetParent | - | 0x45d588 | 0x5d588 | 0x5a388 | 0x0 |
| GetWindow | - | 0x45d58c | 0x5d58c | 0x5a38c | 0x0 |
| GetMenuStringA | - | 0x45d590 | 0x5d590 | 0x5a390 | 0x0 |
| GetMenuState | - | 0x45d594 | 0x5d594 | 0x5a394 | 0x0 |
| GetMenuItemInfoA | - | 0x45d598 | 0x5d598 | 0x5a398 | 0x0 |
| GetMenuItemID | - | 0x45d59c | 0x5d59c | 0x5a39c | 0x0 |
| GetMenuItemCount | - | 0x45d5a0 | 0x5d5a0 | 0x5a3a0 | 0x0 |
| GetMenu | - | 0x45d5a4 | 0x5d5a4 | 0x5a3a4 | 0x0 |
| GetLastActivePopup | - | 0x45d5a8 | 0x5d5a8 | 0x5a3a8 | 0x0 |
| GetKeyboardState | - | 0x45d5ac | 0x5d5ac | 0x5a3ac | 0x0 |
| GetKeyboardLayoutList | - | 0x45d5b0 | 0x5d5b0 | 0x5a3b0 | 0x0 |
| GetKeyboardLayout | - | 0x45d5b4 | 0x5d5b4 | 0x5a3b4 | 0x0 |
| GetKeyState | - | 0x45d5b8 | 0x5d5b8 | 0x5a3b8 | 0x0 |
| GetKeyNameTextA | - | 0x45d5bc | 0x5d5bc | 0x5a3bc | 0x0 |
| GetIconInfo | - | 0x45d5c0 | 0x5d5c0 | 0x5a3c0 | 0x0 |
| GetForegroundWindow | - | 0x45d5c4 | 0x5d5c4 | 0x5a3c4 | 0x0 |
| GetFocus | - | 0x45d5c8 | 0x5d5c8 | 0x5a3c8 | 0x0 |
| GetDesktopWindow | - | 0x45d5cc | 0x5d5cc | 0x5a3cc | 0x0 |
| GetDCEx | - | 0x45d5d0 | 0x5d5d0 | 0x5a3d0 | 0x0 |
| GetDC | - | 0x45d5d4 | 0x5d5d4 | 0x5a3d4 | 0x0 |
| GetCursorPos | - | 0x45d5d8 | 0x5d5d8 | 0x5a3d8 | 0x0 |
| GetCursor | - | 0x45d5dc | 0x5d5dc | 0x5a3dc | 0x0 |
| GetClientRect | - | 0x45d5e0 | 0x5d5e0 | 0x5a3e0 | 0x0 |
| GetClassNameA | - | 0x45d5e4 | 0x5d5e4 | 0x5a3e4 | 0x0 |
| GetClassInfoA | - | 0x45d5e8 | 0x5d5e8 | 0x5a3e8 | 0x0 |
| GetCapture | - | 0x45d5ec | 0x5d5ec | 0x5a3ec | 0x0 |
| GetActiveWindow | - | 0x45d5f0 | 0x5d5f0 | 0x5a3f0 | 0x0 |
| FrameRect | - | 0x45d5f4 | 0x5d5f4 | 0x5a3f4 | 0x0 |
| FindWindowA | - | 0x45d5f8 | 0x5d5f8 | 0x5a3f8 | 0x0 |
| FillRect | - | 0x45d5fc | 0x5d5fc | 0x5a3fc | 0x0 |
| EqualRect | - | 0x45d600 | 0x5d600 | 0x5a400 | 0x0 |
| EnumWindows | - | 0x45d604 | 0x5d604 | 0x5a404 | 0x0 |
| EnumThreadWindows | - | 0x45d608 | 0x5d608 | 0x5a408 | 0x0 |
| EndPaint | - | 0x45d60c | 0x5d60c | 0x5a40c | 0x0 |
| EnableWindow | - | 0x45d610 | 0x5d610 | 0x5a410 | 0x0 |
| EnableScrollBar | - | 0x45d614 | 0x5d614 | 0x5a414 | 0x0 |
| EnableMenuItem | - | 0x45d618 | 0x5d618 | 0x5a418 | 0x0 |
| DrawTextA | - | 0x45d61c | 0x5d61c | 0x5a41c | 0x0 |
| DrawMenuBar | - | 0x45d620 | 0x5d620 | 0x5a420 | 0x0 |
| DrawIconEx | - | 0x45d624 | 0x5d624 | 0x5a424 | 0x0 |
| DrawIcon | - | 0x45d628 | 0x5d628 | 0x5a428 | 0x0 |
| DrawFrameControl | - | 0x45d62c | 0x5d62c | 0x5a42c | 0x0 |
| DrawEdge | - | 0x45d630 | 0x5d630 | 0x5a430 | 0x0 |
| DispatchMessageA | - | 0x45d634 | 0x5d634 | 0x5a434 | 0x0 |
| DestroyWindow | - | 0x45d638 | 0x5d638 | 0x5a438 | 0x0 |
| DestroyMenu | - | 0x45d63c | 0x5d63c | 0x5a43c | 0x0 |
| DestroyIcon | - | 0x45d640 | 0x5d640 | 0x5a440 | 0x0 |
| DestroyCursor | - | 0x45d644 | 0x5d644 | 0x5a444 | 0x0 |
| DeleteMenu | - | 0x45d648 | 0x5d648 | 0x5a448 | 0x0 |
| DefWindowProcA | - | 0x45d64c | 0x5d64c | 0x5a44c | 0x0 |
| DefMDIChildProcA | - | 0x45d650 | 0x5d650 | 0x5a450 | 0x0 |
| DefFrameProcA | - | 0x45d654 | 0x5d654 | 0x5a454 | 0x0 |
| CreatePopupMenu | - | 0x45d658 | 0x5d658 | 0x5a458 | 0x0 |
| CreateMenu | - | 0x45d65c | 0x5d65c | 0x5a45c | 0x0 |
| CreateIcon | - | 0x45d660 | 0x5d660 | 0x5a460 | 0x0 |
| ClientToScreen | - | 0x45d664 | 0x5d664 | 0x5a464 | 0x0 |
| CheckMenuItem | - | 0x45d668 | 0x5d668 | 0x5a468 | 0x0 |
| CallWindowProcA | - | 0x45d66c | 0x5d66c | 0x5a46c | 0x0 |
| CallNextHookEx | - | 0x45d670 | 0x5d670 | 0x5a470 | 0x0 |
| BeginPaint | - | 0x45d674 | 0x5d674 | 0x5a474 | 0x0 |
| CharNextA | - | 0x45d678 | 0x5d678 | 0x5a478 | 0x0 |
| CharLowerA | - | 0x45d67c | 0x5d67c | 0x5a47c | 0x0 |
| CharToOemA | - | 0x45d680 | 0x5d680 | 0x5a480 | 0x0 |
| AdjustWindowRectEx | - | 0x45d684 | 0x5d684 | 0x5a484 | 0x0 |
| ActivateKeyboardLayout | - | 0x45d688 | 0x5d688 | 0x5a488 | 0x0 |
kernel32.dll (1)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| Sleep | - | 0x45d690 | 0x5d690 | 0x5a490 | 0x0 |
oleaut32.dll (8)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| SafeArrayPtrOfIndex | - | 0x45d698 | 0x5d698 | 0x5a498 | 0x0 |
| SafeArrayGetUBound | - | 0x45d69c | 0x5d69c | 0x5a49c | 0x0 |
| SafeArrayGetLBound | - | 0x45d6a0 | 0x5d6a0 | 0x5a4a0 | 0x0 |
| SafeArrayCreate | - | 0x45d6a4 | 0x5d6a4 | 0x5a4a4 | 0x0 |
| VariantChangeType | - | 0x45d6a8 | 0x5d6a8 | 0x5a4a8 | 0x0 |
| VariantCopy | - | 0x45d6ac | 0x5d6ac | 0x5a4ac | 0x0 |
| VariantClear | - | 0x45d6b0 | 0x5d6b0 | 0x5a4b0 | 0x0 |
| VariantInit | - | 0x45d6b4 | 0x5d6b4 | 0x5a4b4 | 0x0 |
ole32.dll (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| CoCreateInstance | - | 0x45d6bc | 0x5d6bc | 0x5a4bc | 0x0 |
| CoUninitialize | - | 0x45d6c0 | 0x5d6c0 | 0x5a4c0 | 0x0 |
| CoInitialize | - | 0x45d6c4 | 0x5d6c4 | 0x5a4c4 | 0x0 |
oleaut32.dll (4)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| CreateErrorInfo | - | 0x45d6cc | 0x5d6cc | 0x5a4cc | 0x0 |
| GetErrorInfo | - | 0x45d6d0 | 0x5d6d0 | 0x5a4d0 | 0x0 |
| SetErrorInfo | - | 0x45d6d4 | 0x5d6d4 | 0x5a4d4 | 0x0 |
| SysFreeString | - | 0x45d6d8 | 0x5d6d8 | 0x5a4d8 | 0x0 |
comctl32.dll (22)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| ImageList_SetIconSize | - | 0x45d6e0 | 0x5d6e0 | 0x5a4e0 | 0x0 |
| ImageList_GetIconSize | - | 0x45d6e4 | 0x5d6e4 | 0x5a4e4 | 0x0 |
| ImageList_Write | - | 0x45d6e8 | 0x5d6e8 | 0x5a4e8 | 0x0 |
| ImageList_Read | - | 0x45d6ec | 0x5d6ec | 0x5a4ec | 0x0 |
| ImageList_GetDragImage | - | 0x45d6f0 | 0x5d6f0 | 0x5a4f0 | 0x0 |
| ImageList_DragShowNolock | - | 0x45d6f4 | 0x5d6f4 | 0x5a4f4 | 0x0 |
| ImageList_SetDragCursorImage | - | 0x45d6f8 | 0x5d6f8 | 0x5a4f8 | 0x0 |
| ImageList_DragMove | - | 0x45d6fc | 0x5d6fc | 0x5a4fc | 0x0 |
| ImageList_DragLeave | - | 0x45d700 | 0x5d700 | 0x5a500 | 0x0 |
| ImageList_DragEnter | - | 0x45d704 | 0x5d704 | 0x5a504 | 0x0 |
| ImageList_EndDrag | - | 0x45d708 | 0x5d708 | 0x5a508 | 0x0 |
| ImageList_BeginDrag | - | 0x45d70c | 0x5d70c | 0x5a50c | 0x0 |
| ImageList_Remove | - | 0x45d710 | 0x5d710 | 0x5a510 | 0x0 |
| ImageList_DrawEx | - | 0x45d714 | 0x5d714 | 0x5a514 | 0x0 |
| ImageList_Draw | - | 0x45d718 | 0x5d718 | 0x5a518 | 0x0 |
| ImageList_GetBkColor | - | 0x45d71c | 0x5d71c | 0x5a51c | 0x0 |
| ImageList_SetBkColor | - | 0x45d720 | 0x5d720 | 0x5a520 | 0x0 |
| ImageList_ReplaceIcon | - | 0x45d724 | 0x5d724 | 0x5a524 | 0x0 |
| ImageList_Add | - | 0x45d728 | 0x5d728 | 0x5a528 | 0x0 |
| ImageList_GetImageCount | - | 0x45d72c | 0x5d72c | 0x5a52c | 0x0 |
| ImageList_Destroy | - | 0x45d730 | 0x5d730 | 0x5a530 | 0x0 |
| ImageList_Create | - | 0x45d734 | 0x5d734 | 0x5a534 | 0x0 |
