VTI SCORE: 95/100
| Dynamic Analysis Report |
| Classification: Trojan, Keylogger |
858e70ca9281a346bf5399b181643aba478960142637460fea7b7d14d3192c01 (SHA256)
858E70CA9281A346BF5399B181643ABA478960142637460FEA7B7D14D3192C01.exe
Windows Exe (x86-32)
Created at 2018-08-09 12:05:00
This is a filtered view
This list contains only the embedded files and created files
| Filters: |
There are no files for this filter
| Filename | Category | Type | Severity | Actions |
|---|
| C:\Users\EEBsYm5\Desktop\858E70CA9281A346BF5399B181643ABA478960142637460FEA7B7D14D3192C01.exe | Sample File | Binary |
Blacklisted
|
...
|
»
| Mime Type | application/x-dosexec |
| File Size | 3.86 MB |
| MD5 |
98c8467fa99efcfd1d5a5c8bac44b0a3
|
| SHA1 |
5f75a30e1da6e90cce836e6f4bf13437e76a8c6e
|
| SHA256 |
858e70ca9281a346bf5399b181643aba478960142637460fea7b7d14d3192c01
|
| SSDeep |
98304:dh0L6VqU+Bk/ZdqqaakpN1DUFyXM5KJI+OBRk4iGBfbm:V8vzpNp4yXM58EiO
|
| ImpHash |
d05a95bad4d7df799d48adc0d8989825
|
File Reputation Information
»
| Severity |
Blacklisted
|
| First Seen | 2018-03-08 03:19 (UTC+1) |
| Last Seen | 2018-06-26 15:00 (UTC+2) |
| Names | Win32.Trojan.Filecoder |
| Families | Filecoder |
| Classification | Trojan |
PE Information
»
| Image Base | 0x400000 |
| Entry Point | 0x54949c |
| Size Of Code | 0x1e1400 |
| Size Of Initialized Data | 0x203800 |
| File Type | executable |
| Subsystem | windows_gui |
| Machine Type | i386 |
| Compile Timestamp | 2017-12-13 05:50:14+00:00 |
Sections (5)
»
| Name | Virtual Address | Virtual Size | Raw Data Size | Raw Data Offset | Flags | Entropy |
|---|---|---|---|---|---|---|
| .text | 0x401000 | 0x1e12e1 | 0x1e1400 | 0x400 | cnt_code, mem_execute, mem_read | 6.63 |
| .rdata | 0x5e3000 | 0x71024 | 0x71200 | 0x1e1800 | cnt_initialized_data, mem_read | 5.13 |
| .data | 0x655000 | 0x140ec | 0xb200 | 0x252a00 | cnt_initialized_data, mem_read, mem_write | 4.99 |
| .rsrc | 0x66a000 | 0x158a40 | 0x158c00 | 0x25dc00 | cnt_initialized_data, mem_read | 6.16 |
| .reloc | 0x7c3000 | 0x25668 | 0x25800 | 0x3b6800 | cnt_initialized_data, mem_discardable, mem_read | 6.5 |
Imports (18)
»
KERNEL32.dll (201)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| GetOEMCP | 0x0 | 0x5e31ec | 0x250930 | 0x24f130 | 0x237 |
| GetStringTypeW | 0x0 | 0x5e31f0 | 0x250934 | 0x24f134 | 0x269 |
| GetConsoleCP | 0x0 | 0x5e31f4 | 0x250938 | 0x24f138 | 0x19a |
| GetConsoleMode | 0x0 | 0x5e31f8 | 0x25093c | 0x24f13c | 0x1ac |
| SetFilePointerEx | 0x0 | 0x5e31fc | 0x250940 | 0x24f140 | 0x467 |
| GetTimeZoneInformation | 0x0 | 0x5e3200 | 0x250944 | 0x24f144 | 0x298 |
| ReadConsoleW | 0x0 | 0x5e3204 | 0x250948 | 0x24f148 | 0x3be |
| OutputDebugStringW | 0x0 | 0x5e3208 | 0x25094c | 0x24f14c | 0x38a |
| GetDateFormatW | 0x0 | 0x5e320c | 0x250950 | 0x24f150 | 0x1c8 |
| LCMapStringW | 0x0 | 0x5e3210 | 0x250954 | 0x24f154 | 0x32d |
| IsValidLocale | 0x0 | 0x5e3214 | 0x250958 | 0x24f158 | 0x30c |
| EnumSystemLocalesW | 0x0 | 0x5e3218 | 0x25095c | 0x24f15c | 0x10f |
| WriteConsoleW | 0x0 | 0x5e321c | 0x250960 | 0x24f160 | 0x524 |
| SetEnvironmentVariableA | 0x0 | 0x5e3220 | 0x250964 | 0x24f164 | 0x456 |
| UnhandledExceptionFilter | 0x0 | 0x5e3224 | 0x250968 | 0x24f168 | 0x4d3 |
| FreeEnvironmentStringsW | 0x0 | 0x5e3228 | 0x25096c | 0x24f16c | 0x161 |
| UnregisterWaitEx | 0x0 | 0x5e322c | 0x250970 | 0x24f170 | 0x4db |
| QueryDepthSList | 0x0 | 0x5e3230 | 0x250974 | 0x24f174 | 0x39e |
| InterlockedFlushSList | 0x0 | 0x5e3234 | 0x250978 | 0x24f178 | 0x2ee |
| GetEnvironmentStringsW | 0x0 | 0x5e3238 | 0x25097c | 0x24f17c | 0x1da |
| GetACP | 0x0 | 0x5e323c | 0x250980 | 0x24f180 | 0x168 |
| InitializeSListHead | 0x0 | 0x5e3240 | 0x250984 | 0x24f184 | 0x2e7 |
| ReleaseSemaphore | 0x0 | 0x5e3244 | 0x250988 | 0x24f188 | 0x3fe |
| FreeLibraryAndExitThread | 0x0 | 0x5e3248 | 0x25098c | 0x24f18c | 0x163 |
| UnregisterWait | 0x0 | 0x5e324c | 0x250990 | 0x24f190 | 0x4da |
| RegisterWaitForSingleObject | 0x0 | 0x5e3250 | 0x250994 | 0x24f194 | 0x3f5 |
| SetThreadAffinityMask | 0x0 | 0x5e3254 | 0x250998 | 0x24f198 | 0x490 |
| GetProcessAffinityMask | 0x0 | 0x5e3258 | 0x25099c | 0x24f19c | 0x246 |
| GetNumaHighestNodeNumber | 0x0 | 0x5e325c | 0x2509a0 | 0x24f1a0 | 0x229 |
| DeleteTimerQueueTimer | 0x0 | 0x5e3260 | 0x2509a4 | 0x24f1a4 | 0xda |
| ChangeTimerQueueTimer | 0x0 | 0x5e3264 | 0x2509a8 | 0x24f1a8 | 0x48 |
| CreateTimerQueueTimer | 0x0 | 0x5e3268 | 0x2509ac | 0x24f1ac | 0xbd |
| GetLogicalProcessorInformation | 0x0 | 0x5e326c | 0x2509b0 | 0x24f1b0 | 0x20a |
| GetThreadPriority | 0x0 | 0x5e3270 | 0x2509b4 | 0x24f1b4 | 0x28e |
| SwitchToThread | 0x0 | 0x5e3274 | 0x2509b8 | 0x24f1b8 | 0x4bc |
| SignalObjectAndWait | 0x0 | 0x5e3278 | 0x2509bc | 0x24f1bc | 0x4b0 |
| WaitForSingleObjectEx | 0x0 | 0x5e327c | 0x2509c0 | 0x24f1c0 | 0x4fa |
| CreateTimerQueue | 0x0 | 0x5e3280 | 0x2509c4 | 0x24f1c4 | 0xbc |
| FormatMessageA | 0x0 | 0x5e3284 | 0x2509c8 | 0x24f1c8 | 0x15d |
| GetThreadTimes | 0x0 | 0x5e3288 | 0x2509cc | 0x24f1cc | 0x291 |
| IsValidCodePage | 0x0 | 0x5e328c | 0x2509d0 | 0x24f1d0 | 0x30a |
| CreateSemaphoreW | 0x0 | 0x5e3290 | 0x2509d4 | 0x24f1d4 | 0xae |
| InterlockedPopEntrySList | 0x0 | 0x5e3294 | 0x2509d8 | 0x24f1d8 | 0x2f0 |
| SetUnhandledExceptionFilter | 0x0 | 0x5e3298 | 0x2509dc | 0x24f1dc | 0x4a5 |
| QueryPerformanceCounter | 0x0 | 0x5e329c | 0x2509e0 | 0x24f1e0 | 0x3a7 |
| GetStartupInfoW | 0x0 | 0x5e32a0 | 0x2509e4 | 0x24f1e4 | 0x263 |
| GetStdHandle | 0x0 | 0x5e32a4 | 0x2509e8 | 0x24f1e8 | 0x264 |
| GetFileType | 0x0 | 0x5e32a8 | 0x2509ec | 0x24f1ec | 0x1f3 |
| SetStdHandle | 0x0 | 0x5e32ac | 0x2509f0 | 0x24f1f0 | 0x487 |
| VirtualQuery | 0x0 | 0x5e32b0 | 0x2509f4 | 0x24f1f4 | 0x4f1 |
| GetSystemInfo | 0x0 | 0x5e32b4 | 0x2509f8 | 0x24f1f8 | 0x273 |
| GetSystemTimeAsFileTime | 0x0 | 0x5e32b8 | 0x2509fc | 0x24f1fc | 0x279 |
| HeapQueryInformation | 0x0 | 0x5e32bc | 0x250a00 | 0x24f200 | 0x2d1 |
| IsProcessorFeaturePresent | 0x0 | 0x5e32c0 | 0x250a04 | 0x24f204 | 0x304 |
| IsDebuggerPresent | 0x0 | 0x5e32c4 | 0x250a08 | 0x24f208 | 0x300 |
| ExitThread | 0x0 | 0x5e32c8 | 0x250a0c | 0x24f20c | 0x11a |
| AreFileApisANSI | 0x0 | 0x5e32cc | 0x250a10 | 0x24f210 | 0x15 |
| GetModuleHandleExW | 0x0 | 0x5e32d0 | 0x250a14 | 0x24f214 | 0x217 |
| ExitProcess | 0x0 | 0x5e32d4 | 0x250a18 | 0x24f218 | 0x119 |
| RtlUnwind | 0x0 | 0x5e32d8 | 0x250a1c | 0x24f21c | 0x418 |
| GetCPInfo | 0x0 | 0x5e32dc | 0x250a20 | 0x24f220 | 0x172 |
| GetUserDefaultLCID | 0x0 | 0x5e32e0 | 0x250a24 | 0x24f224 | 0x29b |
| FindResourceExW | 0x0 | 0x5e32e4 | 0x250a28 | 0x24f228 | 0x14d |
| VirtualProtect | 0x0 | 0x5e32e8 | 0x250a2c | 0x24f22c | 0x4ef |
| GetFileTime | 0x0 | 0x5e32ec | 0x250a30 | 0x24f230 | 0x1f2 |
| GetFileSizeEx | 0x0 | 0x5e32f0 | 0x250a34 | 0x24f234 | 0x1f1 |
| GetFileAttributesExW | 0x0 | 0x5e32f4 | 0x250a38 | 0x24f238 | 0x1e7 |
| FileTimeToLocalFileTime | 0x0 | 0x5e32f8 | 0x250a3c | 0x24f23c | 0x124 |
| GetProfileIntW | 0x0 | 0x5e32fc | 0x250a40 | 0x24f240 | 0x259 |
| SearchPathW | 0x0 | 0x5e3300 | 0x250a44 | 0x24f244 | 0x41d |
| GetWindowsDirectoryW | 0x0 | 0x5e3304 | 0x250a48 | 0x24f248 | 0x2af |
| GetTempPathW | 0x0 | 0x5e3308 | 0x250a4c | 0x24f24c | 0x285 |
| GetTempFileNameW | 0x0 | 0x5e330c | 0x250a50 | 0x24f250 | 0x283 |
| GetStringTypeExW | 0x0 | 0x5e3310 | 0x250a54 | 0x24f254 | 0x268 |
| lstrcmpiW | 0x0 | 0x5e3314 | 0x250a58 | 0x24f258 | 0x545 |
| DuplicateHandle | 0x0 | 0x5e3318 | 0x250a5c | 0x24f25c | 0xe8 |
| UnlockFile | 0x0 | 0x5e331c | 0x250a60 | 0x24f260 | 0x4d4 |
| SetEndOfFile | 0x0 | 0x5e3320 | 0x250a64 | 0x24f264 | 0x453 |
| LockFile | 0x0 | 0x5e3324 | 0x250a68 | 0x24f268 | 0x352 |
| GetVolumeInformationW | 0x0 | 0x5e3328 | 0x250a6c | 0x24f26c | 0x2a7 |
| GetFullPathNameW | 0x0 | 0x5e332c | 0x250a70 | 0x24f270 | 0x1fb |
| FindClose | 0x0 | 0x5e3330 | 0x250a74 | 0x24f274 | 0x12e |
| GetFileAttributesW | 0x0 | 0x5e3334 | 0x250a78 | 0x24f278 | 0x1ea |
| DeleteFileW | 0x0 | 0x5e3338 | 0x250a7c | 0x24f27c | 0xd6 |
| GetCurrentDirectoryW | 0x0 | 0x5e333c | 0x250a80 | 0x24f280 | 0x1bf |
| GlobalFlags | 0x0 | 0x5e3340 | 0x250a84 | 0x24f284 | 0x2b9 |
| GetUserDefaultUILanguage | 0x0 | 0x5e3344 | 0x250a88 | 0x24f288 | 0x29e |
| GetSystemDefaultUILanguage | 0x0 | 0x5e3348 | 0x250a8c | 0x24f28c | 0x26e |
| GetLocaleInfoW | 0x0 | 0x5e334c | 0x250a90 | 0x24f290 | 0x206 |
| CompareStringW | 0x0 | 0x5e3350 | 0x250a94 | 0x24f294 | 0x64 |
| VerifyVersionInfoW | 0x0 | 0x5e3354 | 0x250a98 | 0x24f298 | 0x4e8 |
| VerSetConditionMask | 0x0 | 0x5e3358 | 0x250a9c | 0x24f29c | 0x4e4 |
| GetThreadLocale | 0x0 | 0x5e335c | 0x250aa0 | 0x24f2a0 | 0x28c |
| FileTimeToSystemTime | 0x0 | 0x5e3360 | 0x250aa4 | 0x24f2a4 | 0x125 |
| GlobalGetAtomNameW | 0x0 | 0x5e3364 | 0x250aa8 | 0x24f2a8 | 0x2bc |
| LocalReAlloc | 0x0 | 0x5e3368 | 0x250aac | 0x24f2ac | 0x34b |
| GlobalHandle | 0x0 | 0x5e336c | 0x250ab0 | 0x24f2b0 | 0x2bd |
| GlobalReAlloc | 0x0 | 0x5e3370 | 0x250ab4 | 0x24f2b4 | 0x2c1 |
| TlsFree | 0x0 | 0x5e3374 | 0x250ab8 | 0x24f2b8 | 0x4c6 |
| TlsSetValue | 0x0 | 0x5e3378 | 0x250abc | 0x24f2bc | 0x4c8 |
| TlsGetValue | 0x0 | 0x5e337c | 0x250ac0 | 0x24f2c0 | 0x4c7 |
| TlsAlloc | 0x0 | 0x5e3380 | 0x250ac4 | 0x24f2c4 | 0x4c5 |
| InitializeCriticalSection | 0x0 | 0x5e3384 | 0x250ac8 | 0x24f2c8 | 0x2e2 |
| WritePrivateProfileStringW | 0x0 | 0x5e3388 | 0x250acc | 0x24f2cc | 0x52b |
| GetPrivateProfileStringW | 0x0 | 0x5e338c | 0x250ad0 | 0x24f2d0 | 0x242 |
| GetPrivateProfileIntW | 0x0 | 0x5e3390 | 0x250ad4 | 0x24f2d4 | 0x23c |
| ResumeThread | 0x0 | 0x5e3394 | 0x250ad8 | 0x24f2d8 | 0x413 |
| SetThreadPriority | 0x0 | 0x5e3398 | 0x250adc | 0x24f2dc | 0x499 |
| CreateEventW | 0x0 | 0x5e339c | 0x250ae0 | 0x24f2e0 | 0x85 |
| lstrcpyW | 0x0 | 0x5e33a0 | 0x250ae4 | 0x24f2e4 | 0x548 |
| lstrcmpA | 0x0 | 0x5e33a4 | 0x250ae8 | 0x24f2e8 | 0x541 |
| GetVersionExW | 0x0 | 0x5e33a8 | 0x250aec | 0x24f2ec | 0x2a4 |
| GetCurrentThread | 0x0 | 0x5e33ac | 0x250af0 | 0x24f2f0 | 0x1c4 |
| GetCurrentProcessId | 0x0 | 0x5e33b0 | 0x250af4 | 0x24f2f4 | 0x1c1 |
| GlobalFindAtomW | 0x0 | 0x5e33b4 | 0x250af8 | 0x24f2f8 | 0x2b7 |
| GlobalAddAtomW | 0x0 | 0x5e33b8 | 0x250afc | 0x24f2fc | 0x2b2 |
| LoadLibraryW | 0x0 | 0x5e33bc | 0x250b00 | 0x24f300 | 0x33f |
| LoadLibraryA | 0x0 | 0x5e33c0 | 0x250b04 | 0x24f304 | 0x33c |
| lstrcmpW | 0x0 | 0x5e33c4 | 0x250b08 | 0x24f308 | 0x542 |
| GlobalDeleteAtom | 0x0 | 0x5e33c8 | 0x250b0c | 0x24f30c | 0x2b5 |
| LoadLibraryExW | 0x0 | 0x5e33cc | 0x250b10 | 0x24f310 | 0x33e |
| GetProcAddress | 0x0 | 0x5e33d0 | 0x250b14 | 0x24f314 | 0x245 |
| GetModuleHandleA | 0x0 | 0x5e33d4 | 0x250b18 | 0x24f318 | 0x215 |
| FreeResource | 0x0 | 0x5e33d8 | 0x250b1c | 0x24f31c | 0x165 |
| FreeLibrary | 0x0 | 0x5e33dc | 0x250b20 | 0x24f320 | 0x162 |
| GetSystemDirectoryW | 0x0 | 0x5e33e0 | 0x250b24 | 0x24f324 | 0x270 |
| GetCurrentThreadId | 0x0 | 0x5e33e4 | 0x250b28 | 0x24f328 | 0x1c5 |
| EncodePointer | 0x0 | 0x5e33e8 | 0x250b2c | 0x24f32c | 0xea |
| OutputDebugStringA | 0x0 | 0x5e33ec | 0x250b30 | 0x24f330 | 0x389 |
| CopyFileW | 0x0 | 0x5e33f0 | 0x250b34 | 0x24f334 | 0x75 |
| MulDiv | 0x0 | 0x5e33f4 | 0x250b38 | 0x24f338 | 0x366 |
| GlobalUnlock | 0x0 | 0x5e33f8 | 0x250b3c | 0x24f33c | 0x2c5 |
| GlobalLock | 0x0 | 0x5e33fc | 0x250b40 | 0x24f340 | 0x2be |
| GlobalSize | 0x0 | 0x5e3400 | 0x250b44 | 0x24f344 | 0x2c2 |
| DeleteCriticalSection | 0x0 | 0x5e3404 | 0x250b48 | 0x24f348 | 0xd1 |
| DecodePointer | 0x0 | 0x5e3408 | 0x250b4c | 0x24f34c | 0xca |
| EnterCriticalSection | 0x0 | 0x5e340c | 0x250b50 | 0x24f350 | 0xee |
| HeapSize | 0x0 | 0x5e3410 | 0x250b54 | 0x24f354 | 0x2d4 |
| RaiseException | 0x0 | 0x5e3414 | 0x250b58 | 0x24f358 | 0x3b1 |
| LeaveCriticalSection | 0x0 | 0x5e3418 | 0x250b5c | 0x24f35c | 0x339 |
| InitializeCriticalSectionAndSpinCount | 0x0 | 0x5e341c | 0x250b60 | 0x24f360 | 0x2e3 |
| GetProcessHeap | 0x0 | 0x5e3420 | 0x250b64 | 0x24f364 | 0x24a |
| HeapFree | 0x0 | 0x5e3424 | 0x250b68 | 0x24f368 | 0x2cf |
| HeapAlloc | 0x0 | 0x5e3428 | 0x250b6c | 0x24f36c | 0x2cb |
| HeapReAlloc | 0x0 | 0x5e342c | 0x250b70 | 0x24f370 | 0x2d2 |
| SetEvent | 0x0 | 0x5e3430 | 0x250b74 | 0x24f374 | 0x459 |
| GetComputerNameW | 0x0 | 0x5e3434 | 0x250b78 | 0x24f378 | 0x18f |
| MoveFileExW | 0x0 | 0x5e3438 | 0x250b7c | 0x24f37c | 0x360 |
| GetModuleHandleW | 0x0 | 0x5e343c | 0x250b80 | 0x24f380 | 0x218 |
| CreateThread | 0x0 | 0x5e3440 | 0x250b84 | 0x24f384 | 0xb5 |
| CreateProcessW | 0x0 | 0x5e3444 | 0x250b88 | 0x24f388 | 0xa8 |
| TerminateProcess | 0x0 | 0x5e3448 | 0x250b8c | 0x24f38c | 0x4c0 |
| GetExitCodeProcess | 0x0 | 0x5e344c | 0x250b90 | 0x24f390 | 0x1df |
| WaitForSingleObject | 0x0 | 0x5e3450 | 0x250b94 | 0x24f394 | 0x4f9 |
| LocalFree | 0x0 | 0x5e3454 | 0x250b98 | 0x24f398 | 0x348 |
| lstrcpynW | 0x0 | 0x5e3458 | 0x250b9c | 0x24f39c | 0x54b |
| LocalSize | 0x0 | 0x5e345c | 0x250ba0 | 0x24f3a0 | 0x34d |
| lstrlenW | 0x0 | 0x5e3460 | 0x250ba4 | 0x24f3a4 | 0x54e |
| LocalAlloc | 0x0 | 0x5e3464 | 0x250ba8 | 0x24f3a8 | 0x344 |
| FormatMessageW | 0x0 | 0x5e3468 | 0x250bac | 0x24f3ac | 0x15e |
| MultiByteToWideChar | 0x0 | 0x5e346c | 0x250bb0 | 0x24f3b0 | 0x367 |
| WideCharToMultiByte | 0x0 | 0x5e3470 | 0x250bb4 | 0x24f3b4 | 0x511 |
| CreateProcessA | 0x0 | 0x5e3474 | 0x250bb8 | 0x24f3b8 | 0xa4 |
| SetLastError | 0x0 | 0x5e3478 | 0x250bbc | 0x24f3bc | 0x473 |
| FlushFileBuffers | 0x0 | 0x5e347c | 0x250bc0 | 0x24f3c0 | 0x157 |
| CreateFileA | 0x0 | 0x5e3480 | 0x250bc4 | 0x24f3c4 | 0x88 |
| DeleteFileA | 0x0 | 0x5e3484 | 0x250bc8 | 0x24f3c8 | 0xd3 |
| GetEnvironmentVariableA | 0x0 | 0x5e3488 | 0x250bcc | 0x24f3cc | 0x1db |
| GetModuleFileNameA | 0x0 | 0x5e348c | 0x250bd0 | 0x24f3d0 | 0x213 |
| GetTimeFormatW | 0x0 | 0x5e3490 | 0x250bd4 | 0x24f3d4 | 0x297 |
| GetDriveTypeA | 0x0 | 0x5e3494 | 0x250bd8 | 0x24f3d8 | 0x1d2 |
| SetErrorMode | 0x0 | 0x5e3498 | 0x250bdc | 0x24f3dc | 0x458 |
| GetLogicalDrives | 0x0 | 0x5e349c | 0x250be0 | 0x24f3e0 | 0x209 |
| FindNextFileW | 0x0 | 0x5e34a0 | 0x250be4 | 0x24f3e4 | 0x145 |
| FindFirstFileW | 0x0 | 0x5e34a4 | 0x250be8 | 0x24f3e8 | 0x139 |
| VirtualFree | 0x0 | 0x5e34a8 | 0x250bec | 0x24f3ec | 0x4ec |
| WriteFile | 0x0 | 0x5e34ac | 0x250bf0 | 0x24f3f0 | 0x525 |
| ReadFile | 0x0 | 0x5e34b0 | 0x250bf4 | 0x24f3f4 | 0x3c0 |
| SetFilePointer | 0x0 | 0x5e34b4 | 0x250bf8 | 0x24f3f8 | 0x466 |
| VirtualAlloc | 0x0 | 0x5e34b8 | 0x250bfc | 0x24f3fc | 0x4e9 |
| MoveFileW | 0x0 | 0x5e34bc | 0x250c00 | 0x24f400 | 0x363 |
| GetFileSize | 0x0 | 0x5e34c0 | 0x250c04 | 0x24f404 | 0x1f0 |
| CreateFileW | 0x0 | 0x5e34c4 | 0x250c08 | 0x24f408 | 0x8f |
| Process32NextW | 0x0 | 0x5e34c8 | 0x250c0c | 0x24f40c | 0x398 |
| OpenProcess | 0x0 | 0x5e34cc | 0x250c10 | 0x24f410 | 0x380 |
| Process32FirstW | 0x0 | 0x5e34d0 | 0x250c14 | 0x24f414 | 0x396 |
| CreateToolhelp32Snapshot | 0x0 | 0x5e34d4 | 0x250c18 | 0x24f418 | 0xbe |
| Sleep | 0x0 | 0x5e34d8 | 0x250c1c | 0x24f41c | 0x4b2 |
| GetTickCount | 0x0 | 0x5e34dc | 0x250c20 | 0x24f420 | 0x293 |
| GetLastError | 0x0 | 0x5e34e0 | 0x250c24 | 0x24f424 | 0x202 |
| GetModuleFileNameW | 0x0 | 0x5e34e4 | 0x250c28 | 0x24f428 | 0x214 |
| GlobalAlloc | 0x0 | 0x5e34e8 | 0x250c2c | 0x24f42c | 0x2b3 |
| CloseHandle | 0x0 | 0x5e34ec | 0x250c30 | 0x24f430 | 0x52 |
| GetCurrentProcess | 0x0 | 0x5e34f0 | 0x250c34 | 0x24f434 | 0x1c0 |
| GlobalFree | 0x0 | 0x5e34f4 | 0x250c38 | 0x24f438 | 0x2ba |
| FindResourceW | 0x0 | 0x5e34f8 | 0x250c3c | 0x24f43c | 0x14e |
| LoadResource | 0x0 | 0x5e34fc | 0x250c40 | 0x24f440 | 0x341 |
| LockResource | 0x0 | 0x5e3500 | 0x250c44 | 0x24f444 | 0x354 |
| SizeofResource | 0x0 | 0x5e3504 | 0x250c48 | 0x24f448 | 0x4b1 |
| InterlockedPushEntrySList | 0x0 | 0x5e3508 | 0x250c4c | 0x24f44c | 0x2f1 |
| GetCommandLineW | 0x0 | 0x5e350c | 0x250c50 | 0x24f450 | 0x187 |
USER32.dll (223)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| RealChildWindowFromPoint | 0x0 | 0x5e35dc | 0x250d20 | 0x24f520 | 0x243 |
| CopyImage | 0x0 | 0x5e35e0 | 0x250d24 | 0x24f524 | 0x54 |
| GetMenuItemInfoW | 0x0 | 0x5e35e4 | 0x250d28 | 0x24f528 | 0x154 |
| DestroyMenu | 0x0 | 0x5e35e8 | 0x250d2c | 0x24f52c | 0xa4 |
| EnumDisplayMonitors | 0x0 | 0x5e35ec | 0x250d30 | 0x24f530 | 0xe6 |
| SystemParametersInfoW | 0x0 | 0x5e35f0 | 0x250d34 | 0x24f534 | 0x2ec |
| SetRectEmpty | 0x0 | 0x5e35f4 | 0x250d38 | 0x24f538 | 0x2af |
| SetLayeredWindowAttributes | 0x0 | 0x5e35f8 | 0x250d3c | 0x24f53c | 0x298 |
| LoadCursorW | 0x0 | 0x5e35fc | 0x250d40 | 0x24f540 | 0x1eb |
| SetCursor | 0x0 | 0x5e3600 | 0x250d44 | 0x24f544 | 0x288 |
| ShowOwnedPopups | 0x0 | 0x5e3604 | 0x250d48 | 0x24f548 | 0x2db |
| TranslateMessage | 0x0 | 0x5e3608 | 0x250d4c | 0x24f54c | 0x2fc |
| GetMessageW | 0x0 | 0x5e360c | 0x250d50 | 0x24f550 | 0x15d |
| MapVirtualKeyW | 0x0 | 0x5e3610 | 0x250d54 | 0x24f554 | 0x208 |
| GetKeyNameTextW | 0x0 | 0x5e3614 | 0x250d58 | 0x24f558 | 0x13c |
| DrawIconEx | 0x0 | 0x5e3618 | 0x250d5c | 0x24f55c | 0xc8 |
| IsRectEmpty | 0x0 | 0x5e361c | 0x250d60 | 0x24f560 | 0x1d4 |
| OffsetRect | 0x0 | 0x5e3620 | 0x250d64 | 0x24f564 | 0x225 |
| InflateRect | 0x0 | 0x5e3624 | 0x250d68 | 0x24f568 | 0x1b5 |
| DrawFocusRect | 0x0 | 0x5e3628 | 0x250d6c | 0x24f56c | 0xc4 |
| GetSysColorBrush | 0x0 | 0x5e362c | 0x250d70 | 0x24f570 | 0x17c |
| SetWindowRgn | 0x0 | 0x5e3630 | 0x250d74 | 0x24f574 | 0x2c7 |
| GetSystemMetrics | 0x0 | 0x5e3634 | 0x250d78 | 0x24f578 | 0x17e |
| DrawFrameControl | 0x0 | 0x5e3638 | 0x250d7c | 0x24f57c | 0xc6 |
| DrawEdge | 0x0 | 0x5e363c | 0x250d80 | 0x24f580 | 0xc3 |
| MapDialogRect | 0x0 | 0x5e3640 | 0x250d84 | 0x24f584 | 0x204 |
| SetWindowContextHelpId | 0x0 | 0x5e3644 | 0x250d88 | 0x24f588 | 0x2c1 |
| PostQuitMessage | 0x0 | 0x5e3648 | 0x250d8c | 0x24f58c | 0x237 |
| SendDlgItemMessageA | 0x0 | 0x5e364c | 0x250d90 | 0x24f590 | 0x272 |
| GetCursorPos | 0x0 | 0x5e3650 | 0x250d94 | 0x24f594 | 0x120 |
| ClientToScreen | 0x0 | 0x5e3654 | 0x250d98 | 0x24f598 | 0x47 |
| EndPaint | 0x0 | 0x5e3658 | 0x250d9c | 0x24f59c | 0xdc |
| BeginPaint | 0x0 | 0x5e365c | 0x250da0 | 0x24f5a0 | 0xe |
| ReleaseDC | 0x0 | 0x5e3660 | 0x250da4 | 0x24f5a4 | 0x265 |
| GetWindowDC | 0x0 | 0x5e3664 | 0x250da8 | 0x24f5a8 | 0x192 |
| GetDC | 0x0 | 0x5e3668 | 0x250dac | 0x24f5ac | 0x121 |
| TabbedTextOutW | 0x0 | 0x5e366c | 0x250db0 | 0x24f5b0 | 0x2ee |
| GrayStringW | 0x0 | 0x5e3670 | 0x250db4 | 0x24f5b4 | 0x1a8 |
| DrawTextExW | 0x0 | 0x5e3674 | 0x250db8 | 0x24f5b8 | 0xcf |
| DrawTextW | 0x0 | 0x5e3678 | 0x250dbc | 0x24f5bc | 0xd0 |
| GetWindowThreadProcessId | 0x0 | 0x5e367c | 0x250dc0 | 0x24f5c0 | 0x1a4 |
| GetDesktopWindow | 0x0 | 0x5e3680 | 0x250dc4 | 0x24f5c4 | 0x123 |
| GetActiveWindow | 0x0 | 0x5e3684 | 0x250dc8 | 0x24f5c8 | 0x100 |
| GetNextDlgTabItem | 0x0 | 0x5e3688 | 0x250dcc | 0x24f5cc | 0x162 |
| EndDialog | 0x0 | 0x5e368c | 0x250dd0 | 0x24f5d0 | 0xda |
| CreateDialogIndirectParamW | 0x0 | 0x5e3690 | 0x250dd4 | 0x24f5d4 | 0x61 |
| LoadMenuW | 0x0 | 0x5e3694 | 0x250dd8 | 0x24f5d8 | 0x1f7 |
| SetMenuItemInfoW | 0x0 | 0x5e3698 | 0x250ddc | 0x24f5dc | 0x2a2 |
| GetMenuCheckMarkDimensions | 0x0 | 0x5e369c | 0x250de0 | 0x24f5e0 | 0x14d |
| SetMenuItemBitmaps | 0x0 | 0x5e36a0 | 0x250de4 | 0x24f5e4 | 0x2a0 |
| EnableMenuItem | 0x0 | 0x5e36a4 | 0x250de8 | 0x24f5e8 | 0xd6 |
| CheckMenuItem | 0x0 | 0x5e36a8 | 0x250dec | 0x24f5ec | 0x3f |
| IsDialogMessageW | 0x0 | 0x5e36ac | 0x250df0 | 0x24f5f0 | 0x1cd |
| SetWindowTextW | 0x0 | 0x5e36b0 | 0x250df4 | 0x24f5f4 | 0x2cb |
| IsWindowEnabled | 0x0 | 0x5e36b4 | 0x250df8 | 0x24f5f8 | 0x1dc |
| CheckDlgButton | 0x0 | 0x5e36b8 | 0x250dfc | 0x24f5fc | 0x3e |
| MoveWindow | 0x0 | 0x5e36bc | 0x250e00 | 0x24f600 | 0x21b |
| GetMonitorInfoW | 0x0 | 0x5e36c0 | 0x250e04 | 0x24f604 | 0x15f |
| MonitorFromWindow | 0x0 | 0x5e36c4 | 0x250e08 | 0x24f608 | 0x21a |
| WinHelpW | 0x0 | 0x5e36c8 | 0x250e0c | 0x24f60c | 0x329 |
| GetScrollInfo | 0x0 | 0x5e36cc | 0x250e10 | 0x24f610 | 0x175 |
| SetScrollInfo | 0x0 | 0x5e36d0 | 0x250e14 | 0x24f614 | 0x2b0 |
| LoadIconW | 0x0 | 0x5e36d4 | 0x250e18 | 0x24f618 | 0x1ed |
| GetWindow | 0x0 | 0x5e36d8 | 0x250e1c | 0x24f61c | 0x18e |
| GetLastActivePopup | 0x0 | 0x5e36dc | 0x250e20 | 0x24f620 | 0x144 |
| GetTopWindow | 0x0 | 0x5e36e0 | 0x250e24 | 0x24f624 | 0x185 |
| GetParent | 0x0 | 0x5e36e4 | 0x250e28 | 0x24f628 | 0x164 |
| GetClassLongW | 0x0 | 0x5e36e8 | 0x250e2c | 0x24f62c | 0x110 |
| SetWindowLongW | 0x0 | 0x5e36ec | 0x250e30 | 0x24f630 | 0x2c4 |
| GetWindowLongW | 0x0 | 0x5e36f0 | 0x250e34 | 0x24f634 | 0x196 |
| PtInRect | 0x0 | 0x5e36f4 | 0x250e38 | 0x24f638 | 0x240 |
| EqualRect | 0x0 | 0x5e36f8 | 0x250e3c | 0x24f63c | 0xf3 |
| GetSysColor | 0x0 | 0x5e36fc | 0x250e40 | 0x24f640 | 0x17b |
| MapWindowPoints | 0x0 | 0x5e3700 | 0x250e44 | 0x24f644 | 0x209 |
| ScreenToClient | 0x0 | 0x5e3704 | 0x250e48 | 0x24f648 | 0x26d |
| AdjustWindowRectEx | 0x0 | 0x5e3708 | 0x250e4c | 0x24f64c | 0x3 |
| GetWindowTextLengthW | 0x0 | 0x5e370c | 0x250e50 | 0x24f650 | 0x1a2 |
| GetWindowTextW | 0x0 | 0x5e3710 | 0x250e54 | 0x24f654 | 0x1a3 |
| RemovePropW | 0x0 | 0x5e3714 | 0x250e58 | 0x24f658 | 0x269 |
| GetPropW | 0x0 | 0x5e3718 | 0x250e5c | 0x24f65c | 0x16b |
| SetPropW | 0x0 | 0x5e371c | 0x250e60 | 0x24f660 | 0x2ad |
| ShowScrollBar | 0x0 | 0x5e3720 | 0x250e64 | 0x24f664 | 0x2dc |
| GetScrollRange | 0x0 | 0x5e3724 | 0x250e68 | 0x24f668 | 0x177 |
| IntersectRect | 0x0 | 0x5e3728 | 0x250e6c | 0x24f66c | 0x1bd |
| TrackMouseEvent | 0x0 | 0x5e372c | 0x250e70 | 0x24f670 | 0x2f5 |
| IsIconic | 0x0 | 0x5e3730 | 0x250e74 | 0x24f674 | 0x1d1 |
| SendMessageW | 0x0 | 0x5e3734 | 0x250e78 | 0x24f678 | 0x27c |
| PeekMessageW | 0x0 | 0x5e3738 | 0x250e7c | 0x24f67c | 0x233 |
| LoadStringW | 0x0 | 0x5e373c | 0x250e80 | 0x24f680 | 0x1fa |
| DispatchMessageW | 0x0 | 0x5e3740 | 0x250e84 | 0x24f684 | 0xaf |
| SetScrollRange | 0x0 | 0x5e3744 | 0x250e88 | 0x24f688 | 0x2b2 |
| GetScrollPos | 0x0 | 0x5e3748 | 0x250e8c | 0x24f68c | 0x176 |
| SetScrollPos | 0x0 | 0x5e374c | 0x250e90 | 0x24f690 | 0x2b1 |
| ScrollWindow | 0x0 | 0x5e3750 | 0x250e94 | 0x24f694 | 0x270 |
| RedrawWindow | 0x0 | 0x5e3754 | 0x250e98 | 0x24f698 | 0x24a |
| ValidateRect | 0x0 | 0x5e3758 | 0x250e9c | 0x24f69c | 0x31c |
| GetForegroundWindow | 0x0 | 0x5e375c | 0x250ea0 | 0x24f6a0 | 0x12d |
| SetActiveWindow | 0x0 | 0x5e3760 | 0x250ea4 | 0x24f6a4 | 0x27f |
| TrackPopupMenu | 0x0 | 0x5e3764 | 0x250ea8 | 0x24f6a8 | 0x2f6 |
| SetMenu | 0x0 | 0x5e3768 | 0x250eac | 0x24f6ac | 0x29c |
| GetMenu | 0x0 | 0x5e376c | 0x250eb0 | 0x24f6b0 | 0x14b |
| GetCapture | 0x0 | 0x5e3770 | 0x250eb4 | 0x24f6b4 | 0x108 |
| GetKeyState | 0x0 | 0x5e3774 | 0x250eb8 | 0x24f6b8 | 0x13d |
| GetFocus | 0x0 | 0x5e3778 | 0x250ebc | 0x24f6bc | 0x12c |
| SetFocus | 0x0 | 0x5e377c | 0x250ec0 | 0x24f6c0 | 0x292 |
| GetDlgCtrlID | 0x0 | 0x5e3780 | 0x250ec4 | 0x24f6c4 | 0x126 |
| GetDlgItem | 0x0 | 0x5e3784 | 0x250ec8 | 0x24f6c8 | 0x127 |
| EndDeferWindowPos | 0x0 | 0x5e3788 | 0x250ecc | 0x24f6cc | 0xd9 |
| DeferWindowPos | 0x0 | 0x5e378c | 0x250ed0 | 0x24f6d0 | 0x9d |
| BeginDeferWindowPos | 0x0 | 0x5e3790 | 0x250ed4 | 0x24f6d4 | 0xd |
| SetWindowPlacement | 0x0 | 0x5e3794 | 0x250ed8 | 0x24f6d8 | 0x2c5 |
| GetWindowPlacement | 0x0 | 0x5e3798 | 0x250edc | 0x24f6dc | 0x19b |
| SetWindowPos | 0x0 | 0x5e379c | 0x250ee0 | 0x24f6e0 | 0x2c6 |
| DestroyWindow | 0x0 | 0x5e37a0 | 0x250ee4 | 0x24f6e4 | 0xa6 |
| IsChild | 0x0 | 0x5e37a4 | 0x250ee8 | 0x24f6e8 | 0x1c9 |
| CreateWindowExW | 0x0 | 0x5e37a8 | 0x250eec | 0x24f6ec | 0x6e |
| IsZoomed | 0x0 | 0x5e37ac | 0x250ef0 | 0x24f6f0 | 0x1e2 |
| CharUpperW | 0x0 | 0x5e37b0 | 0x250ef4 | 0x24f6f4 | 0x3c |
| GetAsyncKeyState | 0x0 | 0x5e37b4 | 0x250ef8 | 0x24f6f8 | 0x107 |
| SetCapture | 0x0 | 0x5e37b8 | 0x250efc | 0x24f6fc | 0x280 |
| ReleaseCapture | 0x0 | 0x5e37bc | 0x250f00 | 0x24f700 | 0x264 |
| SetTimer | 0x0 | 0x5e37c0 | 0x250f04 | 0x24f704 | 0x2bb |
| KillTimer | 0x0 | 0x5e37c4 | 0x250f08 | 0x24f708 | 0x1e3 |
| GetSystemMenu | 0x0 | 0x5e37c8 | 0x250f0c | 0x24f70c | 0x17d |
| DeleteMenu | 0x0 | 0x5e37cc | 0x250f10 | 0x24f710 | 0x9e |
| MessageBeep | 0x0 | 0x5e37d0 | 0x250f14 | 0x24f714 | 0x20d |
| WindowFromPoint | 0x0 | 0x5e37d4 | 0x250f18 | 0x24f718 | 0x32c |
| NotifyWinEvent | 0x0 | 0x5e37d8 | 0x250f1c | 0x24f71c | 0x21f |
| CreatePopupMenu | 0x0 | 0x5e37dc | 0x250f20 | 0x24f720 | 0x6b |
| GetMenuDefaultItem | 0x0 | 0x5e37e0 | 0x250f24 | 0x24f724 | 0x14f |
| SetMenuDefaultItem | 0x0 | 0x5e37e4 | 0x250f28 | 0x24f728 | 0x29e |
| GetClassInfoExW | 0x0 | 0x5e37e8 | 0x250f2c | 0x24f72c | 0x10d |
| GetClassInfoW | 0x0 | 0x5e37ec | 0x250f30 | 0x24f730 | 0x10e |
| LoadAcceleratorsW | 0x0 | 0x5e37f0 | 0x250f34 | 0x24f734 | 0x1e5 |
| IsMenu | 0x0 | 0x5e37f4 | 0x250f38 | 0x24f738 | 0x1d2 |
| UpdateLayeredWindow | 0x0 | 0x5e37f8 | 0x250f3c | 0x24f73c | 0x30e |
| EnableScrollBar | 0x0 | 0x5e37fc | 0x250f40 | 0x24f740 | 0xd7 |
| UnionRect | 0x0 | 0x5e3800 | 0x250f44 | 0x24f744 | 0x301 |
| MonitorFromPoint | 0x0 | 0x5e3804 | 0x250f48 | 0x24f748 | 0x218 |
| WaitMessage | 0x0 | 0x5e3808 | 0x250f4c | 0x24f74c | 0x327 |
| CharNextW | 0x0 | 0x5e380c | 0x250f50 | 0x24f750 | 0x31 |
| CopyAcceleratorTableW | 0x0 | 0x5e3810 | 0x250f54 | 0x24f754 | 0x52 |
| InvalidateRgn | 0x0 | 0x5e3814 | 0x250f58 | 0x24f758 | 0x1bf |
| SetRect | 0x0 | 0x5e3818 | 0x250f5c | 0x24f75c | 0x2ae |
| GetNextDlgGroupItem | 0x0 | 0x5e381c | 0x250f60 | 0x24f760 | 0x161 |
| MessageBoxW | 0x0 | 0x5e3820 | 0x250f64 | 0x24f764 | 0x215 |
| EnableWindow | 0x0 | 0x5e3824 | 0x250f68 | 0x24f768 | 0xd8 |
| SetWindowsHookExW | 0x0 | 0x5e3828 | 0x250f6c | 0x24f76c | 0x2cf |
| UnhookWindowsHookEx | 0x0 | 0x5e382c | 0x250f70 | 0x24f770 | 0x300 |
| PostThreadMessageW | 0x0 | 0x5e3830 | 0x250f74 | 0x24f774 | 0x239 |
| IsWindowVisible | 0x0 | 0x5e3834 | 0x250f78 | 0x24f778 | 0x1e0 |
| ShowWindow | 0x0 | 0x5e3838 | 0x250f7c | 0x24f77c | 0x2df |
| SetForegroundWindow | 0x0 | 0x5e383c | 0x250f80 | 0x24f780 | 0x293 |
| CallNextHookEx | 0x0 | 0x5e3840 | 0x250f84 | 0x24f784 | 0x1c |
| GetWindowRect | 0x0 | 0x5e3844 | 0x250f88 | 0x24f788 | 0x19c |
| GetClientRect | 0x0 | 0x5e3848 | 0x250f8c | 0x24f78c | 0x114 |
| IsWindow | 0x0 | 0x5e384c | 0x250f90 | 0x24f790 | 0x1db |
| UnregisterClassW | 0x0 | 0x5e3850 | 0x250f94 | 0x24f794 | 0x306 |
| GetMenuStringW | 0x0 | 0x5e3854 | 0x250f98 | 0x24f798 | 0x158 |
| GetMenuState | 0x0 | 0x5e3858 | 0x250f9c | 0x24f79c | 0x156 |
| GetSubMenu | 0x0 | 0x5e385c | 0x250fa0 | 0x24f7a0 | 0x17a |
| GetMenuItemID | 0x0 | 0x5e3860 | 0x250fa4 | 0x24f7a4 | 0x152 |
| GetMenuItemCount | 0x0 | 0x5e3864 | 0x250fa8 | 0x24f7a8 | 0x151 |
| InsertMenuW | 0x0 | 0x5e3868 | 0x250fac | 0x24f7ac | 0x1ba |
| AppendMenuW | 0x0 | 0x5e386c | 0x250fb0 | 0x24f7b0 | 0xa |
| RemoveMenu | 0x0 | 0x5e3870 | 0x250fb4 | 0x24f7b4 | 0x267 |
| DrawStateW | 0x0 | 0x5e3874 | 0x250fb8 | 0x24f7b8 | 0xcc |
| UpdateWindow | 0x0 | 0x5e3878 | 0x250fbc | 0x24f7bc | 0x311 |
| InvalidateRect | 0x0 | 0x5e387c | 0x250fc0 | 0x24f7c0 | 0x1be |
| FillRect | 0x0 | 0x5e3880 | 0x250fc4 | 0x24f7c4 | 0xf6 |
| GetClassNameW | 0x0 | 0x5e3884 | 0x250fc8 | 0x24f7c8 | 0x112 |
| LoadBitmapW | 0x0 | 0x5e3888 | 0x250fcc | 0x24f7cc | 0x1e7 |
| RegisterWindowMessageW | 0x0 | 0x5e388c | 0x250fd0 | 0x24f7d0 | 0x263 |
| GetMessagePos | 0x0 | 0x5e3890 | 0x250fd4 | 0x24f7d4 | 0x15b |
| GetMessageTime | 0x0 | 0x5e3894 | 0x250fd8 | 0x24f7d8 | 0x15c |
| PostMessageW | 0x0 | 0x5e3898 | 0x250fdc | 0x24f7dc | 0x236 |
| DefWindowProcW | 0x0 | 0x5e389c | 0x250fe0 | 0x24f7e0 | 0x9c |
| CallWindowProcW | 0x0 | 0x5e38a0 | 0x250fe4 | 0x24f7e4 | 0x1e |
| RegisterClassW | 0x0 | 0x5e38a4 | 0x250fe8 | 0x24f7e8 | 0x24e |
| SetParent | 0x0 | 0x5e38a8 | 0x250fec | 0x24f7ec | 0x2a6 |
| OpenClipboard | 0x0 | 0x5e38ac | 0x250ff0 | 0x24f7f0 | 0x226 |
| CloseClipboard | 0x0 | 0x5e38b0 | 0x250ff4 | 0x24f7f4 | 0x49 |
| SetClipboardData | 0x0 | 0x5e38b4 | 0x250ff8 | 0x24f7f8 | 0x286 |
| EmptyClipboard | 0x0 | 0x5e38b8 | 0x250ffc | 0x24f7fc | 0xd5 |
| DestroyIcon | 0x0 | 0x5e38bc | 0x251000 | 0x24f800 | 0xa3 |
| LoadImageW | 0x0 | 0x5e38c0 | 0x251004 | 0x24f804 | 0x1ef |
| SetCursorPos | 0x0 | 0x5e38c4 | 0x251008 | 0x24f808 | 0x28a |
| BringWindowToTop | 0x0 | 0x5e38c8 | 0x25100c | 0x24f80c | 0x10 |
| LockWindowUpdate | 0x0 | 0x5e38cc | 0x251010 | 0x24f810 | 0x1fd |
| GetDoubleClickTime | 0x0 | 0x5e38d0 | 0x251014 | 0x24f814 | 0x12b |
| GetIconInfo | 0x0 | 0x5e38d4 | 0x251018 | 0x24f818 | 0x133 |
| CopyIcon | 0x0 | 0x5e38d8 | 0x25101c | 0x24f81c | 0x53 |
| ModifyMenuW | 0x0 | 0x5e38dc | 0x251020 | 0x24f820 | 0x217 |
| DestroyAcceleratorTable | 0x0 | 0x5e38e0 | 0x251024 | 0x24f824 | 0xa0 |
| SetClassLongW | 0x0 | 0x5e38e4 | 0x251028 | 0x24f828 | 0x284 |
| GetUpdateRect | 0x0 | 0x5e38e8 | 0x25102c | 0x24f82c | 0x187 |
| ToUnicodeEx | 0x0 | 0x5e38ec | 0x251030 | 0x24f830 | 0x2f4 |
| GetKeyboardLayout | 0x0 | 0x5e38f0 | 0x251034 | 0x24f834 | 0x13e |
| DrawIcon | 0x0 | 0x5e38f4 | 0x251038 | 0x24f838 | 0xc7 |
| GetWindowRgn | 0x0 | 0x5e38f8 | 0x25103c | 0x24f83c | 0x19d |
| GetKeyboardState | 0x0 | 0x5e38fc | 0x251040 | 0x24f840 | 0x142 |
| CreateMenu | 0x0 | 0x5e3900 | 0x251044 | 0x24f844 | 0x6a |
| GetComboBoxInfo | 0x0 | 0x5e3904 | 0x251048 | 0x24f848 | 0x11c |
| TranslateMDISysAccel | 0x0 | 0x5e3908 | 0x25104c | 0x24f84c | 0x2fb |
| DefMDIChildProcW | 0x0 | 0x5e390c | 0x251050 | 0x24f850 | 0x99 |
| DefFrameProcW | 0x0 | 0x5e3910 | 0x251054 | 0x24f854 | 0x97 |
| DrawMenuBar | 0x0 | 0x5e3914 | 0x251058 | 0x24f858 | 0xc9 |
| MapVirtualKeyExW | 0x0 | 0x5e3918 | 0x25105c | 0x24f85c | 0x207 |
| IsCharLowerW | 0x0 | 0x5e391c | 0x251060 | 0x24f860 | 0x1c6 |
| IsClipboardFormatAvailable | 0x0 | 0x5e3920 | 0x251064 | 0x24f864 | 0x1ca |
| SubtractRect | 0x0 | 0x5e3924 | 0x251068 | 0x24f868 | 0x2e6 |
| InvertRect | 0x0 | 0x5e3928 | 0x25106c | 0x24f86c | 0x1c0 |
| HideCaret | 0x0 | 0x5e392c | 0x251070 | 0x24f870 | 0x1a9 |
| FrameRect | 0x0 | 0x5e3930 | 0x251074 | 0x24f874 | 0xfd |
| ReuseDDElParam | 0x0 | 0x5e3934 | 0x251078 | 0x24f878 | 0x26c |
| UnpackDDElParam | 0x0 | 0x5e3938 | 0x25107c | 0x24f87c | 0x304 |
| InsertMenuItemW | 0x0 | 0x5e393c | 0x251080 | 0x24f880 | 0x1b9 |
| TranslateAcceleratorW | 0x0 | 0x5e3940 | 0x251084 | 0x24f884 | 0x2fa |
| CharUpperBuffW | 0x0 | 0x5e3944 | 0x251088 | 0x24f888 | 0x3b |
| RegisterClipboardFormatW | 0x0 | 0x5e3948 | 0x25108c | 0x24f88c | 0x250 |
| CreateAcceleratorTableW | 0x0 | 0x5e394c | 0x251090 | 0x24f890 | 0x58 |
| CopyRect | 0x0 | 0x5e3950 | 0x251094 | 0x24f894 | 0x55 |
| DestroyCursor | 0x0 | 0x5e3954 | 0x251098 | 0x24f898 | 0xa2 |
GDI32.dll (98)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| RectVisible | 0x0 | 0x5e3050 | 0x250794 | 0x24ef94 | 0x25e |
| RestoreDC | 0x0 | 0x5e3054 | 0x250798 | 0x24ef98 | 0x269 |
| SaveDC | 0x0 | 0x5e3058 | 0x25079c | 0x24ef9c | 0x270 |
| SelectClipRgn | 0x0 | 0x5e305c | 0x2507a0 | 0x24efa0 | 0x275 |
| ExtSelectClipRgn | 0x0 | 0x5e3060 | 0x2507a4 | 0x24efa4 | 0x136 |
| SelectObject | 0x0 | 0x5e3064 | 0x2507a8 | 0x24efa8 | 0x277 |
| SelectPalette | 0x0 | 0x5e3068 | 0x2507ac | 0x24efac | 0x278 |
| SetBkMode | 0x0 | 0x5e306c | 0x2507b0 | 0x24efb0 | 0x27f |
| SetMapMode | 0x0 | 0x5e3070 | 0x2507b4 | 0x24efb4 | 0x294 |
| SetLayout | 0x0 | 0x5e3074 | 0x2507b8 | 0x24efb8 | 0x291 |
| GetLayout | 0x0 | 0x5e3078 | 0x2507bc | 0x24efbc | 0x1ed |
| SetPolyFillMode | 0x0 | 0x5e307c | 0x2507c0 | 0x24efc0 | 0x29e |
| SetROP2 | 0x0 | 0x5e3080 | 0x2507c4 | 0x24efc4 | 0x29f |
| SetTextAlign | 0x0 | 0x5e3084 | 0x2507c8 | 0x24efc8 | 0x2a4 |
| MoveToEx | 0x0 | 0x5e3088 | 0x2507cc | 0x24efcc | 0x23a |
| TextOutW | 0x0 | 0x5e308c | 0x2507d0 | 0x24efd0 | 0x2b9 |
| ExtTextOutW | 0x0 | 0x5e3090 | 0x2507d4 | 0x24efd4 | 0x138 |
| SetViewportExtEx | 0x0 | 0x5e3094 | 0x2507d8 | 0x24efd8 | 0x2a8 |
| SetViewportOrgEx | 0x0 | 0x5e3098 | 0x2507dc | 0x24efdc | 0x2a9 |
| SetWindowExtEx | 0x0 | 0x5e309c | 0x2507e0 | 0x24efe0 | 0x2ac |
| SetWindowOrgEx | 0x0 | 0x5e30a0 | 0x2507e4 | 0x24efe4 | 0x2ad |
| OffsetViewportOrgEx | 0x0 | 0x5e30a4 | 0x2507e8 | 0x24efe8 | 0x23e |
| OffsetWindowOrgEx | 0x0 | 0x5e30a8 | 0x2507ec | 0x24efec | 0x23f |
| ScaleViewportExtEx | 0x0 | 0x5e30ac | 0x2507f0 | 0x24eff0 | 0x271 |
| ScaleWindowExtEx | 0x0 | 0x5e30b0 | 0x2507f4 | 0x24eff4 | 0x272 |
| CombineRgn | 0x0 | 0x5e30b4 | 0x2507f8 | 0x24eff8 | 0x22 |
| CreateEllipticRgn | 0x0 | 0x5e30b8 | 0x2507fc | 0x24effc | 0x38 |
| CreateRectRgnIndirect | 0x0 | 0x5e30bc | 0x250800 | 0x24f000 | 0x50 |
| Ellipse | 0x0 | 0x5e30c0 | 0x250804 | 0x24f004 | 0xed |
| GetBkColor | 0x0 | 0x5e30c4 | 0x250808 | 0x24f008 | 0x1a9 |
| GetTextColor | 0x0 | 0x5e30c8 | 0x25080c | 0x24f00c | 0x218 |
| GetTextExtentPoint32W | 0x0 | 0x5e30cc | 0x250810 | 0x24f010 | 0x21e |
| PatBlt | 0x0 | 0x5e30d0 | 0x250814 | 0x24f014 | 0x246 |
| CreatePolygonRgn | 0x0 | 0x5e30d4 | 0x250818 | 0x24f018 | 0x4e |
| Polygon | 0x0 | 0x5e30d8 | 0x25081c | 0x24f01c | 0x256 |
| Polyline | 0x0 | 0x5e30dc | 0x250820 | 0x24f020 | 0x257 |
| CreateCompatibleBitmap | 0x0 | 0x5e30e0 | 0x250824 | 0x24f024 | 0x2f |
| CreateDIBitmap | 0x0 | 0x5e30e4 | 0x250828 | 0x24f028 | 0x36 |
| CreateFontIndirectW | 0x0 | 0x5e30e8 | 0x25082c | 0x24f02c | 0x40 |
| EnumFontFamiliesW | 0x0 | 0x5e30ec | 0x250830 | 0x24f030 | 0x126 |
| GetTextCharsetInfo | 0x0 | 0x5e30f0 | 0x250834 | 0x24f034 | 0x217 |
| GetMapMode | 0x0 | 0x5e30f4 | 0x250838 | 0x24f038 | 0x1f0 |
| SetRectRgn | 0x0 | 0x5e30f8 | 0x25083c | 0x24f03c | 0x2a0 |
| DPtoLP | 0x0 | 0x5e30fc | 0x250840 | 0x24f040 | 0xa4 |
| CreateRoundRectRgn | 0x0 | 0x5e3100 | 0x250844 | 0x24f044 | 0x51 |
| CreateDIBSection | 0x0 | 0x5e3104 | 0x250848 | 0x24f048 | 0x35 |
| GetRgnBox | 0x0 | 0x5e3108 | 0x25084c | 0x24f04c | 0x20c |
| PtVisible | 0x0 | 0x5e310c | 0x250850 | 0x24f050 | 0x25a |
| SetPixel | 0x0 | 0x5e3110 | 0x250854 | 0x24f054 | 0x29b |
| StretchBlt | 0x0 | 0x5e3114 | 0x250858 | 0x24f058 | 0x2b3 |
| SetDIBColorTable | 0x0 | 0x5e3118 | 0x25085c | 0x24f05c | 0x287 |
| Rectangle | 0x0 | 0x5e311c | 0x250860 | 0x24f060 | 0x25f |
| OffsetRgn | 0x0 | 0x5e3120 | 0x250864 | 0x24f064 | 0x23d |
| RoundRect | 0x0 | 0x5e3124 | 0x250868 | 0x24f068 | 0x26a |
| CreatePalette | 0x0 | 0x5e3128 | 0x25086c | 0x24f06c | 0x49 |
| GetPaletteEntries | 0x0 | 0x5e312c | 0x250870 | 0x24f070 | 0x200 |
| GetNearestPaletteIndex | 0x0 | 0x5e3130 | 0x250874 | 0x24f074 | 0x1f7 |
| GetSystemPaletteEntries | 0x0 | 0x5e3134 | 0x250878 | 0x24f078 | 0x212 |
| ExtFloodFill | 0x0 | 0x5e3138 | 0x25087c | 0x24f07c | 0x135 |
| SetPaletteEntries | 0x0 | 0x5e313c | 0x250880 | 0x24f080 | 0x29a |
| EnumFontFamiliesExW | 0x0 | 0x5e3140 | 0x250884 | 0x24f084 | 0x125 |
| FillRgn | 0x0 | 0x5e3144 | 0x250888 | 0x24f088 | 0x142 |
| FrameRgn | 0x0 | 0x5e3148 | 0x25088c | 0x24f08c | 0x147 |
| GetBoundsRect | 0x0 | 0x5e314c | 0x250890 | 0x24f090 | 0x1ab |
| PtInRegion | 0x0 | 0x5e3150 | 0x250894 | 0x24f094 | 0x259 |
| GetViewportOrgEx | 0x0 | 0x5e3154 | 0x250898 | 0x24f098 | 0x229 |
| LPtoDP | 0x0 | 0x5e3158 | 0x25089c | 0x24f09c | 0x234 |
| GetWindowOrgEx | 0x0 | 0x5e315c | 0x2508a0 | 0x24f0a0 | 0x22c |
| SetPixelV | 0x0 | 0x5e3160 | 0x2508a4 | 0x24f0a4 | 0x29d |
| GetTextFaceW | 0x0 | 0x5e3164 | 0x2508a8 | 0x24f0a8 | 0x224 |
| LineTo | 0x0 | 0x5e3168 | 0x2508ac | 0x24f0ac | 0x236 |
| IntersectClipRect | 0x0 | 0x5e316c | 0x2508b0 | 0x24f0b0 | 0x230 |
| GetWindowExtEx | 0x0 | 0x5e3170 | 0x2508b4 | 0x24f0b4 | 0x22b |
| GetViewportExtEx | 0x0 | 0x5e3174 | 0x2508b8 | 0x24f0b8 | 0x228 |
| GetPixel | 0x0 | 0x5e3178 | 0x2508bc | 0x24f0bc | 0x204 |
| GetObjectType | 0x0 | 0x5e317c | 0x2508c0 | 0x24f0c0 | 0x1fc |
| GetClipBox | 0x0 | 0x5e3180 | 0x2508c4 | 0x24f0c4 | 0x1c0 |
| ExcludeClipRect | 0x0 | 0x5e3184 | 0x2508c8 | 0x24f0c8 | 0x131 |
| Escape | 0x0 | 0x5e3188 | 0x2508cc | 0x24f0cc | 0x12e |
| CreateRectRgn | 0x0 | 0x5e318c | 0x2508d0 | 0x24f0d0 | 0x4f |
| CreatePatternBrush | 0x0 | 0x5e3190 | 0x2508d4 | 0x24f0d4 | 0x4a |
| CreatePen | 0x0 | 0x5e3194 | 0x2508d8 | 0x24f0d8 | 0x4b |
| CreateHatchBrush | 0x0 | 0x5e3198 | 0x2508dc | 0x24f0dc | 0x43 |
| CreateCompatibleDC | 0x0 | 0x5e319c | 0x2508e0 | 0x24f0e0 | 0x30 |
| BitBlt | 0x0 | 0x5e31a0 | 0x2508e4 | 0x24f0e4 | 0x13 |
| CreateBitmap | 0x0 | 0x5e31a4 | 0x2508e8 | 0x24f0e8 | 0x29 |
| SetTextColor | 0x0 | 0x5e31a8 | 0x2508ec | 0x24f0ec | 0x2a6 |
| SetBkColor | 0x0 | 0x5e31ac | 0x2508f0 | 0x24f0f0 | 0x27e |
| GetObjectW | 0x0 | 0x5e31b0 | 0x2508f4 | 0x24f0f4 | 0x1fd |
| GetStockObject | 0x0 | 0x5e31b4 | 0x2508f8 | 0x24f0f8 | 0x20d |
| DeleteObject | 0x0 | 0x5e31b8 | 0x2508fc | 0x24f0fc | 0xe6 |
| CreateSolidBrush | 0x0 | 0x5e31bc | 0x250900 | 0x24f100 | 0x54 |
| GetDeviceCaps | 0x0 | 0x5e31c0 | 0x250904 | 0x24f104 | 0x1cb |
| CreateDCW | 0x0 | 0x5e31c4 | 0x250908 | 0x24f108 | 0x32 |
| RealizePalette | 0x0 | 0x5e31c8 | 0x25090c | 0x24f10c | 0x25c |
| DeleteDC | 0x0 | 0x5e31cc | 0x250910 | 0x24f110 | 0xe3 |
| CopyMetaFileW | 0x0 | 0x5e31d0 | 0x250914 | 0x24f114 | 0x28 |
| GetTextMetricsW | 0x0 | 0x5e31d4 | 0x250918 | 0x24f118 | 0x226 |
MSIMG32.dll (2)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| TransparentBlt | 0x0 | 0x5e3524 | 0x250c68 | 0x24f468 | 0x3 |
| AlphaBlend | 0x0 | 0x5e3528 | 0x250c6c | 0x24f46c | 0x0 |
WINSPOOL.DRV (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| OpenPrinterW | 0x0 | 0x5e399c | 0x2510e0 | 0x24f8e0 | 0x90 |
| DocumentPropertiesW | 0x0 | 0x5e39a0 | 0x2510e4 | 0x24f8e4 | 0x4e |
| ClosePrinter | 0x0 | 0x5e39a4 | 0x2510e8 | 0x24f8e8 | 0x1d |
ADVAPI32.dll (17)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| RegEnumKeyExW | 0x0 | 0x5e3000 | 0x250744 | 0x24ef44 | 0x24f |
| RegEnumValueW | 0x0 | 0x5e3004 | 0x250748 | 0x24ef48 | 0x252 |
| RegQueryValueW | 0x0 | 0x5e3008 | 0x25074c | 0x24ef4c | 0x26f |
| RegEnumKeyW | 0x0 | 0x5e300c | 0x250750 | 0x24ef50 | 0x250 |
| RegSetValueExW | 0x0 | 0x5e3010 | 0x250754 | 0x24ef54 | 0x27e |
| RegDeleteValueW | 0x0 | 0x5e3014 | 0x250758 | 0x24ef58 | 0x248 |
| RegDeleteKeyW | 0x0 | 0x5e3018 | 0x25075c | 0x24ef5c | 0x244 |
| RegCreateKeyExW | 0x0 | 0x5e301c | 0x250760 | 0x24ef60 | 0x239 |
| RegQueryValueExW | 0x0 | 0x5e3020 | 0x250764 | 0x24ef64 | 0x26e |
| RegOpenKeyExW | 0x0 | 0x5e3024 | 0x250768 | 0x24ef68 | 0x261 |
| RegCloseKey | 0x0 | 0x5e3028 | 0x25076c | 0x24ef6c | 0x230 |
| DeleteService | 0x0 | 0x5e302c | 0x250770 | 0x24ef70 | 0xda |
| ControlService | 0x0 | 0x5e3030 | 0x250774 | 0x24ef74 | 0x5c |
| QueryServiceStatusEx | 0x0 | 0x5e3034 | 0x250778 | 0x24ef78 | 0x229 |
| OpenServiceW | 0x0 | 0x5e3038 | 0x25077c | 0x24ef7c | 0x1fb |
| CloseServiceHandle | 0x0 | 0x5e303c | 0x250780 | 0x24ef80 | 0x57 |
| OpenSCManagerW | 0x0 | 0x5e3040 | 0x250784 | 0x24ef84 | 0x1f9 |
SHELL32.dll (12)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| CommandLineToArgvW | 0x0 | 0x5e357c | 0x250cc0 | 0x24f4c0 | 0x6 |
| ShellExecuteExW | 0x0 | 0x5e3580 | 0x250cc4 | 0x24f4c4 | 0x121 |
| ShellExecuteW | 0x0 | 0x5e3584 | 0x250cc8 | 0x24f4c8 | 0x122 |
| SHGetMalloc | 0x0 | 0x5e3588 | 0x250ccc | 0x24f4cc | 0xcf |
| SHGetPathFromIDListW | 0x0 | 0x5e358c | 0x250cd0 | 0x24f4d0 | 0xd7 |
| SHGetSpecialFolderLocation | 0x0 | 0x5e3590 | 0x250cd4 | 0x24f4d4 | 0xdf |
| SHBrowseForFolderW | 0x0 | 0x5e3594 | 0x250cd8 | 0x24f4d8 | 0x7b |
| SHGetDesktopFolder | 0x0 | 0x5e3598 | 0x250cdc | 0x24f4dc | 0xb6 |
| DragFinish | 0x0 | 0x5e359c | 0x250ce0 | 0x24f4e0 | 0x1b |
| DragQueryFileW | 0x0 | 0x5e35a0 | 0x250ce4 | 0x24f4e4 | 0x1f |
| SHGetFileInfoW | 0x0 | 0x5e35a4 | 0x250ce8 | 0x24f4e8 | 0xbd |
| SHAppBarMessage | 0x0 | 0x5e35a8 | 0x250cec | 0x24f4ec | 0x72 |
COMCTL32.dll (1)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| InitCommonControlsEx | 0x0 | 0x5e3048 | 0x25078c | 0x24ef8c | 0x7b |
SHLWAPI.dll (10)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| PathFindExtensionW | 0x0 | 0x5e35b0 | 0x250cf4 | 0x24f4f4 | 0x47 |
| PathFileExistsA | 0x0 | 0x5e35b4 | 0x250cf8 | 0x24f4f8 | 0x44 |
| StrTrimW | 0x0 | 0x5e35b8 | 0x250cfc | 0x24f4fc | 0x150 |
| PathAppendW | 0x0 | 0x5e35bc | 0x250d00 | 0x24f500 | 0x34 |
| PathFileExistsW | 0x0 | 0x5e35c0 | 0x250d04 | 0x24f504 | 0x45 |
| PathRemoveFileSpecW | 0x0 | 0x5e35c4 | 0x250d08 | 0x24f508 | 0x8b |
| PathIsUNCW | 0x0 | 0x5e35c8 | 0x250d0c | 0x24f50c | 0x71 |
| StrFormatKBSizeW | 0x0 | 0x5e35cc | 0x250d10 | 0x24f510 | 0x12d |
| PathStripToRootW | 0x0 | 0x5e35d0 | 0x250d14 | 0x24f514 | 0x97 |
| PathFindFileNameW | 0x0 | 0x5e35d4 | 0x250d18 | 0x24f518 | 0x49 |
UxTheme.dll (12)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| GetWindowTheme | 0x0 | 0x5e395c | 0x2510a0 | 0x24f8a0 | 0x3b |
| GetThemeSysColor | 0x0 | 0x5e3960 | 0x2510a4 | 0x24f8a4 | 0x32 |
| IsThemeBackgroundPartiallyTransparent | 0x0 | 0x5e3964 | 0x2510a8 | 0x24f8a8 | 0x40 |
| GetThemePartSize | 0x0 | 0x5e3968 | 0x2510ac | 0x24f8ac | 0x2b |
| IsAppThemed | 0x0 | 0x5e396c | 0x2510b0 | 0x24f8b0 | 0x3d |
| OpenThemeData | 0x0 | 0x5e3970 | 0x2510b4 | 0x24f8b4 | 0x43 |
| CloseThemeData | 0x0 | 0x5e3974 | 0x2510b8 | 0x24f8b8 | 0x9 |
| DrawThemeBackground | 0x0 | 0x5e3978 | 0x2510bc | 0x24f8bc | 0xa |
| GetThemeColor | 0x0 | 0x5e397c | 0x2510c0 | 0x24f8c0 | 0x22 |
| GetCurrentThemeName | 0x0 | 0x5e3980 | 0x2510c4 | 0x24f8c4 | 0x1b |
| DrawThemeParentBackground | 0x0 | 0x5e3984 | 0x2510c8 | 0x24f8c8 | 0xe |
| DrawThemeText | 0x0 | 0x5e3988 | 0x2510cc | 0x24f8cc | 0x10 |
ole32.dll (34)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| DoDragDrop | 0x0 | 0x5e3a08 | 0x25114c | 0x24f94c | 0x8c |
| CoFreeUnusedLibraries | 0x0 | 0x5e3a0c | 0x251150 | 0x24f950 | 0x1d |
| OleInitialize | 0x0 | 0x5e3a10 | 0x251154 | 0x24f954 | 0x132 |
| OleUninitialize | 0x0 | 0x5e3a14 | 0x251158 | 0x24f958 | 0x149 |
| OleGetClipboard | 0x0 | 0x5e3a18 | 0x25115c | 0x24f95c | 0x12f |
| CoLockObjectExternal | 0x0 | 0x5e3a1c | 0x251160 | 0x24f960 | 0x47 |
| RegisterDragDrop | 0x0 | 0x5e3a20 | 0x251164 | 0x24f964 | 0x157 |
| RevokeDragDrop | 0x0 | 0x5e3a24 | 0x251168 | 0x24f968 | 0x159 |
| OleLockRunning | 0x0 | 0x5e3a28 | 0x25116c | 0x24f96c | 0x138 |
| CoInitializeEx | 0x0 | 0x5e3a2c | 0x251170 | 0x24f970 | 0x3f |
| OleCreateMenuDescriptor | 0x0 | 0x5e3a30 | 0x251174 | 0x24f974 | 0x127 |
| OleDestroyMenuDescriptor | 0x0 | 0x5e3a34 | 0x251178 | 0x24f978 | 0x129 |
| OleTranslateAccelerator | 0x0 | 0x5e3a38 | 0x25117c | 0x24f97c | 0x148 |
| IsAccelerator | 0x0 | 0x5e3a3c | 0x251180 | 0x24f980 | 0xce |
| CoRevokeClassObject | 0x0 | 0x5e3a40 | 0x251184 | 0x24f984 | 0x5f |
| CoRegisterMessageFilter | 0x0 | 0x5e3a44 | 0x251188 | 0x24f988 | 0x56 |
| OleIsCurrentClipboard | 0x0 | 0x5e3a48 | 0x25118c | 0x24f98c | 0x134 |
| OleFlushClipboard | 0x0 | 0x5e3a4c | 0x251190 | 0x24f990 | 0x12d |
| CreateStreamOnHGlobal | 0x0 | 0x5e3a50 | 0x251194 | 0x24f994 | 0x86 |
| CreateILockBytesOnHGlobal | 0x0 | 0x5e3a54 | 0x251198 | 0x24f998 | 0x80 |
| StgOpenStorageOnILockBytes | 0x0 | 0x5e3a58 | 0x25119c | 0x24f99c | 0x175 |
| StgCreateDocfileOnILockBytes | 0x0 | 0x5e3a5c | 0x2511a0 | 0x24f9a0 | 0x168 |
| CoGetClassObject | 0x0 | 0x5e3a60 | 0x2511a4 | 0x24f9a4 | 0x26 |
| CoDisconnectObject | 0x0 | 0x5e3a64 | 0x2511a8 | 0x24f9a8 | 0x16 |
| CoInitialize | 0x0 | 0x5e3a68 | 0x2511ac | 0x24f9ac | 0x3e |
| CoCreateInstance | 0x0 | 0x5e3a6c | 0x2511b0 | 0x24f9b0 | 0x10 |
| CLSIDFromProgID | 0x0 | 0x5e3a70 | 0x2511b4 | 0x24f9b4 | 0x6 |
| CLSIDFromString | 0x0 | 0x5e3a74 | 0x2511b8 | 0x24f9b8 | 0x8 |
| CoCreateGuid | 0x0 | 0x5e3a78 | 0x2511bc | 0x24f9bc | 0xf |
| CoUninitialize | 0x0 | 0x5e3a7c | 0x2511c0 | 0x24f9c0 | 0x6c |
| ReleaseStgMedium | 0x0 | 0x5e3a80 | 0x2511c4 | 0x24f9c4 | 0x158 |
| OleDuplicateData | 0x0 | 0x5e3a84 | 0x2511c8 | 0x24f9c8 | 0x12c |
| CoTaskMemFree | 0x0 | 0x5e3a88 | 0x2511cc | 0x24f9cc | 0x68 |
| CoTaskMemAlloc | 0x0 | 0x5e3a8c | 0x2511d0 | 0x24f9d0 | 0x67 |
OLEAUT32.dll (14)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| SysStringLen | 0x7 | 0x5e3540 | 0x250c84 | 0x24f484 | - |
| SystemTimeToVariantTime | 0xb8 | 0x5e3544 | 0x250c88 | 0x24f488 | - |
| VariantTimeToSystemTime | 0xb9 | 0x5e3548 | 0x250c8c | 0x24f48c | - |
| SafeArrayDestroy | 0x10 | 0x5e354c | 0x250c90 | 0x24f490 | - |
| VariantChangeType | 0xc | 0x5e3550 | 0x250c94 | 0x24f494 | - |
| VariantCopy | 0xa | 0x5e3554 | 0x250c98 | 0x24f498 | - |
| VarBstrFromDate | 0x72 | 0x5e3558 | 0x250c9c | 0x24f49c | - |
| OleCreateFontIndirect | 0x1a4 | 0x5e355c | 0x250ca0 | 0x24f4a0 | - |
| VariantClear | 0x9 | 0x5e3560 | 0x250ca4 | 0x24f4a4 | - |
| VariantInit | 0x8 | 0x5e3564 | 0x250ca8 | 0x24f4a8 | - |
| SysAllocStringLen | 0x4 | 0x5e3568 | 0x250cac | 0x24f4ac | - |
| LoadTypeLib | 0xa1 | 0x5e356c | 0x250cb0 | 0x24f4b0 | - |
| SysAllocString | 0x2 | 0x5e3570 | 0x250cb4 | 0x24f4b4 | - |
| SysFreeString | 0x6 | 0x5e3574 | 0x250cb8 | 0x24f4b8 | - |
oledlg.dll (1)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| OleUIBusyW | 0x0 | 0x5e3a94 | 0x2511d8 | 0x24f9d8 | 0x3 |
gdiplus.dll (22)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| GdipDrawImageRectI | 0x0 | 0x5e39ac | 0x2510f0 | 0x24f8f0 | 0xb8 |
| GdipSetInterpolationMode | 0x0 | 0x5e39b0 | 0x2510f4 | 0x24f8f4 | 0x218 |
| GdipCreateFromHDC | 0x0 | 0x5e39b4 | 0x2510f8 | 0x24f8f8 | 0x5b |
| GdipCreateBitmapFromHBITMAP | 0x0 | 0x5e39b8 | 0x2510fc | 0x24f8fc | 0x4d |
| GdipDrawImageI | 0x0 | 0x5e39bc | 0x251100 | 0x24f900 | 0xb0 |
| GdipDeleteGraphics | 0x0 | 0x5e39c0 | 0x251104 | 0x24f904 | 0x90 |
| GdipBitmapUnlockBits | 0x0 | 0x5e39c4 | 0x251108 | 0x24f908 | 0x2e |
| GdipBitmapLockBits | 0x0 | 0x5e39c8 | 0x25110c | 0x24f90c | 0x2b |
| GdipCreateBitmapFromScan0 | 0x0 | 0x5e39cc | 0x251110 | 0x24f910 | 0x50 |
| GdipCreateBitmapFromStream | 0x0 | 0x5e39d0 | 0x251114 | 0x24f914 | 0x51 |
| GdipGetImagePaletteSize | 0x0 | 0x5e39d4 | 0x251118 | 0x24f918 | 0x126 |
| GdipGetImagePalette | 0x0 | 0x5e39d8 | 0x25111c | 0x24f91c | 0x125 |
| GdipGetImagePixelFormat | 0x0 | 0x5e39dc | 0x251120 | 0x24f920 | 0x127 |
| GdipGetImageHeight | 0x0 | 0x5e39e0 | 0x251124 | 0x24f924 | 0x122 |
| GdipGetImageWidth | 0x0 | 0x5e39e4 | 0x251128 | 0x24f928 | 0x12c |
| GdipGetImageGraphicsContext | 0x0 | 0x5e39e8 | 0x25112c | 0x24f92c | 0x121 |
| GdipDisposeImage | 0x0 | 0x5e39ec | 0x251130 | 0x24f930 | 0x98 |
| GdipCloneImage | 0x0 | 0x5e39f0 | 0x251134 | 0x24f934 | 0x36 |
| GdiplusStartup | 0x0 | 0x5e39f4 | 0x251138 | 0x24f938 | 0x275 |
| GdipFree | 0x0 | 0x5e39f8 | 0x25113c | 0x24f93c | 0xed |
| GdipAlloc | 0x0 | 0x5e39fc | 0x251140 | 0x24f940 | 0x21 |
| GdiplusShutdown | 0x0 | 0x5e3a00 | 0x251144 | 0x24f944 | 0x274 |
WINMM.dll (2)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| PlaySoundW | 0x0 | 0x5e3990 | 0x2510d4 | 0x24f8d4 | 0x9 |
| timeGetTime | 0x0 | 0x5e3994 | 0x2510d8 | 0x24f8d8 | 0x94 |
MPR.dll (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| WNetEnumResourceW | 0x0 | 0x5e3514 | 0x250c58 | 0x24f458 | 0x1c |
| WNetCloseEnum | 0x0 | 0x5e3518 | 0x250c5c | 0x24f45c | 0x10 |
| WNetOpenEnumW | 0x0 | 0x5e351c | 0x250c60 | 0x24f460 | 0x3d |
OLEACC.dll (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| AccessibleObjectFromWindow | 0x0 | 0x5e3530 | 0x250c74 | 0x24f474 | 0x3 |
| LresultFromObject | 0x0 | 0x5e3534 | 0x250c78 | 0x24f478 | 0x14 |
| CreateStdAccessibleObject | 0x0 | 0x5e3538 | 0x250c7c | 0x24f47c | 0x4 |
IMM32.dll (3)
»
| API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
|---|---|---|---|---|---|
| ImmGetContext | 0x0 | 0x5e31dc | 0x250920 | 0x24f120 | 0x38 |
| ImmGetOpenStatus | 0x0 | 0x5e31e0 | 0x250924 | 0x24f124 | 0x4a |
| ImmReleaseContext | 0x0 | 0x5e31e4 | 0x250928 | 0x24f128 | 0x68 |
Icons (6)
»
