fb4077e5...1834

Filters:

Filename	Category	Type	Severity	Actions

C:\Users\CIiHmnxMn6Ps\Desktop\clifind.log.exe

Sample File

Binary

Unknown

Mime Type	application/x-dosexec
File Size	270.50 KB
MD5	0847bc57afd3397f2a2eaecf1c714820
SHA1	d139c7c1529b0e75864e27ce7575c7bd2c2bbfd1
SHA256	fb4077e5ef55027b2972e94fe54eca985dfb933702f09a640a799f31b2181834
SSDeep	6144:0zG5edok6zTcMqyuCwR7w/czM+AL5EsDXfWy+J6M:0zlUTDqyuCwR7Qc4+s+y+cM
ImpHash	717ac6ebdcfdc811312441b1082957f4

PE Information

Image Base	0x400000
Entry Point	0x410d2f
Size Of Code	0x25a00
Size Of Initialized Data	0x1dc00
File Type	executable
Subsystem	windows_gui
Machine Type	i386
Compile Timestamp	2018-11-14 04:04:54+00:00

Version Information (6)

LegalCopyright	(C)Philip Morris International
CompanyName	Philip Morris International
PrivateBuild	4.2.7.3
ProductName	Shadows
ProductVersion	4.2.7.3
FileDescription	Disruption Optic Defensive Strategically

Sections (4)

Name	Virtual Address	Virtual Size	Raw Data Size	Raw Data Offset	Flags	Entropy
.text	0x401000	0x259cc	0x25a00	0x400	cnt_code, mem_execute, mem_read	6.76
.rdata	0x427000	0x933c	0x9400	0x25e00	cnt_initialized_data, mem_read	5.4
.data	0x431000	0x5cfc	0x2200	0x2f200	cnt_initialized_data, mem_read, mem_write	4.08
.rsrc	0x437000	0x12444	0x12600	0x31400	cnt_initialized_data, mem_read	7.88

Imports (18)

KERNEL32.dll (127)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
GetLocaleInfoA	0x0	0x4270bc	0x2e894	0x2d694	0x1e8
GetCPInfo	0x0	0x4270c0	0x2e898	0x2d698	0x15b
GetOEMCP	0x0	0x4270c4	0x2e89c	0x2d69c	0x213
ExitProcess	0x0	0x4270c8	0x2e8a0	0x2d6a0	0x104
TerminateProcess	0x0	0x4270cc	0x2e8a4	0x2d6a4	0x42d
UnhandledExceptionFilter	0x0	0x4270d0	0x2e8a8	0x2d6a8	0x43e
SetUnhandledExceptionFilter	0x0	0x4270d4	0x2e8ac	0x2d6ac	0x415
IsDebuggerPresent	0x0	0x4270d8	0x2e8b0	0x2d6b0	0x2d1
GetCommandLineA	0x0	0x4270dc	0x2e8b4	0x2d6b4	0x16f
GetStartupInfoA	0x0	0x4270e0	0x2e8b8	0x2d6b8	0x239
HeapFree	0x0	0x4270e4	0x2e8bc	0x2d6bc	0x2a1
HeapReAlloc	0x0	0x4270e8	0x2e8c0	0x2d6c0	0x2a4
RtlUnwind	0x0	0x4270ec	0x2e8c4	0x2d6c4	0x392
VirtualQuery	0x0	0x4270f0	0x2e8c8	0x2d6c8	0x45c
HeapSize	0x0	0x4270f4	0x2e8cc	0x2d6cc	0x2a6
InitializeCriticalSectionAndSpinCount	0x0	0x4270f8	0x2e8d0	0x2d6d0	0x2b5
GlobalFindAtomA	0x0	0x4270fc	0x2e8d4	0x2d6d4	0x288
IsValidCodePage	0x0	0x427100	0x2e8d8	0x2d6d8	0x2db
HeapCreate	0x0	0x427104	0x2e8dc	0x2d6dc	0x29f
FreeEnvironmentStringsA	0x0	0x427108	0x2e8e0	0x2d6e0	0x14a
GetEnvironmentStrings	0x0	0x42710c	0x2e8e4	0x2d6e4	0x1bf
FreeEnvironmentStringsW	0x0	0x427110	0x2e8e8	0x2d6e8	0x14b
GetEnvironmentStringsW	0x0	0x427114	0x2e8ec	0x2d6ec	0x1c1
SetHandleCount	0x0	0x427118	0x2e8f0	0x2d6f0	0x3e8
GetFileType	0x0	0x42711c	0x2e8f4	0x2d6f4	0x1d7
QueryPerformanceCounter	0x0	0x427120	0x2e8f8	0x2d6f8	0x354
GetSystemTimeAsFileTime	0x0	0x427124	0x2e8fc	0x2d6fc	0x24f
GetConsoleCP	0x0	0x427128	0x2e900	0x2d700	0x183
GetConsoleMode	0x0	0x42712c	0x2e904	0x2d704	0x195
LCMapStringA	0x0	0x427130	0x2e908	0x2d708	0x2e1
LCMapStringW	0x0	0x427134	0x2e90c	0x2d70c	0x2e3
GetStringTypeA	0x0	0x427138	0x2e910	0x2d710	0x23d
GetStringTypeW	0x0	0x42713c	0x2e914	0x2d714	0x240
SetStdHandle	0x0	0x427140	0x2e918	0x2d718	0x3fc
WriteConsoleA	0x0	0x427144	0x2e91c	0x2d71c	0x482
GetConsoleOutputCP	0x0	0x427148	0x2e920	0x2d720	0x199
WriteConsoleW	0x0	0x42714c	0x2e924	0x2d724	0x48c
GlobalDeleteAtom	0x0	0x427150	0x2e928	0x2d728	0x287
lstrcmpW	0x0	0x427154	0x2e92c	0x2d72c	0x4aa
GetVersionExA	0x0	0x427158	0x2e930	0x2d730	0x275
VirtualFree	0x0	0x42715c	0x2e934	0x2d734	0x457
GlobalAddAtomA	0x0	0x427160	0x2e938	0x2d738	0x283
CreateFileA	0x0	0x427164	0x2e93c	0x2d73c	0x78
GetCurrentProcess	0x0	0x427168	0x2e940	0x2d740	0x1a9
FlushFileBuffers	0x0	0x42716c	0x2e944	0x2d744	0x141
SetFilePointer	0x0	0x427170	0x2e948	0x2d748	0x3df
WriteFile	0x0	0x427174	0x2e94c	0x2d74c	0x48d
LoadLibraryA	0x0	0x427178	0x2e950	0x2d750	0x2f1
GetCurrentThreadId	0x0	0x42717c	0x2e954	0x2d754	0x1ad
GlobalFlags	0x0	0x427180	0x2e958	0x2d758	0x28b
InterlockedIncrement	0x0	0x427184	0x2e95c	0x2d75c	0x2c0
GetModuleHandleW	0x0	0x427188	0x2e960	0x2d760	0x1f9
CompareStringA	0x0	0x42718c	0x2e964	0x2d764	0x52
GetCurrentProcessId	0x0	0x427190	0x2e968	0x2d768	0x1aa
TlsFree	0x0	0x427194	0x2e96c	0x2d76c	0x433
DeleteCriticalSection	0x0	0x427198	0x2e970	0x2d770	0xbe
LocalReAlloc	0x0	0x42719c	0x2e974	0x2d774	0x300
TlsSetValue	0x0	0x4271a0	0x2e978	0x2d778	0x435
TlsAlloc	0x0	0x4271a4	0x2e97c	0x2d77c	0x432
InitializeCriticalSection	0x0	0x4271a8	0x2e980	0x2d780	0x2b4
GlobalHandle	0x0	0x4271ac	0x2e984	0x2d784	0x28f
GlobalReAlloc	0x0	0x4271b0	0x2e988	0x2d788	0x293
EnterCriticalSection	0x0	0x4271b4	0x2e98c	0x2d78c	0xd9
TlsGetValue	0x0	0x4271b8	0x2e990	0x2d790	0x434
LeaveCriticalSection	0x0	0x4271bc	0x2e994	0x2d794	0x2ef
lstrcmpA	0x0	0x4271c0	0x2e998	0x2d798	0x4a9
GlobalGetAtomNameA	0x0	0x4271c4	0x2e99c	0x2d79c	0x28d
FreeLibrary	0x0	0x4271c8	0x2e9a0	0x2d7a0	0x14c
InterlockedDecrement	0x0	0x4271cc	0x2e9a4	0x2d7a4	0x2bc
GetModuleHandleA	0x0	0x4271d0	0x2e9a8	0x2d7a8	0x1f6
GetProcAddress	0x0	0x4271d4	0x2e9ac	0x2d7ac	0x220
GlobalFree	0x0	0x4271d8	0x2e9b0	0x2d7b0	0x28c
GlobalLock	0x0	0x4271dc	0x2e9b4	0x2d7b4	0x290
GlobalUnlock	0x0	0x4271e0	0x2e9b8	0x2d7b8	0x297
LocalFree	0x0	0x4271e4	0x2e9bc	0x2d7bc	0x2fd
SetLastError	0x0	0x4271e8	0x2e9c0	0x2d7c0	0x3ec
MultiByteToWideChar	0x0	0x4271ec	0x2e9c4	0x2d7c4	0x31a
lstrlenA	0x0	0x4271f0	0x2e9c8	0x2d7c8	0x4b5
lstrcpyA	0x0	0x4271f4	0x2e9cc	0x2d7cc	0x4af
GetSystemTime	0x0	0x4271f8	0x2e9d0	0x2d7d0	0x24d
CreateToolhelp32Snapshot	0x0	0x4271fc	0x2e9d4	0x2d7d4	0xac
FindNextFileW	0x0	0x427200	0x2e9d8	0x2d7d8	0x130
CreatePipe	0x0	0x427204	0x2e9dc	0x2d7dc	0x91
DeviceIoControl	0x0	0x427208	0x2e9e0	0x2d7e0	0xca
GetProfileStringA	0x0	0x42720c	0x2e9e4	0x2d7e4	0x233
CreateEventW	0x0	0x427210	0x2e9e8	0x2d7e8	0x75
LocalAlloc	0x0	0x427214	0x2e9ec	0x2d7ec	0x2f9
FindClose	0x0	0x427218	0x2e9f0	0x2d7f0	0x119
GetDiskFreeSpaceW	0x0	0x42721c	0x2e9f4	0x2d7f4	0x1b7
VirtualAlloc	0x0	0x427220	0x2e9f8	0x2d7f8	0x454
GetLastError	0x0	0x427224	0x2e9fc	0x2d7fc	0x1e6
GetStdHandle	0x0	0x427228	0x2ea00	0x2d800	0x23b
lstrlenW	0x0	0x42722c	0x2ea04	0x2d804	0x4b6
GetOverlappedResult	0x0	0x427230	0x2ea08	0x2d808	0x214
CreateFileW	0x0	0x427234	0x2ea0c	0x2d80c	0x7f
GetModuleFileNameW	0x0	0x427238	0x2ea10	0x2d810	0x1f5
ReadFile	0x0	0x42723c	0x2ea14	0x2d814	0x368
Thread32Next	0x0	0x427240	0x2ea18	0x2d818	0x431
FileTimeToSystemTime	0x0	0x427244	0x2ea1c	0x2d81c	0x110
Sleep	0x0	0x427248	0x2ea20	0x2d820	0x421
Thread32First	0x0	0x42724c	0x2ea24	0x2d824	0x430
GlobalAlloc	0x0	0x427250	0x2ea28	0x2d828	0x285
OpenProcess	0x0	0x427254	0x2ea2c	0x2d82c	0x333
GetVolumePathNameW	0x0	0x427258	0x2ea30	0x2d830	0x27d
GetProcessHeap	0x0	0x42725c	0x2ea34	0x2d834	0x223
GetLogicalDrives	0x0	0x427260	0x2ea38	0x2d838	0x1ed
SetConsoleScreenBufferSize	0x0	0x427264	0x2ea3c	0x2d83c	0x3bf
SetHandleInformation	0x0	0x427268	0x2ea40	0x2d840	0x3e9
GetVolumeInformationByHandleW	0x0	0x42726c	0x2ea44	0x2d844	0x278
HeapAlloc	0x0	0x427270	0x2ea48	0x2d848	0x29d
SystemTimeToTzSpecificLocalTime	0x0	0x427274	0x2ea4c	0x2d84c	0x42b
SetErrorMode	0x0	0x427278	0x2ea50	0x2d850	0x3d2
GetDriveTypeW	0x0	0x42727c	0x2ea54	0x2d854	0x1bb
FindFirstFileW	0x0	0x427280	0x2ea58	0x2d858	0x124
DeleteFileA	0x0	0x427284	0x2ea5c	0x2d85c	0xc0
CloseHandle	0x0	0x427288	0x2ea60	0x2d860	0x43
GetModuleFileNameA	0x0	0x42728c	0x2ea64	0x2d864	0x1f4
LockResource	0x0	0x427290	0x2ea68	0x2d868	0x307
CopyFileA	0x0	0x427294	0x2ea6c	0x2d86c	0x60
RaiseException	0x0	0x427298	0x2ea70	0x2d870	0x35a
SizeofResource	0x0	0x42729c	0x2ea74	0x2d874	0x420
WideCharToMultiByte	0x0	0x4272a0	0x2ea78	0x2d878	0x47a
GetTickCount	0x0	0x4272a4	0x2ea7c	0x2d87c	0x266
CreateProcessW	0x0	0x4272a8	0x2ea80	0x2d880	0x97
LoadResource	0x0	0x4272ac	0x2ea84	0x2d884	0x2f6
GetACP	0x0	0x4272b0	0x2ea88	0x2d888	0x152
FindResourceA	0x0	0x4272b4	0x2ea8c	0x2d88c	0x136

USER32.dll (109)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
CopyRect	0x0	0x42731c	0x2eaf4	0x2d8f4	0x4f
DefWindowProcA	0x0	0x427320	0x2eaf8	0x2d8f8	0x95
CallWindowProcA	0x0	0x427324	0x2eafc	0x2d8fc	0x1c
GetMenu	0x0	0x427328	0x2eb00	0x2d900	0x13c
SystemParametersInfoA	0x0	0x42732c	0x2eb04	0x2d904	0x2c4
IsIconic	0x0	0x427330	0x2eb08	0x2d908	0x1bd
GetWindowPlacement	0x0	0x427334	0x2eb0c	0x2d90c	0x187
GrayStringA	0x0	0x427338	0x2eb10	0x2d910	0x193
DrawTextExA	0x0	0x42733c	0x2eb14	0x2d914	0xc6
DrawTextA	0x0	0x427340	0x2eb18	0x2d918	0xc5
TabbedTextOutA	0x0	0x427344	0x2eb1c	0x2d91c	0x2c6
SetWindowsHookExA	0x0	0x427348	0x2eb20	0x2d920	0x2af
CallNextHookEx	0x0	0x42734c	0x2eb24	0x2d924	0x1b
DispatchMessageA	0x0	0x427350	0x2eb28	0x2d928	0xa8
GetKeyState	0x0	0x427354	0x2eb2c	0x2d92c	0x131
PeekMessageA	0x0	0x427358	0x2eb30	0x2d930	0x21b
ValidateRect	0x0	0x42735c	0x2eb34	0x2d934	0x2f2
SetWindowPos	0x0	0x427360	0x2eb38	0x2d938	0x2a7
IsWindow	0x0	0x427364	0x2eb3c	0x2d93c	0x1c5
GetFocus	0x0	0x427368	0x2eb40	0x2d940	0x124
ClientToScreen	0x0	0x42736c	0x2eb44	0x2d944	0x45
GetDlgCtrlID	0x0	0x427370	0x2eb48	0x2d948	0x11e
GetWindowRect	0x0	0x427374	0x2eb4c	0x2d94c	0x188
GetClassNameA	0x0	0x427378	0x2eb50	0x2d950	0x10a
PtInRect	0x0	0x42737c	0x2eb54	0x2d954	0x229
SetWindowTextA	0x0	0x427380	0x2eb58	0x2d958	0x2ab
GetSystemMetrics	0x0	0x427384	0x2eb5c	0x2d95c	0x16f
GetSysColor	0x0	0x427388	0x2eb60	0x2d960	0x16c
GetSysColorBrush	0x0	0x42738c	0x2eb64	0x2d964	0x16d
GetWindowLongA	0x0	0x427390	0x2eb68	0x2d968	0x181
IsWindowEnabled	0x0	0x427394	0x2eb6c	0x2d96c	0x1c6
DestroyWindow	0x0	0x427398	0x2eb70	0x2d970	0xa0
GetWindowTextA	0x0	0x42739c	0x2eb74	0x2d974	0x18c
UnhookWindowsHookEx	0x0	0x4273a0	0x2eb78	0x2d978	0x2d9
GetMenuState	0x0	0x4273a4	0x2eb7c	0x2d97c	0x147
GetMenuItemID	0x0	0x4273a8	0x2eb80	0x2d980	0x143
GetSubMenu	0x0	0x4273ac	0x2eb84	0x2d984	0x16b
EndPaint	0x0	0x4273b0	0x2eb88	0x2d988	0xd5
SetActiveWindow	0x0	0x4273b4	0x2eb8c	0x2d98c	0x266
InsertMenuItemA	0x0	0x4273b8	0x2eb90	0x2d990	0x1a4
SetForegroundWindow	0x0	0x4273bc	0x2eb94	0x2d994	0x27a
LoadBitmapA	0x0	0x4273c0	0x2eb98	0x2d998	0x1d0
GetParent	0x0	0x4273c4	0x2eb9c	0x2d99c	0x155
LoadMenuA	0x0	0x4273c8	0x2eba0	0x2d9a0	0x1de
LoadIconA	0x0	0x4273cc	0x2eba4	0x2d9a4	0x1d6
CharNextA	0x0	0x4273d0	0x2eba8	0x2d9a8	0x2d
CreateMenu	0x0	0x4273d4	0x2ebac	0x2d9ac	0x64
ExitWindowsEx	0x0	0x4273d8	0x2ebb0	0x2d9b0	0xee
SetFocus	0x0	0x4273dc	0x2ebb4	0x2d9b4	0x279
SendMessageA	0x0	0x4273e0	0x2ebb8	0x2d9b8	0x25e
BeginPaint	0x0	0x4273e4	0x2ebbc	0x2d9bc	0xe
SetScrollRange	0x0	0x4273e8	0x2ebc0	0x2d9c0	0x295
MoveWindow	0x0	0x4273ec	0x2ebc4	0x2d9c4	0x205
GetWindow	0x0	0x4273f0	0x2ebc8	0x2d9c8	0x17d
RegisterClassA	0x0	0x4273f4	0x2ebcc	0x2d9cc	0x233
GetWindowThreadProcessId	0x0	0x4273f8	0x2ebd0	0x2d9d0	0x190
SetDlgItemTextA	0x0	0x4273fc	0x2ebd4	0x2d9d4	0x276
EndDeferWindowPos	0x0	0x427400	0x2ebd8	0x2d9d8	0xd2
InsertMenuItemW	0x0	0x427404	0x2ebdc	0x2d9dc	0x1a5
GetDC	0x0	0x427408	0x2ebe0	0x2d9e0	0x11a
TrackPopupMenuEx	0x0	0x42740c	0x2ebe4	0x2d9e4	0x2d0
SetWindowLongA	0x0	0x427410	0x2ebe8	0x2d9e8	0x2a4
MessageBoxA	0x0	0x427414	0x2ebec	0x2d9ec	0x1f8
CreateWindowExA	0x0	0x427418	0x2ebf0	0x2d9f0	0x67
SetScrollPos	0x0	0x42741c	0x2ebf4	0x2d9f4	0x294
ReleaseDC	0x0	0x427420	0x2ebf8	0x2d9f8	0x24c
IsWindowUnicode	0x0	0x427424	0x2ebfc	0x2d9fc	0x1c9
GetDlgItem	0x0	0x427428	0x2ec00	0x2da00	0x11f
EndDialog	0x0	0x42742c	0x2ec04	0x2da04	0xd3
GetDesktopWindow	0x0	0x427430	0x2ec08	0x2da08	0x11c
GetCursorPos	0x0	0x427434	0x2ec0c	0x2da0c	0x119
EnumWindowStationsW	0x0	0x427438	0x2ec10	0x2da10	0xea
ShowWindow	0x0	0x42743c	0x2ec14	0x2da14	0x2b8
SetMenu	0x0	0x427440	0x2ec18	0x2da18	0x27f
DrawMenuBar	0x0	0x427444	0x2ec1c	0x2da1c	0xc1
AdjustWindowRectEx	0x0	0x427448	0x2ec20	0x2da20	0x3
GetClassInfoA	0x0	0x42744c	0x2ec24	0x2da24	0x104
GetClassInfoExA	0x0	0x427450	0x2ec28	0x2da28	0x105
AppendMenuA	0x0	0x427454	0x2ec2c	0x2da2c	0x9
GetMenuItemCount	0x0	0x427458	0x2ec30	0x2da30	0x142
PostMessageA	0x0	0x42745c	0x2ec34	0x2da34	0x21e
GetClientRect	0x0	0x427460	0x2ec38	0x2da38	0x10d
MapWindowPoints	0x0	0x427464	0x2ec3c	0x2da3c	0x1f3
GetMessagePos	0x0	0x427468	0x2ec40	0x2da40	0x14c
GetLastActivePopup	0x0	0x42746c	0x2ec44	0x2da44	0x138
GetMessageTime	0x0	0x427470	0x2ec48	0x2da48	0x14d
GetDlgItemTextA	0x0	0x427474	0x2ec4c	0x2da4c	0x121
LoadCursorA	0x0	0x427478	0x2ec50	0x2da50	0x1d2
DestroyMenu	0x0	0x42747c	0x2ec54	0x2da54	0x9e
DialogBoxIndirectParamA	0x0	0x427480	0x2ec58	0x2da58	0xa2
UpdateWindow	0x0	0x427484	0x2ec5c	0x2da5c	0x2e9
EnableWindow	0x0	0x427488	0x2ec60	0x2da60	0xd1
BeginDeferWindowPos	0x0	0x42748c	0x2ec64	0x2da64	0xd
DeferWindowPos	0x0	0x427490	0x2ec68	0x2da68	0x97
PostQuitMessage	0x0	0x427494	0x2ec6c	0x2da6c	0x220
SetMenuItemBitmaps	0x0	0x427498	0x2ec70	0x2da70	0x283
GetMenuCheckMarkDimensions	0x0	0x42749c	0x2ec74	0x2da74	0x13e
ModifyMenuA	0x0	0x4274a0	0x2ec78	0x2da78	0x200
EnableMenuItem	0x0	0x4274a4	0x2ec7c	0x2da7c	0xcf
CheckMenuItem	0x0	0x4274a8	0x2ec80	0x2da80	0x3d
RegisterWindowMessageA	0x0	0x4274ac	0x2ec84	0x2da84	0x249
WinHelpA	0x0	0x4274b0	0x2ec88	0x2da88	0x2ff
GetCapture	0x0	0x4274b4	0x2ec8c	0x2da8c	0x101
GetClassLongA	0x0	0x4274b8	0x2ec90	0x2da90	0x108
SetPropA	0x0	0x4274bc	0x2ec94	0x2da94	0x28f
GetPropA	0x0	0x4274c0	0x2ec98	0x2da98	0x15b
RemovePropA	0x0	0x4274c4	0x2ec9c	0x2da9c	0x24f
GetForegroundWindow	0x0	0x4274c8	0x2eca0	0x2daa0	0x125
GetTopWindow	0x0	0x4274cc	0x2eca4	0x2daa4	0x175

GDI32.dll (31)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
PtVisible	0x0	0x42701c	0x2e7f4	0x2d5f4	0x241
RectVisible	0x0	0x427020	0x2e7f8	0x2d5f8	0x245
TextOutA	0x0	0x427024	0x2e7fc	0x2d5fc	0x29f
ExtTextOutA	0x0	0x427028	0x2e800	0x2d600	0x122
Escape	0x0	0x42702c	0x2e804	0x2d604	0x119
OffsetViewportOrgEx	0x0	0x427030	0x2e808	0x2d608	0x225
SetViewportExtEx	0x0	0x427034	0x2e80c	0x2d60c	0x28f
ScaleViewportExtEx	0x0	0x427038	0x2e810	0x2d610	0x258
SetWindowExtEx	0x0	0x42703c	0x2e814	0x2d614	0x293
ScaleWindowExtEx	0x0	0x427040	0x2e818	0x2d618	0x259
GetClipBox	0x0	0x427044	0x2e81c	0x2d61c	0x1aa
DeleteDC	0x0	0x427048	0x2e820	0x2d620	0xcd
CreateBitmap	0x0	0x42704c	0x2e824	0x2d624	0x28
SetMapMode	0x0	0x427050	0x2e828	0x2d628	0x27b
SetTextColor	0x0	0x427054	0x2e82c	0x2d62c	0x28d
SetBkColor	0x0	0x427058	0x2e830	0x2d630	0x265
RestoreDC	0x0	0x42705c	0x2e834	0x2d634	0x250
SaveDC	0x0	0x427060	0x2e838	0x2d638	0x257
SetBkMode	0x0	0x427064	0x2e83c	0x2d63c	0x266
DeleteObject	0x0	0x427068	0x2e840	0x2d640	0xd0
GetDeviceCaps	0x0	0x42706c	0x2e844	0x2d644	0x1b5
GetTextMetricsW	0x0	0x427070	0x2e848	0x2d648	0x20d
GetTextExtentPoint32A	0x0	0x427074	0x2e84c	0x2d64c	0x204
SetViewportOrgEx	0x0	0x427078	0x2e850	0x2d650	0x290
SwapBuffers	0x0	0x42707c	0x2e854	0x2d654	0x29e
SelectObject	0x0	0x427080	0x2e858	0x2d658	0x25e
SelectClipRgn	0x0	0x427084	0x2e85c	0x2d65c	0x25c
CombineRgn	0x0	0x427088	0x2e860	0x2d660	0x21
GetTextMetricsA	0x0	0x42708c	0x2e864	0x2d664	0x20c
GetStockObject	0x0	0x427090	0x2e868	0x2d668	0x1f4
CreatePalette	0x0	0x427094	0x2e86c	0x2d66c	0x47

WINSPOOL.DRV (5)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
OpenPrinterW	0x0	0x4274fc	0x2ecd4	0x2dad4	0x8f
DocumentPropertiesA	0x0	0x427500	0x2ecd8	0x2dad8	0x4d
ConnectToPrinterDlg	0x0	0x427504	0x2ecdc	0x2dadc	0x22
OpenPrinterA	0x0	0x427508	0x2ece0	0x2dae0	0x8e
ClosePrinter	0x0	0x42750c	0x2ece4	0x2dae4	0x1d

ADVAPI32.dll (4)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
CryptReleaseContext	0x0	0x427000	0x2e7d8	0x2d5d8	0xc7
CryptGenKey	0x0	0x427004	0x2e7dc	0x2d5dc	0xbc
CryptGenRandom	0x0	0x427008	0x2e7e0	0x2d5e0	0xbd
CryptAcquireContextA	0x0	0x42700c	0x2e7e4	0x2d5e4	0xac

SHELL32.dll (1)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
DragQueryFileA	0x0	0x427300	0x2ead8	0x2d8d8	0x1e

COMCTL32.dll (1)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
ImageList_GetIconSize	0x0	0x427014	0x2e7ec	0x2d5ec	0x62

SHLWAPI.dll (4)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
PathRemoveFileSpecW	0x0	0x427308	0x2eae0	0x2d8e0	0x8b
PathUnExpandEnvStringsA	0x0	0x42730c	0x2eae4	0x2d8e4	0x98
ColorRGBToHLS	0x0	0x427310	0x2eae8	0x2d8e8	0xd
PathIsUNCServerA	0x0	0x427314	0x2eaec	0x2d8ec	0x6d

ole32.dll (3)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
CoInitialize	0x0	0x427514	0x2ecec	0x2daec	0x3d
CoLockObjectExternal	0x0	0x427518	0x2ecf0	0x2daf0	0x46
RevokeDragDrop	0x0	0x42751c	0x2ecf4	0x2daf4	0x11b

OLEAUT32.dll (3)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
VariantChangeType	0xc	0x4272d0	0x2eaa8	0x2d8a8	-
VariantClear	0x9	0x4272d4	0x2eaac	0x2d8ac	-
VariantInit	0x8	0x4272d8	0x2eab0	0x2d8b0	-

WININET.dll (5)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
FtpOpenFileA	0x0	0x4274e4	0x2ecbc	0x2dabc	0x33
InternetOpenA	0x0	0x4274e8	0x2ecc0	0x2dac0	0x96
InternetGetLastResponseInfoA	0x0	0x4274ec	0x2ecc4	0x2dac4	0x89
InternetConnectA	0x0	0x4274f0	0x2ecc8	0x2dac8	0x70
DeleteUrlCacheEntry	0x0	0x4274f4	0x2eccc	0x2dacc	0xb

VERSION.dll (3)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
GetFileVersionInfoW	0x0	0x4274d4	0x2ecac	0x2daac	0x5
VerQueryValueA	0x0	0x4274d8	0x2ecb0	0x2dab0	0xc
GetFileVersionInfoSizeW	0x0	0x4274dc	0x2ecb4	0x2dab4	0x4

urlmon.dll (1)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
URLDownloadToFileA	0x0	0x427524	0x2ecfc	0x2dafc	0x65

MSACM32.dll (1)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
acmDriverDetailsA	0x0	0x4272bc	0x2ea94	0x2d894	0x4

RPCRT4.dll (5)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
RpcMgmtSetServerStackSize	0x0	0x4272e8	0x2eac0	0x2d8c0	0x198
RpcMgmtSetComTimeout	0x0	0x4272ec	0x2eac4	0x2d8c4	0x197
UuidCreate	0x0	0x4272f0	0x2eac8	0x2d8c8	0x1f3
UuidToStringA	0x0	0x4272f4	0x2eacc	0x2d8cc	0x1fb
RpcMgmtStatsVectorFree	0x0	0x4272f8	0x2ead0	0x2d8d0	0x199

OPENGL32.dll (1)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
wglGetCurrentDC	0x0	0x4272e0	0x2eab8	0x2d8b8	0x15f

IMM32.dll (7)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
ImmGetContext	0x0	0x42709c	0x2e874	0x2d674	0x38
ImmDestroyContext	0x0	0x4270a0	0x2e878	0x2d678	0x20
ImmReleaseContext	0x0	0x4270a4	0x2e87c	0x2d67c	0x68
ImmSetConversionStatus	0x0	0x4270a8	0x2e880	0x2d680	0x75
ImmAssociateContext	0x0	0x4270ac	0x2e884	0x2d684	0x18
ImmGetConversionStatus	0x0	0x4270b0	0x2e888	0x2d688	0x3b
ImmCreateContext	0x0	0x4270b4	0x2e88c	0x2d68c	0x1d

OLEACC.dll (2)

API Name	Ordinal	IAT Address	Thunk RVA	Thunk Offset	Hint
LresultFromObject	0x0	0x4272c4	0x2ea9c	0x2d89c	0x14
CreateStdAccessibleObject	0x0	0x4272c8	0x2eaa0	0x2d8a0	0x4

There are no files for this filter

There are no files in this analysis

WHOIS Domain Information

Before

After