Try VMRay Platform
Malicious
Classifications

Downloader

Threat Names

Mal/HTMLGen-A Mal/Generic-S Emotet

Dynamic Analysis Report

Created on 2022-07-04T12:01:29+00:00

dba6bdca7d5fc58fee89cecdc9566cc1bfd2f33cf5a6b4852634d7981b31da26.exe.ocx

Windows ActiveX Control (x86-64)
...

Remarks (2/3)

(0x02000009): DLL files normally need to be submitted with an appropriate loader. Analysis result may be incomplete if an appropriate loader was not submitted.

(0x02000005): The operating system was rebooted during the analysis because the sample installed a new system service.

(0x0200000E): The overall sleep time of all monitored processes was truncated from "16 minutes, 7 seconds" to "20 seconds" to reveal dormant functionality.

Filters:
File Name Category Type Verdict Actions
C:\Users\RDHJ0C~1\Desktop\dba6bdca7d5fc58fee89cecdc9566cc1bfd2f33cf5a6b4852634d7981b31da26.exe.ocx Sample File Binary
Malicious
...
»
Also Known As C:\Users\RDhJ0CNFevzX\Desktop\dba6bdca7d5fc58fee89cecdc9566cc1bfd2f33cf5a6b4852634d7981b31da26.exe.ocx (VM File, Sample File)
C:\Windows\system32\WIMQPStO\mlES.dll (Accessed File)
MIME Type application/vnd.microsoft.portable-executable
File Size 992.00 KB
MD5 66b1a30ecdc229760f9ab41fc917f9d5 Copy to Clipboard
SHA1 d284d0b843ec4642e1bbdbfe75583b614a124c14 Copy to Clipboard
SHA256 dba6bdca7d5fc58fee89cecdc9566cc1bfd2f33cf5a6b4852634d7981b31da26 Copy to Clipboard
SSDeep 12288:k7fft/OszyOuzcFa2U22oEAm4WWPx+RjBYJT4LX4RE9r6glX5vYEr9G:k7Nm2Oc2oEAmVgx+RjBYJTq4U6g3/ Copy to Clipboard
ImpHash b0a46373aba3b9c59d5abc399556519d Copy to Clipboard
File Reputation Information
»
Verdict
Malicious
Names Mal/Generic-S
PE Information
»
Image Base 0x180000000
Entry Point 0x180057708
Size Of Code 0x00089400
Size Of Initialized Data 0x0006E800
File Type IMAGE_FILE_DLL
Subsystem IMAGE_SUBSYSTEM_WINDOWS_GUI
Machine Type IMAGE_FILE_MACHINE_AMD64
Compile Timestamp 2022-07-01 18:43 (UTC+2)
Version Information (9)
»
CompanyName
FileDescription Example MFC Application
FileVersion 1, 0, 0, 1
InternalName Example
LegalCopyright Copyright (C) 2002
LegalTrademarks
OriginalFilename Example.EXE
ProductName Example Application
ProductVersion 1, 0, 0, 1
Sections (6)
»
Name Virtual Address Virtual Size Raw Data Size Raw Data Offset Flags Entropy
.text 0x180001000 0x00089274 0x00089400 0x00000400 IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ 6.39
.rdata 0x18008B000 0x00026F20 0x00027000 0x00089800 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 4.75
.data 0x1800B2000 0x00009850 0x00003C00 0x000B0800 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE 3.7
.pdata 0x1800BC000 0x000093CC 0x00009400 0x000B4400 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 5.85
.rsrc 0x1800C6000 0x00037754 0x00037800 0x000BD800 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ 7.59
.reloc 0x1800FE000 0x00002E12 0x00003000 0x000F5000 IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ 4.86
Imports (10)
»
KERNEL32.dll (167)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
HeapFree - 0x18008B350 0x000AF150 0x000AD950 0x000002A1
RaiseException - 0x18008B358 0x000AF158 0x000AD958 0x00000354
RtlPcToFileHeader - 0x18008B360 0x000AF160 0x000AD960 0x00000392
VirtualProtect - 0x18008B368 0x000AF168 0x000AD968 0x0000045E
GetSystemInfo - 0x18008B370 0x000AF170 0x000AD970 0x00000249
VirtualQuery - 0x18008B378 0x000AF178 0x000AD978 0x00000460
HeapReAlloc - 0x18008B380 0x000AF180 0x000AD980 0x000002A4
Sleep - 0x18008B388 0x000AF188 0x000AD988 0x00000425
ExitProcess - 0x18008B390 0x000AF190 0x000AD990 0x00000105
ExitThread - 0x18008B398 0x000AF198 0x000AD998 0x00000106
CreateThread - 0x18008B3A0 0x000AF1A0 0x000AD9A0 0x000000A3
HeapSize - 0x18008B3A8 0x000AF1A8 0x000AD9A8 0x000002A6
HeapQueryInformation - 0x18008B3B0 0x000AF1B0 0x000AD9B0 0x000002A3
EncodePointer - 0x18008B3B8 0x000AF1B8 0x000AD9B8 0x000000D6
DecodePointer - 0x18008B3C0 0x000AF1C0 0x000AD9C0 0x000000B8
FlsGetValue - 0x18008B3C8 0x000AF1C8 0x000AD9C8 0x0000013F
FlsFree - 0x18008B3D0 0x000AF1D0 0x000AD9D0 0x0000013E
FlsAlloc - 0x18008B3D8 0x000AF1D8 0x000AD9D8 0x0000013D
TerminateProcess - 0x18008B3E0 0x000AF1E0 0x000AD9E0 0x00000431
UnhandledExceptionFilter - 0x18008B3E8 0x000AF1E8 0x000AD9E8 0x00000442
SetUnhandledExceptionFilter - 0x18008B3F0 0x000AF1F0 0x000AD9F0 0x00000419
IsDebuggerPresent - 0x18008B3F8 0x000AF1F8 0x000AD9F8 0x000002CB
RtlVirtualUnwind - 0x18008B400 0x000AF200 0x000ADA00 0x00000397
RtlCaptureContext - 0x18008B408 0x000AF208 0x000ADA08 0x00000389
SetHandleCount - 0x18008B410 0x000AF210 0x000ADA10 0x000003EC
GetStdHandle - 0x18008B418 0x000AF218 0x000ADA18 0x0000023B
GetFileType - 0x18008B420 0x000AF220 0x000ADA20 0x000001D8
GetStartupInfoA - 0x18008B428 0x000AF228 0x000ADA28 0x00000239
FreeEnvironmentStringsA - 0x18008B430 0x000AF230 0x000ADA30 0x0000014B
GetEnvironmentStrings - 0x18008B438 0x000AF238 0x000ADA38 0x000001C0
HeapAlloc - 0x18008B440 0x000AF240 0x000ADA40 0x0000029D
GetEnvironmentStringsW - 0x18008B448 0x000AF248 0x000ADA48 0x000001C2
HeapSetInformation - 0x18008B450 0x000AF250 0x000ADA50 0x000002A5
HeapCreate - 0x18008B458 0x000AF258 0x000ADA58 0x0000029F
HeapDestroy - 0x18008B460 0x000AF260 0x000ADA60 0x000002A0
QueryPerformanceCounter - 0x18008B468 0x000AF268 0x000ADA68 0x0000034E
GetTickCount - 0x18008B470 0x000AF270 0x000ADA70 0x00000266
GetACP - 0x18008B478 0x000AF278 0x000ADA78 0x00000153
IsValidCodePage - 0x18008B480 0x000AF280 0x000ADA80 0x000002D5
FatalAppExitA - 0x18008B488 0x000AF288 0x000ADA88 0x0000010C
SetConsoleCtrlHandler - 0x18008B490 0x000AF290 0x000ADA90 0x000003AC
InitializeCriticalSectionAndSpinCount - 0x18008B498 0x000AF298 0x000ADA98 0x000002B5
GetTimeZoneInformation - 0x18008B4A0 0x000AF2A0 0x000ADAA0 0x0000026B
GetConsoleCP - 0x18008B4A8 0x000AF2A8 0x000ADAA8 0x00000184
GetConsoleMode - 0x18008B4B0 0x000AF2B0 0x000ADAB0 0x00000196
GetLocaleInfoW - 0x18008B4B8 0x000AF2B8 0x000ADAB8 0x000001EA
LCMapStringA - 0x18008B4C0 0x000AF2C0 0x000ADAC0 0x000002DB
LCMapStringW - 0x18008B4C8 0x000AF2C8 0x000ADAC8 0x000002DD
GetStringTypeA - 0x18008B4D0 0x000AF2D0 0x000ADAD0 0x0000023D
GetStringTypeW - 0x18008B4D8 0x000AF2D8 0x000ADAD8 0x00000240
GetDateFormatA - 0x18008B4E0 0x000AF2E0 0x000ADAE0 0x000001AF
GetTimeFormatA - 0x18008B4E8 0x000AF2E8 0x000ADAE8 0x00000268
GetUserDefaultLCID - 0x18008B4F0 0x000AF2F0 0x000ADAF0 0x0000026D
EnumSystemLocalesA - 0x18008B4F8 0x000AF2F8 0x000ADAF8 0x000000F9
IsValidLocale - 0x18008B500 0x000AF300 0x000ADB00 0x000002D7
SetStdHandle - 0x18008B508 0x000AF308 0x000ADB08 0x00000400
WriteConsoleA - 0x18008B510 0x000AF310 0x000ADB10 0x00000486
GetConsoleOutputCP - 0x18008B518 0x000AF318 0x000ADB18 0x0000019A
WriteConsoleW - 0x18008B520 0x000AF320 0x000ADB20 0x00000490
CompareStringW - 0x18008B528 0x000AF328 0x000ADB28 0x00000055
SetEnvironmentVariableA - 0x18008B530 0x000AF330 0x000ADB30 0x000003D5
GetCommandLineA - 0x18008B538 0x000AF338 0x000ADB38 0x00000170
FlsSetValue - 0x18008B540 0x000AF340 0x000ADB40 0x00000140
RtlUnwindEx - 0x18008B548 0x000AF348 0x000ADB48 0x00000396
RtlLookupFunctionEntry - 0x18008B550 0x000AF350 0x000ADB50 0x00000390
GetSystemTimeAsFileTime - 0x18008B558 0x000AF358 0x000ADB58 0x0000024F
GetFileTime - 0x18008B560 0x000AF360 0x000ADB60 0x000001D7
GetFileSizeEx - 0x18008B568 0x000AF368 0x000ADB68 0x000001D6
GetFileAttributesA - 0x18008B570 0x000AF370 0x000ADB70 0x000001CA
SetFileAttributesA - 0x18008B578 0x000AF378 0x000ADB78 0x000003DC
SetFileTime - 0x18008B580 0x000AF380 0x000ADB80 0x000003E8
LocalFileTimeToFileTime - 0x18008B588 0x000AF388 0x000ADB88 0x000002F5
FileTimeToLocalFileTime - 0x18008B590 0x000AF390 0x000ADB90 0x00000110
SetErrorMode - 0x18008B598 0x000AF398 0x000ADB98 0x000003D7
CreateFileA - 0x18008B5A0 0x000AF3A0 0x000ADBA0 0x00000079
GetShortPathNameA - 0x18008B5A8 0x000AF3A8 0x000ADBA8 0x00000237
GetFullPathNameA - 0x18008B5B0 0x000AF3B0 0x000ADBB0 0x000001DD
GetVolumeInformationA - 0x18008B5B8 0x000AF3B8 0x000ADBB8 0x00000277
FindFirstFileA - 0x18008B5C0 0x000AF3C0 0x000ADBC0 0x0000011E
FindClose - 0x18008B5C8 0x000AF3C8 0x000ADBC8 0x0000011A
GetCurrentProcess - 0x18008B5D0 0x000AF3D0 0x000ADBD0 0x000001AA
DuplicateHandle - 0x18008B5D8 0x000AF3D8 0x000ADBD8 0x000000D5
GetFileSize - 0x18008B5E0 0x000AF3E0 0x000ADBE0 0x000001D5
SetEndOfFile - 0x18008B5E8 0x000AF3E8 0x000ADBE8 0x000003D2
UnlockFile - 0x18008B5F0 0x000AF3F0 0x000ADBF0 0x00000443
LockFile - 0x18008B5F8 0x000AF3F8 0x000ADBF8 0x000002FF
FlushFileBuffers - 0x18008B600 0x000AF400 0x000ADC00 0x00000142
SetFilePointer - 0x18008B608 0x000AF408 0x000ADC08 0x000003E4
WriteFile - 0x18008B610 0x000AF410 0x000ADC10 0x00000491
ReadFile - 0x18008B618 0x000AF418 0x000ADC18 0x00000362
lstrcmpiA - 0x18008B620 0x000AF420 0x000ADC20 0x000004B4
GetStringTypeExA - 0x18008B628 0x000AF428 0x000ADC28 0x0000023E
DeleteFileA - 0x18008B630 0x000AF430 0x000ADC30 0x000000C1
MoveFileA - 0x18008B638 0x000AF438 0x000ADC38 0x0000030B
GetCurrentDirectoryA - 0x18008B640 0x000AF440 0x000ADC40 0x000001A8
GetPrivateProfileStringA - 0x18008B648 0x000AF448 0x000ADC48 0x0000021C
WritePrivateProfileStringA - 0x18008B650 0x000AF450 0x000ADC50 0x00000496
GetPrivateProfileIntA - 0x18008B658 0x000AF458 0x000ADC58 0x00000216
SystemTimeToFileTime - 0x18008B660 0x000AF460 0x000ADC60 0x0000042E
FileTimeToSystemTime - 0x18008B668 0x000AF468 0x000ADC68 0x00000111
GetThreadLocale - 0x18008B670 0x000AF470 0x000ADC70 0x0000025F
GetAtomNameA - 0x18008B678 0x000AF478 0x000ADC78 0x00000156
GetOEMCP - 0x18008B680 0x000AF480 0x000ADC80 0x00000213
GetCPInfo - 0x18008B688 0x000AF488 0x000ADC88 0x0000015C
GlobalFlags - 0x18008B690 0x000AF490 0x000ADC90 0x0000028B
GetModuleHandleW - 0x18008B698 0x000AF498 0x000ADC98 0x000001F9
TlsFree - 0x18008B6A0 0x000AF4A0 0x000ADCA0 0x00000437
DeleteCriticalSection - 0x18008B6A8 0x000AF4A8 0x000ADCA8 0x000000BF
LocalReAlloc - 0x18008B6B0 0x000AF4B0 0x000ADCB0 0x000002FA
TlsSetValue - 0x18008B6B8 0x000AF4B8 0x000ADCB8 0x00000439
GlobalHandle - 0x18008B6C0 0x000AF4C0 0x000ADCC0 0x0000028F
GlobalReAlloc - 0x18008B6C8 0x000AF4C8 0x000ADCC8 0x00000293
TlsAlloc - 0x18008B6D0 0x000AF4D0 0x000ADCD0 0x00000436
InitializeCriticalSection - 0x18008B6D8 0x000AF4D8 0x000ADCD8 0x000002B4
EnterCriticalSection - 0x18008B6E0 0x000AF4E0 0x000ADCE0 0x000000DA
TlsGetValue - 0x18008B6E8 0x000AF4E8 0x000ADCE8 0x00000438
LeaveCriticalSection - 0x18008B6F0 0x000AF4F0 0x000ADCF0 0x000002E9
LocalAlloc - 0x18008B6F8 0x000AF4F8 0x000ADCF8 0x000002F3
GetModuleFileNameW - 0x18008B700 0x000AF500 0x000ADD00 0x000001F5
CreateEventA - 0x18008B708 0x000AF508 0x000ADD08 0x00000073
SuspendThread - 0x18008B710 0x000AF510 0x000ADD10 0x0000042B
SetEvent - 0x18008B718 0x000AF518 0x000ADD18 0x000003D8
WaitForSingleObject - 0x18008B720 0x000AF520 0x000ADD20 0x00000468
ResumeThread - 0x18008B728 0x000AF528 0x000ADD28 0x00000387
SetThreadPriority - 0x18008B730 0x000AF530 0x000ADD30 0x0000040F
CloseHandle - 0x18008B738 0x000AF538 0x000ADD38 0x00000043
GetCurrentThread - 0x18008B740 0x000AF540 0x000ADD40 0x000001AD
ConvertDefaultLocale - 0x18008B748 0x000AF548 0x000ADD48 0x0000005B
EnumResourceLanguagesA - 0x18008B750 0x000AF550 0x000ADD50 0x000000E7
GetLocaleInfoA - 0x18008B758 0x000AF558 0x000ADD58 0x000001E8
lstrcmpA - 0x18008B760 0x000AF560 0x000ADD60 0x000004B1
GetCurrentProcessId - 0x18008B768 0x000AF568 0x000ADD68 0x000001AB
GetModuleFileNameA - 0x18008B770 0x000AF570 0x000ADD70 0x000001F4
FreeResource - 0x18008B778 0x000AF578 0x000ADD78 0x00000150
GetCurrentThreadId - 0x18008B780 0x000AF580 0x000ADD80 0x000001AE
GlobalGetAtomNameA - 0x18008B788 0x000AF588 0x000ADD88 0x0000028D
GlobalAddAtomA - 0x18008B790 0x000AF590 0x000ADD90 0x00000283
GlobalFindAtomA - 0x18008B798 0x000AF598 0x000ADD98 0x00000288
GlobalDeleteAtom - 0x18008B7A0 0x000AF5A0 0x000ADDA0 0x00000287
FreeLibrary - 0x18008B7A8 0x000AF5A8 0x000ADDA8 0x0000014D
CompareStringA - 0x18008B7B0 0x000AF5B0 0x000ADDB0 0x00000052
LoadLibraryA - 0x18008B7B8 0x000AF5B8 0x000ADDB8 0x000002EB
lstrcmpW - 0x18008B7C0 0x000AF5C0 0x000ADDC0 0x000004B2
GetVersionExA - 0x18008B7C8 0x000AF5C8 0x000ADDC8 0x00000275
GetModuleHandleA - 0x18008B7D0 0x000AF5D0 0x000ADDD0 0x000001F6
GetProcAddress - 0x18008B7D8 0x000AF5D8 0x000ADDD8 0x00000220
GlobalFree - 0x18008B7E0 0x000AF5E0 0x000ADDE0 0x0000028C
CopyFileA - 0x18008B7E8 0x000AF5E8 0x000ADDE8 0x00000061
GlobalSize - 0x18008B7F0 0x000AF5F0 0x000ADDF0 0x00000294
GlobalAlloc - 0x18008B7F8 0x000AF5F8 0x000ADDF8 0x00000285
GlobalLock - 0x18008B800 0x000AF600 0x000ADE00 0x00000290
GlobalUnlock - 0x18008B808 0x000AF608 0x000ADE08 0x00000297
FormatMessageA - 0x18008B810 0x000AF610 0x000ADE10 0x00000148
LocalFree - 0x18008B818 0x000AF618 0x000ADE18 0x000002F7
lstrlenW - 0x18008B820 0x000AF620 0x000ADE20 0x000004BE
MultiByteToWideChar - 0x18008B828 0x000AF628 0x000ADE28 0x00000314
MulDiv - 0x18008B830 0x000AF630 0x000ADE30 0x00000313
lstrlenA - 0x18008B838 0x000AF638 0x000ADE38 0x000004BD
GetLastError - 0x18008B840 0x000AF640 0x000ADE40 0x000001E6
SetLastError - 0x18008B848 0x000AF648 0x000ADE48 0x000003F0
WideCharToMultiByte - 0x18008B850 0x000AF650 0x000ADE50 0x0000047E
FindResourceA - 0x18008B858 0x000AF658 0x000ADE58 0x00000137
LoadResource - 0x18008B860 0x000AF660 0x000ADE60 0x000002F0
LockResource - 0x18008B868 0x000AF668 0x000ADE68 0x00000301
SizeofResource - 0x18008B870 0x000AF670 0x000ADE70 0x00000424
FreeEnvironmentStringsW - 0x18008B878 0x000AF678 0x000ADE78 0x0000014C
VirtualAlloc - 0x18008B880 0x000AF680 0x000ADE80 0x00000458
USER32.dll (171)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
ReuseDDElParam - 0x18008BA38 0x000AF838 0x000AE038 0x00000257
UnpackDDElParam - 0x18008BA40 0x000AF840 0x000AE040 0x000002E5
SetRect - 0x18008BA48 0x000AF848 0x000AE048 0x00000297
KillTimer - 0x18008BA50 0x000AF850 0x000AE050 0x000001D1
GetKeyNameTextA - 0x18008BA58 0x000AF858 0x000AE058 0x00000131
MapVirtualKeyA - 0x18008BA60 0x000AF860 0x000AE060 0x000001F3
IsRectEmpty - 0x18008BA68 0x000AF868 0x000AE068 0x000001C4
GetSystemMenu - 0x18008BA70 0x000AF870 0x000AE070 0x00000170
SetParent - 0x18008BA78 0x000AF878 0x000AE078 0x0000028F
UnionRect - 0x18008BA80 0x000AF880 0x000AE080 0x000002E2
GetDCEx - 0x18008BA88 0x000AF888 0x000AE088 0x0000011D
LockWindowUpdate - 0x18008BA90 0x000AF890 0x000AE090 0x000001EB
WaitMessage - 0x18008BA98 0x000AF898 0x000AE098 0x00000305
ReleaseCapture - 0x18008BAA0 0x000AF8A0 0x000AE0A0 0x0000024F
WindowFromPoint - 0x18008BAA8 0x000AF8A8 0x000AE0A8 0x0000030B
SetCapture - 0x18008BAB0 0x000AF8B0 0x000AE0B0 0x0000026B
DeleteMenu - 0x18008BAB8 0x000AF8B8 0x000AE0B8 0x00000098
DestroyMenu - 0x18008BAC0 0x000AF8C0 0x000AE0C0 0x0000009E
GetMenuItemInfoA - 0x18008BAC8 0x000AF8C8 0x000AE0C8 0x00000146
LoadCursorA - 0x18008BAD0 0x000AF8D0 0x000AE0D0 0x000001D6
GetSysColorBrush - 0x18008BAD8 0x000AF8D8 0x000AE0D8 0x0000016F
GetDesktopWindow - 0x18008BAE0 0x000AF8E0 0x000AE0E0 0x0000011E
CreateDialogIndirectParamA - 0x18008BAE8 0x000AF8E8 0x000AE0E8 0x00000059
GetNextDlgTabItem - 0x18008BAF0 0x000AF8F0 0x000AE0F0 0x00000155
EndDialog - 0x18008BAF8 0x000AF8F8 0x000AE0F8 0x000000D3
ShowOwnedPopups - 0x18008BB00 0x000AF900 0x000AE100 0x000002BC
SetCursor - 0x18008BB08 0x000AF908 0x000AE108 0x00000276
GetMessageA - 0x18008BB10 0x000AF910 0x000AE110 0x0000014C
TranslateMessage - 0x18008BB18 0x000AF918 0x000AE118 0x000002DD
GetActiveWindow - 0x18008BB20 0x000AF920 0x000AE120 0x000000F9
GetCursorPos - 0x18008BB28 0x000AF928 0x000AE128 0x0000011B
ValidateRect - 0x18008BB30 0x000AF930 0x000AE130 0x000002FA
PostQuitMessage - 0x18008BB38 0x000AF938 0x000AE138 0x00000224
InflateRect - 0x18008BB40 0x000AF940 0x000AE140 0x000001A5
GetWindowThreadProcessId - 0x18008BB48 0x000AF948 0x000AE148 0x00000194
ScrollWindowEx - 0x18008BB50 0x000AF950 0x000AE150 0x0000025C
IsWindowEnabled - 0x18008BB58 0x000AF958 0x000AE158 0x000001CA
ShowWindow - 0x18008BB60 0x000AF960 0x000AE160 0x000002C0
MoveWindow - 0x18008BB68 0x000AF968 0x000AE168 0x00000209
SetWindowTextA - 0x18008BB70 0x000AF970 0x000AE170 0x000002B3
IsDialogMessageA - 0x18008BB78 0x000AF978 0x000AE178 0x000001BC
IsDlgButtonChecked - 0x18008BB80 0x000AF980 0x000AE180 0x000001BE
SetDlgItemTextA - 0x18008BB88 0x000AF988 0x000AE188 0x0000027C
SetDlgItemInt - 0x18008BB90 0x000AF990 0x000AE190 0x0000027B
GetDlgItemTextA - 0x18008BB98 0x000AF998 0x000AE198 0x00000123
GetDlgItemInt - 0x18008BBA0 0x000AF9A0 0x000AE1A0 0x00000122
CheckRadioButton - 0x18008BBA8 0x000AF9A8 0x000AE1A8 0x0000003F
CheckDlgButton - 0x18008BBB0 0x000AF9B0 0x000AE1B0 0x0000003C
SetMenuItemBitmaps - 0x18008BBB8 0x000AF9B8 0x000AE1B8 0x00000289
GetMenuCheckMarkDimensions - 0x18008BBC0 0x000AF9C0 0x000AE1C0 0x00000140
LoadBitmapA - 0x18008BBC8 0x000AF9C8 0x000AE1C8 0x000001D4
ModifyMenuA - 0x18008BBD0 0x000AF9D0 0x000AE1D0 0x00000204
EnableMenuItem - 0x18008BBD8 0x000AF9D8 0x000AE1D8 0x000000CF
CheckMenuItem - 0x18008BBE0 0x000AF9E0 0x000AE1E0 0x0000003D
RegisterWindowMessageA - 0x18008BBE8 0x000AF9E8 0x000AE1E8 0x0000024D
SendDlgItemMessageA - 0x18008BBF0 0x000AF9F0 0x000AE1F0 0x0000025D
WinHelpA - 0x18008BBF8 0x000AF9F8 0x000AE1F8 0x00000307
IsChild - 0x18008BC00 0x000AFA00 0x000AE200 0x000001B9
GetCapture - 0x18008BC08 0x000AFA08 0x000AE208 0x00000101
SetWindowsHookExA - 0x18008BC10 0x000AFA10 0x000AE210 0x000002B7
LoadMenuA - 0x18008BC18 0x000AFA18 0x000AE218 0x000001E2
GetClassLongA - 0x18008BC20 0x000AFA20 0x000AE220 0x00000108
GetClassNameA - 0x18008BC28 0x000AFA28 0x000AE228 0x0000010C
GetClassLongPtrA - 0x18008BC30 0x000AFA30 0x000AE230 0x00000109
GetPropA - 0x18008BC38 0x000AFA38 0x000AE238 0x0000015D
RemovePropA - 0x18008BC40 0x000AFA40 0x000AE240 0x00000253
GetFocus - 0x18008BC48 0x000AFA48 0x000AE248 0x00000126
IsWindow - 0x18008BC50 0x000AFA50 0x000AE250 0x000001C9
SetFocus - 0x18008BC58 0x000AFA58 0x000AE258 0x0000027F
GetWindowTextLengthA - 0x18008BC60 0x000AFA60 0x000AE260 0x00000191
GetWindowTextA - 0x18008BC68 0x000AFA68 0x000AE268 0x00000190
GetForegroundWindow - 0x18008BC70 0x000AFA70 0x000AE270 0x00000127
GetLastActivePopup - 0x18008BC78 0x000AFA78 0x000AE278 0x0000013A
SetActiveWindow - 0x18008BC80 0x000AFA80 0x000AE280 0x0000026A
DispatchMessageA - 0x18008BC88 0x000AFA88 0x000AE288 0x000000A8
BeginDeferWindowPos - 0x18008BC90 0x000AFA90 0x000AE290 0x0000000D
EndDeferWindowPos - 0x18008BC98 0x000AFA98 0x000AE298 0x000000D2
GetDlgItem - 0x18008BCA0 0x000AFAA0 0x000AE2A0 0x00000121
GetTopWindow - 0x18008BCA8 0x000AFAA8 0x000AE2A8 0x00000177
DestroyWindow - 0x18008BCB0 0x000AFAB0 0x000AE2B0 0x000000A0
GetWindowLongPtrA - 0x18008BCB8 0x000AFAB8 0x000AE2B8 0x00000184
SetWindowLongPtrA - 0x18008BCC0 0x000AFAC0 0x000AE2C0 0x000002AB
UnhookWindowsHookEx - 0x18008BCC8 0x000AFAC8 0x000AE2C8 0x000002E1
GetMessageTime - 0x18008BCD0 0x000AFAD0 0x000AE2D0 0x0000014F
GetMessagePos - 0x18008BCD8 0x000AFAD8 0x000AE2D8 0x0000014E
PeekMessageA - 0x18008BCE0 0x000AFAE0 0x000AE2E0 0x0000021F
MapWindowPoints - 0x18008BCE8 0x000AFAE8 0x000AE2E8 0x000001F7
ScrollWindow - 0x18008BCF0 0x000AFAF0 0x000AE2F0 0x0000025B
TrackPopupMenuEx - 0x18008BCF8 0x000AFAF8 0x000AE2F8 0x000002D8
TrackPopupMenu - 0x18008BD00 0x000AFB00 0x000AE300 0x000002D7
GetKeyState - 0x18008BD08 0x000AFB08 0x000AE308 0x00000133
SetMenu - 0x18008BD10 0x000AFB10 0x000AE310 0x00000285
SetScrollRange - 0x18008BD18 0x000AFB18 0x000AE318 0x0000029B
GetScrollRange - 0x18008BD20 0x000AFB20 0x000AE320 0x0000016A
SetScrollPos - 0x18008BD28 0x000AFB28 0x000AE328 0x0000029A
GetScrollPos - 0x18008BD30 0x000AFB30 0x000AE330 0x00000169
SetForegroundWindow - 0x18008BD38 0x000AFB38 0x000AE338 0x00000280
ShowScrollBar - 0x18008BD40 0x000AFB40 0x000AE340 0x000002BD
IsWindowVisible - 0x18008BD48 0x000AFB48 0x000AE348 0x000001CE
UpdateWindow - 0x18008BD50 0x000AFB50 0x000AE350 0x000002F1
PostMessageA - 0x18008BD58 0x000AFB58 0x000AE358 0x00000222
MessageBoxA - 0x18008BD60 0x000AFB60 0x000AE360 0x000001FC
CreateWindowExA - 0x18008BD68 0x000AFB68 0x000AE368 0x00000067
GetClassInfoExA - 0x18008BD70 0x000AFB70 0x000AE370 0x00000105
GetClassInfoA - 0x18008BD78 0x000AFB78 0x000AE378 0x00000104
GetClientRect - 0x18008BD80 0x000AFB80 0x000AE380 0x0000010F
GetDC - 0x18008BD88 0x000AFB88 0x000AE388 0x0000011C
ReleaseDC - 0x18008BD90 0x000AFB90 0x000AE390 0x00000250
InvalidateRect - 0x18008BD98 0x000AFB98 0x000AE398 0x000001AE
RegisterClassA - 0x18008BDA0 0x000AFBA0 0x000AE3A0 0x00000237
AdjustWindowRectEx - 0x18008BDA8 0x000AFBA8 0x000AE3A8 0x00000003
GetParent - 0x18008BDB0 0x000AFBB0 0x000AE3B0 0x00000157
EqualRect - 0x18008BDB8 0x000AFBB8 0x000AE3B8 0x000000EC
DeferWindowPos - 0x18008BDC0 0x000AFBC0 0x000AE3C0 0x00000097
GetScrollInfo - 0x18008BDC8 0x000AFBC8 0x000AE3C8 0x00000168
SetScrollInfo - 0x18008BDD0 0x000AFBD0 0x000AE3D0 0x00000299
CopyRect - 0x18008BDD8 0x000AFBD8 0x000AE3D8 0x0000004F
PtInRect - 0x18008BDE0 0x000AFBE0 0x000AE3E0 0x0000022D
SetWindowPlacement - 0x18008BDE8 0x000AFBE8 0x000AE3E8 0x000002AE
GetDlgCtrlID - 0x18008BDF0 0x000AFBF0 0x000AE3F0 0x00000120
DefWindowProcA - 0x18008BDF8 0x000AFBF8 0x000AE3F8 0x00000095
CallWindowProcA - 0x18008BE00 0x000AFC00 0x000AE400 0x0000001C
GetMenuBarInfo - 0x18008BE08 0x000AFC08 0x000AE408 0x0000013F
LoadAcceleratorsA - 0x18008BE10 0x000AFC10 0x000AE410 0x000001D2
InsertMenuItemA - 0x18008BE18 0x000AFC18 0x000AE418 0x000001A8
CreatePopupMenu - 0x18008BE20 0x000AFC20 0x000AE420 0x00000065
BringWindowToTop - 0x18008BE28 0x000AFC28 0x000AE428 0x00000010
TranslateAcceleratorA - 0x18008BE30 0x000AFC30 0x000AE430 0x000002DA
SetRectEmpty - 0x18008BE38 0x000AFC38 0x000AE438 0x00000298
UnregisterClassA - 0x18008BE40 0x000AFC40 0x000AE440 0x000002E6
GetDialogBaseUnits - 0x18008BE48 0x000AFC48 0x000AE448 0x0000011F
CharUpperA - 0x18008BE50 0x000AFC50 0x000AE450 0x00000037
CallNextHookEx - 0x18008BE58 0x000AFC58 0x000AE458 0x0000001B
DestroyIcon - 0x18008BE60 0x000AFC60 0x000AE460 0x0000009D
SetTimer - 0x18008BE68 0x000AFC68 0x000AE468 0x000002A4
EnableWindow - 0x18008BE70 0x000AFC70 0x000AE470 0x000000D1
DrawIcon - 0x18008BE78 0x000AFC78 0x000AE478 0x000000BF
SendMessageA - 0x18008BE80 0x000AFC80 0x000AE480 0x00000262
IsIconic - 0x18008BE88 0x000AFC88 0x000AE488 0x000001C1
LoadIconA - 0x18008BE90 0x000AFC90 0x000AE490 0x000001DA
GetSystemMetrics - 0x18008BE98 0x000AFC98 0x000AE498 0x00000171
RemoveMenu - 0x18008BEA0 0x000AFCA0 0x000AE4A0 0x00000252
GetSubMenu - 0x18008BEA8 0x000AFCA8 0x000AE4A8 0x0000016D
GetMenuItemCount - 0x18008BEB0 0x000AFCB0 0x000AE4B0 0x00000144
GetMenuItemID - 0x18008BEB8 0x000AFCB8 0x000AE4B8 0x00000145
InsertMenuA - 0x18008BEC0 0x000AFCC0 0x000AE4C0 0x000001A7
AppendMenuA - 0x18008BEC8 0x000AFCC8 0x000AE4C8 0x00000009
GetMenuStringA - 0x18008BED0 0x000AFCD0 0x000AE4D0 0x0000014A
GetMenuState - 0x18008BED8 0x000AFCD8 0x000AE4D8 0x00000149
FillRect - 0x18008BEE0 0x000AFCE0 0x000AE4E0 0x000000EF
TabbedTextOutA - 0x18008BEE8 0x000AFCE8 0x000AE4E8 0x000002CE
DrawTextA - 0x18008BEF0 0x000AFCF0 0x000AE4F0 0x000000C5
DrawTextExA - 0x18008BEF8 0x000AFCF8 0x000AE4F8 0x000000C6
GrayStringA - 0x18008BF00 0x000AFD00 0x000AE500 0x00000197
ScreenToClient - 0x18008BF08 0x000AFD08 0x000AE508 0x00000258
GetMenu - 0x18008BF10 0x000AFD10 0x000AE510 0x0000013E
GetWindowLongA - 0x18008BF18 0x000AFD18 0x000AE518 0x00000183
SetWindowLongA - 0x18008BF20 0x000AFD20 0x000AE520 0x000002AA
SetWindowPos - 0x18008BF28 0x000AFD28 0x000AE528 0x000002AF
OffsetRect - 0x18008BF30 0x000AFD30 0x000AE530 0x00000212
IntersectRect - 0x18008BF38 0x000AFD38 0x000AE538 0x000001AD
SystemParametersInfoA - 0x18008BF40 0x000AFD40 0x000AE540 0x000002CC
GetWindowPlacement - 0x18008BF48 0x000AFD48 0x000AE548 0x0000018B
GetWindowRect - 0x18008BF50 0x000AFD50 0x000AE550 0x0000018C
GetWindow - 0x18008BF58 0x000AFD58 0x000AE558 0x0000017F
GetSysColor - 0x18008BF60 0x000AFD60 0x000AE560 0x0000016E
EndPaint - 0x18008BF68 0x000AFD68 0x000AE568 0x000000D5
BeginPaint - 0x18008BF70 0x000AFD70 0x000AE570 0x0000000E
GetWindowDC - 0x18008BF78 0x000AFD78 0x000AE578 0x00000181
ClientToScreen - 0x18008BF80 0x000AFD80 0x000AE580 0x00000045
SetPropA - 0x18008BF88 0x000AFD88 0x000AE588 0x00000295
GDI32.dll (90)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
SetWindowExtEx - 0x18008B078 0x000AEE78 0x000AD678 0x00000293
ScaleWindowExtEx - 0x18008B080 0x000AEE80 0x000AD680 0x00000259
GetCurrentPositionEx - 0x18008B088 0x000AEE88 0x000AD688 0x000001AF
ArcTo - 0x18008B090 0x000AEE90 0x000AD690 0x0000000C
PolyDraw - 0x18008B098 0x000AEE98 0x000AD698 0x00000237
PolylineTo - 0x18008B0A0 0x000AEEA0 0x000AD6A0 0x0000023F
PolyBezierTo - 0x18008B0A8 0x000AEEA8 0x000AD6A8 0x00000236
ExtSelectClipRgn - 0x18008B0B0 0x000AEEB0 0x000AD6B0 0x00000121
DeleteDC - 0x18008B0B8 0x000AEEB8 0x000AD6B8 0x000000CD
CreateDIBPatternBrushPt - 0x18008B0C0 0x000AEEC0 0x000AD6C0 0x00000032
CreatePatternBrush - 0x18008B0C8 0x000AEEC8 0x000AD6C8 0x00000048
CreateBitmap - 0x18008B0D0 0x000AEED0 0x000AD6D0 0x00000028
GetStockObject - 0x18008B0D8 0x000AEED8 0x000AD6D8 0x000001F4
SelectPalette - 0x18008B0E0 0x000AEEE0 0x000AD6E0 0x0000025F
PlayMetaFileRecord - 0x18008B0E8 0x000AEEE8 0x000AD6E8 0x00000233
GetObjectType - 0x18008B0F0 0x000AEEF0 0x000AD6F0 0x000001E3
EnumMetaFile - 0x18008B0F8 0x000AEEF8 0x000AD6F8 0x00000116
OffsetWindowOrgEx - 0x18008B100 0x000AEF00 0x000AD700 0x00000226
CreatePen - 0x18008B108 0x000AEF08 0x000AD708 0x00000049
ExtCreatePen - 0x18008B110 0x000AEF10 0x000AD710 0x0000011D
CreateSolidBrush - 0x18008B118 0x000AEF18 0x000AD718 0x00000052
CreateHatchBrush - 0x18008B120 0x000AEF20 0x000AD720 0x00000041
GetDCOrgEx - 0x18008B128 0x000AEF28 0x000AD728 0x000001B1
CreateFontIndirectA - 0x18008B130 0x000AEF30 0x000AD730 0x0000003B
CreateRectRgnIndirect - 0x18008B138 0x000AEF38 0x000AD738 0x0000004E
SetRectRgn - 0x18008B140 0x000AEF40 0x000AD740 0x00000287
CombineRgn - 0x18008B148 0x000AEF48 0x000AD748 0x00000021
GetMapMode - 0x18008B150 0x000AEF50 0x000AD750 0x000001D7
PatBlt - 0x18008B158 0x000AEF58 0x000AD758 0x0000022D
DPtoLP - 0x18008B160 0x000AEF60 0x000AD760 0x00000092
GetTextExtentPoint32A - 0x18008B168 0x000AEF68 0x000AD768 0x00000204
GetCharWidthA - 0x18008B170 0x000AEF70 0x000AD770 0x000001A2
StretchDIBits - 0x18008B178 0x000AEF78 0x000AD778 0x0000029B
GetBkColor - 0x18008B180 0x000AEF80 0x000AD780 0x00000193
ScaleViewportExtEx - 0x18008B188 0x000AEF88 0x000AD788 0x00000258
SetWindowOrgEx - 0x18008B190 0x000AEF90 0x000AD790 0x00000294
SetViewportExtEx - 0x18008B198 0x000AEF98 0x000AD798 0x0000028F
GetViewportExtEx - 0x18008B1A0 0x000AEFA0 0x000AD7A0 0x0000020F
OffsetViewportOrgEx - 0x18008B1A8 0x000AEFA8 0x000AD7A8 0x00000225
SetViewportOrgEx - 0x18008B1B0 0x000AEFB0 0x000AD7B0 0x00000290
Escape - 0x18008B1B8 0x000AEFB8 0x000AD7B8 0x00000119
ExtTextOutA - 0x18008B1C0 0x000AEFC0 0x000AD7C0 0x00000122
TextOutA - 0x18008B1C8 0x000AEFC8 0x000AD7C8 0x0000029F
RectVisible - 0x18008B1D0 0x000AEFD0 0x000AD7D0 0x00000245
PtVisible - 0x18008B1D8 0x000AEFD8 0x000AD7D8 0x00000241
StartDocA - 0x18008B1E0 0x000AEFE0 0x000AD7E0 0x00000296
GetPixel - 0x18008B1E8 0x000AEFE8 0x000AD7E8 0x000001EB
PlayMetaFile - 0x18008B1F0 0x000AEFF0 0x000AD7F0 0x00000232
CreateFontA - 0x18008B1F8 0x000AEFF8 0x000AD7F8 0x0000003A
GetObjectA - 0x18008B200 0x000AF000 0x000AD800 0x000001E2
SelectClipPath - 0x18008B208 0x000AF008 0x000AD808 0x0000025B
CreateRectRgn - 0x18008B210 0x000AF010 0x000AD810 0x0000004D
GetClipRgn - 0x18008B218 0x000AF018 0x000AD818 0x000001AB
SelectClipRgn - 0x18008B220 0x000AF020 0x000AD820 0x0000025C
SetColorAdjustment - 0x18008B228 0x000AF028 0x000AD828 0x0000026A
SetArcDirection - 0x18008B230 0x000AF030 0x000AD830 0x00000261
SetMapperFlags - 0x18008B238 0x000AF038 0x000AD838 0x0000027C
SetTextCharacterExtra - 0x18008B240 0x000AF040 0x000AD840 0x0000028C
SetTextJustification - 0x18008B248 0x000AF048 0x000AD848 0x0000028E
SetTextAlign - 0x18008B250 0x000AF050 0x000AD850 0x0000028B
MoveToEx - 0x18008B258 0x000AF058 0x000AD858 0x00000221
LineTo - 0x18008B260 0x000AF060 0x000AD860 0x0000021D
OffsetClipRgn - 0x18008B268 0x000AF068 0x000AD868 0x00000223
IntersectClipRect - 0x18008B270 0x000AF070 0x000AD870 0x00000217
ExcludeClipRect - 0x18008B278 0x000AF078 0x000AD878 0x0000011C
GetClipBox - 0x18008B280 0x000AF080 0x000AD880 0x000001AA
SetMapMode - 0x18008B288 0x000AF088 0x000AD888 0x0000027B
ModifyWorldTransform - 0x18008B290 0x000AF090 0x000AD890 0x00000220
SetWorldTransform - 0x18008B298 0x000AF098 0x000AD898 0x00000295
SetGraphicsMode - 0x18008B2A0 0x000AF0A0 0x000AD8A0 0x00000274
SetTextColor - 0x18008B2A8 0x000AF0A8 0x000AD8A8 0x0000028D
SetStretchBltMode - 0x18008B2B0 0x000AF0B0 0x000AD8B0 0x00000289
SetROP2 - 0x18008B2B8 0x000AF0B8 0x000AD8B8 0x00000286
SetPolyFillMode - 0x18008B2C0 0x000AF0C0 0x000AD8C0 0x00000285
SetBkMode - 0x18008B2C8 0x000AF0C8 0x000AD8C8 0x00000266
SetBkColor - 0x18008B2D0 0x000AF0D0 0x000AD8D0 0x00000265
RestoreDC - 0x18008B2D8 0x000AF0D8 0x000AD8D8 0x00000250
SaveDC - 0x18008B2E0 0x000AF0E0 0x000AD8E0 0x00000257
CreateDCA - 0x18008B2E8 0x000AF0E8 0x000AD8E8 0x0000002F
CopyMetaFileA - 0x18008B2F0 0x000AF0F0 0x000AD8F0 0x00000026
GetDeviceCaps - 0x18008B2F8 0x000AF0F8 0x000AD8F8 0x000001B5
CreateDIBSection - 0x18008B300 0x000AF100 0x000AD900 0x00000033
DeleteObject - 0x18008B308 0x000AF108 0x000AD908 0x000000D0
SetDIBitsToDevice - 0x18008B310 0x000AF110 0x000AD910 0x00000270
GetTextMetricsA - 0x18008B318 0x000AF118 0x000AD918 0x0000020C
BitBlt - 0x18008B320 0x000AF120 0x000AD920 0x00000012
SelectObject - 0x18008B328 0x000AF128 0x000AD928 0x0000025E
CreateCompatibleDC - 0x18008B330 0x000AF130 0x000AD930 0x0000002E
CreateCompatibleBitmap - 0x18008B338 0x000AF138 0x000AD938 0x0000002D
GetWindowExtEx - 0x18008B340 0x000AF140 0x000AD940 0x00000212
COMDLG32.dll (1)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
GetFileTitleA - 0x18008B068 0x000AEE68 0x000AD668 0x00000009
WINSPOOL.DRV (3)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
DocumentPropertiesA - 0x18008BF98 0x000AFD98 0x000AE598 0x0000004D
OpenPrinterA - 0x18008BFA0 0x000AFDA0 0x000AE5A0 0x0000008E
ClosePrinter - 0x18008BFA8 0x000AFDA8 0x000AE5A8 0x0000001D
ADVAPI32.dll (12)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
RegSetValueExA - 0x18008B000 0x000AEE00 0x000AD600 0x00000277
RegCreateKeyA - 0x18008B008 0x000AEE08 0x000AD608 0x00000231
RegCreateKeyExA - 0x18008B010 0x000AEE10 0x000AD610 0x00000232
RegQueryValueA - 0x18008B018 0x000AEE18 0x000AD618 0x00000266
RegOpenKeyA - 0x18008B020 0x000AEE20 0x000AD620 0x00000259
RegEnumKeyA - 0x18008B028 0x000AEE28 0x000AD628 0x00000247
RegDeleteKeyA - 0x18008B030 0x000AEE30 0x000AD630 0x00000237
RegOpenKeyExA - 0x18008B038 0x000AEE38 0x000AD638 0x0000025A
RegQueryValueExA - 0x18008B040 0x000AEE40 0x000AD640 0x00000267
RegSetValueA - 0x18008B048 0x000AEE48 0x000AD648 0x00000276
RegCloseKey - 0x18008B050 0x000AEE50 0x000AD650 0x0000022A
RegDeleteValueA - 0x18008B058 0x000AEE58 0x000AD658 0x00000241
SHELL32.dll (4)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
ExtractIconA - 0x18008B9D8 0x000AF7D8 0x000ADFD8 0x00000028
DragFinish - 0x18008B9E0 0x000AF7E0 0x000ADFE0 0x0000001C
DragQueryFileA - 0x18008B9E8 0x000AF7E8 0x000ADFE8 0x0000001E
SHGetFileInfoA - 0x18008B9F0 0x000AF7F0 0x000ADFF0 0x000000B9
SHLWAPI.dll (6)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
PathFindFileNameA - 0x18008BA00 0x000AF800 0x000AE000 0x00000048
PathStripToRootA - 0x18008BA08 0x000AF808 0x000AE008 0x00000096
PathIsUNCA - 0x18008BA10 0x000AF810 0x000AE010 0x0000006C
PathFindExtensionA - 0x18008BA18 0x000AF818 0x000AE018 0x00000046
PathRemoveExtensionA - 0x18008BA20 0x000AF820 0x000AE020 0x00000088
PathRemoveFileSpecW - 0x18008BA28 0x000AF828 0x000AE028 0x0000008B
ole32.dll (20)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
CoDisconnectObject - 0x18008BFB8 0x000AFDB8 0x000AE5B8 0x0000001A
StringFromGUID2 - 0x18008BFC0 0x000AFDC0 0x000AE5C0 0x00000177
OleDuplicateData - 0x18008BFC8 0x000AFDC8 0x000AE5C8 0x00000122
ReleaseStgMedium - 0x18008BFD0 0x000AFDD0 0x000AE5D0 0x0000014E
CreateBindCtx - 0x18008BFD8 0x000AFDD8 0x000AE5D8 0x0000007C
CoTreatAsClass - 0x18008BFE0 0x000AFDE0 0x000AE5E0 0x0000006E
StringFromCLSID - 0x18008BFE8 0x000AFDE8 0x000AE5E8 0x00000176
CoCreateInstance - 0x18008BFF0 0x000AFDF0 0x000AE5F0 0x00000014
ReadFmtUserTypeStg - 0x18008BFF8 0x000AFDF8 0x000AE5F8 0x0000014A
OleRegGetUserType - 0x18008C000 0x000AFE00 0x000AE600 0x00000136
WriteClassStg - 0x18008C008 0x000AFE08 0x000AE608 0x00000187
WriteFmtUserTypeStg - 0x18008C010 0x000AFE10 0x000AE610 0x00000189
SetConvertStg - 0x18008C018 0x000AFE18 0x000AE618 0x00000160
CoInitialize - 0x18008C020 0x000AFE20 0x000AE620 0x00000041
CoTaskMemAlloc - 0x18008C028 0x000AFE28 0x000AE628 0x0000006A
CoTaskMemFree - 0x18008C030 0x000AFE30 0x000AE630 0x0000006B
CLSIDFromString - 0x18008C038 0x000AFE38 0x000AE638 0x0000000C
CoUninitialize - 0x18008C040 0x000AFE40 0x000AE640 0x0000006F
CoInitializeEx - 0x18008C048 0x000AFE48 0x000AE648 0x00000042
ReadClassStg - 0x18008C050 0x000AFE50 0x000AE650 0x00000148
OLEAUT32.dll (40)
»
API Name Ordinal IAT Address Thunk RVA Thunk Offset Hint
VariantClear 0x00000009 0x18008B890 0x000AF690 0x000ADE90 -
VariantChangeType 0x0000000C 0x18008B898 0x000AF698 0x000ADE98 -
VariantInit 0x00000008 0x18008B8A0 0x000AF6A0 0x000ADEA0 -
SysAllocStringLen 0x00000004 0x18008B8A8 0x000AF6A8 0x000ADEA8 -
SysStringLen 0x00000007 0x18008B8B0 0x000AF6B0 0x000ADEB0 -
SysFreeString 0x00000006 0x18008B8B8 0x000AF6B8 0x000ADEB8 -
SysAllocStringByteLen 0x00000096 0x18008B8C0 0x000AF6C0 0x000ADEC0 -
SysStringByteLen 0x00000095 0x18008B8C8 0x000AF6C8 0x000ADEC8 -
RegisterTypeLib 0x000000A3 0x18008B8D0 0x000AF6D0 0x000ADED0 -
LoadTypeLib 0x000000A1 0x18008B8D8 0x000AF6D8 0x000ADED8 -
LoadRegTypeLib 0x000000A2 0x18008B8E0 0x000AF6E0 0x000ADEE0 -
SafeArrayUnaccessData 0x00000018 0x18008B8E8 0x000AF6E8 0x000ADEE8 -
SafeArrayAccessData 0x00000017 0x18008B8F0 0x000AF6F0 0x000ADEF0 -
SafeArrayGetUBound 0x00000013 0x18008B8F8 0x000AF6F8 0x000ADEF8 -
SafeArrayGetLBound 0x00000014 0x18008B900 0x000AF700 0x000ADF00 -
SafeArrayGetElemsize 0x00000012 0x18008B908 0x000AF708 0x000ADF08 -
SafeArrayGetDim 0x00000011 0x18008B910 0x000AF710 0x000ADF10 -
SafeArrayCreate 0x0000000F 0x18008B918 0x000AF718 0x000ADF18 -
SafeArrayRedim 0x00000028 0x18008B920 0x000AF720 0x000ADF20 -
VariantCopy 0x0000000A 0x18008B928 0x000AF728 0x000ADF28 -
SafeArrayAllocData 0x00000025 0x18008B930 0x000AF730 0x000ADF30 -
SafeArrayAllocDescriptor 0x00000024 0x18008B938 0x000AF738 0x000ADF38 -
SafeArrayCopy 0x0000001B 0x18008B940 0x000AF740 0x000ADF40 -
SafeArrayGetElement 0x00000019 0x18008B948 0x000AF748 0x000ADF48 -
SafeArrayPtrOfIndex 0x00000094 0x18008B950 0x000AF750 0x000ADF50 -
SafeArrayPutElement 0x0000001A 0x18008B958 0x000AF758 0x000ADF58 -
SafeArrayLock 0x00000015 0x18008B960 0x000AF760 0x000ADF60 -
SafeArrayUnlock 0x00000016 0x18008B968 0x000AF768 0x000ADF68 -
SafeArrayDestroy 0x00000010 0x18008B970 0x000AF770 0x000ADF70 -
SafeArrayDestroyData 0x00000027 0x18008B978 0x000AF778 0x000ADF78 -
SafeArrayDestroyDescriptor 0x00000026 0x18008B980 0x000AF780 0x000ADF80 -
VariantTimeToSystemTime 0x000000B9 0x18008B988 0x000AF788 0x000ADF88 -
SystemTimeToVariantTime 0x000000B8 0x18008B990 0x000AF790 0x000ADF90 -
SysReAllocStringLen 0x00000005 0x18008B998 0x000AF798 0x000ADF98 -
VarDateFromStr 0x0000005E 0x18008B9A0 0x000AF7A0 0x000ADFA0 -
VarBstrFromCy 0x00000071 0x18008B9A8 0x000AF7A8 0x000ADFA8 -
VarBstrFromDec 0x000000E8 0x18008B9B0 0x000AF7B0 0x000ADFB0 -
VarDecFromStr 0x000000C5 0x18008B9B8 0x000AF7B8 0x000ADFB8 -
VarCyFromStr 0x00000068 0x18008B9C0 0x000AF7C0 0x000ADFC0 -
VarBstrFromDate 0x00000072 0x18008B9C8 0x000AF7C8 0x000ADFC8 -
Exports (1)
»
API Name EAT Address Ordinal
DllRegisterServer 0x000091A0 0x00000001
c:\srvsvc Dropped File Empty
Clean
...
  • Actions
»
MIME Type application/x-empty
File Size 0 Bytes
MD5 d41d8cd98f00b204e9800998ecf8427e Copy to Clipboard
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709 Copy to Clipboard
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Copy to Clipboard
SSDeep 3:: Copy to Clipboard
ImpHash -
c:\users\rdhj0cnfevzx\appdata\local\microsoft\windows\inetcache\counters.dat Modified File Stream
Clean
...
»
MIME Type application/octet-stream
File Size 128 Bytes
MD5 cc90851958032b8c8bbb7b24ec6271dd Copy to Clipboard
SHA1 e027ad2ea4049374a3b01af2e3626b667dc816bc Copy to Clipboard
SHA256 c2d814a34b184b7cdf10e4e7a4311ff15db99326d6dd8d328b53bf9e19ccf858 Copy to Clipboard
SSDeep 3:Fl: Copy to Clipboard
ImpHash -
VMRay - Analyzer - www.vmray.com
Legal Note - Privacy Policy
Function Logfile
Download-Icon
Exit-Icon

This feature requires an online-connection to the VMRay backend.

An offline version with limited functionality is also provided.
The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\". 


    

   

   

    Before
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    After
   

   

    

     

      
       This feature requires an online-connection to the VMRay backend.
      
      

      

      An offline version with limited functionality is also provided.
      

      The offline version is supported only in Mozilla Firefoxwith deactivated setting \"security.fileuri.strict_origin_policy\".
     

     

    

   

   

    

     
      

       
       
       
       
      

     
     
     
    

   

  

  

   

    

     Exit-Icon
    

    

     

      WHOIS Domain Information
     

     

      

       
        Domain Name
       
       
       
      

      

       
        WHOIS Response
       
       
        

       		
      

     

    

   

  

  

   

    
    

     Screenshot
    

    

     Expand-Icon
    

    

     Exit-Icon
    

   

   

    

     icon_left
    

    

     icon_left
    

   

   

   

   

    image