Malicious
Classifications
Downloader
Threat Names
Emotet Mal/HTMLGen-A
Dynamic Analysis Report
Created on 2022-11-02T12:16:09+00:00
e5d07e650a14aa03ccd91f33793842f1fe0543a8f145e480324a5e5f7bcc70b6.exe.ocx
Windows ActiveX Control (x86-64)
Remarks (1/1)
(0x02000009): DLL files normally need to be submitted with an appropriate loader. Analysis result may be incomplete if an appropriate loader was not submitted.
This is a filtered view
This list contains only the embedded files, downloaded files, and dropped files
Filters: |
There are no files for this filter
There are no files in this analysis
File Name | Category | Type | Verdict | Actions |
---|
C:\Users\RDhJ0CNFevzX\Desktop\e5d07e650a14aa03ccd91f33793842f1fe0543a8f145e480324a5e5f7bcc70b6.exe.ocx | Sample File | Binary |
Malicious
|
...
|
»
PE Information
»
Image Base | 0x10000000 |
Entry Point | 0x10024630 |
Size Of Code | 0x0004E000 |
Size Of Initialized Data | 0x00057E00 |
File Type | IMAGE_FILE_DLL |
Subsystem | IMAGE_SUBSYSTEM_WINDOWS_GUI |
Machine Type | IMAGE_FILE_MACHINE_AMD64 |
Compile Timestamp | 2022-11-01 21:56 (UTC+1) |
Sections (6)
»
Name | Virtual Address | Virtual Size | Raw Data Size | Raw Data Offset | Flags | Entropy |
---|---|---|---|---|---|---|
.text | 0x10001000 | 0x0004DF0B | 0x0004E000 | 0x00000400 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ | 6.34 |
.rdata | 0x1004F000 | 0x00017F46 | 0x00018000 | 0x0004E400 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ | 4.7 |
.data | 0x10067000 | 0x000364D0 | 0x00030400 | 0x00066400 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE | 7.76 |
.pdata | 0x1009E000 | 0x00005D84 | 0x00005E00 | 0x00096800 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ | 5.82 |
.rsrc | 0x100A4000 | 0x00006FD0 | 0x00007000 | 0x0009C600 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ | 4.13 |
.reloc | 0x100AB000 | 0x00002A2A | 0x00002C00 | 0x000A3600 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ | 2.5 |
Imports (11)
»
KERNEL32.dll (136)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
GetDriveTypeA | - | 0x1004F130 | 0x00065238 | 0x00064638 | 0x00000156 |
RaiseException | - | 0x1004F138 | 0x00065240 | 0x00064640 | 0x000002A3 |
RtlPcToFileHeader | - | 0x1004F140 | 0x00065248 | 0x00064648 | 0x000002D9 |
RtlLookupFunctionEntry | - | 0x1004F148 | 0x00065250 | 0x00064650 | 0x000002D7 |
RtlUnwindEx | - | 0x1004F150 | 0x00065258 | 0x00064658 | 0x000002DD |
ExitThread | - | 0x1004F158 | 0x00065260 | 0x00064660 | 0x000000BD |
CreateThread | - | 0x1004F160 | 0x00065268 | 0x00064668 | 0x00000071 |
HeapAlloc | - | 0x1004F168 | 0x00065270 | 0x00064670 | 0x00000212 |
HeapFree | - | 0x1004F170 | 0x00065278 | 0x00064678 | 0x00000218 |
HeapReAlloc | - | 0x1004F178 | 0x00065280 | 0x00064680 | 0x0000021C |
FlsSetValue | - | 0x1004F180 | 0x00065288 | 0x00064688 | 0x000000EF |
GetCommandLineA | - | 0x1004F188 | 0x00065290 | 0x00064690 | 0x00000113 |
GetProcessHeap | - | 0x1004F190 | 0x00065298 | 0x00064698 | 0x000001A5 |
SetStdHandle | - | 0x1004F198 | 0x000652A0 | 0x000646A0 | 0x0000033D |
GetFileType | - | 0x1004F1A0 | 0x000652A8 | 0x000646A8 | 0x00000169 |
ExitProcess | - | 0x1004F1A8 | 0x000652B0 | 0x000646B0 | 0x000000BC |
HeapSize | - | 0x1004F1B0 | 0x000652B8 | 0x000646B8 | 0x0000021E |
TerminateProcess | - | 0x1004F1B8 | 0x000652C0 | 0x000646C0 | 0x00000364 |
UnhandledExceptionFilter | - | 0x1004F1C0 | 0x000652C8 | 0x000646C8 | 0x00000374 |
SetUnhandledExceptionFilter | - | 0x1004F1C8 | 0x000652D0 | 0x000646D0 | 0x00000350 |
IsDebuggerPresent | - | 0x1004F1D0 | 0x000652D8 | 0x000646D8 | 0x00000235 |
RtlCaptureContext | - | 0x1004F1D8 | 0x000652E0 | 0x000646E0 | 0x000002D0 |
GetACP | - | 0x1004F1E0 | 0x000652E8 | 0x000646E8 | 0x00000100 |
FlsGetValue | - | 0x1004F1E8 | 0x000652F0 | 0x000646F0 | 0x000000EE |
FlsFree | - | 0x1004F1F0 | 0x000652F8 | 0x000646F8 | 0x000000ED |
FlsAlloc | - | 0x1004F1F8 | 0x00065300 | 0x00064700 | 0x000000EC |
Sleep | - | 0x1004F200 | 0x00065308 | 0x00064708 | 0x0000035C |
RtlVirtualUnwind | - | 0x1004F208 | 0x00065310 | 0x00064710 | 0x000002DE |
HeapSetInformation | - | 0x1004F210 | 0x00065318 | 0x00064718 | 0x0000021D |
HeapCreate | - | 0x1004F218 | 0x00065320 | 0x00064720 | 0x00000214 |
HeapDestroy | - | 0x1004F220 | 0x00065328 | 0x00064728 | 0x00000216 |
SetHandleCount | - | 0x1004F228 | 0x00065330 | 0x00064730 | 0x0000032A |
GetStartupInfoA | - | 0x1004F230 | 0x00065338 | 0x00064738 | 0x000001B9 |
FreeEnvironmentStringsA | - | 0x1004F238 | 0x00065340 | 0x00064740 | 0x000000F9 |
GetEnvironmentStrings | - | 0x1004F240 | 0x00065348 | 0x00064748 | 0x00000158 |
FreeEnvironmentStringsW | - | 0x1004F248 | 0x00065350 | 0x00064750 | 0x000000FA |
GetEnvironmentStringsW | - | 0x1004F250 | 0x00065358 | 0x00064758 | 0x0000015A |
QueryPerformanceCounter | - | 0x1004F258 | 0x00065360 | 0x00064760 | 0x0000029F |
GetTickCount | - | 0x1004F260 | 0x00065368 | 0x00064768 | 0x000001E1 |
GetSystemTimeAsFileTime | - | 0x1004F268 | 0x00065370 | 0x00064770 | 0x000001CC |
GetConsoleCP | - | 0x1004F270 | 0x00065378 | 0x00064778 | 0x00000125 |
GetConsoleMode | - | 0x1004F278 | 0x00065380 | 0x00064780 | 0x00000136 |
GetTimeZoneInformation | - | 0x1004F280 | 0x00065388 | 0x00064788 | 0x000001E4 |
LCMapStringA | - | 0x1004F288 | 0x00065390 | 0x00064790 | 0x00000240 |
LCMapStringW | - | 0x1004F290 | 0x00065398 | 0x00064798 | 0x00000241 |
GetStringTypeA | - | 0x1004F298 | 0x000653A0 | 0x000647A0 | 0x000001BC |
GetStringTypeW | - | 0x1004F2A0 | 0x000653A8 | 0x000647A8 | 0x000001BF |
GetUserDefaultLCID | - | 0x1004F2A8 | 0x000653B0 | 0x000647B0 | 0x000001E5 |
EnumSystemLocalesA | - | 0x1004F2B0 | 0x000653B8 | 0x000647B8 | 0x000000B2 |
IsValidLocale | - | 0x1004F2B8 | 0x000653C0 | 0x000647C0 | 0x0000023D |
IsValidCodePage | - | 0x1004F2C0 | 0x000653C8 | 0x000647C8 | 0x0000023B |
WriteConsoleA | - | 0x1004F2C8 | 0x000653D0 | 0x000647D0 | 0x0000039F |
GetConsoleOutputCP | - | 0x1004F2D0 | 0x000653D8 | 0x000647D8 | 0x00000138 |
WriteConsoleW | - | 0x1004F2D8 | 0x000653E0 | 0x000647E0 | 0x000003A9 |
GetLocaleInfoW | - | 0x1004F2E0 | 0x000653E8 | 0x000647E8 | 0x00000177 |
SetEnvironmentVariableA | - | 0x1004F2E8 | 0x000653F0 | 0x000647F0 | 0x0000031A |
GetOEMCP | - | 0x1004F2F0 | 0x000653F8 | 0x000647F8 | 0x00000195 |
GetCPInfo | - | 0x1004F2F8 | 0x00065400 | 0x00064800 | 0x00000107 |
GlobalFlags | - | 0x1004F300 | 0x00065408 | 0x00064808 | 0x00000200 |
GetCurrentDirectoryA | - | 0x1004F308 | 0x00065410 | 0x00064810 | 0x00000143 |
WritePrivateProfileStringA | - | 0x1004F310 | 0x00065418 | 0x00064818 | 0x000003AF |
GetFileTime | - | 0x1004F318 | 0x00065420 | 0x00064820 | 0x00000168 |
GetFileAttributesA | - | 0x1004F320 | 0x00065428 | 0x00064828 | 0x00000161 |
FileTimeToLocalFileTime | - | 0x1004F328 | 0x00065430 | 0x00064830 | 0x000000C7 |
CreateFileA | - | 0x1004F330 | 0x00065438 | 0x00064838 | 0x00000056 |
GetFullPathNameA | - | 0x1004F338 | 0x00065440 | 0x00064840 | 0x0000016C |
GetVolumeInformationA | - | 0x1004F340 | 0x00065448 | 0x00064848 | 0x000001ED |
FindFirstFileA | - | 0x1004F348 | 0x00065450 | 0x00064850 | 0x000000D5 |
FindClose | - | 0x1004F350 | 0x00065458 | 0x00064858 | 0x000000D1 |
GetCurrentProcess | - | 0x1004F358 | 0x00065460 | 0x00064860 | 0x00000145 |
DuplicateHandle | - | 0x1004F360 | 0x00065468 | 0x00064868 | 0x00000096 |
GetFileSize | - | 0x1004F368 | 0x00065470 | 0x00064870 | 0x00000166 |
SetEndOfFile | - | 0x1004F370 | 0x00065478 | 0x00064878 | 0x00000317 |
UnlockFile | - | 0x1004F378 | 0x00065480 | 0x00064880 | 0x00000375 |
LockFile | - | 0x1004F380 | 0x00065488 | 0x00064888 | 0x0000025F |
FlushFileBuffers | - | 0x1004F388 | 0x00065490 | 0x00064890 | 0x000000F1 |
SetFilePointer | - | 0x1004F390 | 0x00065498 | 0x00064898 | 0x00000322 |
WriteFile | - | 0x1004F398 | 0x000654A0 | 0x000648A0 | 0x000003AA |
ReadFile | - | 0x1004F3A0 | 0x000654A8 | 0x000648A8 | 0x000002B1 |
FileTimeToSystemTime | - | 0x1004F3A8 | 0x000654B0 | 0x000648B0 | 0x000000C8 |
GetThreadLocale | - | 0x1004F3B0 | 0x000654B8 | 0x000648B8 | 0x000001DC |
TlsFree | - | 0x1004F3B8 | 0x000654C0 | 0x000648C0 | 0x0000036A |
DeleteCriticalSection | - | 0x1004F3C0 | 0x000654C8 | 0x000648C8 | 0x00000084 |
LocalReAlloc | - | 0x1004F3C8 | 0x000654D0 | 0x000648D0 | 0x0000025B |
TlsSetValue | - | 0x1004F3D0 | 0x000654D8 | 0x000648D8 | 0x0000036C |
GlobalHandle | - | 0x1004F3D8 | 0x000654E0 | 0x000648E0 | 0x00000204 |
GlobalReAlloc | - | 0x1004F3E0 | 0x000654E8 | 0x000648E8 | 0x00000208 |
TlsAlloc | - | 0x1004F3E8 | 0x000654F0 | 0x000648F0 | 0x00000369 |
InitializeCriticalSection | - | 0x1004F3F0 | 0x000654F8 | 0x000648F8 | 0x00000225 |
EnterCriticalSection | - | 0x1004F3F8 | 0x00065500 | 0x00064900 | 0x0000009B |
TlsGetValue | - | 0x1004F400 | 0x00065508 | 0x00064908 | 0x0000036B |
LeaveCriticalSection | - | 0x1004F408 | 0x00065510 | 0x00064910 | 0x0000024D |
LocalAlloc | - | 0x1004F410 | 0x00065518 | 0x00064918 | 0x00000254 |
GlobalGetAtomNameA | - | 0x1004F418 | 0x00065520 | 0x00064920 | 0x00000202 |
GlobalFindAtomA | - | 0x1004F420 | 0x00065528 | 0x00064928 | 0x000001FD |
lstrcmpW | - | 0x1004F428 | 0x00065530 | 0x00064930 | 0x000003CB |
GetVersionExA | - | 0x1004F430 | 0x00065538 | 0x00064938 | 0x000001EB |
FreeResource | - | 0x1004F438 | 0x00065540 | 0x00064940 | 0x000000FD |
GetCurrentProcessId | - | 0x1004F440 | 0x00065548 | 0x00064948 | 0x00000146 |
GlobalAddAtomA | - | 0x1004F448 | 0x00065550 | 0x00064950 | 0x000001F8 |
ResumeThread | - | 0x1004F450 | 0x00065558 | 0x00064958 | 0x000002CE |
CloseHandle | - | 0x1004F458 | 0x00065560 | 0x00064960 | 0x00000036 |
GetCurrentThread | - | 0x1004F460 | 0x00065568 | 0x00064968 | 0x00000148 |
GetCurrentThreadId | - | 0x1004F468 | 0x00065570 | 0x00064970 | 0x00000149 |
ConvertDefaultLocale | - | 0x1004F470 | 0x00065578 | 0x00064978 | 0x00000042 |
EnumResourceLanguagesA | - | 0x1004F478 | 0x00065580 | 0x00064980 | 0x000000A6 |
GetLocaleInfoA | - | 0x1004F480 | 0x00065588 | 0x00064988 | 0x00000176 |
lstrcmpA | - | 0x1004F488 | 0x00065590 | 0x00064990 | 0x000003CA |
FreeLibrary | - | 0x1004F490 | 0x00065598 | 0x00064998 | 0x000000FB |
GlobalDeleteAtom | - | 0x1004F498 | 0x000655A0 | 0x000649A0 | 0x000001FC |
GlobalFree | - | 0x1004F4A0 | 0x000655A8 | 0x000649A8 | 0x00000201 |
GlobalAlloc | - | 0x1004F4A8 | 0x000655B0 | 0x000649B0 | 0x000001FA |
GlobalLock | - | 0x1004F4B0 | 0x000655B8 | 0x000649B8 | 0x00000205 |
GlobalUnlock | - | 0x1004F4B8 | 0x000655C0 | 0x000649C0 | 0x0000020C |
FormatMessageA | - | 0x1004F4C0 | 0x000655C8 | 0x000649C8 | 0x000000F6 |
LocalFree | - | 0x1004F4C8 | 0x000655D0 | 0x000649D0 | 0x00000258 |
FindResourceA | - | 0x1004F4D0 | 0x000655D8 | 0x000649D8 | 0x000000E6 |
LoadResource | - | 0x1004F4D8 | 0x000655E0 | 0x000649E0 | 0x00000253 |
LockResource | - | 0x1004F4E0 | 0x000655E8 | 0x000649E8 | 0x00000261 |
SizeofResource | - | 0x1004F4E8 | 0x000655F0 | 0x000649F0 | 0x0000035B |
MulDiv | - | 0x1004F4F0 | 0x000655F8 | 0x000649F8 | 0x00000270 |
lstrlenA | - | 0x1004F4F8 | 0x00065600 | 0x00064A00 | 0x000003D6 |
CompareStringW | - | 0x1004F500 | 0x00065608 | 0x00064A08 | 0x0000003D |
CompareStringA | - | 0x1004F508 | 0x00065610 | 0x00064A10 | 0x0000003C |
GetVersion | - | 0x1004F510 | 0x00065618 | 0x00064A18 | 0x000001EA |
WideCharToMultiByte | - | 0x1004F518 | 0x00065620 | 0x00064A20 | 0x0000039A |
MultiByteToWideChar | - | 0x1004F520 | 0x00065628 | 0x00064A28 | 0x00000271 |
GetLastError | - | 0x1004F528 | 0x00065630 | 0x00064A30 | 0x00000173 |
SetLastError | - | 0x1004F530 | 0x00065638 | 0x00064A38 | 0x0000032E |
GetProcAddress | - | 0x1004F538 | 0x00065640 | 0x00064A40 | 0x000001A2 |
GetModuleHandleA | - | 0x1004F540 | 0x00065648 | 0x00064A48 | 0x00000181 |
LoadLibraryA | - | 0x1004F548 | 0x00065650 | 0x00064A50 | 0x0000024E |
GetModuleFileNameA | - | 0x1004F550 | 0x00065658 | 0x00064A58 | 0x0000017F |
VirtualAlloc | - | 0x1004F558 | 0x00065660 | 0x00064A60 | 0x00000387 |
GetStdHandle | - | 0x1004F560 | 0x00065668 | 0x00064A68 | 0x000001BB |
WaitForSingleObject | - | 0x1004F568 | 0x00065670 | 0x00064A70 | 0x00000396 |
USER32.dll (113)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
UnregisterClassA | - | 0x1004F5C0 | 0x000656C8 | 0x00064AC8 | 0x000002BA |
DestroyMenu | - | 0x1004F5C8 | 0x000656D0 | 0x00064AD0 | 0x00000097 |
RegisterWindowMessageA | - | 0x1004F5D0 | 0x000656D8 | 0x00064AD8 | 0x0000022A |
SendDlgItemMessageA | - | 0x1004F5D8 | 0x000656E0 | 0x00064AE0 | 0x00000239 |
WinHelpA | - | 0x1004F5E0 | 0x000656E8 | 0x00064AE8 | 0x000002D8 |
GetCapture | - | 0x1004F5E8 | 0x000656F0 | 0x00064AF0 | 0x000000F3 |
GetClassLongA | - | 0x1004F5F0 | 0x000656F8 | 0x00064AF8 | 0x000000FA |
GetClassNameA | - | 0x1004F5F8 | 0x00065700 | 0x00064B00 | 0x000000FE |
GetClassLongPtrA | - | 0x1004F600 | 0x00065708 | 0x00064B08 | 0x000000FB |
SetPropA | - | 0x1004F608 | 0x00065710 | 0x00064B10 | 0x0000026F |
GetPropA | - | 0x1004F610 | 0x00065718 | 0x00064B18 | 0x0000014C |
RemovePropA | - | 0x1004F618 | 0x00065720 | 0x00064B20 | 0x0000022F |
GetForegroundWindow | - | 0x1004F620 | 0x00065728 | 0x00064B28 | 0x00000119 |
GetTopWindow | - | 0x1004F628 | 0x00065730 | 0x00064B30 | 0x00000165 |
GetWindowLongPtrA | - | 0x1004F630 | 0x00065738 | 0x00064B38 | 0x00000171 |
SetWindowLongPtrA | - | 0x1004F638 | 0x00065740 | 0x00064B40 | 0x00000286 |
GetMessageTime | - | 0x1004F640 | 0x00065748 | 0x00064B48 | 0x0000013F |
MapWindowPoints | - | 0x1004F648 | 0x00065750 | 0x00064B50 | 0x000001DD |
SetForegroundWindow | - | 0x1004F650 | 0x00065758 | 0x00064B58 | 0x0000025C |
UpdateWindow | - | 0x1004F658 | 0x00065760 | 0x00064B60 | 0x000002C3 |
GetMenu | - | 0x1004F660 | 0x00065768 | 0x00064B68 | 0x0000012E |
CreateWindowExA | - | 0x1004F668 | 0x00065770 | 0x00064B70 | 0x00000060 |
GetClassInfoExA | - | 0x1004F670 | 0x00065778 | 0x00064B78 | 0x000000F7 |
GetClassInfoA | - | 0x1004F678 | 0x00065780 | 0x00064B80 | 0x000000F6 |
RegisterClassA | - | 0x1004F680 | 0x00065788 | 0x00064B88 | 0x00000219 |
AdjustWindowRectEx | - | 0x1004F688 | 0x00065790 | 0x00064B90 | 0x00000002 |
PtInRect | - | 0x1004F690 | 0x00065798 | 0x00064B98 | 0x0000020F |
GetDlgCtrlID | - | 0x1004F698 | 0x000657A0 | 0x00064BA0 | 0x00000112 |
DefWindowProcA | - | 0x1004F6A0 | 0x000657A8 | 0x00064BA8 | 0x0000008E |
CallWindowProcA | - | 0x1004F6A8 | 0x000657B0 | 0x00064BB0 | 0x0000001B |
SetWindowPos | - | 0x1004F6B0 | 0x000657B8 | 0x00064BB8 | 0x0000028A |
SystemParametersInfoA | - | 0x1004F6B8 | 0x000657C0 | 0x00064BC0 | 0x000002A0 |
GetWindowPlacement | - | 0x1004F6C0 | 0x000657C8 | 0x00064BC8 | 0x00000177 |
GetWindowRect | - | 0x1004F6C8 | 0x000657D0 | 0x00064BD0 | 0x00000178 |
EndPaint | - | 0x1004F6D0 | 0x000657D8 | 0x00064BD8 | 0x000000C8 |
BeginPaint | - | 0x1004F6D8 | 0x000657E0 | 0x00064BE0 | 0x0000000D |
ClientToScreen | - | 0x1004F6E0 | 0x000657E8 | 0x00064BE8 | 0x00000040 |
GrayStringA | - | 0x1004F6E8 | 0x000657F0 | 0x00064BF0 | 0x00000181 |
DrawTextExA | - | 0x1004F6F0 | 0x000657F8 | 0x00064BF8 | 0x000000BD |
DrawTextA | - | 0x1004F6F8 | 0x00065800 | 0x00064C00 | 0x000000BC |
GetWindowTextA | - | 0x1004F700 | 0x00065808 | 0x00064C08 | 0x0000017B |
GetWindow | - | 0x1004F708 | 0x00065810 | 0x00064C10 | 0x0000016C |
SetFocus | - | 0x1004F710 | 0x00065818 | 0x00064C18 | 0x0000025B |
UnhookWindowsHookEx | - | 0x1004F718 | 0x00065820 | 0x00064C20 | 0x000002B5 |
ReleaseDC | - | 0x1004F720 | 0x00065828 | 0x00064C28 | 0x0000022D |
GetDesktopWindow | - | 0x1004F728 | 0x00065830 | 0x00064C30 | 0x00000110 |
SetActiveWindow | - | 0x1004F730 | 0x00065838 | 0x00064C38 | 0x00000246 |
CreateDialogIndirectParamA | - | 0x1004F738 | 0x00065840 | 0x00064C40 | 0x00000052 |
DestroyWindow | - | 0x1004F740 | 0x00065848 | 0x00064C48 | 0x00000099 |
IsWindow | - | 0x1004F748 | 0x00065850 | 0x00064C50 | 0x000001B0 |
GetDlgItem | - | 0x1004F750 | 0x00065858 | 0x00064C58 | 0x00000113 |
GetNextDlgTabItem | - | 0x1004F758 | 0x00065860 | 0x00064C60 | 0x00000145 |
EndDialog | - | 0x1004F760 | 0x00065868 | 0x00064C68 | 0x000000C6 |
GetWindowThreadProcessId | - | 0x1004F768 | 0x00065870 | 0x00064C70 | 0x0000017F |
GetWindowLongA | - | 0x1004F770 | 0x00065878 | 0x00064C78 | 0x00000170 |
GetLastActivePopup | - | 0x1004F778 | 0x00065880 | 0x00064C80 | 0x0000012A |
IsWindowEnabled | - | 0x1004F780 | 0x00065888 | 0x00064C88 | 0x000001B1 |
MessageBoxA | - | 0x1004F788 | 0x00065890 | 0x00064C90 | 0x000001E2 |
SetCursor | - | 0x1004F790 | 0x00065898 | 0x00064C98 | 0x00000252 |
SetWindowsHookExA | - | 0x1004F798 | 0x000658A0 | 0x00064CA0 | 0x00000291 |
CallNextHookEx | - | 0x1004F7A0 | 0x000658A8 | 0x00064CA8 | 0x0000001A |
GetActiveWindow | - | 0x1004F7A8 | 0x000658B0 | 0x00064CB0 | 0x000000EB |
IsWindowVisible | - | 0x1004F7B0 | 0x000658B8 | 0x00064CB8 | 0x000001B4 |
GetKeyState | - | 0x1004F7B8 | 0x000658C0 | 0x00064CC0 | 0x00000123 |
GetCursorPos | - | 0x1004F7C0 | 0x000658C8 | 0x00064CC8 | 0x0000010D |
ValidateRect | - | 0x1004F7C8 | 0x000658D0 | 0x00064CD0 | 0x000002CB |
SetMenuItemBitmaps | - | 0x1004F7D0 | 0x000658D8 | 0x00064CD8 | 0x00000266 |
GetMenuCheckMarkDimensions | - | 0x1004F7D8 | 0x000658E0 | 0x00064CE0 | 0x00000130 |
LoadBitmapA | - | 0x1004F7E0 | 0x000658E8 | 0x00064CE8 | 0x000001BB |
GetFocus | - | 0x1004F7E8 | 0x000658F0 | 0x00064CF0 | 0x00000118 |
GetParent | - | 0x1004F7F0 | 0x000658F8 | 0x00064CF8 | 0x00000147 |
ModifyMenuA | - | 0x1004F7F8 | 0x00065900 | 0x00064D00 | 0x000001EA |
EnableMenuItem | - | 0x1004F800 | 0x00065908 | 0x00064D08 | 0x000000C2 |
CheckMenuItem | - | 0x1004F808 | 0x00065910 | 0x00064D10 | 0x00000039 |
PostMessageA | - | 0x1004F810 | 0x00065918 | 0x00064D18 | 0x00000205 |
PostQuitMessage | - | 0x1004F818 | 0x00065920 | 0x00064D20 | 0x00000207 |
GetMenuState | - | 0x1004F820 | 0x00065928 | 0x00064D28 | 0x00000139 |
GetMenuItemID | - | 0x1004F828 | 0x00065930 | 0x00064D30 | 0x00000135 |
LoadCursorA | - | 0x1004F830 | 0x00065938 | 0x00064D38 | 0x000001BD |
GetSysColorBrush | - | 0x1004F838 | 0x00065940 | 0x00064D40 | 0x0000015D |
ShowWindow | - | 0x1004F840 | 0x00065948 | 0x00064D48 | 0x00000299 |
GetMenuItemCount | - | 0x1004F848 | 0x00065950 | 0x00064D50 | 0x00000134 |
GetSubMenu | - | 0x1004F850 | 0x00065958 | 0x00064D58 | 0x0000015B |
SetWindowTextA | - | 0x1004F858 | 0x00065960 | 0x00064D60 | 0x0000028D |
IsDialogMessageA | - | 0x1004F860 | 0x00065968 | 0x00064D68 | 0x000001A4 |
CharUpperA | - | 0x1004F868 | 0x00065970 | 0x00064D70 | 0x00000034 |
GetSysColor | - | 0x1004F870 | 0x00065978 | 0x00064D78 | 0x0000015C |
GetMessagePos | - | 0x1004F878 | 0x00065980 | 0x00064D80 | 0x0000013E |
DestroyIcon | - | 0x1004F880 | 0x00065988 | 0x00064D88 | 0x00000096 |
InvalidateRect | - | 0x1004F888 | 0x00065990 | 0x00064D90 | 0x00000196 |
GetDC | - | 0x1004F890 | 0x00065998 | 0x00064D98 | 0x0000010E |
ScreenToClient | - | 0x1004F898 | 0x000659A0 | 0x00064DA0 | 0x00000234 |
DrawFocusRect | - | 0x1004F8A0 | 0x000659A8 | 0x00064DA8 | 0x000000B3 |
OffsetRect | - | 0x1004F8A8 | 0x000659B0 | 0x00064DB0 | 0x000001F8 |
SetRect | - | 0x1004F8B0 | 0x000659B8 | 0x00064DB8 | 0x00000271 |
CopyRect | - | 0x1004F8B8 | 0x000659C0 | 0x00064DC0 | 0x0000004A |
DrawStateA | - | 0x1004F8C0 | 0x000659C8 | 0x00064DC8 | 0x000000BA |
EnableWindow | - | 0x1004F8C8 | 0x000659D0 | 0x00064DD0 | 0x000000C4 |
GetSystemMetrics | - | 0x1004F8D0 | 0x000659D8 | 0x00064DD8 | 0x0000015F |
LoadIconA | - | 0x1004F8D8 | 0x000659E0 | 0x00064DE0 | 0x000001C1 |
GetClientRect | - | 0x1004F8E0 | 0x000659E8 | 0x00064DE8 | 0x00000101 |
IsIconic | - | 0x1004F8E8 | 0x000659F0 | 0x00064DF0 | 0x000001A9 |
SendMessageA | - | 0x1004F8F0 | 0x000659F8 | 0x00064DF8 | 0x0000023E |
DrawIcon | - | 0x1004F8F8 | 0x00065A00 | 0x00064E00 | 0x000000B6 |
MsgWaitForMultipleObjects | - | 0x1004F900 | 0x00065A08 | 0x00064E08 | 0x000001F0 |
IsWindowUnicode | - | 0x1004F908 | 0x00065A10 | 0x00064E10 | 0x000001B3 |
GetMessageW | - | 0x1004F910 | 0x00065A18 | 0x00064E18 | 0x00000140 |
GetMessageA | - | 0x1004F918 | 0x00065A20 | 0x00064E20 | 0x0000013C |
TranslateMessage | - | 0x1004F920 | 0x00065A28 | 0x00064E28 | 0x000002B1 |
DispatchMessageW | - | 0x1004F928 | 0x00065A30 | 0x00064E30 | 0x000000A2 |
DispatchMessageA | - | 0x1004F930 | 0x00065A38 | 0x00064E38 | 0x000000A1 |
PeekMessageA | - | 0x1004F938 | 0x00065A40 | 0x00064E40 | 0x00000203 |
TabbedTextOutA | - | 0x1004F940 | 0x00065A48 | 0x00064E48 | 0x000002A2 |
GDI32.dll (25)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
ScaleWindowExtEx | - | 0x1004F060 | 0x00065168 | 0x00064568 | 0x00000209 |
DeleteDC | - | 0x1004F068 | 0x00065170 | 0x00064570 | 0x0000008C |
GetStockObject | - | 0x1004F070 | 0x00065178 | 0x00064578 | 0x000001A5 |
SetWindowExtEx | - | 0x1004F078 | 0x00065180 | 0x00064580 | 0x00000242 |
GetObjectA | - | 0x1004F080 | 0x00065188 | 0x00064588 | 0x00000195 |
ScaleViewportExtEx | - | 0x1004F088 | 0x00065190 | 0x00064590 | 0x00000208 |
SetViewportExtEx | - | 0x1004F090 | 0x00065198 | 0x00064598 | 0x0000023E |
OffsetViewportOrgEx | - | 0x1004F098 | 0x000651A0 | 0x000645A0 | 0x000001D5 |
SetViewportOrgEx | - | 0x1004F0A0 | 0x000651A8 | 0x000645A8 | 0x0000023F |
SelectObject | - | 0x1004F0A8 | 0x000651B0 | 0x000645B0 | 0x0000020E |
Escape | - | 0x1004F0B0 | 0x000651B8 | 0x000645B8 | 0x000000D4 |
ExtTextOutA | - | 0x1004F0B8 | 0x000651C0 | 0x000645C0 | 0x000000DD |
TextOutA | - | 0x1004F0C0 | 0x000651C8 | 0x000645C8 | 0x0000024E |
RectVisible | - | 0x1004F0C8 | 0x000651D0 | 0x000645D0 | 0x000001F5 |
PtVisible | - | 0x1004F0D0 | 0x000651D8 | 0x000645D8 | 0x000001F1 |
GetDeviceCaps | - | 0x1004F0D8 | 0x000651E0 | 0x000645E0 | 0x0000016B |
DeleteObject | - | 0x1004F0E0 | 0x000651E8 | 0x000645E8 | 0x0000008F |
GetClipBox | - | 0x1004F0E8 | 0x000651F0 | 0x000645F0 | 0x00000160 |
SetMapMode | - | 0x1004F0F0 | 0x000651F8 | 0x000645F8 | 0x0000022B |
SetTextColor | - | 0x1004F0F8 | 0x00065200 | 0x00064600 | 0x0000023C |
SetBkMode | - | 0x1004F100 | 0x00065208 | 0x00064608 | 0x00000216 |
SetBkColor | - | 0x1004F108 | 0x00065210 | 0x00064610 | 0x00000215 |
RestoreDC | - | 0x1004F110 | 0x00065218 | 0x00064618 | 0x00000200 |
SaveDC | - | 0x1004F118 | 0x00065220 | 0x00064620 | 0x00000207 |
CreateBitmap | - | 0x1004F120 | 0x00065228 | 0x00064628 | 0x00000027 |
comdlg32.dll (1)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
GetFileTitleA | - | 0x1004F970 | 0x00065A78 | 0x00064E78 | 0x00000007 |
WINSPOOL.DRV (3)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
ClosePrinter | - | 0x1004F950 | 0x00065A58 | 0x00064E58 | 0x0000001B |
DocumentPropertiesA | - | 0x1004F958 | 0x00065A60 | 0x00064E60 | 0x00000046 |
OpenPrinterA | - | 0x1004F960 | 0x00065A68 | 0x00064E68 | 0x0000007D |
ADVAPI32.dll (9)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
RegEnumKeyA | - | 0x1004F000 | 0x00065108 | 0x00064508 | 0x000001DD |
RegSetValueExA | - | 0x1004F008 | 0x00065110 | 0x00064510 | 0x00000204 |
RegCreateKeyExA | - | 0x1004F010 | 0x00065118 | 0x00064518 | 0x000001D1 |
RegQueryValueA | - | 0x1004F018 | 0x00065120 | 0x00064520 | 0x000001F6 |
RegCloseKey | - | 0x1004F020 | 0x00065128 | 0x00064528 | 0x000001CB |
RegDeleteKeyA | - | 0x1004F028 | 0x00065130 | 0x00064530 | 0x000001D4 |
RegOpenKeyExA | - | 0x1004F030 | 0x00065138 | 0x00064538 | 0x000001EC |
RegQueryValueExA | - | 0x1004F038 | 0x00065140 | 0x00064540 | 0x000001F7 |
RegOpenKeyA | - | 0x1004F040 | 0x00065148 | 0x00064548 | 0x000001EB |
COMCTL32.dll (1)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
ImageList_GetIconSize | - | 0x1004F050 | 0x00065158 | 0x00064558 | 0x00000047 |
SHLWAPI.dll (4)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
PathFindFileNameA | - | 0x1004F598 | 0x000656A0 | 0x00064AA0 | 0x00000031 |
PathStripToRootA | - | 0x1004F5A0 | 0x000656A8 | 0x00064AA8 | 0x0000007D |
PathFindExtensionA | - | 0x1004F5A8 | 0x000656B0 | 0x00064AB0 | 0x0000002F |
PathIsUNCA | - | 0x1004F5B0 | 0x000656B8 | 0x00064AB8 | 0x00000055 |
ole32.dll (1)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
CoLoadLibrary | - | 0x1004F980 | 0x00065A88 | 0x00064E88 | 0x00000047 |
OLEAUT32.dll (3)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
VariantClear | 0x00000009 | 0x1004F578 | 0x00065680 | 0x00064A80 | - |
VariantChangeType | 0x0000000C | 0x1004F580 | 0x00065688 | 0x00064A88 | - |
VariantInit | 0x00000008 | 0x1004F588 | 0x00065690 | 0x00064A90 | - |
urlmon.dll (1)
»
API Name | Ordinal | IAT Address | Thunk RVA | Thunk Offset | Hint |
---|---|---|---|---|---|
URLDownloadToFileA | - | 0x1004F990 | 0x00065A98 | 0x00064E98 | 0x0000004A |
Exports (1)
»
API Name | EAT Address | Ordinal |
---|---|---|
DllRegisterServer | 0x00001638 | 0x00000001 |
88eb549f6642c1ab2d38f9c15c0531d9b6a330eab6dd4b49b596bc25c03258cb | Downloaded File | Stream |
Clean
|
...
|
»