SmartHawk

2.4

中危

24 个模型检测该样本为恶意！

重新分析

下载样本

17abec09af5cfe4aac7526da945d18940e9e19df458706cbdc4abfe18a3cba46

9432d6061e33217ff0ef601c341025aa.exe

分析耗时

81s

最近分析

文件大小

2.3MB

静态报毒动态报毒 ARTEMIS BSCOPE BURDEN CHINAD CLASSIC CONFIDENCE GENERIC PUA GB HIGH CONFIDENCE SOFTCNAPP UNSAFE 更多

未检测暂无鹰眼引擎检测结果

查杀引擎	查杀结果	查杀时间	查杀版本
McAfee	Artemis!9432D6061E33	20200910	6.0.6.653
Alibaba	AdWare:Win32/Softcnapp.8ac0705c	20190527	0.3.0.5
Baidu		20190318	1.0.0.2
Avast	Win32:Adware-gen [Adw]	20200911	18.4.3895.0
Kingsoft		20200911	2013.8.14.323
Tencent		20200911	1.0.0.1
CrowdStrike	win/malicious_confidence_60% (D)	20190702	1.0

This executable is signed

This executable has a PDB path (1 个事件)

pdb_path

d:\Jenkins\workspace\srf_develop\ShuRuFa\ç¨åº\Trunk\Bin\pdbmap\WanNengWB\UserPage32.pdb

The file contains an unknown PE resource name possibly indicative of a packer (3 个事件)

resource name	PIC
resource name	XML
resource name	ZIPRES

Foreign language identified in PE resource (50 out of 60 个事件)

name

PIC

language

LANG_CHINESE

offset

0x001b7ce8

filetype

PNG image data, 85 x 85, 8-bit/color RGBA, non-interlaced

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x0000026f

name

XML

language

LANG_CHINESE

offset

0x001b7f58

filetype

XML 1.0 document, UTF-8 Unicode text, with CRLF line terminators

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000267

name

ZIPRES

language

LANG_CHINESE

offset

0x001b81c0

filetype

Zip archive data, at least v2.0 to extract

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x000479c7

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_CURSOR

language

LANG_CHINESE

offset

0x00200d14

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000134

name

RT_BITMAP

language

LANG_CHINESE

offset

0x00200f00

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000144

name

RT_BITMAP

language

LANG_CHINESE

offset

0x00200f00

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000144

name

RT_ICON

language

LANG_CHINESE

offset

0x002475ac

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x002475ac

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x002475ac

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x002475ac

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x002475ac

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_ICON

language

LANG_CHINESE

offset

0x002475ac

filetype

GLS_BINARY_LSB_FIRST

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000468

name

RT_DIALOG

language

LANG_CHINESE

offset

0x00247afc

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000034

name

RT_DIALOG

language

LANG_CHINESE

offset

0x00247afc

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000034

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_STRING

language

LANG_CHINESE

offset

0x00249200

filetype

data

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000042

name

RT_GROUP_CURSOR

language

LANG_CHINESE

offset

0x0024936c

filetype

Lotus unknown worksheet or configuration, revision 0x1

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000014

name

RT_GROUP_CURSOR

language

LANG_CHINESE

offset

0x0024936c

filetype

Lotus unknown worksheet or configuration, revision 0x1

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000014

name

RT_GROUP_CURSOR

language

LANG_CHINESE

offset

0x0024936c

filetype

Lotus unknown worksheet or configuration, revision 0x1

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000014

name

RT_GROUP_CURSOR

language

LANG_CHINESE

offset

0x0024936c

filetype

Lotus unknown worksheet or configuration, revision 0x1

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000014

name

RT_GROUP_CURSOR

language

LANG_CHINESE

offset

0x0024936c

filetype

Lotus unknown worksheet or configuration, revision 0x1

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000014

name

RT_GROUP_CURSOR

language

LANG_CHINESE

offset

0x0024936c

filetype

Lotus unknown worksheet or configuration, revision 0x1

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000014

name

RT_GROUP_CURSOR

language

LANG_CHINESE

offset

0x0024936c

filetype

Lotus unknown worksheet or configuration, revision 0x1

sublanguage

SUBLANG_CHINESE_SIMPLIFIED

size

0x00000014

Communicates with host for which no DNS query was performed (1 个事件)

host

172.217.24.14

File has been identified by 24 AntiVirus engines on VirusTotal as malicious (24 个事件)

Elastic	malicious (high confidence)
McAfee	Artemis!9432D6061E33
Cylance	Unsafe
K7AntiVirus	Adware ( 004d97001 )
Alibaba	AdWare:Win32/Softcnapp.8ac0705c
K7GW	Adware ( 004d97001 )
ESET-NOD32	a variant of Win32/Softcnapp.BD potentially unwanted
APEX	Malicious
Kaspersky	not-a-virus:HEUR:AdWare.Win32.Burden.gen
Avast	Win32:Adware-gen [Adw]
Rising	Adware.Agent!1.C6F0 (CLASSIC)
DrWeb	Adware.Softcnapp.80
Invincea	Generic PUA GB (PUA)
FireEye	Generic.mg.9432d6061e33217f
Sophos	Generic PUA GB (PUA)
ZoneAlarm	not-a-virus:HEUR:AdWare.Win32.Burden.gen
Microsoft	PUA:Win32/Softcnapp
VBA32	BScope.Adware.Softcnapp
Malwarebytes	Adware.ChinAd
Yandex	Riskware.Agent!
Fortinet	Riskware/Softcnapp
MaxSecure	Adware.not-a-virus.WIN32.AdWare.Burden.gen_b_192414
AVG	Win32:Adware-gen [Adw]
CrowdStrike	win/malicious_confidence_60% (D)

暂无二进制图像该样本未生成二进制可视化图像

暂无运行截图该样本运行过程中未生成截图

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2018-12-25 11:05:59

Imports

Library gdiplus.dll:

• 0x541b28 GdiplusShutdown

• 0x541b2c GdipFree

• 0x541b30 GdipAlloc

• 0x541b34 GdipDeleteGraphics

• 0x541b38 GdipDisposeImage

• 0x541b3c GdipGetImageWidth

• 0x541b40 GdipGetImageHeight

• 0x541b44 GdipCreateBitmapFromStream

• 0x541b48 GdipCreateBitmapFromStreamICM

• 0x541b4c GdipCreateFromHDC

• 0x541b50 GdipDrawImageRectRectI

• 0x541b54 GdipCloneImage

• 0x541b58 GdiplusStartup

Library SHLWAPI.dll:

• 0x5417bc PathFindExtensionW

• 0x5417c0 PathFindFileNameW

• 0x5417c4 PathStripToRootW

• 0x5417c8 PathIsUNCW

• 0x5417cc PathFileExistsW

Library DuiLib32.dll:

• 0x541088 ?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x54108c ?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x541090 ?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x541094 ?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x541098 ?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x54109c ?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x5410a0 ?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x5410a4 ?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x5410a8 ?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x5410ac ?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x5410b0 ?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x5410b4 ?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x5410b8 ?GetStyle@WindowImplBase@DuiLib@@UAEJXZ

• 0x5410bc ?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z

• 0x5410c0 ?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z

• 0x5410c4 ?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PB_W@Z

• 0x5410c8 ?ShowModal@CWindowWnd@DuiLib@@QAEIXZ

• 0x5410cc ?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ

• 0x5410d0 ??0WindowImplBase@DuiLib@@QAE@XZ

• 0x5410d4 ?GetHeight@CDuiRect@DuiLib@@QBEHXZ

• 0x5410d8 ?GetWidth@CDuiRect@DuiLib@@QBEHXZ

• 0x5410dc ??0CDuiRect@DuiLib@@QAE@XZ

• 0x5410e0 ?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z

• 0x5410e4 ?GetPaintWindow@CPaintManagerUI@DuiLib@@QBEPAUHWND__@@XZ

• 0x5410e8 ?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z

• 0x5410ec ?Close@CWindowWnd@DuiLib@@QAEXI@Z

• 0x5410f0 ?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z

• 0x5410f4 ?GetResourceType@WindowImplBase@DuiLib@@UBE?AW4UILIB_RESOURCETYPE@2@XZ

• 0x5410f8 ?GetZIPFileName@WindowImplBase@DuiLib@@UBE?AVCDuiString@2@XZ

• 0x5410fc ?GetResourceID@WindowImplBase@DuiLib@@UBEPB_WXZ

• 0x541100 ??8CDuiString@DuiLib@@QBE_NPB_W@Z

• 0x541104 ?SetTextColor@CLabelUI@DuiLib@@QAEXK@Z

• 0x541108 ??0CDuiString@DuiLib@@QAE@XZ

• 0x54110c ?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z

• 0x541110 ?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ

• 0x541114 ?HandleCustomMessage@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x541118 ?Navigate2@CWebBrowserUI@DuiLib@@QAEXPB_W@Z

• 0x54111c ?SetHomePage@CWebBrowserUI@DuiLib@@QAEXPB_W@Z

• 0x541120 ?SetWebBrowserEventHandler@CWebBrowserUI@DuiLib@@QAEXPAVCWebBrowserEventHandler@2@@Z

• 0x541124 ?Term@CPaintManagerUI@DuiLib@@SAXXZ

• 0x541128 ??1CDialogBuilder@DuiLib@@QAE@XZ

• 0x54112c ??1CMarkup@DuiLib@@QAE@XZ

• 0x541130 ?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PB_W@Z

• 0x541134 ?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z

• 0x541138 ??0CDialogBuilder@DuiLib@@QAE@XZ

• 0x54113c ??1CHorizontalLayoutUI@DuiLib@@UAE@XZ

• 0x541140 ??1CContainerUI@DuiLib@@UAE@XZ

• 0x541144 ??1CNotifyPump@DuiLib@@QAE@XZ

• 0x541148 ?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ

• 0x54114c ?SetName@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x541150 ?GetClass@CHorizontalLayoutUI@DuiLib@@UBEPB_WXZ

• 0x541154 ?GetInterface@CHorizontalLayoutUI@DuiLib@@UAEPAXPB_W@Z

• 0x541158 ?GetControlFlags@CHorizontalLayoutUI@DuiLib@@UBEIXZ

• 0x54115c ?Activate@CControlUI@DuiLib@@UAE_NXZ

• 0x541160 ?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ

• 0x541164 ?SetManager@CContainerUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z

• 0x541168 ?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ

• 0x54116c ?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ

• 0x541170 ?SetText@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x541174 ?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ

• 0x541178 ?SetPos@CHorizontalLayoutUI@DuiLib@@UAEXUtagRECT@@@Z

• 0x54117c ?GetWidth@CControlUI@DuiLib@@UBEHXZ

• 0x541180 ?GetHeight@CControlUI@DuiLib@@UBEHXZ

• 0x541184 ?GetX@CControlUI@DuiLib@@UBEHXZ

• 0x541188 ?GetY@CControlUI@DuiLib@@UBEHXZ

• 0x54118c ?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ

• 0x541190 ?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z

• 0x541194 ?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ

• 0x541198 ?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z

• 0x54119c ?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ

• 0x5411a0 ?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z

• 0x5411a4 ?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ

• 0x5411a8 ?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z

• 0x5411ac ?GetMinWidth@CControlUI@DuiLib@@UBEHXZ

• 0x5411b0 ?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z

• 0x5411b4 ?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ

• 0x5411b8 ?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z

• 0x5411bc ?GetMinHeight@CControlUI@DuiLib@@UBEHXZ

• 0x5411c0 ?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z

• 0x5411c4 ?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ

• 0x5411c8 ?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z

• 0x5411cc ?SetRelativePos@CControlUI@DuiLib@@UAEXUtagSIZE@@0@Z

• 0x5411d0 ?SetRelativeParentSize@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z

• 0x5411d4 ?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagTRelativePosUI@2@XZ

• 0x5411d8 ?IsRelativePos@CControlUI@DuiLib@@UBE_NXZ

• 0x5411dc ?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ

• 0x5411e0 ?SetToolTip@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x5411e4 ?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z

• 0x5411e8 ?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ

• 0x5411ec ?GetShortcut@CControlUI@DuiLib@@UBE_WXZ

• 0x5411f0 ?SetShortcut@CControlUI@DuiLib@@UAEX_W@Z

• 0x5411f4 ?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ

• 0x5411f8 ?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z

• 0x5411fc ?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ

• 0x541200 ?SetUserData@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x541204 ?GetTag@CControlUI@DuiLib@@UBEIXZ

• 0x541208 ?SetTag@CControlUI@DuiLib@@UAEXI@Z

• 0x54120c ?IsVisible@CControlUI@DuiLib@@UBE_NXZ

• 0x541210 ?SetVisible@CContainerUI@DuiLib@@UAEX_N@Z

• 0x541214 ?SetInternVisible@CContainerUI@DuiLib@@UAEX_N@Z

• 0x541218 ?IsEnabled@CControlUI@DuiLib@@UBE_NXZ

• 0x54121c ?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z

• 0x541220 ?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ

• 0x541224 ?SetMouseEnabled@CContainerUI@DuiLib@@UAEX_N@Z

• 0x541228 ?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ

• 0x54122c ?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z

• 0x541230 ?IsFocused@CControlUI@DuiLib@@UBE_NXZ

• 0x541234 ?SetFocus@CControlUI@DuiLib@@UAEXXZ

• 0x541238 ?IsFloat@CControlUI@DuiLib@@UBE_NXZ

• 0x54123c ?SetFloat@CControlUI@DuiLib@@UAEX_N@Z

• 0x541240 ?IsVisibleInParent@CControlUI@DuiLib@@UBE_NXZ

• 0x541244 ?FindControl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@P6GPAV32@PAV32@PAX@Z1I@Z

• 0x541248 ?Init@CControlUI@DuiLib@@UAEXXZ

• 0x54124c ?DoInit@CControlUI@DuiLib@@UAEXXZ

• 0x541250 ?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z

• 0x541254 ?DoEvent@CHorizontalLayoutUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z

• 0x541258 ?SetAttribute@CHorizontalLayoutUI@DuiLib@@UAEXPB_W0@Z

• 0x54125c ?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z

• 0x541260 ?DoPaint@CContainerUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z

• 0x541264 ?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x541268 ?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x54126c ?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x541270 ?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x541274 ?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x541278 ?DoPostPaint@CHorizontalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z

• 0x54127c ?GetInset@CContainerUI@DuiLib@@UBE?AUtagRECT@@XZ

• 0x541280 ?SetInset@CContainerUI@DuiLib@@UAEXUtagRECT@@@Z

• 0x541284 ?GetChildPadding@CContainerUI@DuiLib@@UBEHXZ

• 0x541288 ?SetChildPadding@CContainerUI@DuiLib@@UAEXH@Z

• 0x54128c ?IsAutoDestroy@CContainerUI@DuiLib@@UBE_NXZ

• 0x541290 ?SetAutoDestroy@CContainerUI@DuiLib@@UAEX_N@Z

• 0x541294 ?IsDelayedDestroy@CContainerUI@DuiLib@@UBE_NXZ

• 0x541298 ?SetDelayedDestroy@CContainerUI@DuiLib@@UAEX_N@Z

• 0x54129c ?IsMouseChildEnabled@CContainerUI@DuiLib@@UBE_NXZ

• 0x5412a0 ?SetMouseChildEnabled@CContainerUI@DuiLib@@UAEX_N@Z

• 0x5412a4 ?FindSelectable@CContainerUI@DuiLib@@UBEHH_N@Z

• 0x5412a8 ?GetScrollPos@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ

• 0x5412ac ?GetScrollRange@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ

• 0x5412b0 ?SetScrollPos@CContainerUI@DuiLib@@UAEXUtagSIZE@@@Z

• 0x5412b4 ?LineUp@CContainerUI@DuiLib@@UAEXXZ

• 0x5412b8 ?LineDown@CContainerUI@DuiLib@@UAEXXZ

• 0x5412bc ?PageUp@CContainerUI@DuiLib@@UAEXXZ

• 0x5412c0 ?PageDown@CContainerUI@DuiLib@@UAEXXZ

• 0x5412c4 ?HomeUp@CContainerUI@DuiLib@@UAEXXZ

• 0x5412c8 ?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x5412cc ?LineLeft@CContainerUI@DuiLib@@UAEXXZ

• 0x5412d0 ?LineRight@CContainerUI@DuiLib@@UAEXXZ

• 0x5412d4 ?PageLeft@CContainerUI@DuiLib@@UAEXXZ

• 0x5412d8 ?PageRight@CContainerUI@DuiLib@@UAEXXZ

• 0x5412dc ?HomeLeft@CContainerUI@DuiLib@@UAEXXZ

• 0x5412e0 ?EndRight@CContainerUI@DuiLib@@UAEXXZ

• 0x5412e4 ?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z

• 0x5412e8 ?GetVerticalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ

• 0x5412ec ?GetHorizontalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ

• 0x5412f0 ?SetFloatPos@CContainerUI@DuiLib@@MAEXH@Z

• 0x5412f4 ?ProcessScrollBar@CContainerUI@DuiLib@@MAEXUtagRECT@@HH@Z

• 0x5412f8 ?GetItemAt@CContainerUI@DuiLib@@UBEPAVCControlUI@2@H@Z

• 0x5412fc ?GetItemIndex@CContainerUI@DuiLib@@UBEHPAVCControlUI@2@@Z

• 0x541300 ?SetItemIndex@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z

• 0x541304 ?GetCount@CContainerUI@DuiLib@@UBEHXZ

• 0x541308 ?Add@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z

• 0x54130c ?AddAt@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@H@Z

• 0x541310 ?Remove@CContainerUI@DuiLib@@UAE_NPAVCControlUI@2@@Z

• 0x541314 ?RemoveAt@CContainerUI@DuiLib@@UAE_NH@Z

• 0x541318 ?RemoveAll@CContainerUI@DuiLib@@UAEXXZ

• 0x54131c ??0CNotifyPump@DuiLib@@QAE@XZ

• 0x541320 ??0CHorizontalLayoutUI@DuiLib@@QAE@XZ

• 0x541324 ?SetVirtualWnd@CControlUI@DuiLib@@QAEXPB_W@Z

• 0x541328 ?AddVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@PAV12@@Z

• 0x54132c ?SendMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z

• 0x541330 ?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x541334 ?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x541338 ?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x54133c ?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x541340 ?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z

• 0x541344 ?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z

• 0x541348 ?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ

• 0x54134c ?GetSuperClassName@CWindowWnd@DuiLib@@MBEPB_WXZ

• 0x541350 ?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ

• 0x541354 ??1WindowImplBase@DuiLib@@UAE@XZ

• 0x541358 ?Format@CDuiString@DuiLib@@QAAHPB_WZZ

• 0x54135c ?SetBkImage@CControlUI@DuiLib@@QAEXPB_W@Z

• 0x541360 ?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z

• 0x541364 ?GetFont@CLabelUI@DuiLib@@QBEHXZ

• 0x541368 ?GetPaintDC@CPaintManagerUI@DuiLib@@QBEPAUHDC__@@XZ

• 0x54136c ?GetFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@H@Z

• 0x541370 ??BCDuiString@DuiLib@@QBEPB_WXZ

• 0x541374 ?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z

• 0x541378 ?IsEmpty@CDuiString@DuiLib@@QBE_NXZ

• 0x54137c ??0CDuiString@DuiLib@@QAE@PB_WH@Z

• 0x541380 ??1CDuiString@DuiLib@@QAE@XZ

• 0x541384 ?messageMap@CNotifyPump@DuiLib@@1UDUI_MSGMAP@2@B

• 0x541388 ?ShowWindow@CWindowWnd@DuiLib@@QAEX_N0@Z

• 0x54138c ?PostMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z

• 0x541390 ?TranslateMessage@CPaintManagerUI@DuiLib@@SA_NQAUtagMSG@@@Z

• 0x541394 ?EndDown@CContainerUI@DuiLib@@UAEXXZ

• 0x541398 ?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x54139c ?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

Library KERNEL32.dll:

• 0x541464 GetFullPathNameW

• 0x541468 LeaveCriticalSection

• 0x54146c TlsGetValue

• 0x541470 EnterCriticalSection

• 0x541474 GlobalReAlloc

• 0x541478 GlobalHandle

• 0x54147c InitializeCriticalSection

• 0x541480 TlsAlloc

• 0x541484 TlsSetValue

• 0x541488 LocalReAlloc

• 0x54148c DeleteCriticalSection

• 0x541490 TlsFree

• 0x541494 GlobalFlags

• 0x541498 lstrlenA

• 0x54149c MoveFileW

• 0x5414a0 SetFilePointer

• 0x5414a4 FlushFileBuffers

• 0x5414a8 LockFile

• 0x5414ac UnlockFile

• 0x5414b0 SetEndOfFile

• 0x5414b4 DuplicateHandle

• 0x5414b8 FileTimeToLocalFileTime

• 0x5414bc GetStartupInfoW

• 0x5414c0 RtlUnwind

• 0x5414c4 RaiseException

• 0x5414c8 TerminateProcess

• 0x5414cc UnhandledExceptionFilter

• 0x5414d0 IsDebuggerPresent

• 0x5414d4 GetSystemTimeAsFileTime

• 0x5414d8 FindFirstFileA

• 0x5414dc HeapReAlloc

• 0x5414e0 GetDriveTypeA

• 0x5414e4 ExitThread

• 0x5414e8 ExitProcess

• 0x5414ec HeapSize

• 0x5414f0 VirtualQuery

• 0x5414f4 GetStdHandle

• 0x5414f8 GetModuleFileNameA

• 0x5414fc FreeEnvironmentStringsA

• 0x541500 GetEnvironmentStrings

• 0x541504 FreeEnvironmentStringsW

• 0x541508 GetEnvironmentStringsW

• 0x54150c GetCommandLineA

• 0x541510 SetHandleCount

• 0x541514 GetFileType

• 0x541518 GetStartupInfoA

• 0x54151c HeapDestroy

• 0x541520 HeapCreate

• 0x541524 GetCPInfo

• 0x541528 GetACP

• 0x54152c SleepEx

• 0x541530 IsValidCodePage

• 0x541534 LCMapStringA

• 0x541538 LCMapStringW

• 0x54153c GetTimeZoneInformation

• 0x541540 GetConsoleCP

• 0x541544 GetConsoleMode

• 0x541548 GetUserDefaultLCID

• 0x54154c GetLocaleInfoA

• 0x541550 EnumSystemLocalesA

• 0x541554 IsValidLocale

• 0x541558 GetStringTypeA

• 0x54155c GetStringTypeW

• 0x541560 GetFullPathNameA

• 0x541564 GetCurrentDirectoryA

• 0x541568 SetConsoleCtrlHandler

• 0x54156c SetStdHandle

• 0x541570 WriteConsoleA

• 0x541574 GetConsoleOutputCP

• 0x541578 WriteConsoleW

• 0x54157c SetEnvironmentVariableA

• 0x541580 GetFileTime

• 0x541584 GetCurrentThread

• 0x541588 ConvertDefaultLocale

• 0x54158c EnumResourceLanguagesW

• 0x541590 lstrcmpA

• 0x541594 GetLocaleInfoW

• 0x541598 CompareStringA

• 0x54159c InterlockedExchange

• 0x5415a0 GetModuleHandleA

• 0x5415a4 GetThreadLocale

• 0x5415a8 GetVersion

• 0x5415ac GlobalGetAtomNameW

• 0x5415b0 InterlockedIncrement

• 0x5415b4 FreeResource

• 0x5415b8 GlobalAddAtomW

• 0x5415bc GlobalFindAtomW

• 0x5415c0 GlobalDeleteAtom

• 0x5415c4 CompareStringW

• 0x5415c8 SetLastError

• 0x5415cc GetVersionExA

• 0x5415d0 GetTempFileNameW

• 0x5415d4 OpenFileMappingW

• 0x5415d8 CreateFileMappingW

• 0x5415dc MapViewOfFile

• 0x5415e0 UnmapViewOfFile

• 0x5415e4 lstrcmpW

• 0x5415e8 GetCommandLineW

• 0x5415ec IsBadReadPtr

• 0x5415f0 LoadLibraryA

• 0x5415f4 VirtualFree

• 0x5415f8 VirtualProtect

• 0x5415fc VirtualAlloc

• 0x541600 GetSystemDirectoryW

• 0x541604 GetVolumeInformationW

• 0x541608 MulDiv

• 0x54160c GetLongPathNameW

• 0x541610 ReleaseMutex

• 0x541614 CreateMutexW

• 0x541618 CreateFileA

• 0x54161c SetPriorityClass

• 0x541620 OutputDebugStringA

• 0x541624 DeviceIoControl

• 0x541628 ExpandEnvironmentStringsW

• 0x54162c LocalAlloc

• 0x541630 FormatMessageW

• 0x541634 InterlockedDecrement

• 0x541638 FileTimeToSystemTime

• 0x54163c LocalFree

• 0x541640 FindFirstFileW

• 0x541644 FindClose

• 0x541648 GetSystemInfo

• 0x54164c WriteFile

• 0x541650 GetFileAttributesW

• 0x541654 GetTempPathW

• 0x541658 MoveFileExW

• 0x54165c DeleteFileW

• 0x541660 CopyFileW

• 0x541664 OpenProcess

• 0x541668 GetExitCodeProcess

• 0x54166c GetTickCount

• 0x541670 GetFileSize

• 0x541674 ReadFile

• 0x541678 CreateToolhelp32Snapshot

• 0x54167c Process32FirstW

• 0x541680 Process32NextW

• 0x541684 GetPrivateProfileStringW

• 0x541688 GetEnvironmentVariableW

• 0x54168c GetVersionExW

• 0x541690 QueryPerformanceCounter

• 0x541694 SetUnhandledExceptionFilter

• 0x541698 LoadLibraryW

• 0x54169c CreateDirectoryW

• 0x5416a0 CreateFileW

• 0x5416a4 GetCurrentThreadId

• 0x5416a8 GetCurrentProcessId

• 0x5416ac GetCurrentProcess

• 0x5416b0 FreeLibrary

• 0x5416b4 SetErrorMode

• 0x5416b8 HeapAlloc

• 0x5416bc GetModuleHandleW

• 0x5416c0 GetProcAddress

• 0x5416c4 GetLastError

• 0x5416c8 GetProcessHeap

• 0x5416cc HeapFree

• 0x5416d0 CreateThread

• 0x5416d4 WaitForSingleObject

• 0x5416d8 CreateProcessW

• 0x5416dc CloseHandle

• 0x5416e0 GetWindowsDirectoryW

• 0x5416e4 GetModuleFileNameW

• 0x5416e8 GlobalAlloc

• 0x5416ec GlobalLock

• 0x5416f0 GlobalUnlock

• 0x5416f4 GlobalFree

• 0x5416f8 lstrlenW

• 0x5416fc MultiByteToWideChar

• 0x541700 FindResourceW

• 0x541704 LoadResource

• 0x541708 LockResource

• 0x54170c SizeofResource

• 0x541710 Sleep

• 0x541714 WritePrivateProfileStringW

• 0x541718 WideCharToMultiByte

• 0x54171c GetPrivateProfileIntW

• 0x541720 SetConsoleMode

• 0x541724 ReadConsoleInputA

• 0x541728 GetFileInformationByHandle

• 0x54172c FlushConsoleInputBuffer

• 0x541730 GlobalMemoryStatus

• 0x541734 WaitForMultipleObjects

• 0x541738 PeekNamedPipe

• 0x54173c GetSystemDirectoryA

• 0x541740 GetLocalTime

• 0x541744 GetOEMCP

Library USER32.dll:

• 0x5417d4 IsWindowEnabled

• 0x5417d8 IsDialogMessageW

• 0x5417dc RegisterWindowMessageW

• 0x5417e0 SendDlgItemMessageW

• 0x5417e4 SendDlgItemMessageA

• 0x5417e8 WinHelpW

• 0x5417ec GetCapture

• 0x5417f0 SetWindowsHookExW

• 0x5417f4 CallNextHookEx

• 0x5417f8 GetClassLongW

• 0x5417fc SetPropW

• 0x541800 GetPropW

• 0x541804 RemovePropW

• 0x541808 SetFocus

• 0x54180c GetWindowTextLengthW

• 0x541810 GetLastActivePopup

• 0x541814 SetActiveWindow

• 0x541818 BeginDeferWindowPos

• 0x54181c EndDeferWindowPos

• 0x541820 GetDlgItem

• 0x541824 GetTopWindow

• 0x541828 UnhookWindowsHookEx

• 0x54182c GetMessageTime

• 0x541830 GetMessagePos

• 0x541834 PeekMessageW

• 0x541838 ScrollWindow

• 0x54183c TrackPopupMenu

• 0x541840 GetKeyState

• 0x541844 SetScrollRange

• 0x541848 GetScrollRange

• 0x54184c SetScrollPos

• 0x541850 GetScrollPos

• 0x541854 ShowScrollBar

• 0x541858 GetMenu

• 0x54185c GetSubMenu

• 0x541860 GetMenuItemID

• 0x541864 GetMenuItemCount

• 0x541868 MessageBoxW

• 0x54186c GetClassInfoExW

• 0x541870 GetClassInfoW

• 0x541874 RegisterClassW

• 0x541878 GetSysColor

• 0x54187c ScreenToClient

• 0x541880 EqualRect

• 0x541884 DeferWindowPos

• 0x541888 GetScrollInfo

• 0x54188c SetScrollInfo

• 0x541890 CopyRect

• 0x541894 SystemParametersInfoA

• 0x541898 GetWindowPlacement

• 0x54189c GetWindow

• 0x5418a0 GetDlgCtrlID

• 0x5418a4 IsChild

• 0x5418a8 UpdateWindow

• 0x5418ac IsIconic

• 0x5418b0 MapWindowPoints

• 0x5418b4 SetWindowTextW

• 0x5418b8 SetTimer

• 0x5418bc KillTimer

• 0x5418c0 OffsetRect

• 0x5418c4 GetWindowRgn

• 0x5418c8 ClientToScreen

• 0x5418cc SendMessageW

• 0x5418d0 CheckMenuItem

• 0x5418d4 PostQuitMessage

• 0x5418d8 GetCursorPos

• 0x5418dc CreateWindowExW

• 0x5418e0 ShowWindow

• 0x5418e4 SetWindowPos

• 0x5418e8 DestroyWindow

• 0x5418ec MoveWindow

• 0x5418f0 GetDC

• 0x5418f4 ReleaseDC

• 0x5418f8 MonitorFromPoint

• 0x5418fc EnableMenuItem

• 0x541900 GetMenuState

• 0x541904 ModifyMenuW

• 0x541908 LoadBitmapW

• 0x54190c PtInRect

• 0x541910 SystemParametersInfoW

• 0x541914 EnumDisplayMonitors

• 0x541918 GetMonitorInfoW

• 0x54191c wsprintfW

• 0x541920 FindWindowW

• 0x541924 IsWindowVisible

• 0x541928 GetFocus

• 0x54192c GetClassNameW

• 0x541930 GetWindowRect

• 0x541934 GetDesktopWindow

• 0x541938 GetSystemMetrics

• 0x54193c GetWindowLongW

• 0x541940 SetWindowLongW

• 0x541944 FindWindowExW

• 0x541948 GetWindowTextW

• 0x54194c GetForegroundWindow

• 0x541950 GetWindowThreadProcessId

• 0x541954 AttachThreadInput

• 0x541958 SetForegroundWindow

• 0x54195c BringWindowToTop

• 0x541960 GetParent

• 0x541964 LoadIconW

• 0x541968 LoadCursorW

• 0x54196c DefWindowProcW

• 0x541970 RegisterClassExW

• 0x541974 GetMessageW

• 0x541978 TranslateMessage

• 0x54197c DispatchMessageW

• 0x541980 IsWindow

• 0x541984 AdjustWindowRectEx

• 0x541988 GetClientRect

• 0x54198c GetMenuCheckMarkDimensions

• 0x541990 SetMenuItemBitmaps

• 0x541994 IsRectEmpty

• 0x541998 FillRect

• 0x54199c PostThreadMessageW

• 0x5419a0 CharUpperW

• 0x5419a4 UnregisterClassW

• 0x5419a8 RegisterClipboardFormatW

• 0x5419ac CreateDialogIndirectParamW

• 0x5419b0 GetNextDlgTabItem

• 0x5419b4 EndDialog

• 0x5419b8 GetMenuItemInfoW

• 0x5419bc InflateRect

• 0x5419c0 GetSysColorBrush

• 0x5419c4 ShowOwnedPopups

• 0x5419c8 ValidateRect

• 0x5419cc SetWindowContextHelpId

• 0x5419d0 MapDialogRect

• 0x5419d4 CharNextW

• 0x5419d8 EndPaint

• 0x5419dc BeginPaint

• 0x5419e0 EnableWindow

• 0x5419e4 PostMessageW

• 0x5419e8 InvalidateRect

• 0x5419ec MessageBeep

• 0x5419f0 GetNextDlgGroupItem

• 0x5419f4 CallWindowProcW

• 0x5419f8 MessageBoxA

• 0x5419fc GetProcessWindowStation

• 0x541a00 GetUserObjectInformationW

• 0x541a04 UnregisterClassA

• 0x541a08 GetWindowDC

• 0x541a0c GrayStringW

• 0x541a10 DrawTextExW

• 0x541a14 DrawTextW

• 0x541a18 TabbedTextOutW

• 0x541a1c UnpackDDElParam

• 0x541a20 ReuseDDElParam

• 0x541a24 LoadMenuW

• 0x541a28 DestroyMenu

• 0x541a2c GetActiveWindow

• 0x541a30 LoadAcceleratorsW

• 0x541a34 InsertMenuItemW

• 0x541a38 CreatePopupMenu

• 0x541a3c SetRectEmpty

• 0x541a40 SetMenu

• 0x541a44 TranslateAcceleratorW

• 0x541a48 InvalidateRgn

• 0x541a4c SetRect

• 0x541a50 CopyAcceleratorTableW

• 0x541a54 ReleaseCapture

• 0x541a58 SetCursor

• 0x541a5c SetCapture

• 0x541a60 SetWindowRgn

• 0x541a64 IntersectRect

• 0x541a68 DrawIcon

Library GDI32.dll:

• 0x5413a4 GetViewportExtEx

• 0x5413a8 GetWindowExtEx

• 0x5413ac BitBlt

• 0x5413b0 GetPixel

• 0x5413b4 PtVisible

• 0x5413b8 RectVisible

• 0x5413bc TextOutW

• 0x5413c0 ExtTextOutW

• 0x5413c4 Escape

• 0x5413c8 SetViewportOrgEx

• 0x5413cc OffsetViewportOrgEx

• 0x5413d0 SetViewportExtEx

• 0x5413d4 ScaleViewportExtEx

• 0x5413d8 SetWindowExtEx

• 0x5413dc ScaleWindowExtEx

• 0x5413e0 ExtSelectClipRgn

• 0x5413e4 CreatePatternBrush

• 0x5413e8 GetStockObject

• 0x5413ec CreateSolidBrush

• 0x5413f0 GetBkColor

• 0x5413f4 GetTextColor

• 0x5413f8 CreateFontIndirectW

• 0x5413fc GetMapMode

• 0x541400 DeleteDC

• 0x541404 SetMapMode

• 0x541408 RestoreDC

• 0x54140c SaveDC

• 0x541410 CreateCompatibleBitmap

• 0x541414 GetRgnBox

• 0x541418 CreateRectRgnIndirect

• 0x54141c Ellipse

• 0x541420 LPtoDP

• 0x541424 CreateEllipticRgn

• 0x541428 CreateBitmap

• 0x54142c GetObjectW

• 0x541430 SetBkColor

• 0x541434 SetTextColor

• 0x541438 GetClipBox

• 0x54143c SetBkMode

• 0x541440 GetTextExtentPoint32W

• 0x541444 CreateRectRgn

• 0x541448 PtInRegion

• 0x54144c CreateDIBSection

• 0x541450 CreateCompatibleDC

• 0x541454 SelectObject

• 0x541458 DeleteObject

• 0x54145c GetDeviceCaps

Library comdlg32.dll:

• 0x541b20 GetFileTitleW

Library WINSPOOL.DRV:

• 0x541a8c ClosePrinter

• 0x541a90 OpenPrinterW

• 0x541a94 DocumentPropertiesW

Library ADVAPI32.dll:

• 0x541000 DeregisterEventSource

• 0x541004 ReportEventA

• 0x541008 RegisterEventSourceA

• 0x54100c RegEnumValueW

• 0x541010 RegQueryValueExW

• 0x541014 RegQueryValueW

• 0x541018 RegDeleteKeyW

• 0x54101c LookupAccountSidW

• 0x541020 GetTokenInformation

• 0x541024 RegOpenKeyW

• 0x541028 InitializeSecurityDescriptor

• 0x54102c GetSecurityDescriptorControl

• 0x541030 SetSecurityDescriptorDacl

• 0x541034 AddAccessAllowedAce

• 0x541038 AddAce

• 0x54103c EqualSid

• 0x541040 GetAce

• 0x541044 InitializeAcl

• 0x541048 GetLengthSid

• 0x54104c GetAclInformation

• 0x541050 GetSecurityDescriptorDacl

• 0x541054 LookupAccountNameW

• 0x541058 RegSetValueExW

• 0x54105c RegOpenKeyExW

• 0x541060 ImpersonateLoggedOnUser

• 0x541064 RevertToSelf

• 0x541068 RegCreateKeyExW

• 0x54106c DuplicateTokenEx

• 0x541070 OpenProcessToken

• 0x541074 RegEnumKeyW

• 0x541078 RegCloseKey

Library SHELL32.dll:

• 0x5417a4 SHGetFolderPathW

• 0x5417a8 SHGetSpecialFolderPathW

• 0x5417ac ShellExecuteW

• 0x5417b0 DragQueryFileW

• 0x5417b4 DragFinish

Library COMCTL32.dll:

• 0x541080

Library oledlg.dll:

• 0x541bb4 OleUIBusyW

Library ole32.dll:

• 0x541b68 StgOpenStorageOnILockBytes

• 0x541b6c CoGetClassObject

• 0x541b70 CoTaskMemAlloc

• 0x541b74 StgCreateDocfileOnILockBytes

• 0x541b78 OleInitialize

• 0x541b7c OleUninitialize

• 0x541b80 CoTaskMemFree

• 0x541b84 CoInitialize

• 0x541b88 CoUninitialize

• 0x541b8c CLSIDFromString

• 0x541b90 CreateStreamOnHGlobal

• 0x541b94 CoRegisterMessageFilter

• 0x541b98 CreateILockBytesOnHGlobal

• 0x541b9c CLSIDFromProgID

• 0x541ba0 CoFreeUnusedLibraries

• 0x541ba4 CoRevokeClassObject

• 0x541ba8 OleIsCurrentClipboard

• 0x541bac OleFlushClipboard

Library OLEAUT32.dll:

• 0x54174c SafeArrayGetElemsize

• 0x541750 SafeArrayGetLBound

• 0x541754 SafeArrayGetUBound

• 0x541758 SafeArrayAccessData

• 0x54175c SafeArrayUnaccessData

• 0x541760 SafeArrayDestroy

• 0x541764 SystemTimeToVariantTime

• 0x541768 VariantTimeToSystemTime

• 0x54176c SysStringLen

• 0x541770 VariantInit

• 0x541774 VariantChangeType

• 0x541778 VariantClear

• 0x54177c SysAllocString

• 0x541780 SysAllocStringLen

• 0x541784 SysFreeString

• 0x541788 SafeArrayGetDim

• 0x54178c OleCreateFontIndirect

• 0x541790 SafeArrayCreate

• 0x541794 VariantCopy

Library urlmon.dll:

• 0x541bbc URLDownloadToFileW

Library WININET.dll:

• 0x541a70 HttpQueryInfoW

• 0x541a74 InternetCloseHandle

• 0x541a78 InternetOpenUrlW

• 0x541a7c InternetReadFile

• 0x541a80 InternetSetOptionW

• 0x541a84 InternetOpenW

Library PSAPI.DLL:

• 0x54179c GetModuleFileNameExW

Library iphlpapi.dll:

• 0x541b60 GetAdaptersInfo

Library WS2_32.dll:

• 0x541a9c select

• 0x541aa0 bind

• 0x541aa4 ntohs

• 0x541aa8 getsockname

• 0x541aac send

• 0x541ab0 recv

• 0x541ab4 socket

• 0x541ab8 closesocket

• 0x541abc WSAGetLastError

• 0x541ac0 WSAStartup

• 0x541ac4 WSACleanup

• 0x541ac8 htonl

• 0x541acc __WSAFDIsSet

• 0x541ad0 gethostbyaddr

• 0x541ad4 getservbyport

• 0x541ad8 sendto

• 0x541adc recvfrom

• 0x541ae0 accept

• 0x541ae4 setsockopt

• 0x541ae8 connect

• 0x541aec WSASetLastError

• 0x541af0 ioctlsocket

• 0x541af4 gethostname

• 0x541af8 inet_addr

• 0x541afc getpeername

• 0x541b00 getsockopt

• 0x541b04 getservbyname

• 0x541b08 htons

• 0x541b0c gethostbyname

• 0x541b10 inet_ntoa

• 0x541b14 shutdown

• 0x541b18 listen

Exports

Ordinal	Address	Name
1	0x46ffd0	curl_easy_cleanup
2	0x470060	curl_easy_duphandle
3	0x498590	curl_easy_escape
4	0x470040	curl_easy_getinfo
5	0x46feb0	curl_easy_init
6	0x470300	curl_easy_pause
7	0x46ff20	curl_easy_perform
8	0x470470	curl_easy_recv
9	0x470260	curl_easy_reset
10	0x4704d0	curl_easy_send

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
teredo.ipv6.microsoft.com

TCP

No TCP connections recorded.

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	50534	114.114.114.114	53
192.168.56.101	51808	114.114.114.114	53
192.168.56.101	58367	114.114.114.114	53
192.168.56.101	60123	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138
192.168.56.101	55368	224.0.0.252	5355
192.168.56.101	56804	224.0.0.252	5355
192.168.56.101	62191	224.0.0.252	5355
192.168.56.101	63429	224.0.0.252	5355
192.168.56.101	65004	224.0.0.252	5355
192.168.56.101	1900	239.255.255.250	1900
192.168.56.101	51809	239.255.255.250	3702
192.168.56.101	51811	239.255.255.250	3702
192.168.56.101	58707	239.255.255.250	3702
192.168.56.101	60124	239.255.255.250	3702
192.168.56.101	62194	239.255.255.250	1900

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.