SmartHawk

3.2

中危

1 个模型检测该样本为恶意！

重新分析

下载样本

b52ed5e6ce283a8d34e4108d8f9a2d954eaabe0bea22f920e4663b1b450f11a6

ca55fc82970b5366909f617dfd76d43e.exe

分析耗时

87s

查杀引擎	查杀时间	查杀版本
McAfee	20210110	6.0.6.653
Baidu	20190318	1.0.0.2
Alibaba	20190527	0.3.0.5
Kingsoft	20210110	2017.9.26.565
Tencent	20210110	1.0.0.1
Avast	20210110	21.1.5827.0
CrowdStrike	20190702	1.0

👋 欢迎使用 ChatHawk

我是您的恶意软件分析助手，可以帮您分析和解读恶意软件报告。请随时向我提问！

🔍 主要威胁分析

⚡ 行为特征

🛡️ 防护建议

🔧 技术手段

🎯 检测方法

🤖

Static Analysis
Strings

PE Compile Time

2020-08-25 20:26:01

Imports

Library KERNEL32.dll:

• 0x5985e8 TlsAlloc

• 0x5985ec TlsGetValue

• 0x5985f0 TlsSetValue

• 0x5985f4 TlsFree

• 0x5985f8 EncodePointer

• 0x5985fc LCMapStringW

• 0x598600 GetLocaleInfoW

• 0x598604 GetCPInfo

• 0x598608 LocalFree

• 0x59860c CompareStringW

• 0x598610 FormatMessageA

• 0x598614 SleepEx

• 0x598618 VerSetConditionMask

• 0x59861c QueryPerformanceFrequency

• 0x598620 LoadLibraryW

• 0x598624 VerifyVersionInfoW

• 0x598628 QueryPerformanceCounter

• 0x59862c MoveFileExA

• 0x598630 WaitForSingleObjectEx

• 0x598634 GetEnvironmentVariableA

• 0x598638 GetFileType

• 0x59863c UnhandledExceptionFilter

• 0x598640 SetUnhandledExceptionFilter

• 0x598644 GetCurrentProcess

• 0x598648 IsProcessorFeaturePresent

• 0x59864c IsDebuggerPresent

• 0x598650 InitializeSListHead

• 0x598654 OutputDebugStringW

• 0x598658 RtlCaptureContext

• 0x59865c GetProcessId

• 0x598660 VirtualQueryEx

• 0x598664 SetNamedPipeHandleState

• 0x598668 TransactNamedPipe

• 0x59866c WaitNamedPipeW

• 0x598670 RtlUnwind

• 0x598674 GetFileInformationByHandle

• 0x598678 SystemTimeToTzSpecificLocalTime

• 0x59867c FileTimeToSystemTime

• 0x598680 ExitThread

• 0x598684 FreeLibraryAndExitThread

• 0x598688 GetModuleHandleExW

• 0x59868c MoveFileExW

• 0x598690 SetFilePointerEx

• 0x598694 ExitProcess

• 0x598698 GetConsoleMode

• 0x59869c ReadConsoleW

• 0x5986a0 GetConsoleCP

• 0x5986a4 GetTimeZoneInformation

• 0x5986a8 GetCurrentDirectoryW

• 0x5986ac GetFullPathNameW

• 0x5986b0 IsValidLocale

• 0x5986b4 GetUserDefaultLCID

• 0x5986b8 EnumSystemLocalesW

• 0x5986bc FlushFileBuffers

• 0x5986c0 FindFirstFileExW

• 0x5986c4 IsValidCodePage

• 0x5986c8 GetACP

• 0x5986cc GetOEMCP

• 0x5986d0 GetCommandLineA

• 0x5986d4 GetEnvironmentStringsW

• 0x5986d8 FreeEnvironmentStringsW

• 0x5986dc SetEnvironmentVariableW

• 0x5986e0 WriteConsoleW

• 0x5986e4 GetSystemTime

• 0x5986e8 GetTickCount64

• 0x5986ec FreeResource

• 0x5986f0 WaitForMultipleObjects

• 0x5986f4 CreateFileMappingW

• 0x5986f8 OpenEventW

• 0x5986fc UnmapViewOfFile

• 0x598700 OpenMutexW

• 0x598704 MapViewOfFile

• 0x598708 OpenFileMappingW

• 0x59870c ReleaseMutex

• 0x598710 CreateMutexW

• 0x598714 CreateThread

• 0x598718 GetCommandLineW

• 0x59871c CreateRemoteThread

• 0x598720 WriteProcessMemory

• 0x598724 VirtualAllocEx

• 0x598728 SetCurrentDirectoryW

• 0x59872c FreeLibrary

• 0x598730 GetStringTypeW

• 0x598734 GetProcAddress

• 0x598738 SetEndOfFile

• 0x59873c MultiByteToWideChar

• 0x598740 GetFullPathNameA

• 0x598744 SetStdHandle

• 0x598748 GetStdHandle

• 0x59874c PeekNamedPipe

• 0x598750 CreateTimerQueueTimer

• 0x598754 CreateTimerQueue

• 0x598758 DeleteTimerQueueEx

• 0x59875c DeleteTimerQueueTimer

• 0x598760 CreateProcessW

• 0x598764 GetStartupInfoW

• 0x598768 CreatePipe

• 0x59876c TerminateThread

• 0x598770 SetEvent

• 0x598774 ResetEvent

• 0x598778 CreateEventW

• 0x59877c GetExitCodeThread

• 0x598780 GlobalAddAtomW

• 0x598784 SetLastError

• 0x598788 lstrcpynW

• 0x59878c GetLocalTime

• 0x598790 GetCurrentProcessId

• 0x598794 GetUserDefaultUILanguage

• 0x598798 GetSystemTimeAsFileTime

• 0x59879c SetCurrentDirectoryA

• 0x5987a0 GetCurrentDirectoryA

• 0x5987a4 CreateDirectoryA

• 0x5987a8 GetModuleFileNameA

• 0x5987ac Sleep

• 0x5987b0 GetTickCount

• 0x5987b4 InitializeCriticalSectionAndSpinCount

• 0x5987b8 CreateSemaphoreW

• 0x5987bc ReleaseSemaphore

• 0x5987c0 GetCurrentThreadId

• 0x5987c4 LeaveCriticalSection

• 0x5987c8 EnterCriticalSection

• 0x5987cc InitializeCriticalSection

• 0x5987d0 GetModuleHandleW

• 0x5987d4 OutputDebugStringA

• 0x5987d8 GetPrivateProfileStringW

• 0x5987dc WritePrivateProfileStringW

• 0x5987e0 TerminateProcess

• 0x5987e4 OpenProcess

• 0x5987e8 Process32NextW

• 0x5987ec Process32FirstW

• 0x5987f0 CreateToolhelp32Snapshot

• 0x5987f4 GetExitCodeProcess

• 0x5987f8 lstrlenW

• 0x5987fc GetVersionExW

• 0x598800 GetNativeSystemInfo

• 0x598804 GetFileAttributesW

• 0x598808 GetDiskFreeSpaceExW

• 0x59880c GetDriveTypeW

• 0x598810 GetLogicalDriveStringsW

• 0x598814 GetFileSizeEx

• 0x598818 RemoveDirectoryW

• 0x59881c FindNextFileW

• 0x598820 FindClose

• 0x598824 CreateDirectoryW

• 0x598828 WriteFile

• 0x59882c SetFilePointer

• 0x598830 GetTempPathW

• 0x598834 GetProcessHeap

• 0x598838 HeapSize

• 0x59883c HeapReAlloc

• 0x598840 HeapFree

• 0x598844 HeapAlloc

• 0x598848 HeapDestroy

• 0x59884c ReadFile

• 0x598850 GetFileSize

• 0x598854 GetModuleFileNameW

• 0x598858 WaitForSingleObject

• 0x59885c FindFirstFileW

• 0x598860 SetFileAttributesW

• 0x598864 GetFileAttributesExW

• 0x598868 DeleteFileW

• 0x59886c CreateFileW

• 0x598870 CloseHandle

• 0x598874 GetSystemDirectoryW

• 0x598878 DecodePointer

• 0x59887c FindResourceExW

• 0x598880 FindResourceW

• 0x598884 SizeofResource

• 0x598888 LockResource

• 0x59888c LoadResource

• 0x598890 DeleteCriticalSection

• 0x598894 InitializeCriticalSectionEx

• 0x598898 GetLastError

• 0x59889c RaiseException

• 0x5988a0 WideCharToMultiByte

• 0x5988a4 LoadLibraryExW

Library USER32.dll:

• 0x598904 GetWindowTextW

• 0x598908 EnumWindows

• 0x59890c GetParent

• 0x598910 LoadIconW

• 0x598914 GetDC

• 0x598918 SetPropW

• 0x59891c GetClassInfoExW

• 0x598920 GetPropW

• 0x598924 SetWindowTextW

• 0x598928 SendMessageW

• 0x59892c SetForegroundWindow

• 0x598930 PostQuitMessage

• 0x598934 SetFocus

• 0x598938 RegisterHotKey

• 0x59893c UnregisterHotKey

• 0x598940 FlashWindow

• 0x598944 IsWindowEnabled

• 0x598948 ClientToScreen

• 0x59894c IsWindowVisible

• 0x598950 EnableWindow

• 0x598954 UnhookWindowsHookEx

• 0x598958 SetWindowsHookExW

• 0x59895c CallNextHookEx

• 0x598960 FlashWindowEx

• 0x598964 GetActiveWindow

• 0x598968 GetSystemMetrics

• 0x59896c GetClassNameW

• 0x598970 InvalidateRect

• 0x598974 RegisterWindowMessageW

• 0x598978 ShowWindow

• 0x59897c BroadcastSystemMessageW

• 0x598980 PostMessageW

• 0x598984 GetDlgItem

• 0x598988 GetWindowLongW

• 0x59898c IsIconic

• 0x598990 BringWindowToTop

• 0x598994 SetWindowPos

• 0x598998 IsWindow

• 0x59899c RegisterClassExW

• 0x5989a0 CreateWindowExW

• 0x5989a4 DestroyWindow

• 0x5989a8 DefWindowProcW

• 0x5989ac GetDesktopWindow

• 0x5989b0 SystemParametersInfoW

• 0x5989b4 KillTimer

• 0x5989b8 SetTimer

• 0x5989bc LoadCursorW

• 0x5989c0 BeginPaint

• 0x5989c4 EndPaint

• 0x5989c8 SetMenu

• 0x5989cc SetParent

• 0x5989d0 GetClientRect

• 0x5989d4 BeginDeferWindowPos

• 0x5989d8 DeferWindowPos

• 0x5989dc EndDeferWindowPos

• 0x5989e0 GetWindowRect

• 0x5989e4 SetWindowLongW

• 0x5989e8 GetCursorPos

• 0x5989ec MoveWindow

Library GDI32.dll:

• 0x5985c4 CreateSolidBrush

Library COMDLG32.dll:

• 0x59802c GetOpenFileNameW

Library ADVAPI32.dll:

• 0x598000 RegCreateKeyExW

• 0x598004 RegDeleteValueW

• 0x598008 SystemFunction036

• 0x59800c RegCreateKeyW

• 0x598010 RegSetValueExW

• 0x598014 RegQueryValueExW

• 0x598018 RegCloseKey

• 0x59801c RegOpenKeyExW

Library SHELL32.dll:

• 0x5988b4 SHGetFolderPathW

• 0x5988b8 ShellExecuteW

• 0x5988bc Shell_NotifyIconW

• 0x5988c0 SHBrowseForFolderW

• 0x5988c4 SHGetSpecialFolderPathW

• 0x5988c8 CommandLineToArgvW

• 0x5988cc ShellExecuteA

• 0x5988d0 SHFileOperationW

• 0x5988d4 ShellExecuteExW

• 0x5988d8 SHGetPathFromIDListW

Library ole32.dll:

• 0x598e50 CoInitialize

• 0x598e54 CoCreateInstance

• 0x598e58 CoCreateGuid

• 0x598e5c CoUninitialize

• 0x598e60 OleInitialize

• 0x598e64 OleUninitialize

Library OLEAUT32.dll:

• 0x5988ac VariantClear

Library COMCTL32.dll:

• 0x598024 _TrackMouseEvent

Library gdiplus.dll:

• 0x598abc GdipCreateMatrix2

• 0x598ac0 GdipDisposeImage

• 0x598ac4 GdipGetImageWidth

• 0x598ac8 GdipGetImageHeight

• 0x598acc GdipCreateBitmapFromScan0

• 0x598ad0 GdipGetImageGraphicsContext

• 0x598ad4 GdipDeleteGraphics

• 0x598ad8 GdipCreateFromHDC

• 0x598adc GdipSetSmoothingMode

• 0x598ae0 GdipCreatePath

• 0x598ae4 GdipDeletePath

• 0x598ae8 GdipAddPathEllipseI

• 0x598aec GdipCreateTexture

• 0x598af0 GdipDeleteBrush

• 0x598af4 GdipSetTextureTransform

• 0x598af8 GdipDeleteMatrix

• 0x598afc GdipFillPath

• 0x598b00 GdipGetSmoothingMode

• 0x598b04 GdipDrawImageRectI

Library WINMM.dll:

• 0x5989f4 timeSetEvent

Library WS2_32.dll:

• 0x598a44 sendto

• 0x598a48 recvfrom

• 0x598a4c freeaddrinfo

• 0x598a50 getaddrinfo

• 0x598a54 select

• 0x598a58 __WSAFDIsSet

• 0x598a5c ioctlsocket

• 0x598a60 listen

• 0x598a64 htonl

• 0x598a68 accept

• 0x598a6c WSACleanup

• 0x598a70 WSAStartup

• 0x598a74 WSAIoctl

• 0x598a78 WSASetLastError

• 0x598a7c setsockopt

• 0x598a80 ntohs

• 0x598a84 htons

• 0x598a88 getsockopt

• 0x598a8c getsockname

• 0x598a90 getpeername

• 0x598a94 connect

• 0x598a98 bind

• 0x598a9c WSAGetLastError

• 0x598aa0 send

• 0x598aa4 gethostname

• 0x598aa8 socket

• 0x598aac shutdown

• 0x598ab0 closesocket

• 0x598ab4 recv

Library DuiLib.dll:

• 0x598034 ?GetClientPos@CContainerUI@DuiLib@@UBE?AUtagRECT@@XZ

• 0x598038 ?SetManager@CContainerUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z

• 0x59803c ?Activate@CListContainerElementUI@DuiLib@@UAE_NXZ

• 0x598040 ?GetControlFlags@CListContainerElementUI@DuiLib@@UBEIXZ

• 0x598044 ?GetInterface@CMenuElementUI@DuiLib@@UAEPAXPB_W@Z

• 0x598048 ?GetClass@CMenuElementUI@DuiLib@@UBEPB_WXZ

• 0x59804c ?DeletePtr@CPaintManagerUI@DuiLib@@QAEXPAX@Z

• 0x598050 ??1CMenuElementUI@DuiLib@@UAE@XZ

• 0x598054 ?SetAttribute@CMenuElementUI@DuiLib@@UAEXPB_W0@Z

• 0x598058 ??0CMenuElementUI@DuiLib@@QAE@XZ

• 0x59805c ?GetMenuUI@CMenuWnd@DuiLib@@QAEPAVCMenuUI@2@XZ

• 0x598060 ?GetFont@CLabelUI@DuiLib@@QBEHXZ

• 0x598064 ?GetTextStyle@CLabelUI@DuiLib@@QBEIXZ

• 0x598068 ?GetTextSize@CRenderEngine@DuiLib@@SA?AUtagSIZE@@PAUHDC__@@PAVCPaintManagerUI@2@PB_WHI@Z

• 0x59806c ?Term@CPaintManagerUI@DuiLib@@SAXXZ

• 0x598070 ?MessageLoop@CPaintManagerUI@DuiLib@@SAXXZ

• 0x598074 ?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z

• 0x598078 ?CreateControl@CGifAnimUI@DuiLib@@SAPAVCControlUI@2@XZ

• 0x59807c ?GetInstance@CControlFactory@DuiLib@@SAPAV12@XZ

• 0x598080 ?RegistControl@CControlFactory@DuiLib@@QAEXVCDuiString@2@P6APAVCControlUI@2@XZ@Z

• 0x598084 ?SetResourceZip@CPaintManagerUI@DuiLib@@SAXPAXIPB_W@Z

• 0x598088 ?GetResourceDll@CPaintManagerUI@DuiLib@@SAPAUHINSTANCE__@@XZ

• 0x59808c ?SetResourceZip@CPaintManagerUI@DuiLib@@SAXPB_W_N0@Z

• 0x598090 ?LoadResource@CResourceManager@DuiLib@@QAEHVSTRINGorID@2@PB_W@Z

• 0x598094 ?SetResourcePath@CPaintManagerUI@DuiLib@@SAXPB_W@Z

• 0x598098 ??YCDuiString@DuiLib@@QAEABV01@PB_W@Z

• 0x59809c ?GetResourceType@CPaintManagerUI@DuiLib@@SAHXZ

• 0x5980a0 ?GetInstancePath@CPaintManagerUI@DuiLib@@SA?AVCDuiString@2@XZ

• 0x5980a4 ?SetResourceType@CPaintManagerUI@DuiLib@@SAXH@Z

• 0x5980a8 ?LoadLanguage@CResourceManager@DuiLib@@QAEHPBD@Z

• 0x5980ac ?ResizeMenu@CMenuWnd@DuiLib@@QAEXXZ

• 0x5980b0 ??1CNotifyPump@DuiLib@@QAE@XZ

• 0x5980b4 ??0CNotifyPump@DuiLib@@QAE@XZ

• 0x5980b8 ?messageMap@CNotifyPump@DuiLib@@1UDUI_MSGMAP@2@B

• 0x5980bc ??1CDialogBuilder@DuiLib@@QAE@XZ

• 0x5980c0 ?NeedUpdate@CControlUI@DuiLib@@QAEXXZ

• 0x5980c4 ?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z

• 0x5980c8 ??0CDialogBuilder@DuiLib@@QAE@XZ

• 0x5980cc ?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PB_W@Z

• 0x5980d0 ?GdiplusLoadImage@CRenderEngine@DuiLib@@SAPAVImage@Gdiplus@@PB_W@Z

• 0x5980d4 ?GetXmlPath@CResourceManager@DuiLib@@QAEPB_WPB_W@Z

• 0x5980d8 ?GetResource@CResourceManager@DuiLib@@QAEHVSTRINGorID@2@PB_WAAKPAPAE@Z

• 0x5980dc ?GetText@CResourceManager@DuiLib@@QAE?AVCDuiString@2@PB_W0@Z

• 0x5980e0 ??1CListLabelElementUI@DuiLib@@UAE@XZ

• 0x5980e4 ?DoPaint@CListLabelElementUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z

• 0x5980e8 ?EstimateSize@CListLabelElementUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z

• 0x5980ec ?SetAttribute@CListElementUI@DuiLib@@UAEXPB_W0@Z

• 0x5980f0 ?DoEvent@CListLabelElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z

• 0x5980f4 ?Invalidate@CListElementUI@DuiLib@@UAEXXZ

• 0x5980f8 ?SetEnabled@CListElementUI@DuiLib@@UAEX_N@Z

• 0x5980fc ?SetVisible@CListElementUI@DuiLib@@UAEX_N@Z

• 0x598100 ?Activate@CListElementUI@DuiLib@@UAE_NXZ

• 0x598104 ?GetControlFlags@CListElementUI@DuiLib@@UBEIXZ

• 0x598108 ?GetInterface@CListLabelElementUI@DuiLib@@UAEPAXPB_W@Z

• 0x59810c ?GetClass@CListLabelElementUI@DuiLib@@UBEPB_WXZ

• 0x598110 ?GetHotKey@CHotKeyUI@DuiLib@@QBEXAAG0@Z

• 0x598114 ?IsSelected@COptionUI@DuiLib@@QBE_NXZ

• 0x598118 ?GetWindow@CHotKeyUI@DuiLib@@QAEPAVCWindowWnd@2@XZ

• 0x59811c ?Compare@CDuiString@DuiLib@@QBEHPB_W@Z

• 0x598120 ??0CListLabelElementUI@DuiLib@@QAE@XZ

• 0x598124 ?SetHotKey@CHotKeyUI@DuiLib@@QAEXGG@Z

• 0x598128 ?Selected@COptionUI@DuiLib@@UAEX_N0@Z

• 0x59812c ?SetSelectedStateImage@COptionUI@DuiLib@@UAEXPB_W@Z

• 0x598130 ?GetSelectedStateImage@COptionUI@DuiLib@@UAEPB_WXZ

• 0x598134 ?LButtonLeave@CButtonUI@DuiLib@@UAEXUtagTNotifyUI@2@@Z

• 0x598138 ?LButtonHover@CButtonUI@DuiLib@@UAEXUtagTNotifyUI@2@@Z

• 0x59813c ?LButtonUp@CButtonUI@DuiLib@@UAEXUtagTNotifyUI@2@@Z

• 0x598140 ?LButtonDown@CButtonUI@DuiLib@@UAEXUtagTNotifyUI@2@@Z

• 0x598144 ?PaintBorder@COptionUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598148 ?PaintText@COptionUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x59814c ?PaintForeImage@COptionUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598150 ?PaintBkColor@COptionUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598154 ?SetEnabled@COptionUI@DuiLib@@UAEX_N@Z

• 0x598158 ?SetManager@COptionUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAVCControlUI@2@_N@Z

• 0x59815c ?Activate@COptionUI@DuiLib@@UAE_NXZ

• 0x598160 ?GetInterface@COptionUI@DuiLib@@UAEPAXPB_W@Z

• 0x598164 ?GetClass@COptionUI@DuiLib@@UBEPB_WXZ

• 0x598168 ?DrawImage@CControlUI@DuiLib@@QAE_NPAUHDC__@@PB_W1@Z

• 0x59816c ?SetAttribute@COptionUI@DuiLib@@UAEXPB_W0@Z

• 0x598170 ?ReleaseCapture@CPaintManagerUI@DuiLib@@QAEXXZ

• 0x598174 ?SendNotify@CPaintManagerUI@DuiLib@@QAEXPAVCControlUI@2@PB_WIJ_N@Z

• 0x598178 ??1COptionUI@DuiLib@@UAE@XZ

• 0x59817c ??0COptionUI@DuiLib@@QAE@XZ

• 0x598180 ?GetDrawInfo@CPaintManagerUI@DuiLib@@QAEPBUtagTDrawInfo@2@PB_W0@Z

• 0x598184 ?IsEmpty@CDuiString@DuiLib@@QBE_NXZ

• 0x598188 ?SetPos@CListContainerElementUI@DuiLib@@UAEXUtagRECT@@_N@Z

• 0x59818c ?GdiplusLoadImage@CRenderEngine@DuiLib@@SAPAVImage@Gdiplus@@PB_WPAVCPaintManagerUI@2@@Z

• 0x598190 ?PaintBorder@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598194 ?PaintText@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598198 ?PaintForeImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x59819c ?PaintStatusImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x5981a0 ?PaintBkColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x5981a4 ?EstimateSize@CControlUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z

• 0x5981a8 ?DoEvent@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z

• 0x5981ac ?SetEnabled@CControlUI@DuiLib@@UAEX_N@Z

• 0x5981b0 ?SetText@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x5981b4 ?Activate@CControlUI@DuiLib@@UAE_NXZ

• 0x5981b8 ?SetVisible@CListContainerElementUI@DuiLib@@UAEX_N@Z

• 0x5981bc ?SetAttribute@CControlUI@DuiLib@@UAEXPB_W0@Z

• 0x5981c0 ?GetInterface@CControlUI@DuiLib@@UAEPAXPB_W@Z

• 0x5981c4 ??1CControlUI@DuiLib@@UAE@XZ

• 0x5981c8 ??0CControlUI@DuiLib@@QAE@XZ

• 0x5981cc ??1CButtonUI@DuiLib@@UAE@XZ

• 0x5981d0 ?SetStateImage@CButtonUI@DuiLib@@UAEXPB_W@Z

• 0x5981d4 ?GetStateImage@CButtonUI@DuiLib@@UAEPB_WXZ

• 0x5981d8 ?SetHotForeImage@CButtonUI@DuiLib@@UAEXPB_W@Z

• 0x5981dc ?SetInternVisible@CContainerUI@DuiLib@@UAEX_N@Z

• 0x5981e0 ?GetHotForeImage@CButtonUI@DuiLib@@UAEPB_WXZ

• 0x5981e4 ?SetDisabledImage@CButtonUI@DuiLib@@UAEXPB_W@Z

• 0x5981e8 ?GetDisabledImage@CButtonUI@DuiLib@@UAEPB_WXZ

• 0x5981ec ?SetFocusedImage@CButtonUI@DuiLib@@UAEXPB_W@Z

• 0x5981f0 ?GetFocusedImage@CButtonUI@DuiLib@@UAEPB_WXZ

• 0x5981f4 ?SetPushedImage@CButtonUI@DuiLib@@UAEXPB_W@Z

• 0x5981f8 ?GetPushedImage@CButtonUI@DuiLib@@UAEPB_WXZ

• 0x5981fc ?SetHotImage@CButtonUI@DuiLib@@UAEXPB_W@Z

• 0x598200 ?GetHotImage@CButtonUI@DuiLib@@UAEPB_WXZ

• 0x598204 ?SetNormalImage@CButtonUI@DuiLib@@UAEXPB_W@Z

• 0x598208 ?GetNormalImage@CButtonUI@DuiLib@@UAEPB_WXZ

• 0x59820c ?SetAutoCalcHeight@CLabelUI@DuiLib@@UAEX_N@Z

• 0x598210 ?GetAutoCalcHeight@CLabelUI@DuiLib@@UBE_NXZ

• 0x598214 ?SetAutoCalcWidth@CLabelUI@DuiLib@@UAEX_N@Z

• 0x598218 ?GetAutoCalcWidth@CLabelUI@DuiLib@@UBE_NXZ

• 0x59821c ?DoPostPaint@CControlUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z

• 0x598220 ?PaintBorder@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598224 ?PaintText@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598228 ?PaintForeImage@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x59822c ?PaintForeColor@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598230 ?PaintStatusImage@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598234 ?PaintBkImage@CControlUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598238 ?PaintBkColor@CButtonUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x59823c ?DoPaint@CControlUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAV12@@Z

• 0x598240 ?Paint@CControlUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAV12@@Z

• 0x598244 ?EstimateSize@CLabelUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z

• 0x598248 ?DoEvent@CButtonUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z

• 0x59824c ?Event@CControlUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z

• 0x598250 ?DoInit@CControlUI@DuiLib@@UAEXXZ

• 0x598254 ?Init@CControlUI@DuiLib@@UAEXXZ

• 0x598258 ?Invalidate@CControlUI@DuiLib@@UAEXXZ

• 0x59825c ?FindControl@CControlUI@DuiLib@@UAEPAV12@P6GPAV12@PAV12@PAX@Z1I@Z

• 0x598260 ?SetFloat@CControlUI@DuiLib@@UAEX_N@Z

• 0x598264 ?IsFloat@CControlUI@DuiLib@@UBE_NXZ

• 0x598268 ?SetFocus@CControlUI@DuiLib@@UAEXXZ

• 0x59826c ?IsFocused@CControlUI@DuiLib@@UBE_NXZ

• 0x598270 ?SetKeyboardEnabled@CControlUI@DuiLib@@UAEX_N@Z

• 0x598274 ?IsKeyboardEnabled@CControlUI@DuiLib@@UBE_NXZ

• 0x598278 ?SetMouseEnabled@CControlUI@DuiLib@@UAEX_N@Z

• 0x59827c ?IsMouseEnabled@CControlUI@DuiLib@@UBE_NXZ

• 0x598280 ?SetEnabled@CButtonUI@DuiLib@@UAEX_N@Z

• 0x598284 ?IsEnabled@CControlUI@DuiLib@@UBE_NXZ

• 0x598288 ?SetInternVisible@CControlUI@DuiLib@@UAEX_N@Z

• 0x59828c ?SetVisible@CControlUI@DuiLib@@UAEX_N@Z

• 0x598290 ?SetTag@CControlUI@DuiLib@@UAEXI@Z

• 0x598294 ?GetTag@CControlUI@DuiLib@@UBEIXZ

• 0x598298 ?SetUserData@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x59829c ?SetContextMenuUsed@CControlUI@DuiLib@@UAEX_N@Z

• 0x5982a0 ?IsContextMenuUsed@CControlUI@DuiLib@@UBE_NXZ

• 0x5982a4 ?SetShortcut@CControlUI@DuiLib@@UAEX_W@Z

• 0x5982a8 ?GetShortcut@CControlUI@DuiLib@@UBE_WXZ

• 0x5982ac ?SetCursor@CControlUI@DuiLib@@UAEXG@Z

• 0x5982b0 ?GetCursor@CControlUI@DuiLib@@UAEGXZ

• 0x5982b4 ?GetToolTipCallback@CControlUI@DuiLib@@UBEPAVIToolTipCallBack@2@XZ

• 0x5982b8 ?SetToolTipCallBack@CControlUI@DuiLib@@UAEXPAVIToolTipCallBack@2@@Z

• 0x5982bc ?GetUserToolTipXml@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ

• 0x5982c0 ?SetUserToolTipXml@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x5982c4 ?GetToolTipWidth@CControlUI@DuiLib@@UAEHXZ

• 0x5982c8 ?SetToolTipWidth@CControlUI@DuiLib@@UAEXH@Z

• 0x5982cc ?SetToolTip@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x5982d0 ?GetToolTip@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ

• 0x5982d4 ?GetFloatAlign@CControlUI@DuiLib@@UBEIXZ

• 0x5982d8 ?SetFloatAlign@CControlUI@DuiLib@@UAEXI@Z

• 0x5982dc ?SetFloatPercent@CControlUI@DuiLib@@UAEXUtagTPercentInfo@2@@Z

• 0x5982e0 ?GetFloatPercent@CControlUI@DuiLib@@UBE?AUtagTPercentInfo@2@XZ

• 0x5982e4 ?SetMaxHeight@CControlUI@DuiLib@@UAEXH@Z

• 0x5982e8 ?GetBkImage@CControlUI@DuiLib@@QAEPB_WXZ

• 0x5982ec ?Move@CContainerUI@DuiLib@@UAEXUtagSIZE@@_N@Z

• 0x5982f0 ?SetEnabled@CListContainerElementUI@DuiLib@@UAEX_N@Z

• 0x5982f4 ?SetMouseEnabled@CContainerUI@DuiLib@@UAEX_N@Z

• 0x5982f8 ?FindControl@CContainerUI@DuiLib@@UAEPAVCControlUI@2@P6GPAV32@PAV32@PAX@Z1I@Z

• 0x5982fc ?Invalidate@CListContainerElementUI@DuiLib@@UAEXXZ

• 0x598300 ?DoEvent@CMenuElementUI@DuiLib@@UAEXAAUtagTEventUI@2@@Z

• 0x598304 ?EstimateSize@CMenuElementUI@DuiLib@@UAE?AUtagSIZE@@U3@@Z

• 0x598308 ?DoPaint@CMenuElementUI@DuiLib@@UAE_NPAUHDC__@@ABUtagRECT@@PAVCControlUI@2@@Z

• 0x59830c ?DoPostPaint@CHorizontalLayoutUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z

• 0x598310 ?GetInset@CContainerUI@DuiLib@@UBE?AUtagRECT@@XZ

• 0x598314 ?SetInset@CContainerUI@DuiLib@@UAEXUtagRECT@@@Z

• 0x598318 ?GetChildPadding@CContainerUI@DuiLib@@UBEHXZ

• 0x59831c ?GetMaxHeight@CControlUI@DuiLib@@UBEHXZ

• 0x598320 ?SetMinHeight@CControlUI@DuiLib@@UAEXH@Z

• 0x598324 ?GetMinHeight@CControlUI@DuiLib@@UBEHXZ

• 0x598328 ?SetMaxWidth@CControlUI@DuiLib@@UAEXH@Z

• 0x59832c ?GetMaxWidth@CControlUI@DuiLib@@UBEHXZ

• 0x598330 ?SetMinWidth@CControlUI@DuiLib@@UAEXH@Z

• 0x598334 ?GetMinWidth@CControlUI@DuiLib@@UBEHXZ

• 0x598338 ?SetFixedHeight@CControlUI@DuiLib@@UAEXH@Z

• 0x59833c ?SetFixedWidth@CControlUI@DuiLib@@UAEXH@Z

• 0x598340 ?SetFixedXY@CControlUI@DuiLib@@UAEXUtagSIZE@@@Z

• 0x598344 ?GetFixedXY@CControlUI@DuiLib@@UBE?AUtagSIZE@@XZ

• 0x598348 ?SetPadding@CControlUI@DuiLib@@UAEXUtagRECT@@@Z

• 0x59834c ?GetPadding@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ

• 0x598350 ?GetY@CControlUI@DuiLib@@UBEHXZ

• 0x598354 ?GetX@CControlUI@DuiLib@@UBEHXZ

• 0x598358 ?GetHeight@CControlUI@DuiLib@@UBEHXZ

• 0x59835c ?GetWidth@CControlUI@DuiLib@@UBEHXZ

• 0x598360 ?Move@CControlUI@DuiLib@@UAEXUtagSIZE@@_N@Z

• 0x598364 ?SetPos@CControlUI@DuiLib@@UAEXUtagRECT@@_N@Z

• 0x598368 ?SetOpacity@CPaintManagerUI@DuiLib@@QAEXE@Z

• 0x59836c ??HCDuiString@DuiLib@@QBE?AV01@PB_W@Z

• 0x598370 ?DrawItemBk@CListContainerElementUI@DuiLib@@UAEXPAUHDC__@@ABUtagRECT@@@Z

• 0x598374 ?ProcessScrollBar@CContainerUI@DuiLib@@MAEXUtagRECT@@HH@Z

• 0x598378 ?SetFloatPos@CContainerUI@DuiLib@@MAEXH@Z

• 0x59837c ?GetControlFlags@CControlUI@DuiLib@@UBEIXZ

• 0x598380 ?PaintStatusImage@COptionUI@DuiLib@@UAEXPAUHDC__@@@Z

• 0x598384 ?GetHorizontalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ

• 0x598388 ?GetVerticalScrollBar@CContainerUI@DuiLib@@UBEPAVCScrollBarUI@2@XZ

• 0x59838c ?EnableScrollBar@CContainerUI@DuiLib@@UAEX_N0@Z

• 0x598390 ?EndRight@CContainerUI@DuiLib@@UAEXXZ

• 0x598394 ?HomeLeft@CContainerUI@DuiLib@@UAEXXZ

• 0x598398 ?PageRight@CContainerUI@DuiLib@@UAEXXZ

• 0x59839c ?PageLeft@CContainerUI@DuiLib@@UAEXXZ

• 0x5983a0 ?LineRight@CContainerUI@DuiLib@@UAEXXZ

• 0x5983a4 ?LineLeft@CContainerUI@DuiLib@@UAEXXZ

• 0x5983a8 ?EndDown@CContainerUI@DuiLib@@UAEXXZ

• 0x5983ac ?HomeUp@CContainerUI@DuiLib@@UAEXXZ

• 0x5983b0 ?PageDown@CContainerUI@DuiLib@@UAEXXZ

• 0x5983b4 ?PageUp@CContainerUI@DuiLib@@UAEXXZ

• 0x5983b8 ?LineDown@CContainerUI@DuiLib@@UAEXXZ

• 0x5983bc ?LineUp@CContainerUI@DuiLib@@UAEXXZ

• 0x5983c0 ?GetScrollStepSize@CContainerUI@DuiLib@@UBEHXZ

• 0x5983c4 ?SetScrollStepSize@CContainerUI@DuiLib@@UAEXH@Z

• 0x5983c8 ?SetScrollPos@CContainerUI@DuiLib@@UAEXUtagSIZE@@_N@Z

• 0x5983cc ?GetScrollRange@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ

• 0x5983d0 ?GetScrollPos@CContainerUI@DuiLib@@UBE?AUtagSIZE@@XZ

• 0x5983d4 ?FindSelectable@CContainerUI@DuiLib@@UBEHH_N@Z

• 0x5983d8 ?SetMouseChildEnabled@CContainerUI@DuiLib@@UAEX_N@Z

• 0x5983dc ?IsMouseChildEnabled@CContainerUI@DuiLib@@UBE_NXZ

• 0x5983e0 ?SetDelayedDestroy@CContainerUI@DuiLib@@UAEX_N@Z

• 0x5983e4 ?IsDelayedDestroy@CContainerUI@DuiLib@@UBE_NXZ

• 0x5983e8 ?SetAutoDestroy@CContainerUI@DuiLib@@UAEX_N@Z

• 0x5983ec ?IsAutoDestroy@CContainerUI@DuiLib@@UBE_NXZ

• 0x5983f0 ?SetChildVAlign@CContainerUI@DuiLib@@UAEXI@Z

• 0x5983f4 ?GetChildVAlign@CContainerUI@DuiLib@@UBEIXZ

• 0x5983f8 ?SetChildAlign@CContainerUI@DuiLib@@UAEXI@Z

• 0x5983fc ?GetChildAlign@CContainerUI@DuiLib@@UBEIXZ

• 0x598400 ??0WindowImplBase@DuiLib@@QAE@XZ

• 0x598404 ??1WindowImplBase@DuiLib@@UAE@XZ

• 0x598408 ?ReloadText@CResourceManager@DuiLib@@QAEXXZ

• 0x59840c ?GetInstance@CResourceManager@DuiLib@@SAPAV12@XZ

• 0x598410 ?NeedUpdate@CPaintManagerUI@DuiLib@@QAEXXZ

• 0x598414 ?ShowWindow@CWindowWnd@DuiLib@@QAEX_N0@Z

• 0x598418 ?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z

• 0x59841c ?GetSuperClassName@CWindowWnd@DuiLib@@MBEPB_WXZ

• 0x598420 ?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ

• 0x598424 ?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z

• 0x598428 ?InitResource@WindowImplBase@DuiLib@@UAEXXZ

• 0x59842c ?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z

• 0x598430 ?IsInStaticControl@WindowImplBase@DuiLib@@MAEHPAVCControlUI@2@@Z

• 0x598434 ?GetSkinType@WindowImplBase@DuiLib@@MAE?AVCDuiString@2@XZ

• 0x598438 ?GetManagerName@WindowImplBase@DuiLib@@MAEPB_WXZ

• 0x59843c ?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z

• 0x598440 ?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598444 ?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598448 ?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x59844c ?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598450 ?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598454 ?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598458 ?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x59845c ?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598460 ?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598464 ?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598468 ?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x59846c ?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598470 ?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598474 ?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598478 ?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x59847c ?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598480 ?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598484 ?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x598488 ?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z

• 0x59848c ?GetStyle@WindowImplBase@DuiLib@@UAEJXZ

• 0x598490 ?GetMessageMap@WindowImplBase@DuiLib@@MBEPBUDUI_MSGMAP@2@XZ

• 0x598494 ?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z

• 0x598498 ?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z

• 0x59849c ?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PB_W@Z

• 0x5984a0 ?QueryControlText@WindowImplBase@DuiLib@@UAEPB_WPB_W0@Z

• 0x5984a4 ?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ

• 0x5984a8 ?PostMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z

• 0x5984ac ?messageMap@WindowImplBase@DuiLib@@1UDUI_MSGMAP@2@B

• 0x5984b0 ??0CDuiString@DuiLib@@QAE@PB_WH@Z

• 0x5984b4 ??1CDuiString@DuiLib@@QAE@XZ

• 0x5984b8 ??8CDuiString@DuiLib@@QBE_NPB_W@Z

• 0x5984bc ?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z

• 0x5984c0 ?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z

• 0x5984c4 ?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ

• 0x5984c8 ?SendMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z

• 0x5984cc ??BCDuiString@DuiLib@@QBEPB_WXZ

• 0x5984d0 ??0CDuiRect@DuiLib@@QAE@XZ

• 0x5984d4 ?GetHeight@CDuiRect@DuiLib@@QBEHXZ

• 0x5984d8 ?GetWidth@CDuiRect@DuiLib@@QBEHXZ

• 0x5984dc ?Close@CWindowWnd@DuiLib@@QAEXI@Z

• 0x5984e0 ?SetBkImage@CControlUI@DuiLib@@QAEXPB_W@Z

• 0x5984e4 ??0CStdStringPtrMap@DuiLib@@QAE@H@Z

• 0x5984e8 ??1CStdStringPtrMap@DuiLib@@QAE@XZ

• 0x5984ec ?AddVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@PAV12@@Z

• 0x5984f0 ?RemoveVirtualWnd@CNotifyPump@DuiLib@@QAE_NVCDuiString@2@@Z

• 0x5984f4 ?SetIcon@CWindowWnd@DuiLib@@QAEXI@Z

• 0x5984f8 ??0CDuiRect@DuiLib@@QAE@HHHH@Z

• 0x5984fc ?ResizeClient@CWindowWnd@DuiLib@@QAEXHH@Z

• 0x598500 ?SetCheck@CCheckBoxUI@DuiLib@@QAEX_N@Z

• 0x598504 ?ShowModal@CWindowWnd@DuiLib@@QAEIXZ

• 0x598508 ?GetCheck@CCheckBoxUI@DuiLib@@QBE_NXZ

• 0x59850c ?GetGlobalContextMenuObserver@CMenuWnd@DuiLib@@SAAAVMenuObserverImpl@2@XZ

• 0x598510 ??0CMenuWnd@DuiLib@@QAE@XZ

• 0x598514 ??0CDuiPoint@DuiLib@@QAE@XZ

• 0x598518 ?Init@CMenuWnd@DuiLib@@QAEXPAVCMenuElementUI@2@VSTRINGorID@2@UtagPOINT@@PAVCPaintManagerUI@2@PAVCStdStringPtrMap@2@K@Z

• 0x59851c ?SetPoint@CMenuWnd@DuiLib@@QAEXUtagPOINT@@@Z

• 0x598520 ??1CMenuWnd@DuiLib@@QAE@XZ

• 0x598524 ?GetShadow@CPaintManagerUI@DuiLib@@QAEPAVCShadowUI@2@XZ

• 0x598528 ?DisableShadow@CShadowUI@DuiLib@@QAEX_N@Z

• 0x59852c ?GetData@CDuiString@DuiLib@@QBEPB_WXZ

• 0x598530 ??0CButtonUI@DuiLib@@QAE@XZ

• 0x598534 ?SetAttribute@CButtonUI@DuiLib@@UAEXPB_W0@Z

• 0x598538 ?GetPaintWindow@CPaintManagerUI@DuiLib@@QBEPAUHWND__@@XZ

• 0x59853c ??0CDuiRect@DuiLib@@QAE@ABUtagRECT@@@Z

• 0x598540 ?GetPos@CControlUI@DuiLib@@UBEABUtagRECT@@XZ

• 0x598544 ??4CDuiString@DuiLib@@QAEABV01@PB_W@Z

• 0x598548 ??0CDuiPoint@DuiLib@@QAE@HH@Z

• 0x59854c ?GetRoot@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@XZ

• 0x598550 ?GetAllContral@CPaintManagerUI@DuiLib@@QAE?AVCStdPtrArray@2@XZ

• 0x598554 ??1CStdPtrArray@DuiLib@@QAE@XZ

• 0x598558 ?GetSize@CStdPtrArray@DuiLib@@QBEHXZ

• 0x59855c ?GetAt@CStdPtrArray@DuiLib@@QBEPAXH@Z

• 0x598560 ?IsVisible@CControlUI@DuiLib@@UBE_NXZ

• 0x598564 ?GetFixedHeight@CControlUI@DuiLib@@UBEHXZ

• 0x598568 ?GetFixedWidth@CControlUI@DuiLib@@UBEHXZ

• 0x59856c ??9CDuiString@DuiLib@@QBE_NPB_W@Z

• 0x598570 ?GetUserData@CControlUI@DuiLib@@UAEABVCDuiString@2@XZ

• 0x598574 ?GetName@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ

• 0x598578 ?SetName@CControlUI@DuiLib@@UAEXPB_W@Z

• 0x59857c ?GetInterface@CButtonUI@DuiLib@@UAEPAXPB_W@Z

• 0x598580 ?GetControlFlags@CButtonUI@DuiLib@@UBEIXZ

• 0x598584 ?Activate@CButtonUI@DuiLib@@UAE_NXZ

• 0x598588 ?GetManager@CControlUI@DuiLib@@UBEPAVCPaintManagerUI@2@XZ

• 0x59858c ?SetManager@CControlUI@DuiLib@@UAEXPAVCPaintManagerUI@2@PAV12@_N@Z

• 0x598590 ?GetParent@CControlUI@DuiLib@@UBEPAV12@XZ

• 0x598594 ?GetText@CControlUI@DuiLib@@UBE?AVCDuiString@2@XZ

• 0x598598 ?SetText@CLabelUI@DuiLib@@UAEXPB_W@Z

• 0x59859c ?IsResourceText@CControlUI@DuiLib@@UBE_NXZ

• 0x5985a0 ?SetResourceText@CControlUI@DuiLib@@UAEX_N@Z

• 0x5985a4 ?IsDragEnabled@CControlUI@DuiLib@@UBE_NXZ

• 0x5985a8 ?SetDragEnable@CControlUI@DuiLib@@UAEX_N@Z

• 0x5985ac ?IsDropEnabled@CControlUI@DuiLib@@UBE_NXZ

• 0x5985b0 ?SetDropEnable@CControlUI@DuiLib@@UAEX_N@Z

• 0x5985b4 ?GetRelativePos@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ

• 0x5985b8 ?GetClientPos@CControlUI@DuiLib@@UBE?AUtagRECT@@XZ

• 0x5985bc ?SetChildPadding@CContainerUI@DuiLib@@UAEXH@Z

Library IPC.dll:

• 0x5985cc _CreateNamedPipeServer@0

• 0x5985d0 ??0INamePipeClitEvent@NS_IPC@@QAE@XZ

• 0x5985d4 _CreateNamePipeClient@4

• 0x5985d8 ??0INamedPipeEvent@@QAE@XZ

Library libcrypto-1_1.dll:

• 0x598b0c CONF_modules_load_file

• 0x598b10 OPENSSL_load_builtin_modules

• 0x598b14 GENERAL_NAMES_free

• 0x598b18 X509V3_EXT_print

• 0x598b1c X509_check_issued

• 0x598b20 ERR_get_error

• 0x598b24 ERR_peek_error

• 0x598b28 ERR_clear_error

• 0x598b2c ERR_error_string_n

• 0x598b30 PKCS12_free

• 0x598b34 PKCS12_PBE_add

• 0x598b38 PKCS12_parse

• 0x598b3c d2i_PKCS12_bio

• 0x598b40 OCSP_response_status

• 0x598b44 OCSP_response_get1_basic

• 0x598b48 OCSP_resp_count

• 0x598b4c OCSP_resp_get0

• 0x598b50 OCSP_single_get0_status

• 0x598b54 OCSP_check_validity

• 0x598b58 OCSP_BASICRESP_free

• 0x598b5c OCSP_RESPONSE_free

• 0x598b60 d2i_OCSP_RESPONSE

• 0x598b64 OCSP_response_status_str

• 0x598b68 OPENSSL_sk_num

• 0x598b6c OCSP_crl_reason_str

• 0x598b70 OCSP_basic_verify

• 0x598b74 UI_get0_user_data

• 0x598b78 UI_OpenSSL

• 0x598b7c UI_create_method

• 0x598b80 UI_destroy_method

• 0x598b84 UI_method_set_opener

• 0x598b88 UI_method_set_writer

• 0x598b8c UI_method_set_reader

• 0x598b90 UI_method_set_closer

• 0x598b94 UI_method_get_opener

• 0x598b98 UI_method_get_writer

• 0x598b9c UI_method_get_reader

• 0x598ba0 UI_method_get_closer

• 0x598ba4 UI_get_string_type

• 0x598ba8 UI_get_input_flags

• 0x598bac UI_set_result

• 0x598bb0 ENGINE_get_first

• 0x598bb4 ENGINE_get_next

• 0x598bb8 ENGINE_by_id

• 0x598bbc ENGINE_load_builtin_engines

• 0x598bc0 ENGINE_ctrl

• 0x598bc4 ENGINE_ctrl_cmd

• 0x598bc8 ENGINE_free

• 0x598bcc ENGINE_get_id

• 0x598bd0 ENGINE_init

• 0x598bd4 ENGINE_finish

• 0x598bd8 ENGINE_load_private_key

• 0x598bdc ENGINE_set_default

• 0x598be0 MD5_Init

• 0x598be4 MD5_Update

• 0x598be8 MD5_Final

• 0x598bec DES_ecb_encrypt

• 0x598bf0 DES_set_odd_parity

• 0x598bf4 DES_set_key

• 0x598bf8 SHA256_Init

• 0x598bfc SHA256_Update

• 0x598c00 SHA256_Final

• 0x598c04 OPENSSL_sk_value

• 0x598c08 MD4_Init

• 0x598c0c MD4_Update

• 0x598c10 MD4_Final

• 0x598c14 OPENSSL_sk_pop_free

• 0x598c18 OPENSSL_sk_pop

• 0x598c1c OpenSSL_version_num

• 0x598c20 CRYPTO_get_ex_new_index

• 0x598c24 CRYPTO_malloc

• 0x598c28 CRYPTO_free

• 0x598c2c BIO_s_file

• 0x598c30 BIO_new

• 0x598c34 BIO_free

• 0x598c38 BIO_puts

• 0x598c3c BIO_ctrl

• 0x598c40 BIO_s_mem

• 0x598c44 BIO_printf

• 0x598c48 BN_num_bits

• 0x598c4c RAND_status

• 0x598c50 RAND_file_name

• 0x598c54 RAND_load_file

• 0x598c58 RAND_add

• 0x598c5c RAND_bytes

• 0x598c60 BN_print

• 0x598c64 ASN1_STRING_length

• 0x598c68 ASN1_STRING_type

• 0x598c6c ASN1_STRING_get0_data

• 0x598c70 i2a_ASN1_OBJECT

• 0x598c74 i2t_ASN1_OBJECT

• 0x598c78 ASN1_STRING_to_UTF8

• 0x598c7c ASN1_TIME_print

• 0x598c80 ASN1_STRING_print

• 0x598c84 EVP_MD_CTX_new

• 0x598c88 EVP_MD_CTX_free

• 0x598c8c EVP_DigestInit_ex

• 0x598c90 OCSP_cert_status_str

• 0x598c94 EVP_DigestUpdate

• 0x598c98 EVP_DigestFinal_ex

• 0x598c9c EVP_md5

• 0x598ca0 EVP_sha256

• 0x598ca4 EVP_PKEY_id

• 0x598ca8 EVP_PKEY_get0_RSA

• 0x598cac EVP_PKEY_get1_RSA

• 0x598cb0 EVP_PKEY_get0_DSA

• 0x598cb4 EVP_PKEY_get0_DH

• 0x598cb8 EVP_PKEY_free

• 0x598cbc EVP_PKEY_copy_parameters

• 0x598cc0 RSA_get0_key

• 0x598cc4 RSA_free

• 0x598cc8 RSA_flags

• 0x598ccc DH_get0_pqg

• 0x598cd0 PEM_write_bio_X509

• 0x598cd4 PEM_read_bio_X509

• 0x598cd8 X509_PUBKEY_get0_param

• 0x598cdc X509_EXTENSION_get_data

• 0x598ce0 X509_EXTENSION_get_object

• 0x598ce4 X509_get_ext_d2i

• 0x598ce8 X509_NAME_ENTRY_get_data

• 0x598cec X509_NAME_get_entry

• 0x598cf0 X509_NAME_get_index_by_NID

• 0x598cf4 X509_NAME_print_ex

• 0x598cf8 X509_get_pubkey

• 0x598cfc X509_get0_extensions

• 0x598d00 X509_get_X509_PUBKEY

• 0x598d04 X509_get0_notAfter

• 0x598d08 X509_get0_notBefore

• 0x598d0c X509_get_subject_name

• 0x598d10 X509_get_issuer_name

• 0x598d14 X509_get_serialNumber

• 0x598d18 X509_get_version

• 0x598d1c X509_get0_signature

• 0x598d20 X509_free

• 0x598d24 i2d_X509_PUBKEY

• 0x598d28 X509_verify_cert_error_string

• 0x598d2c X509_load_crl_file

• 0x598d30 X509_LOOKUP_file

• 0x598d34 X509_STORE_add_lookup

• 0x598d38 X509_STORE_set_flags

• 0x598d3c DSA_get0_key

• 0x598d40 DSA_get0_pqg

• 0x598d44 DH_get0_key

Library libssl-1_1.dll:

• 0x598d4c SSL_CTX_set_options

• 0x598d50 SSL_CTX_set_msg_callback

• 0x598d54 SSL_CTX_sess_set_new_cb

• 0x598d58 SSL_CTX_set_next_proto_select_cb

• 0x598d5c SSL_CTX_set_alpn_protos

• 0x598d60 SSL_get0_alpn_selected

• 0x598d64 SSL_CTX_set_keylog_callback

• 0x598d68 BIO_f_ssl

• 0x598d6c SSL_CTX_set_cipher_list

• 0x598d70 SSL_CTX_new

• 0x598d74 SSL_CTX_free

• 0x598d78 SSL_CTX_get_cert_store

• 0x598d7c SSL_get_current_cipher

• 0x598d80 SSL_CIPHER_get_name

• 0x598d84 SSL_pending

• 0x598d88 SSL_set_bio

• 0x598d8c SSL_CTX_set_ciphersuites

• 0x598d90 SSL_CTX_use_PrivateKey_file

• 0x598d94 SSL_set_connect_state

• 0x598d98 SSL_get_certificate

• 0x598d9c SSL_get_privatekey

• 0x598da0 SSL_get_shutdown

• 0x598da4 SSL_version

• 0x598da8 SSL_CTX_load_verify_locations

• 0x598dac SSL_get_verify_result

• 0x598db0 SSL_set_ex_data

• 0x598db4 SSL_get_ex_data

• 0x598db8 SSL_CTX_use_certificate_file

• 0x598dbc SSL_CTX_use_certificate_chain_file

• 0x598dc0 SSL_SESSION_free

• 0x598dc4 SSL_set_session

• 0x598dc8 SSL_get_peer_certificate

• 0x598dcc SSL_get_peer_cert_chain

• 0x598dd0 SSL_CTX_set_verify

• 0x598dd4 SSL_CTX_use_PrivateKey

• 0x598dd8 SSL_CTX_use_certificate

• 0x598ddc SSL_CTX_set_default_passwd_cb

• 0x598de0 SSL_CTX_set_default_passwd_cb_userdata

• 0x598de4 SSL_CTX_check_private_key

• 0x598de8 SSL_new

• 0x598dec SSL_free

• 0x598df0 SSL_connect

• 0x598df4 SSL_CTX_add_client_CA

• 0x598df8 SSL_alert_desc_string_long

• 0x598dfc SSL_CTX_set_post_handshake_auth

• 0x598e00 SSL_shutdown

• 0x598e04 TLS_client_method

• 0x598e08 SSL_get_error

• 0x598e0c SSL_CTX_ctrl

• 0x598e10 SSL_ctrl

• 0x598e14 SSL_write

• 0x598e18 SSL_set_fd

• 0x598e1c SSL_read

Library SHLWAPI.dll:

• 0x5988e0 PathRemoveBackslashW

• 0x5988e4 PathRemoveFileSpecW

• 0x5988e8 StrCpyW

• 0x5988ec wnsprintfW

• 0x5988f0 PathAddBackslashW

• 0x5988f4 PathUnquoteSpacesW

• 0x5988f8 PathFileExistsW

• 0x5988fc PathIsDirectoryW

Library log4cplus.dll:

• 0x598e24 ??1Logger@log4cplus@@UAE@XZ

• 0x598e28 ?isEnabledFor@Logger@log4cplus@@QBE_NH@Z

• 0x598e2c ?forcedLog@Logger@log4cplus@@QBEXHABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@PBDH@Z

• 0x598e30 ??0ConfigureAndWatchThread@log4cplus@@QAE@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@I@Z

• 0x598e34 ?doConfigure@PropertyConfigurator@log4cplus@@SAXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@AAVHierarchy@2@I@Z

• 0x598e38 ?getDefaultHierarchy@Logger@log4cplus@@SAAAVHierarchy@2@XZ

• 0x598e3c ?getRoot@Logger@log4cplus@@SA?AV12@XZ

• 0x598e40 ??6@YAAAV?$basic_ostream@_WU?$char_traits@_W@std@@@std@@AAV01@PBD@Z

• 0x598e44 ?getInstance@Logger@log4cplus@@SA?AV12@ABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z

• 0x598e48 ??4Logger@log4cplus@@QAEAAV01@ABV01@@Z

Library IPHLPAPI.DLL:

• 0x5985e0 GetAdaptersInfo

Library WLDAP32.dll:

• 0x5989fc

• 0x598a00

• 0x598a04

• 0x598a08

• 0x598a0c

• 0x598a10

• 0x598a14

• 0x598a18

• 0x598a1c

• 0x598a20

• 0x598a24

• 0x598a28

• 0x598a2c

• 0x598a30

• 0x598a34

• 0x598a38

• 0x598a3c

Hosts

No hosts contacted.

DNS

Name	Response	Post-Analysis Lookup
time.windows.com	A 20.189.79.72 CNAME time.microsoft.akadns.net
dns.msftncsi.com	A 131.107.255.255	131.107.255.255
dns.msftncsi.com	AAAA fd3e:4f5a:5b81::1	131.107.255.255
teredo.ipv6.microsoft.com

TCP

No TCP connections recorded.

UDP

Source	Source Port	Destination	Destination Port
192.168.56.101	49713	114.114.114.114	53
192.168.56.101	50002	114.114.114.114	53
192.168.56.101	53657	114.114.114.114	53
192.168.56.101	60384	114.114.114.114	53
192.168.56.101	62318	114.114.114.114	53
192.168.56.101	137	192.168.56.255	137
192.168.56.101	138	192.168.56.255	138
192.168.56.101	123	20.189.79.72 time.windows.com	123
192.168.56.101	49235	224.0.0.252	5355
192.168.56.101	50534	224.0.0.252	5355
192.168.56.101	51808	224.0.0.252	5355
192.168.56.101	51963	224.0.0.252	5355
192.168.56.101	56804	224.0.0.252	5355
192.168.56.101	57756	224.0.0.252	5355
192.168.56.101	57874	224.0.0.252	5355
192.168.56.101	62191	224.0.0.252	5355
192.168.56.101	63429	224.0.0.252	5355
192.168.56.101	1900	239.255.255.250	1900
192.168.56.101	49238	239.255.255.250	1900
192.168.56.101	53658	239.255.255.250	3702

HTTP & HTTPS Requests

No HTTP requests performed.

ICMP traffic

No ICMP traffic performed.

IRC traffic

No IRC requests performed.

Suricata Alerts

No Suricata Alerts

Suricata TLS

No Suricata TLS

Snort Alerts

No Snort Alerts

Sorry! No dropped files.

Sorry! No dropped buffers.

section	.gfids
section	LogShare