%E6%8A%96%E9%9F%B3%E5%BC%B9%E5%B9%95%E4%BF%9D%E5%A7%86.exe

First submission 2024-10-15 18:10:08

File details

File type:	PE32 executable (GUI) Intel 80386, for MS Windows
Mime type:	application/x-dosexec
File size:	1908.0 KB (1953792 bytes)
Compile time:	2024-09-30 11:04:33
MD5:	467692ca4ffc05c33fa1381e92f1baf9
SHA1:	b063f6c4d4053c790b6bad1b5af0495b2626fe3e
SHA256:	674a56fcb8d895c908920e54e3cb29d82c02b2ae0d432b8d613ed4a423092700
Import Hash :	9e409225035cabe190a30e33f62c78ec
Sections 4	.text .rdata .data .rsrc
Directories 2	import resource

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

OSINT Enrichments

Virus Total:	42/77 VT report date: 2024-10-01 07:11:44
Malware Type 3	trojan dropper pua
Threat Type 2	graftor flystudio

URLs, FQDN and IP indicators 1

URL	Host (FQDN/IP)	Date Added
hXXp://www.huiip.top:81/%E6%8A%96%E9%9F%B3%E5%BC%B9%E5%B9%95%E4%BF%9D%E5%A7%86.exe	www.huiip.top	2024-10-15 18:10:08

PE Sections 1 suspicious

Name	VAddress	VSize	Size	SHA1	MD5
.text	0x1000	0xd8926	888832	8ecd90cc46a18a91794a0510cfbf6b39bde4bc72	4815de9ec2a613ff43b42eee50eb7aca
.rdata	0xda000	0xe2814	929792	9eb573c28337daf6b1ecc70c052302f17bb4a356	c6e3138d57858df1b068727b92bc37bb
.data	0x1bd000	0x48808	106496	cea666903c4265101a6614504e30c29b880c4626	e709ad5b3e2a6813dbff41631f3f6a52
.rsrc	0x206000	0x5958	24576	fe7d8ea489fd8f53141bceeb55a7ffddd3821f59	e7ffd9dfdf3a8e79fbac990bb710e2a0

PE Resources 11

Name	Language	Sublanguage	Offset	Size	Data
TEXTINCLUDE	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x206c20	337	PE Resource: TEXTINCLUDE - Data #define _AFX_NO_SPLITTER_RESOURCES #define _AFX_NO_OLE_RESOURCES #define _AFX_NO_TRACKER_RESOURCES #define _AFX_NO_PROPERTY_RESOURCES #if !defined(AFX_RESOURCE_DLL) \|\| defined(AFX_TARG_CHS) #ifdef _WIN32 LANGUAGE 4, 2 #pragma code_page(936) #endif //_WIN32 #include "l.chs\afxres.rc" // Standard components #endif
RT_CURSOR	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x207110	180
RT_BITMAP	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x208818	324
RT_ICON	LANG_NEUTRAL	SUBLANG_NEUTRAL	0x20917c	1640	PE Resource: RT_ICON - Data (0`wwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwfffffffffffowwwwvfffffffwwvfoffoffwwwwvfffffwwwwwvfofoffofwwwvffffffwwfofofffwwvfffofwvofofofofwwwvfffofwwwvfofofoofwwvfffofwwvffofofwwvfffofffwwvfffofffffwwvffwvofwvfffffffffowwvfowwwwvfowwwwwvfffffffffowwwvowwvffwwwwfffffffffffhwwwwfffffffffwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwwww
RT_MENU	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x2097f0	644	PE Resource: RT_MENU - Data &R.U_ &F.0RU_ Ctrl+PageUp&L.0R>\U_ Ctrl+PageDown&P. NNU_ Ctrl+!&N.NNU_ Ctrl+!&U. NNu PageUp &D.NNu PageDown&G.0Rc[U_ Ctrl+G&F.W[k&F.0RW[k Ctrl+Home&L.0R>\W[k Ctrl+End&P. NNW[k Shift+Tab &N.NNW[k Tab/Enter &U. NNL !&D.NNL !&D.X R&A.mRzzU_ Ctrl+N&D.9eS Rdr` Ctrl+D&K.nd@b g RdU_&Z.nzzpenc^
RT_DIALOG	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x20aa38	396
RT_STRING	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x20b480	36
RT_GROUP_CURSOR	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x20b4cc	34
RT_GROUP_ICON	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x20b534	20
RT_VERSION	LANG_CHINESE	SUBLANG_CHINESE_SIMPLIFIED	0x20b548	576	PE Resource: RT_VERSION - Data @4VS_VERSION_INFOStringFileInfo\|080404B00FileVersion1.0.0.04FileDescriptionfz^,ProductNamefz^4ProductVersion1.0.0.0DLegalCopyright\OHrCg@b g \v^O(uckHr\"Comments,gz^O(ufQ(http://www.eyuyan.com)DVarFileInfo$Translation
RT_MANIFEST	LANG_NEUTRAL	SUBLANG_NEUTRAL	0x20b788	461	PE Resource: RT_MANIFEST - Data <?xml version="1.0" encoding="UTF-8" standalone="yes"?><assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0"><assemblyIdentity name="E.App" processorArchitecture="x86" version="5.2.0.0" type="win32"/><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="x86" publicKeyToken="6595b64144ccf1df" language="*" /></dependentAssembly></dependency></assembly>

Meta infos 7

LegalCopyright:	\x4f5c\x8005\x7248\x6743\x6240\x6709 \x8bf7\x5c0a\x91cd\x5e76\x4f7f\x7528\x6b63\x7248
ProductVersion:	1.0.0.0
FileDescription:	\x6613\x8bed\x8a00\x7a0b\x5e8f
Translation:	0x0804 0x04b0
ProductName:	\x6613\x8bed\x8a00\x7a0b\x5e8f
Comments:	\x672c\x7a0b\x5e8f\x4f7f\x7528\x6613\x8bed\x8a00\x7f16\x5199(http://www.eyuyan.com)
FileVersion:	1.0.0.0

Packers detected 3

Microsoft Visual C++ v6.0
Microsoft Visual C++ 5.0
Microsoft Visual C++

Anti debug functions 4

GetLastError
RaiseException
TerminateProcess
UnhandledExceptionFilter

Anti debug functions 2

VMware trick
VMCheck.dll

Strings analysis - File found

Text
http://www.huiip.top:83/%E5%BD%95%E5%88%B6%E9%9F%B3%E9%A2%91%2F%E5%88%97%E8%A1%A8.txt
http://www.huiip.top:83/%E8%83%8C%E6%99%AF%E9%9F%B3%E4%B9%90%2F%E5%88%97%E8%A1%A8.txt
Library
OLEAUT32.dll
ADVAPI32.dll
GDI32.dll
SHLWAPI.dll
MPR.dll
USER32.dll
SHELL32.dll
WS2_32.dll
COMCTL32.dll
MSVCRT.dll
BASS_SFX.dll
COMDLG32.dll
KERNEL32.dll
bass.dll
WINMM.dll
ole32.dll
bass_wadsp.dll

Strings analysis - Possible IPs found 4

6.7.8.5
192.168.0.129
0.1.2.5
1.1.1.1

Strings analysis - Possible URLs found 8

http://
http://www.huiip.top:83/%E5%BD%95%E5%88%B6%E9%9F%B3%E9%A2%91%2F%E5%88%97%E8%A1%A8.txt
http://www.huiip.top:81/%E6%8A%96%E9%9F%B3%E5%BC%B9%E5%B9%95.exe
http://www.huiip.top:83/%E8%83%8C%E6%99%AF%E9%9F%B3%E4%B9%90%2F
http://www.eyuyan.com)
http://www.huiip.top:81/%E6%8A%96%E9%9F%B3%E5%BC%B9%E5%B9%95%E4%BF%9D%E5%A7%86.exe
http://www.huiip.top:83/%E8%83%8C%E6%99%AF%E9%9F%B3%E4%B9%90%2F%E5%88%97%E8%A1%A8.txt
http://www.huiip.top:83/%E5%BD%95%E5%88%B6%E9%9F%B3%E9%A2%91%2F

Import functions

comdlg32.dll 4 WINMM.dll 18 GDI32.dll 90 SHELL32.dll 3 KERNEL32.dll 142 WINSPOOL.DRV 3 ADVAPI32.dll 5 ole32.dll 3 COMCTL32.dll 2 WS2_32.dll 25 USER32.dll 157 OLEAUT32.dll 3

Function	Address	Souspicious	Anti Debug
GetFileTitleA	0x4da728
GetSaveFileNameA	0x4da72c
GetOpenFileNameA	0x4da730
ChooseColorA	0x4da734

Function	Address	Souspicious	Anti Debug
midiStreamRestart	0x4da664
midiStreamClose	0x4da668
midiOutReset	0x4da66c
midiStreamStop	0x4da670
midiStreamOut	0x4da674
midiOutPrepareHeader	0x4da678
midiStreamProperty	0x4da67c
midiStreamOpen	0x4da680
midiOutUnprepareHeader	0x4da684
waveOutOpen	0x4da688
waveOutGetNumDevs	0x4da68c
waveOutClose	0x4da690
waveOutReset	0x4da694
waveOutPause	0x4da698
waveOutWrite	0x4da69c
waveOutPrepareHeader	0x4da6a0
waveOutUnprepareHeader	0x4da6a4
waveOutRestart	0x4da6a8

Function	Address	Souspicious	Anti Debug
SelectPalette	0x4da024
RealizePalette	0x4da028
GetDIBits	0x4da02c
GetWindowExtEx	0x4da030
GetViewportOrgEx	0x4da034
GetWindowOrgEx	0x4da038
BeginPath	0x4da03c
EndPath	0x4da040
PathToRegion	0x4da044
CreateEllipticRgn	0x4da048
CreateRoundRectRgn	0x4da04c
GetTextColor	0x4da050
GetBkMode	0x4da054
GetBkColor	0x4da058
GetROP2	0x4da05c
GetStretchBltMode	0x4da060
GetPolyFillMode	0x4da064
CreateCompatibleBitmap	0x4da068
CreateDCA	0x4da06c
CreateBrushIndirect	0x4da070
CreateHatchBrush	0x4da074
CreateBitmap	0x4da078
CreatePatternBrush	0x4da07c
SelectObject	0x4da080
GetObjectA	0x4da084
CreatePen	0x4da088
PatBlt	0x4da08c
CombineRgn	0x4da090
CreateRectRgn	0x4da094
FillRgn	0x4da098
CreateSolidBrush	0x4da09c
GetStockObject	0x4da0a0
CreateFontIndirectA	0x4da0a4
EndPage	0x4da0a8
EndDoc	0x4da0ac
DeleteDC	0x4da0b0
StartDocA	0x4da0b4
StartPage	0x4da0b8
BitBlt	0x4da0bc
CreateRectRgnIndirect	0x4da0c0
SetPixelV	0x4da0c4
Ellipse	0x4da0c8
Rectangle	0x4da0cc
StretchBlt	0x4da0d0
DPtoLP	0x4da0d4
GetCurrentObject	0x4da0d8
RoundRect	0x4da0dc
Pie	0x4da0e0
Chord	0x4da0e4
Arc	0x4da0e8
Polygon	0x4da0ec
GetTextExtentPoint32A	0x4da0f0
GetDeviceCaps	0x4da0f4
SaveDC	0x4da0f8
RestoreDC	0x4da0fc
SetBkMode	0x4da100
SetPolyFillMode	0x4da104
SetROP2	0x4da108
SetTextColor	0x4da10c
SetMapMode	0x4da110
SetViewportOrgEx	0x4da114
OffsetViewportOrgEx	0x4da118
SetViewportExtEx	0x4da11c
ScaleViewportExtEx	0x4da120
SetWindowOrgEx	0x4da124
SetWindowExtEx	0x4da128
ScaleWindowExtEx	0x4da12c
GetClipBox	0x4da130
ExcludeClipRect	0x4da134
MoveToEx	0x4da138
LineTo	0x4da13c
ExtSelectClipRgn	0x4da140
CreatePalette	0x4da144
GetSystemPaletteEntries	0x4da148
CreateDIBitmap	0x4da14c
DeleteObject	0x4da150
SelectClipRgn	0x4da154
CreatePolygonRgn	0x4da158
GetClipRgn	0x4da15c
SetStretchBltMode	0x4da160
LPtoDP	0x4da164
SetBkColor	0x4da168
CreateCompatibleDC	0x4da16c
GetTextMetricsA	0x4da170
Escape	0x4da174
ExtTextOutA	0x4da178
TextOutA	0x4da17c
RectVisible	0x4da180
PtVisible	0x4da184
GetViewportExtEx	0x4da188

Function	Address	Souspicious	Anti Debug
ShellExecuteA	0x4da3dc
Shell_NotifyIconA	0x4da3e0
SHGetSpecialFolderPathA	0x4da3e4

Function	Address	Souspicious	Anti Debug
LockFile	0x4da190
FlushFileBuffers	0x4da194
SetFilePointer	0x4da198
DuplicateHandle	0x4da19c
lstrcpynA	0x4da1a0
SetLastError	0x4da1a4
FileTimeToLocalFileTime	0x4da1a8
FileTimeToSystemTime	0x4da1ac
InterlockedDecrement	0x4da1b0
GetACP	0x4da1b4
SuspendThread	0x4da1b8
ReleaseMutex	0x4da1bc
CreateMutexA	0x4da1c0
IsBadReadPtr	0x4da1c4
FormatMessageA	0x4da1c8
UnmapViewOfFile	0x4da1cc
LocalFree	0x4da1d0
CreateFileMappingA	0x4da1d4
MapViewOfFile	0x4da1d8
GetCurrentProcess	0x4da1dc
GetWindowsDirectoryA	0x4da1e0
GetSystemDirectoryA	0x4da1e4
TerminateThread	0x4da1e8
CreateSemaphoreA	0x4da1ec
ResumeThread	0x4da1f0
ReleaseSemaphore	0x4da1f4
EnterCriticalSection	0x4da1f8
LeaveCriticalSection	0x4da1fc
GetProfileStringA	0x4da200
WriteFile	0x4da204
SetStdHandle	0x4da208
IsBadCodePtr	0x4da20c
CompareStringW	0x4da210
CompareStringA	0x4da214
SetUnhandledExceptionFilter	0x4da218
GetStringTypeW	0x4da21c
GetStringTypeA	0x4da220
IsBadWritePtr	0x4da224
VirtualAlloc	0x4da228
LCMapStringW	0x4da22c
LCMapStringA	0x4da230
SetEnvironmentVariableA	0x4da234
VirtualFree	0x4da238
HeapCreate	0x4da23c
HeapDestroy	0x4da240
GetEnvironmentVariableA	0x4da244
GetFileType	0x4da248
GetStdHandle	0x4da24c
SetHandleCount	0x4da250
GetEnvironmentStringsW	0x4da254
GetEnvironmentStrings	0x4da258
FreeEnvironmentStringsW	0x4da25c
FreeEnvironmentStringsA	0x4da260
UnhandledExceptionFilter	0x4da264
HeapSize	0x4da268
RaiseException	0x4da26c
GetLocalTime	0x4da270
GetSystemTime	0x4da274
WaitForMultipleObjects	0x4da278
CreateFileA	0x4da27c
SetEvent	0x4da280
FindResourceA	0x4da284
LoadResource	0x4da288
LockResource	0x4da28c
ReadFile	0x4da290
lstrlenW	0x4da294
GetModuleFileNameA	0x4da298
GetCurrentThreadId	0x4da29c
ExitProcess	0x4da2a0
GlobalSize	0x4da2a4
GlobalFree	0x4da2a8
DeleteCriticalSection	0x4da2ac
InitializeCriticalSection	0x4da2b0
lstrcatA	0x4da2b4
lstrlenA	0x4da2b8
WinExec	0x4da2bc
lstrcpyA	0x4da2c0
FindNextFileA	0x4da2c4
GlobalReAlloc	0x4da2c8
HeapFree	0x4da2cc
HeapReAlloc	0x4da2d0
GetProcessHeap	0x4da2d4
HeapAlloc	0x4da2d8
MultiByteToWideChar	0x4da2dc
WideCharToMultiByte	0x4da2e0
GetFullPathNameA	0x4da2e4
FreeLibrary	0x4da2e8
LoadLibraryA	0x4da2ec
GetLastError	0x4da2f0
GetVersionExA	0x4da2f4
WritePrivateProfileStringA	0x4da2f8
GetPrivateProfileStringA	0x4da2fc
CreateThread	0x4da300
CreateEventA	0x4da304
Sleep	0x4da308
GlobalAlloc	0x4da30c
GlobalLock	0x4da310
GlobalUnlock	0x4da314
GetTempPathA	0x4da318
FindFirstFileA	0x4da31c
FindClose	0x4da320
GetFileAttributesA	0x4da324
SetCurrentDirectoryA	0x4da328
GetTimeZoneInformation	0x4da32c
TerminateProcess	0x4da330
ExitThread	0x4da334
RtlUnwind	0x4da338
GetStartupInfoA	0x4da33c
GetOEMCP	0x4da340
GetCPInfo	0x4da344
GetProcessVersion	0x4da348
SetErrorMode	0x4da34c
GlobalFlags	0x4da350
GetCurrentThread	0x4da354
GetFileTime	0x4da358
GetFileSize	0x4da35c
TlsGetValue	0x4da360
LocalReAlloc	0x4da364
TlsSetValue	0x4da368
TlsFree	0x4da36c
GlobalHandle	0x4da370
TlsAlloc	0x4da374
LocalAlloc	0x4da378
lstrcmpA	0x4da37c
GetVersion	0x4da380
GlobalGetAtomNameA	0x4da384
GlobalAddAtomA	0x4da388
GlobalFindAtomA	0x4da38c
GlobalDeleteAtom	0x4da390
GetVolumeInformationA	0x4da394
GetModuleHandleA	0x4da398
GetProcAddress	0x4da39c
MulDiv	0x4da3a0
GetCommandLineA	0x4da3a4
GetTickCount	0x4da3a8
CreateProcessA	0x4da3ac
WaitForSingleObject	0x4da3b0
CloseHandle	0x4da3b4
UnlockFile	0x4da3b8
SetEndOfFile	0x4da3bc
lstrcmpiA	0x4da3c0
InterlockedIncrement	0x4da3c4

Function	Address	Souspicious	Anti Debug
ClosePrinter	0x4da6b0
DocumentPropertiesA	0x4da6b4
OpenPrinterA	0x4da6b8

Function	Address	Souspicious	Anti Debug
RegQueryValueA	0x4da000
RegSetValueExA	0x4da004
RegOpenKeyExA	0x4da008
RegCloseKey	0x4da00c
RegCreateKeyExA	0x4da010

Function	Address	Souspicious	Anti Debug
OleInitialize	0x4da73c
OleUninitialize	0x4da740
CLSIDFromString	0x4da744

Function	Address	Souspicious	Anti Debug
None	0x4da018
ImageList_Destroy	0x4da01c

Function	Address	Souspicious	Anti Debug
closesocket	0x4da6c0
WSAAsyncSelect	0x4da6c4
htons	0x4da6c8
bind	0x4da6cc
socket	0x4da6d0
gethostname	0x4da6d4
inet_addr	0x4da6d8
inet_ntoa	0x4da6dc
gethostbyname	0x4da6e0
WSAStartup	0x4da6e4
recvfrom	0x4da6e8
send	0x4da6ec
ioctlsocket	0x4da6f0
connect	0x4da6f4
recv	0x4da6f8
listen	0x4da6fc
getpeername	0x4da700
accept	0x4da704
WSACleanup	0x4da708
select	0x4da70c
ntohl	0x4da710
WSAGetLastError	0x4da714
__WSAFDIsSet	0x4da718
ntohs	0x4da71c
getsockname	0x4da720

Function	Address	Souspicious	Anti Debug
CreateWindowExA	0x4da3ec
WaitForInputIdle	0x4da3f0
wsprintfA	0x4da3f4
CloseClipboard	0x4da3f8
GetClipboardData	0x4da3fc
OpenClipboard	0x4da400
SetClipboardData	0x4da404
EmptyClipboard	0x4da408
GetSystemMetrics	0x4da40c
GetCursorPos	0x4da410
MessageBoxA	0x4da414
SetWindowPos	0x4da418
SendMessageA	0x4da41c
DestroyCursor	0x4da420
SetParent	0x4da424
IsWindow	0x4da428
PostMessageA	0x4da42c
GetTopWindow	0x4da430
GetParent	0x4da434
GetFocus	0x4da438
GetClientRect	0x4da43c
InvalidateRect	0x4da440
ValidateRect	0x4da444
UpdateWindow	0x4da448
EqualRect	0x4da44c
GetWindowRect	0x4da450
SetForegroundWindow	0x4da454
DestroyMenu	0x4da458
IsChild	0x4da45c
ReleaseDC	0x4da460
ScrollDC	0x4da464
IsRectEmpty	0x4da468
InvertRect	0x4da46c
FillRect	0x4da470
GetDC	0x4da474
SetCursor	0x4da478
LoadCursorA	0x4da47c
SetCursorPos	0x4da480
SetActiveWindow	0x4da484
GetSysColor	0x4da488
SetWindowLongA	0x4da48c
GetWindowLongA	0x4da490
RedrawWindow	0x4da494
EnableWindow	0x4da498
IsWindowVisible	0x4da49c
OffsetRect	0x4da4a0
PtInRect	0x4da4a4
DestroyIcon	0x4da4a8
IntersectRect	0x4da4ac
InflateRect	0x4da4b0
SetRect	0x4da4b4
SetScrollPos	0x4da4b8
SetScrollRange	0x4da4bc
GetScrollRange	0x4da4c0
SetCapture	0x4da4c4
GetCapture	0x4da4c8
ReleaseCapture	0x4da4cc
SetTimer	0x4da4d0
KillTimer	0x4da4d4
WinHelpA	0x4da4d8
LoadBitmapA	0x4da4dc
CopyRect	0x4da4e0
ChildWindowFromPointEx	0x4da4e4
ScreenToClient	0x4da4e8
GetMessagePos	0x4da4ec
SetWindowRgn	0x4da4f0
GetForegroundWindow	0x4da4f4
LoadIconA	0x4da4f8
TranslateMessage	0x4da4fc
DrawFrameControl	0x4da500
DrawEdge	0x4da504
DrawFocusRect	0x4da508
WindowFromPoint	0x4da50c
GetMessageA	0x4da510
DispatchMessageA	0x4da514
SetRectEmpty	0x4da518
RegisterClipboardFormatA	0x4da51c
CreateIconFromResourceEx	0x4da520
CreateIconFromResource	0x4da524
DrawIconEx	0x4da528
CreatePopupMenu	0x4da52c
AppendMenuA	0x4da530
ModifyMenuA	0x4da534
CreateMenu	0x4da538
CreateAcceleratorTableA	0x4da53c
GetDlgCtrlID	0x4da540
GetSubMenu	0x4da544
EnableMenuItem	0x4da548
ClientToScreen	0x4da54c
EnumDisplaySettingsA	0x4da550
LoadImageA	0x4da554
SystemParametersInfoA	0x4da558
ShowWindow	0x4da55c
IsWindowEnabled	0x4da560
TranslateAcceleratorA	0x4da564
GetKeyState	0x4da568
CopyAcceleratorTableA	0x4da56c
PostQuitMessage	0x4da570
IsZoomed	0x4da574
GetClassInfoA	0x4da578
DefWindowProcA	0x4da57c
GetSystemMenu	0x4da580
DeleteMenu	0x4da584
GetMenu	0x4da588
SetMenu	0x4da58c
GetWindowTextA	0x4da590
GetWindowTextLengthA	0x4da594
CharUpperA	0x4da598
GetWindowDC	0x4da59c
BeginPaint	0x4da5a0
EndPaint	0x4da5a4
TabbedTextOutA	0x4da5a8
DrawTextA	0x4da5ac
GrayStringA	0x4da5b0
GetDlgItem	0x4da5b4
DestroyWindow	0x4da5b8
CreateDialogIndirectParamA	0x4da5bc
EndDialog	0x4da5c0
GetNextDlgTabItem	0x4da5c4
GetWindowPlacement	0x4da5c8
RegisterWindowMessageA	0x4da5cc
GetLastActivePopup	0x4da5d0
GetMessageTime	0x4da5d4
RemovePropA	0x4da5d8
CallWindowProcA	0x4da5dc
GetPropA	0x4da5e0
UnhookWindowsHookEx	0x4da5e4
SetPropA	0x4da5e8
GetClassLongA	0x4da5ec
CallNextHookEx	0x4da5f0
SetWindowsHookExA	0x4da5f4
UnregisterClassA	0x4da5f8
GetMenuItemID	0x4da5fc
GetMenuItemCount	0x4da600
RegisterClassA	0x4da604
GetScrollPos	0x4da608
AdjustWindowRectEx	0x4da60c
MapWindowPoints	0x4da610
SendDlgItemMessageA	0x4da614
ScrollWindowEx	0x4da618
IsDialogMessageA	0x4da61c
SetWindowTextA	0x4da620
MoveWindow	0x4da624
CheckMenuItem	0x4da628
SetMenuItemBitmaps	0x4da62c
GetMenuState	0x4da630
GetMenuCheckMarkDimensions	0x4da634
GetClassNameA	0x4da638
GetDesktopWindow	0x4da63c
LoadStringA	0x4da640
GetSysColorBrush	0x4da644
PeekMessageA	0x4da648
IsIconic	0x4da64c
SetFocus	0x4da650
GetActiveWindow	0x4da654
GetWindow	0x4da658
DestroyAcceleratorTable	0x4da65c

Function	Address	Souspicious	Anti Debug
UnRegisterTypeLib	0x4da3cc
RegisterTypeLib	0x4da3d0
LoadTypeLib	0x4da3d4