AutoHotKey.exe

First submission 2024-10-15 17:55:02

File details

File type:	PE32+ executable (GUI) x86-64, for MS Windows
Mime type:	application/x-dosexec
File size:	1289.0 KB (1319936 bytes)
Compile time:	2023-07-08 07:25:42
MD5:	dc20d755a0ce47329c8b36ad9b99097b
SHA1:	c10767cf93b25513efffa19c68df4262b83d9be4
SHA256:	7d47220e8a09c113b82ba9f366ce2cbe5924b0cc661dc9df93c13e8dbfa1f254
Import Hash :	a9b5160326ed68a4bb81944dabab7ed6
Sections 7	.text .rdata .data .pdata text data .rsrc
Directories 2	import resource

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

OSINT Enrichments

Virus Total:	1/77 VT report date: 2024-09-25 15:46:45

URLs, FQDN and IP indicators 1

URL	Host (FQDN/IP)	Date Added
hXXp://asurastrike.de/ERAB/AutoHotKey.exe	asurastrike.de	2024-10-15 17:55:02

PE Sections 0 suspicious

Name	VAddress	VSize	Size	SHA1	MD5
.text	0x1000	0xecf26	970752	19c6bb4be1aa4d154d0035dfc0f98ddc16cc2192	c7e59ab13d802ef3a99c383dd342de46
.rdata	0xee000	0x3497c	215552	d1c3dbe7e565b41f672efaf827520f1b43d7e22b	84f386cafc697632e175f3133ddc45c9
.data	0x123000	0xc818	20992	8b9c674ce9057e66fad2f3f02c03a9fd683d7560	fba42b5b7462d1099b946570f1b5b694
.pdata	0x130000	0x8418	34304	fb590d616c3efdb2eac8733636d5097f8b5ef1a2	e00301686647df8cb55214b909600dc1
text	0x139000	0x258d	9728	4c0370f7184e9f3f24f2fb635ff0fb83397697fd	a849b5d875105e777eb8405b21f42175
data	0x13c000	0x6ec0	28672	353e3345d0a3058c1fee970144c22844ac1d4560	8f4275b626558a8640120f611553e570
.rsrc	0x143000	0x96c0	38912	33e63d83d4d958ac16060efcfb9f4f21c03bdf59	106911fc032032f326faa5d6afce7f87

PE Resources 7

Name	Language	Sublanguage	Offset	Size	Data
RT_ICON	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x14bf60	744
RT_MENU	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x143978	712	PE Resource: RT_MENU - Data &Filex&Reload Script Ctrl+Ry&Edit Script Ctrl+Ez&Window Spy{&Pause Script Pause\|&Suspend Hotkeys}E&xit (Terminate Script)&View~&Lines most recently executed Ctrl+L&Variables and their contents Ctrl+V&Hotkeys and their methods Ctrl+H&Key history and script info Ctrl+K&Refresh F5&Help&User Manual F1&Web Site
RT_DIALOG	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x14c288	232
RT_ACCELERATOR	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x14c370	72
RT_GROUP_ICON	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x148490	20
RT_VERSION	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x14c3b8	772	PE Resource: RT_VERSION - Data 4VS_VERSION_INFO%%dStringFileInfo@040904b0\FileDescriptionAutoHotkey Unicode 64-bit4 FileVersion1.1.37.016InternalNameAutoHotkeyTLegalCopyrightCopyright (C) 2003-2013TCompanyNameAutoHotkey Foundation LLCFOriginalFilenameAutoHotkey.exe6ProductNameAutoHotkey8 ProductVersion1.1.37.01DVarFileInfo$Translation
RT_MANIFEST	LANG_ENGLISH	SUBLANG_ENGLISH_US	0x143480	1268	PE Resource: RT_MANIFEST - Data <assembly xmlns="urn:schemas-microsoft-com:asm.v1" manifestVersion="1.0" xmlns:v3="urn:schemas-microsoft-com:asm.v3"><assemblyIdentity version="1.1.00.00" name="AutoHotkey" type="win32" /><dependency><dependentAssembly><assemblyIdentity type="win32" name="Microsoft.Windows.Common-Controls" version="6.0.0.0" processorArchitecture="" publicKeyToken="6595b64144ccf1df" language="" /></dependentAssembly></dependency><compatibility xmlns="urn:schemas-microsoft-com:compatibility.v1"><application><supportedOS Id="{8e0f7a12-bfb3-4fe8-b9a5-48fd50a15a9a}"/><supportedOS Id="{1f676c76-80e1-4239-95bb-83d0f6d0da78}"/><supportedOS Id="{e2011457-1546-43c5-a5fe-008deee3d3f0}"/><supportedOS Id="{35138b9a-5d96-4fbd-8e2d-a2440225f93a}"/><supportedOS Id="{4a2f28e3-53b9-4441-ba9c-d69d4a4a6e38}"/></application></compatibility><v3:application><v3:windowsSettings xmlns="http://schemas.microsoft.com/SMI/2005/WindowsSettings" xmlns:ws2="http://schemas.microsoft.com/SMI/2016/WindowsSettings"><dpiAware>true</dpiAware><ws2:longPathAware>true</ws2:longPathAware></v3:windowsSettings></v3:application><v3:trustInfo><v3:security><v3:requestedPrivileges><v3:requestedExecutionLevel level="asInvoker" uiAccess="false" /></v3:requestedPrivileges></v3:security></v3:trustInfo></assembly>

Meta infos 9

LegalCopyright:	Copyright (C) 2003-2013
InternalName:	AutoHotkey
FileVersion:	1.1.37.01
CompanyName:	AutoHotkey Foundation LLC
ProductVersion:	1.1.37.01
FileDescription:	AutoHotkey Unicode 64-bit
Translation:	0x0409 0x04b0
OriginalFilename:	AutoHotkey.exe
ProductName:	AutoHotkey

Packers detected 1

Microsoft Visual C++ 8.0 (DLL)

Anti debug functions 10

FindWindowW
GetLastError
GetWindowThreadProcessId
IsDebuggerPresent
OutputDebugStringW
Process32FirstW
Process32NextW
RaiseException
TerminateProcess
UnhandledExceptionFilter

Strings analysis - File found

Text
*.txt
Library
USER32.dll
KERNEL32.dll
dwmapi.dll
ntdll.dll
mscoree.dll
ADVAPI32.dll
OLEAUT32.dll
VERSION.dll
WSOCK32.dll
PSAPI.DLL
COMCTL32.dll
ole32.dll
WININET.dll
SHELL32.dll
WINMM.dll
GDI32.dll
COMDLG32.dll

Strings analysis - Possible URLs found 8

https://autohotkey.com
file://
http://www.w3.org/2001/XMLSchema-instance
file:///
file:///I
http://www.w3.org/2001/XMLSchema
http://schemas.microsoft.com/SMI/2016/WindowsSettings
http://schemas.microsoft.com/SMI/2005/WindowsSettings

Import functions

COMDLG32.dll 3 VERSION.dll 3 OLEAUT32.dll 20 WINMM.dll 12 WININET.dll 5 GDI32.dll 34 SHELL32.dll 13 KERNEL32.dll 154 WSOCK32.dll 22 ADVAPI32.dll 19 PSAPI.DLL 3 ole32.dll 10 USER32.dll 172 COMCTL32.dll 6

Function	Address	Souspicious	Anti Debug
CommDlgExtendedError	0x1400ee0d8
GetOpenFileNameW	0x1400ee0e0
GetSaveFileNameW	0x1400ee0e8

Function	Address	Souspicious	Anti Debug
GetFileVersionInfoW	0x1400eed88
VerQueryValueW	0x1400eed90
GetFileVersionInfoSizeW	0x1400eed98

Function	Address	Souspicious	Anti Debug
OleLoadPicture	0x1400ee6e8
SafeArrayUnaccessData	0x1400ee6f0
SafeArrayGetElemsize	0x1400ee6f8
SafeArrayAccessData	0x1400ee700
SafeArrayUnlock	0x1400ee708
SafeArrayDestroy	0x1400ee710
GetActiveObject	0x1400ee718
SysStringLen	0x1400ee720
SysFreeString	0x1400ee728
SafeArrayCreate	0x1400ee730
VariantClear	0x1400ee738
VariantChangeType	0x1400ee740
SysAllocString	0x1400ee748
SafeArrayCopy	0x1400ee750
VariantCopyInd	0x1400ee758
SafeArrayGetUBound	0x1400ee760
SafeArrayGetLBound	0x1400ee768
SafeArrayGetDim	0x1400ee770
SafeArrayLock	0x1400ee778
SafeArrayPtrOfIndex	0x1400ee780

Function	Address	Souspicious	Anti Debug
waveOutGetVolume	0x1400eedd8
mixerGetLineInfoW	0x1400eede0
mixerSetControlDetails	0x1400eede8
mixerGetControlDetailsW	0x1400eedf0
mixerGetLineControlsW	0x1400eedf8
mixerGetDevCapsW	0x1400eee00
waveOutSetVolume	0x1400eee08
mixerClose	0x1400eee10
mixerOpen	0x1400eee18
mciSendStringW	0x1400eee20
joyGetDevCapsW	0x1400eee28
joyGetPosEx	0x1400eee30

Function	Address	Souspicious	Anti Debug
InternetReadFile	0x1400eeda8
InternetOpenUrlW	0x1400eedb0
InternetCloseHandle	0x1400eedb8
InternetReadFileExA	0x1400eedc0
InternetOpenW	0x1400eedc8

Function	Address	Souspicious	Anti Debug
GdiFlush	0x1400ee0f8
CreateDIBSection	0x1400ee100
EnumFontFamiliesExW	0x1400ee108
SetBrushOrgEx	0x1400ee110
SetBkColor	0x1400ee118
GetPixel	0x1400ee120
BitBlt	0x1400ee128
CreatePatternBrush	0x1400ee130
SetBkMode	0x1400ee138
GetCharABCWidthsW	0x1400ee140
GetClipBox	0x1400ee148
FillRgn	0x1400ee150
GetClipRgn	0x1400ee158
ExcludeClipRect	0x1400ee160
GetDeviceCaps	0x1400ee168
DeleteObject	0x1400ee170
CreateFontW	0x1400ee178
CreateSolidBrush	0x1400ee180
CreateDCW	0x1400ee188
CreateCompatibleBitmap	0x1400ee190
GetSystemPaletteEntries	0x1400ee198
GetDIBits	0x1400ee1a0
CreateCompatibleDC	0x1400ee1a8
CreatePolygonRgn	0x1400ee1b0
CreateRectRgn	0x1400ee1b8
CreateRoundRectRgn	0x1400ee1c0
CreateEllipticRgn	0x1400ee1c8
DeleteDC	0x1400ee1d0
GetObjectW	0x1400ee1d8
GetTextMetricsW	0x1400ee1e0
GetTextFaceW	0x1400ee1e8
SelectObject	0x1400ee1f0
GetStockObject	0x1400ee1f8
SetTextColor	0x1400ee200

Function	Address	Souspicious	Anti Debug
DragQueryPoint	0x1400ee7b0
SHEmptyRecycleBinW	0x1400ee7b8
SHFileOperationW	0x1400ee7c0
SHGetPathFromIDListW	0x1400ee7c8
SHBrowseForFolderW	0x1400ee7d0
SHGetDesktopFolder	0x1400ee7d8
SHGetMalloc	0x1400ee7e0
SHGetFolderPathW	0x1400ee7e8
ShellExecuteExW	0x1400ee7f0
Shell_NotifyIconW	0x1400ee7f8
DragFinish	0x1400ee800
DragQueryFileW	0x1400ee808
ExtractIconW	0x1400ee810

Function	Address	Souspicious	Anti Debug
GlobalFree	0x1400ee210
GlobalUnlock	0x1400ee218
WideCharToMultiByte	0x1400ee220
GetSystemDirectoryA	0x1400ee228
LoadLibraryA	0x1400ee230
GetProcAddress	0x1400ee238
FreeLibrary	0x1400ee240
GetCurrentThreadId	0x1400ee248
GetEnvironmentVariableW	0x1400ee250
lstrcmpiW	0x1400ee258
GetStringTypeExW	0x1400ee260
CreateThread	0x1400ee268
SetThreadPriority	0x1400ee270
GetExitCodeThread	0x1400ee278
CloseHandle	0x1400ee280
CreateMutexW	0x1400ee288
GetLastError	0x1400ee290
LoadLibraryW	0x1400ee298
GetModuleHandleW	0x1400ee2a0
GetVersionExW	0x1400ee2a8
InitializeCriticalSection	0x1400ee2b0
DeleteCriticalSection	0x1400ee2b8
GetModuleFileNameW	0x1400ee2c0
GetFileAttributesW	0x1400ee2c8
GetFullPathNameW	0x1400ee2d0
GetSystemTimeAsFileTime	0x1400ee2d8
LoadResource	0x1400ee2e0
LockResource	0x1400ee2e8
SizeofResource	0x1400ee2f0
GetShortPathNameW	0x1400ee2f8
FindFirstFileW	0x1400ee300
FindNextFileW	0x1400ee308
FindClose	0x1400ee310
FileTimeToLocalFileTime	0x1400ee318
SetEnvironmentVariableW	0x1400ee320
Beep	0x1400ee328
MoveFileW	0x1400ee330
OutputDebugStringW	0x1400ee338
CreateProcessW	0x1400ee340
MultiByteToWideChar	0x1400ee348
GetExitCodeProcess	0x1400ee350
WriteProcessMemory	0x1400ee358
ReadProcessMemory	0x1400ee360
GetCurrentProcessId	0x1400ee368
OpenProcess	0x1400ee370
TerminateProcess	0x1400ee378
SetPriorityClass	0x1400ee380
SetLastError	0x1400ee388
GlobalAlloc	0x1400ee390
GetDateFormatW	0x1400ee398
GetTimeFormatW	0x1400ee3a0
GetDiskFreeSpaceExW	0x1400ee3a8
SetVolumeLabelW	0x1400ee3b0
CreateFileW	0x1400ee3b8
DeviceIoControl	0x1400ee3c0
GetDriveTypeW	0x1400ee3c8
GetVolumeInformationW	0x1400ee3d0
GetDiskFreeSpaceW	0x1400ee3d8
GetCurrentDirectoryW	0x1400ee3e0
CreateDirectoryW	0x1400ee3e8
ReadFile	0x1400ee3f0
WriteFile	0x1400ee3f8
DeleteFileW	0x1400ee400
CopyFileW	0x1400ee408
SetFileAttributesW	0x1400ee410
LocalFileTimeToFileTime	0x1400ee418
SetFileTime	0x1400ee420
GetFileSizeEx	0x1400ee428
GetSystemTime	0x1400ee430
GetSystemDefaultUILanguage	0x1400ee438
GetComputerNameW	0x1400ee440
GetSystemWindowsDirectoryW	0x1400ee448
GetTempPathW	0x1400ee450
EnterCriticalSection	0x1400ee458
LeaveCriticalSection	0x1400ee460
VirtualProtect	0x1400ee468
QueryDosDeviceW	0x1400ee470
CompareStringW	0x1400ee478
RemoveDirectoryW	0x1400ee480
GetCurrentProcess	0x1400ee488
CreateToolhelp32Snapshot	0x1400ee490
Process32FirstW	0x1400ee498
Process32NextW	0x1400ee4a0
FormatMessageW	0x1400ee4a8
GetPrivateProfileStringW	0x1400ee4b0
GetPrivateProfileSectionW	0x1400ee4b8
GetPrivateProfileSectionNamesW	0x1400ee4c0
WritePrivateProfileStringW	0x1400ee4c8
WritePrivateProfileSectionW	0x1400ee4d0
SetEndOfFile	0x1400ee4d8
GetACP	0x1400ee4e0
GetFileType	0x1400ee4e8
GetStdHandle	0x1400ee4f0
SetFilePointerEx	0x1400ee4f8
SystemTimeToFileTime	0x1400ee500
FileTimeToSystemTime	0x1400ee508
GetFileSize	0x1400ee510
IsWow64Process	0x1400ee518
VirtualAllocEx	0x1400ee520
VirtualFreeEx	0x1400ee528
EnumResourceNamesW	0x1400ee530
LoadLibraryExW	0x1400ee538
GlobalSize	0x1400ee540
GlobalLock	0x1400ee548
FindResourceW	0x1400ee550
SetErrorMode	0x1400ee558
GetCPInfo	0x1400ee560
SetCurrentDirectoryW	0x1400ee568
Sleep	0x1400ee570
GetTickCount	0x1400ee578
MulDiv	0x1400ee580
EncodePointer	0x1400ee588
HeapSize	0x1400ee590
HeapQueryInformation	0x1400ee598
GetCommandLineW	0x1400ee5a0
GetStartupInfoW	0x1400ee5a8
GetOEMCP	0x1400ee5b0
IsValidCodePage	0x1400ee5b8
FlsGetValue	0x1400ee5c0
HeapAlloc	0x1400ee5c8
HeapFree	0x1400ee5d0
HeapReAlloc	0x1400ee5d8
ExitProcess	0x1400ee5e0
DecodePointer	0x1400ee5e8
FlsSetValue	0x1400ee5f0
FlsFree	0x1400ee5f8
FlsAlloc	0x1400ee600
UnhandledExceptionFilter	0x1400ee608
SetUnhandledExceptionFilter	0x1400ee610
IsDebuggerPresent	0x1400ee618
RtlVirtualUnwind	0x1400ee620
RtlLookupFunctionEntry	0x1400ee628
RtlCaptureContext	0x1400ee630
GetStringTypeW	0x1400ee638
HeapSetInformation	0x1400ee640
GetVersion	0x1400ee648
HeapCreate	0x1400ee650
InitializeCriticalSectionAndSpinCount	0x1400ee658
RtlUnwindEx	0x1400ee660
RaiseException	0x1400ee668
RtlPcToFileHeader	0x1400ee670
LCMapStringW	0x1400ee678
GetConsoleCP	0x1400ee680
GetConsoleMode	0x1400ee688
FreeEnvironmentStringsW	0x1400ee690
GetEnvironmentStringsW	0x1400ee698
SetHandleCount	0x1400ee6a0
QueryPerformanceCounter	0x1400ee6a8
SetFilePointer	0x1400ee6b0
WriteConsoleW	0x1400ee6b8
SetStdHandle	0x1400ee6c0
FlushFileBuffers	0x1400ee6c8
GetLocalTime	0x1400ee6d0
GetProcessHeap	0x1400ee6d8

Function	Address	Souspicious	Anti Debug
getservbyport	0x1400eee40
ntohs	0x1400eee48
inet_addr	0x1400eee50
htonl	0x1400eee58
getservbyname	0x1400eee60
WSASetLastError	0x1400eee68
htons	0x1400eee70
WSAGetLastError	0x1400eee78
gethostbyname	0x1400eee80
ioctlsocket	0x1400eee88
gethostbyaddr	0x1400eee90
gethostname	0x1400eee98
shutdown	0x1400eeea0
WSACleanup	0x1400eeea8
closesocket	0x1400eeeb0
connect	0x1400eeeb8
socket	0x1400eeec0
WSAStartup	0x1400eeec8
send	0x1400eeed0
recv	0x1400eeed8
WSAAsyncSelect	0x1400eeee0
inet_ntoa	0x1400eeee8

Function	Address	Souspicious	Anti Debug
GetUserNameW	0x1400ee000
LockServiceDatabase	0x1400ee008
OpenSCManagerW	0x1400ee010
RegEnumKeyExW	0x1400ee018
RegEnumValueW	0x1400ee020
RegQueryInfoKeyW	0x1400ee028
RegOpenKeyExW	0x1400ee030
RegCloseKey	0x1400ee038
RegDeleteValueW	0x1400ee040
RegDeleteKeyW	0x1400ee048
RegSetValueExW	0x1400ee050
RegCreateKeyExW	0x1400ee058
RegQueryValueExW	0x1400ee060
AdjustTokenPrivileges	0x1400ee068
LookupPrivilegeValueW	0x1400ee070
OpenProcessToken	0x1400ee078
CloseServiceHandle	0x1400ee080
RegConnectRegistryW	0x1400ee088
UnlockServiceDatabase	0x1400ee090

Function	Address	Souspicious	Anti Debug
GetModuleBaseNameW	0x1400ee790
GetProcessImageFileNameW	0x1400ee798
GetModuleFileNameExW	0x1400ee7a0

Function	Address	Souspicious	Anti Debug
OleInitialize	0x1400eeef8
OleUninitialize	0x1400eef00
CoCreateInstance	0x1400eef08
CoInitialize	0x1400eef10
CoUninitialize	0x1400eef18
CLSIDFromString	0x1400eef20
CLSIDFromProgID	0x1400eef28
CoGetObject	0x1400eef30
StringFromGUID2	0x1400eef38
CreateStreamOnHGlobal	0x1400eef40

Function	Address	Souspicious	Anti Debug
SetWindowPos	0x1400ee820
SetLayeredWindowAttributes	0x1400ee828
InvalidateRect	0x1400ee830
EnableWindow	0x1400ee838
GetWindowTextLengthW	0x1400ee840
EnumWindows	0x1400ee848
IsZoomed	0x1400ee850
IsIconic	0x1400ee858
EnumDisplayMonitors	0x1400ee860
RegisterWindowMessageW	0x1400ee868
GetSysColor	0x1400ee870
GetSysColorBrush	0x1400ee878
DrawIconEx	0x1400ee880
FillRect	0x1400ee888
DefWindowProcW	0x1400ee890
SetForegroundWindow	0x1400ee898
DialogBoxParamW	0x1400ee8a0
SendDlgItemMessageW	0x1400ee8a8
GetDlgItem	0x1400ee8b0
SetDlgItemTextW	0x1400ee8b8
MessageBeep	0x1400ee8c0
GetCursorInfo	0x1400ee8c8
GetLastInputInfo	0x1400ee8d0
GetSystemMenu	0x1400ee8d8
GetMenuItemCount	0x1400ee8e0
GetMenuItemID	0x1400ee8e8
GetSubMenu	0x1400ee8f0
GetMenuStringW	0x1400ee8f8
ExitWindowsEx	0x1400ee900
SetMenu	0x1400ee908
FlashWindow	0x1400ee910
GetPropW	0x1400ee918
SetPropW	0x1400ee920
RemovePropW	0x1400ee928
MapWindowPoints	0x1400ee930
RedrawWindow	0x1400ee938
SetWindowLongPtrW	0x1400ee940
SetParent	0x1400ee948
GetClassInfoExW	0x1400ee950
DefDlgProcW	0x1400ee958
GetAncestor	0x1400ee960
UpdateWindow	0x1400ee968
GetMessagePos	0x1400ee970
GetClassLongPtrW	0x1400ee978
CallWindowProcW	0x1400ee980
CheckRadioButton	0x1400ee988
IntersectRect	0x1400ee990
GetUpdateRect	0x1400ee998
PtInRect	0x1400ee9a0
CreateDialogIndirectParamW	0x1400ee9a8
GetWindowLongPtrW	0x1400ee9b0
CreateAcceleratorTableW	0x1400ee9b8
DestroyAcceleratorTable	0x1400ee9c0
InsertMenuItemW	0x1400ee9c8
SetMenuDefaultItem	0x1400ee9d0
RemoveMenu	0x1400ee9d8
SetMenuItemInfoW	0x1400ee9e0
IsMenu	0x1400ee9e8
GetMenuItemInfoW	0x1400ee9f0
CreateMenu	0x1400ee9f8
CreatePopupMenu	0x1400eea00
SetMenuInfo	0x1400eea08
AppendMenuW	0x1400eea10
DestroyMenu	0x1400eea18
TrackPopupMenuEx	0x1400eea20
CopyImage	0x1400eea28
SetWindowRgn	0x1400eea30
CreateIconFromResourceEx	0x1400eea38
EnumClipboardFormats	0x1400eea40
GetWindow	0x1400eea48
BringWindowToTop	0x1400eea50
GetTopWindow	0x1400eea58
GetQueueStatus	0x1400eea60
CheckMenuItem	0x1400eea68
PostQuitMessage	0x1400eea70
GetIconInfo	0x1400eea78
ChangeClipboardChain	0x1400eea80
SetClipboardViewer	0x1400eea88
LoadAcceleratorsW	0x1400eea90
EnableMenuItem	0x1400eea98
GetMenu	0x1400eeaa0
CreateWindowExW	0x1400eeaa8
RegisterClassExW	0x1400eeab0
LoadCursorW	0x1400eeab8
DestroyIcon	0x1400eeac0
DestroyWindow	0x1400eeac8
IsCharAlphaW	0x1400eead0
MapVirtualKeyW	0x1400eead8
VkKeyScanExW	0x1400eeae0
MapVirtualKeyExW	0x1400eeae8
GetKeyboardLayoutNameW	0x1400eeaf0
ActivateKeyboardLayout	0x1400eeaf8
GetGUIThreadInfo	0x1400eeb00
GetWindowTextW	0x1400eeb08
mouse_event	0x1400eeb10
WindowFromPoint	0x1400eeb18
GetSystemMetrics	0x1400eeb20
keybd_event	0x1400eeb28
SetKeyboardState	0x1400eeb30
GetKeyboardState	0x1400eeb38
GetCursorPos	0x1400eeb40
GetAsyncKeyState	0x1400eeb48
AttachThreadInput	0x1400eeb50
UnregisterHotKey	0x1400eeb58
RegisterHotKey	0x1400eeb60
SendMessageTimeoutW	0x1400eeb68
UnhookWindowsHookEx	0x1400eeb70
SetWindowsHookExW	0x1400eeb78
PostThreadMessageW	0x1400eeb80
IsCharAlphaNumericW	0x1400eeb88
IsCharUpperW	0x1400eeb90
IsCharLowerW	0x1400eeb98
ToUnicodeEx	0x1400eeba0
GetKeyboardLayout	0x1400eeba8
CallNextHookEx	0x1400eebb0
CharLowerW	0x1400eebb8
ReleaseDC	0x1400eebc0
GetDC	0x1400eebc8
MessageBoxW	0x1400eebd0
OpenClipboard	0x1400eebd8
GetClipboardData	0x1400eebe0
GetClipboardFormatNameW	0x1400eebe8
CloseClipboard	0x1400eebf0
SetClipboardData	0x1400eebf8
EmptyClipboard	0x1400eec00
PostMessageW	0x1400eec08
FindWindowW	0x1400eec10
EndDialog	0x1400eec18
IsWindow	0x1400eec20
DispatchMessageW	0x1400eec28
TranslateMessage	0x1400eec30
ShowWindow	0x1400eec38
SetFocus	0x1400eec40
SetActiveWindow	0x1400eec48
ClientToScreen	0x1400eec50
EnumChildWindows	0x1400eec58
MoveWindow	0x1400eec60
GetWindowRect	0x1400eec68
GetMonitorInfoW	0x1400eec70
MonitorFromPoint	0x1400eec78
GetClientRect	0x1400eec80
SystemParametersInfoW	0x1400eec88
AdjustWindowRectEx	0x1400eec90
DrawTextW	0x1400eec98
CreateIconIndirect	0x1400eeca0
SetRect	0x1400eeca8
CountClipboardFormats	0x1400eecb0
SetWindowLongW	0x1400eecb8
ScreenToClient	0x1400eecc0
IsDialogMessageW	0x1400eecc8
SendMessageW	0x1400eecd0
IsWindowEnabled	0x1400eecd8
GetWindowLongW	0x1400eece0
GetKeyState	0x1400eece8
TranslateAcceleratorW	0x1400eecf0
KillTimer	0x1400eecf8
PeekMessageW	0x1400eed00
GetFocus	0x1400eed08
GetClassNameW	0x1400eed10
GetWindowThreadProcessId	0x1400eed18
GetForegroundWindow	0x1400eed20
GetMessageW	0x1400eed28
SetTimer	0x1400eed30
GetParent	0x1400eed38
GetDlgCtrlID	0x1400eed40
CharUpperW	0x1400eed48
IsClipboardFormatAvailable	0x1400eed50
SetWindowTextW	0x1400eed58
IsWindowVisible	0x1400eed60
LoadImageW	0x1400eed68
BlockInput	0x1400eed70
SendInput	0x1400eed78

Function	Address	Souspicious	Anti Debug
ImageList_GetIconSize	0x1400ee0a0
ImageList_Create	0x1400ee0a8
ImageList_Destroy	0x1400ee0b0
ImageList_AddMasked	0x1400ee0b8
ImageList_ReplaceIcon	0x1400ee0c0
CreateStatusWindowW	0x1400ee0c8