sub_outside(): KERNEL32.TransactNamedPipe KERNEL32.WriteFile KERNEL32.Sleep WS2_32.socket WS2_32.connect WS2_32.send WS2_32.closesocket KERNEL32.GetTickCount KERNEL32.GetVersionExA KERNEL32.GetLocaleInfoA KERNEL32.GetVersion KERNEL32.GetCommandLineA KERNEL32.GetStartupInfoA |
sub_409726(0133): KERNEL32.ExitThread |
sub_41A257(01b1): KERNEL32.GetCurrentProcess KERNEL32.TerminateProcess |
sub_40BAB1(0485): KERNEL32.Sleep KERNEL32.SetFileAttributesA KERNEL32.GetFileTime KERNEL32.ExitThread KERNEL32.SetFileTime |
sub_40C672(049b): WININET.InternetGetConnectedStateEx |
sub_41E920(0625): KERNEL32.GetStartupInfoA KERNEL32.GetFileType KERNEL32.GetStdHandle KERNEL32.LockResource |
sub_41F033(06de): KERNEL32.WriteFile |
sub_41F1E0(07b7): KERNEL32.GetCPInfo |
sub_403DDC(09f3): KERNEL32.Sleep |
sub_41AFC9(0a41): KERNEL32.HeapCreate KERNEL32.HeapDestroy |
sub_407B48(0e33): KERNEL32.CreateThread KERNEL32.Sleep |
sub_40B584(13a0): KERNEL32.GetTempPathA KERNEL32.WriteFile KERNEL32.SetFileAttributesA KERNEL32.ExpandEnvironmentStringsA KERNEL32.CreateProcessA |
sub_403C9C(13e2): KERNEL32.Sleep |
sub_41FEA9(17da): KERNEL32.GetStdHandle KERNEL32.WriteFile |
sub_40321F(180d): WS2_32.gethostname WS2_32.gethostbyname WS2_32.WSAGetLastError KERNEL32.ExitThread WS2_32.WSAIoctl |
sub_416550(18ca): KERNEL32.GetTickCount |
sub_4082D7(18cd): KERNEL32.InitializeCriticalSectionAndSpinCount KERNEL32.CreateThread KERNEL32.ExitThread |
sub_42228A(1b4d): KERNEL32.SetEndOfFile |
sub_4035F5(1ea6): KERNEL32.MultiByteToWideChar |
sub_40BF14(1ee6): KERNEL32.PeekNamedPipe KERNEL32.GetExitCodeProcess KERNEL32.Sleep KERNEL32.ExitThread |
sub_41755A(1fc3): KERNEL32.TerminateThread |
sub_402703(20a1): USER32.GetForegroundWindow USER32.GetWindowTextA KERNEL32.Sleep USER32.GetAsyncKeyState USER32.GetKeyState KERNEL32.ExitThread |
sub_420CA2(2434): KERNEL32.SetStdHandle |
sub_40E518(2443): ADVAPI32.OpenSCManagerA ADVAPI32.EnumServicesStatusA ADVAPI32.CloseServiceHandle |
sub_4010B2(2462): WS2_32.WSASocketA KERNEL32.QueryPerformanceFrequency KERNEL32.QueryPerformanceCounter WS2_32.sendto WS2_32.WSAGetLastError |
sub_40E84D(2639): ADVAPI32.IsValidSecurityDescriptor |
sub_40182F(27be): IPHLPAPI.IcmpCreateFile WS2_32.gethostbyname KERNEL32.ExitThread IPHLPAPI.IcmpSendEcho IPHLPAPI.IcmpCloseHandle |
sub_416AC7(2951): KERNEL32.ExitThread |
sub_42280C(2ad5): KERNEL32.CompareStringW KERNEL32.CompareStringA KERNEL32.GetCPInfo KERNEL32.MultiByteToWideChar |
sub_40C3BE(2bc2): KERNEL32.GetVersionExA WS2_32.gethostbyaddr KERNEL32.GetSystemDirectoryA KERNEL32.GetDateFormatA KERNEL32.GetTimeFormatA KERNEL32.GlobalMemoryStatus |
sub_423316(2d4a): KERNEL32.RaiseException |
sub_40B377(33c9): KERNEL32.FormatMessageA |
sub_409338(3838): USER32.IsWindow USER32.SendMessageA USER32.DestroyWindow |
sub_409E8F(3e01): KERNEL32.OpenProcess KERNEL32.GetSystemInfo KERNEL32.VirtualQueryEx KERNEL32.ReadProcessMemory |
sub_401E07(3e4e): WS2_32.WSASocketA KERNEL32.QueryPerformanceFrequency KERNEL32.QueryPerformanceCounter WS2_32.sendto WS2_32.WSAGetLastError |
sub_4086BE(3f56): WS2_32.gethostbyname WS2_32.gethostbyaddr KERNEL32.CreateThread KERNEL32.ExitThread KERNEL32.Sleep |
sub_40E2F8(3f5e): ADVAPI32.OpenSCManagerA ADVAPI32.OpenServiceA ADVAPI32.ControlService ADVAPI32.StartServiceA ADVAPI32.DeleteService ADVAPI32.CloseServiceHandle |
sub_40564B(415b): WS2_32.inet_addr WS2_32.htons WS2_32.socket WS2_32.connect WS2_32.send WS2_32.closesocket |
sub_40FCA3(41e2): KERNEL32.CreateThread KERNEL32.Sleep WS2_32.gethostbyname KERNEL32.GetTickCount SHELL32.ShellExecuteA WS2_32.getsockname KERNEL32.MoveFileA KERNEL32.CreateProcessA KERNEL32.GetTempPathA KERNEL32.DeleteFileA WS2_32.gethostbyaddr KERNEL32.TerminateThread KERNEL32.GetSystemDirectoryA |
sub_40CBE8(423d): KERNEL32.ExitThread |
sub_41615A(42a4): KERNEL32.CreateToolhelp32Snapshot KERNEL32.Process32First KERNEL32.Process32Next KERNEL32.lstrcmpi KERNEL32.TerminateProcess KERNEL32.Module32First |
sub_41F41F(44bc): KERNEL32.GetCPInfo |
sub_40CE49(45b1): WS2_32.gethostbyname |
sub_41CB2B(4634): "KERNEL32" "IsProcessorFeaturePresent" |
sub_420D19(4712): KERNEL32.SetStdHandle |
sub_40F8D6(47f0): KERNEL32.Sleep KERNEL32.GetSystemDirectoryA KERNEL32.CreateThread |
sub_406C89(4936): KERNEL32.FileTimeToLocalFileTime KERNEL32.FileTimeToSystemTime KERNEL32.Sleep |
sub_42011F(4c09): KERNEL32.WideCharToMultiByte |
sub_407F42(4d05): WS2_32.htonl |
sub_40B862(4fad): WS2_32.gethostbyname |
sub_40852E(5212): WS2_32.WSAAsyncSelect KERNEL32.CreateThread KERNEL32.Sleep KERNEL32.ExitThread |
sub_420187(5682): KERNEL32.GetStringTypeW KERNEL32.GetStringTypeA KERNEL32.MultiByteToWideChar |
sub_40C308(5868): KERNEL32.Sleep |
sub_41A109(588b): KERNEL32.MultiByteToWideChar |
sub_41BE65(58ed): KERNEL32.VirtualAlloc |
sub_40D090(5922): WS2_32.getsockname KERNEL32.ExitThread |
sub_408943(59de): KERNEL32.CreateThread KERNEL32.Sleep KERNEL32.ExitThread |
sub_40C271(5b11): KERNEL32.GetVersionExA |
sub_420A8A(5b1a): KERNEL32.MultiByteToWideChar |
sub_404B02(5cd5): WS2_32.send |
sub_40BA1B(63bc): KERNEL32.GetVersionExA |
sub_41B77C(64eb): KERNEL32.VirtualAlloc |
sub_417169(655e): KERNEL32.Sleep |
sub_423650(670f): KERNEL32.GetStringTypeW KERNEL32.GetStringTypeA KERNEL32.WideCharToMultiByte |
sub_408F04(6744): GDI32.CreateDCA GDI32.GetDeviceCaps GDI32.CreateCompatibleDC GDI32.CreateDIBSection GDI32.SelectObject GDI32.BitBlt GDI32.GetDIBColorTable KERNEL32.WriteFile GDI32.DeleteObject GDI32.DeleteDC |
sub_40B89A(6848): IPHLPAPI.GetIpNetTable IPHLPAPI.DeleteIpNetEntry |
sub_40BA6A(6de2): KERNEL32.MultiByteToWideChar |
sub_41F77B(6fd7): KERNEL32.UnhandledExceptionFilter |
sub_40B70C(72c4): KERNEL32.WriteFile KERNEL32.CreateProcessA |
sub_40CB08(769c): KERNEL32.GetLocalTime |
sub_401444(76ce): WS2_32.WSAGetLastError KERNEL32.ExitThread WS2_32.sendto |
sub_40F1EA(7790): KERNEL32.SetErrorMode KERNEL32.CreateMutexA KERNEL32.WaitForSingleObject KERNEL32.GetSystemDirectoryA KERNEL32.SetFileAttributesA KERNEL32.Sleep KERNEL32.GetCurrentProcessId KERNEL32.OpenProcess KERNEL32.CreateProcessA KERNEL32.DeleteFileA ADVAPI32.RegCreateKeyExA ADVAPI32.RegSetValueExA ADVAPI32.RegCloseKey WININET.InternetGetConnectedState |
sub_4210F5(79b7): KERNEL32.GetTimeZoneInformation |
sub_420A23(7ae4): KERNEL32.IsBadReadPtr |
sub_420A3F(7ae4): KERNEL32.IsBadWritePtr |
sub_41C325(7d62): KERNEL32.RaiseException |
sub_41AE81(7de0): KERNEL32.GetVersionExA KERNEL32.GetEnvironmentVariableA |
sub_401D6B(81a6): KERNEL32.ExitThread |
sub_401BD2(81a6): KERNEL32.ExitThread |
sub_4233C5(81ee): KERNEL32.LCMapStringW KERNEL32.LCMapStringA KERNEL32.WideCharToMultiByte KERNEL32.MultiByteToWideChar |
sub_40D66D(8232): WININET.InternetOpenUrlA KERNEL32.ExitThread KERNEL32.GetTickCount WININET.InternetReadFile KERNEL32.WriteFile SHELL32.ShellExecuteA KERNEL32.CreateProcessA WININET.InternetCloseHandle |
sub_40BE8D(8233): KERNEL32.Sleep |
sub_41FC5D(8a76): KERNEL32.GetEnvironmentStrings KERNEL32.FreeEnvironmentStringsW KERNEL32.FreeEnvironmentStringsA |
sub_40E1D6(8ab9): KERNEL32.Sleep |
sub_41878C(8af0): NTDLL.RtlUnwind |
sub_40DC01(8be3): KERNEL32.GetDriveTypeA |
sub_420E27(8dd2): KERNEL32.GetFileType |
sub_40B401(8e50): USER32.OpenClipboard USER32.GetClipboardData KERNEL32.GlobalLock KERNEL32.GlobalUnlock USER32.CloseClipboard |
sub_40A053(8eb7): KERNEL32.GetProcessHeap |
sub_4160EF(9041): KERNEL32.GetCurrentProcess ADVAPI32.OpenProcessToken ADVAPI32.LookupPrivilegeValueA ADVAPI32.AdjustTokenPrivileges |
sub_406361(90c5): WS2_32.send WS2_32.closesocket WS2_32.WSACleanup |
sub_416380(90ec): KERNEL32.ExitThread |
sub_40CECF(92f4): KERNEL32.ExitThread KERNEL32.Sleep |
sub_40CD88(931c): KERNEL32.Sleep |
sub_40FB24(9449): KERNEL32.Sleep |
sub_40913F(97cf): USER32.IsWindow USER32.SendMessageA USER32.DestroyWindow |
sub_41BCB1(981a): KERNEL32.VirtualFree |
sub_40C069(9ac1): KERNEL32.DuplicateHandle KERNEL32.CreateProcessA KERNEL32.CreateThread |
sub_402110(9c54): WS2_32.WSAGetLastError KERNEL32.ExitThread WS2_32.sendto |
sub_4088A6(9d6e): KERNEL32.ExitThread |
sub_40B562(9dbe): USER32.ExitWindowsEx |
sub_41A30A(a056): KERNEL32.DeleteFileA |
sub_40C7E2(a1da): WININET.InternetCrackUrlA WININET.InternetConnectA WININET.HttpOpenRequestA WININET.HttpSendRequestA WININET.InternetCloseHandle KERNEL32.ExitThread |
sub_416E4D(a225): ADVAPI32.RegOpenKeyExA ADVAPI32.RegSetValueExA ADVAPI32.RegCloseKey KERNEL32.GetLogicalDrives KERNEL32.GetDriveTypeA |
sub_409990(a369): KERNEL32.ExitThread |
sub_401C6E(a464): WS2_32.socket WS2_32.ioctlsocket WS2_32.connect KERNEL32.Sleep WS2_32.closesocket |
sub_405D1B(a7f2): WS2_32.WSAStartup WS2_32.socket WS2_32.setsockopt WS2_32.ioctlsocket WS2_32.htons WS2_32.bind WS2_32.listen WS2_32.select WS2_32.__WSAFDIsSet WS2_32.accept WS2_32.recv WS2_32.closesocket |
sub_40B4BE(a7f9): KERNEL32.GetFileTime KERNEL32.SetFileTime |
sub_41EE0F(a93f): KERNEL32.LCMapStringW KERNEL32.LCMapStringA KERNEL32.MultiByteToWideChar KERNEL32.WideCharToMultiByte |
sub_40730A(a941): WS2_32.WSAGetLastError |
sub_401000(aa06): KERNEL32.GetTickCount KERNEL32.ExitThread |
sub_408B47(aaa7): KERNEL32.ExitThread WS2_32.WSAGetLastError |
sub_4036D8(ae06): KERNEL32.MultiByteToWideChar KERNEL32.Sleep |
sub_4080C3(ae10): KERNEL32.GetTickCount KERNEL32.Sleep KERNEL32.ExitThread |
sub_4062E4(b00a): WS2_32.WSAStartup WS2_32.socket WS2_32.inet_addr WS2_32.htons WS2_32.connect WS2_32.closesocket WS2_32.WSACleanup |
sub_40CD17(b218): ADVAPI32.RegCreateKeyExA ADVAPI32.RegSetValueExA ADVAPI32.RegDeleteValueA ADVAPI32.RegCloseKey |
sub_40B972(b5e6): WS2_32.getsockname |
StartAddress(b70f): KERNEL32.GetDateFormatA KERNEL32.GetTimeFormatA KERNEL32.ExitThread |
sub_40D432(bb71): KERNEL32.GetSystemDirectoryA KERNEL32.ExitThread |
sub_419597(c035): KERNEL32.GetLocalTime KERNEL32.GetSystemTime KERNEL32.GetTimeZoneInformation |
sub_422AB4(c2c9): KERNEL32.SetEnvironmentVariableA |
sub_420A5B(c341): KERNEL32.IsBadCodePtr |
sub_41748A(c54b): KERNEL32.ExitThread |
sub_41645E(c651): KERNEL32.OpenProcess KERNEL32.TerminateProcess |
sub_40B43C(c66c): USER32.FindWindowA USER32.SendMessageA |
sub_402BB1(c709): WS2_32.WSAGetLastError KERNEL32.ExitThread WS2_32.WSAIoctl |
sub_40DE7F(c71b): KERNEL32.GetLogicalDriveStringsA |
sub_4184E8(cba9): NTDLL.RtlUnwind |
sub_41B6CB(cbe8): KERNEL32.VirtualAlloc |
sub_407516(cc1e): KERNEL32.Sleep WS2_32.WSAGetLastError KERNEL32.ExitThread WS2_32.recvfrom WS2_32.sendto |
sub_4167FE(cd8b): KERNEL32.GetTickCount USER32.FindWindowA |
sub_40F12C(cde8): KERNEL32.GetComputerNameA |
sub_416B27(cfaa): ADVAPI32.RegOpenKeyExA ADVAPI32.RegSetValueExA ADVAPI32.RegCloseKey |
sub_40BE55(d227): KERNEL32.WriteFile |
sub_4069DA(d55f): KERNEL32.CreateThread KERNEL32.Sleep |
sub_40DF02(dbcf): KERNEL32.GetSystemDirectoryA KERNEL32.CreateProcessA |
sub_41BB6D(df93): KERNEL32.VirtualFree |
sub_40C21E(e5dd): KERNEL32.GetTickCount |
sub_416495(e5de): KERNEL32.Sleep |
sub_409CEB(e69e): KERNEL32.OpenProcess KERNEL32.GetSystemInfo KERNEL32.VirtualQueryEx KERNEL32.FileTimeToLocalFileTime KERNEL32.FileTimeToSystemTime |
sub_406428(eba1): WS2_32.WSAGetLastError KERNEL32.ExitThread |
sub_4164B5(ec5e): KERNEL32.GetTickCount |
sub_409577(f12f): ADVAPI32.RegOpenKeyExA ADVAPI32.RegQueryValueExA ADVAPI32.RegCloseKey |
sub_4019BB(f38b): KERNEL32.GetTickCount WS2_32.gethostbyname KERNEL32.ExitThread WS2_32.sendto KERNEL32.Sleep |
sub_40495F(f4d1): WS2_32.select WS2_32.__WSAFDIsSet |
sub_4169D6(f72d): KERNEL32.CreateThread WS2_32.htonl |
sub_420DD0(fcd6): KERNEL32.FlushFileBuffers |
sub_41BD07(ffe7): KERNEL32.VirtualFree |