f743182a6555673c7486d4d79d1cde7a18196a7812ab84d65a5f0481eb213bde[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

f743182a6555673c7486d4d79d1cde7a18196a7812ab84d65a5f0481eb213bde.zip.zip
Size

10.0MB
MD5

c85a294f1770b15d43648de0390dbf99
SHA1

475b2cf1e2ffbaa11e369bcf10bbf9f2ac412602
SHA256

d06a7b61f044509f331792b44f78aaa9979faebb51ce4b84cc0643764e1feefc
SHA512

272c83a4ba805e1465b42502109def38b1d23552366d54c7fd5e38ba716a34852c51f60fe5c7487f4d3c49c3e91fe08c9d68a092f0c1353753edc13cfafce6b7
SSDEEP

196608:1K2CM0cSOo6MHcK9VNkCBhvzLPXDgXRJ7ZSxU2aV:EVMHoaKXOizzcRJgU2M

Score

3^/10

Malware Config

Signatures

Unsigned PE 33 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Cisco Router Simulator (sybex)/Install.exe
unpack003/Install.exe
unpack003/clcd32.dll
unpack003/clokspl.exe
unpack003/dplayerx.dll
unpack003/drvmgt.dll
unpack003/secdrv.sys
unpack003/tb60run.exe
unpack004/Install.exe
unpack004/clcd32.dll
unpack004/clokspl.exe
unpack004/dplayerx.dll
unpack004/drvmgt.dll
unpack004/secdrv.sys
unpack004/tb60run.exe
unpack005/Install.exe
unpack005/clcd32.dll
unpack005/clokspl.exe
unpack005/dplayerx.dll
unpack005/drvmgt.dll
unpack005/secdrv.sys
unpack005/tb60run.exe
unpack007/clcd32.dll
unpack007/clokspl.exe
unpack007/dplayerx.dll
unpack007/drvmgt.dll
unpack007/tb60run.exe
unpack002/Cisco Router Simulator (sybex)/clcd32.dll
unpack002/Cisco Router Simulator (sybex)/clokspl.exe
unpack002/Cisco Router Simulator (sybex)/dplayerx.dll
unpack002/Cisco Router Simulator (sybex)/drvmgt.dll
unpack002/Cisco Router Simulator (sybex)/secdrv.sys
unpack002/Cisco Router Simulator (sybex)/tb60run.exe

Files

f743182a6555673c7486d4d79d1cde7a18196a7812ab84d65a5f0481eb213bde.zip.zip
.zip

Password: infected
f743182a6555673c7486d4d79d1cde7a18196a7812ab84d65a5f0481eb213bde.zip
.zip
Cisco Router Simulator (sybex)/00000001.TMP
Cisco Router Simulator (sybex)/00000409.016
Cisco Router Simulator (sybex)/00000409.256
Cisco Router Simulator (sybex)/ALOHAripz.nfo
Cisco Router Simulator (sybex)/HOM.nfo
Cisco Router Simulator (sybex)/Install.exe
.exe windows:4 windows x86

52304e2a18fa5608f4f4aeb8041c7da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetCommandLineA
SetErrorMode
GetModuleHandleA
MulDiv
GetTempFileNameA
GetModuleFileNameA
lstrlenA
_lclose
lstrcpyA
FormatMessageA
lstrcatA
GetLastError
_lwrite
_llseek
GlobalUnlock
GlobalFree
GlobalAlloc
_lopen
GetProcAddress
_lcreat
LoadLibraryA
GetVersionExA
FreeLibrary
OpenFile
ExitProcess
GetCurrentProcess
WinExec
GetTempPathA
_lread
LocalFree
GetWindowsDirectoryA
GlobalLock

user32

GetDC
DrawTextA
EndPaint
InvalidateRect
PostQuitMessage
SendMessageA
DefWindowProcA
GetClientRect
CreateWindowExA
BeginPaint
ReleaseDC
SetWindowPos
ShowWindow
UpdateWindow
SetTimer
LoadIconA
RegisterClassA
MessageBoxA
ExitWindowsEx
LoadCursorA

gdi32

DeleteObject
PatBlt
CreateSolidBrush
GetDeviceCaps
SetTextColor
SetBkMode
TextOutA
StretchDIBits
CreateFontA
SelectObject
SelectPalette
CreatePalette
RealizePalette
GetStockObject

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Exports

Exports

_MainWndProc@16
_StubFileWrite@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/Readme.txt
Cisco Router Simulator (sybex)/arccnavl.001
.rar
00000001.TMP
00000409.016
00000409.256
Install.exe
.exe windows:4 windows x86

52304e2a18fa5608f4f4aeb8041c7da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetCommandLineA
SetErrorMode
GetModuleHandleA
MulDiv
GetTempFileNameA
GetModuleFileNameA
lstrlenA
_lclose
lstrcpyA
FormatMessageA
lstrcatA
GetLastError
_lwrite
_llseek
GlobalUnlock
GlobalFree
GlobalAlloc
_lopen
GetProcAddress
_lcreat
LoadLibraryA
GetVersionExA
FreeLibrary
OpenFile
ExitProcess
GetCurrentProcess
WinExec
GetTempPathA
_lread
LocalFree
GetWindowsDirectoryA
GlobalLock

user32

GetDC
DrawTextA
EndPaint
InvalidateRect
PostQuitMessage
SendMessageA
DefWindowProcA
GetClientRect
CreateWindowExA
BeginPaint
ReleaseDC
SetWindowPos
ShowWindow
UpdateWindow
SetTimer
LoadIconA
RegisterClassA
MessageBoxA
ExitWindowsEx
LoadCursorA

gdi32

DeleteObject
PatBlt
CreateSolidBrush
GetDeviceCaps
SetTextColor
SetBkMode
TextOutA
StretchDIBits
CreateFontA
SelectObject
SelectPalette
CreatePalette
RealizePalette
GetStockObject

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Exports

Exports

_MainWndProc@16
_StubFileWrite@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme.txt
clcd16.dll
clcd32.dll
.dll windows:4 windows x86

07bcffb1f82feb7a242fdad899ace521

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Exports

Exports

_GetIDT_If32@8
_GetRMInts_If32@8
_GetV86Vector_If32@12
_GetVectors_If32@8
_InitIV_32@12
_InitVectors_32@8
_IsLoadComplete_32@4
_SetIDT_If32@8
_SetV86Vector_If32@12
_SetVectors_If32@16
thk_ThunkData32

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clokspl.exe
.exe windows:4 windows x86

503b8663acf52579007e3ef9afa85466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
HeapDestroy
HeapCreate
HeapReAlloc
GetCPInfo
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
EnterCriticalSection
TerminateProcess
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CloseHandle
MulDiv
InterlockedDecrement
GlobalFree
ExitProcess
RaiseException
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
WritePrivateProfileStringA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
SetLastError
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
LeaveCriticalSection
GlobalReAlloc
FindResourceA
LoadResource
LCMapStringW
GlobalHandle
LockResource
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
IsBadReadPtr
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
GetFileAttributesA
GlobalGetAtomNameA
GetModuleFileNameA
GetCommandLineA
GetVersion
GlobalAddAtomA
lstrcatA
GlobalUnlock
lstrcpynA
GlobalLock
lstrlenA
lstrcpyA

user32

EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
SetWindowTextA
LoadBitmapA
GetMenuCheckMarkDimensions
IsZoomed
OffsetRect
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
PostQuitMessage
ShowOwnedPopups
MessageBoxA
GetClassNameA
PtInRect
ClientToScreen
GetSysColorBrush
FindWindowA
FillRect
IsRectEmpty
SetTimer
KillTimer
WindowFromPoint
SetRect
DeleteMenu
CharUpperA
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
IntersectRect
SetParent
AppendMenuA
GetSystemMenu
InvertRect
DispatchMessageA
AdjustWindowRectEx
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetSysColor
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
IsDialogMessageA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
GetClassInfoA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
LoadMenuA
GetSubMenu
GetCursorPos
GetMenuItemID
LoadIconA
InvalidateRect
LoadImageA
ReleaseDC
GetWindowRect
ScreenToClient
GetDesktopWindow
GetDC
LoadCursorA
UpdateWindow
EnableWindow
SetForegroundWindow
SendMessageA
GetNextDlgTabItem
EndDialog
GetSystemMetrics
CreateDialogIndirectParamA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
SetWindowsHookExA
CallNextHookEx
DestroyWindow
GetForegroundWindow
UnhookWindowsHookEx
CreateWindowExA
UnregisterClassA

gdi32

GetObjectA
BitBlt
RealizePalette
CreateCompatibleDC
CreateHalftonePalette
DeleteDC
CreatePalette
GetDIBColorTable
SelectObject
SetTextColor
SetBkColor
CreateBitmap
GetTextExtentPointA
GetTextMetricsA
SaveDC
RestoreDC
GetStockObject
SelectPalette
DeleteObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetTextAlign
CreateRectRgn
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetDeviceCaps
SetBkMode

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dplayerx.dll
.dll windows:4 windows x86

107e3805db57d4abee900f1f1e35183c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
HeapAlloc
LeaveCriticalSection
GetProcAddress
HeapFree
EnterCriticalSection
InitializeCriticalSection
HeapCreate
GetCurrentProcessId
GetModuleHandleA
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
CloseHandle
VirtualAlloc
ReadFile
SetFilePointer
WriteFile
GetLastError
LoadLibraryA
GetModuleFileNameA
LoadLibraryExA
GetVersionExA
CreateFileA
DeviceIoControl
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetCurrentProcess
SetLastError
TlsGetValue
HeapDestroy
VirtualFree
DeleteCriticalSection
HeapReAlloc
LCMapStringA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetStringTypeW
LCMapStringW
GetStringTypeA
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

GetKeyboardType
wsprintfA

Exports

Exports

Ox77F052CC
_DllMain@12

Sections

.txt
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt2
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drvmgt.dll
.dll windows:4 windows x86

9dfafe4e7d6597e0f3e491f2f25e9f7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
Sleep
CopyFileA
GetSystemDirectoryA
lstrlenA
CreateFileA
GetLastError
DeviceIoControl
HeapDestroy
GetCurrentProcess
GetCurrentThreadId
HeapAlloc
SetFileAttributesA
GetFileAttributesA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
CloseHandle
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetModuleFileNameA
FreeEnvironmentStringsA
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WideCharToMultiByte
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
LoadLibraryA
FlushFileBuffers
SetFilePointer

user32

wsprintfA

advapi32

RegOpenKeyExA
OpenServiceA
RegEnumKeyExA
StartServiceA
OpenSCManagerA
QueryServiceStatus
DeleteService
CloseServiceHandle
CreateServiceA
GetSecurityDescriptorDacl
ControlService
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
GetAclInformation
QueryServiceObjectSecurity
SetServiceObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce

Exports

Exports

Remove
Setup
_DllMain@12

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
secdrv.sys
.sys windows:4 windows x86

cd677f815991df945ddc3c12b847c752

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
NtBuildNumber
RtlEqualUnicodeString
RtlInitUnicodeString
IofCompleteRequest
RtlQueryRegistryValues
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
KeTickCount

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 160B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tb60run.exe
.exe windows:4 windows x86

18ceae1b33a5c287cf775dd87ad29711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

tb60w32

ord69

user32

SendMessageA
DestroyWindow
ShowWindow
GetSystemMetrics
EnumWindows
wsprintfA
GetClassNameA
MessageBoxA
OemToCharA
WaitForInputIdle
InvalidateRect
GetDC
ReleaseDC
GetWindowLongA
BeginPaint
EndPaint
DefWindowProcA
SetWindowLongA
MoveWindow
RegisterClassA
CreateWindowExA
UpdateWindow

gdi32

GetStockObject
DeleteObject
SelectPalette
RealizePalette
StretchDIBits
CreatePalette

kernel32

lstrcpynA
LocalFree
LocalAlloc
GetProcAddress
GetStringTypeW
LoadLibraryA
VirtualAlloc
LCMapStringW
GetStringTypeA
WriteFile
RtlUnwind
LCMapStringA
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetACP
GetCPInfo
GetOEMCP
CloseHandle
ReleaseSemaphore
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
lstrlenA
Sleep
WaitForSingleObject
CreateSemaphoreA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
GetVersionExA
lstrcmpA
GetLastError
CreateMutexA
ReleaseMutex
OpenMutexA
WinExec
CreateProcessA
lstrcatA
GetCurrentDirectoryA
lstrcmpiA
GetPrivateProfileStringA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
GetModuleHandleA
GetDriveTypeA
LockResource
LoadResource
FindResourceA
FreeResource
GetWindowsDirectoryA
OpenFile
GetVersion
HeapFree
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetFullPathNameA
GetEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
UnhandledExceptionFilter
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA

advapi32

RegOpenKeyA
RegQueryValueA
RegCloseKey

Exports

Exports

_CreateMutex32@4
_ReleaseMutex32@4
_WaitForSingleObject32@8

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/arccnavl.002
.rar
00000001.TMP
00000409.016
00000409.256
Install.exe
.exe windows:4 windows x86

52304e2a18fa5608f4f4aeb8041c7da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetCommandLineA
SetErrorMode
GetModuleHandleA
MulDiv
GetTempFileNameA
GetModuleFileNameA
lstrlenA
_lclose
lstrcpyA
FormatMessageA
lstrcatA
GetLastError
_lwrite
_llseek
GlobalUnlock
GlobalFree
GlobalAlloc
_lopen
GetProcAddress
_lcreat
LoadLibraryA
GetVersionExA
FreeLibrary
OpenFile
ExitProcess
GetCurrentProcess
WinExec
GetTempPathA
_lread
LocalFree
GetWindowsDirectoryA
GlobalLock

user32

GetDC
DrawTextA
EndPaint
InvalidateRect
PostQuitMessage
SendMessageA
DefWindowProcA
GetClientRect
CreateWindowExA
BeginPaint
ReleaseDC
SetWindowPos
ShowWindow
UpdateWindow
SetTimer
LoadIconA
RegisterClassA
MessageBoxA
ExitWindowsEx
LoadCursorA

gdi32

DeleteObject
PatBlt
CreateSolidBrush
GetDeviceCaps
SetTextColor
SetBkMode
TextOutA
StretchDIBits
CreateFontA
SelectObject
SelectPalette
CreatePalette
RealizePalette
GetStockObject

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Exports

Exports

_MainWndProc@16
_StubFileWrite@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme.txt
clcd16.dll
clcd32.dll
.dll windows:4 windows x86

07bcffb1f82feb7a242fdad899ace521

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Exports

Exports

_GetIDT_If32@8
_GetRMInts_If32@8
_GetV86Vector_If32@12
_GetVectors_If32@8
_InitIV_32@12
_InitVectors_32@8
_IsLoadComplete_32@4
_SetIDT_If32@8
_SetV86Vector_If32@12
_SetVectors_If32@16
thk_ThunkData32

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clokspl.exe
.exe windows:4 windows x86

503b8663acf52579007e3ef9afa85466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
HeapDestroy
HeapCreate
HeapReAlloc
GetCPInfo
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
EnterCriticalSection
TerminateProcess
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CloseHandle
MulDiv
InterlockedDecrement
GlobalFree
ExitProcess
RaiseException
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
WritePrivateProfileStringA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
SetLastError
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
LeaveCriticalSection
GlobalReAlloc
FindResourceA
LoadResource
LCMapStringW
GlobalHandle
LockResource
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
IsBadReadPtr
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
GetFileAttributesA
GlobalGetAtomNameA
GetModuleFileNameA
GetCommandLineA
GetVersion
GlobalAddAtomA
lstrcatA
GlobalUnlock
lstrcpynA
GlobalLock
lstrlenA
lstrcpyA

user32

EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
SetWindowTextA
LoadBitmapA
GetMenuCheckMarkDimensions
IsZoomed
OffsetRect
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
PostQuitMessage
ShowOwnedPopups
MessageBoxA
GetClassNameA
PtInRect
ClientToScreen
GetSysColorBrush
FindWindowA
FillRect
IsRectEmpty
SetTimer
KillTimer
WindowFromPoint
SetRect
DeleteMenu
CharUpperA
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
IntersectRect
SetParent
AppendMenuA
GetSystemMenu
InvertRect
DispatchMessageA
AdjustWindowRectEx
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetSysColor
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
IsDialogMessageA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
GetClassInfoA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
LoadMenuA
GetSubMenu
GetCursorPos
GetMenuItemID
LoadIconA
InvalidateRect
LoadImageA
ReleaseDC
GetWindowRect
ScreenToClient
GetDesktopWindow
GetDC
LoadCursorA
UpdateWindow
EnableWindow
SetForegroundWindow
SendMessageA
GetNextDlgTabItem
EndDialog
GetSystemMetrics
CreateDialogIndirectParamA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
SetWindowsHookExA
CallNextHookEx
DestroyWindow
GetForegroundWindow
UnhookWindowsHookEx
CreateWindowExA
UnregisterClassA

gdi32

GetObjectA
BitBlt
RealizePalette
CreateCompatibleDC
CreateHalftonePalette
DeleteDC
CreatePalette
GetDIBColorTable
SelectObject
SetTextColor
SetBkColor
CreateBitmap
GetTextExtentPointA
GetTextMetricsA
SaveDC
RestoreDC
GetStockObject
SelectPalette
DeleteObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetTextAlign
CreateRectRgn
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetDeviceCaps
SetBkMode

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dplayerx.dll
.dll windows:4 windows x86

107e3805db57d4abee900f1f1e35183c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
HeapAlloc
LeaveCriticalSection
GetProcAddress
HeapFree
EnterCriticalSection
InitializeCriticalSection
HeapCreate
GetCurrentProcessId
GetModuleHandleA
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
CloseHandle
VirtualAlloc
ReadFile
SetFilePointer
WriteFile
GetLastError
LoadLibraryA
GetModuleFileNameA
LoadLibraryExA
GetVersionExA
CreateFileA
DeviceIoControl
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetCurrentProcess
SetLastError
TlsGetValue
HeapDestroy
VirtualFree
DeleteCriticalSection
HeapReAlloc
LCMapStringA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetStringTypeW
LCMapStringW
GetStringTypeA
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

GetKeyboardType
wsprintfA

Exports

Exports

Ox77F052CC
_DllMain@12

Sections

.txt
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt2
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drvmgt.dll
.dll windows:4 windows x86

9dfafe4e7d6597e0f3e491f2f25e9f7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
Sleep
CopyFileA
GetSystemDirectoryA
lstrlenA
CreateFileA
GetLastError
DeviceIoControl
HeapDestroy
GetCurrentProcess
GetCurrentThreadId
HeapAlloc
SetFileAttributesA
GetFileAttributesA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
CloseHandle
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetModuleFileNameA
FreeEnvironmentStringsA
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WideCharToMultiByte
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
LoadLibraryA
FlushFileBuffers
SetFilePointer

user32

wsprintfA

advapi32

RegOpenKeyExA
OpenServiceA
RegEnumKeyExA
StartServiceA
OpenSCManagerA
QueryServiceStatus
DeleteService
CloseServiceHandle
CreateServiceA
GetSecurityDescriptorDacl
ControlService
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
GetAclInformation
QueryServiceObjectSecurity
SetServiceObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce

Exports

Exports

Remove
Setup
_DllMain@12

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
secdrv.sys
.sys windows:4 windows x86

cd677f815991df945ddc3c12b847c752

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
NtBuildNumber
RtlEqualUnicodeString
RtlInitUnicodeString
IofCompleteRequest
RtlQueryRegistryValues
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
KeTickCount

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 160B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tb60run.exe
.exe windows:4 windows x86

18ceae1b33a5c287cf775dd87ad29711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

tb60w32

ord69

user32

SendMessageA
DestroyWindow
ShowWindow
GetSystemMetrics
EnumWindows
wsprintfA
GetClassNameA
MessageBoxA
OemToCharA
WaitForInputIdle
InvalidateRect
GetDC
ReleaseDC
GetWindowLongA
BeginPaint
EndPaint
DefWindowProcA
SetWindowLongA
MoveWindow
RegisterClassA
CreateWindowExA
UpdateWindow

gdi32

GetStockObject
DeleteObject
SelectPalette
RealizePalette
StretchDIBits
CreatePalette

kernel32

lstrcpynA
LocalFree
LocalAlloc
GetProcAddress
GetStringTypeW
LoadLibraryA
VirtualAlloc
LCMapStringW
GetStringTypeA
WriteFile
RtlUnwind
LCMapStringA
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetACP
GetCPInfo
GetOEMCP
CloseHandle
ReleaseSemaphore
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
lstrlenA
Sleep
WaitForSingleObject
CreateSemaphoreA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
GetVersionExA
lstrcmpA
GetLastError
CreateMutexA
ReleaseMutex
OpenMutexA
WinExec
CreateProcessA
lstrcatA
GetCurrentDirectoryA
lstrcmpiA
GetPrivateProfileStringA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
GetModuleHandleA
GetDriveTypeA
LockResource
LoadResource
FindResourceA
FreeResource
GetWindowsDirectoryA
OpenFile
GetVersion
HeapFree
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetFullPathNameA
GetEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
UnhandledExceptionFilter
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA

advapi32

RegOpenKeyA
RegQueryValueA
RegCloseKey

Exports

Exports

_CreateMutex32@4
_ReleaseMutex32@4
_WaitForSingleObject32@8

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/arccnavl.003
.rar
00000001.TMP
00000409.016
00000409.256
Install.exe
.exe windows:4 windows x86

52304e2a18fa5608f4f4aeb8041c7da0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetCommandLineA
SetErrorMode
GetModuleHandleA
MulDiv
GetTempFileNameA
GetModuleFileNameA
lstrlenA
_lclose
lstrcpyA
FormatMessageA
lstrcatA
GetLastError
_lwrite
_llseek
GlobalUnlock
GlobalFree
GlobalAlloc
_lopen
GetProcAddress
_lcreat
LoadLibraryA
GetVersionExA
FreeLibrary
OpenFile
ExitProcess
GetCurrentProcess
WinExec
GetTempPathA
_lread
LocalFree
GetWindowsDirectoryA
GlobalLock

user32

GetDC
DrawTextA
EndPaint
InvalidateRect
PostQuitMessage
SendMessageA
DefWindowProcA
GetClientRect
CreateWindowExA
BeginPaint
ReleaseDC
SetWindowPos
ShowWindow
UpdateWindow
SetTimer
LoadIconA
RegisterClassA
MessageBoxA
ExitWindowsEx
LoadCursorA

gdi32

DeleteObject
PatBlt
CreateSolidBrush
GetDeviceCaps
SetTextColor
SetBkMode
TextOutA
StretchDIBits
CreateFontA
SelectObject
SelectPalette
CreatePalette
RealizePalette
GetStockObject

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

Exports

Exports

_MainWndProc@16
_StubFileWrite@12

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Readme.txt
clcd16.dll
clcd32.dll
.dll windows:4 windows x86

07bcffb1f82feb7a242fdad899ace521

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Exports

Exports

_GetIDT_If32@8
_GetRMInts_If32@8
_GetV86Vector_If32@12
_GetVectors_If32@8
_InitIV_32@12
_InitVectors_32@8
_IsLoadComplete_32@4
_SetIDT_If32@8
_SetV86Vector_If32@12
_SetVectors_If32@16
thk_ThunkData32

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clokspl.exe
.exe windows:4 windows x86

503b8663acf52579007e3ef9afa85466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
HeapDestroy
HeapCreate
HeapReAlloc
GetCPInfo
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
EnterCriticalSection
TerminateProcess
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CloseHandle
MulDiv
InterlockedDecrement
GlobalFree
ExitProcess
RaiseException
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
WritePrivateProfileStringA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
SetLastError
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
LeaveCriticalSection
GlobalReAlloc
FindResourceA
LoadResource
LCMapStringW
GlobalHandle
LockResource
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
IsBadReadPtr
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
GetFileAttributesA
GlobalGetAtomNameA
GetModuleFileNameA
GetCommandLineA
GetVersion
GlobalAddAtomA
lstrcatA
GlobalUnlock
lstrcpynA
GlobalLock
lstrlenA
lstrcpyA

user32

EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
SetWindowTextA
LoadBitmapA
GetMenuCheckMarkDimensions
IsZoomed
OffsetRect
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
PostQuitMessage
ShowOwnedPopups
MessageBoxA
GetClassNameA
PtInRect
ClientToScreen
GetSysColorBrush
FindWindowA
FillRect
IsRectEmpty
SetTimer
KillTimer
WindowFromPoint
SetRect
DeleteMenu
CharUpperA
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
IntersectRect
SetParent
AppendMenuA
GetSystemMenu
InvertRect
DispatchMessageA
AdjustWindowRectEx
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetSysColor
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
IsDialogMessageA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
GetClassInfoA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
LoadMenuA
GetSubMenu
GetCursorPos
GetMenuItemID
LoadIconA
InvalidateRect
LoadImageA
ReleaseDC
GetWindowRect
ScreenToClient
GetDesktopWindow
GetDC
LoadCursorA
UpdateWindow
EnableWindow
SetForegroundWindow
SendMessageA
GetNextDlgTabItem
EndDialog
GetSystemMetrics
CreateDialogIndirectParamA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
SetWindowsHookExA
CallNextHookEx
DestroyWindow
GetForegroundWindow
UnhookWindowsHookEx
CreateWindowExA
UnregisterClassA

gdi32

GetObjectA
BitBlt
RealizePalette
CreateCompatibleDC
CreateHalftonePalette
DeleteDC
CreatePalette
GetDIBColorTable
SelectObject
SetTextColor
SetBkColor
CreateBitmap
GetTextExtentPointA
GetTextMetricsA
SaveDC
RestoreDC
GetStockObject
SelectPalette
DeleteObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetTextAlign
CreateRectRgn
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetDeviceCaps
SetBkMode

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dplayerx.dll
.dll windows:4 windows x86

107e3805db57d4abee900f1f1e35183c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
HeapAlloc
LeaveCriticalSection
GetProcAddress
HeapFree
EnterCriticalSection
InitializeCriticalSection
HeapCreate
GetCurrentProcessId
GetModuleHandleA
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
CloseHandle
VirtualAlloc
ReadFile
SetFilePointer
WriteFile
GetLastError
LoadLibraryA
GetModuleFileNameA
LoadLibraryExA
GetVersionExA
CreateFileA
DeviceIoControl
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetCurrentProcess
SetLastError
TlsGetValue
HeapDestroy
VirtualFree
DeleteCriticalSection
HeapReAlloc
LCMapStringA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetStringTypeW
LCMapStringW
GetStringTypeA
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

GetKeyboardType
wsprintfA

Exports

Exports

Ox77F052CC
_DllMain@12

Sections

.txt
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt2
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drvmgt.dll
.dll windows:4 windows x86

9dfafe4e7d6597e0f3e491f2f25e9f7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
Sleep
CopyFileA
GetSystemDirectoryA
lstrlenA
CreateFileA
GetLastError
DeviceIoControl
HeapDestroy
GetCurrentProcess
GetCurrentThreadId
HeapAlloc
SetFileAttributesA
GetFileAttributesA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
CloseHandle
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetModuleFileNameA
FreeEnvironmentStringsA
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WideCharToMultiByte
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
LoadLibraryA
FlushFileBuffers
SetFilePointer

user32

wsprintfA

advapi32

RegOpenKeyExA
OpenServiceA
RegEnumKeyExA
StartServiceA
OpenSCManagerA
QueryServiceStatus
DeleteService
CloseServiceHandle
CreateServiceA
GetSecurityDescriptorDacl
ControlService
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
GetAclInformation
QueryServiceObjectSecurity
SetServiceObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce

Exports

Exports

Remove
Setup
_DllMain@12

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
secdrv.sys
.sys windows:4 windows x86

cd677f815991df945ddc3c12b847c752

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
NtBuildNumber
RtlEqualUnicodeString
RtlInitUnicodeString
IofCompleteRequest
RtlQueryRegistryValues
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
KeTickCount

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 160B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tb60run.exe
.exe windows:4 windows x86

18ceae1b33a5c287cf775dd87ad29711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

tb60w32

ord69

user32

SendMessageA
DestroyWindow
ShowWindow
GetSystemMetrics
EnumWindows
wsprintfA
GetClassNameA
MessageBoxA
OemToCharA
WaitForInputIdle
InvalidateRect
GetDC
ReleaseDC
GetWindowLongA
BeginPaint
EndPaint
DefWindowProcA
SetWindowLongA
MoveWindow
RegisterClassA
CreateWindowExA
UpdateWindow

gdi32

GetStockObject
DeleteObject
SelectPalette
RealizePalette
StretchDIBits
CreatePalette

kernel32

lstrcpynA
LocalFree
LocalAlloc
GetProcAddress
GetStringTypeW
LoadLibraryA
VirtualAlloc
LCMapStringW
GetStringTypeA
WriteFile
RtlUnwind
LCMapStringA
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetACP
GetCPInfo
GetOEMCP
CloseHandle
ReleaseSemaphore
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
lstrlenA
Sleep
WaitForSingleObject
CreateSemaphoreA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
GetVersionExA
lstrcmpA
GetLastError
CreateMutexA
ReleaseMutex
OpenMutexA
WinExec
CreateProcessA
lstrcatA
GetCurrentDirectoryA
lstrcmpiA
GetPrivateProfileStringA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
GetModuleHandleA
GetDriveTypeA
LockResource
LoadResource
FindResourceA
FreeResource
GetWindowsDirectoryA
OpenFile
GetVersion
HeapFree
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetFullPathNameA
GetEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
UnhandledExceptionFilter
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA

advapi32

RegOpenKeyA
RegQueryValueA
RegCloseKey

Exports

Exports

_CreateMutex32@4
_ReleaseMutex32@4
_WaitForSingleObject32@8

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/arccnavl.sfv
Cisco Router Simulator (sybex)/arcnavra.zip
.zip
ALOHAripz.nfo
arccnavl.001
.rar
00000409.016
00000409.256
clcd16.dll
clcd32.dll
.dll windows:4 windows x86

07bcffb1f82feb7a242fdad899ace521

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Exports

Exports

_GetIDT_If32@8
_GetRMInts_If32@8
_GetV86Vector_If32@12
_GetVectors_If32@8
_InitIV_32@12
_InitVectors_32@8
_IsLoadComplete_32@4
_SetIDT_If32@8
_SetV86Vector_If32@12
_SetVectors_If32@16
thk_ThunkData32

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
clokspl.exe
.exe windows:4 windows x86

503b8663acf52579007e3ef9afa85466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
HeapDestroy
HeapCreate
HeapReAlloc
GetCPInfo
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
EnterCriticalSection
TerminateProcess
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CloseHandle
MulDiv
InterlockedDecrement
GlobalFree
ExitProcess
RaiseException
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
WritePrivateProfileStringA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
SetLastError
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
LeaveCriticalSection
GlobalReAlloc
FindResourceA
LoadResource
LCMapStringW
GlobalHandle
LockResource
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
IsBadReadPtr
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
GetFileAttributesA
GlobalGetAtomNameA
GetModuleFileNameA
GetCommandLineA
GetVersion
GlobalAddAtomA
lstrcatA
GlobalUnlock
lstrcpynA
GlobalLock
lstrlenA
lstrcpyA

user32

EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
SetWindowTextA
LoadBitmapA
GetMenuCheckMarkDimensions
IsZoomed
OffsetRect
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
PostQuitMessage
ShowOwnedPopups
MessageBoxA
GetClassNameA
PtInRect
ClientToScreen
GetSysColorBrush
FindWindowA
FillRect
IsRectEmpty
SetTimer
KillTimer
WindowFromPoint
SetRect
DeleteMenu
CharUpperA
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
IntersectRect
SetParent
AppendMenuA
GetSystemMenu
InvertRect
DispatchMessageA
AdjustWindowRectEx
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetSysColor
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
IsDialogMessageA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
GetClassInfoA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
LoadMenuA
GetSubMenu
GetCursorPos
GetMenuItemID
LoadIconA
InvalidateRect
LoadImageA
ReleaseDC
GetWindowRect
ScreenToClient
GetDesktopWindow
GetDC
LoadCursorA
UpdateWindow
EnableWindow
SetForegroundWindow
SendMessageA
GetNextDlgTabItem
EndDialog
GetSystemMetrics
CreateDialogIndirectParamA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
SetWindowsHookExA
CallNextHookEx
DestroyWindow
GetForegroundWindow
UnhookWindowsHookEx
CreateWindowExA
UnregisterClassA

gdi32

GetObjectA
BitBlt
RealizePalette
CreateCompatibleDC
CreateHalftonePalette
DeleteDC
CreatePalette
GetDIBColorTable
SelectObject
SetTextColor
SetBkColor
CreateBitmap
GetTextExtentPointA
GetTextMetricsA
SaveDC
RestoreDC
GetStockObject
SelectPalette
DeleteObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetTextAlign
CreateRectRgn
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetDeviceCaps
SetBkMode

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
dplayerx.dll
.dll windows:4 windows x86

107e3805db57d4abee900f1f1e35183c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
HeapAlloc
LeaveCriticalSection
GetProcAddress
HeapFree
EnterCriticalSection
InitializeCriticalSection
HeapCreate
GetCurrentProcessId
GetModuleHandleA
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
CloseHandle
VirtualAlloc
ReadFile
SetFilePointer
WriteFile
GetLastError
LoadLibraryA
GetModuleFileNameA
LoadLibraryExA
GetVersionExA
CreateFileA
DeviceIoControl
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetCurrentProcess
SetLastError
TlsGetValue
HeapDestroy
VirtualFree
DeleteCriticalSection
HeapReAlloc
LCMapStringA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetStringTypeW
LCMapStringW
GetStringTypeA
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

GetKeyboardType
wsprintfA

Exports

Exports

Ox77F052CC
_DllMain@12

Sections

.txt
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt2
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
drvmgt.dll
.dll windows:4 windows x86

9dfafe4e7d6597e0f3e491f2f25e9f7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
Sleep
CopyFileA
GetSystemDirectoryA
lstrlenA
CreateFileA
GetLastError
DeviceIoControl
HeapDestroy
GetCurrentProcess
GetCurrentThreadId
HeapAlloc
SetFileAttributesA
GetFileAttributesA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
CloseHandle
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetModuleFileNameA
FreeEnvironmentStringsA
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WideCharToMultiByte
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
LoadLibraryA
FlushFileBuffers
SetFilePointer

user32

wsprintfA

advapi32

RegOpenKeyExA
OpenServiceA
RegEnumKeyExA
StartServiceA
OpenSCManagerA
QueryServiceStatus
DeleteService
CloseServiceHandle
CreateServiceA
GetSecurityDescriptorDacl
ControlService
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
GetAclInformation
QueryServiceObjectSecurity
SetServiceObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce

Exports

Exports

Remove
Setup
_DllMain@12

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tb60run.exe
.exe windows:4 windows x86

18ceae1b33a5c287cf775dd87ad29711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

tb60w32

ord69

user32

SendMessageA
DestroyWindow
ShowWindow
GetSystemMetrics
EnumWindows
wsprintfA
GetClassNameA
MessageBoxA
OemToCharA
WaitForInputIdle
InvalidateRect
GetDC
ReleaseDC
GetWindowLongA
BeginPaint
EndPaint
DefWindowProcA
SetWindowLongA
MoveWindow
RegisterClassA
CreateWindowExA
UpdateWindow

gdi32

GetStockObject
DeleteObject
SelectPalette
RealizePalette
StretchDIBits
CreatePalette

kernel32

lstrcpynA
LocalFree
LocalAlloc
GetProcAddress
GetStringTypeW
LoadLibraryA
VirtualAlloc
LCMapStringW
GetStringTypeA
WriteFile
RtlUnwind
LCMapStringA
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetACP
GetCPInfo
GetOEMCP
CloseHandle
ReleaseSemaphore
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
lstrlenA
Sleep
WaitForSingleObject
CreateSemaphoreA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
GetVersionExA
lstrcmpA
GetLastError
CreateMutexA
ReleaseMutex
OpenMutexA
WinExec
CreateProcessA
lstrcatA
GetCurrentDirectoryA
lstrcmpiA
GetPrivateProfileStringA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
GetModuleHandleA
GetDriveTypeA
LockResource
LoadResource
FindResourceA
FreeResource
GetWindowsDirectoryA
OpenFile
GetVersion
HeapFree
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetFullPathNameA
GetEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
UnhandledExceptionFilter
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA

advapi32

RegOpenKeyA
RegQueryValueA
RegCloseKey

Exports

Exports

_CreateMutex32@4
_ReleaseMutex32@4
_WaitForSingleObject32@8

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
file_id.diz
frf.nfo
tbz.nfo
Cisco Router Simulator (sybex)/arcnavrb.zip
.zip
HOM.nfo
arccnavl.002
.rar
file_id.diz
tbz.nfo
Cisco Router Simulator (sybex)/arcnavrc.zip
.zip
HOM.nfo
arccnavl.003
.rar
arccnavl.sfv
file_id.diz
tbz.nfo
Cisco Router Simulator (sybex)/clcd16.dll
Cisco Router Simulator (sybex)/clcd32.dll
.dll windows:4 windows x86

07bcffb1f82feb7a242fdad899ace521

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer
GetStartupInfoA
SUnMapLS_IP_EBP_8
SMapLS_IP_EBP_12
SUnMapLS_IP_EBP_12
SMapLS_IP_EBP_16
SUnMapLS_IP_EBP_16
SMapLS_IP_EBP_20
SUnMapLS_IP_EBP_20
ThunkConnect32
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
SMapLS_IP_EBP_8
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
VirtualAlloc
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Exports

Exports

_GetIDT_If32@8
_GetRMInts_If32@8
_GetV86Vector_If32@12
_GetVectors_If32@8
_InitIV_32@12
_InitVectors_32@8
_IsLoadComplete_32@4
_SetIDT_If32@8
_SetV86Vector_If32@12
_SetVectors_If32@16
thk_ThunkData32

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/clokspl.exe
.exe windows:4 windows x86

503b8663acf52579007e3ef9afa85466

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetACP
HeapDestroy
HeapCreate
HeapReAlloc
GetCPInfo
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
EnterCriticalSection
TerminateProcess
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CloseHandle
MulDiv
InterlockedDecrement
GlobalFree
ExitProcess
RaiseException
GetStartupInfoA
GetModuleHandleA
HeapAlloc
HeapFree
RtlUnwind
SetErrorMode
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
WritePrivateProfileStringA
GetVersionExA
LoadLibraryA
GetProcAddress
FreeLibrary
GetLastError
SetLastError
GetProcessVersion
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
LeaveCriticalSection
GlobalReAlloc
FindResourceA
LoadResource
LCMapStringW
GlobalHandle
LockResource
GetCurrentThreadId
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
IsBadReadPtr
IsBadWritePtr
SetUnhandledExceptionFilter
LCMapStringA
GetFileAttributesA
GlobalGetAtomNameA
GetModuleFileNameA
GetCommandLineA
GetVersion
GlobalAddAtomA
lstrcatA
GlobalUnlock
lstrcpynA
GlobalLock
lstrlenA
lstrcpyA

user32

EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
SetWindowTextA
LoadBitmapA
GetMenuCheckMarkDimensions
IsZoomed
OffsetRect
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
ValidateRect
TranslateMessage
GetMessageA
LoadStringA
PostQuitMessage
ShowOwnedPopups
MessageBoxA
GetClassNameA
PtInRect
ClientToScreen
GetSysColorBrush
FindWindowA
FillRect
IsRectEmpty
SetTimer
KillTimer
WindowFromPoint
SetRect
DeleteMenu
CharUpperA
InflateRect
GetDCEx
LockWindowUpdate
SetCapture
IntersectRect
SetParent
AppendMenuA
GetSystemMenu
InvertRect
DispatchMessageA
AdjustWindowRectEx
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
SetScrollInfo
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
RegisterClassA
GetSysColor
GetWindowTextLengthA
GetWindowTextA
DefWindowProcA
IsDialogMessageA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
BringWindowToTop
IsWindowVisible
IsIconic
GetFocus
EqualRect
CopyRect
GetDlgItem
SetWindowLongA
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
GetMenuItemCount
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
GetClassInfoA
DestroyMenu
SetFocus
GetParent
GetActiveWindow
ShowWindow
GetWindowLongA
IsWindow
GetWindow
IsWindowEnabled
SetCursor
PeekMessageA
PostMessageA
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
LoadMenuA
GetSubMenu
GetCursorPos
GetMenuItemID
LoadIconA
InvalidateRect
LoadImageA
ReleaseDC
GetWindowRect
ScreenToClient
GetDesktopWindow
GetDC
LoadCursorA
UpdateWindow
EnableWindow
SetForegroundWindow
SendMessageA
GetNextDlgTabItem
EndDialog
GetSystemMetrics
CreateDialogIndirectParamA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
SetWindowsHookExA
CallNextHookEx
DestroyWindow
GetForegroundWindow
UnhookWindowsHookEx
CreateWindowExA
UnregisterClassA

gdi32

GetObjectA
BitBlt
RealizePalette
CreateCompatibleDC
CreateHalftonePalette
DeleteDC
CreatePalette
GetDIBColorTable
SelectObject
SetTextColor
SetBkColor
CreateBitmap
GetTextExtentPointA
GetTextMetricsA
SaveDC
RestoreDC
GetStockObject
SelectPalette
DeleteObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
ExcludeClipRect
IntersectClipRect
SetTextAlign
CreateRectRgn
CreateSolidBrush
CreatePatternBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateFontIndirectA
PatBlt
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetDeviceCaps
SetBkMode

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

shell32

DragQueryFileA
DragFinish

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/dplayerx.dll
.dll windows:4 windows x86

107e3805db57d4abee900f1f1e35183c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
HeapAlloc
LeaveCriticalSection
GetProcAddress
HeapFree
EnterCriticalSection
InitializeCriticalSection
HeapCreate
GetCurrentProcessId
GetModuleHandleA
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
CloseHandle
VirtualAlloc
ReadFile
SetFilePointer
WriteFile
GetLastError
LoadLibraryA
GetModuleFileNameA
LoadLibraryExA
GetVersionExA
CreateFileA
DeviceIoControl
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ExitProcess
TerminateProcess
GetCommandLineA
GetVersion
InterlockedDecrement
InterlockedIncrement
RtlUnwind
GetCurrentThreadId
TlsSetValue
TlsAlloc
GetCurrentProcess
SetLastError
TlsGetValue
HeapDestroy
VirtualFree
DeleteCriticalSection
HeapReAlloc
LCMapStringA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetStringTypeW
LCMapStringW
GetStringTypeA
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA

user32

GetKeyboardType
wsprintfA

Exports

Exports

Ox77F052CC
_DllMain@12

Sections

.txt
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txt2
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/drvmgt.dll
.dll windows:4 windows x86

9dfafe4e7d6597e0f3e491f2f25e9f7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
Sleep
CopyFileA
GetSystemDirectoryA
lstrlenA
CreateFileA
GetLastError
DeviceIoControl
HeapDestroy
GetCurrentProcess
GetCurrentThreadId
HeapAlloc
SetFileAttributesA
GetFileAttributesA
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
CloseHandle
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
HeapFree
VirtualAlloc
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
GetModuleFileNameA
FreeEnvironmentStringsA
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
WideCharToMultiByte
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
LoadLibraryA
FlushFileBuffers
SetFilePointer

user32

wsprintfA

advapi32

RegOpenKeyExA
OpenServiceA
RegEnumKeyExA
StartServiceA
OpenSCManagerA
QueryServiceStatus
DeleteService
CloseServiceHandle
CreateServiceA
GetSecurityDescriptorDacl
ControlService
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
GetAclInformation
QueryServiceObjectSecurity
SetServiceObjectSecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
GetAce

Exports

Exports

Remove
Setup
_DllMain@12

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 954B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/file_id.diz
Cisco Router Simulator (sybex)/frf.nfo
Cisco Router Simulator (sybex)/secdrv.sys
.sys windows:4 windows x86

cd677f815991df945ddc3c12b847c752

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteDevice
NtBuildNumber
RtlEqualUnicodeString
RtlInitUnicodeString
IofCompleteRequest
RtlQueryRegistryValues
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
KeTickCount

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 32B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 160B - Virtual size: 138B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/tb60run.exe
.exe windows:4 windows x86

18ceae1b33a5c287cf775dd87ad29711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

tb60w32

ord69

user32

SendMessageA
DestroyWindow
ShowWindow
GetSystemMetrics
EnumWindows
wsprintfA
GetClassNameA
MessageBoxA
OemToCharA
WaitForInputIdle
InvalidateRect
GetDC
ReleaseDC
GetWindowLongA
BeginPaint
EndPaint
DefWindowProcA
SetWindowLongA
MoveWindow
RegisterClassA
CreateWindowExA
UpdateWindow

gdi32

GetStockObject
DeleteObject
SelectPalette
RealizePalette
StretchDIBits
CreatePalette

kernel32

lstrcpynA
LocalFree
LocalAlloc
GetProcAddress
GetStringTypeW
LoadLibraryA
VirtualAlloc
LCMapStringW
GetStringTypeA
WriteFile
RtlUnwind
LCMapStringA
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetACP
GetCPInfo
GetOEMCP
CloseHandle
ReleaseSemaphore
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
lstrlenA
Sleep
WaitForSingleObject
CreateSemaphoreA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
GetVersionExA
lstrcmpA
GetLastError
CreateMutexA
ReleaseMutex
OpenMutexA
WinExec
CreateProcessA
lstrcatA
GetCurrentDirectoryA
lstrcmpiA
GetPrivateProfileStringA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalDeleteAtom
GetModuleHandleA
GetDriveTypeA
LockResource
LoadResource
FindResourceA
FreeResource
GetWindowsDirectoryA
OpenFile
GetVersion
HeapFree
FreeEnvironmentStringsW
MultiByteToWideChar
GetEnvironmentStrings
GetFullPathNameA
GetEnvironmentStringsW
WideCharToMultiByte
GetStartupInfoA
GetCommandLineA
UnhandledExceptionFilter
HeapAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA

advapi32

RegOpenKeyA
RegQueryValueA
RegCloseKey

Exports

Exports

_CreateMutex32@4
_ReleaseMutex32@4
_WaitForSingleObject32@8

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Cisco Router Simulator (sybex)/tbz.nfo

Sharing

General

Malware Config

Signatures

Files

Password: infected

52304e2a18fa5608f4f4aeb8041c7da0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

52304e2a18fa5608f4f4aeb8041c7da0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

07bcffb1f82feb7a242fdad899ace521

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 15KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

503b8663acf52579007e3ef9afa85466

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 15KB - Virtual size: 28KB

.idata Size: 7KB - Virtual size: 7KB

.rsrc Size: 16KB - Virtual size: 16KB

107e3805db57d4abee900f1f1e35183c

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.txt Size: 63KB - Virtual size: 62KB

.text Size: 48KB - Virtual size: 48KB

.txt2 Size: 32KB - Virtual size: 31KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 14KB - Virtual size: 22KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 15KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 15KB - Virtual size: 28KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 16KB - Virtual size: 16KB

.txt
Size: 63KB - Virtual size: 62KB

.text
Size: 48KB - Virtual size: 48KB

.txt2
Size: 32KB - Virtual size: 31KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 14KB - Virtual size: 22KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 954B

.data
Size: 10KB - Virtual size: 15KB

.idata
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 32B - Virtual size: 16B

INIT
Size: 1KB - Virtual size: 1KB

.reloc
Size: 160B - Virtual size: 138B

.text
Size: 20KB - Virtual size: 19KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 11KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 41KB - Virtual size: 41KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 15KB