8a84037332a4982cf14da5b7d221166807e186dad47a3791bb25b9f2eb7c5df0[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

8a84037332a4982cf14da5b7d221166807e186dad47a3791bb25b9f2eb7c5df0.zip.zip
Size

27.3MB
MD5

2faba3c90e87bb3e906a4abcce3fdba2
SHA1

8de900b61c950e6de7173cebba425ca19d6bbe05
SHA256

41f8992ba1e0cc160b25e33d2db8fbd352c21126d1472bb24f79a1b8a99d7708
SHA512

ec63beb8fe4bb2bc7f7f5f59a386a5528575890a00a6a12b0aa84d32207dc1f12e43b971dcec73b7b95844df1ada265cd66c33a46f4b79c8f1f68dc32b72a687
SSDEEP

786432:fwKGtk9eI7Wts38lbITfxO2MNfe2mHIe+S5kE9UHj:fw/OpksstITfQNuoe+7E9A

Score

3^/10

Malware Config

Signatures

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
unpack006/Debug/BO_TEST.exe
unpack008/Debug/BO_TEST.exe
unpack009/Debug/OPCODE_FINDER.exe
unpack004/Hack2000/JustFiles/avirtexp.exe
unpack004/Hack2000/JustFiles/realown.exe
unpack004/Hack2000/Microsoft/BertzHole.exe
unpack004/Hack2000/Microsoft/BertzSvc.exe
unpack004/Hack2000/Microsoft/MSDecripter.exe

Files

8a84037332a4982cf14da5b7d221166807e186dad47a3791bb25b9f2eb7c5df0.zip.zip
.zip

Password: infected
8a84037332a4982cf14da5b7d221166807e186dad47a3791bb25b9f2eb7c5df0.zip
.zip
Contest/Hack2000.tar.bz2
.bz2
Hack2000.tar
.tar
Hack2000/3nfsd2.c
Hack2000/Bo.zip
.zip
bo.txt
.js
Hack2000/Bo_test.zip
.zip
BO_TEST.cpp
BO_TEST.dsp
BO_TEST.dsw
BO_TEST.h
BO_TEST.rc
Debug/BO_TEST.exe
.exe windows:4 windows x86

f1a14d97dd4813e2611fb717883560eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetCommandLineA

mfc42d

ord592
ord706
ord1189
ord4258
ord2636
ord590
ord528
ord4386
ord4123
ord344
ord342

msvcrtd

__setusermatherr
_initterm
__p__fmode
_chkesp
__getmainargs
__set_app_type
_except_handler3
_controlfp
__dllonexit
_exit
_onexit
_adjust_fdiv
__CxxFrameHandler
__p__commode
exit
__p___initenv
_XcptFilter

msvcp60d

??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1Init@ios_base@std@@QAE@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??0_Winit@std@@QAE@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 833B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Debug/overflow.txt
ReadMe.txt
Resource.h
StdAfx.cpp
StdAfx.h
overflow.txt
Hack2000/JustFiles/3nfsd2.c
Hack2000/JustFiles/Bo.zip
.zip
bo.txt
.js
Hack2000/JustFiles/Bo_test.zip
.zip
BO_TEST.cpp
BO_TEST.dsp
BO_TEST.dsw
BO_TEST.h
BO_TEST.rc
Debug/BO_TEST.exe
.exe windows:4 windows x86

f1a14d97dd4813e2611fb717883560eb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetCommandLineA

mfc42d

ord592
ord706
ord1189
ord4258
ord2636
ord590
ord528
ord4386
ord4123
ord344
ord342

msvcrtd

__setusermatherr
_initterm
__p__fmode
_chkesp
__getmainargs
__set_app_type
_except_handler3
_controlfp
__dllonexit
_exit
_onexit
_adjust_fdiv
__CxxFrameHandler
__p__commode
exit
__p___initenv
_XcptFilter

msvcp60d

??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1Init@ios_base@std@@QAE@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??0_Winit@std@@QAE@XZ
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 833B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Debug/overflow.txt
ReadMe.txt
Resource.h
StdAfx.cpp
StdAfx.h
overflow.txt
Hack2000/JustFiles/OPCODE_FINDER.zip
.zip
Debug/OPCODE_FINDER.exe
.exe windows:4 windows x86

47be00815c7a8ddb5b5fbcaa6a489392

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetCommandLineA
FreeLibrary

mfc42d

ord706
ord1189
ord528
ord1136

msvcrtd

__p__fmode
_initterm
_controlfp
__p__commode
_chkesp
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_onexit
__dllonexit
__CxxFrameHandler
__set_app_type
_except_handler3
__setusermatherr
_adjust_fdiv

msvcp60d

?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
?setf@ios_base@std@@QAEHHH@Z
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 76KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 921B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 617B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
OPCODE_FINDER.cpp
.js
OPCODE_FINDER.dsp
OPCODE_FINDER.dsw
OPCODE_FINDER.h
OPCODE_FINDER.rc
ReadMe.txt
Resource.h
StdAfx.cpp
StdAfx.h
Hack2000/JustFiles/OPCODE_OUTPUT.zip
.zip
Hack2000/JustFiles/PsviewEXE.zip
.zip
Hack2000/JustFiles/PsviewSRC.zip
.zip
Hack2000/JustFiles/RFP9904.txt
Hack2000/JustFiles/RFP9905.txt
Hack2000/JustFiles/RFP9907.txt
Hack2000/JustFiles/SrvcmdEXE.zip
.zip
Hack2000/JustFiles/SrvcmdSRC.zip
.zip
Hack2000/JustFiles/V323PTCH.COM
Hack2000/JustFiles/VeteScan-12-26-99.tar.gz
.gz
Hack2000/JustFiles/WebServerVersionEXE.zip
.zip
Hack2000/JustFiles/WebServerVersionSRC.zip
Hack2000/JustFiles/Wfpguiexe.zip
.zip
Hack2000/JustFiles/alpha-bof.txt
Hack2000/JustFiles/avirtexp.exe
.exe windows:1 windows x86

4542d6513cbdb42d3d00c29cade1c016

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WriteConsoleA
ExitProcess
GetProcAddress
GetModuleHandleA
lstrlenA
GetStdHandle
GetCommandLineA

wsock32

recv
inet_addr
htons
connect
closesocket
WSAStartup
send
socket
WSACleanup

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Hack2000/JustFiles/avirtsc.zip
.zip
Hack2000/JustFiles/avirtx.asm
Hack2000/JustFiles/delefate.c
Hack2000/JustFiles/elza-1.4.3.zip
.zip
Hack2000/JustFiles/fakescan.c
Hack2000/JustFiles/ku-1.1BETA5.tgz
.gz
Hack2000/JustFiles/lsx2.tgz
.gz
Hack2000/JustFiles/nsat-1.11.tgz
.gz
Hack2000/JustFiles/omnihttpd.c
Hack2000/JustFiles/openlink-exploit.c
Hack2000/JustFiles/realown.asm
Hack2000/JustFiles/realown.c
Hack2000/JustFiles/realown.exe
.exe windows:1 windows x86

fd29a92dcd4f70e9beac80bd05e67e80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCommandLineA
WriteConsoleA
ExitProcess
GetStdHandle

wsock32

recv
closesocket
WSAStartup
htons
WSACleanup
inet_addr
gethostbyname
send
socket
connect

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Hack2000/JustFiles/rfpoison.py
.py .sh linux
Hack2000/JustFiles/rpcscan.c
Hack2000/JustFiles/seyon.txt
Hack2000/JustFiles/shell-lock.txt
Hack2000/JustFiles/ssh-1.2.27-exploit.txt
Hack2000/JustFiles/thg-binary.zip
.zip
Hack2000/JustFiles/thg-source.zip
.zip
Hack2000/JustFiles/versioner-06b.zip
.zip
Hack2000/JustFiles/winfingerprint-223.zip
.zip
Hack2000/Microsoft/95sscrk.zip
.zip
Hack2000/Microsoft/BUTTSniff-0.9.2.zip
.zip
Hack2000/Microsoft/BUTTSniff-0.9.3.zip
.zip
Hack2000/Microsoft/BeSysAdm.zip
.zip
Hack2000/Microsoft/BertzHole.exe
.exe windows:4 windows x86

ddcc682ce67941805516589dd5209e03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

netapi32

NetServerEnum
NetApiBufferFree

kernel32

RtlUnwind
GetStartupInfoA
ExitProcess
GetCommandLineA
RaiseException
HeapReAlloc
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
TerminateProcess
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CloseHandle
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetLastError
FormatMessageA
LocalFree
HeapFree
GetProcessHeap
WriteFile
GetCurrentProcess
SetErrorMode
GetOEMCP
GetCPInfo
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
TlsGetValue
LocalReAlloc
EnterCriticalSection
TlsSetValue
HeapAlloc
TlsFree
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
MulDiv
InitializeCriticalSection
LocalAlloc
FreeLibrary
SetLastError
LoadLibraryA
GlobalGetAtomNameA
GetVersion
lstrcatA
lstrcpyA
GlobalAddAtomA
GlobalFindAtomA
MultiByteToWideChar
GetModuleHandleA
GetProcAddress
InterlockedDecrement
WideCharToMultiByte
lstrlenA
GlobalFree
GlobalUnlock
LoadResource
LockResource
FindResourceA
IsBadWritePtr
LCMapStringA
FreeEnvironmentStringsW
SetHandleCount

user32

AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
LoadStringA
DestroyMenu
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
CopyRect
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetSubMenu
GetMenuItemID
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetMenuItemCount
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
SetWindowLongA
UnregisterClassA

gdi32

SetBkColor
SetTextColor
GetClipBox
DeleteDC
RestoreDC
SelectObject
SaveDC
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
ScaleViewportExtEx
SetViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetObjectA
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

GetServiceKeyNameA
QueryServiceStatus
RegSetValueExA
CloseServiceHandle
OpenSCManagerA
OpenServiceA
ControlService
QueryServiceConfigA
StartServiceA
RegCreateKeyExA
ChangeServiceConfigA
RegCloseKey
RegOpenKeyExA

comctl32

ord17

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Hack2000/Microsoft/BertzSvc.exe
.exe windows:4 windows x86

b1e18b56e72ecedf467a119ac9cb649a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA

kernel32

GetVersion
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
GetFileAttributesA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateProcessA
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
CompareStringA
CompareStringW
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Hack2000/Microsoft/C-Mail-exploit.c
Hack2000/Microsoft/GetadmforSops.txt
Hack2000/Microsoft/MSDecripter.exe
.exe windows:1 windows x86

3e487cc688f33627650da358d55f597a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrlenA
ExitProcess
GetStdHandle
WriteConsoleA

advapi32

RegQueryValueExA
RegOpenKeyExA

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Hack2000/Microsoft/MSDecripterSources.zip
.zip
Hack2000/Microsoft/NB2ProBeta.zip
.zip
Hack2000/Microsoft/NetBus170.zip
.zip
Hack2000/Microsoft/RButton.zip
.zip
Hack2000/Microsoft/RFP2K02
Hack2000/Microsoft/SP340.TXT
Hack2000/Microsoft/ScrnSave.zip
.zip
Hack2000/Microsoft/SrvcmdEXE.zip
.zip
Hack2000/Microsoft/as-101.zip
Hack2000/Microsoft/killwin.c
Hack2000/Microsoft/kod.c
Hack2000/Microsoft/kox.c
Hack2000/Microsoft/moyari13.c
Hack2000/Microsoft/pimp.c
Hack2000/Microsoft/winnuke.c
Hack2000/OPCODE_FINDER.zip
.zip
Hack2000/OPCODE_OUTPUT.zip
.zip
Hack2000/PsviewEXE.zip
.zip
Hack2000/PsviewSRC.zip
.zip
Hack2000/RFP9904.txt
Hack2000/RFP9905.txt
Hack2000/RFP9906.txt
Hack2000/RFP9907.txt
Hack2000/RFPoison.c
Hack2000/RFPoison.zip
.zip
Hack2000/SrvcmdEXE.zip
.zip
Hack2000/SrvcmdSRC.zip
.zip
Hack2000/V323PTCH.COM
Hack2000/VeteScan-12-26-99.tar.gz
.gz
Hack2000/arnup100.c
Hack2000/bland.c
Hack2000/blat.c
Hack2000/blitznet.tgz
.gz
Hack2000/boink.c
Hack2000/bonk.c
Hack2000/brkill.c
Hack2000/broadscan.c
Hack2000/dally.zip
.zip
Hack2000/dnsabuser.c
Hack2000/expgen085.zip
.zip
Hack2000/eyenetdee.c
Hack2000/find_ddos_v31_intel_tar.Z
Hack2000/find_ddos_v31_linux_tar.Z
Hack2000/find_ddos_v31_sparc_tar.Z
Hack2000/fraggle.c
Hack2000/hoze.tar.gz
.gz
Hack2000/i586.com
Hack2000/icmplog.c
Hack2000/killwin.c
Hack2000/land.c
Hack2000/latierra.c
Hack2000/linux-icmp.c
Hack2000/linux2038optionslength.c
Hack2000/moyari13.c
Hack2000/namesnake-0.0.2.tar.gz
.gz
Hack2000/nestea.c
Hack2000/nestea.diff
Hack2000/newtear.c
Hack2000/octopus.c
Hack2000/opentear.c
Hack2000/overdrop.c
Hack2000/papasmurf-linux.c
Hack2000/papasmurf.c
Hack2000/pentium_bug.c
Hack2000/pingflood.c
Hack2000/poink.c
Hack2000/punk.c
Hack2000/rfc/RFC1001.TXT
Hack2000/rfc/RFC1002.TXT
Hack2000/rfc/RFC1034.TXT
Hack2000/rfc/RFC1035.TXT
Hack2000/rfc/RFC1055.TXT
Hack2000/rfc/RFC1112.TXT
Hack2000/rfc/RFC1157.TXT
Hack2000/rfc/RFC1171.TXT
Hack2000/rfc/RFC1179.TXT
Hack2000/rfc/RFC1208.TXT
Hack2000/rfc/RFC1212.TXT
Hack2000/rfc/RFC1321.TXT
.vbs
Hack2000/rfc/RFC1350.TXT
Hack2000/rfc/RFC1518.TXT
Hack2000/rfc/RFC1519.TXT
Hack2000/rfc/RFC1532.TXT
Hack2000/rfc/RFC1533.TXT
Hack2000/rfc/RFC1534.TXT
Hack2000/rfc/RFC1541.TXT
Hack2000/rfc/RFC1542.TXT
Hack2000/rfc/RFC1547.TXT
Hack2000/rfc/RFC1661.TXT
Hack2000/rfc/RFC1700.TXT
Hack2000/rfc/RFC1723.TXT
Hack2000/rfc/RFC1883.TXT
Hack2000/rfc/RFC1918.TXT
Hack2000/rfc/RFC1982.TXT
Hack2000/rfc/RFC2065.TXT
Hack2000/rfc/RFC768.TXT
Hack2000/rfc/RFC791.TXT
Hack2000/rfc/RFC792.TXT
Hack2000/rfc/RFC793.TXT
Hack2000/rfc/RFC816.TXT
Hack2000/rfc/RFC826.TXT
Hack2000/rfc/RFC854.TXT
Hack2000/rfc/RFC950.TXT
Hack2000/rfc/RFC959.TXT
Hack2000/rfc/bufferoverflows.html
.html
Hack2000/rfc/c-lesson.zip
.zip
Hack2000/rfc/cifs.txt
.vbs
Hack2000/rfc/linux-stack-overflow.tar.gz
.gz
Hack2000/rfc/phrack49-14.txt
.ps1
Hack2000/rfc/rfc1518.txt
Hack2000/rfc/rfc1739.txt
.vbs
Hack2000/rfc/rfc1885.html
.html
Hack2000/rfc/rfc1918.txt
Hack2000/rfc/rfc1945.txt
Hack2000/rfc/rfc2050.txt
Hack2000/rfc/unix-sockets.zip
Hack2000/rid-1_0.tgz
.gz
Hack2000/rr-1.0.tgz
.gz
Hack2000/rst.c
Hack2000/rst_flip.c
Hack2000/secureping-1.0.tar.gz
.gz
Hack2000/security.html
.js
Hack2000/security.html#0
.js
Hack2000/security.html#1
.js
Hack2000/security.html#2
.js
Hack2000/security.html#3
.js
Hack2000/security.html#4
.js
Hack2000/sesquipedalian.c
Hack2000/shutup.c
Hack2000/simping.c
Hack2000/smurf.c
Hack2000/smurflog-1.1.tar.gz
.gz
Hack2000/snork.c
Hack2000/spank.c
Hack2000/ssping.c
Hack2000/stachel.tgz
.gz
Hack2000/stream-DoS.txt
Hack2000/syndrop.c
Hack2000/synk4.c
Hack2000/sysphear.c
Hack2000/targa.c
Hack2000/targa12.c
Hack2000/targa2.c
Hack2000/targa3.c
Hack2000/teardrop.c
Hack2000/tentacle.c
Hack2000/tfn.tgz
.gz
Hack2000/tfn2k.tgz
.gz
Hack2000/trinoo.tgz
.gz
Hack2000/twinge.c
Hack2000/uy4beta3.zip
.zip
Hack2000/winnuke.c
Contest/ImportantFiles.tar.bz2
.bz2
Contest/john-1.6.tar.gz
.gz
Contest/nettoolz.tar.gz
.gz
Contest/tips.tgz
.gz

Sharing

General

Malware Config

Signatures

Files

Password: infected

f1a14d97dd4813e2611fb717883560eb

Headers

File Characteristics

Imports

kernel32

mfc42d

msvcrtd

msvcp60d

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 4KB - Virtual size: 833B

.data Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 700B

.reloc Size: 4KB - Virtual size: 581B

f1a14d97dd4813e2611fb717883560eb

Headers

File Characteristics

Imports

kernel32

mfc42d

msvcrtd

msvcp60d

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 4KB - Virtual size: 833B

.data Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 700B

.reloc Size: 4KB - Virtual size: 581B

47be00815c7a8ddb5b5fbcaa6a489392

Headers

File Characteristics

Imports

kernel32

mfc42d

msvcrtd

msvcp60d

Sections

.text Size: 76KB - Virtual size: 74KB

.rdata Size: 4KB - Virtual size: 921B

.data Size: 4KB - Virtual size: 1KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 700B

.reloc Size: 4KB - Virtual size: 617B

4542d6513cbdb42d3d00c29cade1c016

Headers

File Characteristics

Imports

kernel32

wsock32

Sections

CODE Size: 1024B - Virtual size: 4KB

DATA Size: 10KB - Virtual size: 12KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

fd29a92dcd4f70e9beac80bd05e67e80

Headers

File Characteristics

Imports

kernel32

wsock32

Sections

CODE Size: 1024B - Virtual size: 4KB

DATA Size: 9KB - Virtual size: 12KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

ddcc682ce67941805516589dd5209e03

Headers

File Characteristics

Imports

netapi32

kernel32

user32

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 4KB - Virtual size: 833B

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 700B

.reloc
Size: 4KB - Virtual size: 581B

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 4KB - Virtual size: 833B

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 700B

.reloc
Size: 4KB - Virtual size: 581B

.text
Size: 76KB - Virtual size: 74KB

.rdata
Size: 4KB - Virtual size: 921B

.data
Size: 4KB - Virtual size: 1KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 700B

.reloc
Size: 4KB - Virtual size: 617B

CODE
Size: 1024B - Virtual size: 4KB

DATA
Size: 10KB - Virtual size: 12KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

CODE
Size: 1024B - Virtual size: 4KB

DATA
Size: 9KB - Virtual size: 12KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 16KB - Virtual size: 12KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

CODE
Size: 1024B - Virtual size: 4KB

DATA
Size: 2KB - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB