8cb9f42e9c7f9d73db2ca575889e7fdd83fab9dbd84082948bd572eacf127461[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

8cb9f42e9c7f9d73db2ca575889e7fdd83fab9dbd84082948bd572eacf127461.zip.zip
Size

7.6MB
MD5

7ded8808b0da8b14a032d61a65d95daa
SHA1

4ef85efeecf3e1f93a0a08ace0c487b99c089523
SHA256

be21943079cb4bdfa5a39e6747910f8398d25d7400259957f3b884e559e3aec2
SHA512

aedf3d0fa35550dc72ccce55e8e990f526d788b1adb5472113d509e483aa7e651223456525ecda962d7417b7baf7d0e638e743624d268c70812f1f460606383d
SSDEEP

196608:hy7t/K9vUlpiO3IL8fUv3ai7SVY6keBqmtUCyeP:h6U9v9mU8fU56GmuWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Uninstall.exe
unpack002/bochs.exe
unpack002/bochsdbg.exe
unpack002/bximage.exe
unpack002/cygwin1.dll
unpack002/mcd.exe
unpack002/mcopy.exe
unpack002/mdel.exe
unpack002/mdeltree.exe
unpack002/mdir.exe
unpack002/mformat.exe
unpack002/minfo.exe
unpack002/mlabel.exe
unpack002/mmd.exe
unpack002/mmove.exe
unpack002/mrd.exe
unpack002/mren.exe
unpack002/mtools.exe
unpack002/niclist.exe

Files

8cb9f42e9c7f9d73db2ca575889e7fdd83fab9dbd84082948bd572eacf127461.zip.zip
.zip

Password: infected
8cb9f42e9c7f9d73db2ca575889e7fdd83fab9dbd84082948bd572eacf127461.zip
.zip
BIOS-bochs-2-processors
BIOS-bochs-4-processors
BIOS-bochs-8-processors
BIOS-bochs-latest
CHANGES.txt
COPYING.txt
README.txt
Uninstall.exe
.exe windows:4 windows x86

b5f4882fc3ecd4da6fcc68004086d1d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Create
ImageList_SetBkColor
ord17
ImageList_Add
ImageList_Destroy

kernel32

FindFirstFileA
CloseHandle
SetFileTime
CompareFileTime
GetFileAttributesA
GetTempFileNameA
GetTempPathA
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
lstrcatA
SetFileAttributesA
Sleep
CopyFileA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
lstrcpynA
DeleteFileA
GetTickCount
GetUserDefaultLangID
lstrlenA
GetDiskFreeSpaceA
GetVersion
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetWindowsDirectoryA
CreateDirectoryA
lstrcpyA
GetSystemDirectoryA
MultiByteToWideChar
GlobalFree
GlobalAlloc
MulDiv
SetFilePointer
ReadFile
FindNextFileA
FindClose
lstrcmpiA
WriteFile
GetEnvironmentVariableA
ExpandEnvironmentStringsA
WaitForSingleObject
GetExitCodeProcess
LoadLibraryA
GetProcAddress
FreeLibrary
GetCurrentProcess
ExitProcess
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCommandLineA

user32

ShowWindow
PostQuitMessage
SetDlgItemTextA
SetWindowTextA
SetTimer
DestroyWindow
CreateDialogParamA
CharNextA
DialogBoxParamA
IsWindowEnabled
EndDialog
SetFocus
EnableWindow
SetWindowPos
ScreenToClient
SetClassLongA
GetWindowLongA
SetCursor
GetSysColor
CharPrevA
GetDlgItemTextA
MapWindowPoints
GetMessagePos
LoadBitmapA
CallWindowProcA
GetParent
MessageBoxA
SetForegroundWindow
wsprintfA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
PeekMessageA
DispatchMessageA
ExitWindowsEx
GetWindowRect
LoadImageA
GetDC
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
SetRect
FillRect
DrawTextA
EndPaint
LoadIconA
LoadCursorA
RegisterClassA
SystemParametersInfoA
GetDesktopWindow
CreateWindowExA
GetWindowTextA

gdi32

SetBkColor
GetDeviceCaps
CreateFontIndirectA
DeleteObject
CreateSolidBrush
CreateFontA
SetBkMode
SetTextColor
CreateBrushIndirect
SelectObject

advapi32

RegEnumKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyA
RegCloseKey
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegEnumValueA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHFileOperationA

ole32

CoCreateInstance
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
VGABIOS-elpin-2.40
VGABIOS-elpin-LICENSE.txt
VGABIOS-lgpl-README.txt
VGABIOS-lgpl-latest
binst.bat
bochs.exe
.exe windows:4 windows x86

8ada861949644588b0b9187b3894c549

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_close
_fdopen
_fstat
_lseek
_mktemp
_open
_read
_stat
_strdup
_unlink
_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_beginthread
_cexit
_endthread
_errno
_fileno
_iob
_onexit
_setjmp
_setmode
_vsnprintf
abort
atexit
atoi
atol
ctime
exit
exp
fclose
feof
fflush
fgets
floor
fopen
fprintf
fputc
fputs
fread
free
frexp
fscanf
fseek
fwrite
getenv
isalpha
isprint
isspace
ldexp
localtime
log
longjmp
malloc
memcmp
memcpy
memset
mktime
printf
putchar
realloc
setlocale
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncat
strncmp
strncpy
strrchr
strtok
strtol
strtoul
time
tolower
vfprintf
vsprintf

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

comctl32

InitCommonControls

comdlg32

GetOpenFileNameA
GetSaveFileNameA

gdi32

BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
DPtoLP
DeleteDC
DeleteObject
GetMapMode
GetObjectA
GetStockObject
PatBlt
SelectObject
SetBitmapBits
SetBkColor
SetMapMode
SetTextColor
StretchBlt
StretchDIBits

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FindAtomA
GetAtomNameA
GetCurrentThread
GetCurrentThreadId
GetFileSize
GetLastError
GetModuleHandleA
GetProcAddress
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
ReadFile
ReleaseMutex
ResetEvent
SetFilePointer
SetLastError
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
WaitForSingleObject
lstrcmpA
lstrcpyA
lstrlenA

user32

BeginPaint
CloseClipboard
CreateWindowExA
DefWindowProcA
DialogBoxParamA
DispatchMessageA
EmptyClipboard
EndDialog
EndPaint
FindWindowA
GetClientRect
GetClipboardData
GetDC
GetDlgItem
GetForegroundWindow
GetMessageA
GetSystemMetrics
GetWindowRect
GetWindowTextA
InvalidateRect
KillTimer
LoadCursorA
LoadIconA
MoveWindow
OpenClipboard
PostMessageA
PostQuitMessage
RegisterClassA
ReleaseDC
SendMessageA
SetClipboardData
SetCursorPos
SetFocus
SetTimer
SetWindowPos
SetWindowTextA
ShowCursor
ShowWindow
TranslateMessage
UpdateWindow
wsprintfA

Sections

.text
Size: 822KB - Virtual size: 822KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 173KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bochs.ico
bochs.out
bochsdbg.exe
.exe windows:4 windows x86

4b16a26ae43b6dbced3d54d1da791f7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
PostMessageA
SetWindowTextA
DefWindowProcA
EmptyClipboard
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
SendMessageA
GetClipboardData
SetClipboardData
UpdateWindow
SetFocus
ShowCursor
GetWindowRect
SetCursorPos
GetDC
ReleaseDC
GetMessageA
PostQuitMessage
DispatchMessageA
GetSystemMetrics
FindWindowA
OpenClipboard
BeginPaint
CloseClipboard
InvalidateRect
SetTimer
EndPaint
KillTimer
GetClientRect
SetWindowPos
TranslateMessage
wsprintfA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

kernel32

Sleep
GetModuleHandleA
InitializeCriticalSection
GetCurrentThreadId
LeaveCriticalSection
GetCurrentThread
DeleteCriticalSection
SetThreadPriority
HeapAlloc
RtlUnwind
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
lstrcpyA
EnterCriticalSection
InterlockedDecrement
GetTimeZoneInformation
GetSystemTime
GetLocalTime
ResumeThread
CreateThread
TlsSetValue
ExitThread
HeapReAlloc
SetConsoleCtrlHandler
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InterlockedIncrement
GetCommandLineA
MultiByteToWideChar
GetLastError
GetFileType
GetStartupInfoA
TlsAlloc
SetLastError
TlsGetValue
GetModuleFileNameA
HeapSize
WideCharToMultiByte
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
CompareStringA
CompareStringW
GetACP
GetOEMCP
SetEnvironmentVariableA
GetStringTypeA
GetStringTypeW
GetTickCount
SetEndOfFile
RaiseException
GetVersion
DeviceIoControl
SetFilePointer
GetFileSize
GetProcAddress
GetVersionExA
LoadLibraryA
CreateEventA
CreateFileA
ReadFile
CloseHandle
ResetEvent
WaitForSingleObject
GlobalAlloc
GlobalUnlock
GlobalFree
SetHandleCount
GlobalLock
GetStdHandle
FlushFileBuffers
WriteFile
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
FindClose
GetDriveTypeA
PeekNamedPipe
GetFullPathNameA
GetCurrentDirectoryA
FindFirstFileA

gdi32

DeleteDC
CreateCompatibleBitmap
GetStockObject
CreateCompatibleDC
SelectObject
PatBlt
StretchBlt
StretchDIBits
BitBlt
SetBitmapBits
SetTextColor
DPtoLP
SetBkColor
SetMapMode
GetMapMode
GetObjectA
TextOutA
CreateFontIndirectA
ExtTextOutA
DeleteObject
CreateBitmap

winmm

waveOutUnprepareHeader
midiOutUnprepareHeader
waveOutReset
waveOutGetErrorTextA
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutWrite
midiOutReset
midiOutClose
midiOutShortMsg
midiOutPrepareHeader
midiOutLongMsg
midiOutOpen

comctl32

ord17

Exports

Exports

??0bxICache_c@@QAE@XZ
??0bx_cmos_stub_c@@QAE@ABV0@@Z
??0bx_cmos_stub_c@@QAE@XZ
??0bx_cpu_c@@QAE@XZ
??0bx_devices_c@@QAE@ABV0@@Z
??0bx_devices_c@@QAE@XZ
??0bx_devmodel_c@@QAE@ABV0@@Z
??0bx_devmodel_c@@QAE@XZ
??0bx_dma_stub_c@@QAE@ABV0@@Z
??0bx_dma_stub_c@@QAE@XZ
??0bx_floppy_stub_c@@QAE@ABV0@@Z
??0bx_floppy_stub_c@@QAE@XZ
??0bx_gui_c@@QAE@ABV0@@Z
??0bx_gui_c@@QAE@XZ
??0bx_hard_drive_stub_c@@QAE@ABV0@@Z
??0bx_hard_drive_stub_c@@QAE@XZ
??0bx_keyb_stub_c@@QAE@ABV0@@Z
??0bx_keyb_stub_c@@QAE@XZ
??0bx_keymap_c@@QAE@XZ
??0bx_list_c@@QAE@ABV0@@Z
??0bx_list_c@@QAE@W4bx_id@@H@Z
??0bx_list_c@@QAE@W4bx_id@@PAD1H@Z
??0bx_list_c@@QAE@W4bx_id@@PAD1PAPAVbx_param_c@@@Z
??0bx_mem_c@@QAE@I@Z
??0bx_mem_c@@QAE@XZ
??0bx_ne2k_stub_c@@QAE@ABV0@@Z
??0bx_ne2k_stub_c@@QAE@XZ
??0bx_object_c@@QAE@W4bx_id@@@Z
??0bx_param_bool_c@@QAE@ABV0@@Z
??0bx_param_bool_c@@QAE@W4bx_id@@PAD1_J@Z
??0bx_param_c@@QAE@ABV0@@Z
??0bx_param_c@@QAE@W4bx_id@@PAD1@Z
??0bx_param_enum_c@@QAE@ABV0@@Z
??0bx_param_enum_c@@QAE@W4bx_id@@PAD1PAPAD_J3@Z
??0bx_param_filename_c@@QAE@ABV0@@Z
??0bx_param_filename_c@@QAE@W4bx_id@@PAD11H@Z
??0bx_param_num_c@@QAE@ABV0@@Z
??0bx_param_num_c@@QAE@W4bx_id@@PAD1_J22@Z
??0bx_param_string_c@@QAE@ABV0@@Z
??0bx_param_string_c@@QAE@W4bx_id@@PAD11H@Z
??0bx_pc_system_c@@QAE@XZ
??0bx_pci_stub_c@@QAE@ABV0@@Z
??0bx_pci_stub_c@@QAE@XZ
??0bx_pic_stub_c@@QAE@ABV0@@Z
??0bx_pic_stub_c@@QAE@XZ
??0bx_shadow_bool_c@@QAE@ABV0@@Z
??0bx_shadow_bool_c@@QAE@W4bx_id@@PAD1PAIE@Z
??0bx_shadow_num_c@@QAE@ABV0@@Z
??0bx_shadow_num_c@@QAE@W4bx_id@@PAD1PACEE@Z
??0bx_shadow_num_c@@QAE@W4bx_id@@PAD1PAEEE@Z
??0bx_shadow_num_c@@QAE@W4bx_id@@PAD1PAFEE@Z
??0bx_shadow_num_c@@QAE@W4bx_id@@PAD1PAGEE@Z
??0bx_shadow_num_c@@QAE@W4bx_id@@PAD1PAHEE@Z
??0bx_shadow_num_c@@QAE@W4bx_id@@PAD1PAIEE@Z
??0bx_shadow_num_c@@QAE@W4bx_id@@PAD1PA_JEE@Z
??0bx_shadow_num_c@@QAE@W4bx_id@@PAD1PA_KEE@Z
??0bx_simulator_interface_c@@QAE@ABV0@@Z
??0bx_simulator_interface_c@@QAE@XZ
??0bx_vga_stub_c@@QAE@ABV0@@Z
??0bx_vga_stub_c@@QAE@XZ
??0iofunctions@@QAE@H@Z
??0iofunctions@@QAE@PAU_iobuf@@@Z
??0iofunctions@@QAE@PBD@Z
??0iofunctions@@QAE@XZ
??0logfunctions@@QAE@PAViofunctions@@@Z
??0logfunctions@@QAE@XZ
??0state_file@@QAE@PAU_iobuf@@@Z
??0state_file@@QAE@PBD0@Z
??1bx_cmos_stub_c@@UAE@XZ
??1bx_cpu_c@@QAE@XZ
??1bx_devices_c@@QAE@XZ
??1bx_devmodel_c@@UAE@XZ
??1bx_dma_stub_c@@UAE@XZ
??1bx_floppy_stub_c@@UAE@XZ
??1bx_gui_c@@UAE@XZ
??1bx_hard_drive_stub_c@@UAE@XZ
??1bx_keyb_stub_c@@UAE@XZ
??1bx_keymap_c@@QAE@XZ
??1bx_list_c@@UAE@XZ
??1bx_mem_c@@QAE@XZ
??1bx_ne2k_stub_c@@UAE@XZ
??1bx_param_filename_c@@UAE@XZ
??1bx_param_string_c@@UAE@XZ
??1bx_pc_system_c@@QAE@XZ
??1bx_pci_stub_c@@UAE@XZ
??1bx_pic_stub_c@@UAE@XZ
??1bx_vga_stub_c@@UAE@XZ
??1iofunctions@@QAE@XZ
??1logfunctions@@QAE@XZ
??1state_file@@QAE@XZ
??4BXKeyEntry@@QAEAAU0@ABU0@@Z
??4bxICache_c@@QAEAAV0@ABV0@@Z
??4bx_cmos_stub_c@@QAEAAV0@ABV0@@Z
??4bx_cpu_c@@QAEAAV0@ABV0@@Z
??4bx_devices_c@@QAEAAV0@ABV0@@Z
??4bx_devmodel_c@@QAEAAV0@ABV0@@Z
??4bx_dma_stub_c@@QAEAAV0@ABV0@@Z
??4bx_floppy_stub_c@@QAEAAV0@ABV0@@Z
??4bx_gui_c@@QAEAAV0@ABV0@@Z
??4bx_hard_drive_stub_c@@QAEAAV0@ABV0@@Z
??4bx_keyb_stub_c@@QAEAAV0@ABV0@@Z
??4bx_keymap_c@@QAEAAV0@ABV0@@Z
??4bx_list_c@@QAEAAV0@ABV0@@Z
??4bx_mem_c@@QAEAAV0@ABV0@@Z
??4bx_ne2k_stub_c@@QAEAAV0@ABV0@@Z
??4bx_object_c@@QAEAAV0@ABV0@@Z
??4bx_options_t@@QAEAAU0@ABU0@@Z
??4bx_param_bool_c@@QAEAAV0@ABV0@@Z
??4bx_param_c@@QAEAAV0@ABV0@@Z
??4bx_param_enum_c@@QAEAAV0@ABV0@@Z
??4bx_param_filename_c@@QAEAAV0@ABV0@@Z
??4bx_param_num_c@@QAEAAV0@ABV0@@Z
??4bx_param_string_c@@QAEAAV0@ABV0@@Z
??4bx_pc_system_c@@QAEAAV0@ABV0@@Z
??4bx_pci_stub_c@@QAEAAV0@ABV0@@Z
??4bx_pic_stub_c@@QAEAAV0@ABV0@@Z
??4bx_shadow_bool_c@@QAEAAV0@ABV0@@Z
??4bx_shadow_num_c@@QAEAAV0@ABV0@@Z
??4bx_simulator_interface_c@@QAEAAV0@ABV0@@Z
??4bx_startup_flags_t@@QAEAAU0@ABU0@@Z
??4bx_vga_stub_c@@QAEAAV0@ABV0@@Z
??4iofunctions@@QAEAAV0@ABV0@@Z
??4logfunctions@@QAEAAV0@ABV0@@Z
??4state_file@@QAEAAV0@ABV0@@Z
??_7bx_cmos_stub_c@@6B@
??_7bx_devmodel_c@@6B@
??_7bx_dma_stub_c@@6B@
??_7bx_floppy_stub_c@@6B@
??_7bx_gui_c@@6B@
??_7bx_hard_drive_stub_c@@6B@
??_7bx_keyb_stub_c@@6B@
??_7bx_list_c@@6B@
??_7bx_ne2k_stub_c@@6B@
??_7bx_param_bool_c@@6B@
??_7bx_param_c@@6B@
??_7bx_param_enum_c@@6B@
??_7bx_param_filename_c@@6B@
??_7bx_param_num_c@@6B@
??_7bx_param_string_c@@6B@
??_7bx_pci_stub_c@@6B@
??_7bx_pic_stub_c@@6B@
??_7bx_shadow_bool_c@@6B@
??_7bx_shadow_num_c@@6B@
??_7bx_simulator_interface_c@@6B@
??_7bx_vga_stub_c@@6B@
??_C@_01PKMN@?$DP?$AA@
??_C@_02BAGN@HD?$AA@
??_C@_03DCIF@pic?$AA@
??_C@_03EJHH@vga?$AA@
??_C@_03FEDB@dma?$AA@
??_C@_03KBHP@IAC?$AA@
??_C@_03KLBC@pci?$AA@
??_C@_03OHOJ@ask?$AA@
??_C@_04GCLN@init?$AA@
??_C@_04NGKI@cmos?$AA@
??_C@_04NLOI@INFO?$AA@
??_C@_04NOOC@PASS?$AA@
??_C@_05DAPA@DEBUG?$AA@
??_C@_05EFDD@ERROR?$AA@
??_C@_05NAJM@PANIC?$AA@
??_C@_05NGOJ@reset?$AA@
??_C@_05NIGC@fatal?$AA@
??_C@_06FAFB@floppy?$AA@
??_C@_06GNEG@get_TC?$AA@
??_C@_06KEFI@ignore?$AA@
??_C@_06OEL@report?$AA@
??_C@_07CKCP@set_DRQ?$AA@
??_C@_07CMKH@get_reg?$AA@
??_C@_07HPKL@set_reg?$AA@
??_C@_08BECF@mem_read?$AA@
??_C@_08FJIC@keyboard?$AA@
??_C@_08HGEL@checksum?$AA@
??_C@_09BNJK@raise_irq?$AA@
??_C@_09GIJN@lower_irq?$AA@
??_C@_09LHMM@mem_write?$AA@
??_C@_0BA@JHFA@close_harddrive?$AA@
??_C@_0BB@CHI@get_media_status?$AA@
??_C@_0BB@JJFI@set_media_status?$AA@
??_C@_0BC@CMOE@get_text_snapshot?$AA@
??_C@_0BC@MHIH@get_device_handle?$AA@
??_C@_0BC@PHLP@virt_read_handler?$AA@
??_C@_0BD@PJGG@virt_write_handler?$AA@
??_C@_0BE@BGID@set_update_interval?$AA@
??_C@_0BE@EJDM@paste_delay_changed?$AA@
??_C@_0BE@FHDI@get_first_cd_handle?$AA@
??_C@_0BE@HGGJ@registerDMA8Channel?$AA@
??_C@_0BE@IABF@get_cd_media_status?$AA@
??_C@_0BE@JJBN@set_cd_media_status?$AA@
??_C@_0BF@BH@registerDMA16Channel?$AA@
??_C@_0BF@NCBH@unregisterDMAChannel?$AA@
??_C@_0BG@HCBD@mouse_enabled_changed?$AA@
??_C@_0BG@HOAN@register_pci_handlers?$AA@
??_C@_0DN@JDHH@?$CFs?5called?5in?5?$CFs?5stub?4?5you?5must?5n@
??_C@_0L@LBNM@raise_HLDA?$AA@
??_C@_0M@FDAM@redraw_area?$AA@
??_C@_0M@IJCJ@paste_bytes?$AA@
??_C@_0N@DJKH@mouse_motion?$AA@
??_C@_0N@FMNN@put_scancode?$AA@
??_C@_0N@LGKO@gen_scancode?$AA@
??_C@_0O@EBKK@trigger_timer?$AA@
?AAA@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AAD@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AAM@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AAS@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_ALIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_AXIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_EAXId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_EbGb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_EbIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_EdGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_EdId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_EwGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_EwIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_GbEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_GdEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADC_GwEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADDPD_VpdWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADDPS_VpsWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADDSD_VsdWsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADDSS_VssWss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_ALIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_AXIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EAXId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EEdId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EEwIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EGdId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EGwIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EbGb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EbIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EdGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_EwGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_GbEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_GdEEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_GdEGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_GwEEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ADD_GwEGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_ALIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_AXIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_EAXId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_EbGb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_EbIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_EdGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_EdId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_EwGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_EwIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_GbEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_GdEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?AND_GwEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ARPL_EwGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BOUND_GvMa@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSF_GvEv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSR_GvEv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSWAP_EAX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSWAP_EBP@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSWAP_EBX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSWAP_ECX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSWAP_EDI@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSWAP_EDX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSWAP_ESI@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BSWAP_ESP@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BTC_EvGv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BTC_EvIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BTR_EvGv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BTR_EvIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BTS_EvGv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BTS_EvIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BT_EvGv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BT_EvIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BxError@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?BxResolveError@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CALL16_Ap@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CALL16_Ep@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CALL32_Ap@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CALL32_Ep@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CALL_Ad@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CALL_Aw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CALL_Ed@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CALL_Ew@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CBW@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CDQ@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CLC@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CLD@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CLI@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CLTS@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMC@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMOV_GdEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMOV_GwEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPPD_VpdWpdIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPPS_VpsWpsIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPSB_XbYb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPSD_VsdWsdIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPSS_VssWssIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPSW_XvYv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPXCHG8B@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPXCHG_EbGb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPXCHG_EdGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPXCHG_EwGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPXCHG_IBTS@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMPXCHG_XBTS@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_ALIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_AXIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_EAXId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_EbGb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_EbIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_EdGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_EdId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_EwGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_EwIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_GbEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_GdEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CMP_GwEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?COMISD_VpdWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?COMISS_VpsWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CPUID@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CR3_change@bx_cpu_c@@SAXI@Z
?CVTDQ2PD_VpdWq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTDQ2PS_VpsWdq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTPD2DQ_VqWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTPD2PI_PqWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTPD2PS_VpdWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTPI2PD_VpdQd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTPI2PS_VpsQq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTPS2DQ_VdqWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTPS2PD_VpsWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTPS2PI_PqWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTSD2SI_GdWsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTSD2SS_VsdWsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTSI2SD_VsdEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTSI2SS_VssEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTSS2SD_VssWss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTSS2SI_GdWss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTTPD2DQ_VqWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTTPD2PI_PqWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTTPS2DQ_VdqWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTTPS2PI_PqWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTTSD2SI_GdWsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CVTTSS2SI_GdWss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CWD@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?CWDE@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DAA@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DAS@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DEC_ERX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DEC_Eb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DEC_Ed@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DEC_Ew@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DEC_RX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DIVPD_VpdWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DIVPS_VpsWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DIVSD_VsdWsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DIVSS_VssWss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DIV_ALEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DIV_AXEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?DIV_EAXEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?EMMS@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ENTER_IwIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ESC0@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ESC1@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ESC2@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ESC3@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ESC4@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ESC5@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ESC6@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?ESC7@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?FWAIT@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?FXRSTOR@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?FXSAVE@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?HLT@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IAC@bx_pc_system_c@@QAEEXZ
?IAC@bx_pic_stub_c@@UAEEXZ
?IDIV_ALEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IDIV_AXEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IDIV_EAXEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IMUL_ALEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IMUL_AXEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IMUL_EAXEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IMUL_GdEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IMUL_GdEdId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IMUL_GwEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IMUL_GwEwIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INC_ERX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INC_Eb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INC_Ed@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INC_Ew@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INC_RX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INSB_YbDX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INSW_YvDX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INT1@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INT3@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INTO@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INT_Ib@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INVD@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?INVLPG@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IN_ALDX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IN_ALIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IN_eAXDX@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IN_eAXIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IRET16@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?IRET32@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JCC_Jd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JCC_Jw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JCXZ_Jb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JMP16_Ep@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JMP32_Ep@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JMP_Ap@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JMP_Ed@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JMP_Ew@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JMP_Jd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JMP_Jw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JNZ_Jd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JNZ_Jw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JZ_Jd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?JZ_Jw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LAHF@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LAR_GvEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LDMXCSR@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LDS_GvMp@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LEAVE@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LEA_GdM@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LEA_GwM@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LES_GvMp@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LFS_GvMp@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LGDT_Ms@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LGS_GvMp@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LIDT_Ms@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LLDT_Ew@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LMSW_Ew@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LOADALL@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LODSB_ALXb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LODSW_eAXXv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LOOPE_Jb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LOOPNE_Jb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LOOP_Jb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LSL_GvEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LSS_GvMp@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?LTR_Ew@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MASKMOVDQU_VdqVRdq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MASKMOVQ_PqPRq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MAXPD_VpdWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MAXPS_VpsWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MAXSD_VsdWsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MAXSS_VssWss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MINPD_VpdWpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MINPS_VpsWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MINSD_VsdWsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MINSS_VssWss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVAPS_VpsWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVAPS_WpsVps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVDQ2Q_PqVRq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVD_EdPd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVD_EdVd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVD_PqEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVD_VdqEd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVHPS_MqVps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVHPS_VpsMq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVLPS_MqVps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVLPS_VpsMq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVMSKPD_EdVRpd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVMSKPS_GdVRps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVNTI_MdGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVNTPS_MdqVps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVNTQ_MqPq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVQ2DQ_VdqQq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVQ_PqQq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVQ_QqPq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVQ_VqWq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVQ_WqVq@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSB_XbYb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSD_VsdWsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSD_WsdVsd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSS_VssWss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSS_WssVss@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSW_XvYv@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSX_GdEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSX_GdEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSX_GwEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVSX_GwEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVUPS_VpsWps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVUPS_WpsVps@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVZX_GdEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVZX_GdEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVZX_GwEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOVZX_GwEw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_ALOb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_AXOw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_CdRd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_DdRd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EAXOd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EEbGb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EEdGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EEwGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EGbGb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EGdGd@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EGwGw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_ERXId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EbIb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EdId@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EwIw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_EwSw@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_GbEEb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z
?MOV_GbEGb@bx_cpu_c@@SAXPAVbxInstruction_c@@@Z

Sections

.text
Size: 564KB - Virtual size: 561KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
bochsrc
bochsrc-sample.txt
boot.bat
bximage.exe
.exe windows:4 windows x86

583667b049b9b10b9418bc7bf4e9d5f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetLastError
SetFilePointer
HeapFree
CloseHandle
GetProcAddress
GetModuleHandleA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
ExitProcess
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
FlushFileBuffers
ReadFile
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetEndOfFile
ReadConsoleInputA
SetConsoleMode
GetConsoleMode

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
cdrv.img
cygwin1.dll
.dll windows:4 windows x86

b5c3513275a2c71a72b862f5a6f26ab0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

BackupRead
BackupSeek
BackupWrite
Beep
ClearCommBreak
ClearCommError
CloseHandle
CompareFileTime
CopyFileA
CreateDirectoryA
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreatePipe
CreateProcessA
CreateSemaphoreA
CreateThread
DeleteCriticalSection
DeleteFileA
DeviceIoControl
DuplicateHandle
EnterCriticalSection
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FindClose
FindFirstChangeNotificationA
FindFirstFileA
FindNextChangeNotification
FindNextFileA
FlushConsoleInputBuffer
FlushFileBuffers
FlushViewOfFile
FreeConsole
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCommState
GetCommandLineA
GetComputerNameA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetConsoleTitleA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileInformationByHandle
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLogicalDriveStringsA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetProcAddress
GetProcessTimes
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTapeParameters
GetTapePosition
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeZoneInformation
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadReadPtr
IsBadStringPtrA
IsBadWritePtr
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LockFile
LockFileEx
MapViewOfFile
MapViewOfFileEx
MoveFileA
MoveFileExA
MultiByteToWideChar
OpenEventA
OpenFileMappingA
OpenMutexA
OpenProcess
OpenSemaphoreA
OutputDebugStringA
PeekConsoleInputA
PeekNamedPipe
PrepareTape
PulseEvent
PurgeComm
QueryPerformanceCounter
QueryPerformanceFrequency
ReadConsoleInputA
ReadConsoleOutputA
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
ResumeThread
ScrollConsoleScreenBufferA
SetCommBreak
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCtrlHandler
SetConsoleCursorPosition
SetConsoleMode
SetConsoleTextAttribute
SetConsoleTitleA
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFileApisToANSI
SetFileApisToOEM
SetFileAttributesA
SetFilePointer
SetFileTime
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetSystemTime
SetTapeParameters
SetTapePosition
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransmitCommChar
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitCommEvent
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleOutputA
WriteFile
WriteProcessMemory
WriteTapemark

Exports

Exports

__argc
__argv
__assert
__assertfail
__ctype_ptr
__cygwin_environ
__cygwin_user_data
__eprintf
__errno
__f_atan2
__f_atan2f
__f_exp
__f_expf
__f_frexp
__f_frexpf
__f_ldexp
__f_ldexpf
__f_log
__f_log10
__f_log10f
__f_logf
__f_pow
__f_powf
__f_tan
__f_tanf
__infinity
__main
__mb_cur_max
__progname
__signgam
__srget
__swbuf
_abort
_abs
_access
_acl
_aclcheck
_aclfrommode
_aclfrompbits
_aclfromtext
_aclsort
_acltomode
_acltopbits
_acltotext
_acos
_acosf
_acosh
_acoshf
_alarm
_alloca
_alphasort
_asctime
_asctime_r
_asin
_asinf
_asinh
_asinhf
_atan
_atan2
_atan2f
_atanf
_atanh
_atanhf
_atexit
_atof
_atoff
_atoi
_atol
_bcmp
_bcopy
_bsearch
_bzero
_cabs
_cabsf
_calloc
_cbrt
_cbrtf
_ceil
_ceilf
_chdir
_check_for_executable
_chmod
_chown
_chroot
_clearerr
_clock
_close
_closedir
_closelog
_copysign
_copysignf
_cos
_cosf
_cosh
_coshf
_creat
_ctime
_ctime_r
_ctype_
_cuserid
_cwait
_daylight
_difftime
_dirfd
_div
_dll_crt0@0
_drand48
_drem
_dremf
_dup
_dup2
_ecvt
_ecvtbuf
_ecvtf
_endgrent
_endmntent
_endpwent
_endutent
_erand48
_erf
_erfc
_erfcf
_erff
_execl
_execle
_execlp
_execv
_execve
_execvp
_exit
_exp
_expf
_expm1
_expm1f
_f_atan2
_f_atan2f
_f_exp
_f_expf
_f_frexp
_f_frexpf
_f_ldexp
_f_ldexpf
_f_log
_f_log10
_f_log10f
_f_logf
_f_pow
_f_powf
_f_tan
_f_tanf
_fabs
_fabsf
_facl
_fchdir
_fchmod
_fchown
_fclose
_fcntl
_fcvt
_fcvtbuf
_fcvtf
_fdopen
_feof
_ferror
_fflush
_ffs
_fgetc
_fgetpos
_fgets
_fileno
_finite
_finitef
_fiprintf
_floor
_floorf
_fmod
_fmodf
_fnmatch
_fopen
_fork
_fprintf
_fputc
_fputs
_fread
_free
_freopen
_frexp
_frexpf
_fscanf
_fscanf_r
_fseek
_fsetpos
_fstat
_fstatfs
_fsync
_ftell
_ftime
_ftruncate
_fwrite
_gamma
_gamma_r
_gammaf
_gammaf_r
_gcvt
_gcvtf
_get_osfhandle
_getc
_getchar
_getcwd
_getdomainname
_getdtablesize
_getegid
_getenv
_geteuid
_getgid
_getgrent
_getgrgid
_getgrnam
_getgroups
_gethostname
_getlogin
_getmntent
_getmode
_getpagesize
_getpass
_getpgrp
_getpid
_getppid
_getpwduid
_getpwent
_getpwnam
_getpwuid
_getrlimit
_getrusage
_gets
_gettimeofday
_getuid
_getutent
_getutid
_getutline
_getw
_getwd
_glob
_globfree
_gmtime
_gmtime_r
_htonl
_htons
_hypot
_hypotf
_ilogb
_ilogbf
_index
_infinity
_infinityf
_ioctl
_iprintf
_isalnum
_isalpha
_isascii
_isatty
_iscntrl
_isdigit
_isgraph
_isinf
_isinff
_islower
_isnan
_isnanf
_isprint
_ispunct
_isspace
_isupper
_isxdigit
_j0
_j0f
_j1
_j1f
_jn
_jnf
_jrand48
_kill
_labs
_lacl
_lchown
_lcong48
_ldexp
_ldexpf
_ldiv
_lgamma
_lgamma_r
_lgammaf
_lgammaf_r
_link
_localeconv
_localtime
_localtime_r
_log
_log10
_log10f
_log1p
_log1pf
_logb
_logbf
_logf
_longjmp
_lrand48
_lseek
_lstat
_malloc
_matherr
_mblen
_mbstowcs
_mbtowc
_memccpy
_memchr
_memcmp
_memcpy
_memmove
_memset
_mkdir
_mknod
_mkstemp
_mktemp
_mktime
_modf
_modff
_mount
_nan
_nanf
_nextafter
_nextafterf
_nice
_nrand48
_ntohl
_ntohs
_open
_opendir
_openlog
_pathconf
_pclose
_perror
_pipe
_poll
_popen
_pow
_powf
_printf
_putc
_putchar
_putenv
_puts
_putw
_qsort
_raise
_rand
_read
_readdir
_readlink
_readv
_realloc
_remainder
_remainderf
_remove
_rename
_rewind
_rewinddir
_rindex
_rint
_rintf
_rmdir
_sbrk
_scalb
_scalbf
_scalbn
_scalbnf
_scandir
_scanf
_scanf_r
_seed48
_seekdir
_select
_setbuf
_setdtablesize
_setegid
_setenv
_seteuid
_setgid
_setgrent
_setjmp
_setlocale
_setmntent
_setmode
_setpassent
_setpgid
_setpgrp
_setpwent
_setrlimit
_setsid
_settimeofday
_setuid
_setutent
_setvbuf
_sigaction
_sigaddset
_sigdelset
_sigemptyset
_sigfillset
_sigismember
_signal
_significand
_significandf
_sigpending
_sigprocmask
_sigsuspend
_sin
_sinf
_sinh
_sinhf
_siprintf
_sleep
_snprintf
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_sprintf
_sqrt
_sqrtf
_srand
_srand48
_sscanf
_sscanf_r
_stat
_statfs
_strcasecmp
_strcat
_strchr
_strcmp
_strcoll
_strcpy
_strcspn
_strdup
_strerror
_strftime
_strlen
_strlwr
_strncasecmp
_strncat
_strncmp
_strncpy
_strpbrk
_strrchr
_strsep
_strspn
_strstr
_strtod
_strtodf
_strtok
_strtok_r
_strtol
_strtoll
_strtoul
_strtoull
_strupr
_strxfrm
_swab
_symlink
_sync
_sys_errlist
_sys_nerr
_sysconf
_syslog
_system
_tan
_tanf
_tanh
_tanhf
_tcdrain
_tcflow
_tcflush
_tcgetattr
_tcgetpgrp
_tcsendbreak
_tcsetattr
_tcsetpgrp
_telldir
_tempnam
_time
_times
_timezone
_tmpfile
_tmpnam
_toascii
_tolower
_toupper

Sections

.text
Size: 634KB - Virtual size: 633KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/17
Size: 1024B - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/31
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/46
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/61
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/76
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/91
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/103
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/115
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/127
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/139
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/153
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/167
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/180
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/193
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/207
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/220
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/235
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/250
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/262
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/274
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/289
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/304
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/316
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 217KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
disk/loader/dosmbr.bin
disk/loader/ext2.bin
disk/loader/fat.bin
disk/loader/fat32.bin
disk/loader/freeldr.sys
disk/loader/isoboot.bin
disk/loader/setupldr.sys
disk/readme.txt
floppy.img
freedos.bat
freedos.img
freeldr.bat
freeldr.img
freeldr2img.bat
keymaps/sdl-pc-de.map
keymaps/sdl-pc-us.map
keymaps/x11-pc-da.map
keymaps/x11-pc-de.map
keymaps/x11-pc-es.map
keymaps/x11-pc-fr.map
keymaps/x11-pc-it.map
keymaps/x11-pc-se.map
keymaps/x11-pc-uk.map
keymaps/x11-pc-us.map
mcd.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mcopy.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mdel.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mdeltree.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mdir.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mformat.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
minfo.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mlabel.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mmd.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mmove.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mrd.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mren.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
mtinst.bat
mtools.conf
mtools.exe
.exe windows:4 windows x86

6896e268232447e4edf7b3420bd14968

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

cygwin1

__errno
__main
_ctype_
access
atexit
atoi
calloc
close
closedir
cygwin_internal
dll_crt0__FP11per_process
dup
endmntent
execl
execvp
exit
fclose
fcntl
fdopen
fflush
fgetc
fgets
fopen
fork
fprintf
fputs
fread
free
fstat
fwrite
getegid
getenv
geteuid
getgid
getlogin
getmntent
getpass
getpwnam
getpwuid
gettimeofday
getuid
isatty
kill
localtime
lseek
lstat
malloc
memcpy
memmove
memset
mkdir
open
opendir
perror
pipe
printf
putc
random
read
readdir
realloc
seteuid
setgid
setmntent
setuid
signal
snprintf
sprintf
srandom
sscanf
stat
strcasecmp
strcat
strchr
strcmp
strcpy
strcspn
strdup
strerror
strncasecmp
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strtol
strtoul
tcflush
tcgetattr
tcsetattr
time
unlink
utimes
wait
write

kernel32

GetModuleHandleA

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
niclist.exe
.exe windows:4 windows x86

a6895b2ac8c194e5162aff7ab3764e06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
lstrlenA
GetVersion
GetProcAddress
LoadLibraryA
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
lstrlenW
WriteFile
HeapAlloc
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetLastError
FlushFileBuffers
SetFilePointer
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
CloseHandle
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
CreateFileA

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
penguin.ico
sb16ctrl.exe
sb16ctrl.txt
system
test.bat

Sharing

General

Malware Config

Signatures

Files

Password: infected

b5f4882fc3ecd4da6fcc68004086d1d8

Headers

File Characteristics

Imports

comctl32

kernel32

user32

gdi32

advapi32

shell32

ole32

version

Sections

.text Size: 25KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 102KB

.rsrc Size: 6KB - Virtual size: 8KB

8ada861949644588b0b9187b3894c549

Headers

File Characteristics

Imports

msvcrt

advapi32

comctl32

comdlg32

gdi32

kernel32

user32

Sections

.text Size: 822KB - Virtual size: 822KB

.data Size: 33KB - Virtual size: 33KB

.rdata Size: 75KB - Virtual size: 75KB

.bss Size: - Virtual size: 173KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 2KB - Virtual size: 1KB

4b16a26ae43b6dbced3d54d1da791f7f

Headers

File Characteristics

Imports

user32

advapi32

kernel32

gdi32

winmm

comctl32

Exports

Exports

Sections

.text Size: 564KB - Virtual size: 561KB

.rdata Size: 96KB - Virtual size: 95KB

.data Size: 164KB - Virtual size: 1.6MB

583667b049b9b10b9418bc7bf4e9d5f3

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 32KB - Virtual size: 30KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 10KB

b5c3513275a2c71a72b862f5a6f26ab0

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 634KB - Virtual size: 633KB

.data Size: 31KB - Virtual size: 30KB

/4 Size: 512B - Virtual size: 276B

/17 Size: 1024B - Virtual size: 888B

/31 Size: 1KB - Virtual size: 1KB

/46 Size: 2KB - Virtual size: 2KB

.text
Size: 25KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 102KB

.rsrc
Size: 6KB - Virtual size: 8KB

.text
Size: 822KB - Virtual size: 822KB

.data
Size: 33KB - Virtual size: 33KB

.rdata
Size: 75KB - Virtual size: 75KB

.bss
Size: - Virtual size: 173KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 564KB - Virtual size: 561KB

.rdata
Size: 96KB - Virtual size: 95KB

.data
Size: 164KB - Virtual size: 1.6MB

.text
Size: 32KB - Virtual size: 30KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 10KB

.text
Size: 634KB - Virtual size: 633KB

.data
Size: 31KB - Virtual size: 30KB

/4
Size: 512B - Virtual size: 276B

/17
Size: 1024B - Virtual size: 888B

/31
Size: 1KB - Virtual size: 1KB

/46
Size: 2KB - Virtual size: 2KB

/61
Size: 512B - Virtual size: 176B

/76
Size: 512B - Virtual size: 248B

/91
Size: 512B - Virtual size: 200B

/103
Size: 512B - Virtual size: 336B

/115
Size: 512B - Virtual size: 24B

/127
Size: 512B - Virtual size: 40B

/139
Size: 512B - Virtual size: 120B

/153
Size: 512B - Virtual size: 208B

/167
Size: 1024B - Virtual size: 668B

/180
Size: 1024B - Virtual size: 1000B

/193
Size: 1KB - Virtual size: 1KB

/207
Size: 512B - Virtual size: 360B

/220
Size: 512B - Virtual size: 52B

/235
Size: 512B - Virtual size: 64B

/250
Size: 512B - Virtual size: 68B

/262
Size: 512B - Virtual size: 96B

/274
Size: 512B - Virtual size: 200B

/289
Size: 512B - Virtual size: 280B

/304
Size: 512B - Virtual size: 200B

/316
Size: 512B - Virtual size: 312B

.bss
Size: - Virtual size: 217KB

.edata
Size: 24KB - Virtual size: 23KB

.idata
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 35KB - Virtual size: 34KB

.text
Size: 110KB - Virtual size: 109KB

.data
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB

.text
Size: 110KB - Virtual size: 109KB

.data
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB

.text
Size: 110KB - Virtual size: 109KB

.data
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB

.text
Size: 110KB - Virtual size: 109KB

.data
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB