801cbd997eed7cd05d0712dbea0d0f86f7caff3e3fc00bcb89509cc46aa96c46[.]zip[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

801cbd997eed7cd05d0712dbea0d0f86f7caff3e3fc00bcb89509cc46aa96c46.zip.zip
Size

9.6MB
MD5

aaafa0bb8843634e928c98992624939e
SHA1

4c5b21b11d4a8e2d4cd9f790b8595f8945e0ad27
SHA256

36b600365bf602c615cbeaf483c76badbc531fb99f78f457a3284659312b3b9c
SHA512

4e4a63ae5a3f01aaa098575f082662356494655cc4742ed96a139858a34e2c641f4b5d6706d8d02c28625c78ff0b6c5e144f0e838e8b70c79d2726b6671a1c1e
SSDEEP

196608:eciQ/JfTIk7irbdO52hAQjJdK/9lJlf+f0nB+b2D8J:/ThfjgbdO8yc8frnFYJ

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 16 IoCs

Checks for missing Authenticode signature.

resource
unpack005/B57exp.cpl
unpack005/BASFND.sys
unpack005/BMAPI.dll
unpack005/BacsTray.exe
unpack005/ControlSuite.exe
unpack005/MSVCRT.DLL
unpack005/cabw32.dll
unpack005/fad.sys
unpack005/mfc42.dll
unpack002/4401/MgmtApps/setup.exe
unpack002/4401/NT/bcm4sbe4.sys
unpack002/4401/NT/dtect44xx.dll
unpack002/4401/Win2k/bcm4sbe5.sys
unpack002/4401/WinXP/bcm4sbxp.sys
unpack002/4401/bcm4sbe5.sys
unpack002/4401/bcm4sbxp.sys

Files

801cbd997eed7cd05d0712dbea0d0f86f7caff3e3fc00bcb89509cc46aa96c46.zip.zip
.zip

Password: infected
801cbd997eed7cd05d0712dbea0d0f86f7caff3e3fc00bcb89509cc46aa96c46.zip
.zip
4401/DOS/NDIS2/B44.dos
4401/DOS/NDIS2/PROTOCOL.INI
4401/DOS/NDIS2/readme.txt
4401/DOS/NDIS2/release.txt
4401/DOS/ODI/NET.CFG
4401/DOS/ODI/b44.com
4401/DOS/ODI/b44.ins
4401/DOS/ODI/readme.txt
4401/DOS/ODI/release.txt
4401/DosDiag/440xDiag.pdf
.pdf
- http://filename.do
4401/DosDiag/440xdiag.txt
4401/DosDiag/440xudiag.txt
4401/DosDiag/B44DIAG.EXE
4401/DosDiag/b44diagSC_114.zip
.zip
Cl4xsb.c
.vbs
Cl4xsb.h
ETC.H
ETHERNET.H
PMODEW.EXE
PMWBIND.EXE
PMWSETUP.EXE
PMWVER.COM
StdAfx.h
asf.h
b44diag.lnk
b44diag.txt
bcmdevs.h
bcmenetmib.h
bcmtype.h
bitbang.c
bitbang.h
bits.h
blast.c
blast.h
c.bat
dos4gw.exe
eeprom.h
enet47xx.h
enetmib.h
enetrxh.h
env.bat
.bat .vbs
error.h
f.bat
fw_img.h
genbin.c
general.h
hnddma.h
list.h
lm.h
makefile
media_rgn.h
mediargn.h
mm.h
pci.c
pci.h
pet.h
protocol.h
queue.h
sbconfig.h
sbsprom.h
screen.c
sromutl.c
sromutl.h
t3_cli.c
t3_cli.h
t3_cmd.c
t3_cmd.h
t3_comm.c
t3_comm.h
t3_data.c
t3_data.h
t3_diag.c
t3_diag.h
t3_eecfg.c
t3_eecfg.h
t3_eprom.c
t3_eprom.h
t3_error.c
t3_error.h
t3_flash.c
t3_flash.h
t3_gdata.h
t3_hist.c
t3_hist.h
t3_intr.c
t3_intr.h
t3_io.c
t3_main.c
t3_mdiag.c
t3_mdiag.h
t3_mii.h
t3_misc.asm
t3_prtf.c
t3_prtf.h
t3_reg.h
t3_scrn.h
t3_tests.c
t3_tests.h
t3_tx.c
t3_tx.h
t3_um.c
t3_util.c
t3_util.h
t3_var.h
t3_win.c
t3_win.h
t3oid.h
t_io.h
tigon3.c
tigon3.h
types.h
um.h
version.c
4401/DosDiag/b44udiag.exe
4401/DosDiag/diag_release.txt
4401/DosDiag/udiag_release.txt
4401/Manual/BACS.htm
.html
4401/Manual/dell.css
4401/Manual/diaguser.htm
.html
4401/Manual/graphics/2k1.gif
4401/Manual/graphics/4401-bacs-diag.jpg
.jpg
4401/Manual/graphics/440XPic.jpg
.jpg
4401/Manual/graphics/5702_new.gif
.gif
4401/Manual/graphics/5702_search.gif
.gif
4401/Manual/graphics/Image2.gif
.gif
4401/Manual/graphics/Image3.gif
.gif
4401/Manual/graphics/Image4.gif
.gif
4401/Manual/graphics/Image5.gif
.gif
4401/Manual/graphics/Image6.gif
.gif
4401/Manual/graphics/Image7.gif
.gif
4401/Manual/graphics/Template/caution.gif
.gif
4401/Manual/graphics/Thumbs.db
4401/Manual/graphics/ascssu1.gif
4401/Manual/graphics/ascssu6.gif
.gif
4401/Manual/graphics/ascsui1.gif
.gif
4401/Manual/graphics/ascsui1.jpg
.jpg .ps1
4401/Manual/graphics/ascsui2.gif
4401/Manual/graphics/ascsui3.gif
4401/Manual/graphics/ascsui4.gif
4401/Manual/graphics/bacs_ AdvCtlSte.jpg
.jpg
4401/Manual/graphics/bacs_2.JPG
.jpg
4401/Manual/graphics/bacs_Custom.jpg
.jpg
4401/Manual/graphics/bacs_GenStat.jpg
.jpg
4401/Manual/graphics/bacs_IEEEStats.jpg
.jpg
4401/Manual/graphics/bacs_InstallProd.jpg
.jpg
4401/Manual/graphics/bacs_VitalSign.jpg
.jpg
4401/Manual/graphics/basc2.gif
.gif
4401/Manual/graphics/basc3.gif
.gif
4401/Manual/graphics/bullet.gif
.gif
4401/Manual/graphics/caution.gif
.gif
4401/Manual/graphics/image1.gif
.gif
4401/Manual/graphics/image10.gif
.gif
4401/Manual/graphics/image11.gif
.gif
4401/Manual/graphics/image12.gif
.gif
4401/Manual/graphics/image13.gif
.gif
4401/Manual/graphics/image14.gif
.gif
4401/Manual/graphics/image15.gif
.gif
4401/Manual/graphics/image16.gif
.gif
4401/Manual/graphics/image8.gif
.gif
4401/Manual/graphics/image9.gif
.gif
4401/Manual/graphics/note.gif
.gif
4401/Manual/graphics/ping.gif
.gif
4401/Manual/graphics/pingDOS.jpg
.jpg
4401/Manual/graphics/pulse.gif
.gif
4401/Manual/graphics/run.gif
.gif
4401/Manual/graphics/srom1.gif
.gif
4401/Manual/graphics/srom2.gif
.gif
4401/Manual/graphics/w2k01.gif
.gif
4401/Manual/graphics/w2k02.gif
.gif
4401/Manual/graphics/w2k05.gif
.gif
4401/Manual/graphics/w98_02.gif
.gif
4401/Manual/graphics/w98_03.gif
.gif
4401/Manual/graphics/w98_08.gif
.gif
4401/Manual/graphics/w98_16.jpg
.jpg
4401/Manual/graphics/wme_03.gif
.gif
4401/Manual/graphics/wme_04.gif
.gif
4401/Manual/graphics/xp_802Adv.jpg
.jpg
4401/Manual/graphics/xp_802AdvAuto.jpg
.jpg
4401/Manual/graphics/xp_Adv.jpg
.jpg
4401/Manual/graphics/xp_ConfDevRem.jpg
.jpg
4401/Manual/graphics/xp_DevMgrUninstall.jpg
.jpg
4401/Manual/graphics/xp_DevMgrUpdDrvr.jpg
.jpg
4401/Manual/graphics/xp_Finish.jpg
.jpg
4401/Manual/graphics/xp_General.jpg
.jpg
4401/Manual/graphics/xp_InstallSoftAuto.jpg
.jpg
4401/Manual/graphics/xp_PickCat.jpg
.jpg
4401/Manual/graphics/xp_PickTaskCPIcon.jpg
.jpg
4401/Manual/graphics/xp_SysPropGen.jpg
.jpg
4401/Manual/graphics/xp_SysPropHdwr.jpg
.jpg
4401/Manual/graphics/xp_Wait.jpg
.jpg
4401/Manual/graphics/xp_Wait2.jpg
.jpg
4401/Manual/index.htm
.html
4401/Manual/install.htm
.html
4401/Manual/intro.htm
.html
4401/Manual/preface.htm
.html
4401/Manual/regs.htm
.html
4401/Manual/specs.htm
.html
4401/Manual/sromutil.htm
.html
4401/Manual/trouble.htm
.html
4401/Manual/win2000.htm
.html
4401/Manual/win98.htm
.html
4401/Manual/winMe.htm
.html
4401/Manual/winnt.htm
.html
4401/Manual/winxp.htm
.html
4401/MgmtApps/Broadcom Advanced Control Suite.msi
.msi
4401/MgmtApps/Data1.cab
.cab
B57exp.cpl
.dll windows:4 windows x86

248db5e4121231c3664451d124378ce1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

bmapi

ord1
ord3
ord74
ord73
ord34
ord62
ord60
ord59
ord61
ord58
ord57
ord56
ord17
ord16
ord29
ord46
ord10
ord13
ord7
ord11
ord27
ord45
ord65
ord51
ord42
ord47
ord32
ord48
ord8
ord9
ord4
ord5
ord6
ord31
ord55
ord12

cabw32

cdGetPhycState
InitRawPatternDictionary
cabW32Init
PhycSubstatePatternMatch
ComputeCableLoss
PhycStatePatternMatch
cdGetEnergyDetect
CreateNormalizedPatternDictionary
cdGetPhycSubstate
ComputeReturnLoss
cdGetAllTaps
cdResetPhy
cdGetLinkStatus
cdGetWireMap

mfc42

ord3830
ord3831
ord3825
ord2976
ord4080
ord3081
ord3079
ord4425
ord3597
ord800
ord4627
ord860
ord540
ord324
ord641
ord2370
ord4234
ord5953
ord4710
ord4274
ord6375
ord4486
ord2554
ord825
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord2512
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord815
ord561
ord4160
ord2725
ord3953
ord6877
ord537
ord823
ord5300
ord5161
ord5162
ord5160
ord4905
ord4976
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord768
ord1168
ord489
ord1907
ord4258
ord2642
ord4224
ord6241
ord6785
ord6007
ord2915
ord3996
ord858
ord3301
ord3910
ord4220
ord2584
ord3654
ord2438
ord6270
ord2863
ord1644
ord1146
ord2817
ord2652
ord1669
ord4742
ord4683
ord3663
ord2575
ord6055
ord1776
ord4396
ord5290
ord3402
ord3574
ord609
ord567
ord2864
ord2302
ord2818
ord1200
ord6467
ord2528
ord1771
ord6366
ord2413
ord2024
ord4219
ord2581
ord4401
ord3639
ord692
ord613
ord5789
ord2860
ord289
ord3803
ord3797
ord6605
ord3815
ord4275
ord2379
ord6453
ord5852
ord4083
ord1945
ord3495
ord3262
ord2985
ord323
ord3626
ord2414
ord5785
ord2614
ord3874
ord4133
ord4297
ord5788
ord472
ord2567
ord283
ord5875
ord2859
ord2452
ord1641
ord1640
ord6880
ord2405
ord5053
ord3742
ord5821
ord3662
ord818
ord414
ord713
ord6141
ord1775
ord755
ord470
ord2393
ord5859
ord2289
ord922
ord925
ord3097
ord798
ord533
ord3092
ord6028
ord3499
ord2515
ord355
ord6778
ord3721
ord795
ord5873
ord6515
ord6888
ord6675
ord6334
ord6743
ord6669
ord1908
ord1690
ord4439
ord2054
ord4431
ord771
ord1008
ord496
ord5849
ord5288
ord4259
ord6215
ord4284
ord4715
ord3398
ord3733
ord810
ord2862
ord2097
ord384
ord6008
ord535
ord924
ord3303
ord3287
ord656
ord3914
ord5981
ord2587
ord4406
ord3729
ord804
ord2086
ord6197
ord6379
ord4267
ord2582
ord4402
ord3640
ord693
ord4243
ord955
ord3293
ord2639
ord1233
ord2152
ord6380
ord5678
ord2754
ord6172
ord3089
ord5736
ord3619
ord809
ord556
ord1088
ord2122
ord6199
ord941
ord5572
ord926
ord3610
ord2301
ord4123
ord3286
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord5265
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord3571
ord640
ord5681
ord282
ord826
ord269
ord1176
ord1575
ord1116
ord1182
ord342
ord1577
ord1197
ord1570
ord1243
ord1255
ord1578
ord600
ord1253

msvcrt

strstr
_mbsstr
sprintf
strncpy
_mbsicmp
_EH_prolog
atoi
isdigit
??1type_info@@UAE@XZ
__dllonexit
_onexit
atol
memmove
_adjust_fdiv
_strcmpi
_stricmp
__CxxFrameHandler
malloc
free
calloc
_strdup
_ftol
_ui64toa
_initterm

kernel32

LocalAlloc
CreateThread
DeleteCriticalSection
InitializeCriticalSection
CreateFileA
ReadFile
lstrlenA
SetFilePointer
lstrcmpA
CloseHandle
Sleep
GetSystemDirectoryA
GetTickCount
lstrcmpiA
GetVersionExA
GetLastError
GetCurrentProcess
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
lstrcpyA
WinExec
lstrcatA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesExA
GetProcAddress
LocalFree

user32

DestroyIcon
LoadImageA
DestroyCursor
RedrawWindow
GetIconInfo
WindowFromPoint
DrawFocusRect
DrawStateA
InflateRect
GetClientRect
InvalidateRect
FrameRect
CopyRect
GetWindowLongA
PtInRect
IsChild
GetActiveWindow
LoadCursorA
DefWindowProcA
SetTimer
KillTimer
GetCursorPos
GetCapture
ReleaseDC
GetDC
IsIconic
SendInput
EnableMenuItem
ExitWindowsEx
SetWindowLongA
MessageBeep
CopyIcon
FindWindowA
SetCapture
IsWindow
EqualRect
GetSystemMetrics
OffsetRect
IsWindowVisible
GetWindowRect
SetCursor
PostQuitMessage
ReleaseCapture
LoadIconA
LoadStringA
GetParent
LoadMenuA
GetSubMenu
ClientToScreen
PostMessageA
GetMessagePos
ScreenToClient
SendMessageA
MessageBoxA
EnableWindow
LoadBitmapA
FillRect
GetSysColor
RegisterClassA

gdi32

DeleteObject
GetObjectA
CreateFontIndirectA
CreateBitmap
GetTextExtentPoint32A
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetStockObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegQueryValueA
RegDeleteValueA
RegSetValueExA
RegCreateKeyA

shell32

ShellExecuteA

Exports

Exports

CPlApplet

Sections

.text
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 464KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BASFND.sys
.sys windows:5 windows x86

ec29f4bf23ad61d680be5113d1b61912

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

IoDeleteSymbolicLink
IofCompleteRequest
IoCreateDevice
MmMapIoSpace
RtlInitUnicodeString
IoCreateSymbolicLink
IoDeleteDevice
MmUnmapIoSpace
memmove

hal

KeStallExecutionProcessor
HalSetBusDataByOffset
HalGetBusDataByOffset

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 416B - Virtual size: 388B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 928B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 128B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BMAPI.dll
.dll windows:4 windows x86

c3d7f9f5fb356b2c0d886727122eb0e9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryExA
GetSystemDirectoryA
WaitForSingleObject
CreateProcessA
WriteFile
FreeLibrary
GetTempFileNameA
GetTempPathA
CreateThread
CreateEventA
CreateSemaphoreA
ReleaseSemaphore
WaitForSingleObjectEx
GetOverlappedResult
SetEvent
GetCurrentDirectoryA
GetFileSize
OutputDebugStringA
lstrlenA
GetCurrentThreadId
WaitForMultipleObjectsEx
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
CancelIo
ResetEvent
ReadFile
GetWindowsDirectoryA
GetCurrentProcessId
GetTickCount
lstrcmpiA
CreateMutexA
GetProcessHeap
HeapFree
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
SleepEx
DeviceIoControl
GetVersionExA
CreateFileA
Sleep
lstrcpyA
InitializeCriticalSection
GetLastError
CreateFileMappingA
MapViewOfFile
InterlockedIncrement
CloseHandle
InterlockedDecrement
UnmapViewOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetFilePointer
WideCharToMultiByte
DeleteCriticalSection
PeekConsoleInputA
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
lstrcmpiW
LCMapStringW
LCMapStringA
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
GetExitCodeProcess
GetFileAttributesA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetTimeZoneInformation
GetSystemTime
GetLocalTime
DeleteFileA
RtlUnwind
FlushFileBuffers
GetNumberOfConsoleInputEvents
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
ExitProcess
VirtualAlloc
HeapReAlloc
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue

user32

wsprintfA

advapi32

RegCreateKeyExA
CreateServiceA
OpenServiceA
ControlService
DeleteService
StartServiceA
RegEnumValueA
RegFlushKey
RegDeleteKeyA
SetSecurityDescriptorDacl
OpenSCManagerA
QueryServiceLockStatusA
CloseServiceHandle
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor

ole32

CoInitializeEx
CoTaskMemFree
CoCreateInstance
CoUninitialize

cfgmgr32

CM_Locate_DevNodeA
CM_Get_DevNode_Status

setupapi

SetupDiSetClassInstallParamsA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiOpenDevRegKey
SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA

iphlpapi

GetAdaptersInfo

ws2_32

WSAGetLastError
WSACleanup
setsockopt
WSASocketA
WSAStartup
inet_addr
sendto
recvfrom
inet_ntoa
closesocket
bind
gethostbyname

Exports

Exports

BmapiApplyLBFOCfg
BmapiDoNicIOCTL
BmapiEnableDevice
BmapiForceBRCMNicLinkSpeed
BmapiGetASFTable
BmapiGetAllPhyNic
BmapiGetAllPhyNicHandles
BmapiGetAllTeam
BmapiGetAllUnassignedNic
BmapiGetBIOS
BmapiGetBRCMNicInfo
BmapiGetBRCMNicInfoEx
BmapiGetBRCMNicParam
BmapiGetBRCMNicStatistics
BmapiGetBrcmVirNic
BmapiGetFirmwareInfo
BmapiGetHandleByServiceName
BmapiGetIpAddrInfo
BmapiGetLastDiagPort
BmapiGetMultiBRCMNicParams
BmapiGetNicPciInfo
BmapiGetNicStatistics
BmapiGetNicStatistics64
BmapiGetNumPhyNic
BmapiGetNumPhyNicEx
BmapiGetNumTeam
BmapiGetNumUnassignedNic
BmapiGetPhyNic
BmapiGetPnpDevId
BmapiGetPowerMode
BmapiGetServiceName
BmapiGetSystemASFTables
BmapiGetTeamListSnapShot
BmapiGetTeamSnapShot
BmapiGetTeamStatisticsSnapShot
BmapiGetVersion
BmapiIMOnlineDevice
BmapiInitDiag
BmapiInitialize
BmapiInitializeEx
BmapiIsInitialized
BmapiLBFOSoftwareStatus
BmapiReadFirmware
BmapiReadNicMem
BmapiRefreshData
BmapiRegisterEvent
BmapiResumeDriver
BmapiResumeDriverEx
BmapiRetrieveLinkStatus
BmapiSetASFTable
BmapiSetBRCMNicParam
BmapiSetMultiBRCMNicParams
BmapiSetPowerMode
BmapiSuspendDriver
BmapiSuspendDriverEx
BmapiTestASF
BmapiTestCPU
BmapiTestCPUEx
BmapiTestControlRegisters
BmapiTestControlRegistersEx
BmapiTestEEPROM
BmapiTestEEPROMEx
BmapiTestInternalMemory
BmapiTestInternalMemoryEx
BmapiTestInterrupt
BmapiTestInterruptEx
BmapiTestLEDs
BmapiTestLEDsEx
BmapiTestLoopBack
BmapiTestLoopBackEx
BmapiTestMIIRegisters
BmapiTestMIIRegistersEx
BmapiTestNetwork
BmapiUnInitDiag
BmapiUnRegisterEvent
BmapiUninitialize
BmapiWriteFirmware
BmapiWriteNicMem

Sections

.text
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BacsTray.exe
.exe windows:4 windows x86

0821c3b05fef11d2c211117b017a59ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5277
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2385
ord5163
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord2124
ord4627
ord818
ord567
ord825
ord2152
ord1233
ord4220
ord2584
ord3654
ord2863
ord2438
ord1644
ord1146
ord4275
ord1175
ord6374
ord5440
ord6383
ord823
ord5450
ord6394
ord4615
ord4612
ord4610
ord4274
ord6375
ord4424
ord1776
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord1949
ord815
ord2621
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord324
ord641
ord4234
ord2725
ord1842
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord5282
ord2649
ord1665
ord4436
ord5252
ord4427
ord674
ord366
ord1168
ord4457
ord5241
ord4407
ord3663
ord4078
ord6055
ord4486
ord2554
ord561
ord1576

msvcrt

__setusermatherr
_adjust_fdiv
_initterm
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
sprintf
__getmainargs
__CxxFrameHandler
_setmbcp

kernel32

InterlockedIncrement
InterlockedDecrement
GetVersion
GetSystemDirectoryA
GetModuleHandleA
WinExec
GetStartupInfoA

user32

PostMessageA
TrackPopupMenu
GetMenuItemID
LoadMenuA
SendMessageA
EnableWindow
LoadIconA
GetSubMenu
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem

shell32

Shell_NotifyIconA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BASCSSha
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ControlSuite.exe
.exe windows:4 windows x86

da574bc42ae9555cd390a349adda07f0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5731
ord3922
ord2512
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord4486
ord2554
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4673
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord6375
ord4274
ord4465
ord3259
ord4080
ord1168
ord1576

msvcrt

exit
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_acmdln
__getmainargs
_controlfp
_XcptFilter
_exit
_onexit
__dllonexit
sprintf
_setmbcp
_except_handler3

kernel32

WinExec
GetSystemDirectoryA
GetModuleHandleA
GetStartupInfoA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MSVCRT.DLL
.dll windows:4 windows x86

8d26773106ed39fbb89a157d19d8aa89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
RtlUnwind
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
GetModuleFileNameA
GetModuleFileNameW
ExitProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCurrentThreadId
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
HeapFree
HeapAlloc
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetHandleCount
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
MultiByteToWideChar
GetCommandLineW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
RaiseException
SetStdHandle
Sleep
CompareStringA
CompareStringW
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
GetTimeZoneInformation
SetEnvironmentVariableA
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
CreateProcessA
CreateProcessW
HeapValidate
HeapCompact
HeapWalk
HeapSize
ReadConsoleA
SetConsoleMode
GetConsoleMode
SetEndOfFile
WriteConsoleA
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
LockFile
UnlockFile
CreateFileA
CreatePipe
ReadFile
CreateFileW
GetSystemTimeAsFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetLocalTime
SetLocalTime
GetSystemTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@@QAE@ABV0@@Z
??0__non_rtti_object@@QAE@PBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QAE@ABV0@@Z
??0bad_typeid@@QAE@ABV0@@Z
??0bad_typeid@@QAE@PBD@Z
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1__non_rtti_object@@UAE@XZ
??1bad_cast@@UAE@XZ
??1bad_typeid@@UAE@XZ
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
??4__non_rtti_object@@QAEAAV0@ABV0@@Z
??4bad_cast@@QAEAAV0@ABV0@@Z
??4bad_typeid@@QAEAAV0@ABV0@@Z
??4exception@@QAEAAV0@ABV0@@Z
??8type_info@@QBEHABV0@@Z
??9type_info@@QBEHABV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_E__non_rtti_object@@UAEPAXI@Z
??_Ebad_cast@@UAEPAXI@Z
??_Ebad_typeid@@UAEPAXI@Z
??_Eexception@@UAEPAXI@Z
??_G__non_rtti_object@@UAEPAXI@Z
??_Gbad_cast@@UAEPAXI@Z
??_Gbad_typeid@@UAEPAXI@Z
??_Gexception@@UAEPAXI@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDXZ
?raw_name@type_info@@QBEPBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CxxThrowException
_EH_prolog
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_XcptFilter
__CxxFrameHandler
__CxxLongjmpUnwind
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__argc
__argv
__badioinfo
__crtCompareStringA
__crtGetLocaleInfoW
__crtLCMapStringA
__dllonexit
__doserrno
__fpecode
__getmainargs
__initenv
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__amblksiz
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fileinfo
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pioinfo
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__unguarded_readlc_active
__wargv
__wgetmainargs
__winitenv
_abnormal_termination
_access
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_amsg_exit
_assert
_atodbl
_atoi64
_atoldbl
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_cexit
_cgets
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_clearfp
_close
_commit
_commode
_control87
_controlfp
_copysign
_cprintf
_cputs
_creat
_cscanf
_ctype
_cwait
_daylight
_dstbias
_dup
_dup2
_ecvt
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fcloseall
_fcvt
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirsti64
_findnext
_findnexti64
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fputchar
_fputwchar
_fsopen
_fstat
_fstati64
_ftime
_ftol
_fullpath
_futime
_gcvt
_get_osfhandle
_get_sbh_threshold
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getws
_global_unwind2
_heapadd
_heapchk
_heapmin
_heapset
_heapused
_heapwalk
_hypot
_i64toa
_i64tow
_initterm
_inp
_inpd
_inpw
_iob
_isatty
_isctype
_ismbbalnum
_ismbbalpha
_ismbbgraph
_ismbbkalnum
_ismbbkana
_ismbbkprint
_ismbbkpunct
_ismbblead
_ismbbprint
_ismbbpunct
_ismbbtrail
_ismbcalnum
_ismbcalpha
_ismbcdigit
_ismbcgraph
_ismbchira
_ismbckata
_ismbcl0
_ismbcl1
_ismbcl2
_ismbclegal
_ismbclower
_ismbcprint
_ismbcpunct
_ismbcspace
_ismbcsymbol
_ismbcupper
_ismbslead
_ismbstrail
_isnan
_itoa
_itow
_j0
_j1
_jn
_kbhit
_lfind
_loaddll
_local_unwind2
_lock
_locking
_logb
_longjmpex
_lrotl
_lrotr
_lsearch
_lseek
_lseeki64
_ltoa
_ltow
_makepath
_mbbtombc
_mbbtype
_mbcasemap
_mbccpy
_mbcjistojms
_mbcjmstojis
_mbclen
_mbctohira
_mbctokata
_mbctolower
_mbctombb
_mbctoupper
_mbctype
_mbsbtype
_mbscat
_mbschr
_mbscmp
_mbscoll
_mbscpy
_mbscspn
_mbsdec
_mbsdup
_mbsicmp
_mbsicoll
_mbsinc
_mbslen
_mbslwr
_mbsnbcat
_mbsnbcmp
_mbsnbcnt
_mbsnbcoll
_mbsnbcpy
_mbsnbicmp
_mbsnbicoll
_mbsnbset
_mbsncat
_mbsnccnt
_mbsncmp
_mbsncoll
_mbsncpy
_mbsnextc
_mbsnicmp
_mbsnicoll
_mbsninc
_mbsnset
_mbspbrk
_mbsrchr
_mbsrev
_mbsset
_mbsspn
_mbsspnp
_mbsstr
_mbstok
_mbstrlen
_mbsupr
_memccpy
_memicmp
_mkdir
_mktemp
_msize
_nextafter
_onexit
_open
_open_osfhandle
_osver
_outp
_outpd
_outpw
_pclose
_pctype
_pgmptr
_pipe
_popen
_purecall
_putch
_putenv
_putw
_putws
_pwctype
_read
_rmdir
_rmtmp
_rotl
_rotr
_safe_fdiv
_safe_fdivr
_safe_fprem
_safe_fprem1
_scalb
_searchenv
_seh_longjmp_unwind
_set_error_mode
_set_sbh_threshold
_seterrormode
_setjmp
_setjmp3
_setmaxstdio
_setmbcp
_setmode
_setsystime
_sleep
_snprintf
_snwprintf
_sopen
_spawnl
_spawnle
_spawnlp
_spawnlpe
_spawnv
_spawnve
_spawnvp
_spawnvpe
_splitpath
_stat
_stati64
_statusfp
_strcmpi
_strdate
_strdup
_strerror
_stricmp
_stricoll
_strlwr
_strncoll
_strnicmp
_strnicoll
_strnset
_strrev
_strset
_strtime
_strupr
_swab
_sys_errlist
_sys_nerr
_tell
_telli64
_tempnam
_timezone
_tolower
_toupper
_tzname
_tzset
_ui64toa
_ui64tow
_ultoa
_ultow
_umask
_ungetch
_unlink
_unloaddll
_unlock
_utime
_vsnprintf
_vsnwprintf
_waccess
_wasctime
_wchdir
_wchmod
_wcmdln
_wcreat
_wcsdup
_wcsicmp
_wcsicoll
_wcslwr
_wcsncoll
_wcsnicmp
_wcsnicoll
_wcsnset
_wcsrev
_wcsset
_wcsupr

Sections

.text
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bacs.chm
.chm
bcm42xhw.vxd
cabw32.dll
.dll windows:4 windows x86

476044a4c2609c59a38953b47b9f7031

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryA
CreateFileA
TlsAlloc
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
ExitProcess
VirtualAlloc
GetProcAddress
GetModuleHandleA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
GetLastError
CloseHandle
RaiseException
GetCurrentThreadId
TlsSetValue
OutputDebugStringA
TlsFree
SetLastError
TlsGetValue
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
InterlockedDecrement
InterlockedIncrement
SetFilePointer
FlushFileBuffers
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
SetStdHandle
ReadFile
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
LCMapStringA
LCMapStringW
RtlUnwind
SetEndOfFile

bmapi

ord4
ord34
ord1
ord5
ord14
ord32
ord35
ord31

Exports

Exports

ComputeCableLoss
ComputeNEXTLoss
ComputeReturnLoss
CreateNormalizedPatternDictionary
InitRawPatternDictionary
PhycStatePatternMatch
PhycSubstatePatternMatch
cabW32Init
cdCalCableLoss
cdClearCabParams
cdComputeCableLossEx
cdComputeNEXTLossEx
cdComputeReturnLossEx
cdGetAllAdapterHandles
cdGetAllTaps
cdGetAllTapsEx
cdGetBrokenCableDistance
cdGetEnergyDetect
cdGetEnergyDetectEx
cdGetLinkStatus
cdGetPhycState
cdGetPhycStateEx
cdGetPhycSubstate
cdGetPhycSubstateEx
cdGetWireMap
cdInitPhy
cdResetPhy
cdRestartDriver
cdSetPhyMode

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fad.sys
.sys windows:5 windows x86

a6374fd194825635c1e4911cb2159e95

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

memmove
MmMapIoSpace
MmUnmapIoSpace
ExfInterlockedInsertTailList
RtlInitAnsiString
NlsMbCodePageTag
RtlxAnsiStringToUnicodeSize
RtlAnsiStringToUnicodeString
ExfInterlockedRemoveHeadList
IoReleaseCancelSpinLock
InterlockedIncrement
InterlockedExchange
MmMapLockedPages
ExAllocatePoolWithTag
IofCompleteRequest
KeInitializeSpinLock
IoAllocateErrorLogEntry
IoWriteErrorLogEntry
RtlQueryRegistryValues
IoDeleteSymbolicLink
ExFreePool
RtlInitUnicodeString
IoCreateDevice
IoCreateSymbolicLink
IoDeleteDevice

ndis.sys

NdisRegisterProtocol
NdisDeregisterProtocol
NdisRequest
NdisInterlockedInsertTailList
NdisTransferData
NdisInterlockedAddUlong
NdisQueryBufferOffset
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBuffer
NdisSend
NdisAcquireSpinLock
NdisReleaseSpinLock
NdisUnchainBufferAtFront
NdisFreePacket
NdisFreeBufferPool
NdisCloseAdapter
NdisOpenAdapter
NdisAllocatePacketPool
NdisAllocateSpinLock
NdisAllocateBufferPool
NdisFreeSpinLock
NdisFreePacketPool
NdisAllocatePacket
NdisFreeBuffer
NdisAllocateMemory
NdisFreeMemory
NdisAllocateBuffer

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

page
Size: 160B - Virtual size: 157B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320B - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 480B - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
fad9x.inf
mfc42.dll
.dll regsvr32 windows:4 windows x86

a1581f1284d59a8a21a8782a38a2fea1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
?terminate@@YAXXZ
_except_handler3
_adjust_fdiv
_onexit
__dllonexit
??1type_info@@UAE@XZ
_mbsnbicmp
wcsncpy
wcscpy
_ltoa
_ultoa
swprintf
_itoa
modf
ceil
fabs
floor
labs
_ftol
_splitpath
_fullpath
atol
__p___argc
__p___argv
_EH_prolog
_beginthreadex
_endthreadex
_strdup
_mbsdec
_expand
strtod
strtol
strtoul
abs
calloc
_msize
_purecall
strftime
_mbctype
localtime
gmtime
time
_ismbcspace
atoi
_ismbcdigit
_mbsnbcmp
sprintf
strlen
_mbclen
vsprintf
_mbsrchr
_mbscspn
_mbsspn
_mbsstr
_mbsrev
_mbslwr
_mbsupr
_mbspbrk
_mbschr
wcslen
_mbscmp
realloc
fclose
fflush
fseek
ftell
fgets
fputs
fwrite
fread
clearerr
_open_osfhandle
_fdopen
__doserrno
_get_osfhandle
memset
_mbsinc
abort
free
malloc
memcmp
memmove
memcpy
_CxxThrowException
mktime
__CxxFrameHandler

kernel32

lstrcpyA
FindClose
MultiByteToWideChar
GetProcAddress
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
lstrcmpiA
GetShortPathNameA
GetModuleFileNameA
GlobalSize
GlobalLock
GlobalAlloc
GlobalReAlloc
GlobalUnlock
GlobalFree
GetFileAttributesA
GetFileSize
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
InterlockedIncrement
InterlockedDecrement
WideCharToMultiByte
LocalFree
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCPInfo
GetOEMCP
LocalAlloc
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
WaitForSingleObject
DeleteFileA
LoadLibraryA
CreateMutexA
InterlockedExchange
CreateEventA
WaitForMultipleObjects
GetModuleHandleA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
lstrcatA
GetVersion
LockResource
LoadResource
FindResourceA
FreeLibrary
MulDiv
GetProfileIntA
VirtualProtect
SizeofResource
GetProcessVersion
GlobalFlags
GetTempFileNameA
GetDiskFreeSpaceA
LocalUnlock
LocalLock
GetTempPathA
SearchPathA
SetEvent
ResumeThread
SetThreadPriority
SuspendThread
GetCurrentThread
SetErrorMode
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetCurrentDirectoryA
FindNextFileA
GetTickCount
lstrlenW
CopyFileA
lstrcpyW
GetUserDefaultLCID
IsDBCSLeadByte
GetSystemDirectoryA
UnlockFile
MoveFileA
SetEndOfFile
FlushFileBuffers
LockFile
CloseHandle
ReadFile
SetFilePointer
WriteFile
DuplicateHandle
CreateFileA
GetCurrentProcess
lstrlenA
lstrcmpA
OutputDebugStringA
IsBadStringPtrA
IsBadReadPtr
IsBadWritePtr
GetLastError
IsBadStringPtrW
lstrcpynA
CreateSemaphoreA
SetLastError
ReleaseSemaphore
FindFirstFileA
ReleaseMutex
RaiseException

gdi32

TextOutA
GetStretchBltMode
EnumFontFamiliesA
GetPixel
CreatePalette
GetPaletteEntries
RealizePalette
OffsetRgn
SetBrushOrgEx
CreateMetaFileA
CopyMetaFileA
LPtoDP
SetAbortProc
StartPage
EndPage
EndDoc
AbortDoc
DPtoLP
CombineRgn
SetRectRgn
GetMapMode
CreateDIBPatternBrushPt
CreateHatchBrush
ExtCreatePen
PlayMetaFile
EnumMetaFile
GetObjectType
PlayMetaFileRecord
ExtSelectClipRgn
SelectClipPath
CreateRectRgn
GetClipRgn
PolyBezierTo
SetColorAdjustment
PolylineTo
PolyDraw
SetArcDirection
ArcTo
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
LineTo
OffsetClipRgn
ExcludeClipRect
SelectClipRgn
OffsetWindowOrgEx
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
SelectPalette
StartDocA
CreateDCA
CreateRectRgnIndirect
Rectangle
UnrealizeObject
PatBlt
CreateBitmap
CreatePatternBrush
CreatePen
CloseMetaFile
DeleteMetaFile
RectVisible
PtVisible
IntersectClipRect
GetViewportOrgEx
GetWindowOrgEx
SetWindowOrgEx
GetDeviceCaps
Escape
GetCurrentPositionEx
MoveToEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
GetTextFaceA
GetWindowExtEx
GetViewportExtEx
GetROP2
GetBkMode
GetTextAlign
GetPolyFillMode
GetBkColor
RestoreDC
GetNearestColor
GetStockObject
CreateFontA
SaveDC
DeleteObject
CreateCompatibleBitmap
GetCharWidthA
DeleteDC
CreateSolidBrush
StretchDIBits
ExtTextOutA
CreateCompatibleDC
GetTextExtentPoint32A
CreateFontIndirectA
SelectObject
BitBlt
GetObjectA
SetBkColor
GetTextMetricsA
GetClipBox
SetTextColor
GetTextColor

user32

SetCapture
CharToOemA
OemToCharA
UnhookWindowsHookEx
MsgWaitForMultipleObjects
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
RegisterWindowMessageA
SetWindowPos
SetWindowLongA
GetWindowLongA
GetWindow
SendMessageA
SetForegroundWindow
GetForegroundWindow
GetLastActivePopup
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetKeyState
GetDlgCtrlID
GetWindowTextA
GetWindowTextLengthA
GetDlgItem
SetWindowPlacement
TrackPopupMenu
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetParent
IsChild
MessageBoxA
GetTopWindow
SetScrollPos
GetScrollPos
SetScrollRange
GetScrollRange
ShowScrollBar
SetScrollInfo
GetScrollInfo
ScrollWindow
IsWindowVisible
EnableWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
GetClientRect
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetFocus
IsWindow
SetActiveWindow
GetFocus
DispatchMessageA
PeekMessageA
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
PostMessageA
LoadIconA
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
ReleaseCapture
SetCursor
IsWindowEnabled
GetDesktopWindow
ShowWindow
GetActiveWindow
DestroyMenu
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
LoadCursorA
GetSystemMetrics
WaitMessage
GetCursorPos
GetWindowThreadProcessId
WindowFromPoint
ClientToScreen
TranslateMessage
GetMessageA
DefFrameProcA
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcA
RedrawWindow
LoadBitmapA
InflateRect
PtInRect
ReleaseDC
InvertRect
GetWindowDC
FillRect
SetTimer
KillTimer
SetRect
GetDC
IsZoomed
SetParent
IsRectEmpty
AppendMenuA
DeleteMenu
GetSystemMenu
GetDCEx
LockWindowUpdate
GetTabbedTextExtentA
DrawTextA
GrayStringA
UnionRect
DrawFocusRect
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
wvsprintfA
GetAsyncKeyState
MapDialogRect
GetDialogBaseUnits
BeginPaint
EndPaint
TabbedTextOutA
GetSysColorBrush
GetClassNameA
SetWindowTextA
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
MoveWindow
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
GetMenuCheckMarkDimensions
DestroyIcon
SetCursorPos
DestroyCursor
FindWindowA
IsClipboardFormatAvailable
MessageBeep
RemoveMenu
ValidateRect
PostQuitMessage
UnregisterClassA
ShowOwnedPopups
InsertMenuA
GetMenuStringA
RegisterClipboardFormatA
CopyAcceleratorTableA
InSendMessage
PostThreadMessageA
CreateMenu
WindowFromDC
CountClipboardFormats
SetWindowContextHelpId
CharNextA
GetNextDlgGroupItem
ClipCursor
DrawEdge
EnumChildWindows
InvalidateRgn
FrameRect
LoadStringA
CharUpperA
wsprintfA

Exports

Exports

?classCCachedDataPathProperty@CCachedDataPathProperty@@2UCRuntimeClass@@B
?classCDataPathProperty@CDataPathProperty@@2UCRuntimeClass@@B
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 616KB - Virtual size: 612KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
patterns.dat
4401/MgmtApps/Notes/BACS/release.txt
4401/MgmtApps/Notes/BMAPI/release.txt
4401/MgmtApps/Notes/cabw32/release.txt
4401/MgmtApps/instmsia.exe
.exe windows:5 windows x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29/03/2001, 21:27

Not After

29/05/2002, 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
4401/MgmtApps/instmsiw.exe
.exe windows:5 windows x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

12/05/1997, 00:00

Not After

07/01/2004, 23:59

Subject

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

Issuer

OU=VeriSign\, Inc.+OU=VeriSign Time Stamping Service Root+OU=NO LIABILITY ACCEPTED\, (c)97 VeriSign\, Inc.,O=VeriSign Trust Network

Not Before

28/02/2001, 00:00

Not After

06/01/2004, 23:59

Subject

CN=VeriSign Time Stamping Service,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)01,O=VeriSign\, Inc.

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:06:2a:8d:00:00:00:00:00:0b
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29/03/2001, 21:27

Not After

29/05/2002, 21:37

Subject

CN=Microsoft Corporation,OU=Copyright (c) 2001 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:de:aa:11:d4:d8:40:9a:a8:be:e6
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/12/2000, 08:00

Not After

12/11/2005, 08:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
4401/MgmtApps/setup.exe
.exe windows:4 windows x86

3df1cad47b0f4f27a8eb25481d61d147

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerLanguageNameA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA

comctl32

ord17

kernel32

QueryPerformanceFrequency
InterlockedDecrement
InterlockedIncrement
lstrcatA
WriteFile
CreateEventA
CompareStringW
GetVersionExA
Sleep
CompareStringA
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetFilePointer
GetProcAddress
LoadLibraryA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
LockResource
SetFileAttributesA
FreeLibrary
FindResourceA
CreateProcessA
GetModuleFileNameA
lstrcmpA
GetSystemDefaultLCID
GlobalHandle
SetLastError
SetCurrentDirectoryA
DeleteFileA
lstrlenW
WaitForSingleObject
GetSystemInfo
IsValidCodePage
FlushFileBuffers
LocalFree
FormatMessageA
GetDiskFreeSpaceA
_lclose
OpenFile
GetDriveTypeA
CreateDirectoryA
GetFileAttributesA
RemoveDirectoryA
GetExitCodeProcess
GetCurrentProcess
GetCurrentThread
GetLocaleInfoA
lstrcpyA
GetPrivateProfileStringA
lstrlenA
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
GlobalFree
GetLastError
WideCharToMultiByte
CopyFileA
MultiByteToWideChar
CreateThread
GetExitCodeThread
GetTickCount
lstrcmpiA
ExpandEnvironmentStringsA
GetPrivateProfileIntA
GetTempPathA
SetErrorMode
GetWindowsDirectoryA
GetTempFileNameA
WritePrivateProfileStringA
GetPrivateProfileSectionA
MoveFileA
LoadResource
SizeofResource
SetHandleCount
RaiseException
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetOEMCP
GetEnvironmentStringsW
GetStdHandle
GetACP
GetCPInfo
SetUnhandledExceptionFilter
DeleteCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
TlsAlloc
TlsSetValue
GetCurrentThreadId
HeapSize
HeapReAlloc
LeaveCriticalSection
EnterCriticalSection
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
TerminateProcess
ExitProcess
SetStdHandle
HeapAlloc
HeapFree
RtlUnwind
SystemTimeToFileTime
QueryPerformanceCounter
ResetEvent
SetEvent
lstrcpynA
SearchPathA
FindFirstFileA
VirtualProtect
VirtualQuery
FindClose
IsBadReadPtr
GetStringTypeA
GetStringTypeW
LCMapStringW
LCMapStringA
IsBadCodePtr
GetFileType

user32

MessageBoxA
ReleaseDC
GetDC
DispatchMessageA
TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
SetTimer
PostQuitMessage
KillTimer
PostMessageA
DefWindowProcA
PeekMessageA
MsgWaitForMultipleObjects
wsprintfA
GetDesktopWindow
DialogBoxParamA
ShowWindow
GetDlgItem
EndDialog
GetWindowDC
SetWindowPos
ClientToScreen
GetClientRect
SetWindowLongA
EndPaint
BeginPaint
GetWindowLongA
WaitForInputIdle
CreateDialogParamA
CharNextA
SendDlgItemMessageA
ExitWindowsEx
CharPrevA
LoadStringA
wvsprintfA
GetClassInfoA
UpdateWindow
SetCursor
GetDlgItemTextA
EnableWindow
GetParent
GetWindowTextLengthA
GetWindowTextA
MoveWindow
GetWindowPlacement
DrawIcon
GetDlgCtrlID
SetWindowTextA
FillRect
GetSysColor
GetSysColorBrush
IsDialogMessageA
SendMessageA
GetWindowRect
FindWindowA
IntersectRect
SubtractRect
IsWindow
DestroyWindow
SetRect
GetSystemMetrics
DestroyIcon
CharLowerBuffA

gdi32

RealizePalette
GetDeviceCaps
CreatePalette
GetSystemPaletteEntries
GetStockObject
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
CreateSolidBrush
CreateFontIndirectA
GetObjectA
SetTextColor
SetBkMode
GetTextExtentPointA
TranslateCharsetInfo
CreateDIBitmap
SelectPalette

advapi32

EqualSid
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegQueryValueExA
OpenThreadToken
GetTokenInformation
AllocateAndInitializeSid
RegCreateKeyExA
FreeSid
RegOpenKeyExA
RegDeleteValueA
RegSetValueExA
RegEnumValueA
RegDeleteKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

ole32

CreateItemMoniker
CoCreateGuid
StringFromCLSID
StgIsStorageFile
StgOpenStorage
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
GetRunningObjectTable

oleaut32

SysReAllocStringLen
SysFreeString
SysAllocString
SysAllocStringLen
SysStringLen
VariantClear
VariantChangeType

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
4401/MgmtApps/setup.iss
4401/NT/bcm4sbe4.hlp
4401/NT/bcm4sbe4.sys
.sys windows:4 windows x86

e5e528903ef2ae4885ebda45c1108c78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

sprintf

hal

KeStallExecutionProcessor

ndis.sys

NdisMDeregisterInterrupt
NdisAcquireSpinLock
NdisTerminateWrapper
NdisMRegisterMiniport
NdisInitializeWrapper
NdisMRegisterInterrupt
NdisMRegisterAdapterShutdownHandler
NdisMInitializeTimer
NdisAllocateBufferPool
NdisAllocatePacketPool
NdisMAllocateMapRegisters
NdisAllocateSpinLock
NdisMSetAttributes
NdisReadPciSlotInformation
NdisWriteErrorLogEntry
NdisMMapIoSpace
NdisMPciAssignResources
NdisFreeSpinLock
NdisMUnmapIoSpace
NdisMFreeMapRegisters
NdisFreeBufferPool
NdisFreePacketPool
NdisMDeregisterAdapterShutdownHandler
NdisWritePciSlotInformation
NdisReleaseSpinLock
NdisQueryBuffer
NdisSetTimer
NdisMCancelTimer
NdisMSynchronizeWithInterrupt
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisFreePacket
NdisAllocateBuffer
NdisAllocatePacket
NdisMIndicateStatusComplete
NdisMIndicateStatus
NdisMAllocateSharedMemory
NdisMFreeSharedMemory
NdisCloseConfiguration
NdisReadConfiguration
NdisOpenConfiguration
NdisReadNetworkAddress
NdisFreeMemory
NdisFreeBuffer
NdisAdjustBufferLength
NdisAllocateMemory

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 864B - Virtual size: 862B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4401/NT/dtect44xx.dll
.dll windows:5 windows x86

e615fa7e13d79c159c75ff4efdbf3aa0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

CloseServiceHandle
OpenServiceA
OpenSCManagerA
StartServiceA

kernel32

CreateFileA
CloseHandle
GetLastError
DeviceIoControl
lstrcmpiA

user32

wsprintfA

Exports

Exports

dtectPortIo44xx

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4401/NT/oemsetup.inf
.vbs
4401/NT/release.txt
4401/PXE/b44base.lom
4401/PXE/b44pxe.lom
4401/PXE/b44undi.lom
4401/PXE/release.txt
4401/Win2k/bcm4sbe5.cat
4401/Win2k/bcm4sbe5.inf
4401/Win2k/bcm4sbe5.sys
.sys windows:5 windows x86

0142f3f267cdda40026c0a26c3c9fe91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

sprintf

hal

KeStallExecutionProcessor

ndis.sys

NdisMDeregisterAdapterShutdownHandler
NdisReleaseSpinLock
NdisTerminateWrapper
NdisMRegisterMiniport
NdisInitializeWrapper
NdisMRegisterInterrupt
NdisMRegisterAdapterShutdownHandler
NdisMInitializeTimer
NdisAllocateBufferPool
NdisAllocatePacketPool
NdisMAllocateMapRegisters
NdisAllocateSpinLock
NdisMSetAttributesEx
NdisReadPciSlotInformation
NdisWriteErrorLogEntry
NdisMMapIoSpace
NdisMPciAssignResources
NdisFreeSpinLock
NdisMUnmapIoSpace
NdisMFreeMapRegisters
NdisFreeBufferPool
NdisFreePacketPool
NdisWritePciSlotInformation
NdisMDeregisterInterrupt
NdisQueryBuffer
NdisAcquireSpinLock
NdisSetTimer
NdisMCancelTimer
NdisMSynchronizeWithInterrupt
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisFreePacket
NdisAllocateBuffer
NdisAllocatePacket
NdisMAllocateSharedMemory
NdisMFreeSharedMemory
NdisCloseConfiguration
NdisReadConfiguration
NdisOpenConfiguration
NdisReadNetworkAddress
NdisFreeMemory
NdisFreeBuffer
NdisAdjustBufferLength
NdisAllocateMemoryWithTag

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352B - Virtual size: 322B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 864B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4401/Win2k/release.txt
4401/WinXP/bcm4sbxp.cat
4401/WinXP/bcm4sbxp.inf
4401/WinXP/bcm4sbxp.sys
.sys windows:5 windows x86

209d8dce03632ffc8ccde16fbb2914a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

sprintf

hal

KeStallExecutionProcessor

ndis.sys

NdisFreeMemory
NdisMDeregisterAdapterShutdownHandler
NdisTerminateWrapper
NdisMRegisterMiniport
NdisInitializeWrapper
NdisMRegisterInterrupt
NdisMRegisterAdapterShutdownHandler
NdisMInitializeTimer
NdisAllocateBufferPool
NdisAllocatePacketPool
NdisMAllocateMapRegisters
NdisAllocateSpinLock
NdisMSetAttributesEx
NdisReadPciSlotInformation
NdisWriteErrorLogEntry
NdisMMapIoSpace
NdisMPciAssignResources
NdisFreeSpinLock
NdisMUnmapIoSpace
NdisMFreeMapRegisters
NdisFreeBufferPool
NdisFreePacketPool
NdisMDeregisterInterrupt
NdisReleaseSpinLock
NdisAcquireSpinLock
NdisSetTimer
NdisMCancelTimer
NdisMSynchronizeWithInterrupt
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisFreePacket
NdisAllocateBuffer
NdisAllocatePacket
NdisWritePciSlotInformation
NdisQueryBuffer
NdisCloseConfiguration
NdisReadConfiguration
NdisOpenConfiguration
NdisReadNetworkAddress
NdisMAllocateSharedMemory
NdisMFreeSharedMemory
NdisFreeBuffer
NdisAdjustBufferLength
NdisAllocateMemoryWithTag

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 353B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 896B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4401/WinXP/release.txt
4401/bcm4sbe5.cat
4401/bcm4sbe5.inf
4401/bcm4sbe5.sys
.sys windows:5 windows x86

0142f3f267cdda40026c0a26c3c9fe91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

sprintf

hal

KeStallExecutionProcessor

ndis.sys

NdisMDeregisterAdapterShutdownHandler
NdisReleaseSpinLock
NdisTerminateWrapper
NdisMRegisterMiniport
NdisInitializeWrapper
NdisMRegisterInterrupt
NdisMRegisterAdapterShutdownHandler
NdisMInitializeTimer
NdisAllocateBufferPool
NdisAllocatePacketPool
NdisMAllocateMapRegisters
NdisAllocateSpinLock
NdisMSetAttributesEx
NdisReadPciSlotInformation
NdisWriteErrorLogEntry
NdisMMapIoSpace
NdisMPciAssignResources
NdisFreeSpinLock
NdisMUnmapIoSpace
NdisMFreeMapRegisters
NdisFreeBufferPool
NdisFreePacketPool
NdisWritePciSlotInformation
NdisMDeregisterInterrupt
NdisQueryBuffer
NdisAcquireSpinLock
NdisSetTimer
NdisMCancelTimer
NdisMSynchronizeWithInterrupt
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisFreePacket
NdisAllocateBuffer
NdisAllocatePacket
NdisMAllocateSharedMemory
NdisMFreeSharedMemory
NdisCloseConfiguration
NdisReadConfiguration
NdisOpenConfiguration
NdisReadNetworkAddress
NdisFreeMemory
NdisFreeBuffer
NdisAdjustBufferLength
NdisAllocateMemoryWithTag

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 352B - Virtual size: 322B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 864B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4401/bcm4sbxp.cat
4401/bcm4sbxp.inf
4401/bcm4sbxp.sys
.sys windows:5 windows x86

209d8dce03632ffc8ccde16fbb2914a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

sprintf

hal

KeStallExecutionProcessor

ndis.sys

NdisFreeMemory
NdisMDeregisterAdapterShutdownHandler
NdisTerminateWrapper
NdisMRegisterMiniport
NdisInitializeWrapper
NdisMRegisterInterrupt
NdisMRegisterAdapterShutdownHandler
NdisMInitializeTimer
NdisAllocateBufferPool
NdisAllocatePacketPool
NdisMAllocateMapRegisters
NdisAllocateSpinLock
NdisMSetAttributesEx
NdisReadPciSlotInformation
NdisWriteErrorLogEntry
NdisMMapIoSpace
NdisMPciAssignResources
NdisFreeSpinLock
NdisMUnmapIoSpace
NdisMFreeMapRegisters
NdisFreeBufferPool
NdisFreePacketPool
NdisMDeregisterInterrupt
NdisReleaseSpinLock
NdisAcquireSpinLock
NdisSetTimer
NdisMCancelTimer
NdisMSynchronizeWithInterrupt
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisFreePacket
NdisAllocateBuffer
NdisAllocatePacket
NdisWritePciSlotInformation
NdisQueryBuffer
NdisCloseConfiguration
NdisReadConfiguration
NdisOpenConfiguration
NdisReadNetworkAddress
NdisMAllocateSharedMemory
NdisMFreeSharedMemory
NdisFreeBuffer
NdisAdjustBufferLength
NdisAllocateMemoryWithTag

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 384B - Virtual size: 353B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 896B - Virtual size: 850B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
4401/license.txt
4401/release.txt

Sharing

General

Malware Config

Signatures

Files

Password: infected

248db5e4121231c3664451d124378ce1

Headers

File Characteristics

Imports

bmapi

cabw32

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 154KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 464KB - Virtual size: 463KB

.reloc Size: 20KB - Virtual size: 16KB

ec29f4bf23ad61d680be5113d1b61912

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 160B - Virtual size: 148B

INIT Size: 416B - Virtual size: 388B

.rsrc Size: 928B - Virtual size: 920B

.reloc Size: 128B - Virtual size: 98B

c3d7f9f5fb356b2c0d886727122eb0e9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

cfgmgr32

setupapi

iphlpapi

ws2_32

Exports

Exports

Sections

.text Size: 228KB - Virtual size: 224KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 84KB - Virtual size: 87KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 16KB - Virtual size: 13KB

0821c3b05fef11d2c211117b017a59ec

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

shell32

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 364B

BASCSSha Size: 4KB - Virtual size: 4B

.rsrc Size: 12KB - Virtual size: 10KB

da574bc42ae9555cd390a349adda07f0

Headers

File Characteristics

Imports

mfc42

msvcrt

.text
Size: 156KB - Virtual size: 154KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 464KB - Virtual size: 463KB

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 160B - Virtual size: 148B

INIT
Size: 416B - Virtual size: 388B

.rsrc
Size: 928B - Virtual size: 920B

.reloc
Size: 128B - Virtual size: 98B

.text
Size: 228KB - Virtual size: 224KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 84KB - Virtual size: 87KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 16KB - Virtual size: 13KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 364B

BASCSSha
Size: 4KB - Virtual size: 4B

.rsrc
Size: 12KB - Virtual size: 10KB

.text
Size: 4KB - Virtual size: 1KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 300B

.rsrc
Size: 4KB - Virtual size: 2KB

.text
Size: 180KB - Virtual size: 177KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 28KB - Virtual size: 25KB

.rsrc
Size: 4KB - Virtual size: 936B

.reloc
Size: 12KB - Virtual size: 8KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB

.text
Size: 5KB - Virtual size: 5KB

page
Size: 160B - Virtual size: 157B

.rdata
Size: 320B - Virtual size: 308B

.data
Size: 64B - Virtual size: 52B

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 480B - Virtual size: 470B

.text
Size: 616KB - Virtual size: 612KB

.rdata
Size: 212KB - Virtual size: 209KB

.data
Size: 32KB - Virtual size: 29KB

.rsrc
Size: 44KB - Virtual size: 40KB

.reloc
Size: 60KB - Virtual size: 59KB

4a:19:d2:38:8c:82:59:1c:a5:5d:73:5f:15:5d:dc:a3
Certificate

08:7a:6d:5c:6f:62:93:4f:ba:c4:fd:43:e1:14:18:9d
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate