216f4b392d4b58d40d8adf1f08211824

Sharing

Copy URL

Twitter E-mail

General

Target

216f4b392d4b58d40d8adf1f08211824
Size

2.9MB
MD5

216f4b392d4b58d40d8adf1f08211824
SHA1

5f277db3aab4d18380fbc3d75d96985a4007676f
SHA256

2fee1b8af2bfd8bc7639c5d2e8c5c2baa77742b3e9f74bb12643178742187963
SHA512

291e0fb956c0a11a37ec1360c66b8c526f40ab02dc376c6e440d07090017416cfef0bcc11e34a667694b99e48c5571dc4386d416225cc635159eabc7f62f53fe
SSDEEP

49152:jCzbYDG5Y2o7FO20wvkIYZ9cRR7QMpNxPwa35u+wngBHYo5StzGVTXa:+Y1hl0wsIYfcRNTNxXIgBHdjBXa

Score

3^/10

Malware Config

Signatures

Unsigned PE 17 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Temp/Setup/FB.EXE
unpack001/Temp/Setup/JAV.exe
unpack001/Temp/Setup/MCB.EXE
unpack001/Temp/Setup/SUMO.EXE
unpack001/Temp/Setup/Setup.exe
unpack001/Temp/Setup/StdWzd.dll
unpack001/Temp/Setup/VNukE.exe
unpack001/Temp/Setup/VScr32.exe
unpack001/Temp/Setup/VTJBomber.exe
unpack001/Temp/Setup/VTJNuker.exe
unpack001/Temp/Setup/VTJOOB.exe
unpack001/Temp/Setup/VcLoNe.exe
unpack001/Temp/Setup/assault.exe
unpack001/Temp/Setup/click.exe
unpack001/Temp/Setup/delseen.exe
unpack001/Temp/Setup/icmpwtch.exe
unpack001/Temp/Setup/nnabber.exe

Files

216f4b392d4b58d40d8adf1f08211824
.cab
Temp/Setup/!!HEART0.TXT
Temp/Setup/!!HEART1.TXT
Temp/Setup/!!HEART2.TXT
Temp/Setup/!!HEART3.TXT
Temp/Setup/!!HEART4.TXT
Temp/Setup/!!HEART5.TXT
Temp/Setup/!!HEART6.TXT
Temp/Setup/!!HEART7.TXT
Temp/Setup/!!HEART8.TXT
Temp/Setup/!!HEART9.TXT
Temp/Setup/!!hearts4.txt
Temp/Setup/!!hearts6.txt
Temp/Setup/!!hearts7.txt
Temp/Setup/!!hearts8.txt
Temp/Setup/!!hearts9.txt
Temp/Setup/0.bmp
Temp/Setup/1.bmp
Temp/Setup/10.bmp
Temp/Setup/11.bmp
Temp/Setup/12.bmp
Temp/Setup/12Roses.txt
Temp/Setup/13.bmp
Temp/Setup/14.bmp
Temp/Setup/15.bmp
Temp/Setup/2.bmp
Temp/Setup/3.bmp
Temp/Setup/4.bmp
Temp/Setup/5.bmp
Temp/Setup/6.bmp
Temp/Setup/7.bmp
Temp/Setup/7s.txt
Temp/Setup/8.bmp
Temp/Setup/9.bmp
Temp/Setup/AKISS.TXT
Temp/Setup/ANGROSE.TXT
Temp/Setup/Accept.FLD
Temp/Setup/BALLOON.TXT
Temp/Setup/BALOONS.TXT
Temp/Setup/BEARS.TXT
Temp/Setup/Batman.txt
Temp/Setup/Beavis-n-buthed.txt
Temp/Setup/CAKE2.TXT
Temp/Setup/CAKE3.TXT
Temp/Setup/Cats.txt
Temp/Setup/Chat.wav
Temp/Setup/Client.FLD
Temp/Setup/Coke.txt
Temp/Setup/Couple.txt
Temp/Setup/DYNAMITE.TXT
Temp/Setup/Dalnet.PoP
Temp/Setup/Dance.txt
Temp/Setup/DccChat.FLD
Temp/Setup/DccSend.FLD
Temp/Setup/ECHO.FLD
Temp/Setup/FB.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/FROG1.TXT
Temp/Setup/FUCKOFF.TXT
Temp/Setup/FUCKOFF1.TXT
Temp/Setup/FUCKOFF2.TXT
Temp/Setup/FUN.TXT
Temp/Setup/File.wav
Temp/Setup/Finger.FLD
Temp/Setup/Fish.txt
Temp/Setup/Flowers.txt
Temp/Setup/Font.txt
Temp/Setup/Fserve.txt
Temp/Setup/GREETHUG.TXT
Temp/Setup/Goaway.txt
Temp/Setup/GoodBye.txt
Temp/Setup/HOTTUB.TXT
Temp/Setup/HOTTUB2.TXT
Temp/Setup/Heart.txt
Temp/Setup/Heartbeat.txt
Temp/Setup/Hello.txt
Temp/Setup/Hello2.txt
Temp/Setup/Hour.wav
Temp/Setup/Hug.txt
Temp/Setup/HugsBig.txt
Temp/Setup/ILOVEYOU.TXT
Temp/Setup/Invited.wav
Temp/Setup/Ircops.pop
Temp/Setup/Island.txt
Temp/Setup/JAV.INI
Temp/Setup/JAV.exe
.exe windows:4 windows x86 arch:x86

38fd7c7719b9b68260cc0808c149f529

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
HeapAlloc
ExitProcess
HeapSize
HeapReAlloc
GetCPInfo
GetACP
RaiseException
GetOEMCP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
GetCommandLineA
GetStartupInfoA
WritePrivateProfileStringA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
GetExitCodeProcess
CreateProcessA
CompareStringA
CompareStringW
SetEnvironmentVariableA
FreeLibrary
GetModuleHandleA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
GlobalGetAtomNameA
GlobalAddAtomA
GetVersionExA
SizeofResource
GetFileAttributesA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
GetProcessVersion
lstrcpyA
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrcpynA
WaitForSingleObject
LocalFree
MulDiv
LCMapStringW
GetPrivateProfileStringA
GlobalLock
CloseHandle
GetVersion
lstrcatA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
SetLastError
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
LCMapStringA
GlobalAlloc
GetLastError
MultiByteToWideChar
Beep
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
GetProfileStringA
GetCurrentThreadId
GetCurrentThread
lstrcmpiA
lstrcmpA
GlobalDeleteAtom

user32

SetScrollInfo
ShowScrollBar
ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
ScreenToClient
DeferWindowPos
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SystemParametersInfoA
SendDlgItemMessageA
EqualRect
IsDialogMessageA
SetWindowTextA
ShowWindow
DestroyMenu
wvsprintfA
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
GrayStringA
LoadCursorA
DrawTextA
ReleaseCapture
GetDesktopWindow
WindowFromPoint
ClientToScreen
GetClassNameA
PtInRect
GetSysColorBrush
CharUpperA
FindWindowA
InvalidateRect
OffsetRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
IntersectRect
InflateRect
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
CreateWindowExA
SetPropA
GetLastActivePopup
SetForegroundWindow
GetPropA
RemovePropA
GetScrollPos
GetWindow
SetWindowPos
RegisterWindowMessageA
EndDialog
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetWindowLongA
GetDlgItem
IsWindowEnabled
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
UnhookWindowsHookEx
LoadStringA
EnableWindow
LoadMenuA
KillTimer
GetCursorPos
IsWindowVisible
GetSubMenu
ModifyMenuA
UpdateWindow
SetTimer
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
GetClipboardFormatNameA
DdeQueryStringA
DdePostAdvise
DdeCreateDataHandle
DdeQueryConvInfo
DdeCmpStringHandles
DdeInitializeA
DdeNameService
DdeUninitialize
DdeGetLastError
DdeClientTransaction
GetTopWindow
DdeAccessData
DdeUnaccessData
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
GetMenu
TrackPopupMenu
SetScrollRange
GetMessageTime
SetScrollPos
GetMessagePos
GetForegroundWindow
CallWindowProcA
DdeConnect
DdeDisconnect
DdeFreeStringHandle
DdeCreateStringHandleA
SetWindowLongA
GetWindowRect
IsWindow
GetWindowTextLengthA
ExcludeUpdateRgn
HideCaret
ShowCaret
UnregisterClassA
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

SetTextColor
GetObjectA
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetBkMode
CreateBitmap
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
PatBlt
CreateDIBitmap
CreateCompatibleDC
BitBlt
SetBkColor

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA
Shell_NotifyIconA

comctl32

ord17
ImageList_Destroy

wsock32

WSAStartup
WSACleanup
ioctlsocket
closesocket
WSAGetLastError
WSAAsyncGetHostByAddr
inet_ntoa
recvfrom
inet_addr
ntohs
ntohl
socket
bind
WSAAsyncSelect

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/Join.wav
Temp/Setup/K9.PoP
Temp/Setup/KEWLSMIL.TXT
Temp/Setup/KISSING.TXT
Temp/Setup/KISSYOU.TXT
Temp/Setup/Kewl.txt
Temp/Setup/Kiss.txt
Temp/Setup/KissAss.txt
Temp/Setup/LIPS.TXT
Temp/Setup/LOGOUT.TXT
Temp/Setup/LOL.TXT
Temp/Setup/LOLLIPOP.TXT
Temp/Setup/License.txt
Temp/Setup/LittleAngel.txt
Temp/Setup/LoL1.wav
Temp/Setup/LoL2.wav
Temp/Setup/LoL3.wav
Temp/Setup/LoL4.wav
Temp/Setup/LoL5.wav
Temp/Setup/LoL6.wav
Temp/Setup/Love_Birds.txt
Temp/Setup/Love_Birds2.txt
Temp/Setup/MCB.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

TLSCBA
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TLSCBA
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/MONALISA.TXT
Temp/Setup/MOON.TXT
Temp/Setup/MOOO.TXT
Temp/Setup/MOUSE.TXT
Temp/Setup/MOUSE2.TXT
Temp/Setup/Mirc.ini
Temp/Setup/Nananana.txt
Temp/Setup/NetSplitz.txt
Temp/Setup/NukeTheNet.txt
Temp/Setup/OPMOBIL.TXT
Temp/Setup/Op.wav
Temp/Setup/PEPSICAN.TXT
Temp/Setup/PINKROSE.TXT
Temp/Setup/POOF!!.TXT
Temp/Setup/Page.wav
Temp/Setup/Ping.FLD
Temp/Setup/Pizza.txt
Temp/Setup/Ports.pop
Temp/Setup/Private.FLD
Temp/Setup/RLicense.txt
Temp/Setup/ROS.TXT
Temp/Setup/ROSE1.TXT
Temp/Setup/ROSE3.TXT
Temp/Setup/ROSE5.TXT
Temp/Setup/ROSE9.TXT
Temp/Setup/ROSES12.TXT
Temp/Setup/ROZE.TXT
Temp/Setup/RReadme.txt
Temp/Setup/Readme.txt
Temp/Setup/Roadrnnr.txt
Temp/Setup/Rose.txt
Temp/Setup/Rose2.txt
Temp/Setup/Roses.txt
Temp/Setup/SEAHORSE.TXT
Temp/Setup/SEEYOU.TXT
Temp/Setup/SEXYBOD.TXT
Temp/Setup/SKULL.TXT
Temp/Setup/SMBUTFLY.TXT
Temp/Setup/SMHEART.TXT
Temp/Setup/SMILE.TXT
Temp/Setup/SMILEY.TXT
Temp/Setup/SMILEYS2.TXT
Temp/Setup/SMILIE.TXT
Temp/Setup/SMROSE.TXT
Temp/Setup/SUMO.EXE
.exe windows:4 windows x86 arch:x86

86dbf85c98a5b4225edd608fb7647497

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
HeapAlloc
MultiByteToWideChar
CloseHandle
LoadLibraryA
ReadFile
GetStringTypeW
GetStringTypeA
GetProcAddress
SetStdHandle
SetFilePointer
HeapFree
HeapCreate
GetLastError
SetConsoleCtrlHandler
ExitProcess
GetCommandLineA
GetVersion
UnhandledExceptionFilter
FlushFileBuffers
WriteFile
SetHandleCount
GetFileType
GetStdHandle
Sleep
GetOEMCP
LCMapStringA
WideCharToMultiByte
LCMapStringW
RtlUnwind
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetACP

wsock32

select
WSAStartup
recv
recvfrom
__WSAFDIsSet
gethostbyname
send
socket
WSAGetLastError
htons
connect

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Temp/Setup/Send.FLD
Temp/Setup/Setup.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 35KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Temp/Setup/Setup.sss
Temp/Setup/Shut.wav
Temp/Setup/Start.wav
Temp/Setup/StartUp.Mrc
Temp/Setup/StdWzd.dll
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

InitBackground
SetupWizard

Sections

CODE
Size: 89KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.udata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Temp/Setup/Swear.Mrc
Temp/Setup/Swear.pop
Temp/Setup/TANKS.TXT
Temp/Setup/TEDDY.TXT
Temp/Setup/TEDDYB.TXT
Temp/Setup/TEDDYROS.TXT
Temp/Setup/TEDDYS.TXT
Temp/Setup/TWEETY.TXT
Temp/Setup/TakeOver.wav
Temp/Setup/Teddyrs.txt
Temp/Setup/Thx.wav
Temp/Setup/Time.FLD
Temp/Setup/Tips.PoP
Temp/Setup/Tips.txt
.ps1
Temp/Setup/Ultra.FLD
Temp/Setup/UserInfo.FLD
Temp/Setup/VBack.bmp
Temp/Setup/VMain.BMP
Temp/Setup/VNukE.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/VScr2000.ico
Temp/Setup/VScr32.exe
.exe windows:1 windows x86 arch:x86

d40cad94b5a31b8b735421d3f39bcda5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegCloseKey
RegCreateKeyA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueA
RegSetValueA

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteFileA
DeleteFileW
EnterCriticalSection
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThreadId
GetDateFormatA
GetDiskFreeSpaceA
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetTickCount
GetTimeZoneInformation
GetVersion
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalCompact
LocalFree
LocalReAlloc
LockResource
MoveFileA
MulDiv
MultiByteToWideChar
OpenFile
QueryDosDeviceA
RaiseException
ReadFile
RemoveDirectoryA
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetHandleCount
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WinExec
WriteFile
WritePrivateProfileStringA
_hread
_hwrite
_lclose
_llseek
_lopen
_lwrite
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

wsock32

WSAAsyncGetHostByAddr
WSAAsyncGetHostByName
WSAAsyncSelect
WSACancelAsyncRequest
WSACancelBlockingCall
WSACleanup
WSAGetLastError
WSAIsBlocking
WSAStartup
accept
closesocket
connect
gethostname
getsockname
htonl
htons
inet_addr
inet_ntoa
listen
ntohl
ntohs
recv
recvfrom
send
sendto
shutdown
socket
bind

comctl32

InitCommonControls

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
GetOpenFileNameA

gdi32

BitBlt
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontA
CreateHatchBrush
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
Ellipse
ExtFloodFill
ExtTextOutA
GetDIBits
GetDeviceCaps
GetNearestColor
GetObjectA
GetPixel
GetStockObject
GetTextExtentPointA
GetTextMetricsA
LineTo
MoveToEx
PatBlt
Polyline
PtInRegion
RealizePalette
RectVisible
Rectangle
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetPixel
SetROP2
SetStretchBltMode
SetTextColor
SetWindowOrgEx
StretchBlt
StretchDIBits
TextOutA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryPoint
ExtractIconA
FindExecutableA
ShellExecuteA

user32

AppendMenuA
BeginPaint
BringWindowToTop
CallNextHookEx
CheckDlgButton
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CopyRect
CreateDialogParamA
CreateIconIndirect
CreatePopupMenu
CreateWindowExA
DdeAccessData
DdeClientTransaction
DdeConnect
DdeCreateDataHandle
DdeCreateStringHandleA
DdeDisconnect
DdeFreeDataHandle
DdeFreeStringHandle
DdeInitializeA
DdeNameService
DdeQueryStringA
DdeUnaccessData
DdeUninitialize
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawFocusRect
DrawIcon
DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
EnumThreadWindows
EqualRect
FillRect
FindWindowA
FlashWindow
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassNameA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetFocus
GetKeyState
GetKeyboardState
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetNextDlgTabItem
GetParent
GetScrollPos
GetSubMenu
GetSysColor
GetSystemMenu
GetSystemMetrics
GetTopWindow
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindowThreadProcessId
InsertMenuA
InvalidateRect
InvertRect
IsChild
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadMenuA
LoadStringA
LockWindowUpdate
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OpenClipboard
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
ScrollDC
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetDlgItemInt
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowScrollBar
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA

winmm

mciGetDeviceIDA
mciGetErrorStringA
mciSendStringA
sndPlaySoundA

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
ColorHook
DDECallback
FileHook
FileHook2
FileHook3
FontHook
KeyboardProc
__DebuggerHookData
__GetExceptDLLinfo
___CPPdebugHook
adjustcmb2
fh2showit
fh2showwindow
fh3drawit
fh3showwindow
fhfileok
fhshowwindow
fhupdatetotal

Sections

.text
Size: 883KB - Virtual size: 884KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/VTJBOMBER.INI
Temp/Setup/VTJBomber.exe
.exe windows:4 windows x86 arch:x86

3db732ffa3dc1cfac73adc8e1ab50096

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
RaiseException
HeapFree
GetCPInfo
GetACP
GetOEMCP
HeapSize
ExitProcess
TerminateProcess
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
GetCommandLineA
FreeEnvironmentStringsA
GetStartupInfoA
lstrcmpiA
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CloseHandle
LocalFree
WritePrivateProfileStringA
GetPrivateProfileStringA
GetModuleHandleA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
GlobalGetAtomNameA
GlobalAddAtomA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
lstrcpyA
SizeofResource
GetVersionExA
GetProcessVersion
LoadLibraryA
GetProcAddress
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
GetPrivateProfileIntA
DeleteCriticalSection
TlsAlloc
LCMapStringW
lstrcpynA
GlobalUnlock
GlobalLock
InitializeCriticalSection
LocalAlloc
GetLastError
MulDiv
FreeLibrary
SetLastError
lstrcmpA
GlobalAlloc
GlobalDeleteAtom
SetUnhandledExceptionFilter
GetCurrentThread
GetTickCount
VirtualAlloc
GetStringTypeA
LCMapStringA
GlobalFree
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
GetProfileStringA
lstrcatA
GetVersion
LockResource
LoadResource
FindResourceA

user32

SetCursor
MessageBoxA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
ShowOwnedPopups
ReleaseDC
GetDC
DestroyMenu
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
LoadCursorA
GetSysColorBrush
FindWindowA
InvalidateRect
OffsetRect
CharUpperA
ReleaseCapture
WindowFromPoint
IntersectRect
InflateRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
DispatchMessageA
GetFocus
SetActiveWindow
IsWindow
SetFocus
LoadBitmapA
EqualRect
DeferWindowPos
CopyRect
GetMenuState
GetMenuCheckMarkDimensions
ScreenToClient
SetScrollInfo
ShowScrollBar
SetScrollRange
SetScrollPos
GetTopWindow
IsWindowEnabled
IsChild
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
LoadStringA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
UpdateWindow
SetMenuItemBitmaps
LoadIconA
PeekMessageA
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
EndDeferWindowPos
ModifyMenuA
IsWindowVisible
AdjustWindowRectEx
BeginDeferWindowPos
PostQuitMessage
PostMessageA
EnableWindow
SendMessageA
ScrollWindow
GetScrollPos
GetSysColor
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

SetTextColor
GetObjectA
CreateBitmap
PatBlt
DeleteDC
RestoreDC
SelectObject
SaveDC
SetBkMode
GetStockObject
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
SetBkColor
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
CreateDIBitmap
CreateCompatibleDC
ScaleViewportExtEx
BitBlt
SetViewportExtEx

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA

comctl32

ord17
ImageList_Destroy

wsock32

WSAGetLastError
WSAStartup
gethostbyname
WSACleanup
inet_ntoa
select
recvfrom
sendto
closesocket
socket
ioctlsocket

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/VTJNUKER.INI
Temp/Setup/VTJNuker.exe
.exe windows:4 windows x86 arch:x86

9f78f94084e30a94e2144123447b5b93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
HeapSize
HeapAlloc
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
TlsAlloc
RaiseException
FreeLibrary
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
CloseHandle
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
GetLocalTime
GetSystemTime
GetTimeZoneInformation
RtlUnwind
SetErrorMode
GlobalGetAtomNameA
GlobalAddAtomA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetCurrentProcess
GetVersionExA
GetProcessVersion
LoadLibraryA
GetProcAddress
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThread
LocalAlloc
GetLastError
lstrcpyA
MultiByteToWideChar
LocalFree
SizeofResource
WritePrivateProfileStringA
GlobalFlags
lstrcpynA
MulDiv
GetPrivateProfileStringA
GetPrivateProfileIntA
SetLastError
LCMapStringW
LoadResource
VirtualAlloc
GetStringTypeA
SetUnhandledExceptionFilter
LCMapStringA
WideCharToMultiByte
GetCurrentThreadId
FindResourceA
LockResource
GlobalFree
GlobalUnlock
GlobalLock
GetProfileStringA
lstrcatA
GetVersion
InterlockedIncrement
InterlockedDecrement
lstrlenA

user32

ShowOwnedPopups
SetCursor
MessageBoxA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
ReleaseDC
GetDC
LoadStringA
DestroyMenu
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
LoadCursorA
GetSysColorBrush
FindWindowA
InvalidateRect
OffsetRect
CharUpperA
ReleaseCapture
WindowFromPoint
IntersectRect
InflateRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
UpdateWindow
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
PeekMessageA
GetFocus
SetFocus
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetMenuCheckMarkDimensions
CopyRect
IsWindowVisible
ScreenToClient
LoadBitmapA
SetScrollInfo
SetScrollRange
GetScrollPos
SetScrollPos
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
GetNextDlgTabItem
EndDialog
GetActiveWindow
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetParent
GetWindowLongA
GetDlgItem
IsWindowEnabled
PostMessageA
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
AppendMenuA
KillTimer
ModifyMenuA
PostQuitMessage
SetTimer
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
ScrollWindow
GetMenuState
BeginDeferWindowPos
EndDeferWindowPos
LoadIconA
EnableWindow
SendMessageA
ShowScrollBar
IsChild
GetTopWindow
DispatchMessageA
ExcludeUpdateRgn
HideCaret
ShowCaret
UnregisterClassA
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

SetBkColor
CreateBitmap
PatBlt
DeleteDC
SaveDC
SelectObject
GetStockObject
RestoreDC
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetTextColor
GetObjectA
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
CreateDIBitmap
BitBlt
CreateCompatibleDC
ScaleViewportExtEx

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

advapi32

RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA

comctl32

ImageList_Destroy
ord17

wsock32

WSAStartup
WSAGetLastError
inet_ntoa
WSACleanup
sendto
htons
closesocket
socket
ioctlsocket
gethostbyname

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/VTJOOB.exe
.exe windows:4 windows x86 arch:x86

a89e063d8d0a01949e7c2748e6a8d2fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
TerminateProcess
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
ExitProcess
CloseHandle
GetStringTypeW
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetStdHandle
GetLocaleInfoA
GetLocaleInfoW
GetCurrentThread
SetLastError
FreeLibrary
LocalFree
HeapFree
HeapAlloc
RaiseException
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
RtlUnwind
SetErrorMode
GlobalGetAtomNameA
GlobalAddAtomA
GetModuleFileNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
GetCurrentProcess
lstrcpyA
SizeofResource
GetVersionExA
GetProcessVersion
LoadLibraryA
GetProcAddress
GlobalFlags
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
WritePrivateProfileStringA
LeaveCriticalSection
DeleteCriticalSection
GlobalHandle
GlobalLock
LocalAlloc
TlsAlloc
InitializeCriticalSection
MulDiv
lstrcpynA
GetLastError
SetUnhandledExceptionFilter
GlobalAlloc
InterlockedIncrement
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
VirtualAlloc
GetStringTypeA
LCMapStringA
LCMapStringW
GlobalUnlock
lstrcatA
InterlockedDecrement
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
GetProfileStringA
GetVersion
LockResource
LoadResource
FindResourceA
GlobalFree

user32

ShowOwnedPopups
SetCursor
MessageBoxA
GetCursorPos
ValidateRect
TranslateMessage
GetMessageA
ReleaseDC
GetDC
DestroyMenu
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
GetClassNameA
PtInRect
ClientToScreen
GetDesktopWindow
LoadCursorA
GetSysColorBrush
FindWindowA
InvalidateRect
OffsetRect
CharUpperA
ReleaseCapture
WindowFromPoint
IntersectRect
InflateRect
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
BringWindowToTop
GetNextDlgTabItem
EndDialog
GetActiveWindow
CreateDialogIndirectParamA
UpdateWindow
SendDlgItemMessageA
MapWindowPoints
GetSysColor
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
LoadBitmapA
SetFocus
EqualRect
DeferWindowPos
GetMenuState
GetMenuCheckMarkDimensions
EndDeferWindowPos
ScrollWindow
SetScrollInfo
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsWindowEnabled
IsChild
GetParent
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetMenu
GetDlgItem
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
SetPropA
UnhookWindowsHookEx
GetLastActivePopup
GetForegroundWindow
SetForegroundWindow
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetWindow
GetWindowRect
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
LoadStringA
PostQuitMessage
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
GetSystemMenu
SetMenuItemBitmaps
AppendMenuA
LoadIconA
CheckMenuItem
EnableMenuItem
ShowWindow
SetWindowTextA
IsDialogMessageA
BeginDeferWindowPos
ModifyMenuA
CopyRect
IsWindow
AdjustWindowRectEx
PostMessageA
EnableWindow
SendMessageA
ScreenToClient
IsWindowVisible
ShowScrollBar
SystemParametersInfoA
UnregisterClassA
HideCaret
ShowCaret
ExcludeUpdateRgn
DrawFocusRect
DefDlgProcA
CharNextA
IsWindowUnicode

gdi32

SetBkColor
CreateBitmap
PatBlt
DeleteDC
SaveDC
RestoreDC
GetStockObject
SelectObject
SetBkMode
SetMapMode
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetTextColor
GetObjectA
ScaleWindowExtEx
GetClipBox
IntersectClipRect
DeleteObject
GetDeviceCaps
CreateSolidBrush
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPointA
CreateDIBitmap
BitBlt
CreateCompatibleDC
SetWindowExtEx

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

shell32

DragFinish
DragQueryFileA

comctl32

ImageList_Destroy
ord17

wsock32

ioctlsocket
accept
htonl
closesocket
bind
htons
WSAGetLastError
WSAAsyncSelect
socket
recvfrom
sendto
connect
inet_ntoa
WSASetLastError
WSAStartup
WSACleanup
shutdown
gethostbyname
recv
send

Sections

.text
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/VTbar.bmp
Temp/Setup/VTheme.Thm
Temp/Setup/VTheme0.Thm
Temp/Setup/VTheme1.Thm
Temp/Setup/VTheme10.Thm
Temp/Setup/VTheme11.Thm
Temp/Setup/VTheme12.Thm
Temp/Setup/VTheme13.Thm
Temp/Setup/VTheme14.Thm
Temp/Setup/VTheme15.Thm
Temp/Setup/VTheme16.Thm
Temp/Setup/VTheme2.Thm
Temp/Setup/VTheme3.Thm
Temp/Setup/VTheme4.Thm
Temp/Setup/VTheme5.Thm
Temp/Setup/VTheme6.Thm
Temp/Setup/VTheme7.Thm
Temp/Setup/VTheme8.Thm
Temp/Setup/VTheme9.Thm
Temp/Setup/VcLoNe.Mrc
Temp/Setup/VcLoNe.PoP
Temp/Setup/VcLoNe.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 293KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/VerReply.FLD
Temp/Setup/Version.FLD
Temp/Setup/VirusScript2000.txt
Temp/Setup/Vservers.Mrc
Temp/Setup/Vstart1.mrc
Temp/Setup/Vstart2.mrc
Temp/Setup/Vstart3.mrc
Temp/Setup/W.PoP
Temp/Setup/WOLF.TXT
Temp/Setup/WhatsNew.txt
Temp/Setup/X.PoP
Temp/Setup/a.txt
Temp/Setup/about.htm
.html
Temp/Setup/acnvrule.gif
.gif
Temp/Setup/addrbk.ini
Temp/Setup/address.buk
Temp/Setup/alarm.wav
Temp/Setup/alias1.ini
.ps1
Temp/Setup/alias2.ini
Temp/Setup/alias3.ini
Temp/Setup/alias4.ini
Temp/Setup/alias5.ini
Temp/Setup/alias6.ini
Temp/Setup/alias7.ini
Temp/Setup/aliases.htm
.html
Temp/Setup/assault.exe
.exe windows:4 windows x86 arch:x86

efe58a241df7e9b7c95a917038e60642

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc40

ord3963
ord5070
ord3431
ord965
ord4627
ord2097
ord2909
ord4713
ord4715
ord2390
ord3579
ord4165
ord4719
ord4703
ord5053
ord2617
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2696
ord3345
ord3346
ord3340
ord2694
ord3580
ord4096
ord3906
ord3259
ord721
ord504
ord731
ord2199
ord2299
ord1060
ord1100
ord570
ord4681
ord3859
ord4312
ord2234
ord2197
ord3578
ord1539
ord3890
ord4657
ord2086
ord4608
ord5647
ord3837
ord4694
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord2140
ord1850
ord4691
ord4101
ord1061
ord3134
ord1014
ord1035
ord315
ord3724
ord5275
ord5273
ord2317
ord2707
ord5492
ord4173
ord2081
ord662
ord421
ord2710
ord2713
ord1814
ord5648
ord3761
ord4142
ord5360
ord4450
ord3907
ord1368

msvcrt40

exit
atol
rand
fprintf
__p__iob
time
__dllonexit
_onexit
_exit
_XcptFilter
__p__acmdln
_initterm
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__CxxFrameHandler
fopen
srand
fseek
fgetc
fclose
sprintf
_setmbcp

kernel32

GetCommandLineA
Sleep
GetVersion
GetModuleHandleA
GetStartupInfoA

user32

GetClientRect
GetSystemMetrics
DrawIcon
IsIconic
KillTimer
SetTimer
EnableWindow
LoadIconA
SendMessageA

wsock32

htons
socket
getprotobyname
bind
sendto
ioctlsocket
closesocket
gethostbyname

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Temp/Setup/bi.txt
Temp/Setup/ch.wav
Temp/Setup/cia.txt
Temp/Setup/click.exe
.exe windows:4 windows x86 arch:x86

5f61498830ce0fab681a67a193bd17c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc40

ord4173
ord3578
ord1539
ord3890
ord4657
ord2086
ord4608
ord5647
ord3837
ord4694
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord2140
ord1850
ord4691
ord2617
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2696
ord3345
ord3346
ord3340
ord2694
ord3580
ord4101
ord3907
ord3134
ord570
ord315
ord731
ord2199
ord5360
ord1035
ord706
ord5275
ord2707
ord2317
ord1061
ord3656
ord486
ord2514
ord2081
ord662
ord421
ord2713
ord4142
ord3761
ord5648
ord3963
ord2234
ord2197
ord5070
ord3431
ord965
ord4627
ord2097
ord2909
ord4713
ord4681
ord2390
ord3579
ord4165
ord4719
ord4703
ord5053
ord4096
ord3906
ord3259
ord721
ord504
ord2299
ord1060
ord1100
ord4450
ord4312
ord3859
ord1014
ord3724
ord4715
ord1368

msvcrt40

malloc
rand
fgetc
fseek
__dllonexit
fopen
_onexit
_exit
_XcptFilter
__p__acmdln
_initterm
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_setmbcp
fclose
free
exit
sprintf
atoi
__CxxFrameHandler
fscanf
_controlfp

kernel32

GetCommandLineA
Sleep
GetVersion
GetModuleHandleA
GetStartupInfoA

user32

IsIconic
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
SendMessageA
KillTimer
SetTimer
EnableWindow
PostMessageA
LoadIconA

wsock32

WSAGetLastError
htons
shutdown
setsockopt
socket
getprotobyname
ioctlsocket
sendto
htonl
WSACleanup
gethostbyname
closesocket

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Temp/Setup/clonesc.ini
Temp/Setup/cnvbkgnd.jpg
.jpg
Temp/Setup/cprotm.gif
.gif
Temp/Setup/cseen.bat
Temp/Setup/d_info.txt
Temp/Setup/data.ini
Temp/Setup/delseen.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Temp/Setup/disable.wav
Temp/Setup/discon.wav
Temp/Setup/enable.wav
Temp/Setup/events.ini
Temp/Setup/finger.txt
Temp/Setup/greet.txt
Temp/Setup/hit.wav
Temp/Setup/hotkeys.htm
.html
Temp/Setup/hotkeys.mrc
Temp/Setup/icmpwtch.exe
.exe windows:4 windows x86 arch:x86

eb9017803b0134e59ca1fc605f571cbc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc40

ord2197
ord5070
ord3431
ord965
ord2234
ord4627
ord2097
ord2909
ord4713
ord4715
ord2390
ord3579
ord4165
ord4719
ord4703
ord5053
ord2617
ord2754
ord2843
ord3945
ord2744
ord2845
ord2620
ord2696
ord3345
ord3346
ord3340
ord2694
ord3580
ord4096
ord3906
ord3259
ord721
ord504
ord731
ord2199
ord2299
ord1060
ord1100
ord570
ord538
ord2707
ord5275
ord5273
ord4681
ord3859
ord4312
ord4450
ord4173
ord5360
ord5648
ord3963
ord3890
ord4657
ord2086
ord4608
ord5647
ord3837
ord4694
ord3314
ord4296
ord3922
ord2323
ord1785
ord5649
ord3268
ord4510
ord1494
ord4677
ord2140
ord1850
ord4691
ord4101
ord1061
ord3134
ord315
ord3724
ord5145
ord4853
ord1759
ord3894
ord3928
ord3820
ord4321
ord4428
ord5132
ord4850
ord1718
ord856
ord3109
ord1014
ord1035
ord274
ord706
ord3656
ord486
ord2514
ord2081
ord662
ord421
ord1424
ord3761
ord4142
ord1539
ord3578
ord3907
ord1368

msvcrt40

fprintf
exit
__dllonexit
_onexit
time
_exit
_XcptFilter
__p__acmdln
_initterm
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
fopen
sprintf
fseek
__CxxFrameHandler
fclose
fgetc
_setmbcp

kernel32

Sleep
GetVersion
GetModuleHandleA
GetStartupInfoA

user32

AppendMenuA
GetSystemMenu
DrawIcon
LoadIconA
GetClientRect
GetSystemMetrics
IsIconic
EnableWindow
SetForegroundWindow
SendMessageA

wsock32

recvfrom
bind
socket
getprotobyname
ntohs
WSAGetLastError
inet_addr

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Temp/Setup/impres.wav
Temp/Setup/index.htm
.html
Temp/Setup/kicks.txt
Temp/Setup/l_info.txt
Temp/Setup/language.ini
Temp/Setup/mIRCpills.txt
Temp/Setup/mail.bmp
Temp/Setup/mail.mrc
Temp/Setup/mirc.hlp
Temp/Setup/musicscr.ini
Temp/Setup/n1.txt
Temp/Setup/n2.txt
Temp/Setup/netbus.ini
Temp/Setup/nnabber.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 7KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tlsdir
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Temp/Setup/notify.wav
Temp/Setup/nukes.gif
.gif
Temp/Setup/open.wav
Temp/Setup/popupm.gif
.gif
Temp/Setup/popupn.gif
.gif
Temp/Setup/popups.gif
.gif
Temp/Setup/popups.htm
.html
Temp/Setup/popups.ini
Temp/Setup/protect.htm
.html
Temp/Setup/protm.gif
.gif
Temp/Setup/r_Info.txt
Temp/Setup/raw.ini
Temp/Setup/rp_info.txt
Temp/Setup/rpopups.ini
Temp/Setup/rpopups0.ini
Temp/Setup/rpopups1.ini
Temp/Setup/rpopups2.ini
Temp/Setup/rr-paint.mrc
Temp/Setup/rr-paint.rap
Temp/Setup/s_info.txt
Temp/Setup/scan.PoP
Temp/Setup/seenscr.ini
Temp/Setup/servers.ini
Temp/Setup/settings.htm
.html
Temp/Setup/settings.ini
Temp/Setup/snd_info.txt
Temp/Setup/sndlist.mrc
Temp/Setup/sprotm.gif
.gif
Temp/Setup/sprotm2.gif
.gif
Temp/Setup/sr.txt
Temp/Setup/sys_info.txt
Temp/Setup/t_info.txt
Temp/Setup/telnet.mrc
Temp/Setup/tips.htm
.html
Temp/Setup/urls.ini
Temp/Setup/users.ini
Temp/Setup/utils.htm
.html
Temp/Setup/v2000.htm
.html
Temp/Setup/variables.ini
Temp/Setup/vctcp.ini
Temp/Setup/vs.htm
.html
Temp/Setup/vs.wav
Temp/Setup/war.htm
.html
Temp/Setup/war_info.txt
Temp/Setup/warm.gif
.gif
Temp/Setup/whatsnew.htm
.html
Temp/Setup/yasarozg.htm
.html

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 25KB - Virtual size: 28KB

DATA Size: 7KB - Virtual size: 12KB

.idata Size: 1024B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

38fd7c7719b9b68260cc0808c149f529

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

wsock32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 23KB - Virtual size: 22KB

.data Size: 16KB - Virtual size: 32KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 25KB - Virtual size: 24KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 25KB - Virtual size: 28KB

TLSCBA Size: - Virtual size: 12KB

TLSCBA Size: 8KB - Virtual size: 12KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

86dbf85c98a5b4225edd608fb7647497

Headers

File Characteristics

Imports

kernel32

wsock32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 512B - Virtual size: 105B

.data Size: 6KB - Virtual size: 17KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

Headers

File Characteristics

Sections

CODE Size: 35KB - Virtual size: 76KB

DATA Size: 512B - Virtual size: 4KB

BSS Size: - Virtual size: 68KB

.idata Size: 1KB - Virtual size: 4KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 8KB

.adata Size: 4KB - Virtual size: 8KB

.udata Size: - Virtual size: 4KB

Headers

File Characteristics

Exports

Exports

Sections

CODE Size: 89KB - Virtual size: 200KB

DATA Size: 1024B - Virtual size: 4KB

BSS Size: - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 8KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 16KB

CODE
Size: 25KB - Virtual size: 28KB

DATA
Size: 7KB - Virtual size: 12KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 23KB - Virtual size: 22KB

.data
Size: 16KB - Virtual size: 32KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 25KB - Virtual size: 24KB

CODE
Size: 25KB - Virtual size: 28KB

TLSCBA
Size: - Virtual size: 12KB

TLSCBA
Size: 8KB - Virtual size: 12KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 512B - Virtual size: 105B

.data
Size: 6KB - Virtual size: 17KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

CODE
Size: 35KB - Virtual size: 76KB

DATA
Size: 512B - Virtual size: 4KB

BSS
Size: - Virtual size: 68KB

.idata
Size: 1KB - Virtual size: 4KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 8KB

.adata
Size: 4KB - Virtual size: 8KB

.udata
Size: - Virtual size: 4KB

CODE
Size: 89KB - Virtual size: 200KB

DATA
Size: 1024B - Virtual size: 4KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 16KB

.rsrc
Size: 12KB - Virtual size: 48KB

.adata
Size: 2KB - Virtual size: 4KB

.udata
Size: - Virtual size: 4KB

CODE
Size: 248KB - Virtual size: 247KB

DATA
Size: 3KB - Virtual size: 2KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 7KB - Virtual size: 7KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 18KB - Virtual size: 17KB

.rsrc
Size: 191KB - Virtual size: 191KB

.text
Size: 883KB - Virtual size: 884KB

.data
Size: 57KB - Virtual size: 188KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 9KB - Virtual size: 12KB

.edata
Size: 1024B - Virtual size: 4KB

.rsrc
Size: 152KB - Virtual size: 156KB

.reloc
Size: 80KB - Virtual size: 80KB

.text
Size: 121KB - Virtual size: 121KB

.rdata
Size: 21KB - Virtual size: 21KB

.data
Size: 16KB - Virtual size: 31KB

.idata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 20KB - Virtual size: 19KB