0cb012f306820b5e7378c28bfba545d9

Sharing

Copy URL

Twitter E-mail

General

Target

0cb012f306820b5e7378c28bfba545d9
Size

11.8MB
MD5

0cb012f306820b5e7378c28bfba545d9
SHA1

a21bd7168e736481822a5f9f384cbc2a79d7f790
SHA256

7f50c7e8c039e3c731dcebbe6833d876f3155d089952daddd6c87fb8bef22fcb
SHA512

278f4d7f06885c908fd84278abde6ff6f2a85a9e21544057ba7815fe6e0cdab29881dde4423e0a37994bfa49a2a3232886a8b091894d5430b71b4ca0bf12c4d4
SSDEEP

196608:rX/FGBOFCj78t6ZWj0bDlDXYzWgbg5J7ofrx8XuBGEYbJiPVeFv3vhEdtrGoeCmM:rX/Fde78t6bDlDXIf98uGTiP0Fv3vhED

Score

3^/10

Malware Config

Signatures

Unsigned PE 9 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Examples/Assembly/MASM/Via API/Example.exe
unpack001/Examples/Assembly/MASM/Via API/VirtualizerSDK32.dll
unpack001/Examples/Assembly/MASM/Via Macro/Example.exe
unpack001/Examples/Assembly/MASM/Via Macro/Example2.exe
unpack001/Lib/Device Drivers/32-bit/VirtualizerDDK.sys
unpack001/Lib/Device Drivers/64-bit/VirtualizerDDK.sys
unpack001/Lib/VirtualizerSDK32.dll
unpack001/Lib/VirtualizerSDK64.dll
unpack001/Virtualizer.exe

Files

0cb012f306820b5e7378c28bfba545d9
.zip
Code Virtualizer Help.chm
.chm
Examples/Assembly/MASM/Via API/Example.asm
Examples/Assembly/MASM/Via API/Example.exe
.exe windows:4 windows x86 arch:x86

8e909836e7f5caeebdfc3437f3cfe2da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

MessageBoxA

virtualizersdk32

ord2
ord4
ord1

Sections

.text
Size: 512B - Virtual size: 114B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 215B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Examples/Assembly/MASM/Via API/Example.obj
Examples/Assembly/MASM/Via API/MAKEFILE
Examples/Assembly/MASM/Via API/VirtualizerSDK.inc
Examples/Assembly/MASM/Via API/VirtualizerSDK32.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

Virtualizer1End
Virtualizer1Start
Virtualizer2End
Virtualizer2Start
Virtualizer3End
Virtualizer3Start
Virtualizer4End
Virtualizer4Start
Virtualizer5End
Virtualizer5Start
VirtualizerEnd
VirtualizerMutate1Start
VirtualizerMutate2Start
VirtualizerMutate3Start
VirtualizerStart

Sections

.text
Size: 512B - Virtual size: 27B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 485B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Examples/Assembly/MASM/Via API/VirtualizerSDK32.lib
Examples/Assembly/MASM/Via Macro/Example.asm
Examples/Assembly/MASM/Via Macro/Example.exe
.exe windows:4 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

.text
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 215B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Examples/Assembly/MASM/Via Macro/Example.obj
Examples/Assembly/MASM/Via Macro/Example2.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 311KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.v-lizer
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Examples/Assembly/MASM/Via Macro/MAKEFILE
Examples/Assembly/MASM/Via Macro/VirtualizerSDK.inc
Examples/C/CBuilder/Project2.bpr
.xml
Examples/C/CBuilder/Project2.cpp
.js
Examples/C/CBuilder/Project2.obj
Examples/C/CBuilder/Project2.res
Examples/C/CBuilder/Unit1.cpp
Examples/C/CBuilder/Unit1.ddp
Examples/C/CBuilder/Unit1.dfm
Examples/C/CBuilder/Unit1.h
Examples/C/PellesC/Test.PPJ
Examples/C/PellesC/Test.c
Examples/C/PellesC/Test.ppx
.xml
Examples/C/PellesC/Test.tag
Examples/C/PellesC/Test.til
Examples/C/VC (via ASM module)/StdAfx.cpp
Examples/C/VC (via ASM module)/StdAfx.h
Examples/C/VC (via ASM module)/UpgradeLog.XML
.xml
Examples/C/VC (via ASM module)/resource.h
Examples/C/VC (via ASM module)/small.ico
Examples/C/VC (via ASM module)/vc_example.aps
Examples/C/VC (via ASM module)/vc_example.cpp
Examples/C/VC (via ASM module)/vc_example.dsp
Examples/C/VC (via ASM module)/vc_example.dsw
Examples/C/VC (via ASM module)/vc_example.h
Examples/C/VC (via ASM module)/vc_example.ico
Examples/C/VC (via ASM module)/vc_example.plg
.html
Examples/C/VC (via ASM module)/vc_example.rc
Examples/C/VC (via ASM module)/vc_example.res
Examples/C/VC (via ASM module)/vc_example.sln
Examples/C/VC (via ASM module)/vc_example.suo
Examples/C/VC (via ASM module)/vc_example.vcproj
.xml
Examples/C/VC (via ASM module)/vc_example.vcxproj
Examples/C/VC (via ASM module)/vc_example.vcxproj.filters
Examples/C/VC (via ASM module)/vc_example.vcxproj.user
Examples/C/VC/StdAfx.cpp
Examples/C/VC/StdAfx.h
Examples/C/VC/UpgradeLog.XML
.xml
Examples/C/VC/resource.h
Examples/C/VC/small.ico
Examples/C/VC/vc_example.aps
Examples/C/VC/vc_example.cpp
Examples/C/VC/vc_example.dsp
Examples/C/VC/vc_example.dsw
Examples/C/VC/vc_example.h
Examples/C/VC/vc_example.ico
Examples/C/VC/vc_example.plg
.html
Examples/C/VC/vc_example.rc
Examples/C/VC/vc_example.res
Examples/C/VC/vc_example.sln
Examples/C/VC/vc_example.suo
Examples/C/VC/vc_example.vcproj
.xml
Examples/C/VC/vc_example.vcxproj
Examples/C/VC/vc_example.vcxproj.filters
Examples/C/VC/vc_example.vcxproj.user
Examples/Delphi/Via API/Project1.cfg
Examples/Delphi/Via API/Project1.dof
Examples/Delphi/Via API/Project1.dpr
Examples/Delphi/Via API/Project1.dproj
Examples/Delphi/Via API/Project1.dproj.local
Examples/Delphi/Via API/Project1.res
Examples/Delphi/Via API/Project1_Icon.ico
Examples/Delphi/Via API/Unit1.dcu
Examples/Delphi/Via API/Unit1.ddp
Examples/Delphi/Via API/Unit1.dfm
Examples/Delphi/Via API/Unit1.pas
Examples/Delphi/Via API/Unit1.~ddp
Examples/Delphi/Via API/Unit1.~dfm
Examples/Delphi/Via API/Unit1.~pas
Examples/Delphi/Via API/VirtualizerSDK.dcu
Examples/Delphi/Via API/VirtualizerSDK.pas
Examples/Delphi/Via API/VirtualizerSDK_CustomVMsImplementation.pas
Examples/Delphi/Via API/VirtualizerSDK_CustomVMsInterface.pas
Examples/Delphi/Via Macros/Project1.cfg
Examples/Delphi/Via Macros/Project1.dof
Examples/Delphi/Via Macros/Project1.dpr
Examples/Delphi/Via Macros/Project1.dproj
Examples/Delphi/Via Macros/Project1.res
Examples/Delphi/Via Macros/Project1_Icon.ico
Examples/Delphi/Via Macros/Unit1.dcu
Examples/Delphi/Via Macros/Unit1.ddp
Examples/Delphi/Via Macros/Unit1.dfm
Examples/Delphi/Via Macros/Unit1.pas
Examples/Delphi/Via Macros/VIRTUALIZER_TIGER_RED_END.inc
Examples/Delphi/Via Macros/VIRTUALIZER_TIGER_RED_START.inc
Examples/Delphi/Via Macros/VIRTUALIZER_TIGER_WHITE_END.inc
Examples/Delphi/Via Macros/VIRTUALIZER_TIGER_WHITE_START.inc
Examples/Device Drivers/makefile
Examples/Device Drivers/sample.c
Examples/Device Drivers/sample.rc
Examples/Device Drivers/sources
Examples/Golang/main.go
Examples/Golang/readme.txt
Examples/Mac OS X/GCC/main.c
Examples/Mac OS X/GCC/makefile
Examples/PureBasic/example.pb
Examples/Visual Basic/Form1.frm
Examples/Visual Basic/Project1.vbp
Examples/Visual Basic/Project1.vbw
Include/Assembly/VirtualizerSDK.inc
Include/Assembly/VirtualizerSDK_CustomVMs_fasm32.inc
Include/Assembly/VirtualizerSDK_CustomVMs_fasm64.inc
Include/Assembly/VirtualizerSDK_CustomVMs_masm32.inc
Include/Assembly/VirtualizerSDK_CustomVMs_masm64.inc
Include/C/Readme.txt
Include/C/Via ASM module/How to add ASM files in your Solution.pdf
.pdf
Include/C/Via ASM module/Readme.txt
Include/C/Via ASM module/VirtualizerSDKCustomVMsMacros.h
Include/C/Via ASM module/VirtualizerSDKCustomVmMacros.asm
Include/C/Via ASM module/VirtualizerSDKMacros.h
Include/C/VirtualizerSDK.h
Include/C/VirtualizerSDK_BorlandC_inline.h
Include/C/VirtualizerSDK_CustomVMs.h
Include/C/VirtualizerSDK_CustomVMs_BorlandC_inline.h
Include/C/VirtualizerSDK_CustomVMs_GNU_inline.h
Include/C/VirtualizerSDK_CustomVMs_ICL_inline.h
Include/C/VirtualizerSDK_CustomVMs_LCC_inline.h
Include/C/VirtualizerSDK_CustomVMs_VC_inline.h
Include/C/VirtualizerSDK_GNU_inline.h
Include/C/VirtualizerSDK_ICL_inline.h
Include/C/VirtualizerSDK_LCC_inline.h
Include/C/VirtualizerSDK_VC_inline.h
Include/D language/VirtualizerSDK32.d
Include/D language/VirtualizerSDK64.d
Include/Delphi/VIRTUALIZER_DOLPHIN_BLACK_END.inc
Include/Delphi/VIRTUALIZER_DOLPHIN_BLACK_START.inc
Include/Delphi/VIRTUALIZER_DOLPHIN_RED_END.inc
Include/Delphi/VIRTUALIZER_DOLPHIN_RED_START.inc
Include/Delphi/VIRTUALIZER_DOLPHIN_WHITE_END.inc
Include/Delphi/VIRTUALIZER_DOLPHIN_WHITE_START.inc
Include/Delphi/VIRTUALIZER_EAGLE_BLACK_END.inc
Include/Delphi/VIRTUALIZER_EAGLE_BLACK_START.inc
Include/Delphi/VIRTUALIZER_EAGLE_RED_END.inc
Include/Delphi/VIRTUALIZER_EAGLE_RED_START.inc
Include/Delphi/VIRTUALIZER_EAGLE_WHITE_END.inc
Include/Delphi/VIRTUALIZER_EAGLE_WHITE_START.inc
Include/Delphi/VIRTUALIZER_FISH_BLACK_END.inc
Include/Delphi/VIRTUALIZER_FISH_BLACK_START.inc
Include/Delphi/VIRTUALIZER_FISH_RED_END.inc
Include/Delphi/VIRTUALIZER_FISH_RED_START.inc
Include/Delphi/VIRTUALIZER_FISH_WHITE_END.inc
Include/Delphi/VIRTUALIZER_FISH_WHITE_START.inc
Include/Delphi/VIRTUALIZER_MUTATE_ONLY_END.inc
Include/Delphi/VIRTUALIZER_MUTATE_ONLY_START.inc
Include/Delphi/VIRTUALIZER_PUMA_BLACK_END.inc
Include/Delphi/VIRTUALIZER_PUMA_BLACK_START.inc
Include/Delphi/VIRTUALIZER_PUMA_RED_END.inc
Include/Delphi/VIRTUALIZER_PUMA_RED_START.inc
Include/Delphi/VIRTUALIZER_PUMA_WHITE_END.inc
Include/Delphi/VIRTUALIZER_PUMA_WHITE_START.inc
Include/Delphi/VIRTUALIZER_SHARK_BLACK_END.inc
Include/Delphi/VIRTUALIZER_SHARK_BLACK_START.inc
Include/Delphi/VIRTUALIZER_SHARK_RED_END.inc
Include/Delphi/VIRTUALIZER_SHARK_RED_START.inc
Include/Delphi/VIRTUALIZER_SHARK_WHITE_END.inc
Include/Delphi/VIRTUALIZER_SHARK_WHITE_START.inc
Include/Delphi/VIRTUALIZER_TIGER_BLACK_END.inc
Include/Delphi/VIRTUALIZER_TIGER_BLACK_START.inc
Include/Delphi/VIRTUALIZER_TIGER_RED_END.inc
Include/Delphi/VIRTUALIZER_TIGER_RED_START.inc
Include/Delphi/VIRTUALIZER_TIGER_WHITE_END.inc
Include/Delphi/VIRTUALIZER_TIGER_WHITE_START.inc
Include/Delphi/VirtualizerSDK.pas
Include/Delphi/VirtualizerSDK_CustomVMsImplementation.pas
Include/Delphi/VirtualizerSDK_CustomVMsInterface.pas
Include/Delphi/Virtualizer_End.inc
Include/Delphi/Virtualizer_Start.inc
Include/Go language/virtualizersdk_386.go
Include/Go language/virtualizersdk_amd64.go
Include/PowerBasic/VirtualizerSDK32.inc
Include/PowerBasic/VirtualizerSDK64.inc
Include/PureBasic/Readme.txt
Include/PureBasic/VirtualizerSDK32.pb
Include/PureBasic/VirtualizerSDK32.pbi
Include/PureBasic/VirtualizerSDK64.pb
Include/PureBasic/VirtualizerSDK64.pbi
LICENSE.TXT
Lib/COFF/VirtualizerSDK32.lib
Lib/COFF/VirtualizerSDK64.lib
Lib/Device Drivers/32-bit/VirtualizerDDK.lib
Lib/Device Drivers/32-bit/VirtualizerDDK.sys
.sys windows:5 windows x86 arch:x86

cd4d4533455ee06d3d9ccd3f8908fc81

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeTickCount

Exports

Exports

CustomVM00000100_End
CustomVM00000100_Start
CustomVM00000101_End
CustomVM00000101_Start
CustomVM00000102_End
CustomVM00000102_Start
CustomVM00000103_End
CustomVM00000103_Start
CustomVM00000104_End
CustomVM00000104_Start
CustomVM00000105_End
CustomVM00000105_Start
CustomVM00000106_End
CustomVM00000106_Start
CustomVM00000107_End
CustomVM00000107_Start
CustomVM00000108_End
CustomVM00000108_Start
CustomVM00000109_End
CustomVM00000109_Start
CustomVM00000110_End
CustomVM00000110_Start
CustomVM00000111_End
CustomVM00000111_Start
CustomVM00000112_End
CustomVM00000112_Start
CustomVM00000113_End
CustomVM00000113_Start
CustomVM00000114_End
CustomVM00000114_Start
CustomVM00000115_End
CustomVM00000115_Start
CustomVM00000116_End
CustomVM00000116_Start
CustomVM00000117_End
CustomVM00000117_Start
CustomVM00000118_End
CustomVM00000118_Start
CustomVM00000119_End
CustomVM00000119_Start
CustomVM00000120_End
CustomVM00000120_Start
CustomVM00000121_End
CustomVM00000121_Start
CustomVM00000122_End
CustomVM00000122_Start
CustomVM00000123_End
CustomVM00000123_Start
CustomVM00000124_End
CustomVM00000124_Start
CustomVM00000125_End
CustomVM00000125_Start
CustomVM00000126_End
CustomVM00000126_Start
CustomVM00000127_End
CustomVM00000127_Start
CustomVM00000128_End
CustomVM00000128_Start
CustomVM00000129_End
CustomVM00000129_Start
CustomVM00000130_End
CustomVM00000130_Start
CustomVM00000131_End
CustomVM00000131_Start
CustomVM00000132_End
CustomVM00000132_Start
CustomVM00000133_End
CustomVM00000133_Start
CustomVM00000134_End
CustomVM00000134_Start
CustomVM00000135_End
CustomVM00000135_Start
CustomVM00000136_End
CustomVM00000136_Start
CustomVM00000137_End
CustomVM00000137_Start
CustomVM00000138_End
CustomVM00000138_Start
CustomVM00000139_End
CustomVM00000139_Start
CustomVM00000140_End
CustomVM00000140_Start
CustomVM00000141_End
CustomVM00000141_Start
CustomVM00000142_End
CustomVM00000142_Start
CustomVM00000143_End
CustomVM00000143_Start
CustomVM00000144_End
CustomVM00000144_Start
CustomVM00000145_End
CustomVM00000145_Start
CustomVM00000146_End
CustomVM00000146_Start
CustomVM00000147_End
CustomVM00000147_Start
CustomVM00000148_End
CustomVM00000148_Start
CustomVM00000149_End
CustomVM00000149_Start
CustomVM00000150_End
CustomVM00000150_Start
CustomVM00000151_End
CustomVM00000151_Start
CustomVM00000152_End
CustomVM00000152_Start
CustomVM00000153_End
CustomVM00000153_Start
CustomVM00000154_End
CustomVM00000154_Start
CustomVM00000155_End
CustomVM00000155_Start
CustomVM00000156_End
CustomVM00000156_Start
CustomVM00000157_End
CustomVM00000157_Start
CustomVM00000158_End
CustomVM00000158_Start
CustomVM00000159_End
CustomVM00000159_Start
CustomVM00000160_End
CustomVM00000160_Start
CustomVM00000161_End
CustomVM00000161_Start
CustomVM00000162_End
CustomVM00000162_Start
CustomVM00000163_End
CustomVM00000163_Start
CustomVM00000164_End
CustomVM00000164_Start
CustomVM00000165_End
CustomVM00000165_Start
CustomVM00000166_End
CustomVM00000166_Start
CustomVM00000167_End
CustomVM00000167_Start
CustomVM00000168_End
CustomVM00000168_Start
CustomVM00000169_End
CustomVM00000169_Start
CustomVM00000170_End
CustomVM00000170_Start
CustomVM00000171_End
CustomVM00000171_Start
CustomVM00000172_End
CustomVM00000172_Start
CustomVM00000173_End
CustomVM00000173_Start
CustomVM00000174_End
CustomVM00000174_Start
CustomVM00000175_End
CustomVM00000175_Start
CustomVM00000176_End
CustomVM00000176_Start
CustomVM00000177_End
CustomVM00000177_Start
CustomVM00000178_End
CustomVM00000178_Start
CustomVM00000179_End
CustomVM00000179_Start
CustomVM00000180_End
CustomVM00000180_Start
CustomVM00000181_End
CustomVM00000181_Start
CustomVM00000182_End
CustomVM00000182_Start
CustomVM00000183_End
CustomVM00000183_Start
CustomVM00000184_End
CustomVM00000184_Start
CustomVM00000185_End
CustomVM00000185_Start
CustomVM00000186_End
CustomVM00000186_Start
CustomVM00000187_End
CustomVM00000187_Start
CustomVM00000188_End
CustomVM00000188_Start
CustomVM00000189_End
CustomVM00000189_Start
CustomVM00000190_End
CustomVM00000190_Start
CustomVM00000191_End
CustomVM00000191_Start
CustomVM00000192_End
CustomVM00000192_Start
CustomVM00000193_End
CustomVM00000193_Start
CustomVM00000194_End
CustomVM00000194_Start
CustomVM00000195_End
CustomVM00000195_Start
CustomVM00000196_End
CustomVM00000196_Start
CustomVM00000197_End
CustomVM00000197_Start
CustomVM00000198_End
CustomVM00000198_Start
CustomVM00000199_End
CustomVM00000199_Start
CustomVM00000200_End
CustomVM00000200_Start
CustomVM00000201_End
CustomVM00000201_Start
CustomVM00000202_End
CustomVM00000202_Start
CustomVM00000203_End
CustomVM00000203_Start
CustomVM00000204_End
CustomVM00000204_Start
CustomVM00000205_End
CustomVM00000205_Start
CustomVM00000206_End
CustomVM00000206_Start
CustomVM00000207_End
CustomVM00000207_Start
CustomVM00000208_End
CustomVM00000208_Start
CustomVM00000209_End
CustomVM00000209_Start
CustomVM00000210_End
CustomVM00000210_Start
CustomVM00000211_End
CustomVM00000211_Start
CustomVM00000212_End
CustomVM00000212_Start
CustomVM00000213_End
CustomVM00000213_Start
CustomVM00000214_End
CustomVM00000214_Start
CustomVM00000215_End
CustomVM00000215_Start
CustomVM00000216_End
CustomVM00000216_Start
CustomVM00000217_End
CustomVM00000217_Start
CustomVM00000218_End
CustomVM00000218_Start
CustomVM00000219_End
CustomVM00000219_Start
CustomVM00000220_End
CustomVM00000220_Start
CustomVM00000221_End
CustomVM00000221_Start
CustomVM00000222_End
CustomVM00000222_Start
CustomVM00000223_End
CustomVM00000223_Start
CustomVM00000224_End
CustomVM00000224_Start
CustomVM00000225_End
CustomVM00000225_Start
CustomVM00000226_End
CustomVM00000226_Start
CustomVM00000227_End
CustomVM00000227_Start
CustomVM00000228_End
CustomVM00000228_Start
CustomVM00000229_End
CustomVM00000229_Start
CustomVM00000230_End
CustomVM00000230_Start
CustomVM00000231_End
CustomVM00000231_Start
CustomVM00000232_End
CustomVM00000232_Start
CustomVM00000233_End
CustomVM00000233_Start
CustomVM00000234_End
CustomVM00000234_Start
CustomVM00000235_End
CustomVM00000235_Start
CustomVM00000236_End
CustomVM00000236_Start
CustomVM00000237_End
CustomVM00000237_Start
CustomVM00000238_End
CustomVM00000238_Start
CustomVM00000239_End
CustomVM00000239_Start
CustomVM00000240_End
CustomVM00000240_Start
CustomVM00000241_End
CustomVM00000241_Start
CustomVM00000242_End
CustomVM00000242_Start
CustomVM00000243_End
CustomVM00000243_Start
CustomVM00000244_End
CustomVM00000244_Start
CustomVM00000245_End
CustomVM00000245_Start
CustomVM00000246_End
CustomVM00000246_Start
CustomVM00000247_End
CustomVM00000247_Start
CustomVM00000248_End
CustomVM00000248_Start
CustomVM00000249_End
CustomVM00000249_Start
CustomVM00000250_End
CustomVM00000250_Start
CustomVM00000251_End
CustomVM00000251_Start
CustomVM00000252_End
CustomVM00000252_Start
CustomVM00000253_End
CustomVM00000253_Start
CustomVM00000254_End
CustomVM00000254_Start
CustomVM00000255_End
CustomVM00000255_Start
CustomVM00000256_End
CustomVM00000256_Start
CustomVM00000257_End
CustomVM00000257_Start
CustomVM00000258_End
CustomVM00000258_Start
CustomVM00000259_End
CustomVM00000259_Start
CustomVM00000260_End
CustomVM00000260_Start
CustomVM00000261_End
CustomVM00000261_Start
CustomVM00000262_End
CustomVM00000262_Start
CustomVM00000263_End
CustomVM00000263_Start
CustomVM00000264_End
CustomVM00000264_Start
CustomVM00000265_End
CustomVM00000265_Start
CustomVM00000266_End
CustomVM00000266_Start
CustomVM00000267_End
CustomVM00000267_Start
CustomVM00000268_End
CustomVM00000268_Start
CustomVM00000269_End
CustomVM00000269_Start
CustomVM00000270_End
CustomVM00000270_Start
CustomVM00000271_End
CustomVM00000271_Start
CustomVM00000272_End
CustomVM00000272_Start
CustomVM00000273_End
CustomVM00000273_Start
CustomVM00000274_End
CustomVM00000274_Start
CustomVM00000275_End
CustomVM00000275_Start
CustomVM00000276_End
CustomVM00000276_Start
CustomVM00000277_End
CustomVM00000277_Start
CustomVM00000278_End
CustomVM00000278_Start
CustomVM00000279_End
CustomVM00000279_Start
CustomVM00000280_End
CustomVM00000280_Start
CustomVM00000281_End
CustomVM00000281_Start
CustomVM00000282_End
CustomVM00000282_Start
CustomVM00000283_End
CustomVM00000283_Start
CustomVM00000284_End
CustomVM00000284_Start
CustomVM00000285_End
CustomVM00000285_Start
CustomVM00000286_End
CustomVM00000286_Start
CustomVM00000287_End
CustomVM00000287_Start
CustomVM00000288_End
CustomVM00000288_Start
CustomVM00000289_End
CustomVM00000289_Start
CustomVM00000290_End
CustomVM00000290_Start
CustomVM00000291_End
CustomVM00000291_Start
CustomVM00000292_End
CustomVM00000292_Start
CustomVM00000293_End
CustomVM00000293_Start
CustomVM00000294_End
CustomVM00000294_Start
CustomVM00000295_End
CustomVM00000295_Start
CustomVM00000296_End
CustomVM00000296_Start
CustomVM00000297_End
CustomVM00000297_Start
CustomVM00000298_End
CustomVM00000298_Start
CustomVM00000299_End
CustomVM00000299_Start
CustomVM00000300_End
CustomVM00000300_Start
CustomVM00000301_End
CustomVM00000301_Start
CustomVM00000302_End
CustomVM00000302_Start
CustomVM00000303_End
CustomVM00000303_Start
CustomVM00000304_End
CustomVM00000304_Start
CustomVM00000305_End
CustomVM00000305_Start
CustomVM00000306_End
CustomVM00000306_Start
CustomVM00000307_End
CustomVM00000307_Start
CustomVM00000308_End
CustomVM00000308_Start
CustomVM00000309_End
CustomVM00000309_Start
CustomVM00000310_End
CustomVM00000310_Start
CustomVM00000311_End
CustomVM00000311_Start
CustomVM00000312_End
CustomVM00000312_Start
CustomVM00000313_End
CustomVM00000313_Start
CustomVM00000314_End
CustomVM00000314_Start
CustomVM00000315_End
CustomVM00000315_Start
CustomVM00000316_End
CustomVM00000316_Start
CustomVM00000317_End
CustomVM00000317_Start
CustomVM00000318_End
CustomVM00000318_Start
CustomVM00000319_End
CustomVM00000319_Start
CustomVM00000320_End
CustomVM00000320_Start
CustomVM00000321_End
CustomVM00000321_Start
CustomVM00000322_End
CustomVM00000322_Start
CustomVM00000323_End
CustomVM00000323_Start
CustomVM00000324_End
CustomVM00000324_Start
CustomVM00000325_End
CustomVM00000325_Start
CustomVM00000326_End
CustomVM00000326_Start
CustomVM00000327_End
CustomVM00000327_Start
CustomVM00000328_End
CustomVM00000328_Start
CustomVM00000329_End
CustomVM00000329_Start
CustomVM00000330_End
CustomVM00000330_Start
CustomVM00000331_End
CustomVM00000331_Start
CustomVM00000332_End
CustomVM00000332_Start
CustomVM00000333_End
CustomVM00000333_Start
CustomVM00000334_End
CustomVM00000334_Start
CustomVM00000335_End
CustomVM00000335_Start
CustomVM00000336_End
CustomVM00000336_Start
CustomVM00000337_End
CustomVM00000337_Start
CustomVM00000338_End
CustomVM00000338_Start
CustomVM00000339_End
CustomVM00000339_Start
CustomVM00000340_End
CustomVM00000340_Start
CustomVM00000341_End
CustomVM00000341_Start
CustomVM00000342_End
CustomVM00000342_Start
CustomVM00000343_End
CustomVM00000343_Start
CustomVM00000344_End
CustomVM00000344_Start
CustomVM00000345_End
CustomVM00000345_Start
CustomVM00000346_End
CustomVM00000346_Start
CustomVM00000347_End
CustomVM00000347_Start
CustomVM00000348_End
CustomVM00000348_Start
CustomVM00000349_End
CustomVM00000349_Start

Sections

.text
Size: 512B - Virtual size: 19B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lib/Device Drivers/64-bit/VirtualizerDDK.lib
Lib/Device Drivers/64-bit/VirtualizerDDK.sys
.sys windows:5 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

CustomVM00000100_End
CustomVM00000100_Start
CustomVM00000101_End
CustomVM00000101_Start
CustomVM00000102_End
CustomVM00000102_Start
CustomVM00000103_End
CustomVM00000103_Start
CustomVM00000104_End
CustomVM00000104_Start
CustomVM00000105_End
CustomVM00000105_Start
CustomVM00000106_End
CustomVM00000106_Start
CustomVM00000107_End
CustomVM00000107_Start
CustomVM00000108_End
CustomVM00000108_Start
CustomVM00000109_End
CustomVM00000109_Start
CustomVM00000110_End
CustomVM00000110_Start
CustomVM00000111_End
CustomVM00000111_Start
CustomVM00000112_End
CustomVM00000112_Start
CustomVM00000113_End
CustomVM00000113_Start
CustomVM00000114_End
CustomVM00000114_Start
CustomVM00000115_End
CustomVM00000115_Start
CustomVM00000116_End
CustomVM00000116_Start
CustomVM00000117_End
CustomVM00000117_Start
CustomVM00000118_End
CustomVM00000118_Start
CustomVM00000119_End
CustomVM00000119_Start
CustomVM00000120_End
CustomVM00000120_Start
CustomVM00000121_End
CustomVM00000121_Start
CustomVM00000122_End
CustomVM00000122_Start
CustomVM00000123_End
CustomVM00000123_Start
CustomVM00000124_End
CustomVM00000124_Start
CustomVM00000125_End
CustomVM00000125_Start
CustomVM00000126_End
CustomVM00000126_Start
CustomVM00000127_End
CustomVM00000127_Start
CustomVM00000128_End
CustomVM00000128_Start
CustomVM00000129_End
CustomVM00000129_Start
CustomVM00000130_End
CustomVM00000130_Start
CustomVM00000131_End
CustomVM00000131_Start
CustomVM00000132_End
CustomVM00000132_Start
CustomVM00000133_End
CustomVM00000133_Start
CustomVM00000134_End
CustomVM00000134_Start
CustomVM00000135_End
CustomVM00000135_Start
CustomVM00000136_End
CustomVM00000136_Start
CustomVM00000137_End
CustomVM00000137_Start
CustomVM00000138_End
CustomVM00000138_Start
CustomVM00000139_End
CustomVM00000139_Start
CustomVM00000140_End
CustomVM00000140_Start
CustomVM00000141_End
CustomVM00000141_Start
CustomVM00000142_End
CustomVM00000142_Start
CustomVM00000143_End
CustomVM00000143_Start
CustomVM00000144_End
CustomVM00000144_Start
CustomVM00000145_End
CustomVM00000145_Start
CustomVM00000146_End
CustomVM00000146_Start
CustomVM00000147_End
CustomVM00000147_Start
CustomVM00000148_End
CustomVM00000148_Start
CustomVM00000149_End
CustomVM00000149_Start
CustomVM00000150_End
CustomVM00000150_Start
CustomVM00000151_End
CustomVM00000151_Start
CustomVM00000152_End
CustomVM00000152_Start
CustomVM00000153_End
CustomVM00000153_Start
CustomVM00000154_End
CustomVM00000154_Start
CustomVM00000155_End
CustomVM00000155_Start
CustomVM00000156_End
CustomVM00000156_Start
CustomVM00000157_End
CustomVM00000157_Start
CustomVM00000158_End
CustomVM00000158_Start
CustomVM00000159_End
CustomVM00000159_Start
CustomVM00000160_End
CustomVM00000160_Start
CustomVM00000161_End
CustomVM00000161_Start
CustomVM00000162_End
CustomVM00000162_Start
CustomVM00000163_End
CustomVM00000163_Start
CustomVM00000164_End
CustomVM00000164_Start
CustomVM00000165_End
CustomVM00000165_Start
CustomVM00000166_End
CustomVM00000166_Start
CustomVM00000167_End
CustomVM00000167_Start
CustomVM00000168_End
CustomVM00000168_Start
CustomVM00000169_End
CustomVM00000169_Start
CustomVM00000170_End
CustomVM00000170_Start
CustomVM00000171_End
CustomVM00000171_Start
CustomVM00000172_End
CustomVM00000172_Start
CustomVM00000173_End
CustomVM00000173_Start
CustomVM00000174_End
CustomVM00000174_Start
CustomVM00000175_End
CustomVM00000175_Start
CustomVM00000176_End
CustomVM00000176_Start
CustomVM00000177_End
CustomVM00000177_Start
CustomVM00000178_End
CustomVM00000178_Start
CustomVM00000179_End
CustomVM00000179_Start
CustomVM00000180_End
CustomVM00000180_Start
CustomVM00000181_End
CustomVM00000181_Start
CustomVM00000182_End
CustomVM00000182_Start
CustomVM00000183_End
CustomVM00000183_Start
CustomVM00000184_End
CustomVM00000184_Start
CustomVM00000185_End
CustomVM00000185_Start
CustomVM00000186_End
CustomVM00000186_Start
CustomVM00000187_End
CustomVM00000187_Start
CustomVM00000188_End
CustomVM00000188_Start
CustomVM00000189_End
CustomVM00000189_Start
CustomVM00000190_End
CustomVM00000190_Start
CustomVM00000191_End
CustomVM00000191_Start
CustomVM00000192_End
CustomVM00000192_Start
CustomVM00000193_End
CustomVM00000193_Start
CustomVM00000194_End
CustomVM00000194_Start
CustomVM00000195_End
CustomVM00000195_Start
CustomVM00000196_End
CustomVM00000196_Start
CustomVM00000197_End
CustomVM00000197_Start
CustomVM00000198_End
CustomVM00000198_Start
CustomVM00000199_End
CustomVM00000199_Start
CustomVM00000200_End
CustomVM00000200_Start
CustomVM00000201_End
CustomVM00000201_Start
CustomVM00000202_End
CustomVM00000202_Start
CustomVM00000203_End
CustomVM00000203_Start
CustomVM00000204_End
CustomVM00000204_Start
CustomVM00000205_End
CustomVM00000205_Start
CustomVM00000206_End
CustomVM00000206_Start
CustomVM00000207_End
CustomVM00000207_Start
CustomVM00000208_End
CustomVM00000208_Start
CustomVM00000209_End
CustomVM00000209_Start
CustomVM00000210_End
CustomVM00000210_Start
CustomVM00000211_End
CustomVM00000211_Start
CustomVM00000212_End
CustomVM00000212_Start
CustomVM00000213_End
CustomVM00000213_Start
CustomVM00000214_End
CustomVM00000214_Start
CustomVM00000215_End
CustomVM00000215_Start
CustomVM00000216_End
CustomVM00000216_Start
CustomVM00000217_End
CustomVM00000217_Start
CustomVM00000218_End
CustomVM00000218_Start
CustomVM00000219_End
CustomVM00000219_Start
CustomVM00000220_End
CustomVM00000220_Start
CustomVM00000221_End
CustomVM00000221_Start
CustomVM00000222_End
CustomVM00000222_Start
CustomVM00000223_End
CustomVM00000223_Start
CustomVM00000224_End
CustomVM00000224_Start
CustomVM00000225_End
CustomVM00000225_Start
CustomVM00000226_End
CustomVM00000226_Start
CustomVM00000227_End
CustomVM00000227_Start
CustomVM00000228_End
CustomVM00000228_Start
CustomVM00000229_End
CustomVM00000229_Start
CustomVM00000230_End
CustomVM00000230_Start
CustomVM00000231_End
CustomVM00000231_Start
CustomVM00000232_End
CustomVM00000232_Start
CustomVM00000233_End
CustomVM00000233_Start
CustomVM00000234_End
CustomVM00000234_Start
CustomVM00000235_End
CustomVM00000235_Start
CustomVM00000236_End
CustomVM00000236_Start
CustomVM00000237_End
CustomVM00000237_Start
CustomVM00000238_End
CustomVM00000238_Start
CustomVM00000239_End
CustomVM00000239_Start
CustomVM00000240_End
CustomVM00000240_Start
CustomVM00000241_End
CustomVM00000241_Start
CustomVM00000242_End
CustomVM00000242_Start
CustomVM00000243_End
CustomVM00000243_Start
CustomVM00000244_End
CustomVM00000244_Start
CustomVM00000245_End
CustomVM00000245_Start
CustomVM00000246_End
CustomVM00000246_Start
CustomVM00000247_End
CustomVM00000247_Start
CustomVM00000248_End
CustomVM00000248_Start
CustomVM00000249_End
CustomVM00000249_Start
CustomVM00000250_End
CustomVM00000250_Start
CustomVM00000251_End
CustomVM00000251_Start
CustomVM00000252_End
CustomVM00000252_Start
CustomVM00000253_End
CustomVM00000253_Start
CustomVM00000254_End
CustomVM00000254_Start
CustomVM00000255_End
CustomVM00000255_Start
CustomVM00000256_End
CustomVM00000256_Start
CustomVM00000257_End
CustomVM00000257_Start
CustomVM00000258_End
CustomVM00000258_Start
CustomVM00000259_End
CustomVM00000259_Start
CustomVM00000260_End
CustomVM00000260_Start
CustomVM00000261_End
CustomVM00000261_Start
CustomVM00000262_End
CustomVM00000262_Start
CustomVM00000263_End
CustomVM00000263_Start
CustomVM00000264_End
CustomVM00000264_Start
CustomVM00000265_End
CustomVM00000265_Start
CustomVM00000266_End
CustomVM00000266_Start
CustomVM00000267_End
CustomVM00000267_Start
CustomVM00000268_End
CustomVM00000268_Start
CustomVM00000269_End
CustomVM00000269_Start
CustomVM00000270_End
CustomVM00000270_Start
CustomVM00000271_End
CustomVM00000271_Start
CustomVM00000272_End
CustomVM00000272_Start
CustomVM00000273_End
CustomVM00000273_Start
CustomVM00000274_End
CustomVM00000274_Start
CustomVM00000275_End
CustomVM00000275_Start
CustomVM00000276_End
CustomVM00000276_Start
CustomVM00000277_End
CustomVM00000277_Start
CustomVM00000278_End
CustomVM00000278_Start
CustomVM00000279_End
CustomVM00000279_Start
CustomVM00000280_End
CustomVM00000280_Start
CustomVM00000281_End
CustomVM00000281_Start
CustomVM00000282_End
CustomVM00000282_Start
CustomVM00000283_End
CustomVM00000283_Start
CustomVM00000284_End
CustomVM00000284_Start
CustomVM00000285_End
CustomVM00000285_Start
CustomVM00000286_End
CustomVM00000286_Start
CustomVM00000287_End
CustomVM00000287_Start
CustomVM00000288_End
CustomVM00000288_Start
CustomVM00000289_End
CustomVM00000289_Start
CustomVM00000290_End
CustomVM00000290_Start
CustomVM00000291_End
CustomVM00000291_Start
CustomVM00000292_End
CustomVM00000292_Start
CustomVM00000293_End
CustomVM00000293_Start
CustomVM00000294_End
CustomVM00000294_Start
CustomVM00000295_End
CustomVM00000295_Start
CustomVM00000296_End
CustomVM00000296_Start
CustomVM00000297_End
CustomVM00000297_Start
CustomVM00000298_End
CustomVM00000298_Start
CustomVM00000299_End
CustomVM00000299_Start
CustomVM00000300_End
CustomVM00000300_Start
CustomVM00000301_End
CustomVM00000301_Start
CustomVM00000302_End
CustomVM00000302_Start
CustomVM00000303_End
CustomVM00000303_Start
CustomVM00000304_End
CustomVM00000304_Start
CustomVM00000305_End
CustomVM00000305_Start
CustomVM00000306_End
CustomVM00000306_Start
CustomVM00000307_End
CustomVM00000307_Start
CustomVM00000308_End
CustomVM00000308_Start
CustomVM00000309_End
CustomVM00000309_Start
CustomVM00000310_End
CustomVM00000310_Start
CustomVM00000311_End
CustomVM00000311_Start
CustomVM00000312_End
CustomVM00000312_Start
CustomVM00000313_End
CustomVM00000313_Start
CustomVM00000314_End
CustomVM00000314_Start
CustomVM00000315_End
CustomVM00000315_Start
CustomVM00000316_End
CustomVM00000316_Start
CustomVM00000317_End
CustomVM00000317_Start
CustomVM00000318_End
CustomVM00000318_Start
CustomVM00000319_End
CustomVM00000319_Start
CustomVM00000320_End
CustomVM00000320_Start
CustomVM00000321_End
CustomVM00000321_Start
CustomVM00000322_End
CustomVM00000322_Start
CustomVM00000323_End
CustomVM00000323_Start
CustomVM00000324_End
CustomVM00000324_Start
CustomVM00000325_End
CustomVM00000325_Start
CustomVM00000326_End
CustomVM00000326_Start
CustomVM00000327_End
CustomVM00000327_Start
CustomVM00000328_End
CustomVM00000328_Start
CustomVM00000329_End
CustomVM00000329_Start
CustomVM00000330_End
CustomVM00000330_Start
CustomVM00000331_End
CustomVM00000331_Start
CustomVM00000332_End
CustomVM00000332_Start
CustomVM00000333_End
CustomVM00000333_Start
CustomVM00000334_End
CustomVM00000334_Start
CustomVM00000335_End
CustomVM00000335_Start
CustomVM00000336_End
CustomVM00000336_Start
CustomVM00000337_End
CustomVM00000337_Start
CustomVM00000338_End
CustomVM00000338_Start
CustomVM00000339_End
CustomVM00000339_Start
CustomVM00000340_End
CustomVM00000340_Start
CustomVM00000341_End
CustomVM00000341_Start
CustomVM00000342_End
CustomVM00000342_Start
CustomVM00000343_End
CustomVM00000343_Start
CustomVM00000344_End
CustomVM00000344_Start
CustomVM00000345_End
CustomVM00000345_Start
CustomVM00000346_End
CustomVM00000346_Start
CustomVM00000347_End
CustomVM00000347_Start
CustomVM00000348_End
CustomVM00000348_Start
CustomVM00000349_End
CustomVM00000349_Start

Sections

.text
Size: 512B - Virtual size: 19B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Lib/OMF/VirtualizerSDK32.lib
Lib/OMF/VirtualizerSDK64.lib
Lib/VirtualizerSDK32.dll
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CustomVM00000100_End
CustomVM00000100_Start
CustomVM00000101_End
CustomVM00000101_Start
CustomVM00000102_End
CustomVM00000102_Start
CustomVM00000103_End
CustomVM00000103_Start
CustomVM00000104_End
CustomVM00000104_Start
CustomVM00000105_End
CustomVM00000105_Start
CustomVM00000106_End
CustomVM00000106_Start
CustomVM00000107_End
CustomVM00000107_Start
CustomVM00000108_End
CustomVM00000108_Start
CustomVM00000109_End
CustomVM00000109_Start
CustomVM00000110_End
CustomVM00000110_Start
CustomVM00000111_End
CustomVM00000111_Start
CustomVM00000112_End
CustomVM00000112_Start
CustomVM00000113_End
CustomVM00000113_Start
CustomVM00000114_End
CustomVM00000114_Start
CustomVM00000115_End
CustomVM00000115_Start
CustomVM00000116_End
CustomVM00000116_Start
CustomVM00000117_End
CustomVM00000117_Start
CustomVM00000118_End
CustomVM00000118_Start
CustomVM00000119_End
CustomVM00000119_Start
CustomVM00000120_End
CustomVM00000120_Start
CustomVM00000121_End
CustomVM00000121_Start
CustomVM00000122_End
CustomVM00000122_Start
CustomVM00000123_End
CustomVM00000123_Start
CustomVM00000124_End
CustomVM00000124_Start
CustomVM00000125_End
CustomVM00000125_Start
CustomVM00000126_End
CustomVM00000126_Start
CustomVM00000127_End
CustomVM00000127_Start
CustomVM00000128_End
CustomVM00000128_Start
CustomVM00000129_End
CustomVM00000129_Start
CustomVM00000130_End
CustomVM00000130_Start
CustomVM00000131_End
CustomVM00000131_Start
CustomVM00000132_End
CustomVM00000132_Start
CustomVM00000133_End
CustomVM00000133_Start
CustomVM00000134_End
CustomVM00000134_Start
CustomVM00000135_End
CustomVM00000135_Start
CustomVM00000136_End
CustomVM00000136_Start
CustomVM00000137_End
CustomVM00000137_Start
CustomVM00000138_End
CustomVM00000138_Start
CustomVM00000139_End
CustomVM00000139_Start
CustomVM00000140_End
CustomVM00000140_Start
CustomVM00000141_End
CustomVM00000141_Start
CustomVM00000142_End
CustomVM00000142_Start
CustomVM00000143_End
CustomVM00000143_Start
CustomVM00000144_End
CustomVM00000144_Start
CustomVM00000145_End
CustomVM00000145_Start
CustomVM00000146_End
CustomVM00000146_Start
CustomVM00000147_End
CustomVM00000147_Start
CustomVM00000148_End
CustomVM00000148_Start
CustomVM00000149_End
CustomVM00000149_Start
CustomVM00000150_End
CustomVM00000150_Start
CustomVM00000151_End
CustomVM00000151_Start
CustomVM00000152_End
CustomVM00000152_Start
CustomVM00000153_End
CustomVM00000153_Start
CustomVM00000154_End
CustomVM00000154_Start
CustomVM00000155_End
CustomVM00000155_Start
CustomVM00000156_End
CustomVM00000156_Start
CustomVM00000157_End
CustomVM00000157_Start
CustomVM00000158_End
CustomVM00000158_Start
CustomVM00000159_End
CustomVM00000159_Start
CustomVM00000160_End
CustomVM00000160_Start
CustomVM00000161_End
CustomVM00000161_Start
CustomVM00000162_End
CustomVM00000162_Start
CustomVM00000163_End
CustomVM00000163_Start
CustomVM00000164_End
CustomVM00000164_Start
CustomVM00000165_End
CustomVM00000165_Start
CustomVM00000166_End
CustomVM00000166_Start
CustomVM00000167_End
CustomVM00000167_Start
CustomVM00000168_End
CustomVM00000168_Start
CustomVM00000169_End
CustomVM00000169_Start
CustomVM00000170_End
CustomVM00000170_Start
CustomVM00000171_End
CustomVM00000171_Start
CustomVM00000172_End
CustomVM00000172_Start
CustomVM00000173_End
CustomVM00000173_Start
CustomVM00000174_End
CustomVM00000174_Start
CustomVM00000175_End
CustomVM00000175_Start
CustomVM00000176_End
CustomVM00000176_Start
CustomVM00000177_End
CustomVM00000177_Start
CustomVM00000178_End
CustomVM00000178_Start
CustomVM00000179_End
CustomVM00000179_Start
CustomVM00000180_End
CustomVM00000180_Start
CustomVM00000181_End
CustomVM00000181_Start
CustomVM00000182_End
CustomVM00000182_Start
CustomVM00000183_End
CustomVM00000183_Start
CustomVM00000184_End
CustomVM00000184_Start
CustomVM00000185_End
CustomVM00000185_Start
CustomVM00000186_End
CustomVM00000186_Start
CustomVM00000187_End
CustomVM00000187_Start
CustomVM00000188_End
CustomVM00000188_Start
CustomVM00000189_End
CustomVM00000189_Start
CustomVM00000190_End
CustomVM00000190_Start
CustomVM00000191_End
CustomVM00000191_Start
CustomVM00000192_End
CustomVM00000192_Start
CustomVM00000193_End
CustomVM00000193_Start
CustomVM00000194_End
CustomVM00000194_Start
CustomVM00000195_End
CustomVM00000195_Start
CustomVM00000196_End
CustomVM00000196_Start
CustomVM00000197_End
CustomVM00000197_Start
CustomVM00000198_End
CustomVM00000198_Start
CustomVM00000199_End
CustomVM00000199_Start
CustomVM00000200_End
CustomVM00000200_Start
CustomVM00000201_End
CustomVM00000201_Start
CustomVM00000202_End
CustomVM00000202_Start
CustomVM00000203_End
CustomVM00000203_Start
CustomVM00000204_End
CustomVM00000204_Start
CustomVM00000205_End
CustomVM00000205_Start
CustomVM00000206_End
CustomVM00000206_Start
CustomVM00000207_End
CustomVM00000207_Start
CustomVM00000208_End
CustomVM00000208_Start
CustomVM00000209_End
CustomVM00000209_Start
CustomVM00000210_End
CustomVM00000210_Start
CustomVM00000211_End
CustomVM00000211_Start
CustomVM00000212_End
CustomVM00000212_Start
CustomVM00000213_End
CustomVM00000213_Start
CustomVM00000214_End
CustomVM00000214_Start
CustomVM00000215_End
CustomVM00000215_Start
CustomVM00000216_End
CustomVM00000216_Start
CustomVM00000217_End
CustomVM00000217_Start
CustomVM00000218_End
CustomVM00000218_Start
CustomVM00000219_End
CustomVM00000219_Start
CustomVM00000220_End
CustomVM00000220_Start
CustomVM00000221_End
CustomVM00000221_Start
CustomVM00000222_End
CustomVM00000222_Start
CustomVM00000223_End
CustomVM00000223_Start
CustomVM00000224_End
CustomVM00000224_Start
CustomVM00000225_End
CustomVM00000225_Start
CustomVM00000226_End
CustomVM00000226_Start
CustomVM00000227_End
CustomVM00000227_Start
CustomVM00000228_End
CustomVM00000228_Start
CustomVM00000229_End
CustomVM00000229_Start
CustomVM00000230_End
CustomVM00000230_Start
CustomVM00000231_End
CustomVM00000231_Start
CustomVM00000232_End
CustomVM00000232_Start
CustomVM00000233_End
CustomVM00000233_Start
CustomVM00000234_End
CustomVM00000234_Start
CustomVM00000235_End
CustomVM00000235_Start
CustomVM00000236_End
CustomVM00000236_Start
CustomVM00000237_End
CustomVM00000237_Start
CustomVM00000238_End
CustomVM00000238_Start
CustomVM00000239_End
CustomVM00000239_Start
CustomVM00000240_End
CustomVM00000240_Start
CustomVM00000241_End
CustomVM00000241_Start
CustomVM00000242_End
CustomVM00000242_Start
CustomVM00000243_End
CustomVM00000243_Start
CustomVM00000244_End
CustomVM00000244_Start
CustomVM00000245_End
CustomVM00000245_Start
CustomVM00000246_End
CustomVM00000246_Start
CustomVM00000247_End
CustomVM00000247_Start
CustomVM00000248_End
CustomVM00000248_Start
CustomVM00000249_End
CustomVM00000249_Start
CustomVM00000250_End
CustomVM00000250_Start
CustomVM00000251_End
CustomVM00000251_Start
CustomVM00000252_End
CustomVM00000252_Start
CustomVM00000253_End
CustomVM00000253_Start
CustomVM00000254_End
CustomVM00000254_Start
CustomVM00000255_End
CustomVM00000255_Start
CustomVM00000256_End
CustomVM00000256_Start
CustomVM00000257_End
CustomVM00000257_Start
CustomVM00000258_End
CustomVM00000258_Start
CustomVM00000259_End
CustomVM00000259_Start
CustomVM00000260_End
CustomVM00000260_Start
CustomVM00000261_End
CustomVM00000261_Start
CustomVM00000262_End
CustomVM00000262_Start
CustomVM00000263_End
CustomVM00000263_Start
CustomVM00000264_End
CustomVM00000264_Start
CustomVM00000265_End
CustomVM00000265_Start
CustomVM00000266_End
CustomVM00000266_Start
CustomVM00000267_End
CustomVM00000267_Start
CustomVM00000268_End
CustomVM00000268_Start
CustomVM00000269_End
CustomVM00000269_Start
CustomVM00000270_End
CustomVM00000270_Start
CustomVM00000271_End
CustomVM00000271_Start
CustomVM00000272_End
CustomVM00000272_Start
CustomVM00000273_End
CustomVM00000273_Start
CustomVM00000274_End
CustomVM00000274_Start
CustomVM00000275_End
CustomVM00000275_Start
CustomVM00000276_End
CustomVM00000276_Start
CustomVM00000277_End
CustomVM00000277_Start
CustomVM00000278_End
CustomVM00000278_Start
CustomVM00000279_End
CustomVM00000279_Start
CustomVM00000280_End
CustomVM00000280_Start
CustomVM00000281_End
CustomVM00000281_Start
CustomVM00000282_End
CustomVM00000282_Start
CustomVM00000283_End
CustomVM00000283_Start
CustomVM00000284_End
CustomVM00000284_Start
CustomVM00000285_End
CustomVM00000285_Start
CustomVM00000286_End
CustomVM00000286_Start
CustomVM00000287_End
CustomVM00000287_Start
CustomVM00000288_End
CustomVM00000288_Start
CustomVM00000289_End
CustomVM00000289_Start
CustomVM00000290_End
CustomVM00000290_Start
CustomVM00000291_End
CustomVM00000291_Start
CustomVM00000292_End
CustomVM00000292_Start
CustomVM00000293_End
CustomVM00000293_Start
CustomVM00000294_End
CustomVM00000294_Start
CustomVM00000295_End
CustomVM00000295_Start
CustomVM00000296_End
CustomVM00000296_Start
CustomVM00000297_End
CustomVM00000297_Start
CustomVM00000298_End
CustomVM00000298_Start
CustomVM00000299_End
CustomVM00000299_Start
CustomVM00000300_End
CustomVM00000300_Start
CustomVM00000301_End
CustomVM00000301_Start
CustomVM00000302_End
CustomVM00000302_Start
CustomVM00000303_End
CustomVM00000303_Start
CustomVM00000304_End
CustomVM00000304_Start
CustomVM00000305_End
CustomVM00000305_Start
CustomVM00000306_End
CustomVM00000306_Start
CustomVM00000307_End
CustomVM00000307_Start
CustomVM00000308_End
CustomVM00000308_Start
CustomVM00000309_End
CustomVM00000309_Start
CustomVM00000310_End
CustomVM00000310_Start
CustomVM00000311_End
CustomVM00000311_Start
CustomVM00000312_End
CustomVM00000312_Start
CustomVM00000313_End
CustomVM00000313_Start
CustomVM00000314_End
CustomVM00000314_Start
CustomVM00000315_End
CustomVM00000315_Start
CustomVM00000316_End
CustomVM00000316_Start
CustomVM00000317_End
CustomVM00000317_Start
CustomVM00000318_End
CustomVM00000318_Start
CustomVM00000319_End
CustomVM00000319_Start
CustomVM00000320_End
CustomVM00000320_Start
CustomVM00000321_End
CustomVM00000321_Start
CustomVM00000322_End
CustomVM00000322_Start
CustomVM00000323_End
CustomVM00000323_Start
CustomVM00000324_End
CustomVM00000324_Start
CustomVM00000325_End
CustomVM00000325_Start
CustomVM00000326_End
CustomVM00000326_Start
CustomVM00000327_End
CustomVM00000327_Start
CustomVM00000328_End
CustomVM00000328_Start
CustomVM00000329_End
CustomVM00000329_Start
CustomVM00000330_End
CustomVM00000330_Start
CustomVM00000331_End
CustomVM00000331_Start
CustomVM00000332_End
CustomVM00000332_Start
CustomVM00000333_End
CustomVM00000333_Start
CustomVM00000334_End
CustomVM00000334_Start
CustomVM00000335_End
CustomVM00000335_Start
CustomVM00000336_End
CustomVM00000336_Start
CustomVM00000337_End
CustomVM00000337_Start
CustomVM00000338_End
CustomVM00000338_Start
CustomVM00000339_End
CustomVM00000339_Start
CustomVM00000340_End
CustomVM00000340_Start
CustomVM00000341_End
CustomVM00000341_Start
CustomVM00000342_End
CustomVM00000342_Start
CustomVM00000343_End
CustomVM00000343_Start
CustomVM00000344_End
CustomVM00000344_Start
CustomVM00000345_End
CustomVM00000345_Start
CustomVM00000346_End
CustomVM00000346_Start
CustomVM00000347_End
CustomVM00000347_Start
CustomVM00000348_End
CustomVM00000348_Start
CustomVM00000349_End
CustomVM00000349_Start

Sections

.text
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Lib/VirtualizerSDK64.dll
.dll windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CustomVM00000100_End
CustomVM00000100_Start
CustomVM00000101_End
CustomVM00000101_Start
CustomVM00000102_End
CustomVM00000102_Start
CustomVM00000103_End
CustomVM00000103_Start
CustomVM00000104_End
CustomVM00000104_Start
CustomVM00000105_End
CustomVM00000105_Start
CustomVM00000106_End
CustomVM00000106_Start
CustomVM00000107_End
CustomVM00000107_Start
CustomVM00000108_End
CustomVM00000108_Start
CustomVM00000109_End
CustomVM00000109_Start
CustomVM00000110_End
CustomVM00000110_Start
CustomVM00000111_End
CustomVM00000111_Start
CustomVM00000112_End
CustomVM00000112_Start
CustomVM00000113_End
CustomVM00000113_Start
CustomVM00000114_End
CustomVM00000114_Start
CustomVM00000115_End
CustomVM00000115_Start
CustomVM00000116_End
CustomVM00000116_Start
CustomVM00000117_End
CustomVM00000117_Start
CustomVM00000118_End
CustomVM00000118_Start
CustomVM00000119_End
CustomVM00000119_Start
CustomVM00000120_End
CustomVM00000120_Start
CustomVM00000121_End
CustomVM00000121_Start
CustomVM00000122_End
CustomVM00000122_Start
CustomVM00000123_End
CustomVM00000123_Start
CustomVM00000124_End
CustomVM00000124_Start
CustomVM00000125_End
CustomVM00000125_Start
CustomVM00000126_End
CustomVM00000126_Start
CustomVM00000127_End
CustomVM00000127_Start
CustomVM00000128_End
CustomVM00000128_Start
CustomVM00000129_End
CustomVM00000129_Start
CustomVM00000130_End
CustomVM00000130_Start
CustomVM00000131_End
CustomVM00000131_Start
CustomVM00000132_End
CustomVM00000132_Start
CustomVM00000133_End
CustomVM00000133_Start
CustomVM00000134_End
CustomVM00000134_Start
CustomVM00000135_End
CustomVM00000135_Start
CustomVM00000136_End
CustomVM00000136_Start
CustomVM00000137_End
CustomVM00000137_Start
CustomVM00000138_End
CustomVM00000138_Start
CustomVM00000139_End
CustomVM00000139_Start
CustomVM00000140_End
CustomVM00000140_Start
CustomVM00000141_End
CustomVM00000141_Start
CustomVM00000142_End
CustomVM00000142_Start
CustomVM00000143_End
CustomVM00000143_Start
CustomVM00000144_End
CustomVM00000144_Start
CustomVM00000145_End
CustomVM00000145_Start
CustomVM00000146_End
CustomVM00000146_Start
CustomVM00000147_End
CustomVM00000147_Start
CustomVM00000148_End
CustomVM00000148_Start
CustomVM00000149_End
CustomVM00000149_Start
CustomVM00000150_End
CustomVM00000150_Start
CustomVM00000151_End
CustomVM00000151_Start
CustomVM00000152_End
CustomVM00000152_Start
CustomVM00000153_End
CustomVM00000153_Start
CustomVM00000154_End
CustomVM00000154_Start
CustomVM00000155_End
CustomVM00000155_Start
CustomVM00000156_End
CustomVM00000156_Start
CustomVM00000157_End
CustomVM00000157_Start
CustomVM00000158_End
CustomVM00000158_Start
CustomVM00000159_End
CustomVM00000159_Start
CustomVM00000160_End
CustomVM00000160_Start
CustomVM00000161_End
CustomVM00000161_Start
CustomVM00000162_End
CustomVM00000162_Start
CustomVM00000163_End
CustomVM00000163_Start
CustomVM00000164_End
CustomVM00000164_Start
CustomVM00000165_End
CustomVM00000165_Start
CustomVM00000166_End
CustomVM00000166_Start
CustomVM00000167_End
CustomVM00000167_Start
CustomVM00000168_End
CustomVM00000168_Start
CustomVM00000169_End
CustomVM00000169_Start
CustomVM00000170_End
CustomVM00000170_Start
CustomVM00000171_End
CustomVM00000171_Start
CustomVM00000172_End
CustomVM00000172_Start
CustomVM00000173_End
CustomVM00000173_Start
CustomVM00000174_End
CustomVM00000174_Start
CustomVM00000175_End
CustomVM00000175_Start
CustomVM00000176_End
CustomVM00000176_Start
CustomVM00000177_End
CustomVM00000177_Start
CustomVM00000178_End
CustomVM00000178_Start
CustomVM00000179_End
CustomVM00000179_Start
CustomVM00000180_End
CustomVM00000180_Start
CustomVM00000181_End
CustomVM00000181_Start
CustomVM00000182_End
CustomVM00000182_Start
CustomVM00000183_End
CustomVM00000183_Start
CustomVM00000184_End
CustomVM00000184_Start
CustomVM00000185_End
CustomVM00000185_Start
CustomVM00000186_End
CustomVM00000186_Start
CustomVM00000187_End
CustomVM00000187_Start
CustomVM00000188_End
CustomVM00000188_Start
CustomVM00000189_End
CustomVM00000189_Start
CustomVM00000190_End
CustomVM00000190_Start
CustomVM00000191_End
CustomVM00000191_Start
CustomVM00000192_End
CustomVM00000192_Start
CustomVM00000193_End
CustomVM00000193_Start
CustomVM00000194_End
CustomVM00000194_Start
CustomVM00000195_End
CustomVM00000195_Start
CustomVM00000196_End
CustomVM00000196_Start
CustomVM00000197_End
CustomVM00000197_Start
CustomVM00000198_End
CustomVM00000198_Start
CustomVM00000199_End
CustomVM00000199_Start
CustomVM00000200_End
CustomVM00000200_Start
CustomVM00000201_End
CustomVM00000201_Start
CustomVM00000202_End
CustomVM00000202_Start
CustomVM00000203_End
CustomVM00000203_Start
CustomVM00000204_End
CustomVM00000204_Start
CustomVM00000205_End
CustomVM00000205_Start
CustomVM00000206_End
CustomVM00000206_Start
CustomVM00000207_End
CustomVM00000207_Start
CustomVM00000208_End
CustomVM00000208_Start
CustomVM00000209_End
CustomVM00000209_Start
CustomVM00000210_End
CustomVM00000210_Start
CustomVM00000211_End
CustomVM00000211_Start
CustomVM00000212_End
CustomVM00000212_Start
CustomVM00000213_End
CustomVM00000213_Start
CustomVM00000214_End
CustomVM00000214_Start
CustomVM00000215_End
CustomVM00000215_Start
CustomVM00000216_End
CustomVM00000216_Start
CustomVM00000217_End
CustomVM00000217_Start
CustomVM00000218_End
CustomVM00000218_Start
CustomVM00000219_End
CustomVM00000219_Start
CustomVM00000220_End
CustomVM00000220_Start
CustomVM00000221_End
CustomVM00000221_Start
CustomVM00000222_End
CustomVM00000222_Start
CustomVM00000223_End
CustomVM00000223_Start
CustomVM00000224_End
CustomVM00000224_Start
CustomVM00000225_End
CustomVM00000225_Start
CustomVM00000226_End
CustomVM00000226_Start
CustomVM00000227_End
CustomVM00000227_Start
CustomVM00000228_End
CustomVM00000228_Start
CustomVM00000229_End
CustomVM00000229_Start
CustomVM00000230_End
CustomVM00000230_Start
CustomVM00000231_End
CustomVM00000231_Start
CustomVM00000232_End
CustomVM00000232_Start
CustomVM00000233_End
CustomVM00000233_Start
CustomVM00000234_End
CustomVM00000234_Start
CustomVM00000235_End
CustomVM00000235_Start
CustomVM00000236_End
CustomVM00000236_Start
CustomVM00000237_End
CustomVM00000237_Start
CustomVM00000238_End
CustomVM00000238_Start
CustomVM00000239_End
CustomVM00000239_Start
CustomVM00000240_End
CustomVM00000240_Start
CustomVM00000241_End
CustomVM00000241_Start
CustomVM00000242_End
CustomVM00000242_Start
CustomVM00000243_End
CustomVM00000243_Start
CustomVM00000244_End
CustomVM00000244_Start
CustomVM00000245_End
CustomVM00000245_Start
CustomVM00000246_End
CustomVM00000246_Start
CustomVM00000247_End
CustomVM00000247_Start
CustomVM00000248_End
CustomVM00000248_Start
CustomVM00000249_End
CustomVM00000249_Start
CustomVM00000250_End
CustomVM00000250_Start
CustomVM00000251_End
CustomVM00000251_Start
CustomVM00000252_End
CustomVM00000252_Start
CustomVM00000253_End
CustomVM00000253_Start
CustomVM00000254_End
CustomVM00000254_Start
CustomVM00000255_End
CustomVM00000255_Start
CustomVM00000256_End
CustomVM00000256_Start
CustomVM00000257_End
CustomVM00000257_Start
CustomVM00000258_End
CustomVM00000258_Start
CustomVM00000259_End
CustomVM00000259_Start
CustomVM00000260_End
CustomVM00000260_Start
CustomVM00000261_End
CustomVM00000261_Start
CustomVM00000262_End
CustomVM00000262_Start
CustomVM00000263_End
CustomVM00000263_Start
CustomVM00000264_End
CustomVM00000264_Start
CustomVM00000265_End
CustomVM00000265_Start
CustomVM00000266_End
CustomVM00000266_Start
CustomVM00000267_End
CustomVM00000267_Start
CustomVM00000268_End
CustomVM00000268_Start
CustomVM00000269_End
CustomVM00000269_Start
CustomVM00000270_End
CustomVM00000270_Start
CustomVM00000271_End
CustomVM00000271_Start
CustomVM00000272_End
CustomVM00000272_Start
CustomVM00000273_End
CustomVM00000273_Start
CustomVM00000274_End
CustomVM00000274_Start
CustomVM00000275_End
CustomVM00000275_Start
CustomVM00000276_End
CustomVM00000276_Start
CustomVM00000277_End
CustomVM00000277_Start
CustomVM00000278_End
CustomVM00000278_Start
CustomVM00000279_End
CustomVM00000279_Start
CustomVM00000280_End
CustomVM00000280_Start
CustomVM00000281_End
CustomVM00000281_Start
CustomVM00000282_End
CustomVM00000282_Start
CustomVM00000283_End
CustomVM00000283_Start
CustomVM00000284_End
CustomVM00000284_Start
CustomVM00000285_End
CustomVM00000285_Start
CustomVM00000286_End
CustomVM00000286_Start
CustomVM00000287_End
CustomVM00000287_Start
CustomVM00000288_End
CustomVM00000288_Start
CustomVM00000289_End
CustomVM00000289_Start
CustomVM00000290_End
CustomVM00000290_Start
CustomVM00000291_End
CustomVM00000291_Start
CustomVM00000292_End
CustomVM00000292_Start
CustomVM00000293_End
CustomVM00000293_Start
CustomVM00000294_End
CustomVM00000294_Start
CustomVM00000295_End
CustomVM00000295_Start
CustomVM00000296_End
CustomVM00000296_Start
CustomVM00000297_End
CustomVM00000297_Start
CustomVM00000298_End
CustomVM00000298_Start
CustomVM00000299_End
CustomVM00000299_Start
CustomVM00000300_End
CustomVM00000300_Start
CustomVM00000301_End
CustomVM00000301_Start
CustomVM00000302_End
CustomVM00000302_Start
CustomVM00000303_End
CustomVM00000303_Start
CustomVM00000304_End
CustomVM00000304_Start
CustomVM00000305_End
CustomVM00000305_Start
CustomVM00000306_End
CustomVM00000306_Start
CustomVM00000307_End
CustomVM00000307_Start
CustomVM00000308_End
CustomVM00000308_Start
CustomVM00000309_End
CustomVM00000309_Start
CustomVM00000310_End
CustomVM00000310_Start
CustomVM00000311_End
CustomVM00000311_Start
CustomVM00000312_End
CustomVM00000312_Start
CustomVM00000313_End
CustomVM00000313_Start
CustomVM00000314_End
CustomVM00000314_Start
CustomVM00000315_End
CustomVM00000315_Start
CustomVM00000316_End
CustomVM00000316_Start
CustomVM00000317_End
CustomVM00000317_Start
CustomVM00000318_End
CustomVM00000318_Start
CustomVM00000319_End
CustomVM00000319_Start
CustomVM00000320_End
CustomVM00000320_Start
CustomVM00000321_End
CustomVM00000321_Start
CustomVM00000322_End
CustomVM00000322_Start
CustomVM00000323_End
CustomVM00000323_Start
CustomVM00000324_End
CustomVM00000324_Start
CustomVM00000325_End
CustomVM00000325_Start
CustomVM00000326_End
CustomVM00000326_Start
CustomVM00000327_End
CustomVM00000327_Start
CustomVM00000328_End
CustomVM00000328_Start
CustomVM00000329_End
CustomVM00000329_Start
CustomVM00000330_End
CustomVM00000330_Start
CustomVM00000331_End
CustomVM00000331_Start
CustomVM00000332_End
CustomVM00000332_Start
CustomVM00000333_End
CustomVM00000333_Start
CustomVM00000334_End
CustomVM00000334_Start
CustomVM00000335_End
CustomVM00000335_Start
CustomVM00000336_End
CustomVM00000336_Start
CustomVM00000337_End
CustomVM00000337_Start
CustomVM00000338_End
CustomVM00000338_Start
CustomVM00000339_End
CustomVM00000339_Start
CustomVM00000340_End
CustomVM00000340_Start
CustomVM00000341_End
CustomVM00000341_Start
CustomVM00000342_End
CustomVM00000342_Start
CustomVM00000343_End
CustomVM00000343_Start
CustomVM00000344_End
CustomVM00000344_Start
CustomVM00000345_End
CustomVM00000345_Start
CustomVM00000346_End
CustomVM00000346_Start
CustomVM00000347_End
CustomVM00000347_Start
CustomVM00000348_End
CustomVM00000348_Start
CustomVM00000349_End
CustomVM00000349_Start

Sections

.text
Size: 1024B - Virtual size: 810B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProtectionFinishes.wav
StealthMode/ASM/StealthMode.asm
StealthMode/C/Readme.txt
StealthMode/C/StealthCODEarea/Example_StealthInCODEsection.c
StealthMode/C/StealthCODEarea/Readme.txt
StealthMode/C/StealthCODEarea/StealthCodeArea.h
StealthMode/C/StealthCODEarea/StealthCodeArea_Max.h
StealthMode/C/StealthDATAarea/Example_StealthInDATAsection.c
StealthMode/C/StealthDATAarea/Readme.txt
StealthMode/C/StealthDATAarea/StealthDataArea.h
StealthMode/Delphi/Readme.txt
StealthMode/Delphi/StealthArea_Chunk.inc
StealthMode/Delphi/StealthArea_End.inc
StealthMode/Delphi/StealthArea_Start.inc
StealthMode/Delphi/StealthAuxFunction.inc
StealthMode/Device Drivers/How to add ASM files in your Solution.pdf
.pdf
StealthMode/Device Drivers/StealthMode.asm
StealthMode/PureBasic/Example.pb
StealthMode/PureBasic/Readme.txt
StealthMode/PureBasic/StealthCodeArea.pbi
Virtualizer.exe
.exe windows:4 windows x86 arch:x86

b1e9998745df82818b92e921a2a75e35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcessHeap
GetVersionExA
HeapAlloc
GetModuleHandleA
LoadLibraryA
VirtualAlloc
VirtualFree
GetCurrentThreadId
GetCommandLineA
HeapFree
FreeLibrary

user32

MessageBoxA

imm32

ImmSetCompositionWindow

comctl32

ImageList_EndDrag

Exports

Exports

madTraceProcess

Sections

Size: 1.3MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 837KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ylwdwyqa
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rekfzntj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rekfzntj
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Virtualizer.ini
custom_vms/public/dolphin32_black.vm
custom_vms/public/dolphin32_red.vm
custom_vms/public/dolphin32_white.vm
custom_vms/public/dolphin64_black.vm
custom_vms/public/dolphin64_red.vm
custom_vms/public/dolphin64_white.vm
custom_vms/public/eagle32_black.vm
custom_vms/public/eagle32_red.vm
custom_vms/public/eagle32_white.vm
custom_vms/public/eagle64_black.vm
custom_vms/public/eagle64_red.vm
custom_vms/public/eagle64_white.vm
custom_vms/public/fish32_black.vm
custom_vms/public/fish32_red.vm
custom_vms/public/fish32_white.vm
custom_vms/public/fish64_black.vm
custom_vms/public/fish64_red.vm
custom_vms/public/fish64_white.vm
custom_vms/public/puma32_black.vm
custom_vms/public/puma32_red.vm
custom_vms/public/puma32_white.vm
custom_vms/public/puma64_black.vm
custom_vms/public/puma64_red.vm
custom_vms/public/puma64_white.vm
custom_vms/public/shark32_black.vm
custom_vms/public/shark32_red.vm
custom_vms/public/shark32_white.vm
custom_vms/public/shark64_black.vm
custom_vms/public/shark64_red.vm
custom_vms/public/shark64_white.vm
custom_vms/public/tiger32_black.vm
custom_vms/public/tiger32_red.vm
custom_vms/public/tiger32_white.vm
custom_vms/public/tiger64_black.vm
custom_vms/public/tiger64_red.vm
custom_vms/public/tiger64_white.vm
languages/Greek.lng
languages/Lithuanian.lng
languages/Portuguese.lng
languages/Romanian.lng
languages/Russian.lng
languages/arabic.lng
languages/bulgarian.lng
languages/french.lng
languages/german.lng
languages/simple_chinese.lng
languages/spanish.lng

Sharing

General

Malware Config

Signatures

Files

8e909836e7f5caeebdfc3437f3cfe2da

Headers

File Characteristics

Imports

kernel32

user32

virtualizersdk32

Sections

.text Size: 512B - Virtual size: 114B

.rdata Size: 512B - Virtual size: 220B

.data Size: 512B - Virtual size: 215B

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 512B - Virtual size: 27B

.rdata Size: 512B - Virtual size: 485B

.reloc Size: 512B - Virtual size: 12B

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 512B - Virtual size: 148B

.rdata Size: 512B - Virtual size: 146B

.data Size: 512B - Virtual size: 215B

Headers

File Characteristics

Sections

CODE Size: 311KB - Virtual size: 312KB

DATA Size: 4KB - Virtual size: 8KB

BSS Size: - Virtual size: 4KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 28KB

.v-lizer Size: 36KB - Virtual size: 36KB

cd4d4533455ee06d3d9ccd3f8908fc81

Headers

DLL Characteristics

File Characteristics

Imports

ntoskrnl.exe

Exports

Exports

Sections

.text Size: 512B - Virtual size: 19B

.rdata Size: 512B - Virtual size: 126B

.data Size: 512B - Virtual size: 8B

.edata Size: 26KB - Virtual size: 25KB

INIT Size: 512B - Virtual size: 152B

.reloc Size: 512B - Virtual size: 132B

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 512B - Virtual size: 19B

.rdata Size: 512B - Virtual size: 116B

.data Size: 512B - Virtual size: 272B

.edata Size: 26KB - Virtual size: 25KB

INIT Size: 512B - Virtual size: 142B

Headers

DLL Characteristics

File Characteristics

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 816B

.rdata Size: 25KB - Virtual size: 25KB

Headers

File Characteristics

Exports

.text
Size: 512B - Virtual size: 114B

.rdata
Size: 512B - Virtual size: 220B

.data
Size: 512B - Virtual size: 215B

.text
Size: 512B - Virtual size: 27B

.rdata
Size: 512B - Virtual size: 485B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 512B - Virtual size: 148B

.rdata
Size: 512B - Virtual size: 146B

.data
Size: 512B - Virtual size: 215B

CODE
Size: 311KB - Virtual size: 312KB

DATA
Size: 4KB - Virtual size: 8KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 28KB

.v-lizer
Size: 36KB - Virtual size: 36KB

.text
Size: 512B - Virtual size: 19B

.rdata
Size: 512B - Virtual size: 126B

.data
Size: 512B - Virtual size: 8B

.edata
Size: 26KB - Virtual size: 25KB

INIT
Size: 512B - Virtual size: 152B

.reloc
Size: 512B - Virtual size: 132B

.text
Size: 512B - Virtual size: 19B

.rdata
Size: 512B - Virtual size: 116B

.data
Size: 512B - Virtual size: 272B

.edata
Size: 26KB - Virtual size: 25KB

INIT
Size: 512B - Virtual size: 142B

.text
Size: 1024B - Virtual size: 816B

.rdata
Size: 25KB - Virtual size: 25KB

.text
Size: 1024B - Virtual size: 810B

.rdata
Size: 26KB - Virtual size: 25KB

.rsrc
Size: 837KB - Virtual size: 1.6MB

.idata
Size: 1024B - Virtual size: 4KB

ylwdwyqa
Size: 8.5MB - Virtual size: 8.5MB

rekfzntj
Size: 512B - Virtual size: 4KB

rekfzntj
Size: 3KB - Virtual size: 4KB