get_module
Overview
overview
10Static
static
7MyMalwareD...og.exe
windows7-x64
7MyMalwareD...og.exe
windows10-2004-x64
7$1/1337/Frog.exe
windows7-x64
3$1/1337/Frog.exe
windows10-2004-x64
3$1/1337/php5ts.dll
windows7-x64
1$1/1337/php5ts.dll
windows10-2004-x64
1$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3MyMalwareD...ry.exe
windows7-x64
1MyMalwareD...ry.exe
windows10-2004-x64
1MyMalwareD...1).exe
windows7-x64
7MyMalwareD...1).exe
windows10-2004-x64
7MyMalwareD...ge.exe
windows7-x64
1MyMalwareD...ge.exe
windows10-2004-x64
1MyMalwareD...64.exe
windows7-x64
1MyMalwareD...64.exe
windows10-2004-x64
1MyMalwareD...re.exe
windows7-x64
10MyMalwareD...re.exe
windows10-2004-x64
10MyMalwareD...ck.bat
windows7-x64
1MyMalwareD...ck.bat
windows10-2004-x64
1MyMalwareD...1).exe
windows7-x64
1MyMalwareD...1).exe
windows10-2004-x64
MyMalwareD...1).exe
windows7-x64
8MyMalwareD...1).exe
windows10-2004-x64
8MyMalwareD...rn.exe
windows7-x64
3MyMalwareD...rn.exe
windows10-2004-x64
3Sulfoxide/...de.exe
windows7-x64
Sulfoxide/...de.exe
windows10-2004-x64
Sulfoxide/...es.exe
windows7-x64
Sulfoxide/...es.exe
windows10-2004-x64
Sulfoxide/...64.exe
windows7-x64
7Sulfoxide/...64.exe
windows10-2004-x64
7Behavioral task
behavioral1
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Frog.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Frog.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral3
Sample
$1/1337/Frog.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
$1/1337/Frog.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral5
Sample
$1/1337/php5ts.dll
Resource
win7-20240221-en
Behavioral task
behavioral6
Sample
$1/1337/php5ts.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral7
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
Behavioral task
behavioral8
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240226-en
Behavioral task
behavioral9
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/GonnaCry/GonnaCry.exe
Resource
win7-20240221-en
Behavioral task
behavioral10
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/GonnaCry/GonnaCry.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral11
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Hydromatic (1).exe
Resource
win7-20240221-en
Behavioral task
behavioral12
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Hydromatic (1).exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral13
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Losange/Losange.exe
Resource
win7-20240221-en
Behavioral task
behavioral14
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Losange/Losange.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral15
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Monoxidex64.exe
Resource
win7-20240221-en
Behavioral task
behavioral16
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Monoxidex64.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral17
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/NightMare.exe
Resource
win7-20240220-en
Behavioral task
behavioral18
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/NightMare.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral19
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/REGFuck.bat
Resource
win7-20240221-en
Behavioral task
behavioral20
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/REGFuck.bat
Resource
win10v2004-20240226-en
Behavioral task
behavioral21
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/NoEscape (1).exe
Resource
win7-20240221-en
Behavioral task
behavioral22
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/NoEscape (1).exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral23
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Protactinium (1).exe
Resource
win7-20240221-en
Behavioral task
behavioral24
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Protactinium (1).exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral25
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Saturn.exe
Resource
win7-20240221-en
Behavioral task
behavioral26
Sample
MyMalwareDatabase-main/MyMalwareDatabase-main/Saturn.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral27
Sample
Sulfoxide/Sulfoxide.exe
Resource
win7-20240215-en
Behavioral task
behavioral28
Sample
Sulfoxide/Sulfoxide.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral29
Sample
Sulfoxide/Sulfoxide_fixes.exe
Resource
win7-20240221-en
Behavioral task
behavioral30
Sample
Sulfoxide/Sulfoxide_fixes.exe
Resource
win10v2004-20240226-en
Behavioral task
behavioral31
Sample
Sulfoxide/vcredist_x64.exe
Resource
win7-20240221-en
Behavioral task
behavioral32
Sample
Sulfoxide/vcredist_x64.exe
Resource
win10v2004-20240226-en
General
-
Target
MyMalwareDatabase-main (1).zip
-
Size
13.7MB
-
MD5
b1d4b57a053e0d923453e4707b4d8281
-
SHA1
b9c47f21d63493206a9e95d894bf10f7c12fe3b6
-
SHA256
d9a8b6007b6a59cf3a03d2fe52fe0e9b5e718e4c74c15f788d8ee2132bd083ea
-
SHA512
0cf50619faee2854f9bce04a26e9f6f991218d6853e486166614558a31b69d806e93b0a434c9328963ee365e8dd018333391ae8d1136817e5f65e0a0a1b4c9b7
-
SSDEEP
393216:ohvzeeqJP1yxHXqAKt2OqRAwclWntNNGs31WT:oI9jyNbmdRbWtrUT
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Hydromatic (1).exe upx -
Unsigned PE 19 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Frog.exe unpack002/$1/1337/Frog.exe unpack002/$1/1337/php5ts.dll unpack002/$PLUGINSDIR/System.dll unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/GonnaCry/GonnaCry.exe unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Hydromatic (1).exe unpack003/out.upx unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Losange/Losange.exe unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Monoxidex64.exe.vir unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/NightMare.exe unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/NoEscape (1).exe unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Protactinium (1).exe unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Saturn.exe unpack004/Sulfoxide/Sulfoxide.exe unpack004/Sulfoxide/Sulfoxide_fixes.exe unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Tera Bonus.exe unpack007/Automatic_converter_rff_to_mp4.exe unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Worm Locker2.0(ransomware)/Automatic_converter_rff_to_mp4.exe unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/uff.exe -
NSIS installer 2 IoCs
Processes:
resource yara_rule static1/unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Frog.exe nsis_installer_1 static1/unpack001/MyMalwareDatabase-main/MyMalwareDatabase-main/Frog.exe nsis_installer_2
Files
-
MyMalwareDatabase-main (1).zip.zip
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Frog.exe.exe windows:4 windows x86 arch:x86
4f67aeda01a0484282e8c59006b0b352
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CopyFileA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetFileAttributesA
SetFileAttributesA
ExitProcess
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
GetCurrentProcess
GetFullPathNameA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
CloseHandle
SetCurrentDirectoryA
MoveFileA
CompareFileTime
GetShortPathNameA
SearchPathA
lstrcmpiA
SetFileTime
lstrcmpA
ExpandEnvironmentStringsA
lstrcpynA
SetErrorMode
GlobalFree
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
user32
ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA
gdi32
SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor
shell32
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
advapi32
RegDeleteKeyA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA
comctl32
ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17
ole32
OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance
Sections
.text Size: 23KB - Virtual size: 23KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 106KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 32KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 109KB - Virtual size: 109KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$1/1337/Frog.exe.exe windows:4 windows x86 arch:x86
b0ee5f3ba44c825e73d37304e54fc889
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
oleaut32
SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit
advapi32
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegUnLoadKeyA
RegSetValueExA
RegSaveKeyA
RegRestoreKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegLoadKeyA
RegFlushKey
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
user32
GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
mouse_event
keybd_event
WindowFromPoint
WaitMessage
VkKeyScanA
ValidateRect
UpdateWindow
UnregisterHotKey
UnregisterClassA
UnionRect
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
TrackMouseEvent
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
ShowCaret
SetWindowRgn
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRectEmpty
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetKeyboardState
SetForegroundWindow
SetFocus
SetCursorPos
SetCursor
SetClipboardData
SetClassLongA
SetCaretPos
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
SendDlgItemMessageA
ScrollWindowEx
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterHotKey
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageW
PeekMessageA
OpenClipboard
OffsetRect
OemToCharA
MsgWaitForMultipleObjects
MessageBoxA
MessageBeep
MapWindowPoints
MapVirtualKeyA
LockWindowUpdate
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsClipboardFormatAvailable
IsChild
IsCharAlphaNumericA
IsCharAlphaA
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
HideCaret
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetUpdateRect
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessageTime
GetMessagePos
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDoubleClickTime
GetDlgItem
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoA
GetCaretPos
GetCapture
GetAsyncKeyState
GetActiveWindow
FrameRect
FindWindowA
FillRect
ExitWindowsEx
EqualRect
EnumWindows
EnumThreadWindows
EnumClipboardFormats
EnumChildWindows
EndPaint
EndDeferWindowPos
EnableWindow
EnableScrollBar
EnableMenuItem
EmptyClipboard
DrawTextExW
DrawTextExA
DrawTextW
DrawTextA
DrawStateA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DestroyCaret
DeleteMenu
DeferWindowPos
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
CreateCaret
CopyImage
CloseClipboard
ClipCursor
ClientToScreen
ChildWindowFromPoint
CheckMenuItem
CallWindowProcA
CallNextHookEx
BringWindowToTop
BeginPaint
BeginDeferWindowPos
CharNextA
CharLowerBuffA
CharLowerA
CharUpperBuffA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout
wvsprintfA
kernel32
GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrlenA
lstrcpyA
lstrcmpA
WriteFile
WaitForSingleObject
VirtualQuery
VirtualAlloc
TerminateProcess
SuspendThread
Sleep
SizeofResource
SetThreadPriority
SetThreadLocale
SetSystemPowerState
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
SetCurrentDirectoryA
ResumeThread
ResetEvent
ReadFile
OpenProcess
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalUnlock
GlobalSize
GlobalHandle
GlobalLock
GlobalFree
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetVersionExA
GetVersion
GetTickCount
GetThreadPriority
GetThreadLocale
GetTempPathA
GetSystemInfo
GetStdHandle
GetProfileStringA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileAttributesA
GetExitCodeThread
GetExitCodeProcess
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToLocalFileTime
FileTimeToDosDateTime
ExitProcess
EnumCalendarInfoA
EnterCriticalSection
DeleteCriticalSection
CreateThread
CreateProcessA
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringW
CompareStringA
CloseHandle
Sleep
SystemTimeToTzSpecificLocalTime
MulDiv
msimg32
GradientFill
gdi32
UnrealizeObject
TextOutA
StretchDIBits
StretchBlt
StartPage
StartDocA
SetWindowOrgEx
SetWindowExtEx
SetWinMetaFileBits
SetViewportOrgEx
SetViewportExtEx
SetTextCharacterExtra
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetPaletteEntries
SetMapMode
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SetAbortProc
SelectPalette
SelectObject
SelectClipRgn
SelectClipPath
SaveDC
RoundRect
RestoreDC
ResizePalette
RemoveFontResourceA
Rectangle
RectVisible
RealizePalette
Polyline
Polygon
PolyPolyline
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPointA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectType
GetObjectA
GetNearestPaletteIndex
GetFontLanguageInfo
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipRgn
GetClipBox
GetCharWidthA
GetCharABCWidthsA
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExtTextOutA
ExtCreatePen
ExcludeClipRect
EnumFontFamiliesExA
EndPath
EndPage
EndDoc
Ellipse
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreateRectRgnIndirect
CreateRectRgn
CreatePolygonRgn
CreatePenIndirect
CreatePen
CreatePalette
CreateICA
CreateHalftonePalette
CreateFontIndirectA
CreateEllipticRgn
CreateDIBitmap
CreateDIBSection
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
CombineRgn
CloseEnhMetaFile
BitBlt
BeginPath
AddFontResourceA
version
VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA
ole32
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitializeEx
CoInitialize
CLSIDFromString
comctl32
_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Remove
ImageList_DrawEx
ImageList_Replace
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls
imm32
ImmSetCompositionWindow
ImmSetCompositionFontA
ImmGetCompositionStringA
ImmReleaseContext
ImmGetContext
shell32
Shell_NotifyIconA
ShellExecuteA
DragQueryPoint
DragQueryFileA
DragFinish
DragAcceptFiles
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetMalloc
SHGetDesktopFolder
SHBrowseForFolderA
winspool.drv
OpenPrinterA
EnumPrintersA
DocumentPropertiesA
ClosePrinter
comdlg32
PageSetupDlgA
PrintDlgA
ChooseFontA
ReplaceTextA
FindTextA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
wsock32
WSACleanup
WSAStartup
gethostname
gethostbyname
inet_ntoa
winmm
timeGetTime
Exports
Exports
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.itext Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: - Virtual size: 35KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 76B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: - Virtual size: 64B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 181KB - Virtual size: 181KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$1/1337/php5ts.dll.dll windows:5 windows x86 arch:x86
aaf1492926158df000e59c70092d88e8
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
oleaut32
GetActiveObject
SysFreeString
VariantClear
VariantInit
SysAllocString
SafeArrayGetDim
SafeArrayPutElement
VariantChangeType
SafeArrayGetVartype
LHashValOfNameSys
VarCmp
VariantCopy
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopyInd
SafeArrayGetElement
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocStringByteLen
VarXor
VarPow
VarOr
VarMod
VarImp
VarIdiv
VarEqv
VarDiv
VarAnd
VarMul
VarSu
VarCat
VarAdd
VarNot
VarNeg
VarInt
VarFix
VarAbs
VarRound
VariantTimeToSystemTime
SystemTimeToVariantTime
user32
DefWindowProcA
SetTimer
PostQuitMessage
KillTimer
UnregisterClassA
DestroyWindow
SendMessageA
GetMessageA
CreateWindowExA
RegisterClassA
PostThreadMessageA
GetSystemMetrics
GetDesktopWindow
IsWindow
GetDC
GetClientRect
GetWindowRect
ReleaseDC
PeekMessageA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
MessageBoxA
gdi32
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
SelectObject
GetPixel
DeleteObject
DeleteDC
advapi32
RegCloseKey
RegOpenKeyExA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegEnumKeyA
RegQueryValueA
DuplicateTokenEx
CreateProcessAsUserA
OpenThreadToken
OpenProcessToken
EqualSid
DuplicateToken
GetFileSecurityA
MapGenericMask
AccessCheck
GetTokenInformation
CopySid
GetLengthSid
ConvertSidToStringSidA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueExA
RegNotifyChangeKeyValue
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
GetUserNameA
ws2_32
WSACleanup
WSAGetLastError
WSAStartup
freeaddrinfo
getaddrinfo
closesocket
socket
htons
ntohs
inet_ntoa
getpeername
getsockname
htonl
ioctlsocket
__WSAFDIsSet
select
WSASetLastError
getsockopt
connect
bind
setsockopt
accept
WSAStringToAddressA
WSAAddressToStringA
inet_addr
listen
send
recv
shutdown
sendto
recvfrom
gethostbyname
gethostname
getprotobyname
ntohl
getservbyname
getservbyport
getprotobynumber
gethostbyaddr
kernel32
WideCharToMultiByte
GetProcessHeap
GetFileAttributesExA
GetCurrentDirectoryA
DeviceIoControl
CreateFileA
FileTimeToSystemTime
TlsFree
TlsAlloc
LeaveCriticalSection
CreateProcessA
SetFileTime
InitializeCriticalSection
TlsGetValue
TlsSetValue
CreateWaitableTimerA
SetWaitableTimer
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
FindClose
FindNextFileA
SystemTimeToFileTime
GetSystemTime
MoveFileExA
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetBinaryTypeA
DeleteCriticalSection
GetStdHandle
CreatePipe
GetExitCodeProcess
MapViewOfFileEx
OpenFileMappingA
GetFullPathNameA
MultiByteToWideChar
InterlockedDecrement
GetLocalTime
GetCurrentProcessId
SetEnvironmentVariableA
SleepEx
GetDiskFreeSpaceA
LockFileEx
UnlockFileEx
GetModuleHandleA
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetComputerNameA
GetFileAttributesA
CreateHardLinkA
TerminateProcess
SetErrorMode
SetFilePointer
GetACP
CreateMutexA
ReleaseMutex
InterlockedCompareExchange
Sleep
GetSystemDirectoryA
EnterCriticalSection
FindFirstFileA
CreateFileMappingA
GetFileSize
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
GetFileType
GetTempPathA
GetTempFileNameA
SetLastError
GetEnvironmentVariableA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemWindowsDirectoryA
LocalFree
GetVersion
GetVersionExA
GetLastError
OutputDebugStringA
FormatMessageA
LoadLibraryA
GetProcAddress
GetTimeZoneInformation
InterlockedIncrement
GetCurrentThreadId
CloseHandle
CreateEventA
WaitForSingleObject
SetEvent
IsDBCSLeadByte
HeapReAlloc
HeapFree
HeapAlloc
HeapCreate
HeapDestroy
FreeLibrary
ole32
CoUninitialize
CoInitialize
CoCreateInstance
CoCreateInstanceEx
MkParseDisplayName
CreateBindCtx
CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoDisconnectObject
CoTaskMemAlloc
OleLoadFromStream
CLSIDFromProgID
dnsapi
DnsQuery_A
DnsRecordListFree
msvcr90
sscanf
putchar
_open_osfhandle
_fdopen
_mktime32
fgets
floor
strftime
_CIatan2
_CIsqrt
_CIsin
_CIcos
_CIacos
_atoi64
strtod
isupper
abort
strtoul
putc
getc
_CItan
_access
atof
iscntrl
ispunct
isprint
isgraph
isxdigit
strcspn
mblen
_CIlog10
ceil
_CIlog
_CIexp
_CIasin
_CIatan
_CIsinh
_CIcosh
_CItanh
_hypot
_CIfmod
strcat_s
strncpy_s
_close
strspn
_setmode
_fileno
remove
_creat
_mktemp
ferror
strcmp
clearerr
ungetc
fgetc
memcmp
strlen
strcat
fabs
pow
_vsnprintf
_wfopen
_stat64i32
_wstat64i32
vfprintf
strcpy_s
sprintf_s
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_dup
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_stricmp
_strnicmp
_isatty
_write
_unlink
_lseek
_read
_chsize
_open
_chmod
_mkdir
_rmdir
_getcwd
_strdup
_set_errno
_memicmp
_stat32
_getpid
_tzset
__timezone
__daylight
strtok
setvbuf
fseek
feof
_get_osfhandle
rewind
strnlen
_putenv
_umask
strpbrk
atoi
_snprintf
fopen
memset
calloc
malloc
free
strncat
realloc
_setjmp3
sprintf
longjmp
exit
strtol
memcpy
fprintf
__iob_func
fflush
getenv
memchr
strchr
memmove
isalpha
strrchr
_beginthreadex
_controlfp_s
ftell
_errno
printf
toupper
_CIpow
strcoll
tolower
_finite
_fstat32
fread
fclose
_HUGE
isspace
_time32
_configthreadlocale
strstr
strncmp
strncpy
isalnum
strerror
_set_invalid_parameter_handler
setlocale
fwrite
qsort
vsprintf
_environ
_ctime32
_gmtime32
_localtime32
asctime
atol
localeconv
_fpclass
_isnan
isdigit
islower
Exports
Exports
GetSMErrorText
OnUpdateBaseDir
OnUpdateBool
OnUpdateLong
OnUpdateLongGEZero
OnUpdateReal
OnUpdateString
OnUpdateStringUnempty
PHP_3HAVAL128Init
PHP_3HAVAL160Init
PHP_3HAVAL192Init
PHP_3HAVAL224Init
PHP_3HAVAL256Init
PHP_3TIGERInit
PHP_4HAVAL128Init
PHP_4HAVAL160Init
PHP_4HAVAL192Init
PHP_4HAVAL224Init
PHP_4HAVAL256Init
PHP_4TIGERInit
PHP_5HAVAL128Init
PHP_5HAVAL160Init
PHP_5HAVAL192Init
PHP_5HAVAL224Init
PHP_5HAVAL256Init
PHP_ADLER32Copy
PHP_ADLER32Final
PHP_ADLER32Init
PHP_ADLER32Update
PHP_CRC32BFinal
PHP_CRC32BUpdate
PHP_CRC32Copy
PHP_CRC32Final
PHP_CRC32Init
PHP_CRC32Update
PHP_GOSTFinal
PHP_GOSTInit
PHP_GOSTUpdate
PHP_HAVAL128Final
PHP_HAVAL160Final
PHP_HAVAL192Final
PHP_HAVAL224Final
PHP_HAVAL256Final
PHP_HAVALUpdate
PHP_MD2Final
PHP_MD2Init
PHP_MD2Update
PHP_MD4Final
PHP_MD4Init
PHP_MD4Update
PHP_MD5Final
PHP_MD5Init
PHP_MD5Update
PHP_RIPEMD128Final
PHP_RIPEMD128Init
PHP_RIPEMD128Update
PHP_RIPEMD160Final
PHP_RIPEMD160Init
PHP_RIPEMD160Update
PHP_RIPEMD256Final
PHP_RIPEMD256Init
PHP_RIPEMD256Update
PHP_RIPEMD320Final
PHP_RIPEMD320Init
PHP_RIPEMD320Update
PHP_SALSA10Init
PHP_SALSA20Init
PHP_SALSAFinal
PHP_SALSAUpdate
PHP_SHA1Final
PHP_SHA1Init
PHP_SHA1Update
PHP_SHA224Final
PHP_SHA224Init
PHP_SHA224Update
PHP_SHA256Final
PHP_SHA256Init
PHP_SHA256Update
PHP_SHA384Final
PHP_SHA384Init
PHP_SHA384Update
PHP_SHA512Final
PHP_SHA512Init
PHP_SHA512Update
PHP_SNEFRUFinal
PHP_SNEFRUInit
PHP_SNEFRUUpdate
PHP_TIGER128Final
PHP_TIGER160Final
PHP_TIGER192Final
PHP_TIGERUpdate
PHP_WHIRLPOOLFinal
PHP_WHIRLPOOLInit
PHP_WHIRLPOOLUpdate
TSMClose
TSendMail
ValidateFormat
XML_GetUserData
_DllMain@12
_array_init
_convert_to_string
_ecalloc
_efree
_emalloc
_erealloc
_estrdup
_estrndup
_mysqlnd_calloc
_mysqlnd_debug
_mysqlnd_ecalloc
_mysqlnd_efree
_mysqlnd_emalloc
_mysqlnd_erealloc
_mysqlnd_fetch_lengths
_mysqlnd_free
_mysqlnd_get_client_stats
_mysqlnd_init
_mysqlnd_malloc
_mysqlnd_pecalloc
_mysqlnd_pefree
_mysqlnd_pemalloc
_mysqlnd_perealloc
_mysqlnd_pestrdup
_mysqlnd_pestrndup
_mysqlnd_plugin_get_plugin_connection_data
_mysqlnd_plugin_get_plugin_net_data
_mysqlnd_plugin_get_plugin_protocol_data
_mysqlnd_plugin_get_plugin_result_data
_mysqlnd_plugin_get_plugin_result_metadata_data
_mysqlnd_plugin_get_plugin_stmt_data
_mysqlnd_poll
_mysqlnd_realloc
_object_and_properties_init
_object_init
_object_init_ex
_php_emit_fd_setsize_warning
_php_error_log
_php_error_log_ex
_php_find_ps_module
_php_find_ps_serializer
_php_get_stream_filters_hash
_php_glob_stream_get_count
_php_glob_stream_get_path
_php_glob_stream_get_pattern
_php_math_basetolong
_php_math_basetozval
_php_math_longtobase
_php_math_number_format
_php_math_round
_php_math_zvaltobase
_php_regcomp@12
_php_regerror@16
_php_regexec@20
_php_regfree@4
_php_stream_alloc
_php_stream_cast
_php_stream_copy_to_mem
_php_stream_copy_to_stream
_php_stream_copy_to_stream_ex
_php_stream_eof
_php_stream_filter_alloc
_php_stream_filter_append
_php_stream_filter_flush
_php_stream_filter_prepend
_php_stream_flush
_php_stream_fopen
_php_stream_fopen_from_fd
_php_stream_fopen_from_file
_php_stream_fopen_from_pipe
_php_stream_fopen_temporary_file
_php_stream_fopen_tmpfile
_php_stream_fopen_with_path
_php_stream_free
_php_stream_get_line
_php_stream_get_url_stream_wrappers_hash
_php_stream_getc
_php_stream_make_seekable
_php_stream_memory_create
_php_stream_memory_get_buffer
_php_stream_memory_open
_php_stream_mkdir
_php_stream_mmap_range
_php_stream_mmap_unmap
_php_stream_mmap_unmap_ex
_php_stream_open_wrapper_as_file
_php_stream_open_wrapper_ex
_php_stream_opendir
_php_stream_passthru
_php_stream_printf
_php_stream_putc
_php_stream_puts
_php_stream_read
_php_stream_readdir
_php_stream_rmdir
_php_stream_scandir
_php_stream_seek
_php_stream_set_option
_php_stream_sock_open_from_socket
_php_stream_sock_open_host
_php_stream_stat
_php_stream_stat_path
_php_stream_tell
_php_stream_temp_create
_php_stream_temp_open
_php_stream_truncate_set_size
_php_stream_write
_php_stream_xport_create
_safe_emalloc
_safe_erealloc
_safe_malloc
_safe_realloc
_xml_zval_strdup
_zend_bailout
_zend_get_parameters_array
_zend_get_parameters_array_ex
_zend_hash_add_or_update
_zend_hash_index_update_or_next_insert
_zend_hash_init
_zend_hash_init_ex
_zend_hash_merge
_zend_hash_quick_add_or_update
_zend_list_addref
_zend_list_delete
_zend_list_find
_zend_mem_block_size
_zend_mm_alloc
_zend_mm_block_size
_zend_mm_free
_zend_mm_realloc
_zend_ts_hash_add_or_update
_zend_ts_hash_index_update_or_next_insert
_zend_ts_hash_init
_zend_ts_hash_init_ex
_zend_ts_hash_quick_add_or_update
_zval_copy_ctor_func
_zval_dtor_func
_zval_dtor_wrapper
_zval_internal_dtor
_zval_internal_ptr_dtor
_zval_ptr_dtor
add_assoc_bool_ex
add_assoc_double_ex
add_assoc_function
add_assoc_long_ex
add_assoc_null_ex
add_assoc_resource_ex
add_assoc_string_ex
add_assoc_stringl_ex
add_assoc_zval_ex
add_char_to_string
add_function
add_get_assoc_string_ex
add_get_assoc_stringl_ex
add_get_index_double
add_get_index_long
add_get_index_string
add_get_index_stringl
add_index_bool
add_index_double
add_index_long
add_index_null
add_index_resource
add_index_string
add_index_stringl
add_index_zval
add_next_index_bool
add_next_index_double
add_next_index_long
add_next_index_null
add_next_index_resource
add_next_index_string
add_next_index_stringl
add_next_index_zval
add_property_bool_ex
add_property_double_ex
add_property_long_ex
add_property_null_ex
add_property_resource_ex
add_property_string_ex
add_property_stringl_ex
add_property_zval_ex
add_string_to_string
ap_php_asprintf
ap_php_slprintf
ap_php_snprintf
ap_php_vasprintf
ap_php_vslprintf
ap_php_vsnprintf
arcfour_LTX__is_block_algorithm
arcfour_LTX__mcrypt_algorithm_version
arcfour_LTX__mcrypt_decrypt
arcfour_LTX__mcrypt_encrypt
arcfour_LTX__mcrypt_get_algo_iv_size
arcfour_LTX__mcrypt_get_algorithms_name
arcfour_LTX__mcrypt_get_block_size
arcfour_LTX__mcrypt_get_key_size
arcfour_LTX__mcrypt_get_size
arcfour_LTX__mcrypt_get_supported_key_sizes
arcfour_LTX__mcrypt_self_test
arcfour_LTX__mcrypt_set_key
basic_globals_id
bcompiler_zend_shutdown
bcompiler_zend_startup
bitwise_and_function
bitwise_not_function
bitwise_or_function
bitwise_xor_function
blowfish_LTX__is_block_algorithm
blowfish_LTX__mcrypt_algorithm_version
blowfish_LTX__mcrypt_decrypt
blowfish_LTX__mcrypt_encrypt
blowfish_LTX__mcrypt_get_algorithms_name
blowfish_LTX__mcrypt_get_block_size
blowfish_LTX__mcrypt_get_key_size
blowfish_LTX__mcrypt_get_size
blowfish_LTX__mcrypt_get_supported_key_sizes
blowfish_LTX__mcrypt_self_test
blowfish_LTX__mcrypt_set_key
blowfish_compat_LTX__is_block_algorithm
blowfish_compat_LTX__mcrypt_algorithm_version
blowfish_compat_LTX__mcrypt_decrypt
blowfish_compat_LTX__mcrypt_encrypt
blowfish_compat_LTX__mcrypt_get_algorithms_name
blowfish_compat_LTX__mcrypt_get_block_size
blowfish_compat_LTX__mcrypt_get_key_size
blowfish_compat_LTX__mcrypt_get_size
blowfish_compat_LTX__mcrypt_get_supported_key_sizes
blowfish_compat_LTX__mcrypt_self_test
blowfish_compat_LTX__mcrypt_set_key
boolean_not_function
boolean_xor_function
call_user_function
call_user_function_ex
cast_128_LTX__is_block_algorithm
cast_128_LTX__mcrypt_algorithm_version
cast_128_LTX__mcrypt_decrypt
cast_128_LTX__mcrypt_encrypt
cast_128_LTX__mcrypt_get_algorithms_name
cast_128_LTX__mcrypt_get_block_size
cast_128_LTX__mcrypt_get_key_size
cast_128_LTX__mcrypt_get_size
cast_128_LTX__mcrypt_get_supported_key_sizes
cast_128_LTX__mcrypt_self_test
cast_128_LTX__mcrypt_set_key
cast_256_LTX__is_block_algorithm
cast_256_LTX__mcrypt_algorithm_version
cast_256_LTX__mcrypt_decrypt
cast_256_LTX__mcrypt_encrypt
cast_256_LTX__mcrypt_get_algorithms_name
cast_256_LTX__mcrypt_get_block_size
cast_256_LTX__mcrypt_get_key_size
cast_256_LTX__mcrypt_get_size
cast_256_LTX__mcrypt_get_supported_key_sizes
cast_256_LTX__mcrypt_self_test
cast_256_LTX__mcrypt_set_key
cfg_get_double
cfg_get_entry
cfg_get_long
cfg_get_string
compare_function
compile_file
compile_filename
compile_string
compiler_globals_id
concat_function
config_zval_dtor
convert_scalar_to_number
convert_to_array
convert_to_boolean
convert_to_double
convert_to_long
convert_to_long_base
convert_to_null
convert_to_object
core_globals_id
decrement_function
des_LTX__is_block_algorithm
des_LTX__mcrypt_algorithm_version
des_LTX__mcrypt_decrypt
des_LTX__mcrypt_encrypt
des_LTX__mcrypt_get_algorithms_name
des_LTX__mcrypt_get_block_size
des_LTX__mcrypt_get_key_size
des_LTX__mcrypt_get_size
des_LTX__mcrypt_get_supported_key_sizes
des_LTX__mcrypt_self_test
des_LTX__mcrypt_set_key
destroy_op_array
destroy_zend_class
destroy_zend_function
display_ini_entries
display_link_numbers
div_function
do_bind_class
do_bind_function
do_bind_inherited_class
dom_node_class_entry
dom_object_get_node
dummy_indent
empty_fcall_info
empty_fcall_info_cache
end_mcrypt
enigma_LTX__is_block_algorithm
enigma_LTX__mcrypt_algorithm_version
enigma_LTX__mcrypt_decrypt
enigma_LTX__mcrypt_encrypt
enigma_LTX__mcrypt_get_algo_iv_size
enigma_LTX__mcrypt_get_algorithms_name
enigma_LTX__mcrypt_get_block_size
enigma_LTX__mcrypt_get_key_size
enigma_LTX__mcrypt_get_size
enigma_LTX__mcrypt_get_supported_key_sizes
enigma_LTX__mcrypt_self_test
enigma_LTX__mcrypt_set_key
execute
execute_internal
executor_globals_id
expand_filepath
expand_filepath_ex
extension_version_info
file_globals_id
file_handle_dtor
flock
fnmatch
free_estring
function_add_ref
gc_collect_cycles
gc_globals_ctor
gc_globals_dtor
gc_globals_id
gc_init
gc_remove_zval_from_buffer
gc_reset
gc_zobj_possible_root
gc_zval_possible_root
get_active_class_name
get_active_function_name
get_binary_op
get_timezone_info
get_unary_op
get_zend_version
gettimeofday
glob
globfree
gost_LTX__is_block_algorithm
gost_LTX__mcrypt_algorithm_version
gost_LTX__mcrypt_decrypt
gost_LTX__mcrypt_encrypt
gost_LTX__mcrypt_get_algorithms_name
gost_LTX__mcrypt_get_block_size
gost_LTX__mcrypt_get_key_size
gost_LTX__mcrypt_get_size
gost_LTX__mcrypt_get_supported_key_sizes
gost_LTX__mcrypt_self_test
gost_LTX__mcrypt_set_key
highlight_file
highlight_string
igbinary_serialize
igbinary_unserialize
increment_function
inet_aton
inet_ntop
inet_pton
ini_scanner_globals_id
init_mcrypt
init_op_array
instanceof_function
instanceof_function_ex
is_equal_function
is_identical_function
is_not_equal_function
is_not_identical_function
is_smaller_function
is_smaller_or_equal_function
is_zend_mm
language_scanner_globals_id
le_index_ptr
lex_scan
localeconv_r
loki97_LTX__is_block_algorithm
loki97_LTX__mcrypt_algorithm_version
loki97_LTX__mcrypt_decrypt
loki97_LTX__mcrypt_encrypt
loki97_LTX__mcrypt_get_algorithms_name
loki97_LTX__mcrypt_get_block_size
loki97_LTX__mcrypt_get_key_size
loki97_LTX__mcrypt_get_size
loki97_LTX__mcrypt_get_supported_key_sizes
loki97_LTX__mcrypt_self_test
loki97_LTX__mcrypt_set_key
make_digest
make_digest_ex
make_sha1_digest
mcrypt
mcrypt_algorithm_module_ok
mcrypt_dlopen
mcrypt_enc_get_algorithms_name
mcrypt_enc_get_block_size
mcrypt_enc_get_iv_size
mcrypt_enc_get_key_size
Sections
.text Size: 4.2MB - Virtual size: 4.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 52KB - Virtual size: 170KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 207KB - Virtual size: 206KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
8c8a576201f68de1a3f26fc723b9f30f
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfA
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 851B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 608B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/GonnaCry/GonnaCry.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Windows10\Documents\Archiwum\Virus_Destructive\Virus_Destructive\obj\Debug\GonnaCry.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/GonnaCry/READ ME FOR UR SAFETY.txt
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Hydromatic (1).exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 124KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 48KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 18KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 69KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 30KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Losange/Losange.exe.exe windows:6 windows x64 arch:x64
d7ed481fea21e62dc0e8363362172e7c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Elève\source\repos\SquarixBeta\x64\Debug\SquarixBeta.pdb
Imports
kernel32
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
VirtualAlloc
GetTickCount
CreateThread
Sleep
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
GetProcAddress
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetLastError
WideCharToMultiByte
MultiByteToWideChar
RaiseException
GetModuleHandleW
GetCurrentThreadId
user32
GetSystemMetrics
GetDC
GetDesktopWindow
ReleaseDC
gdi32
SetBitmapBits
SelectObject
GetBitmapBits
DeleteObject
CreateCompatibleDC
CreateBitmap
BitBlt
CreateDIBSection
DeleteDC
vcruntime140d
__C_specific_handler_noexcept
memcpy
__C_specific_handler
__current_exception
__vcrt_GetModuleHandleW
__current_exception_context
__vcrt_GetModuleFileNameW
__std_type_info_destroy_list
__vcrt_LoadLibraryExW
ucrtbased
_crt_at_quick_exit
terminate
strcpy_s
strcat_s
__stdio_common_vsprintf_s
_wmakepath_s
_wsplitpath_s
wcscpy_s
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_seh_filter_dll
__p__commode
_set_new_mode
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
__p___argv
__p___argc
_set_fmode
_exit
exit
_initterm_e
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
__setusermatherr
_set_app_type
_seh_filter_exe
_CrtDbgReportW
_CrtDbgReport
rand
_configthreadlocale
Sections
.textbss Size: - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.msvcjmc Size: 512B - Virtual size: 448B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.00cfg Size: 512B - Virtual size: 373B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 618B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Monoxidex64.exe.vir.exe windows:5 windows x64 arch:x64
a2f9cc400443004644952ac829162570
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
winmm
waveOutWrite
waveOutUnprepareHeader
waveOutReset
waveOutOpen
waveOutPrepareHeader
kernel32
Sleep
GetLastError
lstrcatW
DeleteFileW
CloseHandle
LoadLibraryW
CreateThread
GetProcAddress
LocalFree
CreateProcessW
FreeLibrary
CopyFileW
lstrcpyW
lstrcmpW
GetCurrentThreadId
HeapAlloc
GetProcessHeap
CreateMutexW
WaitForSingleObject
TerminateThread
HeapFree
HeapSize
GetStringTypeW
GetLogicalDriveStringsW
ReadFile
LCMapStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExW
SetFileAttributesW
CreateFileW
FindClose
GetTempPathW
GetModuleFileNameW
RemoveDirectoryW
WriteFile
GetCurrentProcess
FindNextFileW
GetFileType
FindFirstFileW
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
SetStdHandle
GetACP
GetModuleHandleExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
RaiseException
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
user32
GetMessageW
DispatchMessageW
SetTimer
TranslateMessage
EnumDisplayMonitors
GetWindowRect
GetDC
EnumChildWindows
CallNextHookEx
GetSystemMetrics
SetWindowTextW
DrawIcon
DestroyCursor
ShowWindow
GetCursorInfo
RedrawWindow
MoveWindow
UnhookWindowsHookEx
EnumWindows
mouse_event
SetWindowsHookExW
SetCursorPos
ReleaseDC
EnableWindow
MessageBoxW
ExitWindowsEx
gdi32
DeleteDC
CreatePen
Ellipse
DeleteObject
CreateSolidBrush
BitBlt
SelectObject
CreateDIBSection
CreateCompatibleDC
StretchBlt
advapi32
LookupPrivilegeValueW
AdjustTokenPrivileges
AllocateAndInitializeSid
SetEntriesInAclW
SetNamedSecurityInfoW
FreeSid
OpenProcessToken
shell32
ShellExecuteW
Sections
.text Size: 105KB - Virtual size: 105KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 61KB - Virtual size: 61KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 143KB - Virtual size: 142KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/NightMare.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Windows10\Desktop\Colt\Colt\obj\Debug\NightMare.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/README.txt
-
MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/REGFuck.bat
-
MyMalwareDatabase-main/MyMalwareDatabase-main/NightMare/detect.png.png
-
MyMalwareDatabase-main/MyMalwareDatabase-main/NoEscape (1).exe.exe windows:6 windows x86 arch:x86
f400a8c725e9bcee856360087d72fec3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
GetModuleHandleA
GetProcAddress
netapi32
NetUserAdd
ntdll
RtlGetVersion
user32
GetDC
gdi32
BitBlt
advapi32
FreeSid
shell32
ShellExecuteW
ole32
CoTaskMemFree
bcrypt
BCryptGenRandom
vcruntime140
wcsstr
api-ms-win-crt-string-l1-1-0
wmemcpy_s
api-ms-win-crt-runtime-l1-1-0
exit
api-ms-win-crt-math-l1-1-0
__setusermatherr
api-ms-win-crt-stdio-l1-1-0
_set_fmode
api-ms-win-crt-locale-l1-1-0
_configthreadlocale
api-ms-win-crt-heap-l1-1-0
_set_new_mode
Sections
.MPRESS1 Size: 609KB - Virtual size: 1.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MPRESS2 Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Protactinium (1).exe.exe windows:4 windows x86 arch:x86
6bd8e1a28c91488a009d8b979c9d8140
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
gdi32
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateEllipticRgn
CreateSolidBrush
DeleteObject
PlgBlt
SelectClipRgn
SelectObject
StretchBlt
kernel32
AddAtomA
CloseHandle
CreateFileW
CreateThread
ExitProcess
FindAtomA
FreeConsole
GetAtomNameA
SetUnhandledExceptionFilter
Sleep
TerminateThread
WinExec
WriteFile
msvcrt
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
cos
fflush
fmod
fprintf
free
malloc
rand
signal
sin
user32
DrawIcon
GetCursorInfo
GetDC
GetDesktopWindow
GetSystemMetrics
GetWindowRect
LoadIconA
MessageBoxA
RedrawWindow
ReleaseDC
SetCursorPos
winmm
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
Sections
.text Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 64B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 16KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
MyMalwareDatabase-main/MyMalwareDatabase-main/README
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Saturn.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Andrei\Desktop\Saturn\Saturn\obj\Debug\Saturn.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 240KB - Virtual size: 240KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Sulfoxide.rar.rar
-
Sulfoxide/READ.txt
-
Sulfoxide/Sulfoxide.exe.exe windows:4 windows x86 arch:x86
392d0bc34c07050bdaeed40a719a8701
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
E:\Development\Malware Projects\Sulfoxide\Release\Sulfoxide.pdb
Imports
kernel32
GetFileAttributesA
GetSystemDirectoryA
lstrcatA
GetLastError
GetModuleHandleW
GetCurrentThreadId
SetThreadPriority
SetPriorityClass
WaitForSingleObject
GetCurrentThread
HeapSetInformation
GetSystemDirectoryW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
FreeLibrary
EnterCriticalSection
QueryPerformanceCounter
GetCurrentProcess
lstrlenA
lstrcmpA
GetFileSize
LocalFree
QueryPerformanceFrequency
GetTickCount
CreateProcessW
FindFirstFileW
CreateFileA
CreateThread
SetFileAttributesW
DeleteFileW
CloseHandle
HeapAlloc
FindNextFileW
WaitForMultipleObjects
FindClose
GetProcAddress
GetTempPathW
CreateFileW
GetModuleFileNameW
ReadFile
CopyFileW
TerminateThread
LoadLibraryW
WriteFile
GetLogicalDriveStringsW
Sleep
GetSystemInfo
GetProcessHeap
VirtualFree
VirtualAlloc
HeapFree
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapCreate
HeapDestroy
InterlockedDecrement
SetLastError
GetCommandLineA
GetVersionExA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
LocalAlloc
user32
CreateWindowExA
ExitWindowsEx
EnumDisplayDevicesA
EnumDisplaySettingsA
UpdateLayeredWindow
DrawTextA
DrawIcon
GetSystemMetrics
ChangeDisplaySettingsA
ShowCursor
MessageBoxA
SetCursorPos
RedrawWindow
RegisterClassExA
LoadIconA
ReleaseDC
TranslateMessage
PeekMessageA
DefWindowProcA
SetWindowPos
ShowWindow
IsWindow
DispatchMessageA
LoadCursorA
GetWindowThreadProcessId
EnumDisplayMonitors
UnionRect
GetDC
gdi32
SetTextColor
CreateFontA
SetBkMode
PatBlt
LineTo
CreateHatchBrush
Polygon
StretchBlt
LineDDA
SelectClipRgn
SetPolyFillMode
PlgBlt
CreatePen
PolyBezier
CreateSolidBrush
CreateEllipticRgn
CreatePolygonRgn
MoveToEx
CreateDIBSection
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
DeleteObject
SetStretchBltMode
advapi32
AllocateAndInitializeSid
LookupPrivilegeValueW
SetNamedSecurityInfoW
OpenProcessToken
AdjustTokenPrivileges
FreeSid
SetEntriesInAclW
winmm
waveOutOpen
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
msimg32
AlphaBlend
Sections
.text Size: 108KB - Virtual size: 107KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 140KB - Virtual size: 137KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Sulfoxide/Sulfoxide_fixes.exe.exe windows:4 windows x86 arch:x86
2b76a3c08d4243d00768177c4da12211
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
E:\Development\Malware Projects\Sulfoxide\Release\Sulfoxide.pdb
Imports
kernel32
GetFileAttributesA
GetSystemDirectoryA
lstrcatA
GetLastError
GetCurrentThreadId
SetThreadPriority
SetPriorityClass
WaitForSingleObject
GetCurrentThread
HeapSetInformation
GetSystemDirectoryW
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
RtlUnwind
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
FreeLibrary
EnterCriticalSection
QueryPerformanceCounter
GetCurrentProcess
lstrlenA
lstrcmpA
GetFileSize
LocalFree
QueryPerformanceFrequency
GetTickCount
CreateProcessW
FindFirstFileW
CreateFileA
CreateThread
SetFileAttributesW
DeleteFileW
CloseHandle
HeapAlloc
FindNextFileW
WaitForMultipleObjects
FindClose
GetProcAddress
GetTempPathW
CreateFileW
GetModuleFileNameW
ReadFile
CopyFileW
TerminateThread
LoadLibraryW
WriteFile
GetLogicalDriveStringsW
Sleep
GetSystemInfo
GetProcessHeap
VirtualFree
VirtualAlloc
HeapFree
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapCreate
HeapDestroy
InterlockedDecrement
SetLastError
GetCommandLineA
GetVersionExA
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
LocalAlloc
user32
ExitWindowsEx
EnumDisplayDevicesA
EnumDisplaySettingsA
UpdateLayeredWindow
DrawTextA
DrawIcon
GetSystemMetrics
ChangeDisplaySettingsA
ShowCursor
MessageBoxA
SetCursorPos
RedrawWindow
LoadIconA
ReleaseDC
LoadCursorA
EnumDisplayMonitors
UnionRect
GetDC
gdi32
SetTextColor
CreateFontA
SetBkMode
PatBlt
LineTo
CreateHatchBrush
Polygon
StretchBlt
LineDDA
SelectClipRgn
SetPolyFillMode
PlgBlt
CreatePen
PolyBezier
CreateSolidBrush
CreateEllipticRgn
CreatePolygonRgn
MoveToEx
CreateDIBSection
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
DeleteObject
SetStretchBltMode
advapi32
AllocateAndInitializeSid
LookupPrivilegeValueW
SetNamedSecurityInfoW
OpenProcessToken
AdjustTokenPrivileges
FreeSid
SetEntriesInAclW
winmm
waveOutOpen
waveOutReset
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
msimg32
AlphaBlend
Sections
.text Size: 108KB - Virtual size: 105KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 140KB - Virtual size: 137KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Sulfoxide/vcredist_x64.EXE.exe windows:5 windows x86 arch:x86
0ebb3c09b06b1666d307952e824c8697
Code Sign
33:00:00:01:df:6b:f0:2e:92:a7:4a:b4:d0:00:00:00:00:01:dfCertificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15-12-2020 21:31Not After02-12-2021 21:31SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
5f:63:02:fb:97:c4:f4:9a:2a:47:90:41:1f:b4:ef:5d:61:2b:b8:cb:f9:df:03:bf:c6:98:b7:e2:6c:4f:6d:efSigner
Actual PE Digest5f:63:02:fb:97:c4:f4:9a:2a:47:90:41:1f:b4:ef:5d:61:2b:b8:cb:f9:df:03:bf:c6:98:b7:e2:6c:4f:6d:efDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
wextract.pdb
Imports
advapi32
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
kernel32
LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
lstrlenA
GetModuleFileNameA
GetSystemDirectoryA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
FreeResource
GetProcAddress
LoadResource
SizeofResource
FindResourceA
lstrcatA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
LockResource
gdi32
GetDeviceCaps
user32
ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics
comctl32
ord17
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
Sections
.text Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3.0MB - Virtual size: 3.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Sulfoxide/vcredist_x86.EXE.exe windows:5 windows x86 arch:x86
0ebb3c09b06b1666d307952e824c8697
Code Sign
33:00:00:01:df:6b:f0:2e:92:a7:4a:b4:d0:00:00:00:00:01:dfCertificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before15-12-2020 21:31Not After02-12-2021 21:31SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08-07-2011 20:59Not After08-07-2026 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
d0:c1:33:35:a8:70:45:a4:9a:b5:b4:a0:d7:36:e7:d3:a3:2c:e2:8d:ed:2e:3b:32:fa:35:82:17:be:ba:cd:23Signer
Actual PE Digestd0:c1:33:35:a8:70:45:a4:9a:b5:b4:a0:d7:36:e7:d3:a3:2c:e2:8d:ed:2e:3b:32:fa:35:82:17:be:ba:cd:23Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
wextract.pdb
Imports
advapi32
FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA
kernel32
LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
lstrlenA
GetModuleFileNameA
GetSystemDirectoryA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
FreeResource
GetProcAddress
LoadResource
SizeofResource
FindResourceA
lstrcatA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
LockResource
gdi32
GetDeviceCaps
user32
ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics
comctl32
ord17
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
Sections
.text Size: 38KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Tera Bonus.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
-C$=) Size: 92KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Theophyline.7z.7z
-
readme.txt
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Win10.Update-kb8723467.msi.zip.zip
Password: infected
-
Win10.Update-kb8723467.msi.msi
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Win10.Update-kb8723467.msi/Win10.Update-kb8723467.msi.msi
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Worm Locker2.0(ransomware).zip.zip
-
Automatic_converter_rff_to_mp4.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Worm\source\repos\SysWOW64\SysWOW64\obj\Debug\Automatic_converter_rff_to_mp4.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 185KB - Virtual size: 185KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
README.txt
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Worm Locker2.0(ransomware)/Automatic_converter_rff_to_mp4.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\Worm\source\repos\SysWOW64\SysWOW64\obj\Debug\Automatic_converter_rff_to_mp4.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 185KB - Virtual size: 185KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 136KB - Virtual size: 135KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
MyMalwareDatabase-main/MyMalwareDatabase-main/Worm Locker2.0(ransomware)/README.txt
-
MyMalwareDatabase-main/MyMalwareDatabase-main/uff.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\w10\source\repos\uffexe\uffexe\obj\Release\uffexe.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 19KB - Virtual size: 18KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ