APM-08279-5255[.]exe-Malware-main[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

APM-08279-5255.exe-Malware-main.zip
Size

9.7MB
MD5

643d147cc598608c8c46b7099e0c8f40
SHA1

c1c0cc4c4808b5edc800221945050e8c10cd5094
SHA256

ac8d3aa6d99dc4ce9f7da46deae843c5203d6cf8657c62eda42a3eb49f94bced
SHA512

e71d94d7aa60a3e1a56e18076b78b7aa8949321fb8e8879467243d4cd61c6a6ae92ebc7bbad8177f7c11d02cd5418694978d3887be534d2d13ccda8434968596
SSDEEP

196608:OdpxvrBkNi3mp4z1NNHld0jHoEyzwkx3YJmxkk7YcQHhWBqlZ6De:Odpxvrygmp4BN107oE0x3UbZQe

Score

8^/10

upx

Malware Config

Signatures

Patched UPX-packed file 2 IoCs

Sample is packed with UPX but required header fields are zeroed out to prevent unpacking with the default UPX tool.

resource	yara_rule
static1/unpack005/out.upx	patched_upx
static1/unpack007/out.upx	patched_upx

UPX packed file 12 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack003/APM 08279+5255-safety/Release/APM 08279+5255-safety.x86.exe	upx
static1/unpack003/APM 08279+5255-safety/Release/upx-4.2.1-win32/upx.exe	upx
static1/unpack003/APM 08279+5255-safety/x64/Release/APM 08279+5255-safety.x64.exe	upx
static1/unpack003/APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/upx.exe	upx
static1/unpack003/APM 08279+5255/APM 08279+5255-safety.x64.exe	upx
static1/unpack003/APM 08279+5255/APM 08279+5255-safety.x86.exe	upx
static1/unpack003/APM 08279+5255/APM 08279+5255.x64.exe	upx
static1/unpack003/APM 08279+5255/APM 08279+5255.x86.exe	upx
static1/unpack003/APM 08279+5255/Release/APM 08279+5255.x86.exe	upx
static1/unpack003/APM 08279+5255/Release/upx-4.2.1-win32/upx.exe	upx
static1/unpack003/APM 08279+5255/x64/Release/APM 08279+5255.x64.exe	upx
static1/unpack003/APM 08279+5255/x64/Release/upx-4.2.1-win32/upx.exe	upx

Unsigned PE 23 IoCs

Checks for missing Authenticode signature.

resource
unpack003/APM 08279+5255-safety/Release/APM 08279+5255-safety.x86.exe
unpack004/out.upx
unpack003/APM 08279+5255-safety/Release/upx-4.2.1-win32/upx.exe
unpack005/out.upx
unpack003/APM 08279+5255-safety/x64/Release/APM 08279+5255-safety.x64.exe
unpack006/out.upx
unpack003/APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/upx.exe
unpack007/out.upx
unpack003/APM 08279+5255/APM 08279+5255-safety.x64.exe
unpack008/out.upx
unpack003/APM 08279+5255/APM 08279+5255-safety.x86.exe
unpack009/out.upx
unpack003/APM 08279+5255/APM 08279+5255.x64.exe
unpack003/APM 08279+5255/APM 08279+5255.x86.exe
unpack003/APM 08279+5255/MBR/QEMU/SDL.dll
unpack003/APM 08279+5255/MBR/QEMU/libcurl-4.dll
unpack003/APM 08279+5255/MBR/QEMU/qemu.exe
unpack003/APM 08279+5255/MBR/fasmg/fasmg.exe
unpack003/APM 08279+5255/Release/APM 08279+5255 beta 1.exe
unpack003/APM 08279+5255/Release/APM 08279+5255.x86.exe
unpack003/APM 08279+5255/Release/upx-4.2.1-win32/upx.exe
unpack003/APM 08279+5255/x64/Release/APM 08279+5255.x64.exe
unpack003/APM 08279+5255/x64/Release/upx-4.2.1-win32/upx.exe

Files

APM-08279-5255.exe-Malware-main.zip
.zip

Password: 1
APM-08279-5255.exe-Malware-main/APM 08279+5255.exe (pass MerryChristmas).zip
.zip
APM-08279-5255.exe-Malware-main/APM 08279+5255.exe source code.zip
.zip

Password: 1
APM 08279+5255-safety/APM 08279+5255-safety.sln
APM 08279+5255-safety/APM 08279+5255/APM 08279+5255-safety.cpp
APM 08279+5255-safety/APM 08279+5255/APM 08279+5255.vcxproj
.xml
APM 08279+5255-safety/APM 08279+5255/APM 08279+5255.vcxproj.filters
APM 08279+5255-safety/APM 08279+5255/APM 08279+5255.vcxproj.user
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/APM 08279+5255-safety.lastbuildstate
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/CL.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/CL.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/CL.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/link.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/link.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/link.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/rc.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/rc.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 0827.d599ba9e.tlog/rc.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255-safety.obj
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.Build.CppClean.log
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.log
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.obj
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/APM 08279+5255.lastbuildstate
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/CL.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/CL.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/CL.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/link.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/link.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/link.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/rc.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/rc.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/APM 08279+5255.tlog/rc.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/Release/Resource.res
APM 08279+5255-safety/APM 08279+5255/Release/vc140.pdb
APM 08279+5255-safety/APM 08279+5255/Resource.aps
APM 08279+5255-safety/APM 08279+5255/Resource.rc
APM 08279+5255-safety/APM 08279+5255/amogus.h
APM 08279+5255-safety/APM 08279+5255/costume1_13.ico
APM 08279+5255-safety/APM 08279+5255/resource.h
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/APM 08279+5255-safety.lastbuildstate
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/CL.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/CL.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/CL.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/link.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/link.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/link.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/rc.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/rc.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 0827.d599ba9e.tlog/rc.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255-safety.obj
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.log
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.obj
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/APM 08279+5255.lastbuildstate
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/CL.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/CL.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/CL.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/link.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/link.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/link.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/rc.command.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/rc.read.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/APM 08279+5255.tlog/rc.write.1.tlog
APM 08279+5255-safety/APM 08279+5255/x64/Release/Resource.res
APM 08279+5255-safety/APM 08279+5255/x64/Release/vc140.pdb
APM 08279+5255-safety/Release/APM 08279+5255-safety.iobj
APM 08279+5255-safety/Release/APM 08279+5255-safety.ipdb
APM 08279+5255-safety/Release/APM 08279+5255-safety.pdb
APM 08279+5255-safety/Release/APM 08279+5255-safety.x86.exe
.exe windows:5 windows x86 arch:x86

Password: 1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 212KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APM 08279+5255-safety/Release/upx-4.2.1-win32/COPYING
APM 08279+5255-safety/Release/upx-4.2.1-win32/LICENSE
APM 08279+5255-safety/Release/upx-4.2.1-win32/NEWS
APM 08279+5255-safety/Release/upx-4.2.1-win32/README
APM 08279+5255-safety/Release/upx-4.2.1-win32/THANKS.txt
APM 08279+5255-safety/Release/upx-4.2.1-win32/upx-doc.html
.html .vbs polyglot
APM 08279+5255-safety/Release/upx-4.2.1-win32/upx-doc.txt
.vbs
APM 08279+5255-safety/Release/upx-4.2.1-win32/upx.1
.vbs
APM 08279+5255-safety/Release/upx-4.2.1-win32/upx.exe
.exe windows:4 windows x86 arch:x86

Password: 1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM 08279+5255-safety/x64/Release/APM 08279+5255-safety.iobj
APM 08279+5255-safety/x64/Release/APM 08279+5255-safety.ipdb
APM 08279+5255-safety/x64/Release/APM 08279+5255-safety.pdb
APM 08279+5255-safety/x64/Release/APM 08279+5255-safety.x64.exe
.exe windows:5 windows x64 arch:x64

Password: 1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/COPYING
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/LICENSE
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/NEWS
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/README
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/THANKS.txt
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/upx-doc.html
.html .vbs polyglot
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/upx-doc.txt
.vbs
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/upx.1
.vbs
APM 08279+5255-safety/x64/Release/upx-4.2.1-win32/upx.exe
.exe windows:4 windows x86 arch:x86

Password: 1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM 08279+5255/APM 08279+5255-safety.x64.exe
.exe windows:5 windows x64 arch:x64

Password: 1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APM 08279+5255/APM 08279+5255-safety.x86.exe
.exe windows:5 windows x86 arch:x86

Password: 1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 212KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APM 08279+5255/APM 08279+5255.exe (pass MerryChristmas).zip
.zip
APM 08279+5255/APM 08279+5255.exe.zip
.zip
APM 08279+5255/APM 08279+5255.sln
APM 08279+5255/APM 08279+5255.x64.exe
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM 08279+5255/APM 08279+5255.x86.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM 08279+5255/APM 08279+5255/APM 08279+5255.cpp
APM 08279+5255/APM 08279+5255/APM 08279+5255.vcxproj
.xml
APM 08279+5255/APM 08279+5255/APM 08279+5255.vcxproj.filters
APM 08279+5255/APM 08279+5255/APM 08279+5255.vcxproj.user
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.Build.CppClean.log
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.log
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.obj
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/APM 08279+5255.lastbuildstate
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/CL.command.1.tlog
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/CL.read.1.tlog
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/CL.write.1.tlog
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/link.command.1.tlog
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/link.read.1.tlog
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/link.write.1.tlog
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/rc.command.1.tlog
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/rc.read.1.tlog
APM 08279+5255/APM 08279+5255/Release/APM 08279+5255.tlog/rc.write.1.tlog
APM 08279+5255/APM 08279+5255/Release/Resource.res
APM 08279+5255/APM 08279+5255/Release/vc140.pdb
APM 08279+5255/APM 08279+5255/Resource.aps
APM 08279+5255/APM 08279+5255/Resource.rc
APM 08279+5255/APM 08279+5255/amogus.h
APM 08279+5255/APM 08279+5255/costume1_13.ico
APM 08279+5255/APM 08279+5255/resource.h
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.log
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.obj
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/APM 08279+5255.lastbuildstate
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/CL.command.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/CL.read.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/CL.write.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/link.command.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/link.read.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/link.write.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/rc.command.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/rc.read.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/APM 08279+5255.tlog/rc.write.1.tlog
APM 08279+5255/APM 08279+5255/x64/Release/Resource.res
APM 08279+5255/APM 08279+5255/x64/Release/vc140.pdb
APM 08279+5255/MBR/.github/FUNDING.yml
APM 08279+5255/MBR/.gitignore
APM 08279+5255/MBR/80186.inc
APM 08279+5255/MBR/80286.inc
APM 08279+5255/MBR/80287.inc
APM 08279+5255/MBR/80386.inc
.vbs
APM 08279+5255/MBR/80387.inc
APM 08279+5255/MBR/8086.inc
APM 08279+5255/MBR/8087.inc
APM 08279+5255/MBR/LICENSE (b2plasma.asm)
APM 08279+5255/MBR/Makefile
APM 08279+5255/MBR/QEMU/SDL.dll
.dll windows:4 windows x86 arch:x86

07715dfbd2fb762d2b3fd8ef4273adc9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

gdi32

BitBlt
ChoosePixelFormat
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreatePalette
DeleteDC
DeleteObject
DescribePixelFormat
GetDIBits
GetDeviceGammaRamp
GetSystemPaletteEntries
GetSystemPaletteUse
RealizePalette
SelectObject
SelectPalette
SetDIBColorTable
SetDeviceGammaRamp
SetPaletteEntries
SetPixelFormat
SetSystemPaletteUse
SwapBuffers
UnrealizeObject

kernel32

CloseHandle
CreateFileA
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetACP
GetCurrentThread
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentVariableA
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetProcAddress
GetVersionExA
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
ReleaseMutex
ReleaseSemaphore
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetThreadPriority
Sleep
TerminateThread
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

_strdup
__dllonexit
__lc_codepage
__mb_cur_max
_beginthreadex
_endthreadex
_errno
_iob
_isctype
_pctype
_stricmp
atof
atoi
fclose
fflush
fputc
fread
free
fseek
ftell
fwrite
getenv
localeconv
log
malloc
memcpy
memset
pow
qsort
raise
realloc
signal
sscanf
strchr
strlen
strstr
wcslen

user32

AdjustWindowRect
AdjustWindowRectEx
BeginPaint
CallWindowProcA
ChangeDisplaySettingsA
ClientToScreen
ClipCursor
CreateCursor
CreateIconFromResourceEx
CreateWindowExA
DefWindowProcA
DestroyCursor
DestroyIcon
DestroyWindow
DispatchMessageA
EndPaint
EnumDisplaySettingsA
GetClassInfoA
GetClientRect
GetCursor
GetCursorPos
GetDC
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutNameA
GetKeyboardState
GetMenu
GetMessageA
GetSystemMetrics
GetWindowLongA
GetWindowRect
InvalidateRect
IsZoomed
KillTimer
LoadImageA
LoadKeyboardLayoutA
MapVirtualKeyExA
MapWindowPoints
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
ReleaseCapture
ReleaseDC
SetCapture
SetClassLongA
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
ToAsciiEx
ToUnicode
TranslateMessage
UnregisterClassA
WindowFromPoint

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx
mciGetErrorStringA
mciSendCommandA
timeBeginPeriod
timeEndPeriod
timeGetTime
timeKillEvent
timeSetEvent
waveOutClose
waveOutGetErrorTextA
waveOutOpen
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

SDL_AddTimer
SDL_AllocRW
SDL_AudioDriverName
SDL_AudioInit
SDL_AudioQuit
SDL_BuildAudioCVT
SDL_CDClose
SDL_CDEject
SDL_CDName
SDL_CDNumDrives
SDL_CDOpen
SDL_CDPause
SDL_CDPlay
SDL_CDPlayTracks
SDL_CDResume
SDL_CDStatus
SDL_CDStop
SDL_ClearError
SDL_CloseAudio
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_ConvertAudio
SDL_ConvertSurface
SDL_CreateCond
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateSemaphore
SDL_CreateThread
SDL_CreateYUVOverlay
SDL_Delay
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroySemaphore
SDL_DisplayFormat
SDL_DisplayFormatAlpha
SDL_DisplayYUVOverlay
SDL_EnableKeyRepeat
SDL_EnableUNICODE
SDL_Error
SDL_EventState
SDL_FillRect
SDL_Flip
SDL_FreeCursor
SDL_FreeRW
SDL_FreeSurface
SDL_FreeWAV
SDL_FreeYUVOverlay
SDL_GL_GetAttribute
SDL_GL_GetProcAddress
SDL_GL_LoadLibrary
SDL_GL_Lock
SDL_GL_SetAttribute
SDL_GL_SwapBuffers
SDL_GL_Unlock
SDL_GL_UpdateRects
SDL_GetAppState
SDL_GetAudioStatus
SDL_GetClipRect
SDL_GetCursor
SDL_GetError
SDL_GetEventFilter
SDL_GetGammaRamp
SDL_GetKeyName
SDL_GetKeyRepeat
SDL_GetKeyState
SDL_GetModState
SDL_GetMouseState
SDL_GetRGB
SDL_GetRGBA
SDL_GetRelativeMouseState
SDL_GetThreadID
SDL_GetTicks
SDL_GetVideoInfo
SDL_GetVideoSurface
SDL_GetWMInfo
SDL_Has3DNow
SDL_Has3DNowExt
SDL_HasAltiVec
SDL_HasMMX
SDL_HasMMXExt
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_Init
SDL_InitSubSystem
SDL_JoystickClose
SDL_JoystickEventState
SDL_JoystickGetAxis
SDL_JoystickGetBall
SDL_JoystickGetButton
SDL_JoystickGetHat
SDL_JoystickIndex
SDL_JoystickName
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickOpened
SDL_JoystickUpdate
SDL_KillThread
SDL_Linked_Version
SDL_ListModes
SDL_LoadBMP_RW
SDL_LoadFunction
SDL_LoadObject
SDL_LoadWAV_RW
SDL_LockAudio
SDL_LockSurface
SDL_LockYUVOverlay
SDL_LowerBlit
SDL_MapRGB
SDL_MapRGBA
SDL_MixAudio
SDL_NumJoysticks
SDL_OpenAudio
SDL_PauseAudio
SDL_PeepEvents
SDL_PollEvent
SDL_PumpEvents
SDL_PushEvent
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromConstMem
SDL_RWFromFP
SDL_RWFromFile
SDL_RWFromMem
SDL_ReadBE16
SDL_ReadBE32
SDL_ReadBE64
SDL_ReadLE16
SDL_ReadLE32
SDL_ReadLE64
SDL_RegisterApp
SDL_RemoveTimer
SDL_SaveBMP_RW
SDL_SemPost
SDL_SemTryWait
SDL_SemValue
SDL_SemWait
SDL_SemWaitTimeout
SDL_SetAlpha
SDL_SetClipRect
SDL_SetColorKey
SDL_SetColors
SDL_SetCursor
SDL_SetError
SDL_SetEventFilter
SDL_SetGamma
SDL_SetGammaRamp
SDL_SetModState
SDL_SetModuleHandle
SDL_SetPalette
SDL_SetTimer
SDL_SetVideoMode
SDL_ShowCursor
SDL_SoftStretch
SDL_ThreadID
SDL_UnloadObject
SDL_UnlockAudio
SDL_UnlockSurface
SDL_UnlockYUVOverlay
SDL_UnregisterApp
SDL_UpdateRect
SDL_UpdateRects
SDL_UpperBlit
SDL_VideoDriverName
SDL_VideoInit
SDL_VideoModeOK
SDL_VideoQuit
SDL_WM_GetCaption
SDL_WM_GrabInput
SDL_WM_IconifyWindow
SDL_WM_SetCaption
SDL_WM_SetIcon
SDL_WM_ToggleFullScreen
SDL_WaitEvent
SDL_WaitThread
SDL_WarpMouse
SDL_WasInit
SDL_WriteBE16
SDL_WriteBE32
SDL_WriteBE64
SDL_WriteLE16
SDL_WriteLE32
SDL_WriteLE64
SDL_getenv
SDL_iconv
SDL_iconv_close
SDL_iconv_open
SDL_iconv_string
SDL_mutexP
SDL_mutexV
SDL_putenv
SDL_strlcat
SDL_strlcpy

Sections

.text
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_DISCARDABLE

/19
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_MEM_DISCARDABLE

/35
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_MEM_DISCARDABLE

/47
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_MEM_DISCARDABLE

/61
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_MEM_DISCARDABLE

/73
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_MEM_DISCARDABLE

/86
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE

/97
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_MEM_DISCARDABLE

/108
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_MEM_DISCARDABLE
APM 08279+5255/MBR/QEMU/bios.bin
APM 08279+5255/MBR/QEMU/libcurl-4.dll
.dll windows:4 windows x86 arch:x86

591bfb96218654ea9677f9b7123d0d31

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateMutexA
DuplicateHandle
ExpandEnvironmentStringsA
FindAtomA
FormatMessageA
FreeLibrary
GetAtomNameA
GetCurrentProcess
GetExitCodeThread
GetFileType
GetLastError
GetProcAddress
GetStdHandle
GetTickCount
LoadLibraryA
PeekNamedPipe
ReadFile
ReleaseMutex
SetEvent
SetLastError
Sleep
SleepEx
TerminateThread
WaitForMultipleObjects
WaitForSingleObject

msvcrt

_close
_open
_read
_strdup
_stricmp
__dllonexit
__mb_cur_max
_beginthreadex
_errno
_fstati64
_iob
_isctype
_lseeki64
_pctype
_stati64
_stricmp
_strnicmp
_sys_nerr
abort
atoi
calloc
fclose
fflush
fgets
fopen
fprintf
fputc
fread
free
fseek
fwrite
getenv
gmtime
malloc
mbstowcs
memchr
memcpy
memmove
memset
rand
realloc
setlocale
sprintf
srand
sscanf
strchr
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtol
strtoul
time
tolower
wcstombs

wldap32

ber_free
ldap_err2stringA
ldap_first_attributeA
ldap_first_entry
ldap_get_dnA
ldap_get_values_lenA
ldap_initA
ldap_memfreeA
ldap_msgfree
ldap_next_attributeA
ldap_next_entry
ldap_search_sA
ldap_set_optionA
ldap_simple_bind_sA
ldap_unbind_s
ldap_value_free_len

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyname
getsockname
getsockopt
htons
ioctlsocket
listen
ntohs
recv
recvfrom
select
send
sendto
setsockopt
socket

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_version
curl_version_info

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 512B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APM 08279+5255/MBR/QEMU/pxe-e1000.bin
APM 08279+5255/MBR/QEMU/qemu.exe
.exe windows:4 windows x86 arch:x86

9334847cc8edb5e7f67fbdf914c4dd65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

sdl

SDL_CloseAudio
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurfaceFrom
SDL_CreateSemaphore
SDL_DestroyMutex
SDL_DestroySemaphore
SDL_EnableKeyRepeat
SDL_EnableUNICODE
SDL_FillRect
SDL_FreeCursor
SDL_FreeSurface
SDL_GetAppState
SDL_GetCursor
SDL_GetError
SDL_GetModState
SDL_GetMouseState
SDL_GetVideoInfo
SDL_Init
SDL_InitSubSystem
SDL_LoadBMP_RW
SDL_MapRGB
SDL_OpenAudio
SDL_PauseAudio
SDL_PollEvent
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromFile
SDL_SemPost
SDL_SemWait
SDL_SetColorKey
SDL_SetCursor
SDL_SetModuleHandle
SDL_SetVideoMode
SDL_ShowCursor
SDL_UpdateRect
SDL_UpperBlit
SDL_WM_GrabInput
SDL_WM_SetCaption
SDL_WM_SetIcon
SDL_WarpMouse
SDL_mutexP
SDL_mutexV
SDL_strlcpy

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

libcurl-4

curl_easy_cleanup
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_setopt
curl_global_init
curl_multi_add_handle
curl_multi_cleanup
curl_multi_info_read
curl_multi_init
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket_all

iphlpapi

GetNetworkParams

kernel32

AddAtomA
ChangeTimerQueueTimer
ClearCommError
CloseHandle
CommConfigDialogA
ConnectNamedPipe
CreateEventA
CreateFileA
CreateNamedPipeA
CreateSemaphoreA
CreateThread
CreateTimerQueueTimer
DeleteCriticalSection
DeleteTimerQueueTimer
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FindAtomA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetAtomNameA
GetCommandLineA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetDefaultCommConfigA
GetDiskFreeSpaceExA
GetDriveTypeA
GetFileAttributesA
GetFileSize
GetLastError
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleHandleA
GetOverlappedResult
GetProcessAffinityMask
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetVersion
GlobalAlloc
GlobalFree
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LocalFree
MultiByteToWideChar
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
ReadFile
ReleaseSemaphore
ResetEvent
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCtrlHandler
SetEndOfFile
SetEvent
SetFilePointer
SetProcessAffinityMask
SetUnhandledExceptionFilter
SetupComm
SignalObjectAndWait
Sleep
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
WriteFileEx
lstrlenA

msvcrt

_access
_close
_dup2
_fdopen
_fstat
_getpid
_mkdir
_open
_pclose
_popen
_putenv
_read
_rmdir
_stat
_strdup
_unlink
_write
__getmainargs
__lc_codepage
__mb_cur_max
__p__environ
__p__fmode
__set_app_type
_assert
_beginthreadex
_cexit
_commit
_errno
_exit
_findclose
_findfirst
_findnext
_ftime
_fullpath
_get_osfhandle
_iob
_isctype
_lseeki64
_onexit
_pctype
_setjmp
_setmode
_stricmp
_strnicmp
abort
atan2
atexit
atoi
bsearch
calloc
ceil
clearerr
cos
exit
fclose
fflush
fgets
floor
fopen
fputc
fread
free
fseek
ftell
fwrite
getenv
gmtime
ldexp
localeconv
localtime
log
longjmp
malloc
memchr
memcpy
memmove
memset
mktime
modf
perror
pow
puts
qsort
rand
realloc
rename
setbuf
signal
sin
sqrt
srand
sscanf
strchr
strcmp
strcpy
strerror
strftime
strlen
strncmp
strncpy
strrchr
strstr
strtok
strtol
strtoul
tan
time
tolower
toupper
wcslen

winmm

waveInAddBuffer
waveInClose
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInStop
waveInUnprepareHeader
waveOutClose
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutUnprepareHeader
waveOutWrite

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
getnameinfo
getpeername
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 678KB - Virtual size: 677KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM 08279+5255/MBR/QEMU/vgabios-cirrus.bin
APM 08279+5255/MBR/README.md
APM 08279+5255/MBR/b2plasma.asm
APM 08279+5255/MBR/fasmg/docs/fasmg.txt
.vbs
APM 08279+5255/MBR/fasmg/docs/manual.txt
.vbs
APM 08279+5255/MBR/fasmg/examples/8051/8051.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/8051/hex.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/8051/invert.asm
APM 08279+5255/MBR/fasmg/examples/8051/make.cmd
APM 08279+5255/MBR/fasmg/examples/avr/avr.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/avr/counter.asm
APM 08279+5255/MBR/fasmg/examples/avr/m16def.inc
APM 08279+5255/MBR/fasmg/examples/avr/make.cmd
APM 08279+5255/MBR/fasmg/examples/jvm/Test.asm
APM 08279+5255/MBR/fasmg/examples/jvm/bytecode.inc
APM 08279+5255/MBR/fasmg/examples/jvm/jclass.inc
APM 08279+5255/MBR/fasmg/examples/jvm/make.cmd
APM 08279+5255/MBR/fasmg/examples/x86/hello.asm
APM 08279+5255/MBR/fasmg/examples/x86/include/80186.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/80286.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/80287.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/80386.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/80387.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/80486.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/8086.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/8087.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/adx.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/aes.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx2.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512_4vnniw.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512_bitalg.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512_ifma.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512_vbmi.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512_vbmi2.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512_vnni.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512_vpopcntdq.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512bw.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512cd.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512dq.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512er.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512f.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512pf.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/avx512vl.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/bmi1.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/bmi2.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/cet_ibt.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/cet_ss.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/f16c.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/fma.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/fsgsbase.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/gfni.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/hle.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/invpcid.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/mmx.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/movdir64b.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/movdiri.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/mpx.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/pclmulqdq.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/ptwrite.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/rdrand.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/rdseed.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/rdtscp.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/rtm.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/smx.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/sse.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/sse2.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/sse3.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/sse4.1.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/sse4.2.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/ssse3.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/vaes.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/vmx.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/vpclmulqdq.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/ext/xsave.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/coff.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/coffms.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/elf32.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/elf64.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/elfexe.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/format.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/macho.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/mz.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/format/pe.inc
.vbs
APM 08279+5255/MBR/fasmg/examples/x86/include/p5.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/p6.inc
APM 08279+5255/MBR/fasmg/examples/x86/include/x64.inc
APM 08279+5255/MBR/fasmg/examples/x86/life.asm
APM 08279+5255/MBR/fasmg/examples/x86/make.cmd
APM 08279+5255/MBR/fasmg/examples/x86/mandel.asm
APM 08279+5255/MBR/fasmg/examples/x86/multiseg.asm
APM 08279+5255/MBR/fasmg/examples/x86/usedpmi.asm
APM 08279+5255/MBR/fasmg/examples/x86/win32.asm
APM 08279+5255/MBR/fasmg/examples/x86/win64.asm
APM 08279+5255/MBR/fasmg/examples/x86/win64avx.asm
APM 08279+5255/MBR/fasmg/fasmg
.elf linux x86
APM 08279+5255/MBR/fasmg/fasmg.exe
.exe windows:1 windows x86 arch:x86

b64e7c229592686a7c9c97ea2f663d9d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetCommandLineA
GetEnvironmentVariableA
GetStdHandle
GetSystemTime
GetTickCount
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
ReadFile
SetFilePointer
SystemTimeToFileTime
WriteFile
GetLastError

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
APM 08279+5255/MBR/fasmg/fasmg.x64
.elf linux x64
APM 08279+5255/MBR/fasmg/license.txt
APM 08279+5255/MBR/fasmg/readme.txt
APM 08279+5255/MBR/fasmg/source/assembler.inc
.vbs
APM 08279+5255/MBR/fasmg/source/calm.inc
APM 08279+5255/MBR/fasmg/source/conditions.inc
APM 08279+5255/MBR/fasmg/source/console.inc
APM 08279+5255/MBR/fasmg/source/directives.inc
APM 08279+5255/MBR/fasmg/source/dos/fasmg.asm
APM 08279+5255/MBR/fasmg/source/dos/selfhost.inc
APM 08279+5255/MBR/fasmg/source/dos/system.inc
APM 08279+5255/MBR/fasmg/source/errors.inc
APM 08279+5255/MBR/fasmg/source/expressions.inc
APM 08279+5255/MBR/fasmg/source/floats.inc
APM 08279+5255/MBR/fasmg/source/libc/ccall.inc
.vbs
APM 08279+5255/MBR/fasmg/source/libc/fasmg.asm
APM 08279+5255/MBR/fasmg/source/libc/selfhost.inc
.vbs
APM 08279+5255/MBR/fasmg/source/libc/struct.inc
APM 08279+5255/MBR/fasmg/source/libc/system.inc
APM 08279+5255/MBR/fasmg/source/linux/fasmg.asm
APM 08279+5255/MBR/fasmg/source/linux/selfhost.inc
.vbs
APM 08279+5255/MBR/fasmg/source/linux/system.inc
APM 08279+5255/MBR/fasmg/source/linux/x64/32on64.inc
.vbs
APM 08279+5255/MBR/fasmg/source/linux/x64/fasmg.asm
APM 08279+5255/MBR/fasmg/source/linux/x64/selfhost.inc
APM 08279+5255/MBR/fasmg/source/linux/x64/system.inc
APM 08279+5255/MBR/fasmg/source/macos/fasmg
.macho macos arch:x86
APM 08279+5255/MBR/fasmg/source/macos/fasmg.asm
APM 08279+5255/MBR/fasmg/source/macos/fasmg.o.asm
APM 08279+5255/MBR/fasmg/source/macos/selfhost.inc
APM 08279+5255/MBR/fasmg/source/macos/system.inc
APM 08279+5255/MBR/fasmg/source/macos/x64/fasmg
.macho macos arch:x64
APM 08279+5255/MBR/fasmg/source/macos/x64/fasmg.asm
APM 08279+5255/MBR/fasmg/source/macos/x64/selfhost.inc
APM 08279+5255/MBR/fasmg/source/macos/x64/system.inc
APM 08279+5255/MBR/fasmg/source/malloc.inc
APM 08279+5255/MBR/fasmg/source/map.inc
APM 08279+5255/MBR/fasmg/source/messages.inc
APM 08279+5255/MBR/fasmg/source/output.inc
APM 08279+5255/MBR/fasmg/source/reader.inc
APM 08279+5255/MBR/fasmg/source/symbols.inc
.vbs
APM 08279+5255/MBR/fasmg/source/tables.inc
APM 08279+5255/MBR/fasmg/source/variables.inc
APM 08279+5255/MBR/fasmg/source/version.inc
APM 08279+5255/MBR/fasmg/source/windows/dll/fasmg.asm
APM 08279+5255/MBR/fasmg/source/windows/dll/localptr.inc
.vbs
APM 08279+5255/MBR/fasmg/source/windows/dll/selfhost.inc
.vbs
APM 08279+5255/MBR/fasmg/source/windows/dll/system.inc
APM 08279+5255/MBR/fasmg/source/windows/fasmg.asm
APM 08279+5255/MBR/fasmg/source/windows/kernel32.inc
APM 08279+5255/MBR/fasmg/source/windows/selfhost.inc
.vbs
APM 08279+5255/MBR/fasmg/source/windows/system.inc
APM 08279+5255/MBR/mbr.img
APM 08279+5255/MBR/run.bat
APM 08279+5255/Release/APM 08279+5255 beta 1.exe
.exe windows:5 windows x86 arch:x86

7bc0bcf86f9f43ab17347dda5ee9facb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\MSI\source\repos\APM 08279+5255\Release\APM 08279+5255.pdb

Imports

kernel32

HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
GetTickCount
ExitProcess
GetProcAddress
CreateThread
LoadLibraryW
CloseHandle
LoadLibraryA
TerminateThread
Sleep
CreateFileW
VirtualAlloc
WriteFile
GetCurrentProcess
HeapSize
GetProcessHeap
GetStringTypeW
GetFileType
SetStdHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
GetLastError
SetLastError
RtlUnwind
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
DecodePointer

user32

GetDC
InvalidateRect
GetSystemMetrics
MessageBoxW
ReleaseDC

gdi32

BitBlt
CreateCompatibleBitmap
CreateFontA
SelectObject
CreateDIBSection
CreateCompatibleDC
StretchBlt
GetBitmapBits
DeleteDC
SetTextColor
TextOutA
SetBitmapBits
SetBkMode
DeleteObject
CreateBitmap

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken

winmm

waveOutOpen
waveOutClose
waveOutUnprepareHeader
waveOutWrite
waveOutPrepareHeader

msimg32

AlphaBlend

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
APM 08279+5255/Release/APM 08279+5255 beta 2 (pass apm).zip
.zip
APM 08279+5255/Release/APM 08279+5255.iobj
APM 08279+5255/Release/APM 08279+5255.ipdb
APM 08279+5255/Release/APM 08279+5255.pdb
APM 08279+5255/Release/APM 08279+5255.x86.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM 08279+5255/Release/upx-4.2.1-win32/COPYING
APM 08279+5255/Release/upx-4.2.1-win32/LICENSE
APM 08279+5255/Release/upx-4.2.1-win32/NEWS
APM 08279+5255/Release/upx-4.2.1-win32/README
APM 08279+5255/Release/upx-4.2.1-win32/THANKS.txt
APM 08279+5255/Release/upx-4.2.1-win32/upx-doc.html
.html .vbs polyglot
APM 08279+5255/Release/upx-4.2.1-win32/upx-doc.txt
.vbs
APM 08279+5255/Release/upx-4.2.1-win32/upx.1
.vbs
APM 08279+5255/Release/upx-4.2.1-win32/upx.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM 08279+5255/readme.txt
APM 08279+5255/x64/Release/APM 08279+5255.iobj
APM 08279+5255/x64/Release/APM 08279+5255.ipdb
APM 08279+5255/x64/Release/APM 08279+5255.pdb
APM 08279+5255/x64/Release/APM 08279+5255.x64.exe
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 224KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM 08279+5255/x64/Release/upx-4.2.1-win32/COPYING
APM 08279+5255/x64/Release/upx-4.2.1-win32/LICENSE
APM 08279+5255/x64/Release/upx-4.2.1-win32/NEWS
APM 08279+5255/x64/Release/upx-4.2.1-win32/README
APM 08279+5255/x64/Release/upx-4.2.1-win32/THANKS.txt
APM 08279+5255/x64/Release/upx-4.2.1-win32/upx-doc.html
.html .vbs polyglot
APM 08279+5255/x64/Release/upx-4.2.1-win32/upx-doc.txt
.vbs
APM 08279+5255/x64/Release/upx-4.2.1-win32/upx.1
.vbs
APM 08279+5255/x64/Release/upx-4.2.1-win32/upx.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
APM-08279-5255.exe-Malware-main/APM 08279+5255.exe.zip
.zip
APM-08279-5255.exe-Malware-main/LICENSE
APM-08279-5255.exe-Malware-main/README.md

Sharing

General

Malware Config

Signatures

Files

Password: 1

Password: 1

Password: 1

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 212KB

UPX1 Size: 50KB - Virtual size: 52KB

.rsrc Size: 119KB - Virtual size: 120KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 75KB - Virtual size: 75KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 176B

.rsrc Size: 118KB - Virtual size: 118KB

.reloc Size: 6KB - Virtual size: 5KB

Password: 1

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.6MB

UPX1 Size: 544KB - Virtual size: 544KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.bss Size: - Virtual size: 12KB

.idata Size: 4KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 56B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

Password: 1

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 224KB

UPX1 Size: 60KB - Virtual size: 60KB

.rsrc Size: 119KB - Virtual size: 120KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 85KB - Virtual size: 84KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 2KB - Virtual size: 6KB

.pdata Size: 4KB - Virtual size: 4KB

.gfids Size: 512B - Virtual size: 164B

.rsrc Size: 118KB - Virtual size: 118KB

.reloc Size: 2KB - Virtual size: 1KB

Password: 1

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 1.6MB

UPX1 Size: 544KB - Virtual size: 544KB

.rsrc Size: 2KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 1.0MB - Virtual size: 1.0MB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.bss Size: - Virtual size: 12KB

.idata Size: 4KB - Virtual size: 4KB

.CRT Size: 512B - Virtual size: 56B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 212KB

UPX1
Size: 50KB - Virtual size: 52KB

.rsrc
Size: 119KB - Virtual size: 120KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 176B

.rsrc
Size: 118KB - Virtual size: 118KB

.reloc
Size: 6KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 1.6MB

UPX1
Size: 544KB - Virtual size: 544KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.bss
Size: - Virtual size: 12KB

.idata
Size: 4KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 56B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 224KB

UPX1
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 119KB - Virtual size: 120KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 2KB - Virtual size: 6KB

.pdata
Size: 4KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 164B

.rsrc
Size: 118KB - Virtual size: 118KB

.reloc
Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 1.6MB

UPX1
Size: 544KB - Virtual size: 544KB

.rsrc
Size: 2KB - Virtual size: 4KB

.text
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.bss
Size: - Virtual size: 12KB

.idata
Size: 4KB - Virtual size: 4KB

.CRT
Size: 512B - Virtual size: 56B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 224KB

UPX1
Size: 60KB - Virtual size: 60KB

.rsrc
Size: 119KB - Virtual size: 120KB

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 2KB - Virtual size: 6KB

.pdata
Size: 4KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 164B

.rsrc
Size: 118KB - Virtual size: 118KB

.reloc
Size: 2KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 212KB

UPX1
Size: 50KB - Virtual size: 52KB

.rsrc
Size: 119KB - Virtual size: 120KB

.text
Size: 75KB - Virtual size: 75KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 4KB

.gfids
Size: 512B - Virtual size: 176B

.rsrc
Size: 118KB - Virtual size: 118KB

.reloc
Size: 6KB - Virtual size: 5KB

UPX0
Size: - Virtual size: 224KB

UPX1
Size: 62KB - Virtual size: 64KB

.rsrc
Size: 119KB - Virtual size: 120KB

UPX0
Size: - Virtual size: 220KB

UPX1
Size: 52KB - Virtual size: 56KB

.rsrc
Size: 119KB - Virtual size: 120KB