3c696da08882a2b14ba1ccd5033ef506_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c696da08882a2b14ba1ccd5033ef506_JaffaCakes118
Size

1.6MB
MD5

3c696da08882a2b14ba1ccd5033ef506
SHA1

d88bcb2d660628d15d7fd34007d18c309538d568
SHA256

2823282f1add245e18d402ca33a956f9a517a6c7ea69818636ee160bace7236b
SHA512

2268201467a11451b5114c786e7f83196783cf69c6fc49becbf2e11c67c306d1feeae070eb8077ed5d62c7a906a58bf9e51713b4eddfb05ca3f8ef85ca12ca45
SSDEEP

49152:vLtIi9WEtQppLXWeyGeX7be0wd4OQQImyS0fHx9tWmIl:vxIiMbpJXfi7yZ6/LRf3tWmIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 29 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a2560nt.sys
unpack001/aic5900.sys
unpack001/alifir.sys
unpack001/arcsrv32.exe
unpack001/arp.exe
unpack001/atmadm.exe
unpack001/atmlane.sys
unpack001/atmuni.sys
unpack001/bkupagnt.exe
unpack001/blutok.sys
unpack001/cbe.sys
unpack001/ce3.sys
unpack001/ditrace.exe
unpack001/ftp.exe
unpack001/ipconfig.exe
unpack001/ndspp.nw4
unpack001/netstat.exe
unpack001/nwapi32.nw4
unpack001/nwlscon.exe
unpack001/nwlsproc.exe
unpack001/nwlsproc.nw4
unpack001/nwnp32.nw4
unpack001/ping.exe
unpack001/route.exe
unpack001/rsvp.exe
unpack001/telnet.exe
unpack001/tracert.exe
unpack001/trcdlc.exe
unpack001/winipcfg.exe

Files

3c696da08882a2b14ba1ccd5033ef506_JaffaCakes118
.cab
a2560nt.sys
.sys windows:4 windows x86 arch:x86

9de0e8b1b1dad60f687a30e73be09239

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hal

READ_PORT_ULONG
WRITE_PORT_UCHAR
WRITE_PORT_ULONG
READ_PORT_USHORT
WRITE_PORT_USHORT
KeStallExecutionProcessor
READ_PORT_UCHAR

ndis.sys

NdisMFreeSharedMemory
NdisFreeMemory
NdisMFreeMapRegisters
NdisMDeregisterIoPortRange
NdisTerminateWrapper
NdisMRegisterMiniport
NdisInitializeWrapper
NdisMIndicateStatus
NdisWriteErrorLogEntry
NdisMDeregisterInterrupt
NdisMCancelTimer
NdisMDeregisterAdapterShutdownHandler
NdisMInitializeTimer
NdisMRegisterAdapterShutdownHandler
NdisMRegisterInterrupt
NdisMPciAssignResources
NdisMSetAttributes
NdisCloseConfiguration
NdisReadNetworkAddress
NdisOpenConfiguration
NdisAllocateMemory
NdisSetTimer
EthFilterDprIndicateReceiveComplete
NdisQueryBuffer
NdisMStartBufferPhysicalMapping
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisMCompleteBufferPhysicalMapping
EthFilterDprIndicateReceive
NdisMRegisterIoPortRange
NdisMAllocateSharedMemory
NdisMMapIoSpace
NdisMAllocateMapRegisters
NdisReadPciSlotInformation
NdisWritePciSlotInformation
NdisReadConfiguration

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
aic5900.sys
.sys windows:5 windows x86 arch:x86

a8e148803560dbbf5e812a2554a01e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntoskrnl.exe

WRITE_REGISTER_ULONG
WRITE_REGISTER_UCHAR
ExInterlockedAddLargeStatistic

hal

KeStallExecutionProcessor

ndis.sys

NdisMRegisterIoPortRange
NdisDprReleaseSpinLock
NdisMSetAttributesEx
NdisAllocateMemory
NdisMRegisterMiniport
NdisInitializeWrapper
NdisCloseConfiguration
NdisReadConfiguration
NdisOpenConfiguration
NdisWritePciSlotInformation
NdisReadPciSlotInformation
NdisMPciAssignResources
NdisFreeMemory
NdisAllocateMemoryWithTag
NdisMMapIoSpace
NdisMDeregisterInterrupt
NdisMUnmapIoSpace
NdisMDeregisterIoPortRange
NdisMFreeMapRegisters
NdisMFreeSharedMemory
NdisFreeSpinLock
NdisMAllocateMapRegisters
NdisQueryMapRegisterCount
NdisMAllocateSharedMemory
NdisAllocateSpinLock
NdisMRegisterAdapterShutdownHandler
NdisMRegisterInterrupt
NdisMAllocateSharedMemoryAsync
NdisAllocateBufferPool
NdisDprAcquireSpinLock
NdisMSynchronizeWithInterrupt
NdisMCoReceiveComplete
NdisReleaseSpinLock
NdisAcquireSpinLock
NdisFreePacketPool
NdisFreeBufferPool
NdisFreePacket
NdisFreeBuffer
NdisAllocatePacket
NdisAllocateBuffer
NdisMCoIndicateReceivePacket
NDIS_BUFFER_TO_SPAN_PAGES
NdisAllocatePacketPool
NdisQueryBufferOffset
NdisAdjustBufferLength
NdisInterlockedIncrement
NdisMCoActivateVcComplete
NdisMCoDeactivateVcComplete
NdisQueryBuffer
NdisMCoSendComplete
NdisMStartBufferPhysicalMapping
NdisMCompleteBufferPhysicalMapping

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 320B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 896B - Virtual size: 874B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
alifir.sys
.sys windows:4 windows x86 arch:x86

ad8f2c4f08c3ee05335bff0c02b7e98b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hal

WRITE_PORT_UCHAR
READ_PORT_UCHAR
KeStallExecutionProcessor

ndis.sys

NdisFreeBuffer
NdisUnchainBufferAtFront
NdisMDeregisterIoPortRange
NdisAllocateBuffer
NdisMSynchronizeWithInterrupt
NdisMRegisterInterrupt
NdisMRegisterIoPortRange
NdisMSetAttributesEx
NdisCompleteDmaTransfer
NdisMRegisterMiniport
NdisInitializeWrapper
NdisSetupDmaTransfer
NdisMRegisterDmaChannel
NdisAllocateBufferPool
NdisFreeBufferPool
NdisMDeregisterDmaChannel
NdisQueryBuffer
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisAllocateMemory
NdisFreeMemory
NdisAllocatePacket
NdisAllocatePacketPoolEx
NdisFreePacketPool
NdisFreePacket

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 992B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 192B - Virtual size: 177B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 928B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 480B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
arcsrv32.exe
.exe windows:1 windows x86 arch:x86

b3ff41beb757b0f733ac7559405b84d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

recv
WSACleanup
listen
closesocket
accept
send
WSAStartup
socket
bind
getsockname
WSAGetLastError

winmm

timeGetTime

mpr

WNetCloseEnum
WNetGetNetworkInformationA
WNetEnumResourceA
WNetOpenEnumA

advapi32

GetUserNameA
RegCreateKeyExA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
RegOpenKeyA
RegQueryValueExA

kernel32

TlsAlloc
TlsGetValue
LocalAlloc
GetVersion
WritePrivateProfileStringA
SetFilePointer
FlushFileBuffers
SetEndOfFile
GetFullPathNameA
InitializeCriticalSection
DeleteCriticalSection
FindResourceA
GlobalUnlock
GlobalLock
lstrcmpiA
lstrcmpA
RtlUnwind
GetStartupInfoA
GetEnvironmentStrings
GetCommandLineA
RaiseException
TlsFree
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
SetUnhandledExceptionFilter
SetStdHandle
LoadResource
LockResource
FreeResource
GlobalAddAtomA
LoadLibraryA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
GlobalFree
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
FreeLibrary
GetModuleHandleA
GetModuleFileNameA
GetLogicalDrives
GetDriveTypeA
GetVolumeInformationA
CreateProcessA
ReadFile
GetLocalTime
FindNextFileA
Sleep
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
FindFirstFileA
CreateDirectoryA
FindClose
WriteFile
GetWindowsDirectoryA
CreateFileA
SetFileAttributesA
BackupWrite
DeleteFileA
CreateThread
GetLastError
CreateMutexA
WaitForSingleObject
CloseHandle
ExitProcess
SetErrorMode
lstrcpyA
GlobalGetAtomNameA
lstrcatA

user32

RemovePropA
GetPropA
SetPropA
CreateWindowExA
DestroyWindow
DefWindowProcA
CallWindowProcA
GetWindowTextA
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassA
GetClassInfoA
wsprintfA
WinHelpA
GetCapture
GetDlgCtrlID
GetTopWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetActiveWindow
SendDlgItemMessageA
IsDialogMessageA
LoadCursorA
ReleaseCapture
GetDesktopWindow
WindowFromPoint
ClientToScreen
GetClassNameA
SetWindowTextA
CharUpperA
OemToCharA
CharToOemA
DestroyMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
IsWindow
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
GetMessagePos
GetMessageTime
InflateRect
KillTimer
IsChild
SetRect
SetForegroundWindow
GetWindowRect
SetWindowLongA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
ReleaseDC
GetDC
GetDlgItem
DialogBoxIndirectParamA
DialogBoxParamA
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetMessageA
TranslateMessage
DispatchMessageA
GetKeyState
CallNextHookEx
ValidateRect
PeekMessageA
GetCursorPos
UnhookWindowsHookEx
SetWindowsHookExA
EnableWindow
IsWindowEnabled
GetLastActivePopup
SetCursor
ShowOwnedPopups
SetWindowPos
IsWindowVisible
ShowWindow
UpdateWindow
PostQuitMessage
PostMessageA
LoadStringA
GetWindowLongA
IsIconic
SendMessageA
GetSystemMetrics
GetClientRect
DrawIcon
SetDlgItemTextA
SetTimer
GetSysColor
LoadIconA
MessageBoxA
GetForegroundWindow
FillRect
GetWindow
SetFocus
GetNextDlgTabItem
EndDialog
SetMessageQueue

gdi32

Escape
GetTextExtentPointA
RestoreDC
CreateBitmap
DeleteDC
RectVisible
PtVisible
CreateSolidBrush
GetStockObject
SetBkColor
SetBkMode
SetTextColor
SetMapMode
SaveDC
TextOutA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetObjectA
ExtTextOutA
GetClipBox
DeleteObject
GetDeviceCaps
CreatePen
SelectObject

comdlg32

GetFileTitleA

shell32

DragFinish
DragQueryFileA

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
arp.exe
.exe windows:5 windows x86 arch:x86

93054bc217bfd876aad9d087c33a7ae8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

snmpapi

SnmpUtilMemAlloc
SnmpUtilMemFree

wsock32

WSAStartup
ioctlsocket
gethostbyname

msvcrt

sprintf
toupper
exit
_isctype
__p___mb_cur_max
__p__pctype
fprintf
_setmode
__p__iob
printf
sscanf
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
time
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr

kernel32

LoadLibraryA
GetProcAddress
FormatMessageA
LocalFree
GetLastError

user32

CharToOemA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
atmadm.exe
.exe windows:5 windows x86 arch:x86

5ce00643b046d324f1bbc8169fb48a41

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
_exit
__p___initenv
printf
__p__fmode
__set_app_type
_except_handler3
_controlfp
putchar
sprintf
_adjust_fdiv
_strlwr
__p__commode

kernel32

DeviceIoControl
CloseHandle
CreateFileA
FormatMessageA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
atmlane.sys
.sys windows:5 windows x86 arch:x86

ac928e03b9e432daa85a9e5ab1d7d8cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ndis.sys

NdisConvertStringToAtmAddress
NdisOpenAdapter
NdisInitializeEvent
NdisReleaseSpinLock
NdisAcquireSpinLock
NdisSetEvent
NdisCompleteUnbindAdapter
NdisCloseAdapter
NdisRequest
NdisTerminateWrapper
NdisDeregisterProtocol
NdisFreeSpinLock
NdisIMDeInitializeDeviceInstance
NdisAllocateBufferPool
NdisAllocatePacketPool
NdisFreeMemory
NdisClOpenAddressFamily
NdisAllocateMemoryWithTag
NdisClCloseAddressFamily
NdisClRegisterSap
NdisClDeregisterSap
NdisClMakeCall
NdisCoCreateVc
NdisClCloseCall
NdisDprReleaseSpinLock
NdisDprAcquireSpinLock
NdisSetTimer
NdisInterlockedIncrement
NdisCoDeleteVc
NdisCoRequest
NdisOpenProtocolConfiguration
NdisCloseConfiguration
NdisWaitEvent
NdisReadConfiguration
NdisInitUnicodeString
NdisOpenConfigurationKeyByName
NdisOpenConfigurationKeyByIndex
NdisUnicodeStringToAnsiString
NdisGetFirstBufferFromPacket
NdisCoSendPackets
NdisFreePacket
NdisUnchainBufferAtFront
NdisScheduleWorkItem
NdisCancelTimer
NdisIMInitializeDeviceInstanceEx
NdisMSetAttributesEx
NdisIMGetDeviceContext
NdisReturnPackets
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisAdjustBufferLength
NdisQueryBuffer
NdisAllocatePacket
NdisCopyBuffer
NdisFreeBuffer
NdisRegisterProtocol
NdisIMRegisterLayeredMiniport
NdisInitializeWrapper
NdisAllocateSpinLock
NdisInitializeTimer
NdisFreeBufferPool
NdisFreePacketPool
NdisAllocateBuffer
NdisGetCurrentSystemTime

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 480B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 960B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
atmuni.sys
.sys windows:5 windows x86 arch:x86

955cd45138e36e6bdb72c15b3e8524ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

ntoskrnl.exe

IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
RtlInitUnicodeString
IoCreateSymbolicLink
KeInitializeSpinLock
IoCreateDevice

hal

KfAcquireSpinLock
KfReleaseSpinLock

ndis.sys

NdisCoCreateVc
NdisCmDispatchIncomingCloseCall
NdisCmCloseCallComplete
NdisCancelTimer
NdisInitializeEvent
NdisReadConfiguration
NdisInitUnicodeString
NdisUnicodeStringToAnsiString
NdisInitAnsiString
NdisConvertStringToAtmAddress
NdisOpenProtocolConfiguration
NdisCloseConfiguration
NdisOpenConfigurationKeyByName
NdisOpenConfigurationKeyByIndex
NdisReleaseSpinLock
NdisAcquireSpinLock
NdisDeregisterProtocol
NdisWaitEvent
NdisResetEvent
NdisSetEvent
NdisAllocateSpinLock
NdisFreeMemory
NdisAllocateMemoryWithTag
NdisFreeSpinLock
NdisCloseAdapter
NdisCmRegisterAddressFamily
NdisOpenAdapter
NdisRegisterProtocol
NdisCmCloseAddressFamilyComplete
NdisCoRequest
NdisCmOpenAddressFamilyComplete
NdisInterlockedIncrement
NdisCmActivateVc
NdisCmDispatchCallConnected
NdisCoDeleteVc
NdisAllocateMemory
NdisScheduleWorkItem
NdisCompleteUnbindAdapter
NdisCmDeactivateVc
NdisCmDispatchIncomingCall
NdisCmMakeCallComplete
NdisCmModifyCallQoSComplete
NdisRequest
NdisCmAddPartyComplete
NdisCmDropPartyComplete
NdisSetTimer
NdisInitializeTimer
NdisCoRequestComplete
NdisCmDispatchIncomingDropParty
NdisAllocateBufferPool
NdisAllocateBuffer
NdisDprReleaseSpinLock
NdisFreeBuffer
NdisAdjustBufferLength
NdisCopyFromPacketToPacket
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisAllocatePacket
NdisReturnPackets
NdisDprAcquireSpinLock
NdisFreePacket
NdisQueryBuffer
NdisFreeBufferPool
NdisFreePacketPool
NdisCoSendPackets
NdisAllocatePacketPool

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 960B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bkupagnt.exe
.exe windows:4 windows x86 arch:x86

9c897e7a630ae2370f7944a4d0f43134

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog
EndPaint
DrawIconEx
DestroyIcon
EnableWindow
SetTimer
GetWindowRect
GetDlgItem
LoadImageA
DispatchMessageA
MoveWindow
SetForegroundWindow
DialogBoxParamA
SendMessageA
RegisterClassA
CreateWindowExA
LoadStringA
MessageBoxA
PostQuitMessage
DefWindowProcA
IsWindow
LoadBitmapA
BeginPaint
PeekMessageA
DestroyWindow
GetForegroundWindow
FindWindowA
ShowWindow
PostMessageA
GetMessageA

advapi32

SetSecurityDescriptorDacl
RegCreateKeyExA
DeregisterEventSource
ReportEventA
RegisterEventSourceA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegQueryInfoKeyA
RegUnLoadKeyA
RegLoadKeyA
RegSaveKeyA
InitializeSecurityDescriptor
InitializeAcl
RegCloseKey
OpenProcessToken
RegQueryValueExA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegEnumValueA

shell32

Shell_NotifyIconA

kernel32

SetFileTime
EnterCriticalSection
GetTempPathA
WriteFile
SetErrorMode
AllocConsole
GetStdHandle
WriteConsoleA
FreeLibrary
LoadLibraryA
LocalFree
LocalSize
LocalAlloc
GetStartupInfoA
OutputDebugStringA
DebugBreak
InitializeCriticalSection
GetVersion
LeaveCriticalSection
DeleteCriticalSection
GetTempFileNameA
GetFileInformationByHandle
SetFilePointer
ReadFile
SystemTimeToFileTime
LocalFileTimeToFileTime
GetProcAddress
GetModuleHandleA
GetLastError
GetModuleFileNameA
FileTimeToSystemTime
ReleaseSemaphore
WaitForSingleObject
CloseHandle
SetLastError
GetCurrentProcess
GetTickCount
Sleep
lstrcpynA
FindClose
FindFirstFileA
GetVolumeInformationA
CreateSemaphoreA
GetCPInfo
GetACP
GetWindowsDirectoryA
GetFileSize
CreateFileA
UnlockFile
SetFileAttributesA
GetFileAttributesA
CreateDirectoryA
DeleteFileA
RemoveDirectoryA
FileTimeToLocalFileTime
FindNextFileA
LockFile

msvcrt

strchr
strrchr
toupper
_putenv
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_initterm
__p__acmdln
exit
_XcptFilter
_exit
__mb_cur_max
_pctype
_onexit
__dllonexit
sprintf
sscanf
calloc
_beginthread
_endthread
strncpy
strncat
getenv
strtol
_stricmp
vsprintf
_strnicmp
_controlfp
memmove
fprintf
strcspn
free
malloc
_isctype
wcslen
_memicmp
realloc

mpr

WNetGetNetworkInformationA
WNetCloseEnum
WNetOpenEnumA
WNetEnumResourceA

gdi32

DeleteDC
DeleteObject
BitBlt
SelectObject
CreateCompatibleDC

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
blutok.sys
.sys windows:3 windows x86 arch:x86

026691947df46ba33183489ff1958ef6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

WRITE_REGISTER_UCHAR

hal

KeStallExecutionProcessor
WRITE_PORT_UCHAR

ndis.sys

NdisSetTimer
NdisMCancelTimer
NdisTerminateWrapper
NdisMRegisterMiniport
NdisInitializeWrapper
NdisWriteErrorLogEntry
NdisMInitializeTimer
NdisFreeMemory
NdisCloseConfiguration
NdisOpenConfiguration
NdisSystemProcessorCount
NdisAllocateMemory
NdisReadNetworkAddress
NdisEqualString
NdisReadConfiguration
NdisMSetAttributes
NdisMUnmapIoSpace
TrFilterDprIndicateReceiveComplete
NdisMRegisterInterrupt
NdisMSynchronizeWithInterrupt
NdisQueryBuffer
NDIS_BUFFER_TO_SPAN_PAGES
NdisMRegisterIoPortRange
NdisMDeregisterIoPortRange
NdisMMapIoSpace
NdisMResetComplete
NdisMDeregisterInterrupt
NdisMIndicateStatusComplete
NdisMIndicateStatus
NdisMSetInformationComplete
TrFilterDprIndicateReceive
NdisMSendComplete

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 686B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cbe.sys
.sys windows:4 windows x86 arch:x86

497e60da8822702f9252cae1b9e47a9d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

hal

READ_PORT_ULONG
KeStallExecutionProcessor
WRITE_PORT_UCHAR
WRITE_PORT_ULONG

ndis.sys

NdisMRegisterMiniport
NdisInitializeWrapper
NdisReadNetworkAddress
NdisTerminateWrapper
NdisReadConfiguration
NdisWriteErrorLogEntry
NdisMRegisterAdapterShutdownHandler
NdisMRegisterIoPortRange
NdisMMapIoSpace
NdisMSetAttributes
NdisCloseConfiguration
NdisOpenConfiguration
NdisAllocateMemory
NdisMDeregisterAdapterShutdownHandler
NdisMIndicateStatusComplete
NdisMIndicateStatus
EthFilterDprIndicateReceiveComplete
NDIS_BUFFER_TO_SPAN_PAGES
NdisQueryBufferOffset
NdisMDeregisterIoPortRange
NdisMUnmapIoSpace
NdisMRegisterInterrupt
NdisFreeMemory
NdisMAllocateSharedMemory
NdisMAllocateMapRegisters
NdisMFreeSharedMemory
NdisMSendResourcesAvailable
EthFilterDprIndicateReceive
NdisMDeregisterInterrupt
NdisMFreeMapRegisters
NdisQueryBuffer
NdisWritePciSlotInformation
NdisReadPciSlotInformation

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 966B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ce3.sys
.sys windows:3 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

_LTEXT
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1024B - Virtual size: 942B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
didiva95.hlp
dilog.exe
ditrace.exe
.exe windows:4 windows x86 arch:x86

b34948d0631a041c82985824e7e865b1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
CreateFileA
GetVersionExA
CloseHandle
MoveFileA
DeleteFileA
MoveFileExA
GetOverlappedResult
WaitForMultipleObjects
DeviceIoControl
ResetEvent
CreateEventA
FileTimeToSystemTime
FileTimeToLocalFileTime
WriteFile
WaitForSingleObject
GetCommandLineA
GetVersion
SetConsoleCtrlHandler
ExitProcess
HeapFree
HeapAlloc
ResumeThread
CreateThread
TlsSetValue
ExitThread
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
GetEnvironmentStrings
FreeEnvironmentStringsW
GetLastError
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
DeleteCriticalSection
GetCurrentThreadId
TlsAlloc
SetLastError
TlsGetValue
HeapCreate
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FlushFileBuffers
ReadFile
SetStdHandle
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
SetEndOfFile

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dlchlp.exe
dllndis.new
dllndist.new
ftp.exe
.exe windows:5 windows x86 arch:x86

28d5eab7671abed1c4b81313cd0d1224

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wsock32

setsockopt
send
accept
listen
__WSAFDIsSet
ioctlsocket
socket
bind
htons
connect
getsockname
select
recv
ord1108
gethostname
gethostbyname
shutdown
closesocket
WSAStartup
getservbyname

user32

CharToOemA

msvcrt

clearerr
putchar
gets
fflush
longjmp
exit
_setjmp3
_unlink
fclose
atoi
strchr
printf
free
tolower
fgets
_tempnam
getenv
_getcwd
_errno
_chdir
_chdrive
toupper
islower
fscanf
strncat
fopen
_write
fprintf
vsprintf
vfprintf
isdigit
_read
clock
_fstat
_pclose
_popen
_fsopen
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__iob
_isatty
strncpy
tmpnam
sprintf

advapi32

RegOpenKeyExA
RegQueryValueExA
GetUserNameA
RegCloseKey

kernel32

WaitForSingleObject
SetConsoleMode
WriteFile
Sleep
GetProcessHeap
HeapAlloc
HeapFree
GetEnvironmentVariableA
GetConsoleMode
ReadFile
CloseHandle
FindFirstFileA
FindNextFileA
FormatMessageA
LocalFree
GetLastError
LocalAlloc
GetCurrentDirectoryA
CreateProcessA
GetModuleHandleA
CreateFileA
SetConsoleCtrlHandler

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
hosts.sam
hpfend.dos
hplan.dos
hplanb.dos
hplane.dos
hplanp.dos
i82593.dos
ibmtok.dos
ipconfig.exe
.exe windows:4 windows x86 arch:x86

be6e016121882258aa366414634c82ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetTimeFormatA
GetDateFormatA
GetComputerNameA
GlobalAlloc
LocalFree
GlobalLock
lstrcatA
lstrcpyA
DeviceIoControl
GlobalReAlloc
FormatMessageA
GetModuleHandleA
CreateFileA
GlobalFree
GlobalUnlock
GetLastError
ExitProcess
WriteFile
CloseHandle

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

user32

SetCursor
wsprintfA
RegisterClassA
UnregisterClassA
DestroyWindow
LoadBitmapA
GetWindowDC
ReleaseDC
GetWindowTextA
SetDlgItemTextA
GetDlgItem
TranslateMessage
GetSystemMenu
RemoveMenu
IsDialogMessageA
LoadStringA
EnableMenuItem
SendDlgItemMessageA
GetWindowRect
SetWindowPos
BeginPaint
EndPaint
PostQuitMessage
SetWindowTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadAcceleratorsA
GetSystemMetrics
CreateDialogParamA
ShowWindow
GetMessageA
TranslateAcceleratorA
LoadCursorA
DefDlgProcA
DispatchMessageA
LoadIconA
AppendMenuA
EnableWindow

gdi32

DeleteObject
DeleteDC
SelectObject
BitBlt
CreateCompatibleDC

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_initterm
__p___initenv
_XcptFilter
_exit
memcmp
strlen
memset
strncpy
memcpy
strstr
_itoa
vsprintf
gmtime
strspn
strpbrk
strcmp
strcpy
strcat
sprintf
printf
exit
_stricmp
atoi

wsock32

ioctlsocket
ord1001
WSAStartup
ntohl

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
irmatr.dos
isdn.hlp
lmhosts.sam
lmscript.exe
lmscript.pif
login.exe
lt2.msg
mdgnd.dos
msdlc.exe
msnds.hlp
msnet.drv
nbtstat.exe
ncc16.dos
ndis39xr.dos
ndis89xr.dos
ndis99xr.dos
ndspp.nw4
.dll windows:4 windows x86 arch:x86

b992ec4d2c7c5782657cd8ccaa454d57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
GlobalFree
CreateFileA
CloseHandle
lstrcmpA
GetLastError
lstrcmpiA
lstrcpynA
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
lstrcpyA
FreeLibrary
InterlockedIncrement
lstrlenA
GetProcAddress
SetLastError
LoadLibraryA
lstrcatA
InterlockedDecrement

user32

SetDlgItemTextA
RegisterClipboardFormatA
CheckDlgButton
WinHelpA
IsDlgButtonChecked
EndDialog
SendMessageA
RegisterWindowMessageA
SetDlgItemInt
SendDlgItemMessageA
MessageBoxA
GetDlgItemInt
GetDlgItemTextA
SetWindowLongA
DialogBoxParamA
LoadStringA
CharNextA
GetDlgItem
EnableWindow
GetWindowLongA
OemToCharA
CharUpperA
wsprintfA
CharToOemA

advapi32

RegCloseKey
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegQueryValueExA

winspool.drv

OpenPrinterA
GetPrinterDataA
SetPrinterDataA
ClosePrinter
GetPrinterA

mpr

ord23
WNetGetConnectionA
ord15
ord14
WNetAddConnection3A
ord24
ord22
WNetConnectionDialog1A
WNetDisconnectDialog

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA

nwnet32

ord34
ord35
ord5
ord36
ord2
ord6
ord3
ord7

nwapi32

ord33
ord38
ord29
ord36
ord14
ord42
ord1
ord44
ord15
ord45
ord47
ord46
ord13
ord34

Exports

Exports

DllCanUnloadNow
DllGetClassObject
InitializePrintProvidor

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PrcLcl
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ne1000.dos
ne2000.dos
ne3200.dos
net.exe
net.msg
netflx.dos
neth.msg
netstat.exe
.exe windows:4 windows x86 arch:x86

266324012b46c17c21299632c3c4ee18

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wsock32

gethostbyaddr
htons
WSAStartup
gethostname
getservbyport

msvcrt

_strupr
system
sscanf
strchr
fprintf
toupper
sprintf
__p__iob
_setmode
_exit
_XcptFilter
exit
_initterm
__getmainargs
__p___initenv
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
time
__setusermatherr

kernel32

GetLastError
LoadLibraryA
GetProcAddress
FormatMessageA
Sleep
LocalFree

snmpapi

SnmpUtilMemFree
SnmpUtilMemAlloc

user32

CharToOemA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 754B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
netware.ms
netware.nw4
ni5210.dos
ni6510.dos
nwapi32.nw4
.dll windows:4 windows x86 arch:x86

c353e68f849fd9b820f1e70f5a19d91d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA
CharNextA
OemToCharBuffA
OemToCharA
CharToOemA
LoadStringA
wsprintfA
CharToOemBuffA

advapi32

RegCreateKeyA
RegQueryValueExA
RegQueryInfoKeyA
RegEnumValueA
RegOpenKeyA
RegCloseKey

kernel32

UninitializeCriticalSection
SearchPathA
GetLastError
ord36
ord34
SMapLS_IP_EBP_12
SMapLS_IP_EBP_20
SMapLS_IP_EBP_24
ord89
SMapLS_IP_EBP_8
SUnMapLS_IP_EBP_12
SUnMapLS_IP_EBP_20
SUnMapLS_IP_EBP_24
ord41
ord90
SUnMapLS_IP_EBP_8
EnterCriticalSection
LeaveCriticalSection
ord37
ord35
ReinitializeCriticalSection
WideCharToMultiByte
LocalFree
LocalAlloc
RtlMoveMemory
CreateFileA
DeviceIoControl
ConvertToGlobalHandle
lstrcpyA
MultiByteToWideChar
lstrcmpiA
ord20
GetTickCount

nwnet32

ord1
ord31
ord3
ord2

Exports

Exports

NWAllocPermanentDirectoryHandle
NWAllocTemporaryDirectoryHandle
NWAttachToFileServer
NWChangeObjectPassword
NWCheckConsolePrivileges
NWDeallocateDirectoryHandle
NWDetachFromFileServer
NWGetFileServerVersionInfo
NWGetInternetAddress
NWGetObjectName
NWGetVolumeExInfo
NWGetVolumeInfoWithHandle
NWGetVolumeInfoWithNumber
NWGetVolumeName
NWGetVolumeNumber
NWGetVolumeUsage
NWIsObjectInSet
NWLoginToFileServer
NWLogoutFromFileServer
NWReadPropertyValue
NWScanObject
NWScanProperty
NetWLookupConnection
NwlibMakeNcp
NwlibSubmitRawNCP

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.instanc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nwlscon.exe
.exe windows:4 windows x86 arch:x86

5221b5cdf494a1e7c199f237037f2da4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
SetEvent
SetCurrentDirectoryA
SetEnvironmentVariableA
ReadFile
WaitForSingleObject
CreateFileA
OpenEventA
GetStdHandle
GetLastError
GetProcessFlags
GetExitCodeProcess
CreateProcessA
SearchPathA
GetEnvironmentVariableA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
WriteFile
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
GetACP
GetOEMCP
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
HeapFree
HeapAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetStdHandle
SetFilePointer
CloseHandle
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 242B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nwlsproc.exe
.exe windows:4 windows x86 arch:x86

8c4cc00d4d319632e0e2b02ae71cf178

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateProcessA
WaitForSingleObject
WriteFile
SetEvent
Sleep
CreateEventA
SetStdHandle
CreatePipe
TerminateProcess
SetCurrentDirectoryA
SearchPathA
GetEnvironmentVariableA
GetSystemDirectoryA
GetFileSize
lstrcatA
lstrcpyA
IsDBCSLeadByte
SetEnvironmentVariableA
GetDateFormatA
GetTimeFormatA
GetSystemDefaultLCID
FileTimeToSystemTime
DosDateTimeToFileTime
GetTimeZoneInformation
SetLocalTime
lstrcmpA
GetProcAddress
FreeLibrary
ReadFile
HeapFree
HeapAlloc
lstrlenA
GetLocalTime
GetStdHandle
HeapCreate
SetFilePointer
FlushFileBuffers
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
RtlUnwind
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
EnterCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
ExitProcess
CloseHandle
LeaveCriticalSection
GetCurrentDirectoryA
GetProcessHeap
CreateFileA
DeleteCriticalSection
InitializeCriticalSection
GetVersion
ord34
GetWindowsDirectoryA
CreateThread
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

user32

MessageBoxA
GetMessageA
DispatchMessageA
TranslateMessage
GetWindowRect
IsDialogMessageA
PostMessageA
SetWindowPos
GetSystemMetrics
GetDlgItemTextA
EndDialog
DialogBoxParamA
MessageBeep
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
BeginPaint
EndPaint
OemToCharA
IsWindowVisible
CharNextA
CharToOemA
wsprintfA
GetClientRect
LoadStringA
PostQuitMessage
DestroyWindow
DefWindowProcA
GetDC
ReleaseDC
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
SendMessageA
MoveWindow
CreateDialogParamA

gdi32

DeleteDC
Rectangle
CreateCompatibleBitmap
GetStockObject
SelectObject
GetTextMetricsA
DeleteObject
CreateCompatibleDC
BitBlt
TextOutA

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

nwnet32

ord7
ord24
ord1
ord63
ord8
ord4
ord2
ord3
ord6

mpr

WNetCancelConnection2A
WNetAddConnection3A

nwapi32

ord48
ord33
ord29
ord7
ord8
ord40
ord38
ord1
ord2
ord3
ord37
ord52
ord10
ord28
ord34
ord30
ord15
ord51

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nwlsproc.nw4
.exe windows:4 windows x86 arch:x86

8c4cc00d4d319632e0e2b02ae71cf178

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
CreateProcessA
WaitForSingleObject
WriteFile
SetEvent
Sleep
CreateEventA
SetStdHandle
CreatePipe
TerminateProcess
SetCurrentDirectoryA
SearchPathA
GetEnvironmentVariableA
GetSystemDirectoryA
GetFileSize
lstrcatA
lstrcpyA
IsDBCSLeadByte
SetEnvironmentVariableA
GetDateFormatA
GetTimeFormatA
GetSystemDefaultLCID
FileTimeToSystemTime
DosDateTimeToFileTime
GetTimeZoneInformation
SetLocalTime
lstrcmpA
GetProcAddress
FreeLibrary
ReadFile
HeapFree
HeapAlloc
lstrlenA
GetLocalTime
GetStdHandle
HeapCreate
SetFilePointer
FlushFileBuffers
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
RtlUnwind
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
EnterCriticalSection
GetStringTypeW
GetStringTypeA
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
ExitProcess
CloseHandle
LeaveCriticalSection
GetCurrentDirectoryA
GetProcessHeap
CreateFileA
DeleteCriticalSection
InitializeCriticalSection
GetVersion
ord34
GetWindowsDirectoryA
CreateThread
GetCommandLineA
GetStartupInfoA
GetModuleHandleA

user32

MessageBoxA
GetMessageA
DispatchMessageA
TranslateMessage
GetWindowRect
IsDialogMessageA
PostMessageA
SetWindowPos
GetSystemMetrics
GetDlgItemTextA
EndDialog
DialogBoxParamA
MessageBeep
GetWindowThreadProcessId
EnumWindows
SetForegroundWindow
BeginPaint
EndPaint
OemToCharA
IsWindowVisible
CharNextA
CharToOemA
wsprintfA
GetClientRect
LoadStringA
PostQuitMessage
DestroyWindow
DefWindowProcA
GetDC
ReleaseDC
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
ShowWindow
SendMessageA
MoveWindow
CreateDialogParamA

gdi32

DeleteDC
Rectangle
CreateCompatibleBitmap
GetStockObject
SelectObject
GetTextMetricsA
DeleteObject
CreateCompatibleDC
BitBlt
TextOutA

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

nwnet32

ord7
ord24
ord1
ord63
ord8
ord4
ord2
ord3
ord6

mpr

WNetCancelConnection2A
WNetAddConnection3A

nwapi32

ord48
ord33
ord29
ord7
ord8
ord40
ord38
ord1
ord2
ord3
ord37
ord52
ord10
ord28
ord34
ord30
ord15
ord51

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 277B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nwnp32.nw4
.dll windows:4 windows x86 arch:x86

9ff91df9930611367fa98d354d32ac93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcmpA
WinExec
lstrcpynA
GetLocaleInfoA
GetNumberFormatA
IsBadReadPtr
FreeLibrary
InterlockedDecrement
GetProcAddress
OpenFile
LoadLibraryA
GetSystemDirectoryA
lstrcatA
TlsGetValue
RtlMoveMemory
LocalAlloc
ord36
GlobalUnlock
GlobalFree
GlobalLock
InterlockedIncrement
FindResourceA
LoadResource
LockResource
FreeResource
LeaveCriticalSection
lstrlenA
FormatMessageA
LocalFree
GetLastError
IsDBCSLeadByte
lstrcmpiA
lstrcpyA
TlsAlloc
TlsSetValue
ReinitializeCriticalSection
EnterCriticalSection

gdi32

LineTo
CreateRectRgn
OffsetRgn
MoveToEx
GetTextMetricsA
Arc
SetTextColor
DeleteDC
SetBkColor
CreateCompatibleDC
CreateDIBitmap
BitBlt
CreateSolidBrush
CreateEllipticRgnIndirect
CombineRgn
FillRgn
CreatePen
GetTextExtentPointA
DeleteObject
SelectObject
PatBlt
Pie
Ellipse

user32

InsertMenuA
SendMessageA
GetDlgItem
SetDlgItemTextA
SetForegroundWindow
SetWindowPos
GetSystemMetrics
CheckDlgButton
IsDlgButtonChecked
EndDialog
SetWindowLongA
WinHelpA
PostQuitMessage
GetWindowLongA
GetSysColor
KillTimer
SetTimer
LoadBitmapA
GetDC
ReleaseDC
SetPropA
GetPropA
RemovePropA
EnableWindow
ShowWindow
GetActiveWindow
RegisterClipboardFormatA
EnableMenuItem
SetWindowTextA
CharLowerA
CharPrevA
MessageBoxA
SendDlgItemMessageA
GetWindowTextA
UpdateWindow
SetFocus
GetDlgItemTextA
GetWindowRect
wsprintfA
GetAsyncKeyState
DialogBoxParamA
CharUpperA
CharNextA
CharToOemA
OemToCharBuffA
GetClassNameA
TabbedTextOutA
DrawTextA
DrawFocusRect
FillRect
GetDialogBaseUnits
GetTabbedTextExtentA
OemToCharA
LoadCursorA
SetCursor
LoadStringA

advapi32

RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegCreateKeyA

comctl32

ord17
ImageList_Create
ImageList_SetBkColor
ImageList_AddMasked

mpr

NPSGetSectionNameA
ord20
ord14
ord23
ord22
WNetAddConnection3A
MultinetGetErrorTextA
ord24
ord16
NPSAuthenticationDialogA
NPSSetExtendedErrorA
WNetGetCachedPassword
PwdChangePasswordA
WNetCachePassword
NPSCopyStringA
ord12
ord15
NPSDeviceGetNumberA
NPSSetCustomTextA
NPSGetProviderNameA
NPSDeviceGetStringA
NPSGetProviderHandleA

nwnet32

ord38
ord5
ord37
ord36
ord34
ord65
ord63
ord8
ord12
ord51
ord3
ord2
ord4
ord61
ord6
ord64
ord67
ord33
ord69
ord35
ord30
ord58
ord62
ord68

nwapi32

ord4
NWLoginToFileServer
ord54
ord8
ord28
NWReadPropertyValue
ord48
ord49
ord16
ord17
ord5
ord29
ord35
ord3
ord39
ord30
ord42
NWGetObjectName
NWDeallocateDirectoryHandle
NWGetVolumeExInfo
NWGetVolumeNumber
ord7
ord6
ord33
ord32
ord43
ord44
ord34
ord50
ord53
NWGetVolumeUsage
ord46
ord45
ord47
ord38
ord2
ord31
NWGetVolumeName
ord37
ord15
NWScanObject
ord36
NWGetFileServerVersionInfo
ord12
ord1
ord10

Exports

Exports

DllCanUnloadNow
DllGetClassObject
NPGetCaps
NPNotifyNetworkEvent
PPChangePassword
PPDSChangePassword
PPDSGetPasswordStatus
PPGetPasswordStatus

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.instanc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
odihlp.exe
olitok16.dos
pcntnd.dos
pcsa.exe
pe2ndis.dos
pe3ndis.exe
pendis.dos
ping.exe
.exe windows:4 windows x86 arch:x86

df8fadcc2cb7092c065337dc6087dfff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FormatMessageA
SetConsoleCtrlHandler
LocalFree
GetLastError
Sleep
LocalAlloc

user32

CharToOemA

icmp

IcmpCreateFile
IcmpSendEcho
IcmpCloseHandle

wsock32

WSAStartup
inet_addr
ioctlsocket
gethostbyname
gethostbyaddr

msvcrt

_write
_initterm
__p___initenv
_exit
_controlfp
strtoul
exit
isspace
__set_app_type
_XcptFilter
_except_handler3
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
pro4.dos
pro4at.dos
prorapm.dwn
protman.dos
protman.exe
route.exe
.exe windows:5 windows x86 arch:x86

2078bc482fc61dda3261cc7caf0cf7a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

snmpapi

SnmpUtilMemAlloc
SnmpUtilMemFree

wsock32

htonl
ioctlsocket
inet_addr
gethostbyname
ord1100
ord1101
WSAStartup

kernel32

LocalFree
GetVersion
FormatMessageA
GetLastError
CloseHandle
GetProcAddress
LoadLibraryA
GetVersionExA
DeviceIoControl

msvcrt

fprintf
toupper
atoi
_stricmp
_strupr
printf
exit
sprintf
_ultoa
qsort
free
malloc
strncpy
calloc
time
__p__iob
_setmode
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

advapi32

RegEnumValueA
RegSetValueExA
RegDeleteValueA
RegOpenKeyA

user32

CharToOemA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
rsvp.exe
.exe windows:5 windows x86 arch:x86

f38c1013e36653f982997974713de2d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

strtoul
atoi
_adjust_fdiv
_ftol
free
_vsnprintf
exit
perror
_snprintf
_controlfp
malloc
__set_app_type
__p__fmode
__p__commode
__setusermatherr
strncpy
_initterm
calloc
__getmainargs
__p___initenv
_XcptFilter
_exit
_stricmp
rand
strpbrk
fgets
isdigit
fopen
_except_handler3
sprintf

advapi32

RegisterEventSourceA
RegEnumKeyA
RegNotifyChangeKeyValue
RegQueryValueExA
RegOpenKeyExA
ReportEventA
FreeSid
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

kernel32

SetProcessWorkingSetSize
CreateFileMappingA
GetLastError
GetFileSize
SetFilePointer
UnmapViewOfFile
OpenFileMappingA
MultiByteToWideChar
ReleaseSemaphore
WaitForSingleObject
CreateThread
LoadLibraryA
GetProcAddress
HeapDestroy
HeapCreate
HeapAlloc
GetSystemTime
SystemTimeToFileTime
MapViewOfFile
OpenProcess
CreateSemaphoreA
CreateEventA
SetEvent
GetCurrentProcess
GetStdHandle
WriteFile
GetVersionExA
ReadFile
CloseHandle
CreateFileA
GetLocalTime

ws2_32

WSACleanup
closesocket
WSAAccept
WSAEnumNetworkEvents
inet_ntoa
WSAWaitForMultipleEvents
WSAStartup
socket
inet_addr
WSAEventSelect
htons
ntohl
setsockopt
recvfrom
bind
WSAIoctl
listen
getsockname
sendto
recv
gethostbyname
gethostname
htonl
WSASend
ntohs
send
WSACreateEvent
WSAGetLastError
WSACloseEvent

user32

RegisterClassA
CreateWindowExA
DispatchMessageA
PostQuitMessage
GetMessageA
DefWindowProcA

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
select.exe
setmdir.exe
sibspy.exe
slan.dos
smc3000.dos
smc8000.dos
smc8100.dos
smc8232.dos
smc9000.dos
smc_arc.dos
snapshot.exe
srm.new
strn.dos
t20nd.dos
t30nd.dos
tccarc.dos
tcctok.dos
telnet.exe
.exe windows:5 windows x86 arch:x86

2ecc1bf0286a3dfe8b35d0b50f9a7c76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetDesktopWindow
OffsetRect
MoveWindow
SetWindowTextA
CheckDlgButton
IsClipboardFormatAvailable
KillTimer
CheckRadioButton
EmptyClipboard
GetDC
SetClipboardData
CloseClipboard
GetDlgItemInt
SetDlgItemInt
GetDlgItemTextA
SetFocus
IsIconic
SetWindowLongA
SetTimer
GetSystemMenu
InvertRect
ReleaseDC
UpdateWindow
SendMessageA
SetCapture
GetWindowLongA
PostQuitMessage
CheckMenuItem
DialogBoxParamA
GetSubMenu
FlashWindow
ReleaseCapture
DefWindowProcA
WinHelpA
CreateWindowExA
DestroyWindow
GetSysColor
LoadStringA
SetClassLongA
ShowWindow
GetMessageA
LoadIconA
RegisterClassA
BeginPaint
TranslateMessage
DispatchMessageA
ScrollWindow
EndPaint
ValidateRect
SetScrollPos
GetWindowRect
SetScrollRange
SetWindowPos
SystemParametersInfoA
GetSystemMetrics
GetDlgItem
LoadCursorA
EndDialog
SendDlgItemMessageA
EnableMenuItem
SetCursor
GetMenu
ModifyMenuA
AppendMenuA
wsprintfA
GetAsyncKeyState
DrawMenuBar
PostMessageA
GetClipboardData
MessageBoxA
OpenClipboard
MessageBeep
GetKeyState
InvalidateRect

comdlg32

ChooseColorA
ChooseFontA
GetOpenFileNameA

wsock32

htons
WSACleanup
WSAStartup
ioctlsocket
gethostbyname
getservbyname
socket
bind
setsockopt
WSAAsyncSelect
send
WSAGetLastError
recv
closesocket
connect

advapi32

RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey

kernel32

HeapFree
VirtualFree
HeapCreate
RtlUnwind
GetFileType
GetStdHandle
HeapDestroy
GetOEMCP
GetCPInfo
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
MultiByteToWideChar
FreeEnvironmentStringsA
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetCurrentProcess
GetModuleFileNameA
ExitProcess
GetVersion
TerminateProcess
GetStartupInfoA
GetModuleHandleA
GetCommandLineA
CloseHandle
CreateFileA
GetACP
GetProcAddress
FreeLibrary
LoadLibraryA
LocalReAlloc
WriteFile
SetLastError
GetThreadLocale
lstrcpyA
OutputDebugStringA
lstrlenA
Sleep
lstrcmpiA
GlobalSize
LocalAlloc
lstrcatA
GlobalAlloc
GlobalLock
LocalFree
GetStringTypeW
HeapAlloc
VirtualAlloc
GetLastError
ReadFile
SetFilePointer
SetStdHandle
FlushFileBuffers
GetStringTypeA
GlobalUnlock
GlobalFree

gdi32

PatBlt
CreateFontIndirectA
CreateSolidBrush
DeleteObject
GetTextMetricsA
SelectObject
TextOutA
ExtTextOutA
SetBkColor
SetTextColor
TranslateCharsetInfo

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
telnet.hlp
tlan.dos
tlnk3.dos
tracert.exe
.exe windows:4 windows x86 arch:x86

2da61abeaa0018495b1aab759f58469b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetLastError
LocalFree
Sleep
FormatMessageA

user32

CharToOemA

icmp

IcmpCloseHandle
IcmpCreateFile
IcmpSendEcho

wsock32

WSAStartup
WSACleanup
ioctlsocket
gethostbyname
gethostbyaddr
inet_addr

msvcrt

_write
_initterm
__p___initenv
_XcptFilter
_controlfp
_except_handler3
strtoul
_exit
__p__fmode
exit
__set_app_type
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 214B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
trcdlc.exe
.exe windows:4 windows x86 arch:x86

c82d5ce4cc8eca8d62b50093a9815a1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
CreateEventA
GetProcAddress
LoadLibraryA
CloseHandle
FreeLibrary
ResetEvent
WaitForSingleObject
DeviceIoControl
CreateFileA
ExitProcess
GetLocalTime
GetEnvironmentStrings
GetCommandLineA
GetVersion
FlushFileBuffers
WriteFile
GetTimeZoneInformation
RtlUnwind
GetLastError
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
VirtualAlloc
WideCharToMultiByte
SetStdHandle
SetFilePointer
SetEndOfFile
ReadFile
GetModuleHandleA
MultiByteToWideChar
SetEnvironmentVariableA

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 990B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ubnei.dos
ubneps.dos
winipcfg.exe
.exe windows:4 windows x86 arch:x86

11c62b00cdb3616d090fc83294aeb66e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetTimeFormatA
GetDateFormatA
GetComputerNameA
GlobalAlloc
LocalFree
GlobalLock
lstrcatA
lstrcpyA
DeviceIoControl
GlobalReAlloc
FormatMessageA
GetModuleHandleA
CreateFileA
GlobalFree
GlobalUnlock
GetLastError
ExitProcess
WriteFile
CloseHandle

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

user32

wsprintfA
LoadCursorA
RegisterClassA
UnregisterClassA
SetCursor
ReleaseDC
LoadBitmapA
GetWindowDC
GetDlgItem
GetWindowTextA
SetDlgItemTextA
RemoveMenu
DispatchMessageA
GetSystemMenu
EnableMenuItem
TranslateMessage
SendDlgItemMessageA
GetWindowRect
SetWindowPos
BeginPaint
EndPaint
PostQuitMessage
SetWindowTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadAcceleratorsA
GetSystemMetrics
CreateDialogParamA
ShowWindow
GetMessageA
TranslateAcceleratorA
IsDialogMessageA
LoadIconA
MessageBoxA
DestroyWindow
DefDlgProcA
LoadStringA
AppendMenuA
EnableWindow

gdi32

DeleteObject
DeleteDC
SelectObject
BitBlt
CreateCompatibleDC

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__getmainargs
_initterm
__p___initenv
_XcptFilter
_exit
memcmp
strlen
memset
strncpy
memcpy
strstr
_itoa
printf
gmtime
vsprintf
strpbrk
strcmp
strspn
strcat
sprintf
strcpy
_stricmp
atoi
_controlfp
exit

wsock32

ioctlsocket
ord1001
WSAStartup
ntohl

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
winpopup.exe
winpopup.hlp
wsasrv.exe

Sharing

General

Malware Config

Signatures

Files

9de0e8b1b1dad60f687a30e73be09239

Headers

File Characteristics

Imports

hal

ndis.sys

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 1KB - Virtual size: 1KB

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 1024B - Virtual size: 804B

a8e148803560dbbf5e812a2554a01e5b

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

ndis.sys

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 320B - Virtual size: 316B

INIT Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 896B - Virtual size: 874B

ad8f2c4f08c3ee05335bff0c02b7e98b

Headers

File Characteristics

Imports

hal

ndis.sys

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 512B - Virtual size: 512B

.data Size: 4KB - Virtual size: 4KB

.idata Size: 992B - Virtual size: 992B

INIT Size: 192B - Virtual size: 177B

.rsrc Size: 928B - Virtual size: 928B

.reloc Size: 480B - Virtual size: 472B

b3ff41beb757b0f733ac7559405b84d6

Headers

File Characteristics

Imports

wsock32

winmm

mpr

advapi32

kernel32

user32

gdi32

comdlg32

shell32

Sections

.text Size: 97KB - Virtual size: 97KB

.bss Size: - Virtual size: 18KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 19KB - Virtual size: 18KB

.idata Size: 7KB - Virtual size: 6KB

.edata Size: 512B - Virtual size: 53B

.rsrc Size: 21KB - Virtual size: 21KB

.reloc Size: 11KB - Virtual size: 11KB

93054bc217bfd876aad9d087c33a7ae8

Headers

File Characteristics

Imports

snmpapi

wsock32

msvcrt

kernel32

user32

Sections

.text Size: 10KB - Virtual size: 10KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 752B

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 1KB - Virtual size: 1KB

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 1024B - Virtual size: 804B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 320B - Virtual size: 316B

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 896B - Virtual size: 874B

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 512B - Virtual size: 512B

.data
Size: 4KB - Virtual size: 4KB

.idata
Size: 992B - Virtual size: 992B

INIT
Size: 192B - Virtual size: 177B

.rsrc
Size: 928B - Virtual size: 928B

.reloc
Size: 480B - Virtual size: 472B

.text
Size: 97KB - Virtual size: 97KB

.bss
Size: - Virtual size: 18KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 19KB - Virtual size: 18KB

.idata
Size: 7KB - Virtual size: 6KB

.edata
Size: 512B - Virtual size: 53B

.rsrc
Size: 21KB - Virtual size: 21KB

.reloc
Size: 11KB - Virtual size: 11KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 752B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 9KB

.rsrc
Size: 3KB - Virtual size: 2KB

.text
Size: 32KB - Virtual size: 32KB

.data
Size: 480B - Virtual size: 468B

INIT
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 960B - Virtual size: 960B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 170KB - Virtual size: 170KB

.data
Size: 44KB - Virtual size: 44KB

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 960B - Virtual size: 944B

.reloc
Size: 11KB - Virtual size: 11KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 512B - Virtual size: 20B

.data
Size: 4KB - Virtual size: 9KB

.idata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 22KB - Virtual size: 22KB

.bss
Size: 512B - Virtual size: 100B

.data
Size: 1024B - Virtual size: 716B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 896B

.reloc
Size: 1024B - Virtual size: 686B