83822503c688e30f123747020755c31e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

83822503c688e30f123747020755c31e_JaffaCakes118
Size

5.2MB
MD5

83822503c688e30f123747020755c31e
SHA1

e272a218fbd6b69f2e34b45fcb964d5926990f04
SHA256

ebbb2a1fe46a0ce39ff5653f864e852ed6f0b96db8877a278173b5581b9e9d5c
SHA512

68dfb25e9fa452906359abbfa78ddfd288bfa091cab4ac7c7df5cee1d108e87f89fa22afbc29b7663a1fc33dd5a74f472b015d01e36460886a7585c118b68f3b
SSDEEP

98304:zFBG8aD58zQC+fTsEMu7cV9bkHlLqu0IzHeT09OBxARFqYp+Drce/v25OyTQGi0H:BNaV8kC+X77cV4dfeA9qs8YsDrcEgOLA

Score

3^/10

Malware Config

Signatures

Unsigned PE 24 IoCs

Checks for missing Authenticode signature.

resource
unpack002/BRC.EXE
unpack002/BRC32.EXE
unpack002/BRCC.EXE
unpack002/BRCC32.EXE
unpack002/IMPDEF.EXE
unpack002/IMPLIB.EXE
unpack002/MAKE.EXE
unpack002/OBJXREF.EXE
unpack002/RLINK32.DLL
unpack002/RW32CORE.DLL
unpack002/RWRES.DLL
unpack002/TDUMP.EXE
unpack002/THUNK.EXE
unpack002/TLIB.EXE
unpack002/TOUCH.EXE
unpack004/H2ASH32.EXE
unpack004/TASM32.EXE
unpack004/TDSTRP32.EXE
unpack004/TLINK32.EXE
unpack006/JITIME.EXE
unpack006/TDCON32.EXE
unpack001/PATCHES/53_PATCH/53PATCH.EXE
unpack001/PATCHES/53_WIN/TASM32.EXE
unpack001/phatcode.exe

Files

83822503c688e30f123747020755c31e_JaffaCakes118
.zip
DISK1/CMDLINE.PAK
.lzh
32RTM.EXE
BRC.EXE
.exe windows:1 windows x86 arch:x86

8215d787753c07a94e3be7883593d8a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleFileNameA
CreateProcessA
EnterCriticalSection
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
ExitProcess
CreateFileA
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetCommandLineA
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetTimeZoneInformation
GetVersion
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile
GetLogicalDrives

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BRC32.EXE
.exe windows:1 windows x86 arch:x86

8215d787753c07a94e3be7883593d8a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleFileNameA
CreateProcessA
EnterCriticalSection
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
ExitProcess
CreateFileA
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetCommandLineA
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetTimeZoneInformation
GetVersion
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile
GetLogicalDrives

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BRCC.EXE
.exe windows:1 windows x86 arch:x86

8215d787753c07a94e3be7883593d8a4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleFileNameA
CreateProcessA
EnterCriticalSection
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
ExitProcess
CreateFileA
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetCommandLineA
GetCurrentDirectoryA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetTimeZoneInformation
GetVersion
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile
GetLogicalDrives

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BRCC32.EXE
.exe windows:1 windows x86 arch:x86

a4cf53c525ead89ad2998c6d96ef8e0d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCurrentThreadId
GetStdHandle
GetThreadPriority
DeleteFileA
EnterCriticalSection
ExitProcess
DeleteCriticalSection
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FreeLibrary
GetCommandLineA
GetCurrentDirectoryA
GetSystemInfo
CloseHandle
GetVersion
GetEnvironmentStrings
GetEnvironmentVariableA
GetExitCodeThread
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetCurrentThread
CreateFileA
FileTimeToDosDateTime
CreateDirectoryA
GetDriveTypeA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
RaiseException
ReadFile
RemoveDirectoryA
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEnvironmentVariableA
SetFilePointer
SetHandleCount
SetThreadPriority
SuspendThread
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile
_lclose
_lopen
lstrcmpiA
lstrcpyA
lstrlenA
GetStartupInfoA

user32

CharUpperA
CharToOemA
CharLowerA
OemToCharA
MessageBoxA
LoadStringA
EnumThreadWindows
CharUpperBuffA

Exports

Exports

@EVENTMGRINIT$QUL
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
BUILTINS.MAK
DPMI16BI.OVL
DPMI32VM.OVL
GREP.COM
HELP.ICO
IMPDEF.EXE
.exe windows:1 windows x86 arch:x86

93446409a7fe60026d7c7e6ec6a63644

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
GetStartupInfoA
ExitProcess
GetCommandLineA
CloseHandle
GetFileAttributesA
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetEnvironmentStrings
DeleteFileA
GetStdHandle
GetVersion
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
VirtualAlloc
VirtualFree
WriteFile
GetProcAddress

user32

MessageBoxA
GetDesktopWindow

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMPLIB.EXE
.exe windows:1 windows x86 arch:x86

a5cbf5b27ef5840d956a0111f54e449f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
GetModuleFileNameA
CreateFileA
FileTimeToDosDateTime
FileTimeToLocalFileTime
DeleteFileA
ExitProcess
FindNextFileA
GetCommandLineA
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetFileType
FindClose
FindFirstFileA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetVersion
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
VirtualAlloc
VirtualFree
WriteFile
GetLastError

user32

GetDesktopWindow
MessageBoxA

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MAKE.EXE
.exe windows:1 windows x86 arch:x86

24a90a7e3a29b0e2f9e420e896f95f34

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
GetCommandLineA
DeleteFileA
DuplicateHandle
CloseHandle
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
CreateProcessA
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLogicalDrives
EnterCriticalSection
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetTimeZoneInformation
GetVersion
GetVolumeInformationA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFilePointer
SetHandleCount
SetStdHandle
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForSingleObject
WriteFile
GetModuleFileNameA

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__DebuggerHookData
__GetExceptDLLinfo

Sections

CODE
Size: 61KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 11KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
MAKER.EXE
MAKESWAP.EXE
OBJXREF.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.icode
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RLINK.EXE
RLINK32.DLL
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

BindToExe
GetRLinkVersion
GetResObjSize
RemoveFromExe
WriteResObj

Sections

CODE
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RTM.EXE
RW32CORE.DLL
.dll windows:1 windows x86 arch:x86

fe6b46665409a44383ff0da5540ef98b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileAttributesA
LeaveCriticalSection
FindResourceA
GlobalMemoryStatus
GetFileType
FileTimeToSystemTime
FindClose
GetFileTime
EnterCriticalSection
MultiByteToWideChar
LoadLibraryA
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
InitializeCriticalSection
LockResource
GlobalReAlloc
RaiseException
MoveFileA
LoadResource
CreateFileA
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetTimeZoneInformation
GetVersion
GetVersionExA
GlobalAlloc
GlobalFlags
GlobalFree
FindFirstFileA
GetFullPathNameA
ExitProcess
GlobalUnlock
GlobalSize
GetFileSize
FreeLibrary
CloseHandle
FileTimeToLocalFileTime
GetLastError
FreeResource
DeleteFileA
GetLocalTime
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEnvironmentVariableA
SetFilePointer
SetHandleCount
SizeofResource
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteFile
_lread
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
GlobalLock

user32

MessageBoxA
LoadStringA
IsCharAlphaNumericA
IsCharAlphaA
EnumThreadWindows
CreateIcon
CreateCursor
CharUpperA
CharToOemA
CharNextA
CharLowerA

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
ACCELDECOMPHOOK
ACCELKEYFROMBIN
ACCELVERSIONHOOK
BITMAP3COMPOUNDHOOK
BITMAP3LOADHOOK
BITMAP3SAVEHOOK
BITMAP3VERSIONHOOK
BLOCKDECOMPHOOK
CURSOR3COMPOUNDHOOK
CURSOR3CONVERTHOOK
CURSOR3LOADHANDLER
CURSOR3SAVEHOOK
CURSOR3VERSIONHOOK
DIALOG3COMPOUNDHOOK
DIALOGDECOMPHOOK
DIALOGVERSION3HOOK
DLGINITSRCHOOK
DllCanUnloadNow
DllGetClassObject
FONT3VERSIONHOOK
FONTSPECDECOMPHOOK
GENACCELKEY
GENBUTTONSTYLE
GENCOMBOSTYLE
GENCONTROLSTYLE
GENDIALOGSTYLE
GENEDITSTYLE
GENEXSTYLE
GENFFFLAGS
GENFFMASK
GENFFOS
GENFFSUBTYPE
GENFFTYPE
GENLISTBOXSTYLE
GENMENU3COMMAND
GENMENU3OPTSFIELD
GENMENU3TEXTFIELD
GENMENU4COMMAND
GENMENU4STATEFIELD
GENMENU4TYPEFIELD
GENSCROLLBARSTYLE
GENSTATICSTYLE
GENVERSIONRES
GenResVHandle
GenResVHandleNOTNT
ICON3COMPOUNDHOOK
ICON3CONVERTHOOK
ICON3LOADHANDLER
ICON3SAVEHOOK
ICON3VERSIONHOOK
IDELIBMAIN
MENU3COMPOUNDHOOK
MENU3DECOMPHOOK
MENU3LOADHOOK
MENU3OPTSHOOK
MENU3VERSIONHOOK
MENU4HELPIDHOOK
MENU4VERSIONHOOK
MakeAControlName
RC_CONTROLSTYLESRC
RC_CONTROLSTYLESRCA
RC_GENWINSTYLE
VERSIONDECOMPHOOK
__DebuggerHookData

Sections

CODE
Size: 387KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 33KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 204KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RWRES.DLL
.dll windows:1 windows x86 arch:x86

757d2b12e736f89a7ffb47b2a12c249a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

cw3220mt

_flushall
_abort
@_CatchCleanup$qv
@__lockDebuggerData$qv
@__unlockDebuggerData$qv
__ErrorMessage
__ExceptionHandler
___debuggerDisableTerminateCallback
__startup
__startupd

kernel32

GetVersion
GetProcAddress
GetModuleHandleA

Exports

Exports

__DebuggerHookData

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 166KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TASM.HLP
TDMEM.EXE
TDUMP.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 47KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
THUNK.EXE
.exe windows:1 windows x86 arch:x86

2523e15861a41d775e6f4375f7c1e398

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetCommandLineA
GetVersion
GetLastError
DeleteFileA
ExitProcess
GetLocalTime
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
GetEnvironmentStrings
WriteFile
CloseHandle
SetFilePointer
ReadFile
GetFileAttributesA
GetTimeZoneInformation
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
MultiByteToWideChar
FlushFileBuffers
SetStdHandle
CreateFileA
SetEndOfFile
SetEnvironmentVariableA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 105B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TLIB.EXE
.exe windows:1 windows x86 arch:x86

d460bad971e591cfada458e24da3af83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
GetStartupInfoA
ExitProcess
GetCommandLineA
GetCurrentProcessId
CloseHandle
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetCurrentThreadId
DeleteFileA
GetStdHandle
GetVersion
MoveFileA
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
GetProcAddress

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TOUCH.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WINDPMI.386
WINSTUB.EXE
WORKOPT.DOS
DISK1/DISK1.DSK
DISK1/FILELIST.TXT
DISK1/INSTALL.EXE
DISK1/README.COM
DISK1/THUNK95.PAK
.lzh
APP32.CPP
APP32.RC
APP32.RH
DLL16.CPP
DLL16.DEF
DLL32.CPP
DLL32.DEF
MAKEFILE
THUNK95.TXT
THUNKOBJ.THK
TOOLS.CPP
TOOLS.H
DISK1/TSM_INST.TXT
DISK1/TSM_RDME.TXT
.vbs
DISK1/UNPAK.EXE
DISK2/CMD32.PAK
.lzh
B32TOOLS.PIF
H2ASH32.EXE
.exe windows:1 windows x86 arch:x86

cb7d9d068f971c1d2eb4b9fc5b9634e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
DeleteFileA
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetVersion
GetVolumeInformationA
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
VirtualAlloc
VirtualFree
WriteFile
CloseHandle

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 202KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 42KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TASM32.EXE
.exe windows:1 windows x86 arch:x86

4d4975372a0a6bc337783ec500f55f2f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
DeleteFileA
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetFileSize
GetFileTime
GetLastError
GetLocalTime
GetModuleFileNameA
GetStdHandle
ReadFile
SetFilePointer
VirtualAlloc
VirtualFree
WriteFile
CloseHandle

Sections

CODE
Size: 121KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 34KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TDSTRP32.EXE
.exe windows:1 windows x86 arch:x86

5280eeeb1adaf2eca079d91eba6a6c44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleFileNameA
DeleteFileA
DosDateTimeToFileTime
CloseHandle
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
ExitProcess
CreateFileA
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeA
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileAttributesA
GetFileTime
GetFileType
FindNextFileA
GetCommandLineA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetVersion
LocalFileTimeToFileTime
MoveFileA
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEnvironmentVariableA
SetFilePointer
SetFileTime
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
GetLastError

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TLINK32.EXE
.exe windows:1 windows x86 arch:x86

ac20a75c815ef2f23df2514e59356ce0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLocalTime
DeleteFileA
ExitProcess
CloseHandle
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
CreateFileA
GetCommandLineA
GetCurrentDirectoryA
GetCurrentThreadId
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
FreeLibrary
FileTimeToDosDateTime
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
GetProcAddress
GetStartupInfoA
GetStdHandle
GetTimeZoneInformation
GetVersion
LoadLibraryA
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteFile
WritePrivateProfileStringA
GetLastError

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 163KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 25KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
DISK2/DISK2.DSK
DISK2/TDDOS.PAK
.lzh
TD.EXE
TD.PIF
TDDOS.ICO
TDHELP.TDH
TDINST.EXE
TDOSINST.ICO
TDREMOTE.EXE
TDRF.EXE
DISK2/TDWIN.PAK
.lzh
JITIME.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TDCON32.EXE
.exe windows:1 windows x86 arch:x86

5c64bf9d73c5caf91529edeccef7de13

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLastError
GetConsoleCursorInfo
ExitProcess
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetNumberOfConsoleInputEvents
GetProcAddress
GetStartupInfoA
GetStdHandle
GetVersion
RaiseException
GetConsoleScreenBufferInfo
ReadConsoleOutputA
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleMode
SetConsoleScreenBufferSize
SetConsoleWindowInfo
SetFilePointer
SetHandleCount
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WriteConsoleOutputA
WriteFile
ReadConsoleInputA

user32

MessageBoxA
EnumThreadWindows

Exports

Exports

__GetExceptDLLinfo

Sections

CODE
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TDDEBUG.386
TDW.EXE
TDW.ICO
TDWHELP.TDH
TDWINST.EXE
TDWINST.ICO
TDWINTH.DLL
WREMOTE.EXE
WRSETUP.EXE
DISK2/USRGUIDE.PAK
.lzh
ASMPSCL.ASM
AVERAGE.ASM
BIOS.INC
CALCAVG.CPP
CALLCT.CPP
CASMLINK.ASM
COMPROG.ASM
CONCISE.ASM
COUNT.ASM
COUNTADD.ASM
COUNTER.CPP
COUNTLG.ASM
CSPEC.ASM
DOS.INC
DOTOTAL.ASM
ENVSTR.ASM
ENVSTR.PAS
EXCHMOD.ASM
EXCHMOD.PAS
EXEPROG.ASM
FINDCHAR.ASM
HELLO.ASM
HEX.ASM
HEX.PAS
HEXMOD.ASM
HEXMOD.PAS
KBD.INC
LINK2ASM.CPP
PRMSTACK.ASM
SHOWTOT.CPP
SOMESTR.ASM
SOMESTR.PAS
VAREXCH.ASM
VAREXCH.PAS
DISK3/ALIASDOS.PAK
.lzh
ALIAS.ASM
CPPUSER.CPP
LIBRARY.C
MAKEFILE
NEWUSER.C
OLDUSER.C
README.TXT
DISK3/ALIASWIN.PAK
.lzh
ALIAS.ASM
CPPUSER.CPP
CPPUSER.DEF
LIBRARY.C
MAKEFILE
NEWUSER.C
NEWUSER.DEF
OLDUSER.C
OLDUSER.DEF
README.TXT
DISK3/ASMWIN.PAK
.lzh
DISK3/CMD16.PAK
.lzh
DISK3/CMDINC.PAK
.lzh
DISK3/CPUID.PAK
.lzh
DISK3/DISK3.DSK
DISK3/DLLWIN.PAK
.lzh
DISK3/FILT.PAK
.lzh
DISK3/GROUPS.PAK
.lzh
DISK3/HEAP.PAK
.lzh
DISK3/SHOW87.PAK
.lzh
DISK3/TA16LIB.PAK
.lzh
DISK3/TA32LIB.PAK
.lzh
DISK3/TASMDOC.PAK
.lzh
DISK3/TD32.PAK
.lzh
DISK3/TDCMD.PAK
.lzh
DISK3/WAP.PAK
.lzh
DISK3/WAP32.PAK
.lzh
DISK3/WHEREIS.PAK
.lzh
DOCS/PASMUG.PDF
.pdf
PATCHES/53_DOS/FILE_ID.DIZ
PATCHES/53_DOS/TASM32.EXE
PATCHES/53_PATCH/53PATCH.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

KOMA0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KOMA1
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PATCHES/53_PATCH/ADD.TXT
PATCHES/53_PATCH/BUG1.ASM
PATCHES/53_PATCH/BUG2.ASM
PATCHES/53_PATCH/BUG3.ASM
PATCHES/53_PATCH/BUG4.ASM
PATCHES/53_PATCH/BUG5.ASM
PATCHES/53_PATCH/BUG6.ASM
PATCHES/53_PATCH/BUG7.ASM
PATCHES/53_PATCH/BUG8.ASM
PATCHES/53_PATCH/FILE_ID.DIZ
PATCHES/53_PATCH/TASM.CFG
PATCHES/53_WIN/FILE_ID.DIZ
PATCHES/53_WIN/TASM32.EXE
.exe windows:1 windows x86 arch:x86

a72f701c9ebaab09b86ea6257501eaa2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
CreateFileA
DeleteFileA
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
GetACP
GetCommandLineA
GetFileSize
GetFileTime
GetLastError
GetLocalTime
GetModuleFileNameA
GetStdHandle
ReadFile
SetFilePointer
VirtualAlloc
VirtualFree
WriteFile
IsDBCSLeadByteEx

Sections

CODE
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 37KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PATCHES/CPPBUILD/INSTALL.BAT
PATCHES/CPPBUILD/PATCH.EXE
PATCHES/CPPBUILD/TASM32.RTP
PATCHES/CPPBUILD/TD32.RTP
phatcode.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 10KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8215d787753c07a94e3be7883593d8a4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 31KB - Virtual size: 32KB

DATA Size: 7KB - Virtual size: 12KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

8215d787753c07a94e3be7883593d8a4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 31KB - Virtual size: 32KB

DATA Size: 7KB - Virtual size: 12KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

8215d787753c07a94e3be7883593d8a4

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 30KB - Virtual size: 32KB

DATA Size: 6KB - Virtual size: 12KB

.idata Size: 1KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

a4cf53c525ead89ad2998c6d96ef8e0d

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 67KB - Virtual size: 68KB

DATA Size: 13KB - Virtual size: 16KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 8KB

.rsrc Size: 14KB - Virtual size: 16KB

93446409a7fe60026d7c7e6ec6a63644

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

CODE Size: 51KB - Virtual size: 52KB

DATA Size: 11KB - Virtual size: 16KB

.idata Size: 1024B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.reloc Size: 3KB - Virtual size: 4KB

a5cbf5b27ef5840d956a0111f54e449f

Headers

File Characteristics

Imports

CODE
Size: 31KB - Virtual size: 32KB

DATA
Size: 7KB - Virtual size: 12KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

CODE
Size: 31KB - Virtual size: 32KB

DATA
Size: 7KB - Virtual size: 12KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

CODE
Size: 30KB - Virtual size: 32KB

DATA
Size: 6KB - Virtual size: 12KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

CODE
Size: 67KB - Virtual size: 68KB

DATA
Size: 13KB - Virtual size: 16KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 14KB - Virtual size: 16KB

CODE
Size: 51KB - Virtual size: 52KB

DATA
Size: 11KB - Virtual size: 16KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB

CODE
Size: 62KB - Virtual size: 64KB

DATA
Size: 13KB - Virtual size: 20KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB

CODE
Size: 61KB - Virtual size: 64KB

DATA
Size: 11KB - Virtual size: 60KB

.idata
Size: 1KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB

CODE
Size: 50KB - Virtual size: 52KB

.icode
Size: 512B - Virtual size: 4KB

DATA
Size: 24KB - Virtual size: 28KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 3KB - Virtual size: 4KB

CODE
Size: 34KB - Virtual size: 36KB

DATA
Size: 6KB - Virtual size: 12KB

.idata
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB

CODE
Size: 387KB - Virtual size: 388KB

DATA
Size: 33KB - Virtual size: 48KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 3KB - Virtual size: 4KB

.reloc
Size: 18KB - Virtual size: 20KB

.rsrc
Size: 204KB - Virtual size: 208KB