BIOSMasterPasswordGenerator[.]7z

Sharing

Copy URL Twitter E-mail

General

Target

BIOSMasterPasswordGenerator.7z
Size

603KB
MD5

e611a746c68f994adeb4ef7b3e2ebe0b
SHA1

107168b95c7bf00fafda1aeea40dba2108ba0882
SHA256

7a2ec7365ab104b25300573f9be16df4f92e83ba3fc1e4b53d571b19b795a0bb
SHA512

d72e07b0318bec11396108435835ce45bf0261f710347af2fb262e5d82db11b7ad5a84e13e2f9b2fce92196dd2ffb22d95fe285bcf1ff7697f8adc0f30bfb348
SSDEEP

12288:x7tYbcUwOtQJmBXpBGejB8gcBtaL8UT9LjlQ3sL0WtBDXZ3M:x7tYAUvaJmBXp9KBgL8UnQ3sL0g+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/dell.exe	upx

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/_sre.pyd
unpack001/datetime.pyd
unpack001/dell.exe
unpack002/out.upx
unpack001/pwgen-5dec.exe
unpack001/pwgen-fsi-5x4dec.exe
unpack001/pwgen-fsi-hex.exe
unpack001/pwgen-hpmini.exe
unpack001/pwgen-insyde.exe
unpack001/pwgen-samsung.exe
unpack001/pwgen-sony-serial.exe
unpack001/python23.dll
unpack001/unicodedata.pyd
unpack001/zlib.pyd

Files

BIOSMasterPasswordGenerator.7z
.7z
README.md
_sre.pyd
.dll windows:4 windows x86 arch:x86

79c0f9dd25063641b30a46346812c9fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python23

PyErr_SetString
PyExc_TypeError
PyString_Type
PyArg_ParseTupleAndKeywords
_PyUnicodeUCS2_IsLinebreak
_PyUnicodeUCS2_IsWhitespace
_PyUnicodeUCS2_IsNumeric
PyObject_Size
PyUnicode_Type
_PyUnicodeUCS2_IsDigit
_PyUnicodeUCS2_IsAlpha
PyOS_CheckStack
_Py_NoneStruct
PyErr_NoMemory
PyExc_RuntimeError
PyList_Append
PySequence_GetSlice
PyTuple_New
PyList_New
_PyUnicodeUCS2_IsDecimalDigit
Py_BuildValue
PyObject_CallObject
PyErr_Clear
PyCallable_Check
PyImport_Import
PyString_FromString
PyExc_AttributeError
Py_FindMethod
_Py_ZeroStruct
PyExc_IndexError
PyObject_GetItem
PyDict_SetItem
PyObject_CallMethod
PyDict_New
PyInt_FromLong
PySequence_GetItem
PyDict_SetItemString
PyModule_GetDict
Py_InitModule4
PyType_Type
PyObject_Init
_PyUnicodeUCS2_ToLowercase
PyObject_Malloc
PyList_Type
PyArg_ParseTuple
PyType_IsSubtype
PyObject_InitVar
PyInt_Type
PyErr_Occurred
PyLong_AsUnsignedLong
PyInt_AsLong
PyCallIter_New
PyObject_Free
PyObject_GetAttrString

msvcrt

_onexit
_adjust_fdiv
__dllonexit
malloc
realloc
_initterm
_isctype
_pctype
__mb_cur_max
free
tolower

kernel32

DisableThreadLibraryCalls

Exports

Exports

init_sre

Sections

.text
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
biosmasterpw.cmd
biosmasterpw.txt
datetime.pyd
.dll windows:4 windows x86 arch:x86

79a2d2eb622fc6179baa427da5cac5fd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python23

PyInt_Type
PyNumber_Add
PyInt_FromLong
PyErr_Occurred
PyLong_AsLong
PyTuple_GetItem
PyNumber_Divmod
PyNumber_FloorDivide
PyLong_FromLong
PyArg_ParseTupleAndKeywords
PyInt_AsLong
PyLong_AsDouble
PyLong_FromDouble
PyFloat_AsDouble
PyFloat_Type
PyString_FromFormat
PyErr_SetString
PyExc_SystemError
PyString_FromStringAndSize
PyOS_snprintf
Py_BuildValue
_PyObject_New
PyString_Type
PyExc_ValueError
PyLong_Type
PyNumber_Multiply
PyArg_ParseTuple
PyObject_CallFunction
PyString_FromString
_PyString_Resize
_Py_NoneStruct
PyString_AsString
PyString_Size
PySequence_GetItem
PyObject_HasAttrString
PyExc_NotImplementedError
PyDict_Size
_PyObject_GetDictPtr
PyErr_Clear
PyObject_CallObject
PyObject_GetAttrString
PyTuple_New
PyObject_Repr
PyString_ConcatAndDel
PyErr_ExceptionMatches
PyModule_AddObject
PyModule_AddIntConstant
PyDict_SetItemString
PyType_Ready
Py_InitModule4
_Py_TrueStruct
PyObject_Hash
PyExc_TypeError
PyExc_OverflowError
_Py_ZeroStruct
PyNumber_Negative
PyType_IsSubtype
PyErr_Format
_Py_NotImplementedStruct
PyObject_GenericGetAttr
PyObject_Malloc
PyErr_NoMemory
PyObject_CallMethod
PyType_GenericNew
PyImport_ImportModule

msvcrt

_onexit
_adjust_fdiv
__dllonexit
_initterm
free
malloc
localtime
modf
gmtime
floor
ceil
_ftol

kernel32

DisableThreadLibraryCalls

Exports

Exports

initdatetime

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
decrypt_bios.min.js
.js
dell.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 148B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 792B - Virtual size: 792B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
hero.html
.html
library.zip
.zip
StringIO.pyc
UserDict.pyc
_sre.pyc
_strptime.pyc
atexit.pyc
base64.pyc
calendar.pyc
codecs.pyc
copy.pyc
copy_reg.pyc
datetime.pyc
encodings/__init__.pyc
encodings/aliases.pyc
encodings/ascii.pyc
encodings/base64_codec.pyc
encodings/charmap.pyc
encodings/cp037.pyc
encodings/cp1006.pyc
encodings/cp1026.pyc
encodings/cp1140.pyc
encodings/cp1250.pyc
encodings/cp1251.pyc
encodings/cp1252.pyc
encodings/cp1253.pyc
encodings/cp1254.pyc
encodings/cp1255.pyc
encodings/cp1256.pyc
encodings/cp1257.pyc
encodings/cp1258.pyc
encodings/cp424.pyc
encodings/cp437.pyc
encodings/cp500.pyc
encodings/cp737.pyc
encodings/cp775.pyc
encodings/cp850.pyc
encodings/cp852.pyc
encodings/cp855.pyc
encodings/cp856.pyc
encodings/cp857.pyc
encodings/cp860.pyc
encodings/cp861.pyc
encodings/cp862.pyc
encodings/cp863.pyc
encodings/cp864.pyc
encodings/cp865.pyc
encodings/cp866.pyc
encodings/cp869.pyc
encodings/cp874.pyc
encodings/cp875.pyc
encodings/hex_codec.pyc
encodings/idna.pyc
encodings/iso8859_1.pyc
encodings/iso8859_10.pyc
encodings/iso8859_13.pyc
encodings/iso8859_14.pyc
encodings/iso8859_15.pyc
encodings/iso8859_2.pyc
encodings/iso8859_3.pyc
encodings/iso8859_4.pyc
encodings/iso8859_5.pyc
encodings/iso8859_6.pyc
encodings/iso8859_7.pyc
encodings/iso8859_8.pyc
encodings/iso8859_9.pyc
encodings/koi8_r.pyc
encodings/koi8_u.pyc
encodings/latin_1.pyc
encodings/mac_cyrillic.pyc
encodings/mac_greek.pyc
encodings/mac_iceland.pyc
encodings/mac_latin2.pyc
encodings/mac_roman.pyc
encodings/mac_turkish.pyc
encodings/mbcs.pyc
encodings/palmos.pyc
encodings/punycode.pyc
encodings/quopri_codec.pyc
encodings/raw_unicode_escape.pyc
encodings/rot_13.pyc
encodings/string_escape.pyc
encodings/undefined.pyc
encodings/unicode_escape.pyc
encodings/unicode_internal.pyc
encodings/utf_16.pyc
encodings/utf_16_be.pyc
encodings/utf_16_le.pyc
encodings/utf_7.pyc
encodings/utf_8.pyc
encodings/uu_codec.pyc
encodings/zlib_codec.pyc
getopt.pyc
linecache.pyc
locale.pyc
macpath.pyc
ntpath.pyc
os.pyc
os2emxpath.pyc
popen2.pyc
posixpath.pyc
quopri.pyc
random.pyc
re.pyc
repr.pyc
sets.pyc
sre.pyc
sre_compile.pyc
sre_constants.pyc
sre_parse.pyc
stat.pyc
string.pyc
stringprep.pyc
types.pyc
unicodedata.pyc
warnings.pyc
zlib.pyc
pwgen-5dec.exe
.exe windows:4 windows x86 arch:x86

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
strncpy
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
bsearch
qsort
realloc
malloc
free
setbuf
getenv
atoi
_snprintf
strncmp
strrchr
fprintf
_iob
_stricmp
_strdup

kernel32

LocalFree
HeapFree
IsBadReadPtr
VirtualFree
VirtualProtect
SetLastError
VirtualAlloc
GetProcessHeap
HeapAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pwgen-fsi-5x4dec.exe
.exe windows:4 windows x86 arch:x86

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
strncpy
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
bsearch
qsort
realloc
malloc
free
setbuf
getenv
atoi
_snprintf
strncmp
strrchr
fprintf
_iob
_stricmp
_strdup

kernel32

LocalFree
HeapFree
IsBadReadPtr
VirtualFree
VirtualProtect
SetLastError
VirtualAlloc
GetProcessHeap
HeapAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pwgen-fsi-hex.exe
.exe windows:4 windows x86 arch:x86

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
strncpy
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
bsearch
qsort
realloc
malloc
free
setbuf
getenv
atoi
_snprintf
strncmp
strrchr
fprintf
_iob
_stricmp
_strdup

kernel32

LocalFree
HeapFree
IsBadReadPtr
VirtualFree
VirtualProtect
SetLastError
VirtualAlloc
GetProcessHeap
HeapAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pwgen-hpmini.exe
.exe windows:4 windows x86 arch:x86

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
strncpy
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
bsearch
qsort
realloc
malloc
free
setbuf
getenv
atoi
_snprintf
strncmp
strrchr
fprintf
_iob
_stricmp
_strdup

kernel32

LocalFree
HeapFree
IsBadReadPtr
VirtualFree
VirtualProtect
SetLastError
VirtualAlloc
GetProcessHeap
HeapAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pwgen-insyde.exe
.exe windows:4 windows x86 arch:x86

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
strncpy
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
bsearch
qsort
realloc
malloc
free
setbuf
getenv
atoi
_snprintf
strncmp
strrchr
fprintf
_iob
_stricmp
_strdup

kernel32

LocalFree
HeapFree
IsBadReadPtr
VirtualFree
VirtualProtect
SetLastError
VirtualAlloc
GetProcessHeap
HeapAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pwgen-samsung.exe
.exe windows:4 windows x86 arch:x86

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
strncpy
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
bsearch
qsort
realloc
malloc
free
setbuf
getenv
atoi
_snprintf
strncmp
strrchr
fprintf
_iob
_stricmp
_strdup

kernel32

LocalFree
HeapFree
IsBadReadPtr
VirtualFree
VirtualProtect
SetLastError
VirtualAlloc
GetProcessHeap
HeapAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
pwgen-sony-serial.exe
.exe windows:4 windows x86 arch:x86

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
strncpy
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
bsearch
qsort
realloc
malloc
free
setbuf
getenv
atoi
_snprintf
strncmp
strrchr
fprintf
_iob
_stricmp
_strdup

kernel32

LocalFree
HeapFree
IsBadReadPtr
VirtualFree
VirtualProtect
SetLastError
VirtualAlloc
GetProcessHeap
HeapAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
python23.dll
.dll windows:4 windows x86 arch:x86

d29ee70f4f5982ce261956784dd53cc3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
GetFullPathNameA
LocalFree
GetLastError
SetEndOfFile
GetVersion
GetModuleFileNameA
FindClose
FindFirstFileA
Sleep
FindNextFileA
FindNextFileW
FindFirstFileW
GetFullPathNameW
CloseHandle
DuplicateHandle
GetCurrentProcess
CreatePipe
CreateProcessA
GetEnvironmentVariableA
FreeLibrary
FormatMessageA
GetProcessTimes
OutputDebugStringA
GetVersionExA
GetConsoleOutputCP
GetConsoleCP
CreateEventA
GetModuleHandleA
InterlockedExchange
GetCurrentThreadId
InterlockedIncrement
SetEvent
InterlockedDecrement
CreateSemaphoreA
ReleaseSemaphore
SetConsoleCtrlHandler
ResetEvent
MultiByteToWideChar
WideCharToMultiByte
QueryPerformanceCounter
GetProcAddress
GetACP
GetLocaleInfoA
QueryPerformanceFrequency
WaitForSingleObject
GetExitCodeProcess

user32

LoadStringA

advapi32

RegQueryValueA
RegOpenKeyExA
RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA

msvcrt

_CIfmod
_kbhit
_open_osfhandle
_timezone
memmove
fclose
ungetc
fgetc
free
malloc
fflush
fwrite
fopen
_pctype
__mb_cur_max
_isctype
localeconv
setlocale
strcoll
wcscoll
strxfrm
time
exit
fprintf
_iob
printf
realloc
fread
clearerr
_ftol
tolower
calloc
strchr
_errno
ceil
floor
fputs
strncpy
_hypot
_HUGE
_CIsinh
_CIcosh
atof
sprintf
_CIpow
strtod
strtol
getc
strncmp
_sys_errlist
_sys_nerr
wcslen
strrchr
strerror
_wfopen
setvbuf
fsetpos
fgetpos
_lseeki64
_get_osfhandle
ftell
memchr
fgets
_tzset
modf
ldexp
frexp
getenv
fseek
_setmode
putc
acos
asin
atan
atan2
cos
cosh
exp
fabs
fmod
pow
sin
sinh
sqrt
tan
tanh
log
log10
_heapmin
_locking
_endthread
_ftime
_getch
_getche
_putch
_ungetch
_vsnprintf
_wchdir
_commit
_wgetcwd
wcscpy
wcsncpy
_wmkdir
rename
_wrename
_wrmdir
_stati64
_wstati64
system
_wunlink
_exit
_spawnv
_spawnve
_fdopen
strncat
_stricmp
_cwait
_wopen
_fstati64
_tempnam
tmpfile
tmpnam
abort
__p__environ
_setjmp3
longjmp
atoi
rewind
_except_handler3
signal
fputc
toupper
vfprintf
_beginthread
_lseek
clock
gmtime
localtime
strftime
asctime
ctime
mktime
strstr
qsort
vsprintf
_initterm
_adjust_fdiv
__dllonexit
_onexit
_fileno
_getcwd
_strdup
_stat
_isatty
_fstat
_execv
_unlink
_open
_strnicmp
_access
_chdir
_chmod
_mkdir
_rmdir
_umask
_utime
_dup2
_execve
_getpid
_close
_dup
_read
_write
_putenv
_tzname
_daylight

Exports

Exports

PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyBaseObject_Type
PyBaseString_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FromMemory
PyBuffer_FromObject
PyBuffer_FromReadWriteMemory
PyBuffer_FromReadWriteObject
PyBuffer_New
PyBuffer_Type
PyCFunction_Call
PyCFunction_Fini
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCObject_AsVoidPtr
PyCObject_FromVoidPtr
PyCObject_FromVoidPtrAndDesc
PyCObject_GetDesc
PyCObject_Import
PyCObject_Type
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCell_Get
PyCell_New
PyCell_Set
PyCell_Type
PyClassMethod_New
PyClassMethod_Type
PyClass_IsSubclass
PyClass_New
PyClass_Type
PyCode_Addr2Line
PyCode_New
PyCode_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_LookupError
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_XMLCharRefReplaceErrors
PyComplex_AsCComplex
PyComplex_FromCComplex
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDescr_NewWrapper
PyDictProxy_New
PyDict_Clear
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithUnicodeFilename
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithUnicodeFilename
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetFromWindowsErrWithUnicodeFilename
PyErr_SetInterrupt
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_Warn
PyErr_WarnExplicit
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObject
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_GetBuiltins
PyEval_GetCallStats
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_GetRestricted
PyEval_InitThreads
PyEval_MergeCompilerFlags
PyEval_ReInitThreads
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_SetProfile
PyEval_SetTrace
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EnvironmentError
PyExc_Exception
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_IOError
PyExc_ImportError
PyExc_IndentationError
PyExc_IndexError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_MemoryErrorInst
PyExc_NameError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_OverflowWarning
PyExc_PendingDeprecationWarning
PyExc_ReferenceError
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StandardError
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyFile_AsFile
PyFile_FromFile
PyFile_FromString
PyFile_GetLine
PyFile_Name
PyFile_SetBufSize
PyFile_SetEncoding
PyFile_SoftSpace
PyFile_Type
PyFile_WriteObject
PyFile_WriteString
PyFloat_AsDouble
PyFloat_AsReprString
PyFloat_AsString
PyFloat_Fini
PyFloat_FromDouble
PyFloat_FromString
PyFloat_Type
PyFrame_BlockPop
PyFrame_BlockSetup
PyFrame_FastToLocals
PyFrame_Fini
PyFrame_LocalsToFast
PyFrame_New
PyFrame_Type
PyFunction_GetClosure
PyFunction_GetCode
PyFunction_GetDefaults
PyFunction_GetGlobals
PyFunction_GetModule
PyFunction_New
PyFunction_SetClosure
PyFunction_SetDefaults
PyFunction_Type
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyImport_AddModule
PyImport_AppendInittab
PyImport_Cleanup
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExtendInittab
PyImport_FrozenModules
PyImport_GetMagicNumber
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportModule
PyImport_ImportModuleEx
PyImport_Inittab
PyImport_ReloadModule
PyInstance_New
PyInstance_NewRaw
PyInstance_Type
PyInt_AsLong
PyInt_AsUnsignedLongLongMask
PyInt_AsUnsignedLongMask
PyInt_Fini
PyInt_FromLong
PyInt_FromString
PyInt_FromUnicode
PyInt_GetMax
PyInt_Type
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Head
PyInterpreterState_New
PyInterpreterState_Next
PyInterpreterState_ThreadHead
PyIter_Next
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongLong
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromString
PyLong_FromUnicode
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMarshal_ReadLastObjectFromFile
PyMarshal_ReadLongFromFile
PyMarshal_ReadObjectFromFile
PyMarshal_ReadObjectFromString
PyMarshal_ReadShortFromFile
PyMarshal_WriteLongToFile
PyMarshal_WriteObjectToFile
PyMarshal_WriteObjectToString
PyMem_Free
PyMem_Malloc
PyMem_Realloc
PyMember_Get
PyMember_GetOne
PyMember_Set
PyMember_SetOne
PyMethod_Class
PyMethod_Fini
PyMethod_Function
PyMethod_New
PyMethod_Self
PyMethod_Type
PyModule_AddIntConstant
PyModule_AddObject
PyModule_AddStringConstant
PyModule_GetDict
PyModule_GetFilename
PyModule_GetName
PyModule_New
PyModule_Type
PyNode_AddChild
PyNode_Compile
PyNode_CompileFlags
PyNode_CompileSymtable
PyNode_Free
PyNode_Future
PyNode_ListTree
PyNode_New
PyNumber_Absolute
PyNumber_Add
PyNumber_And
PyNumber_Check
PyNumber_Coerce
PyNumber_CoerceEx
PyNumber_Divide
PyNumber_Divmod
PyNumber_Float
PyNumber_FloorDivide
PyNumber_InPlaceAdd
PyNumber_InPlaceAnd
PyNumber_InPlaceDivide
PyNumber_InPlaceFloorDivide
PyNumber_InPlaceLshift
PyNumber_InPlaceMultiply
PyNumber_InPlaceOr
PyNumber_InPlacePower
PyNumber_InPlaceRemainder
PyNumber_InPlaceRshift
PyNumber_InPlaceSubtract
PyNumber_InPlaceTrueDivide
PyNumber_InPlaceXor
PyNumber_Int
PyNumber_Invert
PyNumber_Long
PyNumber_Lshift
PyNumber_Multiply
PyNumber_Negative
PyNumber_Or
PyNumber_Positive
PyNumber_Power
PyNumber_Remainder
PyNumber_Rshift
PyNumber_Subtract
PyNumber_TrueDivide
PyNumber_Xor
PyOS_AfterFork
PyOS_CheckStack
PyOS_FiniInterrupts
PyOS_InitInterrupts
PyOS_InputHook
PyOS_InterruptOccurred
PyOS_Readline
PyOS_ReadlineFunctionPointer
PyOS_getsig
PyOS_setsig
PyOS_snprintf
PyOS_strtol
PyOS_strtoul
PyOS_vsnprintf
PyObject_AsCharBuffer
PyObject_AsFileDescriptor
PyObject_AsReadBuffer
PyObject_AsWriteBuffer
PyObject_Call
PyObject_CallFunction
PyObject_CallFunctionObjArgs
PyObject_CallMethod
PyObject_CallMethodObjArgs
PyObject_CallObject
PyObject_CheckReadBuffer
PyObject_ClearWeakRefs
PyObject_Cmp
PyObject_Compare
PyObject_DelItem
PyObject_DelItemString
PyObject_Dir
PyObject_Free
PyObject_GC_Del
PyObject_GC_Track
PyObject_GC_UnTrack
PyObject_GenericGetAttr
PyObject_GenericSetAttr
PyObject_GetAttr
PyObject_GetAttrString
PyObject_GetItem
PyObject_GetIter
PyObject_HasAttr
PyObject_HasAttrString
PyObject_Hash
PyObject_Init
PyObject_InitVar
PyObject_IsInstance
PyObject_IsSubclass
PyObject_IsTrue
PyObject_Length
PyObject_Malloc
PyObject_Not
PyObject_Print
PyObject_Realloc
PyObject_Repr
PyObject_RichCompare
PyObject_RichCompareBool
PyObject_SelfIter
PyObject_SetAttr
PyObject_SetAttrString
PyObject_SetItem
PyObject_Size
PyObject_Str
PyObject_Type
PyObject_Unicode
PyParser_ParseFile
PyParser_ParseFileFlags
PyParser_ParseString
PyParser_ParseStringFlags
PyParser_ParseStringFlagsFilename
PyParser_SetError
PyParser_SimpleParseFile
PyParser_SimpleParseFileFlags
PyParser_SimpleParseString
PyParser_SimpleParseStringFlags
PyParser_SimpleParseStringFlagsFilename
PyProperty_Type
PyRange_New
PyRange_Type
PyRun_AnyFile
PyRun_AnyFileEx
PyRun_AnyFileExFlags
PyRun_AnyFileFlags
PyRun_File
PyRun_FileEx
PyRun_FileExFlags
PyRun_FileFlags
PyRun_InteractiveLoop
PyRun_InteractiveLoopFlags
PyRun_InteractiveOne
PyRun_InteractiveOneFlags
PyRun_SimpleFile
PyRun_SimpleFileEx
PyRun_SimpleFileExFlags
PyRun_SimpleString
PyRun_SimpleStringFlags
PyRun_String
PyRun_StringFlags
PySeqIter_New
PySeqIter_Type
PySequence_Check
PySequence_Concat
PySequence_Contains
PySequence_Count
PySequence_DelItem
PySequence_DelSlice
PySequence_Fast
PySequence_GetItem
PySequence_GetSlice
PySequence_In
PySequence_InPlaceConcat
PySequence_InPlaceRepeat
PySequence_Index
PySequence_Length
PySequence_List
PySequence_Repeat
PySequence_SetItem
PySequence_SetSlice
PySequence_Size
PySequence_Tuple
PySlice_GetIndices
PySlice_GetIndicesEx
PySlice_New
PySlice_Type

Sections

.text
Size: 620KB - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 252KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ui.min.js
.js
unicodedata.pyd
.dll windows:4 windows x86 arch:x86

dfd3a15129bf7ece1f8741287f95a589

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python23

PyString_FromString
PyUnicodeUCS2_FromUnicode
Py_BuildValue
PyObject_Free
PyOS_snprintf
PyUnicodeUCS2_Resize
PyCObject_FromVoidPtr
PyModule_AddStringConstant
Py_InitModule4
_PyUnicodeUCS2_ToNumeric
PyFloat_FromDouble
_PyUnicodeUCS2_ToDigit
PyUnicode_Type
PyArg_ParseTuple
PyExc_TypeError
PyErr_SetString
_PyUnicodeUCS2_ToDecimalDigit
PyExc_ValueError
PyInt_FromLong
PyExc_KeyError
PyModule_AddObject

msvcrt

_adjust_fdiv
_initterm
free
malloc
toupper
strncmp
sprintf

kernel32

DisableThreadLibraryCalls

Exports

Exports

initunicodedata

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 376KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
zlib.pyd
.dll windows:4 windows x86 arch:x86

b4145997e570ea0c730028141451d75f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

python23

PyExc_ValueError
PyObject_Free
PyThread_release_lock
PyThread_acquire_lock
Py_FindMethod
PyInt_FromLong
PyString_FromString
_PyObject_New
PyModule_AddIntConstant
PyModule_AddObject
PyErr_NewException
Py_InitModule4
PyType_Type
_PyString_Resize
PyErr_Format
PyArg_ParseTuple
PyExc_MemoryError
PyErr_SetString
PyEval_SaveThread
PyEval_RestoreThread
PyString_FromStringAndSize
PyThread_allocate_lock
PyModule_AddStringConstant

msvcrt

_onexit
__dllonexit
_adjust_fdiv
_initterm
calloc
malloc
free

kernel32

DisableThreadLibraryCalls

Exports

Exports

initzlib

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79c0f9dd25063641b30a46346812c9fb

Headers

File Characteristics

Imports

python23

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 37KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 2KB

79a2d2eb622fc6179baa427da5cac5fd

Headers

File Characteristics

Imports

python23

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 28KB

UPX1 Size: 4KB - Virtual size: 8KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 4KB - Virtual size: 4KB

.bss Size: - Virtual size: 148B

.rdata Size: 88B - Virtual size: 88B

.data Size: 1KB - Virtual size: 1KB

.idata Size: 792B - Virtual size: 792B

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 6KB

f9c151ed6f41aa5a9eadfc9dd2d52033

Headers

File Characteristics

Imports

msvcrt

kernel32

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 5KB

.text
Size: 40KB - Virtual size: 37KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB

UPX0
Size: - Virtual size: 28KB

UPX1
Size: 4KB - Virtual size: 8KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.bss
Size: - Virtual size: 148B

.rdata
Size: 88B - Virtual size: 88B

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 792B - Virtual size: 792B

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 6KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 5KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 5KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 4KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 5KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 620KB - Virtual size: 617KB

.rdata
Size: 32KB - Virtual size: 30KB

.data
Size: 252KB - Virtual size: 258KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 40KB - Virtual size: 39KB