MBR_OVERWRITER_SOURCE_CODE[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

MBR_OVERWRITER_SOURCE_CODE.zip
Size

1.2MB
MD5

960172ea8cf0196a4faa9be14e4cda24
SHA1

e0ef6319d2a0fe1963df12c2c23af3aaa468af78
SHA256

ec74af7c4f79fa4449f3acc8fbe0cf245eb70bee9d6d9458ab4f59ed18b3d18a
SHA512

f3bae2d783fb6b41934cf3449849f2dd98877c195500011034df290595fb1068a4393d764e91c8af0b29902dfc2566be638c4ea47abd69dc3ecabc016d36a4dc
SSDEEP

24576:bVy8PKbPHgUGN1fP5nPfLaPNv0Yg3opIPumsgCNB5EfROa64CaNA0n:bV/PKrHgUGvfpLwd0Yg3oKPumshBD7LA

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/MbrOverwriter/MbrOverwriter/bin/Debug/MbrOverwriter.exe
unpack001/MbrOverwriter/MbrOverwriter/obj/Debug/MbrOverwriter.exe
unpack001/NASM/Uninstall.exe
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/UserInfo.dll
unpack001/NASM/ldrdf.exe
unpack001/NASM/nasm.exe
unpack001/NASM/ndisasm.exe
unpack001/NASM/rdf2bin.exe
unpack001/NASM/rdf2com.exe
unpack001/NASM/rdf2ihx.exe
unpack001/NASM/rdf2ith.exe
unpack001/NASM/rdf2srec.exe
unpack001/NASM/rdfdump.exe
unpack001/NASM/rdflib.exe

Files

MBR_OVERWRITER_SOURCE_CODE.zip
.zip
MbrOverwriter/.vs/MbrOverwriter/v16/.suo
MbrOverwriter/MbrOverwriter.sln
MbrOverwriter/MbrOverwriter/Class1.cs
.js
MbrOverwriter/MbrOverwriter/MbrOverwriter.csproj
MbrOverwriter/MbrOverwriter/Properties/AssemblyInfo.cs
MbrOverwriter/MbrOverwriter/app.manifest
MbrOverwriter/MbrOverwriter/bin/Debug/MbrOverwriter.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Worm\source\repos\MbrOverwriter\MbrOverwriter\obj\Debug\MbrOverwriter.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MbrOverwriter/MbrOverwriter/bin/Debug/MbrOverwriter.pdb
MbrOverwriter/MbrOverwriter/obj/Debug/.NETFramework,Version=v4.0.AssemblyAttributes.cs
MbrOverwriter/MbrOverwriter/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
MbrOverwriter/MbrOverwriter/obj/Debug/MbrOverwriter.csproj.CoreCompileInputs.cache
MbrOverwriter/MbrOverwriter/obj/Debug/MbrOverwriter.csproj.FileListAbsolute.txt
MbrOverwriter/MbrOverwriter/obj/Debug/MbrOverwriter.csprojAssemblyReference.cache
MbrOverwriter/MbrOverwriter/obj/Debug/MbrOverwriter.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Worm\source\repos\MbrOverwriter\MbrOverwriter\obj\Debug\MbrOverwriter.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MbrOverwriter/MbrOverwriter/obj/Debug/MbrOverwriter.pdb
NASM/LICENSE
NASM/Uninstall.exe
.exe windows:4 windows x86 arch:x86

446b7557e42bfc440d0ca6f8a6a5f455

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SetFileSecurityW

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectW
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileW
CreateDirectoryW
CreateFileW
CreateProcessW
CreateThread
DeleteFileW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetDiskFreeSpaceW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetShortPathNameW
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetTickCount
GetVersion
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryExW
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesW
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpynW
lstrlenA
lstrlenW

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderW
SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW

user32

AppendMenuW
BeginPaint
CallWindowProcW
CharNextA
CharNextW
CharPrevW
CheckDlgButton
CloseClipboard
CreateDialogParamW
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExW
GetClassInfoW
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextW
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongW
GetWindowRect
InvalidateRect
IsWindow
IsWindowEnabled
IsWindowVisible
LoadBitmapW
LoadCursorW
LoadImageW
MessageBoxIndirectW
OpenClipboard
PeekMessageW
PostQuitMessage
RegisterClassW
ReleaseDC
ScreenToClient
SendMessageTimeoutW
SendMessageW
SetClassLongW
SetClipboardData
SetCursor
SetDlgItemTextW
SetForegroundWindow
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenu
wsprintfA
wsprintfW

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 407KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

aff5d9d526a27f56d720fb3ae00a5bc5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalFree
GlobalSize
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
lstrcpyW
lstrcpynW
lstrlenW

msvcrt

_amsg_exit
_initterm
_iob
_lock
_unlock
abort
calloc
free
fwrite
realloc
strlen
strncmp
vfprintf

ole32

CLSIDFromString
StringFromGUID2

user32

wsprintfW

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 992B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 179B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

ed7108f0b235addda65c9e8319f51166

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AllocateAndInitializeSid
EqualSid
FreeSid
GetTokenInformation
GetUserNameW
OpenProcessToken
OpenThreadToken

kernel32

CloseHandle
GetCurrentProcess
GetCurrentThread
GetLastError
GetModuleHandleW
GetProcAddress
GetVersion
GlobalAlloc
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
lstrcpynW

user32

wsprintfW

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NASM/VSrules/nasm.README
NASM/VSrules/nasm.rules
.xml
NASM/clutter.asm
NASM/clutter.bin
NASM/ldrdf.exe
.exe windows:4 windows x86 arch:x86

a61ab8b656a3b6e727fbc9f311163db9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fgets
fopen
fprintf
fread
free
fseek
fsetpos
ftell
fwrite
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
printf
putchar
puts
realloc
remove
rewind
setlocale
setvbuf
signal
strchr
strcmp
strcpy
strerror
strlen
strncmp
strpbrk
tolower
vfprintf
_fileno

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/nasm.exe
.exe windows:4 windows x86 arch:x86

2cec3397f7a24bda80baf9df84308477

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_fullpath
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_vsnprintf
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fprintf
fputc
fputs
fread
free
fsetpos
fwrite
getenv
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcmp
memcpy
memset
localtime
gmtime
perror
printf
putc
qsort
realloc
remove
setlocale
setvbuf
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strrchr
strspn
strtoul
tolower
toupper
ungetc
vfprintf
time
_fileno

Sections

.text
Size: 252KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 970KB - Virtual size: 970KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1012B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/nasm.ico
NASM/nasmdoc.pdf
.pdf
- http://..got
- http://..sym128www.delorie.com111www.pcorner.com
- http://.o.as
- http://126FreeLink111ftp.simtel.net
- http://29..got
- http://Makefile.in
- http://Makefile.vc
- http://__79ALINK111alink.sourceforge.net
- http://alink.sourceforge.net
- http://atalink.sourceforge.net
- http://comtch.iea.com
- http://config.h.in
- http://configure.in
- http://ctxnum.name
- http://eltech.ru
- http://file.com
- http://findleak.pl
- http://ftp.simtel.net
- http://insns.pl
- http://install.sh
- http://library.so
- http://mkdep.pl
- http://myfile.com
- http://myfile.map
- http://myinc.inc
- http://myprog.com
- http://mystruc.mt
- http://nasm098p3.zip
- http://option22x2ftp.oulu.fi
- http://program.com
- http://rdsrc.pl
- http://san.rr.com
- http://snapshots275.data
- http://version.pl
- http://www.cpan.org/ports/index.html
- http://www.cpan.org/ports/index.html.C.2.53
- http://www.csoft.net/cz/johnfine/�Changed
- http://www.delorie.com
- http://www.delorie.com/djgpp/16bit/djlink/
- http://www.nasm.us
- http://www.nasm.us/
- http://www.nasm.us/.New
- http://www.nasm.us/abi/unix64
- http://www.nasm.us/abi/unix64Although
- http://www.nasm.us/abi/win64
- http://www.nasm.us/abi/win64What
- http://www.pcorner.com
- http://www.pcorner.com/tpc/old/3-101.html
- http://wwww.nasm.us/,
- http://x2ftp.oulu.fi
- http://zytor.com
- https://bugs.nasm.us
- https://bugs.nasm.us/
- Show all
NASM/nasmpath.bat
NASM/ndisasm.exe
.exe windows:4 windows x86 arch:x86

8c95d24d354fe933e2f05b23b697740f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_vsnprintf
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fopen
fprintf
fputc
fread
free
fseek
fsetpos
ftell
fwrite
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
realloc
setlocale
setvbuf
signal
strchr
strcmp
strerror
strlen
strncmp
strncpy
strpbrk
strtoul
tolower
vfprintf
_fileno

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 662KB - Virtual size: 662KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/rdf2bin.exe
.exe windows:4 windows x86 arch:x86

49fef107c5f95b5eb16d2250a8f4f217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fopen
fprintf
fread
free
fseek
fsetpos
ftell
fwrite
isalnum
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
printf
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strcpy
strerror
strlen
strncmp
strpbrk
tolower
vfprintf
_fileno

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/rdf2com.exe
.exe windows:4 windows x86 arch:x86

49fef107c5f95b5eb16d2250a8f4f217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fopen
fprintf
fread
free
fseek
fsetpos
ftell
fwrite
isalnum
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
printf
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strcpy
strerror
strlen
strncmp
strpbrk
tolower
vfprintf
_fileno

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/rdf2ihx.exe
.exe windows:4 windows x86 arch:x86

49fef107c5f95b5eb16d2250a8f4f217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fopen
fprintf
fread
free
fseek
fsetpos
ftell
fwrite
isalnum
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
printf
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strcpy
strerror
strlen
strncmp
strpbrk
tolower
vfprintf
_fileno

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/rdf2ith.exe
.exe windows:4 windows x86 arch:x86

49fef107c5f95b5eb16d2250a8f4f217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fopen
fprintf
fread
free
fseek
fsetpos
ftell
fwrite
isalnum
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
printf
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strcpy
strerror
strlen
strncmp
strpbrk
tolower
vfprintf
_fileno

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/rdf2srec.exe
.exe windows:4 windows x86 arch:x86

49fef107c5f95b5eb16d2250a8f4f217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fopen
fprintf
fread
free
fseek
fsetpos
ftell
fwrite
isalnum
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
printf
realloc
setlocale
setvbuf
signal
sprintf
strchr
strcmp
strcpy
strerror
strlen
strncmp
strpbrk
tolower
vfprintf
_fileno

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/rdfdump.exe
.exe windows:4 windows x86 arch:x86

bb5b15a9ba95484520ba531e833a01db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetpos
fopen
fprintf
fread
free
fseek
fsetpos
ftell
fwrite
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
printf
putchar
puts
realloc
setlocale
setvbuf
signal
strchr
strcmp
strerror
strlen
strncmp
strpbrk
tolower
vfprintf
_fileno

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/rdflib.exe
.exe windows:4 windows x86 arch:x86

fb11cf5181c12f77f49ec3d08f1920da

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

___mb_cur_max_func
__doserrno
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__pioinfo
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_chsize
_errno
_filelengthi64
_fileno
_fstati64
_initterm
_iob
_lseeki64
_onexit
_setmode
_stricmp
_strnicmp
_waccess
_wfopen
_write
_wstati64
abort
atoi
calloc
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fopen
fprintf
fputc
fputs
fread
free
freopen
fseek
fsetpos
ftell
fwrite
isalpha
iscntrl
ispunct
isspace
isxdigit
malloc
memcpy
perror
printf
putchar
puts
realloc
rewind
setlocale
setvbuf
signal
strchr
strcmp
strerror
strlen
strncmp
strpbrk
tmpfile
tolower
vfprintf
time
_fileno

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 996B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
NASM/test1.asm
clutter.asm
clutter.bin

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 12B

446b7557e42bfc440d0ca6f8a6a5f455

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

shell32

user32

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 512B - Virtual size: 192B

.rdata Size: 28KB - Virtual size: 28KB

.bss Size: - Virtual size: 407KB

.idata Size: 5KB - Virtual size: 4KB

.ndata Size: 512B - Virtual size: 1.4MB

.rsrc Size: 11KB - Virtual size: 10KB

aff5d9d526a27f56d720fb3ae00a5bc5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

user32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 52B

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: - Virtual size: 992B

.edata Size: 512B - Virtual size: 179B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 44B

.tls Size: 512B - Virtual size: 8B

.reloc Size: 1KB - Virtual size: 1KB

ed7108f0b235addda65c9e8319f51166

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 192B

.rdata
Size: 28KB - Virtual size: 28KB

.bss
Size: - Virtual size: 407KB

.idata
Size: 5KB - Virtual size: 4KB

.ndata
Size: 512B - Virtual size: 1.4MB

.rsrc
Size: 11KB - Virtual size: 10KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 52B

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: - Virtual size: 992B

.edata
Size: 512B - Virtual size: 179B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 8B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 248B

.bss
Size: - Virtual size: 16B

.edata
Size: 512B - Virtual size: 129B

.idata
Size: 1024B - Virtual size: 756B

.reloc
Size: 512B - Virtual size: 184B

.text
Size: 22KB - Virtual size: 21KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 70KB - Virtual size: 69KB

.bss
Size: - Virtual size: 996B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.text
Size: 252KB - Virtual size: 251KB

.data
Size: 6KB - Virtual size: 5KB

.rdata
Size: 970KB - Virtual size: 970KB

.bss
Size: - Virtual size: 1012B

.idata
Size: 3KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 808B

.rdata
Size: 662KB - Virtual size: 662KB

.bss
Size: - Virtual size: 996B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 68KB - Virtual size: 67KB

.bss
Size: - Virtual size: 996B

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.text
Size: 16KB - Virtual size: 16KB

.data
Size: 1KB - Virtual size: 1KB