1a09eed61943ebfdf98e0523506179e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a09eed61943ebfdf98e0523506179e1_JaffaCakes118
Size

320KB
MD5

1a09eed61943ebfdf98e0523506179e1
SHA1

e4908458296690abf4909bb347420336d9ffe390
SHA256

bb0a232e225dca637fccf7d2d66904756eff1385fa51eebd33e389661a5073c7
SHA512

53a8999407f02649eb73802506c719ec75802ba5e5bc045d815cab5e08b4de91ef97e95522d1b4965037ec944597cc525003bd9dcfb44a1287852b887986d6a6
SSDEEP

6144:17VqFFMkg5vprO4EQR+udcZU1KpWadN06w6UhxdBiAj6aI8a150fFrraPae:lEFIZbciaTdN06yLu8aIFn6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 21 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BIN/DADVAPI.DLL
unpack001/BIN/DDDRAW.DLL
unpack001/BIN/DGDI32.DLL
unpack001/BIN/DKRNL32.DLL
unpack001/BIN/DUSER32.DLL
unpack001/BIN/HXLDR32.EXE
unpack001/BIN/HXVDD.DLL
unpack001/BIN/OLE32.DLL
unpack001/BIN/OLEAUT32.DLL
unpack001/BIN/PESTUB.EXE
unpack001/BIN/SECUR32.DLL
unpack001/BIN/VERSION.DLL
unpack001/BIN/VESA32.DLL
unpack001/TEST/DDTEST.EXE
unpack001/TEST/DDTSTDBL.EXE
unpack001/TEST/DDTSTTRI.EXE
unpack001/TEST/ENUMMODE.EXE
unpack001/TEST/GDITEST.EXE
unpack001/TEST/LOCTIME.EXE
unpack001/TEST/TESTASPI.EXE
unpack001/TEST/THREAD.EXE

Files

1a09eed61943ebfdf98e0523506179e1_JaffaCakes118
.zip
BIN/CLASSES
BIN/DADVAPI.DLL
.dll windows:4 windows x86 arch:x86

fc9ed78948842873cf20279e1ca7c51d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetEnvironmentVariableA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileStringA
LocalAlloc
LocalFree
RtlMoveMemory
WritePrivateProfileStringA
lstrcat
lstrcpy
lstrlen
lstrlenW

Exports

Exports

AddAccessAllowedAce
AdjustTokenPrivileges
AllocateAndInitializeSid
AllocateLocallyUniqueId
CloseServiceHandle
ControlService
CopySid
CreateServiceA
CryptAcquireContextA
CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDeriveKey
CryptDestroyHash
CryptDestroyKey
CryptEncrypt
CryptEnumProvidersA
CryptExportKey
CryptGenKey
CryptGenRandom
CryptGetHashParam
CryptGetKeyParam
CryptGetProvParam
CryptGetUserKey
CryptHashData
CryptImportKey
CryptReleaseContext
CryptSetHashParam
CryptSetKeyParam
CryptSetProvParam
CryptSignHashA
CryptVerifySignatureA
DeleteAce
DeleteService
DeregisterEventSource
DuplicateToken
DuplicateTokenEx
EqualSid
FreeSid
GetAce
GetFileSecurityA
GetFileSecurityW
GetKernelObjectSecurity
GetLengthSid
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
GetSecurityInfo
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
GetUserNameA
GetUserNameW
ImpersonateLoggedOnUser
InitializeAcl
InitializeSecurityDescriptor
InitializeSid
IsValidAcl
IsValidSecurityDescriptor
IsValidSid
LookupAccountNameA
LookupAccountSidA
LookupAccountSidW
LookupPrivilegeValueA
MakeAbsoluteSD
OpenProcessToken
OpenSCManagerA
OpenServiceA
OpenThreadToken
QueryServiceStatus
RegCloseKey
RegConnectRegistryA
RegCreateKeyA
RegCreateKeyExA
RegCreateKeyExW
RegCreateKeyW
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyA
RegEnumKeyExA
RegEnumKeyExW
RegEnumKeyW
RegEnumValueA
RegEnumValueW
RegFlushKey
RegNotifyChangeKeyValue
RegOpenKeyA
RegOpenKeyExA
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegQueryValueA
RegQueryValueExA
RegQueryValueExW
RegQueryValueW
RegRestoreKeyA
RegSaveKeyA
RegSetValueA
RegSetValueExA
RegSetValueExW
RegSetValueW
RegisterEventSourceA
RegisterEventSourceW
ReportEventA
ReportEventW
RevertToSelf
SetEntriesInAclW
SetFileSecurityA
SetFileSecurityW
SetKernelObjectSecurity
SetSecurityDescriptorDacl
SetThreadToken
StartServiceA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/DDDRAW.DLL
.dll windows:4 windows x86 arch:x86

bc17f283a2a86ed9074fc1fb5e8b7c89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetConsoleMode
GetConsoleMode
VirtualFree
LocalFree
LocalAlloc
LoadLibraryA
GetStdHandle
GetProcAddress
GetModuleHandleA
FreeLibrary
DisableThreadLibraryCalls
VirtualAlloc

gdi32

GetPaletteEntries
SetPaletteEntries
DeleteObject
CreatePalette
SetSystemPaletteUse
SelectPalette
RealizePalette
DeleteDC
CreateDCA

vesa32

EnumVesaModes
GetVesaMemoryBufferSize
GetVesaMode
GetVesaModeInfo
GetVesaStateBufferSize
GetVesaVideoMemorySize
RestoreVesaVideoMemory
RestoreVesaVideoState
SaveVesaVideoMemory
SaveVesaVideoState
SearchVesaMode
SetVesaMode
VesaMouseInit
VesaMouseExit
GetVesaFlipStatus
SetVesaDisplayStart

Exports

Exports

DDHAL32_VidMemAlloc
DDHAL32_VidMemFree
DirectDrawCreate
DirectDrawCreateEx
DirectDrawEnumerateA
DirectDrawEnumerateExA
DllGetClassObject

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/DGDI32.DLL
.dll windows:4 windows x86 arch:x86

180c80d898247200926c50ce201d168a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetProcessHeap
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
RtlMoveMemory
RtlZeroMemory
_llseek
_lopen
_lclose
_lread
lstrcmpi
lstrcpy
lstrcpyA
lstrcpyn
lstrlenA
GetModuleHandleA
GetProcAddress
lstrlenW
WideCharToMultiByte
lstrcpynW
SetLastError
lstrlen
FreeLibrary
LoadLibraryA

Exports

Exports

AddFontResourceA
AnimatePalette
Arc
BitBlt
ChoosePixelFormat
CloseEnhMetaFile
CloseMetaFile
CombineRgn
CopyEnhMetaFileA
CopyEnhMetaFileW
CopyMetaFileA
CopyMetaFileW
CreateBitmap
CreateBrushIndirect
CreateColorSpaceA
CreateColorSpaceW
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontA
CreateFontIndirectA
CreateFontIndirectW
CreateFontW
CreateHalftonePalette
CreateICA
CreateICW
CreateMetaFileA
CreateMetaFileW
CreatePalette
CreatePatternBrush
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DPtoLP
DeleteDC
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
DescribePixelFormat
Ellipse
EndDoc
EndPage
EnumEnhMetaFile
EnumFontFamiliesA
EnumFontFamiliesExA
EnumFontFamiliesExW
EnumFontFamiliesW
EnumMetaFile
Escape
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtEscape
ExtTextOutA
ExtTextOutW
FillRgn
FloodFill
GdiDescribePixelFormat
GdiFlush
GdiSetBatchLimit
GdiSetPixelFormat
GdiSwapBuffers
GetBitmapBits
GetBitmapDimensionEx
GetBkColor
GetCharABCWidthsA
GetCharABCWidthsW
GetCharWidth32A
GetCharWidth32W
GetCharWidthA
GetCharWidthW
GetCharacterPlacementA
GetCharacterPlacementW
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDCBrushColor
GetDCOrgEx
GetDCPenColor
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetEnhMetaFilePaletteEntries
GetFontData
GetGlyphOutlineA
GetGlyphOutlineW
GetGraphicsMode
GetMapMode
GetMetaFileBitsEx
GetNearestColor
GetNearestPaletteIndex
GetObjectA
GetObjectType
GetObjectW
GetOutlineTextMetricsA
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetPixelFormat
GetROP2
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetSystemPaletteUse
GetTextAlign
GetTextCharset
GetTextCharsetInfo
GetTextColor
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextExtentPointA
GetTextExtentPointW
GetTextFaceA
GetTextFaceW
GetTextMetricsA
GetTextMetricsW
GetViewportExtEx
GetViewportOrgEx
GetWinMetaFileBits
GetWindowExtEx
GetWindowOrgEx
GetWorldTransform
IntersectClipRect
LPtoDP
LineTo
MaskBlt
ModifyWorldTransform
MoveToEx
OffsetClipRgn
OffsetRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PaintRgn
PatBlt
Pie
PlayEnhMetaFile
PlayEnhMetaFileRecord
PlayMetaFile
PlayMetaFileRecord
PolyPolyline
Polygon
Polyline
PtVisible
RealizePalette
RectVisible
Rectangle
ResizePalette
RestoreDC
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipRgn
SelectObject
SelectPalette
SetBitmapBits
SetBitmapDimensionEx
SetBkColor
SetBkMode
SetDCBrushColor
SetDCOrgEx
SetDCPenColor
SetDIBColorTable
SetDIBits
SetDIBitsToDevice
SetDeviceGammaRamp
SetEnhMetaFileBits
SetGraphicsMode
SetMapMode
SetMetaFileBitsEx
SetPaletteEntries
SetPixel
SetPixelFormat
SetROP2
SetRectRgn
SetStretchBltMode
SetSystemPaletteUse
SetTextAlign
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
SetWorldTransform
StartDocA
StartDocW
StartPage
StretchBlt
StretchDIBits
SwapBuffers
TextOutA
TextOutW
TranslateCharsetInfo
UnrealizeObject
UpdateColors
_GetDCColorMap
_SetDCBitPtr
pfnRealizePalette
pfnSelectPalette

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 650B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/DKRNL32.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

AddAtomA
AllocConsole
AreFileApisANSI
AttachConsole
BackupRead
BackupSeek
BackupWrite
Beep
Borland32
BuildCommDCBA
BuildCommDCBAndTimeoutsA
CancelIo
CancelWaitableTimer
ClearCommBreak
ClearCommError
CloseHandle
CmdBatNotification
CommConfigDialogA
CompareFileTime
CompareStringA
CompareStringW
ConnectNamedPipe
ContinueDebugEvent
CopyFileA
CopyFileW
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMailslotA
CreateMutexA
CreateMutexW
CreateNamedPipeA
CreatePipe
CreateProcessA
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateSocketHandle
CreateTapePartition
CreateThread
CreateToolhelp32Snapshot
CreateWaitableTimerA
DbgPrint
DebugActiveProcess
DebugBreak
DecodePointer
DefineDosDeviceA
DeleteAtom
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeviceIoControl
DisableThreadLibraryCalls
DisconnectNamedPipe
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumCalendarInfoA
EnumResourceLanguagesA
EnumResourceNamesA
EnumResourceTypesA
EnumSystemLocalesA
EnumSystemLocalesW
EraseTape
EscapeCommFunction
ExitProcess
ExitThread
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FatalAppExitA
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindAtomA
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstFileA
FindFirstFileW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeResource
GenerateConsoleCtrlEvent
GetACP
GetAtomNameA
GetBinaryTypeA
GetBinaryTypeW
GetCPInfo
GetCommConfig
GetCommMask
GetCommModemStatus
GetCommProperties
GetCommState
GetCommTimeouts
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeA
GetComputerNameA
GetComputerNameW
GetConsoleCP
GetConsoleCursorInfo
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetConsoleTitleA
GetConsoleTitleW
GetCurrentDirectoryA
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDKrnl32Version
GetDateFormatA
GetDateFormatW
GetDefaultCommConfigA
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeA
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetLargestConsoleWindowSize
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsA
GetLogicalDrives
GetLongPathNameA
GetLongPathNameW
GetMailslotInfo
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetNamedPipeHandleStateA
GetNamedPipeInfo
GetNumberFormatA
GetNumberOfConsoleInputEvents
GetNumberOfConsoleMouseButtons
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessTimes
GetProcessVersion
GetProcessWorkingSetSize
GetProfileIntA
GetProfileStringA
GetShortPathNameA
GetShortPathNameW
GetStartupInfoA
GetStartupInfoW
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultLCID
GetSystemDefaultLangID
GetSystemDefaultUILanguage
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryA
GetSystemWindowsDirectoryW
GetTapeParameters
GetTapePosition
GetTapeStatus
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadPriority
GetThreadSelectorEntry
GetThreadTimes
GetTickCount
GetTimeFormatA
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVDMCurrentDirectories
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAddAtomA
GlobalAlloc
GlobalCompact
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalGetAtomNameW
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalSize
GlobalUnlock
HXDispatch
HXLoadVDD
Heap32First
Heap32ListFirst
Heap32ListNext
Heap32Next
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapReAlloc
HeapSetInformation
HeapSize
HeapUnlock
HeapValidate
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadStringPtrA
IsBadStringPtrW
IsBadWritePtr
IsDBCSLeadByte
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadModule
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFlags
LocalFree
LocalHandle
LocalLock
LocalReAlloc
LocalSize
LocalUnlock
LockFile
LockFileEx
LockResource
MakeCriticalSectionGlobal
MapViewOfFile
MapViewOfFileEx
Module32First
Module32Next
MoveFileA
MoveFileExA
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
NtCurrentTeb
OpenEventA
OpenEventW
OpenFile
OpenFileMappingA
OpenFileMappingW
OpenMutexA
OpenMutexW
OpenProcess
OpenSemaphoreA
OutputDebugStringA
OutputDebugStringW
PeekConsoleInputA
PeekConsoleInputW
PeekNamedPipe
PrepareTape
Process32First
Process32Next
PulseEvent
PurgeComm
QueryDosDeviceA
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
RaiseException
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleOutputA
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
ReadConsoleOutputCharacterW
ReadConsoleOutputW
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryA
RemoveDirectoryW
RequestWakeupLatency
ResetEvent
ResumeThread
RtlExAllocateHeap
RtlExFreeHeap
RtlExReAllocateHeap
RtlFillMemory
RtlGetNtVersionNumbers
RtlMoveMemory
RtlUnwind
RtlZeroMemory
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SearchPathA
SearchPathW
SetCommBreak
SetCommConfig
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleActiveScreenBuffer
SetConsoleCP
SetConsoleCtrlHandler
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleMode
SetConsoleOutputCP
SetConsoleScreenBufferSize
SetConsoleTextAttribute
SetConsoleTitleA
SetConsoleTitleW
SetConsoleWindowInfo
SetCurrentDirectoryA
SetCurrentDirectoryW
SetDefaultCommConfigA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileApisToANSI
SetFileApisToOEM
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleCount
SetHandleInformation
SetLastError
SetLocalTime
SetMailslotInfo
SetNamedPipeHandleState
SetPriorityClass
SetProcessAffinityMask
SetProcessShutdownParameters
SetProcessWorkingSetSize
SetStdHandle
SetSystemTime
SetTapeParameters
SetTapePosition
SetThreadAffinityMask
SetThreadContext
SetThreadLocale
SetThreadPriority
SetUnhandledExceptionFilter
SetVolumeLabelA
SetWaitableTimer
SetupComm
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
Thread32First
Thread32Next
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransmitCommChar
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualLock
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
VirtualUnlock
WaitCommEvent
WaitForDebugEvent
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeA
WideCharToMultiByte
WinExec
WriteConsoleA
WriteConsoleInputA
WriteConsoleInputW
WriteConsoleOutputA
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
WriteConsoleOutputCharacterW
WriteConsoleOutputW
WriteConsoleW
WriteFile
WriteFileEx
WritePrivateProfileSectionA
WritePrivateProfileStringA
WritePrivateProfileStringW
WriteProcessMemory
WriteProfileStringA
WriteTapemark
_GetKeyTable
_SetKbdEventHandler
_SetMouEventHandler

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/DPMILD16.EXE
BIN/DPMILD32.EXE
BIN/DPMIST32.BIN
BIN/DUSER32.DLL
.dll windows:4 windows x86 arch:x86

49dbcd00203c3c353592fa8dd866436b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WaitForSingleObject
WaitForMultipleObjects
ReadConsoleInputA
FreeLibrary
GetModuleHandleA
GetProcAddress
LoadLibraryA
DeleteAtom
GlobalAlloc
GlobalFree
HXLoadVDD
HXDispatch
RtlMoveMemory
lstrlenW
FindResourceA
SetWaitableTimer
GetConsoleMode
SetConsoleMode
SizeofResource
CloseHandle
CreateFileA
ReadFile
GetUserDefaultLCID
_GetKeyTable
RtlZeroMemory
GetNumberOfConsoleMouseButtons
CancelWaitableTimer
CreateWaitableTimerA
FindResourceW
Beep
WriteFile
SetEvent
ResetEvent
GetStdHandle
CreateEventA
AddAtomA
lstrlen
lstrcpyn
lstrcpy
lstrcmpi
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetAtomNameA
FindAtomA
LocalFree
LocalAlloc
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadResource
DisableThreadLibraryCalls

gdi32

CreateDIBitmap
CreateSolidBrush
SetDCOrgEx
TextOutA
SetWindowOrgEx
SetViewportOrgEx
SetSystemPaletteUse
GetTextExtentPoint32A
ExtTextOutA
CreateDCA
SetRectRgn
SelectObject
PatBlt
GetStockObject
GetRegionData
GetDeviceCaps
DeleteObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
SetBkMode

Exports

Exports

AdjustWindowRect
AdjustWindowRectEx
AppendMenuA
AttachThreadInput
BeginPaint
BringWindowToTop
BroadcastSystemMessage
CallNextHookEx
CallWindowProcA
CallWindowProcW
ChangeClipboardChain
ChangeDisplaySettingsA
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
ChildWindowFromPoint
ClientToScreen
ClipCursor
CloseClipboard
CloseWindow
CopyAcceleratorTableA
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateCursor
CreateDialogParamA
CreateIcon
CreateIconFromResource
CreateIconFromResourceEx
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxIndirectParamA
DialogBoxParamA
DispatchMessageA
DispatchMessageW
DrawAnimatedRects
DrawFocusRect
DrawIcon
DrawIconEx
DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
EnumChildWindows
EnumClipboardFormats
EnumDisplaySettingsA
EnumThreadWindows
EnumWindows
EqualRect
ExitWindowsEx
FillRect
FindWindowA
FindWindowExA
FindWindowExW
FindWindowW
FreeDDElParam
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassInfoExA
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongW
GetClassNameA
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardFormatNameA
GetClipboardOwner
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextA
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetMessageTime
GetMessageW
GetNextDlgTabItem
GetOpenClipboardWindow
GetParent
GetPriorityClipboardFormat
GetProcessWindowStation
GetPropA
GetQueueStatus
GetShellWindow
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetThreadDesktop
GetTitleBarInfo
GetTopWindow
GetUpdateRect
GetUpdateRgn
GetUserObjectInformationW
GetWindow
GetWindowDC
GetWindowInfo
GetWindowLongA
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextA
GetWindowTextLengthA
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
GetWindowWord
GrayStringA
InSendMessage
InflateRect
InsertMenuA
IntersectRect
InvalidateRect
InvalidateRgn
InvertRect
IsCharAlphaA
IsCharAlphaNumericA
IsCharAlphaNumericW
IsCharAlphaW
IsCharLowerA
IsCharLowerW
IsCharUpperA
IsCharUpperW
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsZoomed
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
LoadKeyboardLayoutA
LoadMenuA
LoadStringA
LoadStringW
LockWindowUpdate
MapVirtualKeyA
MapVirtualKeyExA
MapWindowPoints
MessageBeep
MessageBoxA
MessageBoxExA
MessageBoxIndirectA
MessageBoxW
ModifyMenuA
MoveWindow
MsgWaitForMultipleObjects
OemToCharA
OemToCharBuffA
OemToCharBuffW
OemToCharW
OffsetRect
OpenClipboard
OpenIcon
PackDDElParam
PeekMessageA
PeekMessageW
PostMessageA
PostMessageW
PostQuitMessage
PostThreadMessageA
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassA
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterClipboardFormatA
RegisterHotKey
RegisterWindowMessageA
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ReplyMessage
ScreenToClient
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClassLongA
SetClassLongW
SetClipboardData
SetClipboardViewer
SetCursor
SetCursorPos
SetDlgItemInt
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetKeyboardState
SetMenu
SetMenuDefaultItem
SetMenuItemBitmaps
SetMenuItemInfoA
SetParent
SetPropA
SetRect
SetRectEmpty
SetSysColors
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowTextW
SetWindowWord
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowWindow
ShowWindowAsync
SystemParametersInfoA
TabbedTextOutA
ToAscii
ToAsciiEx
ToUnicode
TrackPopupMenu
TranslateAcceleratorA
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassA
UnregisterClassW
UnregisterHotKey
UpdateWindow
ValidateRect
ValidateRgn
VkKeyScanA
VkKeyScanExA
WaitForInputIdle
WaitMessage
WinHelpA
WinHelpW
WindowFromDC
WindowFromPoint
keybd_event
wsprintfA
wsprintfW
wvsprintfA
wvsprintfW

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BASE
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/HDPMI16.EXE
BIN/HDPMI32.EXE
BIN/HXDOSLD.EXE
BIN/HXLDR32.EXE
.exe windows:1 windows x86 arch:x86

5a94207f30f7a0b3835376155363bf35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
GetStdHandle
WriteConsoleA

Sections

AUTO
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 186B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BIN/HXVDD.DLL
.dll windows:4 windows x86 arch:x86

fc09ac657c4d41235fb83a397d3fd364

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GlobalUnlock
GlobalAlloc

user32

IsClipboardFormatAvailable
GetClipboardData
EnumClipboardFormats
EmptyClipboard
CloseClipboard
OpenClipboard
SetClipboardData

ntvdm.exe

setCF
setEAX
getEDX
getECX
getEBX

Exports

Exports

Dispatch
Init

Sections

.text
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/OLE32.DLL
.dll windows:4 windows x86 arch:x86

5cbdabeefe3a6a93b7ccc8cdcca3ba74

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
LocalAlloc
MultiByteToWideChar
LocalHandle
LocalReAlloc
LocalSize
TlsGetValue
TlsSetValue
TlsFree
LocalFree
TlsAlloc

advapi32

RegOpenKeyA
RegCloseKey
RegQueryValueA

user32

wsprintfA
wvsprintfA

Exports

Exports

CLSIDFromProgID
CLSIDFromString
CoCreateGuid
CoCreateInstance
CoGetMalloc
CoInitialize
CoInitializeEx
CoInitializeSecurity
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CreateStreamOnHGlobal
IIDFromString
OleFlushClipboard
OleInitialize
OleUninitialize
ProgIDFromCLSID
StgOpenStorage
StringFromGUID2

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/OLEAUT32.DLL
.dll windows:4 windows x86 arch:x86

5b8c35407b18b903255d2fc5b0fa221c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
RtlMoveMemory
lstrlenW
LocalAlloc

user32

wsprintfA

Exports

Exports

GetActiveObject
GetErrorInfo
LoadTypeLib
QueryPathOfRegTypeLib
SafeArrayAccessData
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetDim
SafeArrayGetElement
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayLock
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayUnlock
SetErrorInfo
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringByteLen
SysStringLen
VariantChangeType
VariantChangeTypeEx
VariantClear
VariantCopy
VariantCopyInd
VariantInit
VariantTimeToSystemTime

Sections

.text
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 66B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/PESTUB.EXE
.exe windows:4 windows x86 arch:x86

abdd1dc46aed23b1d9ff228cf853ed07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
DeleteFileA
ExitProcess
GetCommandLineA
GetFileSize
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetProcessHeap
GetStdHandle
GetTempFileNameA
HeapAlloc
HeapFree
LocalAlloc
LocalFree
MoveFileA
RtlMoveMemory
RtlZeroMemory
WriteFile
_lclose
_lcreat
_llseek
_lopen
_lread
_lwrite
lstrcpy
lstrlen

user32

wvsprintfA

Sections

AUTO
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/SECUR32.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetUserNameExW

Sections

.text
Size: 512B - Virtual size: 102B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/VERSION.DLL
.dll windows:4 windows x86 arch:x86

6f26629b6dfff718f4745abcda401fc0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
LoadLibraryA
LoadResource
RtlMoveMemory
SizeofResource
lstrlenW
FindResourceA

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueA
VerQueryValueW

Sections

.text
Size: 1024B - Virtual size: 742B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BIN/VESA32.DLL
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

EnumVesaModes
GetVesaDisplayStart
GetVesaFlipStatus
GetVesaInfo
GetVesaMemoryBufferSize
GetVesaMode
GetVesaModeInfo
GetVesaPaletteEntries
GetVesaStateBufferSize
GetVesaVideoMemorySize
RestoreVesaVideoMemory
RestoreVesaVideoState
SaveVesaVideoMemory
SaveVesaVideoState
SearchVesaMode
SetCursorPaletteEntries
SetMaxVideoResolution
SetVesa32Options
SetVesaDisplayStart
SetVesaMode
SetVesaPaletteEntries
VesaMouseExit
VesaMouseInit

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 757B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DOC/COMPAT.TXT
DOC/DADVAPI.TXT
DOC/DDDRAW.TXT
DOC/DGDI32.TXT
DOC/DKRNL32.TXT
DOC/DPMILD32.TXT
.vbs
DOC/DPMIST32.TXT
DOC/DUSER32.TXT
DOC/HDPMI.TXT
.vbs
DOC/HDPMIHIS.TXT
DOC/HXDOSLD.TXT
DOC/HXLDR32.TXT
DOC/LFN.TXT
DOC/OLE32.TXT
DOC/OLEAUT32.TXT
DOC/PESTUB.TXT
DOC/VERSION.TXT
DOC/VESA32.TXT
HXRT.TXT
TEST/DDTEST.EXE
.exe windows:4 windows x86 arch:x86

306a57b6c105673b89df68c8edbc7a22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA

user32

PostMessageA
PostQuitMessage
DefWindowProcA
LoadCursorA
RegisterClassExA
CreateWindowExA
SetFocus
MessageBoxA
ShowWindow
GetWindowRect
FillRect
GetMessageA
TranslateMessage
DispatchMessageA

ddraw

DirectDrawCreate

gdi32

SetPixel
GetStockObject
SelectObject
LineTo

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 978B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TEST/DDTSTDBL.EXE
.exe windows:4 windows x86 arch:x86

b8e28ba0b3b4a5505a1c404170bec0b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
ExitProcess
GetModuleHandleA

user32

wsprintfA
DestroyWindow
PostQuitMessage
DefWindowProcA
LoadCursorA
RegisterClassExA
CreateWindowExA
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA

ddraw

DirectDrawCreate

gdi32

TextOutA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 914B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TEST/DDTSTTRI.EXE
.exe windows:4 windows x86 arch:x86

3b4ea443a48eeba9601f66da94d57b02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlZeroMemory
GetModuleHandleA
ExitProcess

user32

wsprintfA
DestroyWindow
PostQuitMessage
DefWindowProcA
LoadCursorA
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA

ddraw

DirectDrawCreate

gdi32

TextOutA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TEST/DOSTEST.EXE
TEST/DPMI.EXE
TEST/ENUMMODE.EXE
.exe windows:4 windows x86 arch:x86

4d9bfdf3b76af6f3879f1e99d78edce9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
CreateWindowExA
DefWindowProcA
DispatchMessageA
EndPaint
GetMessageA
LoadCursorA
PostMessageA
PostQuitMessage
RegisterClassExA
ShowWindow
TranslateMessage
wvsprintfA

gdi32

BitBlt
GetStockObject
GetTextMetricsA
PatBlt
SelectObject
TextOutA

kernel32

ExitProcess
GetModuleHandleA

ddraw

DirectDrawCreate

Sections

AUTO
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 1024B - Virtual size: 1001B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 901B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TEST/GDITEST.EXE
.exe windows:4 windows x86 arch:x86

c987c3c290e004f4570e87e88b0740b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlZeroMemory
GetModuleHandleA
ExitProcess

user32

GetDC
ReleaseDC
wsprintfA
ClipCursor
PostQuitMessage
GetWindowRect
DefWindowProcA
LoadCursorA
RegisterClassA
CreateWindowExA
MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA

gdi32

SetBkColor
TextOutA
GetStockObject

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TEST/GETI15EX.EXE
TEST/GETVMODE.EXE
TEST/LOCTIME.EXE
.exe windows:4 windows x86 arch:x86

c238ea74a940853a3742def7b8c9257d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
WriteConsoleA
GetSystemTime
GetLocalTime
ExitProcess

user32

wvsprintfA

Sections

.text
Size: 512B - Virtual size: 305B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
TEST/README1.TXT
TEST/RMINT.EXE
TEST/TESTASPI.EXE
.exe windows:4 windows x86 arch:x86

de43ea30a3c36d144e60eaf7567bb639

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlen
WriteFile
LoadLibraryA
GetProcAddress
FreeLibrary
GetStdHandle
CreateFileA
DeviceIoControl
CloseHandle
ExitProcess

user32

wvsprintfA

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TEST/THREAD.EXE
.exe windows:4 windows x86 arch:x86

79a42968bbb49deed1508c8d9bc9bf68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
GetStdHandle
SetConsoleMode
GetConsoleScreenBufferInfo
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
SetConsoleCursorPosition
CreateThread
GetNumberOfConsoleInputEvents
WriteConsoleOutputCharacterA
ReadConsoleInputA
Sleep
WaitForMultipleObjects
ExitProcess

user32

wvsprintfA
wsprintfA

Sections

.text
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UNSUPP/DOSX.EXE
UNSUPP/DOSX.TXT
UNSUPP/DPMILD32.EXE
UNSUPP/DPMILD32.TXT

Sharing

General

Malware Config

Signatures

Files

fc9ed78948842873cf20279e1ca7c51d

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 48B

.reloc Size: 512B - Virtual size: 192B

bc17f283a2a86ed9074fc1fb5e8b7c89

Headers

File Characteristics

Imports

kernel32

gdi32

vesa32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 52B

.reloc Size: 1024B - Virtual size: 756B

180c80d898247200926c50ce201d168a

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 16KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 650B

Headers

File Characteristics

Exports

Exports

Sections

.text Size: 58KB - Virtual size: 57KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 2KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 2KB

49dbcd00203c3c353592fa8dd866436b

Headers

File Characteristics

Imports

kernel32

gdi32

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 21KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 7KB

.BASE Size: 512B - Virtual size: 8B

.rsrc Size: 5KB - Virtual size: 5KB

.reloc Size: 1KB - Virtual size: 1KB

5a94207f30f7a0b3835376155363bf35

Headers

File Characteristics

Imports

kernel32

Sections

AUTO Size: 1024B - Virtual size: 834B

.idata Size: 512B - Virtual size: 186B

fc09ac657c4d41235fb83a397d3fd364

Headers

File Characteristics

Imports

kernel32

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 48B

.reloc
Size: 512B - Virtual size: 192B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 52B

.reloc
Size: 1024B - Virtual size: 756B

.text
Size: 17KB - Virtual size: 16KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 650B

.text
Size: 58KB - Virtual size: 57KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 2KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 21KB - Virtual size: 21KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 7KB

.BASE
Size: 512B - Virtual size: 8B

.rsrc
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB

AUTO
Size: 1024B - Virtual size: 834B

.idata
Size: 512B - Virtual size: 186B

.text
Size: 1024B - Virtual size: 900B

.reloc
Size: 512B - Virtual size: 86B

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4B

.reloc
Size: 512B - Virtual size: 160B

.text
Size: 1024B - Virtual size: 896B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 4B

.reloc
Size: 512B - Virtual size: 66B

AUTO
Size: 5KB - Virtual size: 4KB

DGROUP
Size: 512B - Virtual size: 72B

.rdata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1024B - Virtual size:

.text
Size: 512B - Virtual size: 102B

.reloc
Size: 512B - Virtual size: 8B

.text
Size: 1024B - Virtual size: 742B

.reloc
Size: 512B - Virtual size: 44B