007e9401371d0e0837c0b892fa55e365_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

007e9401371d0e0837c0b892fa55e365_JaffaCakes118
Size

8.4MB
MD5

007e9401371d0e0837c0b892fa55e365
SHA1

c5e6d4a7e78ef92e27356b0cb741dae947df5fa4
SHA256

7e07ebae81cb962f52586488a3eed2ff981ad7fc162b13331953cb609674ab45
SHA512

139eadba77050be7e4c5928ea17b6a1ef7a46f1448cce81454bd5f2ac9c528bebc139b91941c73312b0ad715427d584e66b0c6f5584304d8cee8ab9861af1d6d
SSDEEP

196608:Xw7t5oGIV3GaQijHFzGgYIQCZahpwfmYRzgL2aev1vijhZx8s2t:XyfoGW+0HFzGH7wfmYRz6bZqF

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/HASP/Drivers/Winnt/hlvdd.dll	upx

Unsigned PE 15 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HASP/Drivers/Win95/aksusb95.sys
unpack001/HASP/Drivers/Win98/aksusb.sys
unpack001/HASP/Drivers/Winnt/aksusb.sys
unpack001/HASP/Drivers/Winnt/hardlock.sys
unpack001/HASP/Drivers/Winnt/haspnt.sys
unpack001/HASP/Drivers/Winnt/haspvdd.dll
unpack001/HASP/Drivers/Winnt/hlvdd.dll
unpack001/HINSTALL.EXE
unpack001/Setup.exe
unpack001/_ISDel.exe
unpack001/_Setup.dll
unpack001/ctl3d32.dll
unpack001/mc6.exe
unpack001/mc6demo.exe
unpack001/model.exe

Files

007e9401371d0e0837c0b892fa55e365_JaffaCakes118
.zip
DATA.TAG
DATA/283.CIR
DATA/381.CIR
DATA/3d1.CIR
DATA/3d2.CIR
DATA/555.mac
DATA/555ASTAB.CIR
DATA/555MONO.CIR
DATA/ABS.mac
DATA/AD16.CIR
DATA/AMP.mac
DATA/ASTABLE.CKT
DATA/A_BOOST_CM_OL.CIR
DATA/A_BOOST_CM_ZOUT.CIR
DATA/A_BOOST_VM.CIR
DATA/A_BUCKBOOST.CIR
DATA/A_BUCK_CM.CIR
DATA/A_BUCK_VM.CIR
DATA/A_FLYBACK.CIR
DATA/A_FORWARD.CIR
DATA/A_RESO_DC.CIR
DATA/A_RESO_OL.CIR
DATA/A_SEPIC.CIR
DATA/A_ncp.cir
DATA/Anim3.cir
DATA/BAX.CIR
DATA/BPFILT.CIR
DATA/BUTTERN.CIR
DATA/CARLO.CIR
DATA/CARLO2.CIR
DATA/CARLO4.CIR
DATA/CENTAP.mac
DATA/CHOKE.CIR
DATA/CHOKE.CKT
DATA/CLIP.mac
DATA/CMOS.CIR
DATA/COLPITTS.CIR
DATA/CORE.CIR
DATA/CORE3.CIR
DATA/CROSSOVR.CIR
DATA/Carbon5.res
DATA/Counter.CIR
DATA/Counter2.CIR
DATA/DIF.mac
DATA/DIFFAMP.CIR
DATA/DIRA.CIR
DATA/DIV.mac
DATA/Decoder.CIR
DATA/Digdemo.lib
DATA/ECLGATE.CIR
DATA/ECLGATE.CKT
DATA/Elantc.lib
DATA/F.mac
DATA/F1.CIR
DATA/F2.CIR
DATA/F3.CIR
DATA/F4.CIR
DATA/FFT1.CIR
DATA/FFT3.CIR
DATA/FFT4.CIR
DATA/FFT5.CIR
DATA/FFT7.CIR
DATA/FILTER.CIR
DATA/FSK2.CIR
DATA/FSTIM8.CIR
DATA/FSTIM8A.STM
DATA/FSTIM8B.STM
DATA/GASFET.CIR
DATA/GILBERT.CIR
DATA/GUMMEL.CIR
DATA/GYRATOR.mac
DATA/GYRTEST.CIR
DATA/Generic.ind
DATA/INT.mac
DATA/IVBJT.CIR
DATA/L1.CIR
DATA/L2.CIR
DATA/L3.CIR
DATA/LF155.MOD
DATA/LT1012.CKT
DATA/LTRA3.CIR
DATA/Lm117.mac
DATA/Lm117reg.cir
DATA/MIXED.CIR
DATA/MIXED1.CIR
DATA/MIXED4.CIR
DATA/MOSCAPS.CIR
DATA/MOSDIFF.CIR
DATA/MUL.mac
DATA/Metal1.res
DATA/NOISEBJT.CIR
DATA/NOM.LIB
DATA/NYQUIST.CIR
DATA/O7.CIR
DATA/OPAMP1.CIR
DATA/OSC1.CIR
DATA/Op27.lib
DATA/P1.CIR
DATA/PLA1.CKT
DATA/PLA1.JED
DATA/PLA2.CKT
DATA/POT.mac
DATA/POTDEMO.CIR
DATA/PRINT.CIR
DATA/PRLC.CIR
DATA/PUT.mac
DATA/Poly_fet.lib
DATA/Polycar1.cap
DATA/Polypro1.cap
DATA/Polysty1.cap
DATA/RCA3040.CIR
DATA/RCA3040.CKT
DATA/RTLINV.CKT
DATA/SAMPLE.USR
DATA/SCHMITT.CKT
DATA/SCHMITT.mac
DATA/SCR.mac
DATA/SLIP.mac
DATA/STIMSAMP.CIR
DATA/STIMTST2.CIR
DATA/STIMTST3.CIR
DATA/STIMTST4.CIR
DATA/SUB.mac
DATA/SUBCKT.CIR
DATA/SUBCKT1.CIR
DATA/SUM.mac
DATA/SUM3.mac
DATA/SWITCH.CIR
DATA/SYSTEM1.CIR
DATA/SYSTEM2.CIR
DATA/S_2FLY_CM.CIR
DATA/S_2FOR_CM.CIR
DATA/S_BOOST_CM.CIR
DATA/S_BOOST_VM.CIR
DATA/S_BUCKBOOST_CM.CIR
DATA/S_BUCKBOOST_VM.CIR
DATA/S_BUCK_CM.CIR
DATA/S_BUCK_SYN.CIR
DATA/S_BUCK_SYN2.CIR
DATA/S_BUCK_VM.CIR
DATA/S_FLYBACK_CM.CIR
DATA/S_FLYBACK_VM.CIR
DATA/S_FORWARD_CM.CIR
DATA/S_FORWARD_VM.CIR
DATA/S_FULL_CM.CIR
DATA/S_FULL_VM.CIR
DATA/S_FULL_XFMR.CIR
DATA/S_HALF_CM.CIR
DATA/S_HALF_VM.CIR
DATA/S_HALF_XFMR.CIR
DATA/S_PUSH_CM.CIR
DATA/S_PUSH_VM.CIR
DATA/S_ncp.cir
DATA/Sh2.cir
DATA/Small.lbr
DATA/T1.CIR
DATA/THY1.CIR
DATA/THY2.CIR
DATA/TL1.CIR
DATA/TL2.CIR
DATA/TL3.CIR
DATA/TRANS.CIR
DATA/TRIAC.mac
DATA/TRIODE.mac
DATA/TTLINV.CIR
DATA/TTLINV.CKT
DATA/Ticomp.lib
DATA/Tiopam.lib
DATA/Trigger.mac
DATA/Tube6l6.cir
DATA/UA709.CIR
DATA/UA709.CKT
DATA/UA741.CIR
DATA/UA741.CKT
DATA/UA741.MOD
DATA/USER.CIR
DATA/USER2.CIR
DATA/USER2.usr
DATA/Ua723.mac
DATA/Ua723reg.cir
DATA/VCO.mac
DATA/XTAL.mac
DATA/XTAL1.CIR
DATA/XTAL1.TOP
DATA/adv_lin.lib
DATA/amp.lib
DATA/analog.lib
DATA/anim.cir
DATA/apex.lib
DATA/burrbn.lib
DATA/cmos.lib
DATA/comlin.lib
DATA/converter3.cir
DATA/cur_regs.lib
DATA/delay.mac
DATA/dig000.lib
DATA/dig150.lib
DATA/dig167.lib
DATA/dig195.lib
DATA/dig250.lib
DATA/dig381.lib
DATA/dig604.lib
DATA/dig652.lib
DATA/dig874.lib
DATA/dig_power.cir
DATA/digio.lib
DATA/digpld.lib
DATA/diode.lbr
DATA/ecl.lib
DATA/ediode.lbr
DATA/elantec.lib
DATA/europe.lbr
DATA/fsk.mac
DATA/fwbell.lib
DATA/harhip.lib
DATA/harprmos.lib
DATA/harrhmos.lib
DATA/harris.lib
DATA/hpdiode.lib
DATA/hpmos.lbr
DATA/irf.lib
DATA/irpmos.lbr
DATA/japan.lbr
DATA/jdiode.lbr
DATA/jfet.lbr
DATA/laseries.lib
DATA/linear.lib
DATA/ltopamp.lbr
DATA/m_ic.lib
DATA/m_igbt.lib
DATA/m_opamp.lib
DATA/m_opto.lib
DATA/m_powbjt.lib
DATA/m_rect.lib
DATA/m_rfdev.lib
DATA/m_small.lib
DATA/m_tmos.lib
DATA/m_zener.lib
DATA/maxim.lib
DATA/microsem.lbr
DATA/mixed5.CIR
DATA/mpbjt.lbr
DATA/mpmos.lbr
DATA/msbjt.lbr
DATA/msensor.lib
DATA/mzener.lbr
DATA/nation.lib
DATA/noise.mac
DATA/nomdemo.lib
DATA/nsopamp.lbr
DATA/ntc.lib
DATA/ntc7.mac
DATA/passive.lib
DATA/pcore.lbr
DATA/perf1.cir
DATA/perf2.cir
DATA/ph_rfdev.lib
DATA/pla2.cir
DATA/pla2.jed
DATA/pla3.cir
DATA/pmopamp.lbr
DATA/polyfet.lib
DATA/profmos.lbr
DATA/psk.mac
DATA/psk2.CIR
DATA/rectifie.lib
DATA/relay.CIR
DATA/relay1.MAC
DATA/relay2.MAC
DATA/resonant.mac
DATA/rise.Cir
DATA/simid.lib
DATA/siov.lib
DATA/small.mdl
DATA/smps_cb.lib
DATA/sparkgap.mac
DATA/stim_demo.cir
DATA/tcore.lbr
DATA/thy_lib.lib
DATA/ti.lib
DATA/tiopamp.lbr
DATA/trans.lib
DATA/tube.lib
DATA/tube_amp.cir
DATA/utility.lbr
DATA/varactor.lbr
DATA/wideband.mac
DATA/xfmr.lib
DATA/xtal.lib
DATA/zaseries.lib
DATA/zdomain.cir
DATA/zetex.lib
Filter.bin
HASP/Drivers/FILES.TXT
HASP/Drivers/Win95/aksusb95.inf
HASP/Drivers/Win95/aksusb95.sys
.sys windows:4 windows x86 arch:x86

803edc824d6ad2fbf208002358b59a5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeInitializeMutex
IofCallDriver
KeInitializeEvent
KeSetEvent
InterlockedDecrement
KeReleaseMutex
IoDeleteDevice
IoDetachDevice
ExFreePool
IofCompleteRequest
KeWaitForSingleObject
IoDeleteSymbolicLink
RtlInitUnicodeString
IoAttachDeviceToDeviceStack
IoCreateDevice
IoCancelIrp
IoBuildDeviceIoControlRequest
IoCreateSymbolicLink
KeDelayExecutionThread
ExAllocatePoolWithTag
InterlockedIncrement

usbd.sys

USBD_ParseConfigurationDescriptor

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 433B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HASP/Drivers/Win95/hardlock.vxd
HASP/Drivers/Win95/hasp95.vxd
HASP/Drivers/Win95/hasp95dl.vxd
HASP/Drivers/Win98/aksusb.inf
HASP/Drivers/Win98/aksusb.sys
.sys windows:4 windows x86 arch:x86

bb8d408a24b010e9ca24de99d2acde55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeWaitForSingleObject
KeInitializeEvent
KeSetEvent
InterlockedDecrement
KeReleaseMutex
IoDeleteDevice
IoDetachDevice
ExFreePool
ExAllocatePoolWithTag
PoCallDriver
PoStartNextPowerIrp
PoSetPowerState
PoRequestPowerIrp
IofCompleteRequest
IofCallDriver
RtlInitUnicodeString
IoAttachDeviceToDeviceStack
IoCreateDevice
IoCancelIrp
IoBuildDeviceIoControlRequest
IoFreeIrp
IoAllocateIrp
KeTickCount
IoCreateSymbolicLink
KeDelayExecutionThread
RtlQueryRegistryValues
ObfDereferenceObject
IoGetDeviceObjectPointer
InterlockedIncrement
KeInitializeMutex
IoDeleteSymbolicLink

usbd.sys

_USBD_ParseConfigurationDescriptorEx@28
_USBD_CreateConfigurationRequestEx@8

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 737B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HASP/Drivers/Win98/hardlock.vxd
HASP/Drivers/Win98/hasp95.vxd
HASP/Drivers/Win98/hasp95dl.vxd
HASP/Drivers/Winnt/aksusb.inf
HASP/Drivers/Winnt/aksusb.sys
.sys windows:4 windows x86 arch:x86

bb8d408a24b010e9ca24de99d2acde55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

KeWaitForSingleObject
KeInitializeEvent
KeSetEvent
InterlockedDecrement
KeReleaseMutex
IoDeleteDevice
IoDetachDevice
ExFreePool
ExAllocatePoolWithTag
PoCallDriver
PoStartNextPowerIrp
PoSetPowerState
PoRequestPowerIrp
IofCompleteRequest
IofCallDriver
RtlInitUnicodeString
IoAttachDeviceToDeviceStack
IoCreateDevice
IoCancelIrp
IoBuildDeviceIoControlRequest
IoFreeIrp
IoAllocateIrp
KeTickCount
IoCreateSymbolicLink
KeDelayExecutionThread
RtlQueryRegistryValues
ObfDereferenceObject
IoGetDeviceObjectPointer
InterlockedIncrement
KeInitializeMutex
IoDeleteSymbolicLink

usbd.sys

_USBD_ParseConfigurationDescriptorEx@28
_USBD_CreateConfigurationRequestEx@8

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 737B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HASP/Drivers/Winnt/hardlock.sys
.sys windows:4 windows x86 arch:x86

10d4ede424a9509b6496eb8703efd20e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwSetValueKey
ObReferenceObjectByPointer
KeInitializeEvent
ExAllocatePoolWithTag
RtlCompareUnicodeString
RtlInitUnicodeString
RtlUnicodeStringToInteger
RtlCopyUnicodeString
RtlAppendUnicodeToString
RtlQueryRegistryValues
KeBugCheck
ZwCreateFile
ZwClose
RtlCompareMemory
IoCreateDevice
IoCreateSymbolicLink
MmMapIoSpace
ZwQueryInformationProcess
ZwQueryValueKey
memmove
ZwEnumerateValueKey
KeWaitForSingleObject
KeSetEvent
IoBuildDeviceIoControlRequest
IofCallDriver
KeReadStateEvent
IoCancelIrp
KeDelayExecutionThread
IoGetDeviceObjectPointer
IofCompleteRequest
IoWriteErrorLogEntry
IoAllocateErrorLogEntry
RtlIntegerToUnicodeString
RtlAppendUnicodeStringToString
IoGetConfigurationInformation
IoReportResourceUsage
MmUnmapIoSpace
KeServiceDescriptorTable
ExReleaseResourceLite
IoGetCurrentProcess
ExAcquireResourceExclusiveLite
IoIsSystemThread
KeGetCurrentThread
RtlEqualUnicodeString
IoGetRelatedDeviceObject
ZwOpenKey
IoFileObjectType
ExDeleteResourceLite
ExInitializeResourceLite
KeInitializeSemaphore
MmMapLockedPages
MmProbeAndLockPages
IoAllocateMdl
IoFreeMdl
MmUnlockPages
KeReleaseSemaphore
ZwUnmapViewOfSection
RtlWriteRegistryValue
RtlCreateRegistryKey
RtlCheckRegistryKey
IoFreeIrp
IoAllocateIrp
memcpy
ExAcquireResourceSharedLite
IoPageRead
IoSynchronousPageWrite
MmBuildMdlForNonPagedPool
DbgPrint
ObReferenceObjectByHandle
RtlAnsiStringToUnicodeString
RtlInitString
ZwQueryInformationFile
RtlFreeAnsiString
RtlUnicodeStringToAnsiString
RtlInitAnsiString
IoAttachDeviceByPointer
IoDeviceObjectType
PsProcessType
PsThreadType
IoDetachDevice
ZwFsControlFile
IoStopTimer
ZwMapViewOfSection
ZwOpenSection
ZwCreateSection
ZwSetInformationFile
ZwOpenFile
RtlFreeUnicodeString
strncpy
KeQueryTimeIncrement
KeTickCount
ExFreePool
ObfDereferenceObject
KeReleaseMutex
KeInitializeMutex
KeInitializeSpinLock
IoDeleteSymbolicLink
IoDeleteDevice
_allshl
memset
ExQueueWorkItem

hal

KeStallExecutionProcessor
KfReleaseSpinLock
KfAcquireSpinLock
KfRaiseIrql
KfLowerIrql
HalTranslateBusAddress
KeGetCurrentIrql
READ_PORT_UCHAR
WRITE_PORT_UCHAR

Sections

.text
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CONST
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HASP/Drivers/Winnt/haspdos.sys
HASP/Drivers/Winnt/haspnt.sys
.sys windows:1 windows x86 arch:x86

486b781ed94f269674f5ece742cf619a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntoskrnl.exe

ZwQueryValueKey
RtlAppendUnicodeStringToString
ExAllocatePoolWithTag
IoQueryDeviceDescription
RtlInitUnicodeString
ZwSetValueKey
ExFreePool
RtlIntegerToUnicodeString
MmMapIoSpace
IoWriteErrorLogEntry
memmove
IoAllocateErrorLogEntry
IoCreateSymbolicLink
IoCreateDevice
IoDeleteDevice
IoDeleteSymbolicLink
IofCompleteRequest
ZwOpenKey
RtlAppendUnicodeToString
PsCreateSystemThread
KeInitializeEvent
KeDelayExecutionThread
ObfDereferenceObject
ObReferenceObjectByHandle
PsThreadType
MmUnmapIoSpace
PsTerminateSystemThread
KeNumberProcessors
ZwSetInformationThread
KeBugCheck
KeQuerySystemTime
MmIsAddressValid
IofCallDriver
IoBuildDeviceIoControlRequest
IoGetDeviceObjectPointer
RtlEqualUnicodeString
ZwClose
KeSetEvent
KeWaitForSingleObject

hal

HalTranslateBusAddress
READ_PORT_UCHAR
WRITE_PORT_UCHAR

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 260B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HASP/Drivers/Winnt/haspvdd.dll
.dll windows:1 windows x86 arch:x86

e6c278da081a3374847d8ca4880824e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntvdm.exe

getDX
getCX
getES
getDI
setCF
MGetVdmPointer
setCX

kernel32

CloseHandle
VirtualUnlock
DeviceIoControl
CreateFileA
VirtualLock
ReadFile

user32

MessageBoxA

Exports

Exports

CALLNEWVDDHASP
CALLVDDHASP
GetVDDVersion
VDDDispatch
VDDInitialize
VDDRegisterInit

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 288B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 15B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 195B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HASP/Drivers/Winnt/hlvdd.dll
.dll windows:1 windows x86 arch:x86

1b4a622cea0a5b63cd056d7171f19e67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress
LoadLibraryA

user32

MessageBoxA
MessageBoxA

Exports

Exports

HLDispatch
HLInit
HLM_CHECKALLSLOTS
HLM_CHECKCOUNTER
HLM_CHECKEXPDATE
HLM_CHECKSLOT
HLM_FREESLOT
HLM_GETRUSINFO
HLM_ISRUSHL
HLM_LOGIN
HLM_LOGOUT
HLM_OCCUPYSLOT
HLM_WRITELICENSE
HLRegisterInit
HLVDDGetVersion
HL_ABORT
HL_ACCINF
HL_AVAIL
HL_CALC
HL_CODE
HL_ERRMSG
HL_ERRMSGB
HL_HLSVERS
HL_LMLOGIN
HL_LOGIN
HL_LOGOUT
HL_MAXUSER
HL_MEMINF
HL_OFF
HL_ON
HL_PORTINF
HL_RD
HL_READ
HL_READBL
HL_READID
HL_SELECT
HL_SSUBINF
HL_SUBINF
HL_SUBLOG
HL_USERINF
HL_VERSION
HL_WR
HL_WRITE
HL_WRITEBL
INT_OFF
INT_ON
K_EYE
LT_ABORT
LT_AVAIL
LT_LOGIN
LT_LOGOUT
LT_PORTINF
LT_READ
LT_READBL
LT_VERSION
LT_WRITE
LT_WRITEBL
_API_DLL

Sections

UPX0
Size: - Virtual size: 232KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 162KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.protect
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
HINSTALL.EXE
.exe windows:4 windows x86 arch:x86

c340aea4bb3658997147cc12288759ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
CreateServiceA
QueryServiceStatus
ControlService
StartServiceA
OpenServiceA
DeleteService

kernel32

SetLastError
LocalFree
GetFileAttributesA
GetLastError
DeleteFileA
LoadLibraryA
WideCharToMultiByte
CopyFileA
SetFileAttributesA
GetSystemDirectoryA
lstrcpyA
GetModuleHandleA
OpenFile
lstrlenA
GetWindowsDirectoryA
RemoveDirectoryA
WriteFile
CloseHandle
ReadFile
LocalAlloc
CreateFileA
GlobalAlloc
Sleep
FindClose
FindFirstFileA
MoveFileA
CreateDirectoryA
DeviceIoControl
GetVersion
OpenProcess
TerminateProcess
GlobalFree
LocalReAlloc
GetCurrentProcessId
WaitForSingleObject
SetEvent
GetVersionExA
GetModuleFileNameA
GetProcAddress
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
GetCurrentProcess
HeapAlloc
HeapReAlloc
GetTimeZoneInformation
FreeLibrary
GetLocalTime
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
CreateEventA
GetSystemTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA

user32

RegisterClassA
DefWindowProcA
PostQuitMessage
MessageBoxA
DialogBoxParamA
EndDialog
SendMessageA
GetDlgItem
GetKeyboardType
EnumWindows
LoadCursorA
LoadIconA
IsWindowVisible
EndPaint
PeekMessageA
SendMessageCallbackA
SetForegroundWindow
FindWindowA
UpdateWindow
ShowWindow
DestroyWindow
SystemParametersInfoA
CreateWindowExA
BeginPaint
GetParent
GetWindowTextA
GetWindowThreadProcessId

gdi32

TextOutA
SetBkColor

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Mcap.inc
Model.CNT
Model.hlp
NETHASP.INI
Readme.wri
SETUP.INI
Setup.exe
.exe windows:4 windows x86 arch:x86

1042f249352088f5c8d4f8a3b1728f12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerLanguageNameA

kernel32

WinExec
GetDriveTypeA
DeleteFileA
GetVersionExA
GetModuleHandleA
GetSystemInfo
FindFirstFileA
IsDBCSLeadByte
GlobalFree
lstrlenA
lstrcpyA
FlushFileBuffers
GetModuleFileNameA
GetWindowsDirectoryA
SetFilePointer
WriteFile
GetLastError
GetTickCount
MulDiv
GetPrivateProfileIntA
GetPrivateProfileStringA
lstrcatA
lstrcmpiA
GlobalHandle
GetUserDefaultLCID
FindResourceA
GetProfileStringA
SetErrorMode
LoadLibraryA
FreeLibrary
CreateFileA
GetFileSize
GlobalAlloc
CloseHandle
GlobalLock
ReadFile
GlobalUnlock
FindClose
GetDiskFreeSpaceA
WritePrivateProfileStringA
LCMapStringW
HeapReAlloc
GetProcAddress
HeapAlloc
SetEnvironmentVariableA
VirtualAlloc
GetACP
CompareStringW
GetOEMCP
GetCPInfo
GetStringTypeW
CompareStringA
LCMapStringA
GetStringTypeA
SetStdHandle
MultiByteToWideChar
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
WideCharToMultiByte
GetVersion
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess
CreateDirectoryA

user32

DestroyWindow
EndDialog
DrawIcon
DialogBoxParamA
GetWindowPlacement
LoadIconA
DestroyIcon
SetRectEmpty
FillRect
LoadStringA
wsprintfA
PostQuitMessage
SetWindowTextA
GetDlgItem
InflateRect
SendMessageA
SetWindowLongA
InvalidateRect
BeginPaint
EndPaint
DefWindowProcA
GetWindowLongA
GetDC
ReleaseDC
LoadCursorA
GetClassInfoA
RegisterClassA
MoveWindow
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
CharUpperA
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
MessageBoxA
PostMessageA
FindWindowA
SubtractRect
SetWindowPos
GetClassNameA
IntersectRect
EqualRect
GetWindow
ScreenToClient
GetClientRect
UpdateWindow
SetTimer
ShowWindow
IsWindow
RegisterWindowMessageA
CreateDialogParamA
GetParent
SendDlgItemMessageA
CharNextA
SetRect
GetSystemMetrics
GetSysColor
CreateWindowExA
DrawTextA

gdi32

RestoreDC
DeleteObject
CreateFontIndirectA
GetObjectA
SaveDC
LineTo
MoveToEx
CreatePen
ExtTextOutA
SetBkColor
SetTextColor
GetTextMetricsA
CreateSolidBrush
CreateDIBitmap
RealizePalette
SelectPalette
GetDeviceCaps
CreatePalette
GetSystemPaletteEntries
UnrealizeObject
DeleteDC
BitBlt
CreateCompatibleDC
SelectClipRgn
CreateRectRgn
GetStockObject
GetTextExtentPointA
SelectObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_INST32I.EX_
_ISDel.exe
.exe windows:4 windows x86 arch:x86

af417a432744d25669a269c31c292485

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
DeleteFileA
GetWindowsDirectoryA
GetTickCount
CloseHandle
CreateFileA
SetErrorMode
GetPrivateProfileIntA
lstrcmpiA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleHandleA
lstrcatA
lstrcpyA
UnhandledExceptionFilter
GetModuleFileNameA
GetProcAddress
VirtualAlloc
LoadLibraryA
GetStringTypeA
HeapAlloc
GetStringTypeW
LCMapStringW
LCMapStringA
HeapFree
RtlUnwind
VirtualFree
WriteFile
HeapDestroy
GetFileType
HeapCreate
GetLastError
SetCurrentDirectoryA
Sleep
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
SetHandleCount
GetCPInfo
GetACP
GetOEMCP
GetStdHandle

user32

CharNextA
DefWindowProcA
wsprintfA
IsWindow
RegisterWindowMessageA
SetTimer
PostQuitMessage
RegisterClassA
LoadIconA
LoadCursorA
GetMessageA
GetSystemMetrics
CreateWindowExA
SendMessageA
TranslateMessage
DispatchMessageA

Exports

Exports

WndProc

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_Setup.dll
.dll windows:4 windows x86 arch:x86

211a1ac2159862c6038f1d798175f2be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetEnvironmentStrings
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStringsW
WideCharToMultiByte
HeapDestroy
HeapCreate
VirtualFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
HeapFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
SetFilePointer

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_sys1.cab
_sys1.hdr
_user1.cab
_user1.hdr
ctl3d32.dll
.dll windows:1 windows x86 arch:x86

cc92ac07954ed01a7ef85c36c899dbc4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

BitBlt
CreateCompatibleDC
CreateDIBitmap
CreateSolidBrush
DeleteDC
DeleteObject
ExtTextOutA
GetDeviceCaps
GetTextExtentPointA
IntersectClipRect
PatBlt
SelectObject
SetBkColor
SetBkMode
SetTextColor

crtdll

_memicmp

kernel32

FindResourceA
GetCurrentThreadId
GetModuleFileNameA
GetProfileStringA
GetSystemDirectoryA
GetVersion
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalFree
IsBadReadPtr
LoadResource
SizeofResource
lstrcmpA
lstrcmpiA
lstrlenA

user32

BeginPaint
CallNextHookEx
CallWindowProcA
CharNextA
CharPrevA
ClientToScreen
DefWindowProcA
DrawFocusRect
DrawTextA
EndPaint
ExcludeUpdateRgn
GetClassInfoA
GetClassNameA
GetClientRect
GetDC
GetFocus
GetParent
GetPropA
GetSysColor
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongA
GetWindowRect
GetWindowTextA
HideCaret
InflateRect
IntersectRect
InvalidateRect
IsChild
IsWindowEnabled
MapWindowPoints
MessageBoxA
OffsetRect
ReleaseDC
RemovePropA
ScreenToClient
SendMessageA
SetPropA
SetWindowLongA
SetWindowsHookExA
ShowCaret
UnhookWindowsHookEx

Exports

Exports

BtnWndProc3d
ComboWndProc3d
Ctl3dAutoSubclass
Ctl3dColorChange
Ctl3dCtlColor
Ctl3dCtlColorEx
Ctl3dDlgFramePaint
Ctl3dDlgProc
Ctl3dEnabled
Ctl3dGetVer
Ctl3dRegister
Ctl3dSetStyle
Ctl3dSubclassCtl
Ctl3dSubclassDlg
Ctl3dSubclassDlgEx
Ctl3dUnregister
EditWndProc3d
ListWndProc3d
StaticWndProc3d
WEP

Sections

.text
Size: 9KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT_TEX
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

WEP_TEXT
Size: 512B - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data1.cab
data1.hdr
demo.cmp
demo.mc6
demo.pkg
help.mc6
lang.dat
layout.bin
mc6.CNT
mc6.exe
.exe windows:1 windows x86 arch:x86

50c3d1d65f6f8d7d400c1557f1c21799

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFileInfoA

comctl32

ord14
ord13
ord17
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_SetDragCursorImage
ImageList_Write
PropertySheetA

gdi32

AbortDoc
Arc
ArcTo
BitBlt
CloseEnhMetaFile
CloseMetaFile
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBPatternBrushPt
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileA
CreateFontIndirectA
CreateHatchBrush
CreateMetaFileA
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePolygonRgn
CreateRectRgnIndirect
CreateRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesA
EnumMetaFile
Escape
ExcludeClipRect
ExtCreatePen
ExtSelectClipRgn
ExtTextOutA
FillRgn
GetBkColor
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetEnhMetaFileA
GetEnhMetaFileHeader
GetMapMode
GetMetaFileBitsEx
GetObjectA
GetObjectType
GetRgnBox
GetStockObject
GetTextAlign
GetTextExtentPointA
GetTextMetricsA
GetViewportExtEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineDDA
LineTo
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
Pie
PlayEnhMetaFile
PlayMetaFileRecord
PlayMetaFile
PolyBezierTo
PolyDraw
Polygon
Polyline
PolylineTo
PtInRegion
PtVisible
RealizePalette
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetColorAdjustment
SetMapMode
SetMapperFlags
SetMetaFileBitsEx
SetPixel
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartDocA
StartPage
StretchBlt
StretchDIBits
TextOutA
UnrealizeObject

user32

AdjustWindowRectEx
AppendMenuA
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CharLowerA
CharNextA
CharToOemA
CharUpperA
CharUpperBuffA
CheckDlgButton
CheckMenuItem
CheckRadioButton
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CopyRect
CreateCaret
CreateDialogIndirectParamA
CreatePopupMenu
CreateWindowExA
DefDlgProcA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeferWindowPos
DeleteMenu
DestroyCaret
DestroyCursor
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawFocusRect
DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EqualRect
ExcludeUpdateRgn
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassNameA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetFocus
GetForegroundWindow
GetKeyState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgTabItem
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentA
GetTopWindow
GetUpdateRect
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindow
GetWindowTextA
GetWindowTextLengthA
GrayStringA
HideCaret
InflateRect
InsertMenuA
IntersectRect
InvalidateRect
InvertRect
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsWindow
IsZoomed
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadMenuA
LoadStringA
LockWindowUpdate
MapDialogRect
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OemToCharA
OffsetRect
OpenClipboard
OpenIcon
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ReuseDDElParam
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemInt
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetMenu
SetMessageQueue
SetParent
SetPropA
SetRectEmpty
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TrackPopupMenu
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA
wvsprintfA

kernel32

CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
DeleteFileA
DosDateTimeToFileTime
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
GetCurrentThread
GetDateFormatA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetLogicalDriveStringsA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessVersion
GetProfileStringA
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetSystemInfo
GetThreadLocale
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetUserDefaultLangID
GetVersion
GetVersionExA
GetVolumeInformationA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MoveFileA
MulDiv
MultiByteToWideChar
RaiseException
ReadConsoleInputA
ReadFile
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SuspendThread
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteConsoleA
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PrintDlgA

Sections

AUTO
Size: 2.2MB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 551KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 101KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 160KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 332KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
mc6.hlp
mc6demo.exe
.exe windows:1 windows x86 arch:x86

90f106a2dd8efdbfb631511c2e5a9028

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
SHGetFileInfoA

comctl32

ord14
ord13
ord17
CreatePropertySheetPageA
DestroyPropertySheetPage
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_SetDragCursorImage
ImageList_Write
PropertySheetA

kernel32

CloseHandle
CreateDirectoryA
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
DeleteFileA
DosDateTimeToFileTime
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
GetCurrentThread
GetDateFormatA
GetDriveTypeA
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetFileTime
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPrivateProfileIntA
GetPrivateProfileStringA
GetProcAddress
GetProcessVersion
GetProfileStringA
GetShortPathNameA
GetStdHandle
GetStringTypeA
GetStringTypeExA
GetThreadLocale
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetVersion
GetVersionExA
GetVolumeInformationA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalMemoryStatus
GlobalReAlloc
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LocalReAlloc
LockFile
LockResource
MoveFileA
MulDiv
MultiByteToWideChar
RaiseException
ReadConsoleInputA
ReadFile
ResumeThread
RtlUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetFileTime
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
SuspendThread
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnlockFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

gdi32

AbortDoc
Arc
ArcTo
BitBlt
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDIBPatternBrushPt
CreateDIBSection
CreateDIBitmap
CreateFontIndirectA
CreateHatchBrush
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePolygonRgn
CreateRectRgnIndirect
CreateRectRgn
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
Ellipse
EndDoc
EndPage
EnumFontFamiliesA
EnumMetaFile
Escape
ExcludeClipRect
ExtCreatePen
ExtSelectClipRgn
ExtTextOutA
FillRgn
GetBkColor
GetClipBox
GetClipRgn
GetCurrentObject
GetCurrentPositionEx
GetDeviceCaps
GetMapMode
GetObjectA
GetObjectType
GetRgnBox
GetStockObject
GetTextExtentPointA
GetTextMetricsA
GetViewportExtEx
GetWindowExtEx
GetWindowOrgEx
IntersectClipRect
LPtoDP
LineDDA
LineTo
MoveToEx
OffsetClipRgn
OffsetViewportOrgEx
OffsetWindowOrgEx
PatBlt
Pie
PlayMetaFileRecord
PlayMetaFile
PolyBezierTo
PolyDraw
Polygon
Polyline
PolylineTo
PtInRegion
PtVisible
RealizePalette
RectVisible
Rectangle
RestoreDC
RoundRect
SaveDC
ScaleViewportExtEx
ScaleWindowExtEx
SelectClipPath
SelectClipRgn
SelectObject
SelectPalette
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetColorAdjustment
SetMapMode
SetMapperFlags
SetPixel
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextCharacterExtra
SetTextColor
SetTextJustification
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
StartDocA
StartPage
StretchBlt
StretchDIBits
TextOutA
UnrealizeObject

user32

AdjustWindowRectEx
AppendMenuA
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcA
CharLowerA
CharNextA
CharToOemA
CharUpperA
CharUpperBuffA
CheckDlgButton
CheckMenuItem
CheckRadioButton
ChildWindowFromPoint
ClientToScreen
CloseClipboard
CopyRect
CreateCaret
CreateDialogIndirectParamA
CreatePopupMenu
CreateWindowExA
DefDlgProcA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeferWindowPos
DeleteMenu
DestroyCaret
DestroyCursor
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawFocusRect
DrawMenuBar
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EqualRect
ExcludeUpdateRgn
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoA
GetClassNameA
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetDialogBaseUnits
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetFocus
GetForegroundWindow
GetKeyState
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenuStringA
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgTabItem
GetParent
GetPropA
GetScrollInfo
GetScrollPos
GetScrollRange
GetSubMenu
GetSysColor
GetSystemMenu
GetSystemMetrics
GetTabbedTextExtentA
GetTopWindow
GetUpdateRect
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindow
GetWindowTextA
GetWindowTextLengthA
GrayStringA
HideCaret
InflateRect
InsertMenuA
IntersectRect
InvalidateRect
InvertRect
IsChild
IsClipboardFormatAvailable
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsRectEmpty
IsWindowEnabled
IsWindowUnicode
IsWindowVisible
IsWindow
IsZoomed
KillTimer
LoadAcceleratorsA
LoadBitmapA
LoadCursorA
LoadIconA
LoadMenuA
LoadStringA
LockWindowUpdate
MapDialogRect
MapVirtualKeyA
MapWindowPoints
MessageBeep
MessageBoxA
ModifyMenuA
MoveWindow
OemToCharA
OffsetRect
OpenClipboard
OpenIcon
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RedrawWindow
RegisterClassA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ReuseDDElParam
ScreenToClient
ScrollWindow
ScrollWindowEx
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClipboardData
SetCursor
SetCursorPos
SetDlgItemInt
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetMenu
SetMessageQueue
SetParent
SetPropA
SetRectEmpty
SetRect
SetScrollInfo
SetScrollPos
SetScrollRange
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowCaret
ShowOwnedPopups
ShowScrollBar
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TrackPopupMenu
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnpackDDElParam
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
WindowFromPoint
wsprintfA
wvsprintfA

comdlg32

ChooseColorA
ChooseFontA
CommDlgExtendedError
GetFileTitleA
GetOpenFileNameA
GetSaveFileNameA
PageSetupDlgA
PrintDlgA

Sections

AUTO
Size: 2.1MB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 474KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 99KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 157KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 331KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
model.exe
.exe windows:1 windows x86 arch:x86

2f137f0d7a86808b717a61bc4a2b7367

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragAcceptFiles
DragFinish
DragQueryFileA
DragQueryPoint

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
CreatePatternBrush
CreatePen
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteObject
GetObjectA
GetStockObject
GetTextExtentPointA
GetTextMetricsA
LineTo
MoveToEx
Rectangle
SelectClipRgn
SelectObject
SetBkColor
SetBkMode
SetBrushOrgEx
SetROP2
SetTextColor
TextOutA
UnrealizeObject

user32

AppendMenuA
BeginPaint
BringWindowToTop
CharUpperA
CharUpperBuffA
CheckDlgButton
CheckMenuItem
CheckRadioButton
ClientToScreen
CloseClipboard
CreateDialogParamA
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DestroyWindow
DialogBoxParamA
DispatchMessageA
DrawFocusRect
DrawTextA
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FillRect
FindWindowA
FrameRect
GetActiveWindow
GetAsyncKeyState
GetClassLongA
GetClassNameA
GetClientRect
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItemTextA
GetDlgItem
GetFocus
GetKeyboardType
GetLastActivePopup
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMenu
GetMessageA
GetNextDlgGroupItem
GetNextDlgTabItem
GetScrollPos
GetSubMenu
GetSysColor
GetSystemMetrics
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
GetWindow
InflateRect
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsZoomed
LoadAcceleratorsA
LoadCursorA
LoadIconA
LoadStringA
MessageBeep
MessageBoxA
MoveWindow
OpenClipboard
OpenIcon
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
SendMessageA
SetActiveWindow
SetCapture
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetRectEmpty
SetRect
SetScrollPos
SetScrollRange
SetWindowLongA
SetWindowTextA
ShowScrollBar
ShowWindow
SystemParametersInfoA
TranslateAcceleratorA
TranslateMDISysAccel
TranslateMessage
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA

kernel32

CloseHandle
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
DeleteFileA
DosDateTimeToFileTime
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetDateFormatA
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetPrivateProfileStringA
GetProcAddress
GetStdHandle
GetThreadLocale
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetVersion
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MultiByteToWideChar
ReadConsoleInputA
ReadFile
SetConsoleCtrlHandler
SetConsoleMode
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteFile
lstrcmpiA

comdlg32

GetOpenFileNameA
GetSaveFileNameA

Sections

AUTO
Size: 183KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 28KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 82KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
os.dat
readdemo.wri
setup.bmp
setup.ins
setup.lid
standard.cmp
standard.pkg
standard.shp
tip.mc6

Sharing

General

Malware Config

Signatures

Files

803edc824d6ad2fbf208002358b59a5a

Headers

File Characteristics

Imports

ntoskrnl.exe

usbd.sys

Sections

.text Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 433B

.idata Size: 1024B - Virtual size: 760B

.rsrc Size: 1024B - Virtual size: 972B

.reloc Size: 1024B - Virtual size: 584B

bb8d408a24b010e9ca24de99d2acde55

Headers

File Characteristics

Imports

ntoskrnl.exe

usbd.sys

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 737B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 972B

.reloc Size: 1024B - Virtual size: 800B

bb8d408a24b010e9ca24de99d2acde55

Headers

File Characteristics

Imports

ntoskrnl.exe

usbd.sys

Sections

.text Size: 17KB - Virtual size: 16KB

.data Size: 1024B - Virtual size: 737B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 972B

.reloc Size: 1024B - Virtual size: 800B

10d4ede424a9509b6496eb8703efd20e

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 348KB - Virtual size: 347KB

CONST Size: 1024B - Virtual size: 584B

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 7KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 21KB - Virtual size: 21KB

486b781ed94f269674f5ece742cf619a

Headers

File Characteristics

Imports

ntoskrnl.exe

hal

Sections

.text Size: 40KB - Virtual size: 40KB

.bss Size: 512B - Virtual size: 260B

.data Size: 1024B - Virtual size: 944B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1024B - Virtual size: 968B

.reloc Size: 1024B - Virtual size: 932B

e6c278da081a3374847d8ca4880824e0

Headers

File Characteristics

Imports

ntvdm.exe

kernel32

user32

Exports

Exports

Sections

.text Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 288B

.rdata Size: 512B - Virtual size: 15B

.text
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 433B

.idata
Size: 1024B - Virtual size: 760B

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 1024B - Virtual size: 584B

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 737B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 1024B - Virtual size: 800B

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 1024B - Virtual size: 737B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 1024B - Virtual size: 800B

.text
Size: 348KB - Virtual size: 347KB

CONST
Size: 1024B - Virtual size: 584B

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 21KB - Virtual size: 21KB

.text
Size: 40KB - Virtual size: 40KB

.bss
Size: 512B - Virtual size: 260B

.data
Size: 1024B - Virtual size: 944B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 1024B - Virtual size: 932B

.text
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 288B

.rdata
Size: 512B - Virtual size: 15B

.data
Size: 512B - Virtual size: 75B

.idata
Size: 512B - Virtual size: 440B

.edata
Size: 512B - Virtual size: 195B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 234B

UPX0
Size: - Virtual size: 232KB

UPX1
Size: 162KB - Virtual size: 164KB

.rsrc
Size: 2KB - Virtual size: 4KB

.protect
Size: 86KB - Virtual size: 85KB

.text
Size: 160KB - Virtual size: 159KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 1.5MB - Virtual size: 1.5MB

.rsrc
Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 3KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 1000B

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 10KB - Virtual size: 15KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1KB - Virtual size: 1KB