29a-7[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

29a-7.zip
Size

5.7MB
MD5

59d3e819ef146ecd08c6f2ead5649bb4
SHA1

b89b6bca2f50458eaa1225d3e9d3608df695cfb8
SHA256

2801ba2b719717f4d1a6f3af53dbc31cf032bf961a13e114debfc35c301d86ca
SHA512

d2619a4ff0604b6857c5b7da8201a65c20bfc48ba45f6da98f70e9bd00c30b85928cdc3f9b760f88a1ae38132d444f0f563337a2367ba14bcfb5ab6701f89397
SSDEEP

98304:j266n0CziOjIYwZSmj30Jn3Ba5nm1Hs5yYMyzomrkhmQHJQEM5mL380eqSg:j2J0CWOsFjSg5nmlrYlZUmcJQWfag

Score

7^/10

upx

Malware Config

Signatures

ACProtect 1.3x - 1.4x DLL software 1 IoCs

Detects file using ACProtect software.

resource	yara_rule
static1/unpack006/BINARY/MYDOOM.EXE	acprotect

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack006/BINARY/MYDOOM.EXE	upx
static1/unpack008/RINS.EXE	upx
static1/unpack001/intro.exe	upx

Unsigned PE 11 IoCs

Checks for missing Authenticode signature.

resource
unpack002/test/test.EXE
unpack003/FLATEI.EXE
unpack003/SYRA-A.EXE
unpack003/SYRA-B.EXE
unpack003/SYRA-C.EXE
unpack004/SENDWORM.EXE
unpack006/BINARY/MYDOOM.EXE
unpack007/out.upx
unpack008/RINS.EXE
unpack009/out.upx
unpack001/intro.exe

Files

29a-7.zip
.zip
29A-7.IDX
Articles/29A-7.001
.vbs
Articles/29A-7.002
Articles/29A-7.003
Articles/29A-7.004
Articles/29A-7.005
.vbs
Articles/29A-7.006
Articles/29A-7.007
Articles/29A-7.008
.js
Articles/29A-7.009
Articles/29A-7.010
.vbs
Articles/29A-7.011
Articles/29A-7.012
Articles/29A-7.013
Articles/29A-7.014
Articles/29A-7.015
Articles/29A-7.016
Articles/29A-7.017
Articles/29A-7.018
Articles/29A-7.019
Articles/29A-7.020
.vbs
Articles/29A-7.021
Articles/29A-7.022
Articles/29A-7.023
Articles/29A-7.024
Articles/29A-7.025
Articles/29A-7.026
Articles/29A-7.027
Articles/29A-7.028
Articles/29A-7.029
Articles/29A-7.030
Articles/29A-7.031
Articles/29A-7.032
Articles/29A-7.033
Binaries/90210/PHIDE.ZIP
.zip
obj/phide.OBJ
obj/phide.ash
src/MAKEFILE
src/MAKELIB.BAT
src/incs/CATCHY32.INC
src/incs/MZ.INC
src/incs/PE.INC
src/incs/internal.ash
src/incs/optable.inc
src/incs/phide.ash
src/phide.inc
test/MAKEFILE
test/phide.OBJ
test/phide.ash
test/test.EXE
.exe windows:1 windows x86 arch:x86

5ccf02cc846e03199849e329d0502404

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualProtect
VirtualFree
lstrcmpiA
GetStdHandle
VirtualLock
WriteConsoleA
Beep
CloseHandle
ExitProcess
GetCurrentProcessId
GetProcAddress
VirtualUnlock
GetSystemInfo
GetVersionExA
LoadLibraryExA
LocalFree
Sleep
VirtualAlloc

user32

FindWindowA
wsprintfA
GetWindowThreadProcessId

ntdll

NtUnmapViewOfSection
NtQuerySystemInformation
NtOpenSection
NtMapViewOfSection

advapi32

SetSecurityInfo
SetEntriesInAclW
GetSecurityInfo

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
test/test.asm
Binaries/Alcopaul/NETVIRUS.ZIP
.zip
FLATEI.EXE
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SYRA-A.EXE
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SYRA-B.EXE
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SYRA-C.EXE
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Binaries/Anonymous/FLYINGV.ZIP
.zip
FINDK32.INC
MAKEFILE
SENDWORM.EXE
.exe windows:1 windows x86 arch:x86

ee9c9a3024a46ccd2f738bb44c67d8d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrlenA
WriteFile
GetStdHandle
ExitProcess
GetCommandLineA

wsock32

socket
recv
WSACleanup
inet_addr
gethostbyname
connect
send
closesocket
WSAStartup

user32

wsprintfA

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WORM.EML
.eml
WORM.INC
Binaries/Anonymous/MYDOOM.ZIP
.zip
BINARY/MYDOOM.EXE
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

UPX0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_readme.txt
lib.c
lib.h
main.c
makefile
massmail.c
massmail.h
msg.c
msg.h
p2p.c
resource.ico
resource.rc
scan.c
scan.h
sco.c
sco.h
work/bin2c.c
work/cleanpe.cpp
work/crypt1.c
work/rot13.c
work/stub.exe
xdns.c
xdns.h
xproxy/client.c
xproxy/makefile
xproxy/xproxy.c
xsmtp.c
xsmtp.h
zipstore.c
zipstore.h
Binaries/Anthony/RINS.ZIP
.zip
RINS.EXE
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Binaries/Aphex/DOS.ZIP
.zip
Binaries/Bartolich/EVWHOWTO.ZIP
.zip
Binaries/Benny/SEROTONI.ZIP
.zip
Binaries/Bumblebee/FREEBIRD.ZIP
.zip
Binaries/CodeMaster/CODEHOPP.ZIP
.zip
Binaries/DoxtorL/RIVANON.ZIP
.zip
Binaries/Gildo/DAMA2.ZIP
.zip
Binaries/Gildo/DAMAEXPL.ZIP
.zip
Binaries/Gildo/EXPLOIT.ZIP
.zip
Binaries/Gildo/GBG.ZIP
.zip
Binaries/Gildo/GILDO.ZIP
.zip
Binaries/GriYo/STIGMA.ZIP
.zip
Binaries/Holy_Father/HXDEF100.ZIP
.zip
Binaries/Holy_Father/OPHANDLE.ZIP
.zip
Binaries/Holy_Father/SREDIR.ZIP
.zip
Binaries/Kenerman/TIRTHAS.ZIP
.zip
Binaries/Kinetic/GEORGINA.ZIP
.zip
Binaries/MI_Pirat/PIECEBYP.ZIP
.zip
Binaries/MrDinam0/GAYBAR.ZIP
.zip
Binaries/Necronomikon/ALICIA.ZIP
.zip
Binaries/Necronomikon/HEMPHOPE.ZIP
.zip
Binaries/Sunnis/GODZIILA.ZIP
.zip
Binaries/Vallez/BLOCKEXT.ZIP
.zip
Binaries/Vallez/LADYMARI.ZIP
.zip
Binaries/Vallez/URK0.ZIP
.zip
Binaries/Vecna/BOT.ZIP
.zip
Binaries/Vecna/CPU.ZIP
.zip
Binaries/Vecna/CROBFTP.ZIP
.zip
Binaries/Vecna/ELFVIRUS.ZIP
.zip
Binaries/Vecna/FTRANSF.ZIP
.zip
Binaries/Vecna/HYBRIS.RAR
.rar
Binaries/Vecna/LINKER.ZIP
.zip
Binaries/Vecna/WRARXPLT.ZIP
.zip
Binaries/Z0MBiE/HELKERN.ZIP
.zip
Binaries/Z0MBiE/HKIT.RAR
.rar
Binaries/Z0MBiE/HOOKLIBR.RAR
.rar
Binaries/Z0MBiE/INJEVIL.ZIP
.zip
Binaries/Z0MBiE/IRXP.ZIP
.zip
Binaries/Z0MBiE/RSALIB.ZIP
.zip
Binaries/Z0MBiE/VIRSTR.ZIP
.zip
Binaries/Zert/ZERT.ZIP
.zip
Binaries/badCRC/4096.ZIP
.zip
Binaries/bcom/CALYPZO.ZIP
.zip
Binaries/bcom/NT_PASSW.ZIP
.zip
Binaries/delikon/DELIKON.ZIP
.zip
Binaries/emp/AMON.ZIP
.zip
Binaries/lifewire/7FACES.ZIP
.zip
Binaries/pienstevo/BALROG.ZIP
.zip
Binaries/pienstevo/SIAMEXE.ZIP
.zip
Binaries/roy g biv/CONSCRPT.ZIP
.zip
Binaries/roy g biv/CROISSNT.ZIP
.zip
Binaries/roy g biv/EFISH-B.ZIP
.zip
Binaries/roy g biv/EFISH-C.ZIP
.zip
Binaries/roy g biv/JUNKHTML.ZIP
.zip
Binaries/roy g biv/JUNKMAIL.ZIP
.zip
Binaries/roy g biv/NTRING0.ZIP
.zip
Binaries/roy g biv/PRETEXT.ZIP
.zip
Binaries/roy g biv/RGBLDE.ZIP
.zip
Binaries/sars/CATCHY32.RAR
.rar
Binaries/sheroc/FCI.ZIP
.zip
Binaries/underx/MLDE32.ZIP
.zip
Binaries/underx/VPCHAMME.ZIP
.zip
Binaries/underx/VXSNTP.ZIP
.zip
Binaries/whale/NAS096B.ZIP
.zip
Binaries/whale/SNAIL.ZIP
.zip
Binaries/whale/ZAIKA.ZIP
.zip
Binaries/yoda/FLY.ZIP
.zip
Binaries/yoda/INCONEX.ZIP
.zip
Binaries/yoda/INVISIBI.ZIP
.zip
Binaries/yoda/LPE-DLX.ZIP
.zip
Editorial/29A-7.001
Editorial/29A-7.002
Editorial/29A-7.003
Editorial/29A-7.004
Editorial/29A-7.005
Editorial/29A-7.006
Editorial/29A-7.007
Editorial/29A-7.008
Editorial/29A-7.009
Editorial/29A-7.010
Editorial/29A-7.011
Editorial/29A-7.012
Editorial/29A-7.013
FILE_ID.DIZ
Utilities/29A-7.001
Utilities/29A-7.002
Utilities/29A-7.003
Utilities/29A-7.004
Utilities/29A-7.005
Utilities/29A-7.006
Utilities/29A-7.007
Utilities/29A-7.008
Utilities/29A-7.009
Utilities/29A-7.010
Utilities/29A-7.011
Utilities/29A-7.012
Utilities/29A-7.013
Utilities/29A-7.014
Utilities/29A-7.015
Utilities/29A-7.016
Utilities/29A-7.017
Utilities/29A-7.018
Utilities/29A-7.019
Utilities/29A-7.020
Utilities/29A-7.021
Utilities/29A-7.022
Utilities/29A-7.023
Utilities/29A-7.024
Utilities/29A-7.025
Utilities/29A-7.026
Viruses/Misc/29A-7.001
Viruses/Misc/29A-7.002
Viruses/Misc/29A-7.003
Viruses/Misc/29A-7.004
Viruses/Misc/29A-7.005
Viruses/Misc/29A-7.006
Viruses/Misc/29A-7.007
Viruses/Misc/29A-7.008
Viruses/Misc/29A-7.009
Viruses/Misc/29A-7.010
Viruses/Misc/29A-7.011
Viruses/Misc/29A-7.012
Viruses/Misc/29A-7.013
Viruses/Misc/29A-7.014
Viruses/Misc/29A-7.015
.js
Viruses/Misc/29A-7.016
.vbs
Viruses/Misc/29A-7.017
Viruses/Misc/29A-7.018
Viruses/Misc/29A-7.019
Viruses/Misc/29A-7.020
Viruses/Win32/29A-7.001
Viruses/Win32/29A-7.002
Viruses/Win32/29A-7.003
Viruses/Win32/29A-7.004
Viruses/Win32/29A-7.005
Viruses/Win32/29A-7.006
Viruses/Win32/29A-7.007
Viruses/Win32/29A-7.008
Viruses/Win32/29A-7.009
Viruses/Win32/29A-7.010
Viruses/Win32/29A-7.011
Viruses/Win32/29A-7.012
Viruses/Win32/29A-7.013
.js
Viruses/Win32/29A-7.014
Viruses/Win32/29A-7.015
.vbs
Viruses/Win32/29A-7.016
Viruses/Win32/29A-7.017
.vbs
Viruses/Win32/29A-7.018
Viruses/Win32/29A-7.019
.vbs
Viruses/Win32/29A-7.020
Viruses/Win32/29A-7.021
Viruses/WinNT/29A-7.001
Viruses/WinNT/29A-7.002
Viruses/WinNT/29A-7.003
Viruses/WinNT/29A-7.004
Viruses/WinNT/29A-7.005
Viruses/WinNT/29A-7.006
intro.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 250KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5ccf02cc846e03199849e329d0502404

Headers

File Characteristics

Imports

kernel32

user32

ntdll

advapi32

Sections

CODE Size: 3KB - Virtual size: 4KB

DATA Size: 1024B - Virtual size: 4KB

.idata Size: 1024B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 808B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 2KB

.rsrc Size: 1024B - Virtual size: 816B

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

Imports

mscoree

Sections

.text Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 808B

.reloc Size: 512B - Virtual size: 12B

ee9c9a3024a46ccd2f738bb44c67d8d0

Headers

File Characteristics

Imports

kernel32

wsock32

user32

Sections

CODE Size: 1024B - Virtual size: 4KB

DATA Size: 3KB - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 16KB

UPX1 Size: 3KB - Virtual size: 4KB

UPX2 Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 4KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 246B

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 16KB

CODE
Size: 3KB - Virtual size: 4KB

DATA
Size: 1024B - Virtual size: 4KB

.idata
Size: 1024B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.text
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 808B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1024B - Virtual size: 816B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 808B

.reloc
Size: 512B - Virtual size: 12B

CODE
Size: 1024B - Virtual size: 4KB

DATA
Size: 3KB - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 16KB

UPX1
Size: 3KB - Virtual size: 4KB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 246B

UPX0
Size: - Virtual size: 16KB

UPX1
Size: 3KB - Virtual size: 4KB

UPX2
Size: 512B - Virtual size: 4KB

CODE
Size: 3KB - Virtual size: 4KB

DATA
Size: 2KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

UPX0
Size: - Virtual size: 1.1MB

UPX1
Size: 250KB - Virtual size: 252KB

.rsrc
Size: 1024B - Virtual size: 4KB