d0b8c8e64d0fbae89c81713773e73ac6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d0b8c8e64d0fbae89c81713773e73ac6_JaffaCakes118
Size

1.3MB
MD5

d0b8c8e64d0fbae89c81713773e73ac6
SHA1

61d665d1d39aac34e55590e800f0eb47d04686a9
SHA256

e0d56c4eef5a3bb428ea13c2e1f4f36a8b0d6ecef5b0d6589737827a00e3e98f
SHA512

9b58c2c8c2de3ef860d88ad35b3f9030a2300f75a1be59bd421952fb33e34593d310432a1177282b817aed56e83fb01dae923744e1b0bf8a8501d7c2eaae1ac8
SSDEEP

24576:7/Gmf1QU/cRC1Bh8oSmTKNaDnd24LKcTRb/aXTUfefkLd8nlydi98ypmhV6nTXwp:7/rdNcRmBh8gTPDw42cTRb4YWWangY0

Score

3^/10

Malware Config

Signatures

Unsigned PE 139 IoCs

Checks for missing Authenticode signature.

resource
unpack001/viry/Win2K.Inta.1676/Win2K.Inta.1676.exe
unpack001/viry/Win2K.Inta.1688/Win2K.Inta.1688.exe
unpack001/viry/Win2K.Stream/Win2K.Stream.exe
unpack001/viry/Win32.AOC.3649.a/Win32.AOC.3649.a.exe
unpack001/viry/Win32.Apparition.b/Win32.Apparition.b.exe
unpack001/viry/Win32.Belial/Win32.Belial.exe
unpack001/viry/Win32.Benny.3219/Win32.Benny.3219.exe
unpack001/viry/Win32.Bika.1906/Win32.Bika.1906.exe
unpack001/viry/Win32.Blakan.2016/Win32.Blakan.2016.exe
unpack001/viry/Win32.Bolzano.3192/Win32.Bolzano.3192.exe
unpack001/viry/Win32.Bolzano.3628/Win32.Bolzano.3628.exe
unpack001/viry/Win32.Bolzano.4096.d/Win32.Bolzano.4096.d.exe
unpack001/viry/Win32.Bolzano.5396/Win32.Bolzano.5396.exe
unpack001/viry/Win32.CTX.6886/Win32.CTX.6886.exe
unpack001/viry/Win32.CabInfector/Win32.CabInfector.exe
unpack001/viry/Win32.Cabanas.b/Win32.Cabanas.b.exe
unpack001/viry/Win32.Cerebrus.1482/Win32.Cerebrus.1482.exe
unpack001/viry/Win32.Crypto/Win32.Crypto.exe
unpack001/viry/Win32.Dream.4916/Win32.Dream.4916.exe
unpack001/viry/Win32.Driller/Win32.Driller.exe
unpack001/viry/Win32.Eva.4096.a/Win32.Eva.4096.a.exe
unpack001/viry/Win32.Evol.b/Win32.Evol.b.exe
unpack001/viry/Win32.Evyl.b/Win32.Evyl.b.exe
unpack001/viry/Win32.FunLove.4070/Win32.FunLove.4070.exe
unpack001/viry/Win32.HIV.6680/Win32.HIV.6680.exe
unpack001/viry/Win32.HLLP.Xinfect.a/Win32.HLLP.Xinfect.a.exe
unpack001/viry/Win32.HLLW.Randir/Win32.HLLW.Randir.exe
unpack001/viry/Win32.Henky/Win32.Henky.exe
unpack001/viry/Win32.Heretic.1986/Win32.Heretic.1986.exe
unpack001/viry/Win32.Hortiga.4938/Win32.Hortiga.4938.exe
unpack001/viry/Win32.IKX/Win32.IKX.exe
unpack001/viry/Win32.Idele.2108/Win32.Idele.2108.exe
unpack001/viry/Win32.Idyll.1556/Win32.Idyll.1556.exe
unpack001/viry/Win32.Infinite.1661/Win32.Infinite.1661.exe
unpack001/viry/Win32.Inrar.a/Win32.Inrar.a.exe
unpack001/viry/Win32.Intar.1854/Win32.Intar.1854.exe
unpack001/viry/Win32.Intar.1920/Win32.Intar.1920.exe
unpack001/viry/Win32.Intar.1992/Win32.Intar.1992.exe
unpack001/viry/Win32.Kenston.1895/Win32.Kenston.1895.exe
unpack001/viry/Win32.Kriz.4029/Win32.Kriz.4029.exe
unpack001/viry/Win32.Levi.3236/Win32.Levi.3236.exe
unpack001/viry/Win32.Magic.1590/Win32.Magic.1590.exe
unpack001/viry/Win32.Magic.7045.a/Win32.Magic.7045.a.exe
unpack001/viry/Win32.Matrix.Ordy.a/Win32.Matrix.Ordy.a.exe
unpack001/viry/Win32.Maya.4113/Win32.Maya.4113.exe
unpack001/viry/Win32.Maya.4153.a/Win32.Maya.4153.a.exe
unpack001/viry/Win32.Mental.10000/Win32.Mental.10000.exe
unpack001/viry/Win32.Parvo/Win32.Parvo.exe
unpack001/viry/Win32.Qozah.3365/Win32.Qozah.3365.exe
unpack001/viry/Win32.RainSong.3891/Win32.RainSong.3891.exe
unpack001/viry/Win32.RainSong.3925.a/Win32.RainSong.3925.a.exe
unpack001/viry/Win32.Ramm.e/Win32.Ramm.e.exe
unpack001/viry/Win32.Ramm.f/Win32.Ramm.f.exe
unpack001/viry/Win32.Redemption.a/Win32.Redemption.a.exe
unpack001/viry/Win32.Redemption.b/Win32.Redemption.b.exe
unpack001/viry/Win32.Refer.2939/Win32.Refer.2939.exe
unpack001/viry/Win32.Resur.a/Win32.Resur.a.exe
unpack001/viry/Win32.Resur.d/Win32.Resur.d.exe
unpack001/viry/Win32.Ruff.4859/Win32.Ruff.4859.exe
unpack001/viry/Win32.Sadon.900/Win32.Sadon.900.exe
unpack001/viry/Win32.Sentinel/Win32.Sentinel.exe
unpack001/viry/Win32.Silcer/Win32.Silcer.exe
unpack001/viry/Win32.Slow.8192/Win32.Slow.8192.exe
unpack001/viry/Win32.Stupid.b/Win32.Stupid.b.exe
unpack001/viry/Win32.Tapan.3882/Win32.Tapan.3882.exe
unpack001/viry/Win32.TeddyBear/Win32.TeddyBear.exe
unpack001/viry/Win32.Vampiro/Win32.Vampiro.exe
unpack001/viry/Win32.Vulcano/Win32.Vulcano.exe
unpack001/viry/Win32.Weird.10240/Win32.Weird.10240.exe
unpack001/viry/Win32.Younga.2384.a/Win32.Younga.2384.a.exe
unpack001/viry/Win32.ZHymn.Host/Win32.ZHymn.Host.exe
unpack001/viry/Win32.ZPerm.b/Win32.ZPerm.b.exe
unpack001/viry/Win95.Arianne.1022.a/Win95.Arianne.1022.a.exe
unpack001/viry/Win95.Babylonia.11036/Win95.Babylonia.11036.exe
unpack001/viry/Win95.Begemot/Win95.Begemot.exe
unpack001/viry/Win95.Bonk.1243/Win95.Bonk.1243.exe
unpack001/viry/Win95.Boza.c.(intended)/Win95.Boza.c.(intended).exe
unpack001/viry/Win95.CIH-Killer.1373/Win95.CIH-Killer.1373.exe
unpack001/viry/Win95.CIH.1003.b/Win95.CIH.1003.b.exe
unpack001/viry/Win95.CIH.1019.c/Win95.CIH.1019.c.exe
unpack001/viry/Win95.CIH.1024/Win95.CIH.1024.exe
unpack001/viry/Win95.CIH.1026/Win95.CIH.1026.exe
unpack001/viry/Win95.CIH.1035/Win95.CIH.1035.exe
unpack001/viry/Win95.CIH.1040/Win95.CIH.1040.exe
unpack001/viry/Win95.CIH.1042/Win95.CIH.1042.exe
unpack001/viry/Win95.CIH.1230/Win95.CIH.1230.exe
unpack001/viry/Win95.CIH.1262/Win95.CIH.1262.exe
unpack001/viry/Win95.CIH.1363/Win95.CIH.1363.exe
unpack001/viry/Win95.CIH.973/Win95.CIH.973.exe
unpack001/viry/Win95.CIH.src/Win95.CIH.src.exe
unpack001/viry/Win95.CIH/Win95.CIH.exe
unpack001/viry/Win95.Companion/Win95.Companion.exe
unpack001/viry/Win95.Darkmil.5090/Win95.Darkmil.5090.exe
unpack001/viry/Win95.Evil.962/Win95.Evil.962.exe
unpack001/viry/Win95.Filth.1030/Win95.Filth.1030.exe
unpack001/viry/Win95.Fono.15327/Win95.Fono.15327.exe
unpack001/viry/Win95.Fraz.993/Win95.Fraz.993.exe
unpack001/viry/Win95.HPS.5124/Win95.HPS.5124.exe
unpack001/viry/Win95.I13.c/Win95.I13.c.exe
unpack001/viry/Win95.Iced.1617/Win95.Iced.1617.exe
unpack001/viry/Win95.Invir.7051/Win95.Invir.7051.exe
unpack001/viry/Win95.Jacky.1440/Win95.Jacky.1440.exe
unpack001/viry/Win95.K32.3030/Win95.K32.3030.exe
unpack001/viry/Win95.Lorez.1766/Win95.Lorez.1766.exe
unpack001/viry/Win95.Lud.Hill.401/Win95.Lud.Hill.401.exe
unpack001/viry/Win95.Lud.Jez.676/Win95.Lud.Jez.676.exe
unpack001/viry/Win95.Marburg.b/Win95.Marburg.b.exe
unpack001/viry/Win95.MarkJ.826/Win95.MarkJ.826.exe
unpack001/viry/Win95.Murkry.399/Win95.Murkry.399.exe
unpack001/viry/Win95.Noise.414/Win95.Noise.414.exe
unpack001/viry/Win95.Powerful.1592/Win95.Powerful.1592.exe
unpack001/viry/Win95.Powerful.1773/Win95.Powerful.1773.exe
unpack001/viry/Win95.Priest.1521/Win95.Priest.1521.exe
unpack001/viry/Win95.Prizzy.a/Win95.Prizzy.a.exe
unpack001/viry/Win95.Radix.402/Win95.Radix.402.exe
unpack001/viry/Win95.Repus.127/Win95.Repus.127.exe
unpack001/viry/Win95.Repus.156/Win95.Repus.156.exe
unpack001/viry/Win95.Repus.256/Win95.Repus.256.exe
unpack001/viry/Win95.Rinim.431/Win95.Rinim.431.exe
unpack001/viry/Win95.Roma.1256/Win95.Roma.1256.exe
unpack001/viry/Win95.SillyWR.136.b/Win95.SillyWR.136.b.exe
unpack001/viry/Win95.Small.126/Win95.Small.126.exe
unpack001/viry/Win95.Small.140/Win95.Small.140.exe
unpack001/viry/Win95.Small.184/Win95.Small.184.exe
unpack001/viry/Win95.Tick.7936.a/Win95.Tick.7936.a.exe
unpack001/viry/Win95.Twinny.16384/Win95.Twinny.16384.dll
unpack001/viry/Win95.Twinny.16384/Win95.Twinny.16384.exe
unpack001/viry/Win95.Yabran.3132/Win95.Yabran.3132.exe
unpack001/viry/Win95.Yildiz.323/Win95.Yildiz.323.exe
unpack001/viry/Win95.Ylang.1536.a/Win95.Ylang.1536.a.exe
unpack001/viry/Win95.Ylang.1536.b/Win95.Ylang.1536.b.exe
unpack001/viry/Win95.Yobe/Win95.Yobe.exe
unpack001/viry/Win95.Yoyo.653/Win95.Yoyo.653.exe
unpack001/viry/Win95.ZRam.a/Win95.ZRam.a.exe
unpack001/viry/Win95.Zerg.3849/Win95.Zerg.3849.exe
unpack001/viry/Win98.Damm.1537/Win98.Damm.1537.exe
unpack001/viry/Win98.Damm.1624/Win98.Damm.1624.exe
unpack001/viry/Win98.Milen.3205/Win98.Milen.3205.exe
unpack001/viry/WinHLP.Demo/WinHLP.Demo.exe

Files

d0b8c8e64d0fbae89c81713773e73ac6_JaffaCakes118
.rar
viry/Win16.AEP.a/Win16.AEP.a.com
viry/Win16.AEP.a/Win16.AEP.a.exe
viry/Win16.AEP.b/Win16.AEP.b.exe
viry/Win16.Gollum/Win16.Gollum.exe
viry/Win16.Header.Compo.145/Win16.Header.Compo.145.exe
viry/Win16.Header.Deadman.192/Win16.Header.Deadman.192.exe
viry/Win16.Homer.a/Win16.Homer.a.exe
viry/Win16.Homer.b/Win16.Homer.b.exe
viry/Win16.Homer.c/Win16.Homer.c.exe
viry/Win16.Homer.d/Win16.Homer.d.exe
viry/Win16.Homer.e/Win16.Homer.e.exe
viry/Win16.RedTeam.b/Win16.RedTeam.b.exe
viry/Win16.StalkerX.1241/Win16.StalkerX.1241.exe
viry/Win16.StalkerX.650/Win16.StalkerX.650.bin
viry/Win16.Tentacle.1958/Win16.Tentacle.1958.exe
viry/Win16.Twitch/Win16.Twitch.exe
viry/Win16.Vecna.832/Win16.Vecna.832.exe
viry/Win16.Vir_1_4/Win16.Vir_1_4.exe
viry/Win2K.Inta.1676/Win2K.Inta.1676.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win2K.Inta.1688/Win2K.Inta.1688.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win2K.Stream/Win2K.Stream.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.AOC.3649.a/Win32.AOC.3649.a.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Apparition.b/Win32.Apparition.b.exe
.exe windows:1 windows x86 arch:x86

bd1184854bbf10e539a20144b37e19b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

GetStockObject

mpr

WNetCloseEnum
WNetEnumResourceA
WNetOpenEnumA

lz32

LZClose
LZCopy
LZOpenFileA

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumChildWindows
EnumWindows
FindWindowA
GetClassNameA
GetDlgItem
GetMessageA
GetWindowLongA
GetWindowTextA
GetWindowThreadProcessId
KillTimer
LoadCursorA
LoadIconA
MessageBoxA
PostQuitMessage
RegisterClassA
SendMessageA
SetTimer
ShowWindow
TranslateMessage
UpdateWindow

kernel32

CloseHandle
ContinueDebugEvent
CreateEventA
CreateFileA
CreateFileMappingA
CreateMutexA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExitThread
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetComputerNameA
GetCurrentProcessId
GetCurrentThreadId
GetCurrentThread
GetEnvironmentStrings
GetEnvironmentVariableA
GetFileTime
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProfileIntA
GetProfileStringA
GetStartupInfoA
GetStdHandle
GetSystemTime
GetThreadContext
GetTickCount
GetVersion
GetWindowsDirectoryA
LoadLibraryA
LocalAlloc
MapViewOfFile
MoveFileA
ReadFile
ReadProcessMemory
ReleaseMutex
ResumeThread
SearchPathA
SetErrorMode
SetEvent
SetFilePointer
SetStdHandle
Sleep
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
WaitForDebugEvent
WaitForSingleObject
WriteFile
WriteProcessMemory
WriteProfileStringA

Exports

Exports

W?MainWndProc$n(pnvuiuil)l

Sections

BEGTEXT
Size: 37KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DGROUP
Size: 16KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 44KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Belial/Win32.Belial.exe
.exe windows:1 windows x86 arch:x86

142d03807248f45614ce539a26b6e110

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
CreateFileA
ExitProcess
FindFirstFileA
FindNextFileA
GetFileSize
GlobalAlloc
GlobalFree
ReadFile
SetFilePointer
WinExec
WriteFile
CloseHandle

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Benny.3219/Win32.Benny.3219.exe
.exe windows:1 windows x86 arch:x86

cb3fd5251ba1a9338893c0890811dc26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Bika.1906/Win32.Bika.1906.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Blakan.2016/Win32.Blakan.2016.exe
.exe windows:1 windows x86 arch:x86

a96d166ab17e011e8049d87211158ae5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Bolzano.3192/Win32.Bolzano.3192.exe
.exe windows:1 windows x86 arch:x86

a7d12d8817abd7d18f0906fff0804219

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Beep

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Bolzano.3628/Win32.Bolzano.3628.exe
.exe windows:1 windows x86 arch:x86

a7d12d8817abd7d18f0906fff0804219

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Beep

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Bolzano.4096.d/Win32.Bolzano.4096.d.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.debug
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Bolzano.5396/Win32.Bolzano.5396.exe
.exe windows:1 windows x86 arch:x86

a7d12d8817abd7d18f0906fff0804219

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Beep

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.CTX.6886/Win32.CTX.6886.exe
.exe windows:4 windows x86 arch:x86

dca478806a148dd6f45abfabe0d7618b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
WaitForSingleObject
CreateThread
GetModuleFileNameA
GetDriveTypeA
GetLogicalDriveStringsA
FreeLibrary
GetProcAddress
LoadLibraryA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetFileSize
CreateFileA
GetWindowsDirectoryA
GlobalFree
GlobalAlloc
WritePrivateProfileStringA
FindClose
CopyFileA
FindFirstFileA
FindNextFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
Sleep
GetStdHandle
SetHandleCount
FlushFileBuffers
LCMapStringW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
CloseHandle
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetStdHandle
LCMapStringA
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc

user32

GetWindowTextA
EnumWindows
MessageBoxA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.CabInfector/Win32.CabInfector.exe
.exe windows:1 windows x86 arch:x86

8b48dda3e9a40f515f47a9c93f1d3edd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
ExitProcess
GetFileSize
CreateFileA
SetFilePointer
VirtualAlloc
VirtualFree
WriteFile
ReadFile

user32

MessageBoxA

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Cabanas.b/Win32.Cabanas.b.exe
.exe windows:1 windows x86 arch:x86

aa25bf63b57873c47f41aaf139fee93b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
GetProcAddress
GetModuleHandleA

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Cerebrus.1482/Win32.Cerebrus.1482.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 2KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Crypto/Win32.Crypto.exe
.exe windows:4 windows x86 arch:x86

8462b60f6dff3170e8e893be76732af3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Dream.4916/Win32.Dream.4916.exe
.exe windows:4 windows x86 arch:x86

62cf9425408854bd87e995a446c180b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
DragAcceptFiles
ShellAboutA
SHGetSpecialFolderPathA
DragQueryFileA
DragFinish

kernel32

DeleteFileA
_lcreat
_lopen
_lwrite
LocalUnlock
_llseek
LocalFree
LocalAlloc
_lclose
GlobalAlloc
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpiA
GetStartupInfoA
GetModuleHandleA
ExitProcess
lstrcpynA
LocalLock
LocalReAlloc
GetProfileStringA
RtlMoveMemory
lstrlenA
FindClose
lstrcmpA
FindFirstFileA
CreateFileA
lstrcatA
GetLastError
GetLocaleInfoA
MulDiv
lstrcpyA
GlobalUnlock
GlobalFree
GetCommandLineA
_lread
GlobalLock

user32

wsprintfA
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenu
LoadStringA
LoadAcceleratorsA
GetSystemMenu
RegisterWindowMessageA
SetWindowLongA
CreateWindowExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
UpdateWindow
CharPrevA
GetClientRect
PeekMessageA
SetDlgItemTextA
TabbedTextOutA
CreateDialogParamA
EnableWindow
GetWindowTextA
SendDlgItemMessageA
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
GetDlgItemTextA
GetSubMenu
CheckMenuItem
CharNextA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
PostQuitMessage
IsIconic
DestroyWindow
MessageBeep
MessageBoxA
DefWindowProcA
EnableMenuItem
GetLastActivePopup
ShowWindow
EndDialog
SetForegroundWindow
WinHelpA
LoadIconA
GetDC
ReleaseDC
SetCursor
SendMessageA
GetFocus
PostMessageA
SetFocus
InvalidateRect
MoveWindow
DispatchMessageA
GetMessageA
SetWindowTextA

gdi32

GetStockObject
GetObjectA
GetDeviceCaps
SelectObject
DeleteObject
AbortDoc
EndDoc
DeleteDC
StartPage
StartDocA
EndPage
GetTextExtentPointA
CreateFontA
SetAbortProc
SetBkMode
SetMapMode
GetTextMetricsA
SetWindowExtEx
SetViewportExtEx
LPtoDP
CreateDCA
GetTextCharset
CreateFontIndirectA

comdlg32

GetOpenFileNameA
ChooseFontA
FindTextA
PageSetupDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Driller/Win32.Driller.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Eva.4096.a/Win32.Eva.4096.a.exe
.exe windows:1 windows x86 arch:x86

f910010b28dd3b6a795c8a5fdadfba00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
CloseHandle
CreateFileMappingA
CreateProcessA
CreateFileA
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetCurrentDirectoryA
GetLastError
DeleteFileA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetSystemTime
GetVersion
GetWindowsDirectoryA
MapViewOfFile
SetEndOfFile
SetFileAttributesA
SetFilePointer
UnmapViewOfFile
WaitForSingleObject
GetModuleFileNameA

user32

MessageBoxA

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Evol.b/Win32.Evol.b.exe
.exe windows:1 windows x86 arch:x86

b9791ad4e7e5f4d7cd2c351b43f0355e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

ExitWindowsEx

Sections

CODE
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Evyl.b/Win32.Evyl.b.exe
.exe windows:1 windows x86 arch:x86

0353e045e70830ecec7673dc1284a5b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
LoadLibraryA
GetProcAddress

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.FunLove.4070/Win32.FunLove.4070.exe
.exe windows:4 windows x86 arch:x86

a7d12d8817abd7d18f0906fff0804219

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep

Sections

.code
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.HIV.6680/Win32.HIV.6680.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.HLLP.Xinfect.a/Win32.HLLP.Xinfect.a.exe
.exe windows:4 windows x86 arch:x86

75dd6de60c2e963dbc5c0ba2fa50b0cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaLenBstr
__vbaFreeVarList
__vbaPut3
__vbaEnd
_adj_fdiv_m64
__vbaPut4
_adj_fprem1
ord518
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaExitProc
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
_CIsin
ord525
ord632
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
__vbaStrCmp
ord529
__vbaGet4
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaI2Var
ord645
_CIlog
__vbaFileOpen
ord648
__vbaNew2
ord570
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaFpI4
_CIatan
__vbaStrMove
ord619
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 754B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win32.HLLW.Randir/Win32.HLLW.Randir.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Henky/Win32.Henky.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Heretic.1986/Win32.Heretic.1986.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Hortiga.4938/Win32.Hortiga.4938.exe
.exe windows:4 windows x86 arch:x86

9dbba086331830480c1d1c98f631bb6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
gethostbyname
WSACleanup
htons
socket
WSAGetLastError
inet_addr
connect
recv
send
closesocket

kernel32

FreeEnvironmentStringsW
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
LoadLibraryA
GetProcAddress
IsBadWritePtr
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
RtlUnwind
GetLastError
CloseHandle
WriteFile
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
UnhandledExceptionFilter
GetModuleFileNameA
GetOEMCP
VirtualAlloc
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
FlushFileBuffers
HeapAlloc
HeapReAlloc
HeapSize
SetStdHandle
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP

Sections

.text
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.IKX/Win32.IKX.exe
.exe windows:1 windows x86 arch:x86

3853b95271ac6e25be4a95c000364966

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
CreateFileMappingA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetFileSize
MapViewOfFile
SetEndOfFile
UnmapViewOfFile
CloseHandle

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Idele.2108/Win32.Idele.2108.exe
.exe windows:1 windows x86 arch:x86

3052f7282883dfbc39d263fe448486fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
GetProcAddress
Sleep
GetModuleHandleA

user32

MessageBoxA

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Idyll.1556/Win32.Idyll.1556.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Infinite.1661/Win32.Infinite.1661.exe
.exe windows:1 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

infinite
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Inrar.a/Win32.Inrar.a.exe
.exe windows:1 windows x86 arch:x86

f363bad1db0d10325632d78ed0f7bfab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
CloseHandle
CreateProcessA
ExitProcess
FindClose
CreateFileMappingA
FindNextFileA
GetCommandLineA
GetFileSize
GetModuleHandleA
MapViewOfFile
UnmapViewOfFile
FindFirstFileA

user32

MessageBoxA

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Intar.1854/Win32.Intar.1854.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Intar.1920/Win32.Intar.1920.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Intar.1992/Win32.Intar.1992.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Kenston.1895/Win32.Kenston.1895.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Kriz.4029/Win32.Kriz.4029.exe
.exe windows:1 windows x86 arch:x86

3930adf2dc2be99f7e30eecd9fd88363

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFileAttributesA
ExitProcess

user32

MessageBoxA

msvfw32

ICSendMessage

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Levi.3236/Win32.Levi.3236.exe
.exe windows:1 windows x86 arch:x86

b22985b2d0b3d6b542521392d632a2a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetModuleHandleW
ExitProcess

Sections

CODE
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Magic.1590/Win32.Magic.1590.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Magic.7045.a/Win32.Magic.7045.a.exe
.exe windows:1 windows x86 arch:x86

61b6e2839c3e6fa6d64adec85cb7779d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
CloseHandle
CreateFileMappingA
CreateProcessA
DeleteFileA
CreateFileA
FindFirstFileA
FindNextFileA
FlushViewOfFile
GetCommandLineA
GetCurrentDirectoryA
GetExitCodeProcess
GetFileSize
ExitProcess
GetProcAddress
GetStartupInfoA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
MapViewOfFile
ReadFile
SetCurrentDirectoryA
SetFileAttributesA
SetFileTime
Sleep
UnmapViewOfFile
lstrcpyA
GetModuleHandleA

user32

MessageBoxA

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Matrix.Ordy.a/Win32.Matrix.Ordy.a.exe
.exe windows:1 windows x86 arch:x86

61ab995b60288747415efc1664641b8f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CloseHandle
ExitProcess
CreateFileA
GlobalAlloc
GlobalFree
WriteFile
lstrlenA
GetModuleHandleA

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Maya.4113/Win32.Maya.4113.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Maya.4153.a/Win32.Maya.4153.a.exe
.exe windows:1 windows x86 arch:x86

cb3fd5251ba1a9338893c0890811dc26

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Mental.10000/Win32.Mental.10000.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Parvo/Win32.Parvo.exe
.exe windows:5 windows x86 arch:x86

66a69d44eac2481ea84f2933a3abae7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
ExitThread
GetModuleHandleA
GetStartupInfoA
SetErrorMode
GetCommandLineA
lstrlenW
MultiByteToWideChar
CreateEventA
GetCurrentThreadId
lstrcatA
lstrlenA
lstrcmpiA
FreeLibrary
GetVersionExA
CloseHandle
WaitForSingleObject
LocalFree
LocalAlloc
RtlUnwind
LoadLibraryA

user32

GetForegroundWindow
CreateMenu
RegisterClassA
DefWindowProcA
DispatchMessageA
ShowWindow
CreateWindowExA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
GetShellWindow
GetClassNameA
wsprintfA
TranslateMessage
DestroyWindow

shlwapi

SHRegGetBoolUSValueA
SHGetValueA
StrStrIA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Qozah.3365/Win32.Qozah.3365.exe
.exe windows:1 windows x86 arch:x86

f63169026f7872e3de171c9f1c90f179

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress

user32

MessageBoxA

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.RainSong.3891/Win32.RainSong.3891.exe
.exe windows:4 windows x86 arch:x86

62cf9425408854bd87e995a446c180b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
DragAcceptFiles
ShellAboutA
SHGetSpecialFolderPathA
DragQueryFileA
DragFinish

kernel32

DeleteFileA
_lcreat
_lopen
_lwrite
LocalUnlock
_llseek
LocalFree
LocalAlloc
_lclose
GlobalAlloc
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpiA
GetStartupInfoA
GetModuleHandleA
ExitProcess
lstrcpynA
LocalLock
LocalReAlloc
GetProfileStringA
RtlMoveMemory
lstrlenA
FindClose
lstrcmpA
FindFirstFileA
CreateFileA
lstrcatA
GetLastError
GetLocaleInfoA
MulDiv
lstrcpyA
GlobalUnlock
GlobalFree
GetCommandLineA
_lread
GlobalLock

user32

wsprintfA
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenu
LoadStringA
LoadAcceleratorsA
GetSystemMenu
RegisterWindowMessageA
SetWindowLongA
CreateWindowExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
UpdateWindow
CharPrevA
GetClientRect
PeekMessageA
SetDlgItemTextA
TabbedTextOutA
CreateDialogParamA
EnableWindow
GetWindowTextA
SendDlgItemMessageA
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
GetDlgItemTextA
GetSubMenu
CheckMenuItem
CharNextA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
PostQuitMessage
IsIconic
DestroyWindow
MessageBeep
MessageBoxA
DefWindowProcA
EnableMenuItem
GetLastActivePopup
ShowWindow
EndDialog
SetForegroundWindow
WinHelpA
LoadIconA
GetDC
ReleaseDC
SetCursor
SendMessageA
GetFocus
PostMessageA
SetFocus
InvalidateRect
MoveWindow
DispatchMessageA
GetMessageA
SetWindowTextA

gdi32

GetStockObject
GetObjectA
GetDeviceCaps
SelectObject
DeleteObject
AbortDoc
EndDoc
DeleteDC
StartPage
StartDocA
EndPage
GetTextExtentPointA
CreateFontA
SetAbortProc
SetBkMode
SetMapMode
GetTextMetricsA
SetWindowExtEx
SetViewportExtEx
LPtoDP
CreateDCA
GetTextCharset
CreateFontIndirectA

comdlg32

GetOpenFileNameA
ChooseFontA
FindTextA
PageSetupDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.RainSong.3925.a/Win32.RainSong.3925.a.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Ramm.e/Win32.Ramm.e.exe
.exe windows:1 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

CODE
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Ramm.f/Win32.Ramm.f.exe
.exe windows:1 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

CODE
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Redemption.a/Win32.Redemption.a.exe
.exe windows:4 windows x86 arch:x86

ff95f0255324ffef7a80e4999663d9cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
UnmapViewOfFile
ExitProcess
GetLastError
CreateMutexA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
WriteFile
CloseHandle
GetFileSize
CreateFileA
GetTempPathA
GetLocalTime
GlobalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
lstrcatA
GlobalAlloc
GetCommandLineA
SetFileAttributesA
CopyFileA
MoveFileA
GetTempFileNameA
FindClose
FindNextFileA
DeleteFileA
lstrcpyA
FindFirstFileA
lstrlenA
MapViewOfFile
CreateFileMappingA
SetFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetDriveTypeA
Sleep
GetLogicalDriveStringsA
WriteProcessMemory
ReadProcessMemory
GetCurrentProcess
GetModuleHandleA

user32

MessageBoxA

Sections

.text
Size: 7KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win32.Redemption.b/Win32.Redemption.b.exe
.exe windows:4 windows x86 arch:x86

5bc3dafa39ee91a838e90cb7dfa6f8da

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
UnmapViewOfFile
ExitProcess
GetLastError
CreateMutexA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
WriteFile
CloseHandle
GetFileSize
CreateFileA
GetTempPathA
GetLocalTime
GlobalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
lstrcatA
GlobalAlloc
GetCommandLineA
SetFileAttributesA
CopyFileA
MoveFileA
GetTempFileNameA
FindClose
FindNextFileA
DeleteFileA
lstrcpyA
FindFirstFileA
lstrlenA
MapViewOfFile
CreateFileMappingA
SetFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetDriveTypeA
Sleep
GetLogicalDriveStringsA
WriteProcessMemory
ReadProcessMemory
GetCurrentProcess
GetModuleHandleA

Sections

.text
Size: 6KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win32.Refer.2939/Win32.Refer.2939.exe
.exe windows:1 windows x86 arch:x86

87bed5a7cba00c7e1f4015f1bdae2183

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vir32**
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Resur.a/Win32.Resur.a.exe
.exe windows:4 windows x86 arch:x86

2e4130b2e0fc12cd6f5a5e10bbd05139

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
SetFilePointer
ReadFile
GlobalFree
WriteFile
FindClose
FindNextFileA
CloseHandle
SetFileTime
GetFileTime
CreateFileA
FindFirstFileA
SetCurrentDirectoryA
GetDriveTypeA
GetLogicalDrives
FreeLibrary
ReleaseMutex
ResumeThread
SetThreadPriority
GetLastError
WaitForSingleObject
CreateMutexA
CreateThread
GetCommandLineA
GetProcAddress
ExitProcess
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
GlobalAlloc
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
TerminateProcess
GetStringTypeW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
GetStringTypeA

user32

MessageBoxA

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win32.Resur.d/Win32.Resur.d.exe
.exe windows:4 windows x86 arch:x86

74c29b9181c9337eac215d623f11ad08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_strdup
_strupr
free

kernel32

FindClose
GetTickCount
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
ExitProcess
GetProcAddress
GetCommandLineA
CreateThread
CreateMutexA
WaitForSingleObject
GetLastError
SetThreadPriority
ResumeThread
ReleaseMutex
FreeLibrary
GetLogicalDrives
GetDriveTypeA
GlobalAlloc
SetFilePointer
ReadFile
GlobalFree
WriteFile
SetCurrentDirectoryA
FindNextFileA
CloseHandle
SetFileTime
GetFileTime
CreateFileA
FindFirstFileA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 526B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win32.Ruff.4859/Win32.Ruff.4859.exe
.exe windows:1 windows x86 arch:x86

d39583d6e70d96e610e7a9539e9e0c6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLastError
ExitProcess

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Sadon.900/Win32.Sadon.900.exe
.exe windows:1 windows x86 arch:x86

1f655d4d639548a0f9cb461cb9328f3b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

ExitProcess

msvfw32

ICSendMessage

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Sentinel/Win32.Sentinel.exe
.exe windows:1 windows x86 arch:x86

7d49c8fab8085ebace6003a0590592ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

wsock32

connect
gethostname
closesocket
send
WSAGetLastError
WSAStartup
htons
inet_addr
recv
WSACleanup
socket
gethostbyname

msvfw32

ICSendMessage

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Silcer/Win32.Silcer.exe
.exe windows:1 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Slow.8192/Win32.Slow.8192.exe
.exe windows:1 windows x86 arch:x86

cc31c1f833fef93babaee579a9cf343b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersion
ExitProcess
DeleteFileA
CloseHandle
CreateProcessA
FindNextFileA
GetCommandLineA
GetFileSize
GetProcessVersion
CreateFileA
FindFirstFileA
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
ReadFile
SetFilePointer
WriteFile
GetSystemTime

user32

SendMessageA
PostMessageA
EnumWindows

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Stupid.b/Win32.Stupid.b.exe
.exe windows:4 windows x86 arch:x86

3d936d7f764adc8e91ea8d6adf54a48c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm50

__vbaVarSub
__vbaVarTstGt
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaLenBstr
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
ord621
_adj_fprem1
__vbaVarCmpNe
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaAryDestruct
__vbaVarCmpGe
__vbaVarForInit
__vbaExitProc
ord593
ord594
__vbaOnError
ord595
_adj_fdiv_m16i
_adj_fdivr_m16i
__vbaBoolVarNull
_CIsin
ord631
ord632
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
ord528
__vbaStrCmp
ord529
__vbaVarTstEq
DllFunctionCall
__vbaVarOr
__vbaAryConstruct
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaVarMul
__vbaExceptHandler
__vbaStrToUnicode
__vbaPrintFile
ord606
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaInStrVar
__vbaStrVarVal
__vbaVarCat
__vbaI2Var
ord537
ord645
_CIlog
__vbaFileOpen
__vbaNew2
__vbaInStr
ord571
__vbaVarInt
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaFreeStrList
ord576
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarTstNe
__vbaI4Var
__vbaVarCmpEq
__vbaVarAdd
__vbaStrToAnsi
__vbaVarDup
__vbaVarCopy
__vbaFpI4
ord617
_CIatan
__vbaStrMove
__vbaStrVarCopy
ord542
_allmul
ord544
_CItan
ord546
__vbaFPInt
ord547
__vbaVarForNext
_CIexp
__vbaFreeObj
__vbaFreeStr
ord580

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win32.Tapan.3882/Win32.Tapan.3882.exe
.exe windows:1 windows x86 arch:x86

809485b0d4692ce11b03b41181feae8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
ExitProcess
CreateFileMappingA
CreateFileW
CloseHandle
CreateProcessW
CreateThread
DebugActiveProcess
DeleteFileA
DeviceIoControl
CreateFileA
FindFirstFileA
FindNextFileA
FlushViewOfFile
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcessId
GetCurrentThread
GetDriveTypeA
GetExitCodeProcess
GetFileSize
GetLastError
GetModuleHandleA
CreateProcessA
GetStartupInfoA
GetSystemTime
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryA
MapViewOfFile
MoveFileExA
OpenProcess
ReadFile
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
SuspendThread
UnmapViewOfFile
VirtualProtectEx
WriteFile
WritePrivateProfileStringA
WriteProcessMemory
lstrcpyA
GetProcAddress

user32

MessageBoxA
MessageBeep

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.TeddyBear/Win32.TeddyBear.exe
.exe windows:4 windows x86 arch:x86

fe2e178bd9cda33eac9b4aa869831c77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
CreateFileA
ExitProcess
GetFileSize
GetModuleHandleA
GetProcAddress
GetWindowsDirectoryA
CloseHandle
LocalFree
ReadFile
lstrcpyA
lstrcpynA
lstrlenA

Sections

.text
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 358B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Vampiro/Win32.Vampiro.exe
.exe windows:1 windows x86 arch:x86

ba90ab5b7e79d60fdbe075d52b9e6862

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 512B - Virtual size: 163B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Vulcano/Win32.Vulcano.exe
.exe windows:1 windows x86 arch:x86

2eda502d39734c2a70c5e0d029966397

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
ExitProcess

Sections

CODE
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.Weird.10240/Win32.Weird.10240.exe
.exe windows:1 windows x86 arch:x86

1a9b95adc3eac17e29b3118bdc0025a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
FindWindowA
GetMessageA
PostQuitMessage
RegisterClassA
RegisterClassExA
SendMessageA
ShowWindow
TranslateMessage
wsprintfA

wsock32

recv
WSAGetLastError
send
accept
listen
bind
htons
closesocket
WSAAsyncSelect
socket
WSAStartup
WSACleanup

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateFileMappingA
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FlushViewOfFile
GetCommandLineA
GetComputerNameA
GetDriveTypeA
GetFileAttributesA
GetFileSize
GetFileTime
GetLastError
GetLogicalDrives
GetModuleHandleA
GetProcAddress
GetTempFileNameA
GetTempPathA
GetTickCount
GetWindowsDirectoryA
IsBadCodePtr
MapViewOfFile
ReadFile
SetEndOfFile
SetFileAttributesA
SetFilePointer
SetFileTime
Sleep
UnmapViewOfFile
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpiA

Sections

AUTO
Size: 6KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.Younga.2384.a/Win32.Younga.2384.a.exe
.exe windows:4 windows x86 arch:x86

5a8eacdd4e537bb15273b7401755664c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

DeleteObject
ExtFloodFill
GetPixel
DeleteDC
GetStockObject
SelectObject
CreatePen
LineTo
MoveToEx
CreateSolidBrush
CreateCompatibleDC

user32

LoadIconA
PostQuitMessage
ShowWindow
TranslateMessage
UpdateWindow
GetDC
GetParent
GetWindowRect
ReleaseDC
ScreenToClient
MessageBoxA
LoadMenuA
SetMenu
LoadCursorA
LoadBitmapA
GetWindowTextA
GetSystemMetrics
GetSysColor
GetMessageA
EndPaint
DispatchMessageA
DefWindowProcA
CreateWindowExA
BeginPaint
RegisterClassExA
SendMessageA
SetWindowTextA

kernel32

GetModuleHandleA
GetFileSize
lstrcatA
WriteFile
ReadFile
CreateFileA
GetCommandLineA
ExitProcess
CreateThread
CloseHandle

comctl32

ord17

comdlg32

GetSaveFileNameA
GetOpenFileNameA

shell32

ShellAboutA

oleaut32

SysFreeString
SysAllocStringByteLen

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win32.ZHymn.Host/Win32.ZHymn.Host.exe
.exe windows:4 windows x86 arch:x86

80aa5fac8f8ef3ebd3ee8d34d3392693

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

cc3250

@_InitTermAndUnexPtrs$qv
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
__argc
__argv
__argv_default_expand
__assert
__exitargv
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__matherr
__matherrl
__setargv
__startup
__streams
__wargv_default_expand
_access
_calloc
_exit
_fclose
_fflush
_filelength
_findfirst
_findnext
_fopen
_fread
_memcpy
_printf
_stricmp

kernel32

GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
HeapFree

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win32.ZPerm.b/Win32.ZPerm.b.exe
.exe windows:1 windows x86 arch:x86

8462b60f6dff3170e8e893be76732af3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 512B - Virtual size: 171B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.Arianne.1022.a/Win95.Arianne.1022.a.exe
.exe windows:4 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

.text
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 41B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t00fic
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Babylonia.11036/Win95.Babylonia.11036.exe
.exe windows:3 windows x86 arch:x86

56c9295b7d3fcfd15f3fc19e554542e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wsock32

ioctlsocket
WSAStartup
gethostbyname
htonl
ord1100
ord1101
inet_addr

crtdll

_stricmp
_strupr
free
malloc
sprintf
toupper
time
_iob
exit
_exit
_XcptFilter
_initterm
__GetMainArgs
_commode_dll
_fmode_dll
_global_unwind2
_local_unwind2
fprintf

advapi32

RegEnumValueA
RegDeleteValueA
RegSetValueExA
RegOpenKeyA

kernel32

LoadLibraryA
HeapFree
FormatMessageA
GetVersion
GetLastError
CloseHandle
LocalFree
GetProcAddress
GetProcessHeap
HeapAlloc

user32

CharToOemA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Babylonia.11036/Win95.Babylonia.11036.hlp
viry/Win95.Begemot/Win95.Begemot.exe
.exe windows:1 windows x86 arch:x86

28093ee67205f92baec44ff062cc3173

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
GetStdHandle
PeekConsoleInputA
ReadConsoleInputA
SetConsoleCursorInfo
SetConsoleTitleA
WriteConsoleA
AllocConsole

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Bonk.1243/Win95.Bonk.1243.exe
.exe windows:1 windows x86 arch:x86

85b4f800b137f5a96ba3ddaf09fdd13d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

ShowWindow
UpdateWindow
TranslateMessage
BeginPaint
CreateWindowExA
DefWindowProcA
DispatchMessageA
EndPaint
FindWindowA
GetMessageA
InvalidateRect
LoadCursorA
LoadIconA
MessageBeep
MessageBoxA
PostQuitMessage
RegisterClassA
SetWindowPos

kernel32

GetModuleHandleA
ExitProcess

gdi32

GetStockObject
TextOutA

Exports

Exports

WndProc

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Boza.c.(intended)/Win95.Boza.c.(intended).exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

WndProc

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.icode
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vlad
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.CIH-Killer.1373/Win95.CIH-Killer.1373.exe
.exe windows:1 windows x86 arch:x86

e884b31e8e607b0f2c8df90f116983fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1003.b/Win95.CIH.1003.b.exe
.exe windows:1 windows x86 arch:x86

8462b60f6dff3170e8e893be76732af3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1019.c/Win95.CIH.1019.c.exe
.exe windows:1 windows x86 arch:x86

8462b60f6dff3170e8e893be76732af3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA

shell32

ShellExecuteA

Sections

��P t
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1024/Win95.CIH.1024.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1026/Win95.CIH.1026.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1035/Win95.CIH.1035.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1040/Win95.CIH.1040.exe
.exe windows:4 windows x86 arch:x86

4a05f8d52f92041c02d1ecf688d7e1f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
lstrlenA
lstrcmpA
GlobalLock
GlobalSize
GetProcAddress
GetCurrentThreadId
FormatMessageA
WideCharToMultiByte
MultiByteToWideChar
GlobalDeleteAtom
GlobalAddAtomA
SetErrorMode
GetFileAttributesA
GlobalGetAtomNameW
GetTickCount
CreateProcessA
Sleep
CreateEventA
GetVersionExA
FreeLibrary
MulDiv
RtlZeroMemory
GetLocaleInfoA
RtlMoveMemory
LocalReAlloc
GetPrivateProfileStringA
WaitForSingleObject
ExitThread
lstrcmpiA
GetProfileStringA
SetEvent
GetProfileIntA
CreateThread
CloseHandle
GetWindowsDirectoryA
LoadLibraryA
ExitProcess
lstrcpynA
SearchPathA
GetDriveTypeA
lstrcatA
GlobalUnlock
GlobalFree
LocalFree
LocalAlloc
GetStdHandle
GetOEMCP
GetACP
GetModuleFileNameA
UnhandledExceptionFilter
RtlUnwind
GetLastError
VirtualAlloc
VirtualFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetVersion
GetCommandLineA
GetEnvironmentStrings
GetStartupInfoA
GetModuleHandleA
GetFileType
TlsSetValue
TlsAlloc
TlsGetValue
lstrcpyA
GetCPInfo

user32

SystemParametersInfoA
FindWindowA
SetForegroundWindow
SetRectEmpty
SetMenu
CharLowerBuffA
SetMenuItemInfoA
GetMenuItemInfoA
InsertMenuA
DeleteMenu
GetWindowPlacement
DestroyMenu
CreateMenu
RemoveMenu
GetMenuItemCount
GetDesktopWindow
CheckMenuItem
EqualRect
FrameRect
DrawIcon
DrawTextA
UnhookWindowsHook
TranslateMessage
TranslateAcceleratorA
GetMessageA
SetWindowsHookA
IsWindowEnabled
RedrawWindow
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
LoadImageA
IsZoomed
GetMenuState
PostQuitMessage
DestroyIcon
RegisterClipboardFormatA
GetClassNameA
ShowCursor
GetAsyncKeyState
GetKeyState
UpdateWindow
PeekMessageA
MsgWaitForMultipleObjects
GetWindow
DestroyWindow
CreateWindowExA
DrawMenuBar
OffsetRect
MapWindowPoints
GetDlgItemTextA
SetDlgItemTextA
SendDlgItemMessageA
CheckDlgButton
EnableWindow
GetDlgCtrlID
WinHelpA
LoadStringA
SetWindowTextA
EndDialog
GetFocus
IsDlgButtonChecked
GetDlgItem
SetFocus
CheckRadioButton
SetDlgItemInt
GetDlgItemInt
MessageBeep
DialogBoxParamA
GetWindowTextA
SetWindowLongA
CallWindowProcA
PostMessageA
wsprintfA
LoadCursorA
RegisterClassA
DefWindowProcA
BeginPaint
GetClientRect
GetSysColor
FillRect
EndPaint
SetCapture
GetParent
GetWindowRect
CopyRect
ReleaseCapture
KillTimer
GetDC
ScreenToClient
InvertRect
LoadIconA
GetSubMenu
LoadAcceleratorsA
CopyAcceleratorTableA
InflateRect
IntersectRect
MoveWindow
InvalidateRect
IsCharAlphaNumericA
IsCharAlphaA
GetDialogBaseUnits
CharPrevA
GetWindowThreadProcessId
wvsprintfA
ClientToScreen
ReleaseDC
ValidateRect
GetWindowLongA
SendMessageA
SetTimer
GetMessagePos
PtInRect
MessageBoxA
GetMenu
EnableMenuItem
IsWindowVisible
GetActiveWindow
IsRectEmpty
GetSystemMetrics
SetRect
AdjustWindowRect
ShowWindow
BringWindowToTop
SetActiveWindow
IsIconic
SetCursor
SetParent
SetWindowPos
IsWindow
ModifyMenuA
LoadMenuA
DispatchMessageA

gdi32

Polygon
SetWindowExtEx
SetWindowOrgEx
SetViewportExtEx
SetViewportOrgEx
SetMapMode
SetTextColor
SelectObject
GetStockObject
DeleteObject
CreateSolidBrush
CreatePatternBrush
CreateBitmap
GetTextExtentPoint32A
GetDeviceCaps
GetObjectA
SelectPalette
CreateFontIndirectA
SetROP2
SetBkMode
Rectangle
GetBkMode
GetROP2
CreatePen
DeleteDC
StretchBlt
CreateCompatibleDC
TextOutA
PatBlt
CreateCompatibleBitmap
RestoreDC
ExcludeClipRect
SaveDC
CreatePalette
GetPaletteEntries
DeleteMetaFile
CloseMetaFile
StretchDIBits
SetStretchBltMode
RealizePalette
CreateMetaFileA
MoveToEx
LineTo
GetSystemPaletteEntries
GetSystemPaletteUse
SetBkColor
GetDIBits

comctl32

ord17
ord6
CreateToolbarEx

shell32

ShellAboutA
ExtractIconA
DragQueryFileA
DragFinish
SHGetFileInfoA
DragAcceptFiles

winmm

OpenDriver
CloseDriver
mciSendStringA
mciSendCommandA
sndPlaySoundA
mciGetErrorStringA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA

Sections

��t
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1042/Win95.CIH.1042.exe
.exe windows:4 windows x86 arch:x86

4e0988a29e00758ffcdd27532945ab1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

DragFinish
ShellAboutA
ShellExecuteA
DragAcceptFiles
SHGetSpecialFolderPathA
DragQueryFileA

kernel32

_lwrite
DeleteFileA
_lclose
_lopen
LocalUnlock
_lcreat
_llseek
LocalReAlloc
LocalAlloc
LocalLock
GlobalAlloc
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpiA
GetStartupInfoA
GetModuleHandleA
ExitProcess
lstrlenA
lstrcpynA
RtlMoveMemory
lstrcmpA
IsDBCSLeadByte
GetProfileStringA
lstrcatA
FindFirstFileA
FindClose
MulDiv
GetLastError
CreateFileA
GlobalFree
lstrcpyA
GetLocaleInfoA
LocalFree
GetCommandLineA
GlobalUnlock
_lread
GlobalLock

user32

wsprintfA
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenu
LoadStringA
LoadAcceleratorsA
GetSystemMenu
RegisterWindowMessageA
SetWindowLongA
CreateWindowExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
UpdateWindow
CharPrevA
GetClientRect
PeekMessageA
SetDlgItemTextA
TabbedTextOutA
CreateDialogParamA
EnableWindow
GetWindowTextA
SendDlgItemMessageA
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
GetDlgItemTextA
GetSubMenu
CheckMenuItem
SetWindowTextA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetMessageA
DestroyWindow
MessageBeep
MessageBoxA
DefWindowProcA
EnableMenuItem
GetLastActivePopup
ShowWindow
EndDialog
SetForegroundWindow
WinHelpA
LoadIconA
GetDC
ReleaseDC
SetCursor
SendMessageA
GetFocus
PostMessageA
SetFocus
InvalidateRect
MoveWindow
CharNextA
IsIconic
PostQuitMessage
TranslateAcceleratorA

gdi32

GetObjectA
GetDeviceCaps
CreateFontIndirectA
SelectObject
AbortDoc
EndDoc
DeleteDC
StartPage
StartDocA
EndPage
GetTextExtentPointA
CreateFontA
SetAbortProc
SetBkMode
SetMapMode
GetTextMetricsA
SetWindowExtEx
SetViewportExtEx
LPtoDP
CreateDCA
GetTextCharset
DeleteObject
GetStockObject

comdlg32

GetOpenFileNameA
ChooseFontA
FindTextA
PageSetupDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

advapi32

RegQueryValueExA
RegCloseKey
RegSetValueExA
RegOpenKeyA
RegCreateKeyA

Sections

��t
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1129/Win95.CIH.1129.exe
viry/Win95.CIH.1230/Win95.CIH.1230.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1262/Win95.CIH.1262.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.1363/Win95.CIH.1363.exe
.exe windows:1 windows x86 arch:x86

9a6eb1696d2af8df0f91d695f9f57243

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellAboutA

kernel32

GlobalUnlock
GlobalAlloc
GlobalReAlloc
GlobalSize
GlobalCompact
GlobalFree
GlobalLock
lstrlenA
lstrcatA
WriteProfileStringA
GetModuleHandleA
GetStartupInfoA
GetEnvironmentStrings
GetCommandLineA
Sleep
lstrcmpA
GetProfileStringA
UnhandledExceptionFilter
GetModuleFileNameA
GetACP
GetOEMCP
GetCPInfo
GetStdHandle
GetFileType
VirtualFree
VirtualAlloc
RaiseException
MultiByteToWideChar
WideCharToMultiByte
GetProcAddress
GetLastError
LocalAlloc
LocalReAlloc
lstrcpyA
GetProfileIntA
GetTickCount
LocalFree
GetVersion
ExitProcess
RtlUnwind

user32

WinHelpA
GetDC
GetWindowRect
CreateDialogParamA
CheckRadioButton
LoadStringA
RegisterClassExA
GetSysColorBrush
LoadCursorA
LoadIconA
SetDlgItemTextA
GetDlgItem
FillRect
SetRect
CheckMenuItem
GetSubMenu
GetMenu
SetWindowPos
MapDialogRect
InvalidateRect
SetFocus
IsIconic
GetSysColor
DestroyMenu
TrackPopupMenuEx
LoadMenuA
ReleaseCapture
SetCapture
GetDlgCtrlID
EnableMenuItem
IsClipboardFormatAvailable
ReleaseDC
ScreenToClient
DestroyWindow
PostQuitMessage
DefWindowProcA
MessageBeep
GetWindowTextA
DrawFrameControl
GetClientRect
ShowCursor
SetCursor
EndPaint
DrawEdge
BeginPaint
CloseClipboard
CharUpperA
GetClipboardData
OpenClipboard
SetWindowTextA
EnableWindow
CheckDlgButton
ShowWindow
UpdateWindow
CreateWindowExA
SendMessageA
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
IsDialogMessageA
DispatchMessageA
MessageBoxA

gdi32

GetStockObject
GetDeviceCaps
GetTextMetricsA
SetTextColor
SetBkColor
TextOutA
GetTextExtentPointA
SetBkMode
SelectObject
DeleteObject

Sections

��t
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.973/Win95.CIH.973.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
viry/Win95.CIH.src/Win95.CIH.src.exe
.exe windows:1 windows x86 arch:x86

65938269d07443b12a024cc2f33c0514

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

CloseHandle
CompareStringA
CreateEventA
CreateFileA
CreateThread
DeleteCriticalSection
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
FindResourceA
FormatMessageA
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetEnvironmentStrings
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetThreadLocale
GetVersion
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalLock
GlobalReAlloc
GlobalUnlock
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LocalAlloc
LocalFree
LockResource
MulDiv
MultiByteToWideChar
RaiseException
ReadFile
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetErrorMode
SetEvent
SetFilePointer
SetHandleCount
SetThreadLocale
SizeofResource
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcpyA
lstrlenA
GlobalHandle

comctl32

ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_GetDragImage
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage

gdi32

BitBlt
CreateBitmap
CreateBrushIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBitmap
CreateFontIndirectA
CreatePalette
CreatePenIndirect
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
EnumFontFamiliesExA
EnumFontsA
ExcludeClipRect
GetBitmapBits
GetCurrentPositionEx
GetDIBits
GetDeviceCaps
GetObjectA
GetStockObject
GetSystemPaletteEntries
GetTextExtentPointA
GetTextMetricsA
GetWindowOrgEx
IntersectClipRect
MoveToEx
RealizePalette
RectVisible
RestoreDC
SaveDC
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetROP2
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
StretchBlt
UnrealizeObject

user32

ActivateKeyboardLayout
AdjustWindowRectEx
BeginPaint
CallNextHookEx
CallWindowProcA
CharLowerA
CheckMenuItem
ClientToScreen
CreateIcon
CreateMenu
CreatePopupMenu
CreateWindowExA
DefFrameProcA
DefMDIChildProcA
DefWindowProcA
DeleteMenu
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageA
DrawEdge
DrawIcon
DrawMenuBar
DrawTextA
EnableMenuItem
EnableWindow
EndPaint
EnumThreadWindows
EnumWindows
EqualRect
FillRect
FrameRect
GetActiveWindow
GetCapture
GetClassInfoA
GetClientRect
GetCursor
GetCursorPos
GetDC
GetDCEx
GetDesktopWindow
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyNameTextA
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardType
GetLastActivePopup
GetMenu
GetMenuItemCount
GetMenuState
GetMenuStringA
GetParent
GetPropA
GetScrollPos
GetSubMenu
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindow
GetWindowDC
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextA
InflateRect
InsertMenuA
InsertMenuItemA
IntersectRect
InvalidateRect
IsDialogMessageA
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorA
LoadIconA
LoadStringA
MapVirtualKeyA
MessageBoxA
OemToCharA
OffsetRect
PeekMessageA
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
ReleaseCapture
ReleaseDC
RemoveMenu
RemovePropA
ScreenToClient
ScrollWindow
SendMessageA
SetActiveWindow
SetCapture
SetCursor
SetFocus
SetForegroundWindow
SetMenu
SetPropA
SetRect
SetScrollInfo
SetScrollPos
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextA
SetWindowsHookExA
ShowCursor
ShowOwnedPopups
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMDISysAccel
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
WaitMessage
WinHelpA
WindowFromPoint

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringLen
VariantChangeTypeEx
VariantClear
VariantCopyInd

Exports

Exports

@@Unit1@Finalize
@@Unit1@Initialize
@Classes@TComponent@UpdateRegistry$qqr4boolx17System@AnsiStringxt2
@Forms@TForm@$bctr$qqrp18Classes@TComponent
@Forms@TForm@$bdtr$qqrv
@System@%DelphiInterface$t14Forms@IOleForm%@$bdtr$qqrv
@System@%DelphiInterface$t8IUnknown%@$bdtr$qqrv
@Sysutils@Exception@$bdtr$qqrv
_Form1
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 201KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.CIH/Win95.CIH.exe
.exe windows:1 windows x86 arch:x86

8462b60f6dff3170e8e893be76732af3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA

shell32

ShellExecuteA

Sections

��P t
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.Companion/Win95.Companion.exe
.exe windows:1 windows x86 arch:x86

dbc8637103a89c1f6ff4ff4dd75516f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CopyFileA
ExitProcess
DeleteFileA
FindNextFileA
GetCommandLineA
WinExec
lstrcpyA
FindFirstFileA

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Darkmil.5090/Win95.Darkmil.5090.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Evil.962/Win95.Evil.962.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.icode
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Filth.1030/Win95.Filth.1030.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Fono.15327/Win95.Fono.15327.com
viry/Win95.Fono.15327/Win95.Fono.15327.exe
.exe windows:1 windows x86 arch:x86

85b4f800b137f5a96ba3ddaf09fdd13d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

ShowWindow
UpdateWindow
TranslateMessage
BeginPaint
CreateWindowExA
DefWindowProcA
DispatchMessageA
EndPaint
FindWindowA
GetMessageA
InvalidateRect
LoadCursorA
LoadIconA
MessageBeep
MessageBoxA
PostQuitMessage
RegisterClassA
SetWindowPos

kernel32

GetModuleHandleA
ExitProcess

gdi32

GetStockObject
TextOutA

Exports

Exports

WndProc

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

HEGJFD
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Fono.15327/Win95.Fono.15327.vxd
viry/Win95.Fraz.993/Win95.Fraz.993.exe
.exe windows:1 windows x86 arch:x86

f06eccdaf486e931cb8ffffb3d13f50a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

GetModuleHandleA
ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.HPS.5124/Win95.HPS.5124.exe
.exe windows:4 windows x86 arch:x86

f0482508f3224f312f2d6f21fc9e55c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetCPInfo
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LoadLibraryA
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapFree
HeapAlloc
VirtualAlloc
GetProcAddress

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 26KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.I13.c/Win95.I13.c.exe
.exe windows:1 windows x86 arch:x86

1645ab5844541803487327c2fde43e4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

FindFirstFileA
GetSystemTime
CopyFileA
GlobalAlloc
GetCommandLineA
ExitProcess
CreateProcessA
GlobalLock
FindNextFileA
GlobalUnlock
MoveFileA
SetCurrentDirectoryA
lstrcpyA
GetCurrentDirectoryA

user32

CloseClipboard
SetClipboardData
OpenClipboard
MessageBoxA
ExitWindowsEx
EmptyClipboard

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Iced.1617/Win95.Iced.1617.exe
.exe windows:1 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Invir.7051/Win95.Invir.7051.exe
.exe windows:4 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

Sections

.text
Size: 512B - Virtual size: 14B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 15B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Jacky.1440/Win95.Jacky.1440.exe
.exe windows:1 windows x86 arch:x86

105732f0c6968ac8bea2b4476eda4263

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

GetProcAddress
GetModuleHandleA
ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.K32.3030/Win95.K32.3030.exe
.exe windows:1 windows x86 arch:x86

760e89ce6fa2c35320c305fdf803c7c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
CreateProcessA

user32

MessageBoxA

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Lizard.1967/Win95.Lizard.1967.exe
viry/Win95.Lizard.1967/Win95.Lizard.1967.vxd
viry/Win95.Lizard.2381/Win95.Lizard.2381.exe
viry/Win95.Lizard.2381/Win95.Lizard.2381.vxd
viry/Win95.Lizard.2869/Win95.Lizard.2869.386
viry/Win95.Lorez.1766/Win95.Lorez.1766.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Lud.Hill.401/Win95.Lud.Hill.401.exe
.exe windows:1 windows x86 arch:x86

947b2789f5efa4aad7be65826d4326ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

UpdateWindow
TranslateMessage
BeginPaint
CreateWindowExA
DefWindowProcA
DispatchMessageA
EndPaint
GetMessageA
LoadCursorA
LoadIconA
MessageBeep
PostQuitMessage
RegisterClassA
ShowWindow

kernel32

ExitProcess
GetModuleHandleA

gdi32

TextOutA

Exports

Exports

WndProc

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Lud.Jez.676/Win95.Lud.Jez.676.exe
.exe windows:1 windows x86 arch:x86

947b2789f5efa4aad7be65826d4326ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

UpdateWindow
TranslateMessage
BeginPaint
CreateWindowExA
DefWindowProcA
DispatchMessageA
EndPaint
GetMessageA
LoadCursorA
LoadIconA
MessageBeep
PostQuitMessage
RegisterClassA
ShowWindow

kernel32

ExitProcess
GetModuleHandleA

gdi32

TextOutA

Exports

Exports

WndProc

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Marburg.b/Win95.Marburg.b.exe
.exe windows:4 windows x86 arch:x86

f0482508f3224f312f2d6f21fc9e55c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

GetCPInfo
WideCharToMultiByte
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LoadLibraryA
GetACP
GetOEMCP
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapFree
HeapAlloc
VirtualAlloc
GetProcAddress

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.MarkJ.826/Win95.MarkJ.826.exe
.exe windows:1 windows x86 arch:x86

ff12f389ff616c0053a83b0a8f5f3256

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
AddAtomA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.MrKlunky/Win95.MrKlunky.vxd
viry/Win95.Murkry.399/Win95.Murkry.399.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Noise.414/Win95.Noise.414.exe
.exe windows:4 windows x86 arch:x86

62cf9425408854bd87e995a446c180b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
DragAcceptFiles
ShellAboutA
SHGetSpecialFolderPathA
DragQueryFileA
DragFinish

kernel32

DeleteFileA
_lcreat
_lopen
_lwrite
LocalUnlock
_llseek
LocalFree
LocalAlloc
_lclose
GlobalAlloc
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpiA
GetStartupInfoA
GetModuleHandleA
ExitProcess
lstrcpynA
LocalLock
LocalReAlloc
GetProfileStringA
RtlMoveMemory
lstrlenA
FindClose
lstrcmpA
FindFirstFileA
CreateFileA
lstrcatA
GetLastError
GetLocaleInfoA
MulDiv
lstrcpyA
GlobalUnlock
GlobalFree
GetCommandLineA
_lread
GlobalLock

user32

wsprintfA
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenu
LoadStringA
LoadAcceleratorsA
GetSystemMenu
RegisterWindowMessageA
SetWindowLongA
CreateWindowExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
UpdateWindow
CharPrevA
GetClientRect
PeekMessageA
SetDlgItemTextA
TabbedTextOutA
CreateDialogParamA
EnableWindow
GetWindowTextA
SendDlgItemMessageA
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
GetDlgItemTextA
GetSubMenu
CheckMenuItem
CharNextA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
PostQuitMessage
IsIconic
DestroyWindow
MessageBeep
MessageBoxA
DefWindowProcA
EnableMenuItem
GetLastActivePopup
ShowWindow
EndDialog
SetForegroundWindow
WinHelpA
LoadIconA
GetDC
ReleaseDC
SetCursor
SendMessageA
GetFocus
PostMessageA
SetFocus
InvalidateRect
MoveWindow
DispatchMessageA
GetMessageA
SetWindowTextA

gdi32

GetStockObject
GetObjectA
GetDeviceCaps
SelectObject
DeleteObject
AbortDoc
EndDoc
DeleteDC
StartPage
StartDocA
EndPage
GetTextExtentPointA
CreateFontA
SetAbortProc
SetBkMode
SetMapMode
GetTextMetricsA
SetWindowExtEx
SetViewportExtEx
LPtoDP
CreateDCA
GetTextCharset
CreateFontIndirectA

comdlg32

GetOpenFileNameA
ChooseFontA
FindTextA
PageSetupDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.Powerful.1592/Win95.Powerful.1592.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Powerful.1773/Win95.Powerful.1773.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
viry/Win95.Priest.1521/Win95.Priest.1521.exe
.exe windows:1 windows x86 arch:x86

f6749b5f3e3e42c5c40200894e55ecec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

msvfw32

ICSendMessage

Sections

CODE
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Prizzy.a/Win95.Prizzy.a.exe
.exe windows:4 windows x86 arch:x86

62cf9425408854bd87e995a446c180b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA
DragAcceptFiles
ShellAboutA
SHGetSpecialFolderPathA
DragQueryFileA
DragFinish

kernel32

DeleteFileA
_lcreat
_lopen
_lwrite
LocalUnlock
_llseek
LocalFree
LocalAlloc
_lclose
GlobalAlloc
GetLocalTime
GetTimeFormatA
GetDateFormatA
lstrcmpiA
GetStartupInfoA
GetModuleHandleA
ExitProcess
lstrcpynA
LocalLock
LocalReAlloc
GetProfileStringA
RtlMoveMemory
lstrlenA
FindClose
lstrcmpA
FindFirstFileA
CreateFileA
lstrcatA
GetLastError
GetLocaleInfoA
MulDiv
lstrcpyA
GlobalUnlock
GlobalFree
GetCommandLineA
_lread
GlobalLock

user32

wsprintfA
CloseClipboard
IsClipboardFormatAvailable
OpenClipboard
GetMenu
LoadStringA
LoadAcceleratorsA
GetSystemMenu
RegisterWindowMessageA
SetWindowLongA
CreateWindowExA
LoadCursorA
RegisterClassExA
GetSystemMetrics
UpdateWindow
CharPrevA
GetClientRect
PeekMessageA
SetDlgItemTextA
TabbedTextOutA
CreateDialogParamA
EnableWindow
GetWindowTextA
SendDlgItemMessageA
GetDlgCtrlID
ChildWindowFromPoint
ScreenToClient
GetCursorPos
GetDlgItemTextA
GetSubMenu
CheckMenuItem
CharNextA
IsDialogMessageA
TranslateAcceleratorA
TranslateMessage
PostQuitMessage
IsIconic
DestroyWindow
MessageBeep
MessageBoxA
DefWindowProcA
EnableMenuItem
GetLastActivePopup
ShowWindow
EndDialog
SetForegroundWindow
WinHelpA
LoadIconA
GetDC
ReleaseDC
SetCursor
SendMessageA
GetFocus
PostMessageA
SetFocus
InvalidateRect
MoveWindow
DispatchMessageA
GetMessageA
SetWindowTextA

gdi32

GetStockObject
GetObjectA
GetDeviceCaps
SelectObject
DeleteObject
AbortDoc
EndDoc
DeleteDC
StartPage
StartDocA
EndPage
GetTextExtentPointA
CreateFontA
SetAbortProc
SetBkMode
SetMapMode
GetTextMetricsA
SetWindowExtEx
SetViewportExtEx
LPtoDP
CreateDCA
GetTextCharset
CreateFontIndirectA

comdlg32

GetOpenFileNameA
ChooseFontA
FindTextA
PageSetupDlgA
GetSaveFileNameA
CommDlgExtendedError
GetFileTitleA

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Punch.9262/Win95.Punch.9262.vxd
viry/Win95.Radix.402/Win95.Radix.402.exe
.exe windows:1 windows x86 arch:x86

2eda502d39734c2a70c5e0d029966397

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Repus.127/Win95.Repus.127.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Repus.156/Win95.Repus.156.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Repus.256/Win95.Repus.256.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Rinim.431/Win95.Rinim.431.exe
.exe windows:5 windows x86 arch:x86

98feaf0f8f73f7370e6122d9107f77bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

ShellAboutA

msvcrt

_exit
_strrev
_CxxThrowException
__CxxFrameHandler
_EH_prolog
_controlfp
??1type_info@@UAE@XZ
??3@YAXPAX@Z
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
toupper
memmove
strchr

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

kernel32

LocalReAlloc
LocalAlloc
GetCommandLineA
GetProfileIntA
GetStartupInfoA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GlobalCompact
GlobalReAlloc
GlobalAlloc
GlobalFree
lstrcmpA
Sleep
WriteProfileStringA
GlobalLock
GlobalSize
GlobalUnlock
CloseHandle
CreateEventA
CreateThread
ResetEvent
SetEvent
WaitForSingleObject
lstrcpyA
LocalFree
lstrlenA
lstrcatA
GetProfileStringA

gdi32

SetBkColor
SetTextColor

user32

MessageBoxA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
IsChild
IsDialogMessageA
GetMessageA
LoadAcceleratorsA
CreateWindowExA
LoadStringA
CharNextA
RegisterClassExA
GetSysColorBrush
LoadCursorA
LoadIconA
InvalidateRect
UpdateWindow
ShowWindow
SetDlgItemTextA
CheckMenuRadioItem
GetSubMenu
GetMenu
SetWindowPos
OffsetRect
MapWindowPoints
GetClientRect
EnableWindow
GetDlgItem
CreateDialogParamA
DestroyWindow
GetWindowRect
SetCursor
CheckRadioButton
SetFocus
MessageBeep
SendMessageA
EndDialog
DialogBoxParamA
SetWindowTextA
CloseClipboard
GetClipboardData
OpenClipboard
DestroyMenu
TrackPopupMenuEx
LoadMenuA
DefWindowProcA
ChildWindowFromPoint
ScreenToClient
PostQuitMessage
WinHelpA
EnableMenuItem
IsClipboardFormatAvailable
GetDlgCtrlID
DrawTextA
DrawEdge
GetSysColor
CheckDlgButton
SetDlgItemInt
GetWindowTextA

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Roma.1256/Win95.Roma.1256.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.SK.8699/Win95.SK.8699.com
viry/Win95.SillyWR.136.b/Win95.SillyWR.136.b.exe
.exe windows:4 windows x86 arch:x86

8462b60f6dff3170e8e893be76732af3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 171B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win95.Small.126/Win95.Small.126.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Small.140/Win95.Small.140.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Small.184/Win95.Small.184.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Tick.7936.a/Win95.Tick.7936.a.exe
.exe windows:1 windows x86 arch:x86

1e3b32c07fea3a19a145a2a4968edada

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress
ExitProcess

user32

MessageBoxA

imagehlp

CheckSumMappedFile

Sections

CODE
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Twinny.16384/Win95.Twinny.16384.dll
.dll windows:1 windows x86 arch:x86

25e5d04e3a246d849c9351c8e8c69803

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadImageA
DialogBoxParamA
WinHelpA
PeekMessageA
MsgWaitForMultipleObjects
EndDialog
SetDlgItemTextA
SetWindowLongA
InsertMenuA
GetWindowLongA
LoadIconA
GetSystemMetrics
GetClientRect
DestroyIcon
SendMessageA
GetDlgItem
EnableWindow
PostMessageA
SendDlgItemMessageA
wsprintfA
LoadStringA

shell32

ord183
DragQueryFileA
ord64
SHGetFileInfo
ord30

kernel32

GetFileAttributesA
SetLastError
CreateThread
TerminateThread
lstrcpyA
LocalFree
GlobalAlloc
CreateFileA
DeviceIoControl
CloseHandle
GetLastError
FormatMessageA
GetModuleFileNameA
WinExec
GlobalFree
LocalAlloc

comctl32

ImageList_Create
ImageList_ReplaceIcon
ord357

Exports

Exports

DiskCopyRunDll
DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 430B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
viry/Win95.Twinny.16384/Win95.Twinny.16384.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 6KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Yabran.3132/Win95.Yabran.3132.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
viry/Win95.Yildiz.323/Win95.Yildiz.323.exe
.exe windows:1 windows x86 arch:x86

541160bce55bf5030f1053d9ca2f310b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

ExitProcess

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Ylang.1536.a/Win95.Ylang.1536.a.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Ylang.1536.b/Win95.Ylang.1536.b.exe
.exe windows:1 windows x86 arch:x86

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

CODE
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Yobe/Win95.Yobe.exe
.exe windows:1 windows x86 arch:x86

bf4d05134afe96ee9cb1e6dfb926ef68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

WaitForSingleObject
ReadFile
CreateThread
CopyFileA
CreateFileA
CreateProcessA
CloseHandle
DeleteFileA
DeviceIoControl
ExitProcess
GetCommandLineA
GetModuleFileNameA
IsDebuggerPresent

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

user32

PostMessageA
LoadIconA
GetDC
FindWindowA
DrawIcon

Sections

CODE
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Yoyo.653/Win95.Yoyo.653.exe
.exe windows:1 windows x86 arch:x86

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

EXITPROCESS

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.ZRam.a/Win95.ZRam.a.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win95.Zerg.3849/Win95.Zerg.3849.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win98.Damm.1537/Win98.Damm.1537.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/Win98.Damm.1624/Win98.Damm.1624.exe
.exe windows:4 windows x86 arch:x86

8462b60f6dff3170e8e893be76732af3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
GetCommandLineA
ExitProcess
GetModuleHandleA

shell32

ShellExecuteA

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
viry/Win98.Milen.3205/Win98.Milen.3205.exe
.exe windows:1 windows x86 arch:x86

b22985b2d0b3d6b542521392d632a2a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetModuleHandleW
ExitProcess

Sections

CODE
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/WinHLP.Demo/WinHLP.Demo.exe
.exe windows:1 windows x86 arch:x86

b2a15eb1159e71e0126324add9bd8196

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

ExitProcess
EnumDateFormatsA

Sections

CODE
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
viry/WinHLP.Pluma.a/WinHLP.Pluma.a.hlp

Sharing

General

Malware Config

Signatures

Files

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 3KB - Virtual size: 4KB

DATA Size: - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 3KB - Virtual size: 4KB

DATA Size: - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

Headers

File Characteristics

Sections

CODE Size: 1KB - Virtual size: 16KB

.petite Size: 1024B - Virtual size: 646B

Size: - Virtual size: 4KB

f9ade0aa18f660a34a4fa23392e21838

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 12KB - Virtual size: 16KB

DATA Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

bd1184854bbf10e539a20144b37e19b8

Headers

File Characteristics

Imports

gdi32

mpr

lz32

user32

kernel32

Exports

Exports

Sections

BEGTEXT Size: 37KB - Virtual size:

DGROUP Size: 16KB - Virtual size:

.bss Size: 44KB - Virtual size:

.idata Size: 3KB - Virtual size:

.edata Size: 512B - Virtual size:

.reloc Size: 2KB - Virtual size:

.rsrc Size: 1024B - Virtual size:

142d03807248f45614ce539a26b6e110

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 512B - Virtual size: 4KB

DATA Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

cb3fd5251ba1a9338893c0890811dc26

Headers

File Characteristics

Imports

kernel32

user32

Sections

CODE Size: 3KB - Virtual size: 4KB

DATA Size: - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

CODE
Size: 3KB - Virtual size: 4KB

DATA
Size: - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

CODE
Size: 3KB - Virtual size: 4KB

DATA
Size: - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

CODE
Size: 1KB - Virtual size: 16KB

.petite
Size: 1024B - Virtual size: 646B

CODE
Size: 12KB - Virtual size: 16KB

DATA
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

BEGTEXT
Size: 37KB - Virtual size:

DGROUP
Size: 16KB - Virtual size:

.bss
Size: 44KB - Virtual size:

.idata
Size: 3KB - Virtual size:

.edata
Size: 512B - Virtual size:

.reloc
Size: 2KB - Virtual size:

.rsrc
Size: 1024B - Virtual size:

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

CODE
Size: 3KB - Virtual size: 4KB

DATA
Size: - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 2KB - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 2KB - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 7KB - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.debug
Size: 4KB - Virtual size: 8KB

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 8KB - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.debug
Size: 4KB - Virtual size: 8KB

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 4KB - Virtual size: 4KB

.debug
Size: 2KB - Virtual size: 4KB

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 7KB - Virtual size: 8KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

.debug
Size: 6KB - Virtual size: 8KB