nasm-2[.]16[.]03-installer-x64[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

nasm-2.16.03-installer-x64.exe
Size

1.0MB
MD5

4205b5973d293543e89c2069635117e3
SHA1

1a67e9fe7605777a78096007600bfa1492ad0e9c
SHA256

657e1252676cfb26a008835c20a760f731c8e0414469a4ed0f83f0fb059cdd35
SHA512

50e4b38098f468604b6b6d7873f4100b9305716c4946ce8092f94275e71c8905d36fb8b0c0096410c9ef33f5a93e92dfc68b08e1b59ad8be4b111c1e2546b14d
SSDEEP

24576:VUFH8ebk9B82QVMbrNgW9ty9TwmEOIm+vz3GNVmyw2TLBcU48i69/83a:eFc78ZVMbZ3ydxE9jqoywCLBcUT7Ma

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 8 IoCs

Checks for missing Authenticode signature.

resource
nasm-2.16.03-installer-x64.exe
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/Uninstall.exe
unpack002/$PLUGINSDIR/UserInfo.dll
unpack001/nasm.exe
unpack001/ndisasm.exe

Files

nasm-2.16.03-installer-x64.exe
.exe windows:4 windows x86 arch:x86

5a558123f19bf165866153ecd38a0280

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectW
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileW
CreateDirectoryW
CreateFileW
CreateProcessW
CreateThread
DeleteFileW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetDiskFreeSpaceW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetShortPathNameW
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetTickCount
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryExW
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesW
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpynW
lstrlenA
lstrlenW

ole32

CoCreateInstance
CoTaskMemFree
IIDFromString
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderW
SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteExW

user32

AppendMenuW
BeginPaint
CallWindowProcW
CharNextA
CharNextW
CharPrevW
CheckDlgButton
CloseClipboard
CreateDialogParamW
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExW
GetAsyncKeyState
GetClassInfoW
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextW
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongW
GetWindowRect
InvalidateRect
IsDlgButtonChecked
IsWindow
IsWindowEnabled
IsWindowVisible
LoadCursorW
LoadImageW
MessageBoxIndirectW
OpenClipboard
PeekMessageW
PostQuitMessage
RegisterClassW
ReleaseDC
ScreenToClient
SendMessageTimeoutW
SendMessageW
SetClassLongW
SetClipboardData
SetCursor
SetDlgItemTextW
SetForegroundWindow
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenu
wsprintfA
wsprintfW
wvsprintfW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 397KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

c20327fced07b6e73d2262fc88b11552

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

gdi32

GetTextMetricsW
SelectObject

kernel32

FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleW
GlobalAlloc
GlobalFree
MulDiv
MultiByteToWideChar
WideCharToMultiByte
lstrcatW
lstrcmpW
lstrcmpiW
lstrcpyW
lstrcpynW

ole32

CoTaskMemFree

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation

user32

CallWindowProcW
CheckDlgButton
CreateDialogParamW
DestroyWindow
DispatchMessageW
EnableWindow
GetClientRect
GetDC
GetDlgItem
GetMessageW
GetWindowLongW
GetWindowRect
GetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
LoadIconW
MoveWindow
PostMessageW
ReleaseDC
ScreenToClient
SendMessageW
SetWindowLongW
SetWindowTextW
ShowWindow
TranslateMessage
wsprintfW

Exports

Exports

Init
Select
Show

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 101B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

decb956787d27b8d68f6baf3fdca54ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AllocateAndInitializeSid
EqualSid
FreeSid
GetTokenInformation
GetUserNameW
OpenProcessToken
OpenThreadToken

kernel32

CloseHandle
GetCurrentProcess
GetCurrentThread
GetLastError
GetModuleHandleA
GetProcAddress
GetVersion
GlobalAlloc
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
lstrcpynW

user32

wsprintfW

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

c442f1649aa0670a32c622fadfcd00bd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

gdi32

SetTextColor

kernel32

GetCurrentDirectoryW
GetFileAttributesW
GetProcessHeap
GlobalAlloc
GlobalFree
HeapAlloc
HeapFree
HeapReAlloc
MulDiv
MultiByteToWideChar
SetCurrentDirectoryW
WideCharToMultiByte
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW

ole32

CoTaskMemFree

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

user32

CallWindowProcW
CharNextW
CharPrevW
CreateDialogParamW
CreateWindowExW
DestroyWindow
DispatchMessageW
DrawFocusRect
DrawTextW
GetClientRect
GetDlgItem
GetMessageW
GetPropW
GetSysColor
GetWindowLongW
GetWindowRect
GetWindowTextW
IsDialogMessageW
IsWindow
KillTimer
LoadCursorW
MapDialogRect
MapWindowPoints
RemovePropW
SendMessageW
SetCursor
SetPropW
SetTimer
SetWindowLongW
SetWindowPos
ShowWindow
TranslateMessage
wsprintfW

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 363B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LICENSE
Uninstall.exe
.exe windows:4 windows x86 arch:x86

5a558123f19bf165866153ecd38a0280

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

comctl32

ImageList_AddMasked
ImageList_Create
ImageList_Destroy
InitCommonControls

gdi32

CreateBrushIndirect
CreateFontIndirectW
DeleteObject
GetDeviceCaps
SelectObject
SetBkColor
SetBkMode
SetTextColor

kernel32

CloseHandle
CompareFileTime
CopyFileW
CreateDirectoryW
CreateFileW
CreateProcessW
CreateThread
DeleteFileW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FindNextFileW
FreeLibrary
GetCommandLineW
GetCurrentProcess
GetDiskFreeSpaceW
GetExitCodeProcess
GetFileAttributesW
GetFileSize
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileStringW
GetProcAddress
GetShortPathNameW
GetSystemDirectoryW
GetTempFileNameW
GetTempPathW
GetTickCount
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
LoadLibraryExW
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
ReadFile
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEnvironmentVariableW
SetErrorMode
SetFileAttributesW
SetFilePointer
SetFileTime
Sleep
WaitForSingleObject
WideCharToMultiByte
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyA
lstrcpynW
lstrlenA
lstrlenW

ole32

CoCreateInstance
CoTaskMemFree
IIDFromString
OleInitialize
OleUninitialize

shell32

SHBrowseForFolderW
SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
ShellExecuteExW

user32

AppendMenuW
BeginPaint
CallWindowProcW
CharNextA
CharNextW
CharPrevW
CheckDlgButton
CloseClipboard
CreateDialogParamW
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
ExitWindowsEx
FillRect
FindWindowExW
GetAsyncKeyState
GetClassInfoW
GetClientRect
GetDC
GetDlgItem
GetDlgItemTextW
GetMessagePos
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongW
GetWindowRect
InvalidateRect
IsDlgButtonChecked
IsWindow
IsWindowEnabled
IsWindowVisible
LoadCursorW
LoadImageW
MessageBoxIndirectW
OpenClipboard
PeekMessageW
PostQuitMessage
RegisterClassW
ReleaseDC
ScreenToClient
SendMessageTimeoutW
SendMessageW
SetClassLongW
SetClipboardData
SetCursor
SetDlgItemTextW
SetForegroundWindow
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenu
wsprintfA
wsprintfW
wvsprintfW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 397KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

decb956787d27b8d68f6baf3fdca54ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AllocateAndInitializeSid
EqualSid
FreeSid
GetTokenInformation
GetUserNameW
OpenProcessToken
OpenThreadToken

kernel32

CloseHandle
GetCurrentProcess
GetCurrentThread
GetLastError
GetModuleHandleA
GetProcAddress
GetVersion
GlobalAlloc
GlobalFree
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
lstrcpynW

user32

wsprintfW

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 129B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VSrules/nasm.README
VSrules/nasm.rules
.xml
nasm.exe
.exe windows:4 windows x64 arch:x64

1fca77e00f0c02dbdd0d5821f57f4eb2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

api-ms-win-crt-convert-l1-1-0

atoi
mbrtowc
mbsrtowcs
strtol
strtoll
strtoul
strtoull
wcrtomb

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
getenv

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_fullpath
_lock_file
_unlock_file
_waccess
_wstat64
remove

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free
malloc
realloc

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-private-l1-1-0

__C_specific_handler
memcmp
memcpy
memmove
strchr
strrchr

api-ms-win-crt-runtime-l1-1-0

_set_app_type
__p___argc
__p___argv
__p___wargv
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_invalid_parameter_handler
abort
exit
perror
signal
strerror

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
_chsize_s
_fileno
_fseeki64
_ftelli64
_wfopen
fclose
feof
ferror
fflush
fgetc
fgets
fputc
fputs
fread
fwrite
getc
putc
setvbuf
ungetc
_setmode
_fileno

api-ms-win-crt-string-l1-1-0

_strnicmp
isalpha
iscntrl
ispunct
isspace
isxdigit
mbrlen
memset
strcat
strcmp
strcpy
strcspn
strlen
strncmp
strncpy
strpbrk
strspn
tolower
toupper
wcslen
_stricmp

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_gmtime64
_localtime64
_time64
_tzset
strftime

api-ms-win-crt-utility-l1-1-0

qsort

Sections

.text
Size: 317KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nasm.ico
nasmdoc.pdf
.pdf
- http://..got
- http://..sym132www.delorie.com115www.pcorner.com115x2ftp.oulu.fi
- http://.o.as
- http://117.comment109.data
- http://130FreeLink115ftp.simtel.net
- http://Makefile.in
- http://Makefile.vc
- http://alink.sourceforge.net
- http://atalink.sourceforge.net
- http://comtch.iea.com
- http://config.h.in
- http://configure.in
- http://ctxnum.name
- http://eltech.ru
- http://file.com
- http://findleak.pl
- http://ftp.simtel.net
- http://insns.pl
- http://install.sh
- http://library.so
- http://mkdep.pl
- http://myfile.com
- http://myfile.map
- http://myinc.inc
- http://myprog.com
- http://mystruc.mt
- http://nasm098p3.zip
- http://program.com
- http://rdsrc.pl
- http://san.rr.com
- http://variables111ALIGNMODE83ALINK115alink.sourceforge.net
- http://version.pl
- http://www.cpan.org/ports/index.html
- http://www.cpan.org/ports/index.html.C.2.53
- http://www.csoft.net/cz/johnfine/�Changed
- http://www.delorie.com
- http://www.delorie.com/djgpp/16bit/djlink/
- http://www.nasm.us
- http://www.nasm.us/
- http://www.nasm.us/.New
- http://www.nasm.us/abi/unix64
- http://www.nasm.us/abi/unix64Although
- http://www.nasm.us/abi/win64
- http://www.nasm.us/abi/win64What
- http://www.pcorner.com
- http://www.pcorner.com/tpc/old/3-101.html
- http://wwww.nasm.us/,
- http://x2ftp.oulu.fi
- http://zytor.com
- https://bugs.nasm.us
- https://bugs.nasm.us/
- https://github.com/MicrosoftDocs/win32/blob/docs/desktop-src/Debug/pe-format.md#comdat-sections-object-only
- https://github.com/MicrosoftDocs/win32/blob/docs/desktop-src/Debug/pe-format.md#grouped-sections-object-only
- Show all
ndisasm.exe
.exe windows:4 windows x64 arch:x64

ebdc565ed9cf6bfd8880a84a1ca38cc7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

api-ms-win-crt-convert-l1-1-0

mbrtowc
mbsrtowcs
strtoul
wcrtomb

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_lock_file
_unlock_file
_waccess
_wstat64

api-ms-win-crt-heap-l1-1-0

_set_new_mode
calloc
free
malloc
realloc

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-private-l1-1-0

__C_specific_handler
memcpy
strchr

api-ms-win-crt-runtime-l1-1-0

_set_app_type
__p___argc
__p___argv
__p___wargv
_cexit
_configure_narrow_argv
_configure_wide_argv
_crt_at_quick_exit
_crt_atexit
_errno
_exit
_initialize_narrow_environment
_initialize_wide_environment
_initterm
_set_invalid_parameter_handler
abort
exit
perror
signal
strerror

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__p__commode
__p__fmode
__stdio_common_vfprintf
__stdio_common_vfwprintf
_chsize_s
_fileno
_fseeki64
_ftelli64
_wfopen
fclose
feof
ferror
fflush
fopen
fputc
fread
fseek
ftell
fwrite
setvbuf
_setmode
_fileno

api-ms-win-crt-string-l1-1-0

_strnicmp
isalpha
iscntrl
ispunct
isspace
isxdigit
memset
strcmp
strlen
strncmp
strncpy
strpbrk
tolower
wcslen
_stricmp

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 992KB - Virtual size: 992KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a558123f19bf165866153ecd38a0280

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

shell32

user32

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 512B - Virtual size: 256B

.rdata Size: 55KB - Virtual size: 54KB

.bss Size: - Virtual size: 397KB

.idata Size: 5KB - Virtual size: 5KB

.ndata Size: 512B - Virtual size: 1.4MB

.rsrc Size: 11KB - Virtual size: 10KB

c20327fced07b6e73d2262fc88b11552

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

ole32

shell32

user32

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 1024B - Virtual size: 596B

.eh_fram Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 10KB

.edata Size: 512B - Virtual size: 101B

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 296B

.reloc Size: 512B - Virtual size: 468B

decb956787d27b8d68f6baf3fdca54ed

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

user32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 248B

.eh_fram Size: 1024B - Virtual size: 828B

.bss Size: - Virtual size: 16B

.edata Size: 512B - Virtual size: 129B

.idata Size: 1024B - Virtual size: 756B

.reloc Size: 512B - Virtual size: 184B

c442f1649aa0670a32c622fadfcd00bd

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

gdi32

kernel32

ole32

shell32

user32

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 1024B - Virtual size: 588B

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 512B - Virtual size: 256B

.rdata
Size: 55KB - Virtual size: 54KB

.bss
Size: - Virtual size: 397KB

.idata
Size: 5KB - Virtual size: 5KB

.ndata
Size: 512B - Virtual size: 1.4MB

.rsrc
Size: 11KB - Virtual size: 10KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 1024B - Virtual size: 596B

.eh_fram
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 10KB

.edata
Size: 512B - Virtual size: 101B

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 512B - Virtual size: 468B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 248B

.eh_fram
Size: 1024B - Virtual size: 828B

.bss
Size: - Virtual size: 16B

.edata
Size: 512B - Virtual size: 129B

.idata
Size: 1024B - Virtual size: 756B

.reloc
Size: 512B - Virtual size: 184B

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 1024B - Virtual size: 588B

.eh_fram
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 8KB

.edata
Size: 512B - Virtual size: 363B

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 144B

.reloc
Size: 1024B - Virtual size: 516B

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 512B - Virtual size: 256B

.rdata
Size: 55KB - Virtual size: 54KB

.bss
Size: - Virtual size: 397KB

.idata
Size: 5KB - Virtual size: 5KB

.ndata
Size: 512B - Virtual size: 1.4MB

.rsrc
Size: 11KB - Virtual size: 10KB

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 248B

.eh_fram
Size: 1024B - Virtual size: 828B

.bss
Size: - Virtual size: 16B

.edata
Size: 512B - Virtual size: 129B

.idata
Size: 1024B - Virtual size: 756B

.reloc
Size: 512B - Virtual size: 184B

.text
Size: 317KB - Virtual size: 317KB

.data
Size: 12KB - Virtual size: 12KB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.pdata
Size: 10KB - Virtual size: 9KB

.xdata
Size: 11KB - Virtual size: 11KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 5KB - Virtual size: 4KB