c:\Users\Paco\Desktop\Invoice\HiDdEn-TeAr\obj\Debug\invoice.pdb
Overview
overview
10Static
static
6D02D012970...94.exe
windows7-x64
1DBm0yQwt.exe.ViR.exe
windows7-x64
10ca6ec46ee9...52.apk
windows7-x64
3calc.exe
windows7-x64
7ccc71c83c8...B3.exe
windows7-x64
7ccc71c83c8...68.exe
windows7-x64
7cd2d085998...-0.dll
windows7-x64
8cdffb7e75b...ss.exe
windows7-x64
3cf7382c25a...c9.exe
windows7-x64
6cgi19-alpt...e_.exe
windows7-x64
7chrst.exe
windows7-x64
3ci05l2a.exe
windows7-x64
cl.exe
windows7-x64
7clean.exe
windows7-x64
3coinvault.exe
windows7-x64
9com_loader.exe
windows7-x64
3csrss.ex_.exe
windows7-x64
6d.exe
windows7-x64
3d0a5cfec8e...B3.exe
windows7-x64
7d0a5cfec8e...A6.exe
windows7-x64
7d2164cdbc9...FB.exe
windows7-x64
3d2164cdbc9...08.exe
windows7-x64
7d4439055d2..._1.dll
windows7-x64
3d54d2a216e...96.exe
windows7-x64
7d5f29750a8...c5.apk
windows7-x64
3d6c32b0146...4d.zip
windows7-x64
9d889734783...48.exe
windows7-x64
daaa72f48b...2d.exe
windows7-x64
9ddbf1840bf...e2.exe
windows7-x64
10de882c049b..._3.dll
windows7-x64
3decrypt.exe
windows7-x64
3decrypted.ex_.exe
windows7-x64
6Behavioral task
behavioral1
Sample
D02D012970AA164CAD15C757D7E52994.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
DBm0yQwt.exe.ViR.exe
Resource
win7-20240903-en
Behavioral task
behavioral3
Sample
ca6ec46ee9435a4745fd3a03267f051dc64540dd348f127bb33e9675dadd3d52.apk
Resource
win7-20240729-en
Behavioral task
behavioral4
Sample
calc.exe
Resource
win7-20241010-en
Behavioral task
behavioral5
Sample
ccc71c83c8d9895ef0b375273f9f185dfac63ecd01775e2dc705afe4d48c95e2_Dumped_TDS=4F9911B3.exe
Resource
win7-20241023-en
Behavioral task
behavioral6
Sample
ccc71c83c8d9895ef0b375273f9f185dfac63ecd01775e2dc705afe4d48c95e2_TDS=4FAD9768.exe
Resource
win7-20240903-en
Behavioral task
behavioral7
Sample
cd2d085998a289134ffaf27fbdcbc8cb_api-ms-win-system-dispex-l1-1-0.dll
Resource
win7-20240903-en
Behavioral task
behavioral8
Sample
cdffb7e75b20eeae4db75c9962c17b3be980a719f7597e8b11a747d72c975a36_not_packed_maybe_useless.exe
Resource
win7-20240903-en
Behavioral task
behavioral9
Sample
cf7382c25a8bf0d904d51063ceb29fb70f630bc9.exe
Resource
win7-20240708-en
Behavioral task
behavioral10
Sample
cgi19-alptsevs-h555.exe_.exe
Resource
win7-20240903-en
Behavioral task
behavioral11
Sample
chrst.exe
Resource
win7-20241010-en
Behavioral task
behavioral12
Sample
ci05l2a.exe
Resource
win7-20240903-en
Behavioral task
behavioral13
Sample
cl.exe
Resource
win7-20240903-en
Behavioral task
behavioral14
Sample
clean.exe
Resource
win7-20240903-en
Behavioral task
behavioral15
Sample
coinvault.exe
Resource
win7-20240903-en
Behavioral task
behavioral16
Sample
com_loader.exe
Resource
win7-20240903-en
Behavioral task
behavioral17
Sample
csrss.ex_.exe
Resource
win7-20240708-en
Behavioral task
behavioral18
Sample
d.exe
Resource
win7-20240729-en
Behavioral task
behavioral19
Sample
d0a5cfec8e80622b3e194b5ee03e93d78c7ef3478bead6a039d213caaaa58523_Dumped_TDS=4F9911B3.exe
Resource
win7-20241010-en
Behavioral task
behavioral20
Sample
d0a5cfec8e80622b3e194b5ee03e93d78c7ef3478bead6a039d213caaaa58523_TDS=4FA478A6.exe
Resource
win7-20240903-en
Behavioral task
behavioral21
Sample
d2164cdbc9c78db0115f382a139ccd758f8a25ebfc5ab3e0034e7aef0fe0b6b4_Dumped_TDS=4FB252FB.exe
Resource
win7-20240903-en
Behavioral task
behavioral22
Sample
d2164cdbc9c78db0115f382a139ccd758f8a25ebfc5ab3e0034e7aef0fe0b6b4_TDS=4FB30D08.exe
Resource
win7-20241023-en
Behavioral task
behavioral23
Sample
d4439055d2d63e52ffc23c6d24d89194_86e510605f1ee068bdc1ae306312652a__1.dll
Resource
win7-20240903-en
Behavioral task
behavioral24
Sample
d54d2a216e637bcd36e5217cfba98896.exe
Resource
win7-20240903-en
Behavioral task
behavioral25
Sample
d5f29750a8cb158d9b89a1e02e8addc5e410d1ddc48e660589144ade47f794c5.apk
Resource
win7-20240903-en
Behavioral task
behavioral26
Sample
d6c32b0146f219bdcb5cf524ea9e0047d9b9bd0fd7c395d5b11cbc4c3298824d.zip
Resource
win7-20240903-en
Behavioral task
behavioral27
Sample
d889734783273b7158deeae6cf804a6be99c3a5353d94225a4dbe92caf3a3d48.exe
Resource
win7-20240903-en
Behavioral task
behavioral28
Sample
daaa72f48bea498c5ac7ce9bc315e585ff11dad04d1eeb0d1b0ce33a28bedf2d.exe
Resource
win7-20240729-en
Behavioral task
behavioral29
Sample
ddbf1840bf626da19d8f3467fe9e20e2.exe
Resource
win7-20241010-en
Behavioral task
behavioral30
Sample
de882c049be133a950b6917562bb2313_583a76e23c1998307d702709dadbe103__3.dll
Resource
win7-20240708-en
Behavioral task
behavioral31
Sample
decrypt.exe
Resource
win7-20240903-en
Behavioral task
behavioral32
Sample
decrypted.ex_.exe
Resource
win7-20240903-en
General
-
Target
Batch_6.zip
-
Size
8.6MB
-
MD5
efd2b474bb13fdb3b8a3159a64a22896
-
SHA1
48515da815cafb4d990efdd7b67baf86ac949813
-
SHA256
c41899315b2f3dad512ed1f58746e59fdb2f9717badcf7b2c861c1248d945991
-
SHA512
05195802d912ff48aac8035a8a061a3d8dc5b312ed936a147a742ad65ab75f982e3b443ebb001dd145086644006bfc361f83fb40799f60e51dd6eb053139f190
-
SSDEEP
196608:PYpWTGAAWAquK9u/2fpA4kuu0xCDCFvyRyi1GGywTpGRE:PYpWTGAAqub/2y4kudiCFviy88GGi
Malware Config
Signatures
-
Declares broadcast receivers with permission to handle system events 1 IoCs
description ioc Required by device admin receivers to bind with the system. Allows apps to manage device administration features. android.permission.BIND_DEVICE_ADMIN -
Requests dangerous framework permissions 6 IoCs
description ioc Required to be able to access the camera device. android.permission.CAMERA Allows access to the list of accounts in the Accounts Service. android.permission.GET_ACCOUNTS Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps. android.permission.SYSTEM_ALERT_WINDOW Allows an application to read or write the system settings. android.permission.WRITE_SETTINGS Allows an application to read the user's contacts data. android.permission.READ_CONTACTS Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device. android.permission.READ_PHONE_STATE -
resource yara_rule static1/unpack001/calc.exe upx -
Unsigned PE 29 IoCs
Checks for missing Authenticode signature.
resource unpack001/D02D012970AA164CAD15C757D7E52994.exe unpack001/DBm0yQwt.exe.ViR.exe unpack001/calc.exe unpack002/out.upx unpack001/ccc71c83c8d9895ef0b375273f9f185dfac63ecd01775e2dc705afe4d48c95e2_Dumped_TDS=4F9911B3.exe unpack001/ccc71c83c8d9895ef0b375273f9f185dfac63ecd01775e2dc705afe4d48c95e2_TDS=4FAD9768.exe unpack001/cd2d085998a289134ffaf27fbdcbc8cb_api-ms-win-system-dispex-l1-1-0.dll unpack001/cdffb7e75b20eeae4db75c9962c17b3be980a719f7597e8b11a747d72c975a36_not_packed_maybe_useless.exe unpack001/cf7382c25a8bf0d904d51063ceb29fb70f630bc9.exe unpack001/cgi19-alptsevs-h555.exe_.exe unpack001/chrst.exe unpack001/cl.exe unpack001/clean.exe unpack001/coinvault.exe unpack001/com_loader.exe unpack001/csrss.ex_.exe unpack001/d.exe unpack001/d0a5cfec8e80622b3e194b5ee03e93d78c7ef3478bead6a039d213caaaa58523_Dumped_TDS=4F9911B3.exe unpack001/d0a5cfec8e80622b3e194b5ee03e93d78c7ef3478bead6a039d213caaaa58523_TDS=4FA478A6.exe unpack001/d2164cdbc9c78db0115f382a139ccd758f8a25ebfc5ab3e0034e7aef0fe0b6b4_Dumped_TDS=4FB252FB.exe unpack001/d2164cdbc9c78db0115f382a139ccd758f8a25ebfc5ab3e0034e7aef0fe0b6b4_TDS=4FB30D08.exe unpack001/d4439055d2d63e52ffc23c6d24d89194_86e510605f1ee068bdc1ae306312652a__1.dll unpack001/d54d2a216e637bcd36e5217cfba98896.exe unpack003/Transazione.Pdf______________________________________________________________.exe unpack001/daaa72f48bea498c5ac7ce9bc315e585ff11dad04d1eeb0d1b0ce33a28bedf2d.exe unpack001/ddbf1840bf626da19d8f3467fe9e20e2.exe unpack001/de882c049be133a950b6917562bb2313_583a76e23c1998307d702709dadbe103__3.dll unpack001/decrypt.exe unpack001/decrypted.ex_.exe
Files
-
Batch_6.zip.zip
-
D02D012970AA164CAD15C757D7E52994.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 111KB - Virtual size: 110KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 102KB - Virtual size: 101KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
DBm0yQwt.exe.ViR.exe.exe windows:5 windows x86 arch:x86
41650cfcdcf1a88f0c9ad2f113ce9650
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
SetFilePointer
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
VirtualAlloc
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
CreateFileA
CloseHandle
UnhandledExceptionFilter
FindResourceA
GetModuleHandleA
LockResource
LoadLibraryA
GetProcAddress
GetLastError
GetStdHandle
MulDiv
HeapCreate
SizeofResource
InterlockedDecrement
HeapAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
DeleteCriticalSection
GetFileType
SetHandleCount
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapFree
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineA
GetStartupInfoA
RaiseException
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
LoadResource
SetStdHandle
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetModuleFileNameA
WriteFile
ExitProcess
Sleep
GetModuleHandleW
SetUnhandledExceptionFilter
user32
SendMessageW
GetSystemMetrics
ScrollWindowEx
SetLayeredWindowAttributes
SetWindowPos
GetSysColor
GetDlgItem
ReleaseDC
GetWindowLongA
InvalidateRect
SetWindowLongA
CopyIcon
SetMessageQueue
SetScrollInfo
LoadCursorA
SetCursor
GetWindowRect
SendDlgItemMessageA
FillRect
MsgWaitForMultipleObjects
GetFocus
GetParent
DrawIcon
GetClientRect
DrawTextExW
SendMessageA
SetRectEmpty
wsprintfW
GetIconInfo
GetUpdateRect
GetDC
OffsetRect
GetCursorInfo
GetWindowTextA
gdi32
SetWindowOrgEx
BitBlt
GetWindowOrgEx
PatBlt
GetTextMetricsW
SetViewportOrgEx
SetTextColor
CreateFontA
GetDeviceCaps
SetBrushOrgEx
CreateBitmap
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
EnumFontFamiliesA
CreatePatternBrush
GdiGradientFill
SetTextAlign
CreateSolidBrush
CreateDIBSection
advapi32
RegCreateKeyA
RegSetValueExA
shell32
SHBrowseForFolderA
SHCreateShellItem
ole32
CoFreeUnusedLibraries
CoInitialize
StringFromCLSID
CoUninitialize
CoGetMalloc
CoCreateInstance
oleaut32
SysFreeString
RevokeActiveObject
VariantClear
wininet
InternetCrackUrlA
ws2_32
WSAGetQOSByName
WSAGetOverlappedResult
winscard
SCardGetProviderIdW
shlwapi
UrlGetPartA
comctl32
ImageList_DrawIndirect
rpcrt4
RpcBindingFromStringBindingA
RpcStringFreeA
RpcStringBindingComposeA
RpcBindingFree
secur32
GetUserNameExA
opengl32
glEndList
powrprof
GetPwrCapabilities
urlmon
CoInternetParseUrl
rpcns4
RpcNsBindingImportBeginA
Sections
.text Size: 63KB - Virtual size: 62KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 119KB - Virtual size: 118KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 663KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ca6ec46ee9435a4745fd3a03267f051dc64540dd348f127bb33e9675dadd3d52.exe.apk android
com.android.porntube
.Loader
Activities
.Loader
android.intent.action.MAIN
.player
android.intent.action.VIEW
Permissions
android.permission.DISABLE_KEYGUARD
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.sec.android.app.sbrowser.operatorbookmarks.permission.READ_HISTORY_BOOKMARKS
android.permission.RESTART_PACKAGES
android.permission.CAMERA
android.permission.GET_TASKS
android.permission.GET_ACCOUNTS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
Receivers
com.sklasse.utils.astart
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.sklasse.utils.cached_reps
android.net.conn.CONNECTIVITY_CHANGE
android.system.cache
com.plugins.core.setsize
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED
Services
com.plugins.core.setzero
android.system.registat
.sklasse
android.system.operate
-
calc.exe.exe windows:10 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 52KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 158KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:10 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 113KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 70KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
ccc71c83c8d9895ef0b375273f9f185dfac63ecd01775e2dc705afe4d48c95e2_Dumped_TDS=4F9911B3.exe.exe windows:5 windows x86 arch:x86
0e19eece28bfc9b0d635ed4ec3d29752
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
wininet
InternetOpenA
HttpQueryInfoA
InternetConnectA
InternetReadFile
InternetSetOptionA
InternetQueryOptionA
InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
shlwapi
PathCombineW
kernel32
lstrcatA
GetLastError
GetModuleHandleA
CloseHandle
GetVersion
lstrcpyA
WaitForSingleObject
Sleep
GetCurrentProcessId
GetTickCount
ExitProcess
GetFileSize
lstrlenA
WriteFile
GetFileAttributesW
ReadFile
CreateFileW
lstrlenW
FlushFileBuffers
GetProcAddress
DeleteFileW
SetFileAttributesW
HeapReAlloc
HeapAlloc
HeapFree
GetProcessHeap
HeapDestroy
HeapCreate
HeapSize
GetVersionExA
CreateProcessW
GetCurrentProcess
InitializeCriticalSection
OpenProcess
LeaveCriticalSection
TerminateProcess
GetModuleFileNameW
EnterCriticalSection
CreateThread
CreateMutexA
LocalFree
WideCharToMultiByte
MultiByteToWideChar
DosDateTimeToFileTime
SetFilePointer
SystemTimeToFileTime
GetFileType
GetCurrentDirectoryA
WTSGetActiveConsoleSessionId
GetEnvironmentStringsW
QueryPerformanceCounter
FreeEnvironmentStringsW
GetModuleFileNameA
RaiseException
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
EncodePointer
GetStdHandle
DecodePointer
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
CopyFileW
GetUserGeoID
CreateDirectoryW
GetComputerNameA
SetHandleCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryW
LCMapStringW
IsProcessorFeaturePresent
RtlUnwind
UnhandledExceptionFilter
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetStringTypeW
GetSystemTimeAsFileTime
user32
PostMessageA
GetClientRect
SetWindowLongA
GetWindowLongA
RegisterClassExA
PostQuitMessage
TranslateMessage
UnregisterClassA
CreateWindowExA
DefWindowProcA
DispatchMessageA
MessageBoxW
GetSystemMetrics
UpdateWindow
EnumWindows
ShowWindow
IsWindowVisible
GetWindowThreadProcessId
ExitWindowsEx
GetMessageA
EnableWindow
advapi32
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegFlushKey
RegOpenKeyA
RegCreateKeyExA
SetSecurityDescriptorSacl
shell32
ord680
SHGetFolderPathW
ole32
OleUninitialize
OleSetContainedObject
CoGetClassObject
OleInitialize
oleaut32
SysAllocString
VariantClear
VariantInit
Sections
.text Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 436B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ccc71c83c8d9895ef0b375273f9f185dfac63ecd01775e2dc705afe4d48c95e2_TDS=4FAD9768.exe.exe windows:4 windows x86 arch:x86
a81730656ca1c2ccf1449f66476dc87b
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
LocalAlloc
GetEnvironmentStringsW
GetStdHandle
CreateMutexA
lstrlenA
GlobalAlloc
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetStartupInfoA
setupapi
SetupGetLineCountA
msvcrt
_adjust_fdiv
memcpy
_exit
_onexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_XcptFilter
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
Sections
.text Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 48KB - Virtual size: 119KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
cd2d085998a289134ffaf27fbdcbc8cb_api-ms-win-system-dispex-l1-1-0.dll.dll windows:4 windows x86 arch:x86
01d60c50f07df84cdeeb313752cc4354
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
cluster0.pdb
Imports
kernel32
LoadResource
SetConsoleOutputCP
OutputDebugStringW
lstrcpynA
GetConsoleFontSize
EnumResourceTypesW
PrepareTape
ConvertDefaultLocale
MoveFileWithProgressA
IsSystemResumeAutomatic
Exports
Exports
CLSIDScalableBuffer
CanStrip
CommPFXExtensionCtl
DialogDecrementFill
EqualHungABCWidths
NotifyCSpnStream
OutputUninitializeControls
PauseShellChildAttribute
SelectUnmakeMode
Sections
.text Size: 116KB - Virtual size: 114KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 124KB - Virtual size: 123KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 719B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vqCp0w Size: 72KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DATA Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.eh_fram Size: 52KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
cdffb7e75b20eeae4db75c9962c17b3be980a719f7597e8b11a747d72c975a36_not_packed_maybe_useless.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\my projects\bbac\output\Release\bbac.pdb
Sections
.text Size: 37KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 436B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mackt Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
cf7382c25a8bf0d904d51063ceb29fb70f630bc9.exe.exe windows:4 windows x86 arch:x86
e9e3923fa6b5c81cfcfc4413e09333bb
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
memset
strncpy
memcpy
fopen
fseek
fclose
memmove
_CIsqrt
_CIlog
floor
ceil
_CIexp
fabs
malloc
free
strlen
kernel32
GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
Sleep
FreeLibrary
HeapAlloc
HeapFree
CloseHandle
InitializeCriticalSection
ReadFile
GetLastError
LoadLibraryA
GetProcAddress
HeapReAlloc
TlsAlloc
GetVersionExA
GetLogicalDriveStringsA
user32
DestroyIcon
FillRect
gdi32
GetObjectType
DeleteObject
GetObjectA
CreateCompatibleDC
GetDIBits
DeleteDC
CreateDIBSection
SelectObject
BitBlt
CreateBitmap
SetPixel
GetStockObject
wsock32
closesocket
WSACleanup
WSAStartup
winmm
mciSendCommandA
Sections
.code Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 216B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.ta Size: 2KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
src Size: 480KB - Virtual size: 479KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
cgi19-alptsevs-h555.exe_.exe.exe windows:5 windows x86 arch:x86
553ef6236c6cb4268814330cd1e93c7d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
d:\Projects\WinRAR\SFX\build\sfxrar32\Release\sfxrar.pdb
Imports
comctl32
InitCommonControlsEx
shlwapi
SHAutoComplete
kernel32
DeleteFileW
DeleteFileA
CreateDirectoryA
CreateDirectoryW
FindClose
FindNextFileA
FindFirstFileA
FindNextFileW
FindFirstFileW
GetTickCount
WideCharToMultiByte
GlobalAlloc
GetVersionExW
GetFullPathNameA
GetFullPathNameW
MultiByteToWideChar
GetModuleFileNameW
FindResourceW
GetModuleHandleW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
CompareStringA
ExitProcess
GetLocaleInfoW
SetFileAttributesW
DosDateTimeToFileTime
GetDateFormatW
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
ExpandEnvironmentStringsW
WaitForSingleObject
Sleep
GetExitCodeProcess
GetTempPathW
MoveFileExW
UnmapViewOfFile
MapViewOfFile
GetCommandLineW
CreateFileMappingW
SetEnvironmentVariableW
OpenFileMappingW
GetProcAddress
LocalFileTimeToFileTime
SystemTimeToFileTime
GetSystemTime
CompareStringW
IsDBCSLeadByte
GetCPInfo
SetCurrentDirectoryW
LoadLibraryW
FreeLibrary
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
WriteFile
GetStdHandle
ReadFile
CreateFileW
GetCurrentDirectoryW
CreateFileA
GetFileType
SetEndOfFile
SetFilePointer
MoveFileW
SetFileTime
GetCurrentProcess
CloseHandle
SetLastError
GetLastError
GetNumberFormatW
user32
wvsprintfA
wvsprintfW
ReleaseDC
GetDC
SendMessageW
SetDlgItemTextW
SetFocus
EndDialog
DestroyIcon
SendDlgItemMessageW
GetDlgItemTextW
GetClassNameW
DialogBoxParamW
IsWindowVisible
WaitForInputIdle
SetForegroundWindow
GetSysColor
PostMessageW
LoadBitmapW
LoadIconW
CharToOemA
OemToCharA
MapWindowPoints
CreateWindowExW
SetWindowTextW
UpdateWindow
LoadCursorW
RegisterClassExW
SetWindowLongW
GetWindowLongW
DefWindowProcW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
DestroyWindow
CopyRect
IsWindow
CharToOemBuffW
MessageBoxW
ShowWindow
GetDlgItem
EnableWindow
OemToCharBuffA
CharUpperA
CharToOemBuffA
LoadStringW
SetWindowPos
GetWindowTextW
GetSystemMetrics
GetWindow
CharUpperW
GetWindowRect
FindWindowExW
GetParent
GetClientRect
gdi32
GetDeviceCaps
GetObjectW
CreateCompatibleBitmap
SelectObject
StretchBlt
CreateCompatibleDC
DeleteObject
DeleteDC
comdlg32
GetOpenFileNameW
CommDlgExtendedError
GetSaveFileNameW
advapi32
RegOpenKeyExW
LookupPrivilegeValueW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
SetFileSecurityW
SetFileSecurityA
OpenProcessToken
AdjustTokenPrivileges
shell32
SHChangeNotify
ShellExecuteExW
SHFileOperationW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetMalloc
SHBrowseForFolderW
SHGetPathFromIDListW
ole32
OleUninitialize
OleInitialize
CoCreateInstance
CreateStreamOnHGlobal
CLSIDFromString
oleaut32
VariantInit
Sections
.text Size: 71KB - Virtual size: 71KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.CRT Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 45KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
chrst.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
C:\Users\Computer\Documents\Visual Studio 2010\Projects\MyV\MyV\obj\x86\Release\chrst.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 125KB - Virtual size: 124KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 142B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ci05l2a.exe
-
cl.exe.exe windows:4 windows x86 arch:x86
31706a369ec92804872975ce580c66c6
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
__vbaVarTstGt
ord690
__vbaNextEachAry
_CIcos
_adj_fptan
__vbaStrI4
ord693
__vbaAryMove
__vbaFreeVar
__vbaLineInputStr
__vbaLenBstr
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFpCDblR8
__vbaFreeObjList
__vbaStrErrVarCopy
_adj_fprem1
ord518
__vbaForEachCollAd
__vbaStrCat
__vbaVarCmpNe
__vbaSetSystemError
ord661
ord662
__vbaHresultCheckObj
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
ord667
__vbaAryDestruct
__vbaLateMemSt
__vbaExitProc
ord595
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaForEachCollVar
ord520
__vbaBoolVarNull
_CIsin
ord631
ord632
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
ord529
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaPutOwner4
__vbaNextEachCollVar
__vbaObjVar
__vbaPrintObj
DllFunctionCall
_adj_fpatan
__vbaLateIdCallLd
__vbaStrR8
__vbaRedim
EVENT_SINK_Release
__vbaNew
ord600
_CIsqrt
__vbaVarAnd
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
__vbaStrToUnicode
__vbaPrintFile
__vbaDateStr
_adj_fprem
_adj_fdivr_m64
ord607
ord608
ord531
ord716
__vbaFPException
ord532
__vbaInStrVar
ord717
__vbaStrVarVal
__vbaUbound
__vbaGetOwner4
__vbaVarCat
ord536
ord645
_CIlog
__vbaFileOpen
__vbaR8Str
__vbaVar2Vec
__vbaNew2
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
ord573
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord578
ord100
__vbaVarTstNe
__vbaI4Var
__vbaForEachAry
ord689
__vbaLateMemCall
ord612
__vbaStrToAnsi
__vbaVarDup
__vbaVarLateMemCallLd
ord616
__vbaFpI4
ord617
__vbaLateMemCallLd
_CIatan
__vbaAryCopy
__vbaStrMove
ord619
__vbaR8IntI4
ord650
_allmul
_CItan
__vbaNextEachCollAd
ord546
__vbaFPInt
__vbaAryUnlock
_CIexp
__vbaFreeStr
__vbaFreeObj
ord581
Sections
.text Size: 220KB - Virtual size: 216KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
clean.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
coinvault.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 500KB - Virtual size: 499KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 36KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
com_loader.exe.exe regsvr32 windows:4 windows x86 arch:x86
5f21313fbe26dcd91c5fd3dfe5d4a4b2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
wtsapi32
WTSSetUserConfigA
WTSVirtualChannelClose
WTSVirtualChannelRead
WTSRegisterSessionNotification
WTSSetSessionInformationA
WTSLogoffSession
WTSEnumerateSessionsA
WTSEnumerateServersA
WTSWaitSystemEvent
WTSSendMessageA
WTSCloseServer
WTSOpenServerA
WTSUnRegisterSessionNotification
WTSVirtualChannelPurgeInput
WTSFreeMemory
WTSEnumerateProcessesA
dbnmpntw
ConnectionVer
ConnectionError
ConnectionClose
user32
LoadStringA
SetFocus
GetCursor
wsprintfA
CreateWindowExA
CharToOemA
DrawTextW
LoadCursorA
FindWindowW
PeekMessageW
PostMessageA
IsDialogMessageA
MessageBoxW
kernel32
FindFirstFileA
SearchPathA
CopyFileA
GetOEMCP
HeapFree
FormatMessageA
lstrcpynW
GetProcessHeap
GetLogicalDriveStringsA
CopyFileExW
DeleteFileA
GetGeoInfoW
CreateDirectoryA
GetCurrentDirectoryW
CreateFileA
ReadFile
SetLastError
GetDateFormatA
GetLocaleInfoW
FileTimeToSystemTime
WaitForSingleObjectEx
GetLastError
MapViewOfFile
LoadLibraryA
InterlockedIncrement
CreateWaitableTimerA
GetDriveTypeW
WriteConsoleW
OpenMutexW
DeviceIoControl
QueryDosDeviceA
GetSystemTime
ReleaseMutex
GetProcAddress
GetStartupInfoA
GetFileSize
cmutil
CmMoveMemory
CmFree
shell32
ExtractIconA
ShellAboutA
DuplicateIcon
SHGetDataFromIDListA
SHChangeNotify
DragQueryPoint
StrChrA
FindExecutableA
DllUnregisterServer
SHGetMalloc
SHGetDesktopFolder
ShellMessageBoxA
Exports
Exports
DllRegisterServer
Sections
.text Size: 12KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 32KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
csrss.ex_.exe.exe windows:4 windows x86 arch:x86
c64a1d6bfad8c05542b811bf6115ab59
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mfc42
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord609
ord800
ord2514
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord2512
ord1775
ord4407
ord5280
ord4425
ord3597
ord2575
ord6055
ord4078
ord1776
ord4396
ord5241
ord2385
ord5163
ord6374
ord4353
ord5290
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord3402
ord4627
ord3574
ord1146
ord1168
ord860
ord540
ord567
ord324
ord2370
ord2302
ord4234
ord4710
ord6334
ord2379
ord2554
ord4486
ord6375
ord4274
ord6052
ord4673
ord1576
msvcrt
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
_XcptFilter
_exit
srand
_gcvt
rand
__CxxFrameHandler
_setmbcp
exit
kernel32
GetModuleFileNameA
GetTickCount
GetModuleHandleA
GetStartupInfoA
CreateFileA
user32
SetTimer
KillTimer
ScreenToClient
GetCursorPos
InvalidateRect
EnableWindow
LoadIconA
SendMessageA
Sections
.text Size: 16KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 844KB - Virtual size: 843KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
d.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Exports
Exports
Tepakuzebupy
Burope
WugineFoqyxo
JoJoqyfewi
GazoConabygefo
Sections
CODE Size: 1024B - Virtual size: 964B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.idata Size: 512B - Virtual size: 171B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.crt Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 181B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 38B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 120KB - Virtual size: 207KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
d0a5cfec8e80622b3e194b5ee03e93d78c7ef3478bead6a039d213caaaa58523_Dumped_TDS=4F9911B3.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 436B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.mackt Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
d0a5cfec8e80622b3e194b5ee03e93d78c7ef3478bead6a039d213caaaa58523_TDS=4FA478A6.exe.exe windows:4 windows x86 arch:x86
eab51c0600845240b281f3cd3aff39ca
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrlenA
GetCurrentProcessId
LocalAlloc
GlobalAlloc
GetPriorityClass
GetEnvironmentStrings
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentStringsW
GetProcAddress
GetModuleHandleA
GetStartupInfoA
setupapi
SetupGetLineCountA
msvcrt
_adjust_fdiv
memcpy
_onexit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_exit
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
Sections
.text Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 48KB - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
d2164cdbc9c78db0115f382a139ccd758f8a25ebfc5ab3e0034e7aef0fe0b6b4_Dumped_TDS=4FB252FB.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
D:\my projects\bbac\output\Release\bbac.pdb
Sections
.text Size: 37KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 436B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mackt Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
d2164cdbc9c78db0115f382a139ccd758f8a25ebfc5ab3e0034e7aef0fe0b6b4_TDS=4FB30D08.exe.exe windows:4 windows x86 arch:x86
518151b350ef47dd17b5213c5d748a55
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GlobalAlloc
lstrlenA
GetStdHandle
CreateMutexA
LocalAlloc
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetStartupInfoA
setupapi
SetupDecompressOrCopyFileA
msvcrt
_adjust_fdiv
memcpy
_exit
_onexit
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_XcptFilter
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
Sections
.text Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.pdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 980B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 32KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 416B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
d4439055d2d63e52ffc23c6d24d89194_86e510605f1ee068bdc1ae306312652a__1.dll.dll windows:4 windows x86 arch:x86
86e510605f1ee068bdc1ae306312652a
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
InterlockedIncrement
InterlockedDecrement
GetTickCount
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameA
FreeLibrary
LoadLibraryA
WaitForSingleObject
TerminateThread
Sleep
CreateThread
GetCurrentProcess
VirtualProtect
GlobalAlloc
GlobalFree
GetCurrentThread
SetThreadPriority
GetComputerNameA
GetThreadContext
HeapReAlloc
SetThreadContext
HeapAlloc
HeapFree
Thread32First
HeapDestroy
HeapCreate
Thread32Next
OpenThread
CreateToolhelp32Snapshot
GetCurrentProcessId
SuspendThread
ResumeThread
VirtualQuery
VirtualFree
VirtualAlloc
GetSystemInfo
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WriteFile
GetStdHandle
DeleteCriticalSection
TlsAlloc
TlsSetValue
TlsFree
SetLastError
RaiseException
GetCPInfo
GetACP
GetOEMCP
ExitProcess
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetLocaleInfoA
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetFilePointer
GetConsoleCP
GetConsoleMode
RtlUnwind
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
LocalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
GetFileTime
CreateMutexA
GetLastError
GetWindowsDirectoryA
TlsGetValue
CreateFileA
user32
UpdateWindow
SystemParametersInfoA
ShowWindow
DefWindowProcA
CreateWindowExA
GetWindowLongA
SetWindowLongA
LoadIconA
KillTimer
PostQuitMessage
LoadCursorA
TranslateMessage
DestroyWindow
GetSystemMetrics
GetUserObjectInformationA
GetThreadDesktop
CreateDesktopA
CloseDesktop
SetThreadDesktop
GetClientRect
CopyRect
RegisterClassExA
GetMessageA
SendMessageA
GetWindow
DispatchMessageA
ChildWindowFromPointEx
GetAncestor
PostMessageA
MapWindowPoints
PeekMessageA
GetClassNameA
GetWindowRect
PtInRect
ClientToScreen
ScreenToClient
SetTimer
advapi32
RegOpenKeyExA
RegCloseKey
RegCreateKeyW
RegCreateKeyA
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
psapi
GetModuleInformation
ole32
CoGetClassObject
CoUninitialize
OleSetContainedObject
OleUninitialize
CoTaskMemAlloc
CoInitialize
OleInitialize
CoCreateInstance
OleCreate
CoDisconnectObject
oleaut32
SysFreeString
VariantInit
SysAllocString
VariantClear
version
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA
wininet
InternetCrackUrlA
urlmon
UrlMkSetSessionOption
URLOpenPullStreamA
oleacc
AccessibleObjectFromWindow
WindowFromAccessibleObject
ws2_32
inet_addr
inet_ntoa
imm32
ImmDisableIME
Sections
.text Size: 119KB - Virtual size: 119KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 23KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
d54d2a216e637bcd36e5217cfba98896.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 145KB - Virtual size: 145KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 8B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
d5f29750a8cb158d9b89a1e02e8addc5e410d1ddc48e660589144ade47f794c5.exe.apk android
com.tartiap.lnnhdatu
com.tartiap.lnnhdatu.dilmoeu
Activities
com.tartiap.lnnhdatu.dilmoeu
android.intent.action.MAIN
com.tartiap.lnnhdatu.eisosia
android.intent.action.VIEW
Permissions
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.DISABLE_KEYGUARD
com.android.browser.permission.READ_HISTORY_BOOKMARKS
com.sec.android.app.sbrowser.operatorbookmarks.permission.READ_HISTORY_BOOKMARKS
android.permission.PROCESS_OUTGOING_CALLS
android.permission.PROCESS_INCOMING_CALLS
android.permission.RESTART_PACKAGES
android.permission.RECEIVE_SMS
android.permission.CAMERA
android.permission.GET_TASKS
android.permission.GET_ACCOUNTS
android.permission.SYSTEM_ALERT_WINDOW
android.permission.ACCESS_WIFI_STATE
android.permission.CHANGE_NETWORK_STATE
android.permission.CHANGE_WIFI_STATE
android.permission.WRITE_SETTINGS
android.permission.KILL_BACKGROUND_PROCESSES
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_PHONE_STATE
android.permission.INTERNET
android.permission.WAKE_LOCK
android.permission.ACCESS_NETWORK_STATE
Receivers
com.dafmhc.rtgktino.nneaen
android.net.conn.CONNECTIVITY_CHANGE
android.system.cache
com.dafmhc.rtgktino.onlarse
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
android.intent.action.REBOOT
android.intent.action.BOOT_COMPLETED
android.intent.action.QUICKBOOT_POWERON
com.pmgiya.nestnu.eigulni
android.app.action.ACTION_DEVICE_ADMIN_DISABLE_REQUESTED
android.app.action.DEVICE_ADMIN_ENABLED
android.app.action.DEVICE_ADMIN_DISABLED
Services
com.tartiap.lnnhdatu.rnasdvs
android.system.operate
com.pmgiya.nestnu.edladeee
android.system.registat
-
d6c32b0146f219bdcb5cf524ea9e0047d9b9bd0fd7c395d5b11cbc4c3298824d.exe.zip
-
Transazione.Pdf______________________________________________________________.exe.exe windows:5 windows x86 arch:x86
380e5390f65e340268c2e7706d44415e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
GetModuleHandleW
GetTickCount
GetModuleFileNameW
IsDebuggerPresent
GetCPInfo
VirtualQuery
CreateFileA
CloseHandle
HeapSize
WriteConsoleW
GetConsoleOutputCP
GetModuleHandleA
GetCommandLineW
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
GetLastError
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
Sleep
ExitProcess
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetStdHandle
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlUnwind
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
HeapAlloc
VirtualAlloc
HeapReAlloc
WriteConsoleA
RaiseException
user32
GetWindowRect
IsZoomed
GetForegroundWindow
GetWindowLongW
GetDesktopWindow
GetCursor
advapi32
GetUserNameA
Sections
.text Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 366KB - Virtual size: 366KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
d889734783273b7158deeae6cf804a6be99c3a5353d94225a4dbe92caf3a3d48.exe.elf linux x86
-
daaa72f48bea498c5ac7ce9bc315e585ff11dad04d1eeb0d1b0ce33a28bedf2d.exe.exe windows:5 windows x86 arch:x86
7511ea923b51c6e2824a2cc82310820e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
ReleaseSemaphore
RtlUnwind
ScrollConsoleScreenBufferW
SetEvent
SetLastError
SetMailslotInfo
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
QueryPerformanceCounter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
QueryInformationJobObject
OpenMutexA
OpenFile
MultiByteToWideChar
LockFileEx
LockFile
LocalFree
LocalAlloc
LoadResource
LoadLibraryExA
LeaveCriticalSection
IsValidLanguageGroup
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapUnlock
HeapSize
HeapSetInformation
HeapFree
HeapAlloc
GlobalUnWire
GlobalAlloc
GlobalDeleteAtom
GetWriteWatch
GetVersionExW
GetVersionExA
GetUserDefaultUILanguage
GetTickCount
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStringTypeA
GetStartupInfoA
GetProcessHeap
GetPriorityClass
GetModuleFileNameW
GetModuleFileNameA
GetLastError
GetFullPathNameA
GetDiskFreeSpaceA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetComputerNameW
GetComputerNameA
FreeResource
FreeLibraryAndExitThread
FreeLibrary
FindResourceA
FindFirstFileExW
FatalExit
EraseTape
EnumDateFormatsExW
EnterCriticalSection
DnsHostnameToComputerNameW
DeleteCriticalSection
DebugBreak
CreateThread
CreateSemaphoreA
CreateFileMappingA
CreateEventW
CreateEventA
CloseHandle
CancelDeviceWakeupRequest
BindIoCompletionCallback
BackupWrite
BackupSeek
BackupRead
GetModuleHandleW
GetCommandLineA
GetFileAttributesA
GetDriveTypeA
lstrlenA
GetVersion
LoadLibraryA
GetProcAddress
VirtualAlloc
GetModuleHandleA
GetCommandLineW
lstrlenW
LoadLibraryW
UnhandledExceptionFilter
user32
UpdateLayeredWindow
UnhookWindowsHookEx
UnhookWindowsHook
SwitchDesktop
SetWindowLongA
SetSystemCursor
SetShellWindow
SetMenuItemBitmaps
ReleaseDC
RegisterWindowMessageA
RegisterClassA
RedrawWindow
PostThreadMessageA
PostQuitMessage
PostMessageA
OffsetRect
MsgWaitForMultipleObjects
MessageBoxIndirectA
IsMenu
IsCharAlphaW
InsertMenuA
InSendMessageEx
GetWindowWord
GetWindowTextLengthW
GetWindowModuleFileNameA
GetWindowLongA
GetTabbedTextExtentA
GetSubMenu
GetMonitorInfoW
GetMessagePos
GetMessageA
GetMenu
GetInputState
GetDoubleClickTime
GetClassInfoW
GetCapture
EnumDisplaySettingsW
EnumDisplayDevicesW
DrawFocusRect
DispatchMessageA
DialogBoxParamW
DefWindowProcA
DefDlgProcW
DdeGetData
DdeFreeDataHandle
DdeConnectList
ClientToScreen
ChildWindowFromPoint
CheckRadioButton
CharPrevA
CallNextHookEx
AppendMenuA
GetKeyState
CharNextW
UpdateWindow
GetSysColor
CharLowerW
CharLowerA
LoadIconW
GetDC
IsWindow
GetDlgItem
CharUpperW
CharNextA
DestroyWindow
CharUpperA
GetParent
LoadBitmapW
IsWindowVisible
GetSystemMetrics
CreateWindowExA
gdi32
SetViewportOrgEx
SetICMMode
StretchDIBits
PolyTextOutA
PlayMetaFile
GetTextFaceW
GetTextFaceA
GetOutlineTextMetricsW
GetLayout
GetFontData
GetDIBits
GetColorSpace
GdiSetAttrs
GdiIsMetaFileDC
GdiInitializeLanguagePack
GdiInitSpool
GdiEntry9
GdiEntry7
GdiEntry13
GdiEntry10
GdiConvertEnhMetaFile
GdiAddGlsRecord
ExcludeClipRect
EnumFontFamiliesExA
EnumEnhMetaFile
EngTransparentBlt
EngPaint
EngComputeGlyphSet
CreatePenIndirect
SaveDC
CreateCompatibleDC
AddFontResourceW
SetTextAlign
CreateMetaFileA
SetBkMode
GetEnhMetaFileA
GetEnhMetaFileW
SetTextColor
SelectObject
AbortPath
AddFontMemResourceEx
Arc
StartFormPage
CreateICW
advapi32
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegSetValueExW
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueW
RegDeleteValueA
RegDeleteKeyW
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
OpenProcessToken
MakeSelfRelativeSD
MakeAbsoluteSD
InitializeSecurityDescriptor
InitializeAcl
GetTokenInformation
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorLength
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetLengthSid
GetAclInformation
GetAce
FreeSid
EqualSid
DeleteAce
AllocateAndInitializeSid
AddAce
AddAccessDeniedAce
AddAccessAllowedAce
RegQueryValueExW
SetSecurityDescriptorOwner
ole32
CoUninitialize
CoTaskMemRealloc
CoTaskMemFree
CoTaskMemAlloc
CoSuspendClassObjects
CoRevokeClassObject
CoRegisterClassObject
CoInitializeEx
CoInitialize
CoCreateInstance
CoCreateGuid
msvcrt
_onexit
wcsspn
wcsrchr
wcsncmp
wcscspn
wcschr
towupper
swscanf
strchr
sscanf
realloc
memset
_XcptFilter
__CxxFrameHandler
__dllonexit
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_amsg_exit
_beginthreadex
_cexit
_controlfp
_exit
_initterm
_ismbblead
_lock
_purecall
_stricmp
_strnicmp
_ultow
_unlock
_vsnprintf
_vsnwprintf
_wcsicmp
_wcsnicmp
_wtoi
exit
free
iswalpha
iswascii
iswcntrl
iswdigit
malloc
memcpy
Sections
.text Size: 74KB - Virtual size: 73KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 14KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gt1 Size: 556KB - Virtual size: 555KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gt2 Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gt3 Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ggg Size: 91KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
ddbf1840bf626da19d8f3467fe9e20e2.exe.exe windows:5 windows x86 arch:x86
c46fc6dad3ad830f98729fc8700f4924
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
SetConsoleCtrlHandler
GetHandleInformation
GetCurrentProcess
SetProcessAffinityMask
VirtualAlloc
GetSystemTimes
GetProcessId
SetComputerNameExW
DuplicateHandle
OpenProcess
GetLastError
TerminateThread
GlobalAlloc
CloseHandle
LoadLibraryW
AddAtomA
GetModuleHandleW
lstrcpyW
SetProcessWorkingSetSize
GetTickCount
GetDriveTypeW
DecodePointer
EncodePointer
WriteConsoleW
GetConsoleCP
FlushFileBuffers
HeapReAlloc
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
RaiseException
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
ReadFile
GetConsoleMode
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
GetFileType
GetStringTypeW
GetProcessHeap
SetFilePointerEx
HeapSize
CreateFileW
user32
PostMessageW
CopyImage
SetScrollRange
BeginPaint
ShowScrollBar
Sections
.text Size: 60KB - Virtual size: 59KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 283KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
de882c049be133a950b6917562bb2313_583a76e23c1998307d702709dadbe103__3.dll.dll windows:4 windows x86 arch:x86
583a76e23c1998307d702709dadbe103
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
LoadLibraryExW
ExpandEnvironmentStringsW
FindFirstFileW
FindClose
FindNextFileW
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
GetFileSize
CreateMutexW
HeapCompact
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
HeapAlloc
SystemTimeToFileTime
QueryPerformanceCounter
HeapFree
InterlockedCompareExchange
UnlockFile
LockFile
OutputDebugStringW
GetTickCount
UnlockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
LoadLibraryW
Sleep
FormatMessageW
GetVersionExW
HeapDestroy
GetFileAttributesA
HeapCreate
HeapValidate
GetFileAttributesW
ReadFile
CreateFileW
FlushFileBuffers
GetTempPathW
HeapSize
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
OutputDebugStringA
GetVersionExA
DeleteFileW
GetCurrentProcessId
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
GetThreadContext
SetThreadContext
Thread32First
Thread32Next
OpenThread
VirtualProtect
GetCurrentThreadId
DeleteCriticalSection
ResumeThread
VirtualQuery
VirtualFree
VirtualAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RaiseException
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
SetHandleCount
GetFileType
GetStartupInfoA
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoA
GetLocaleInfoW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetCurrentDirectoryA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
InterlockedExchange
GetTimeZoneInformation
GetDriveTypeA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetModuleHandleA
CreateToolhelp32Snapshot
Process32Next
EnterCriticalSection
GlobalUnlock
LeaveCriticalSection
InitializeCriticalSection
GlobalLock
Process32First
GetPrivateProfileStringA
LoadLibraryA
GetProcAddress
FreeLibrary
GetEnvironmentVariableW
GetVersion
MultiByteToWideChar
WideCharToMultiByte
LocalFree
CreateThread
CloseHandle
GetLastError
TerminateThread
SuspendThread
WaitForSingleObject
user32
IsWindow
OpenClipboard
UnhookWindowsHookEx
SendMessageW
GetWindowThreadProcessId
ToUnicodeEx
OemToCharA
GetMessageA
SetTimer
PostThreadMessageA
EnumChildWindows
SetWindowsHookExA
CloseClipboard
GetKeyState
CallNextHookEx
DispatchMessageA
GetForegroundWindow
GetClassNameW
GetWindowTextW
GetClipboardData
GetKeyboardLayout
GetGUIThreadInfo
TranslateMessage
KillTimer
advapi32
CryptAcquireContextW
CryptReleaseContext
CryptImportKey
CryptDestroyKey
CryptDecrypt
CryptGetHashParam
CryptAcquireContextA
RegOpenKeyExA
CryptCreateHash
RegEnumValueA
RegEnumValueW
CryptDestroyHash
RegCloseKey
CryptHashData
RegQueryValueExW
RegQueryInfoKeyA
RegOpenKeyExW
RegEnumKeyExW
CryptDeriveKey
CryptSetKeyParam
shell32
SHGetFolderPathW
ole32
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
oleaut32
SysFreeString
VariantInit
VariantClear
wininet
FindCloseUrlCache
FindFirstUrlCacheEntryW
FindNextUrlCacheEntryW
crypt32
CryptUnprotectData
oleacc
AccessibleObjectFromWindow
Sections
.text Size: 541KB - Virtual size: 540KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 80KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 11KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
decrypt.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 96B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 736B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 1004B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
decrypted.ex_.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 3KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 16B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 91KB - Virtual size: 91KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ