gafgyt | master[.]zip

Sharing

General

Target

master.zip
Size

379.9MB
MD5

0bd94bb6c549b638b77f03fe3f748c23
SHA1

51585b4e6478353f5bc2323042bb4084aea6c142
SHA256

a31ab95f1cd95d696e7b127f5d750cde6a227bbc8f12202bfde6889f8bddfea5
SHA512

73998d9862f48fd6df007ea2cbad18875cbfde3ef542d39cec12ecf3d1b63a216b131c6d106b30d46c2be19ebd3046a05f89ad6875777ec4604b13702a019fe7
SSDEEP

6291456:xxBKdd2oT5xgBb3A25P7dgkXUGnwQtfdHMq64d2ISdiUkG7zuyKtvOB80Wpx:dY8G5xgp3Z5OmdHvdMNkG7FKtE80Wz

Score

10^/10

pdf upx pyinstaller macro mirai aspackv2 phishing vmprotect whosghost gafgyt redosdru mirai ammyyadmin kaiten gh0strat pony blackmoon xorddos runningrat

Malware Config

Extracted

Family

gafgyt

185.165.29.25:444

185.165.29.111:444

103.9.77.253:4444

107.174.34.68:23

107.174.34.70:23

179.43.146.30:23

185.145.131.236:23

185.145.131.173:23

185.145.131.243:23

185.165.29.24:444

198.167.140.187:53

185.165.29.41:444

185.165.29.47:444

69.90.132.142:53

185.165.29.39:444

77.247.178.189:23

185.165.29.127:666

Extracted

Family

redosdru

http://mazi.av666.us/NetSyst96.dll

http://123.184.40.33:19162/NetSyst96.dll

http://118.193.139.50:1237/NetSyst88.dll

http://qingxiaofeng.f3322.org:65520/STU.dll

http://211.141.154.154:8088/NetSyst96.dll

http://mazi.av666.us/NetSyst88.dll

Extracted

Family

mirai

Botnet

MIRAI

scan.oneneo.xyz

xo.midnight.pm

Extracted

Family

mirai

Botnet

MIRAI

scan.oneneo.xyz

cnc.oneneo.xyz

lana.midnight.pm

xo.midnight.pm

Extracted

Family

mirai

Botnet

MIRAI

scan.oneneo.xyz

xo.midnight.pm

Extracted

Family

mirai

Botnet

MIRAI

cnc.oneneo.xyz

scan.oneneo.xyz

lana.midnight.pm

xo.midnight.pm

Extracted

Family

mirai

Botnet

MIRAI

scan.oneneo.xyz

xo.midnight.pm

Extracted

Family

mirai

Botnet

MIRAI

cnc.oneneo.xyz

scan.oneneo.xyz

lana.midnight.pm

xo.midnight.pm

Extracted

Family

mirai

Botnet

MIRAI

cnc.oneneo.xyz

scan.oneneo.xyz

lana.midnight.pm

xo.midnight.pm

Extracted

Family

pony

http://www.munchiesdelight.com/vent/panel/gate.php

http://acgfinancial.gq/alozspongoogle/gate.php

Attributes

payload_url
http://www.munchiesdelight.com/vent/panel/shit.exe

Extracted

Family

xorddos

http://info1.3000uc.com/b/u.php

tt1.v5zz.com:3560

192.168.1.131:3826

abcd.com:8080

Attributes

crc_polynomial
EDB88320

xor.plain

Extracted

Family

mirai

Botnet

WHOSGHOST

network.bigbotpein.com

krebs.bigbotpein.com

Signatures

AmmyyAdmin payload 1 IoCs

resource	yara_rule
static1/unpack001/some-samples-master/11bc606269a161555431bacf37f7c1e4	family_ammyyadmin

Ammyyadmin family
ammyyadmin
Blackmoon family
blackmoon

Detect Blackmoon payload 1 IoCs

resource	yara_rule
static1/unpack001/some-samples-master/6ea5177e6c6dab05f0b38fb8d8f5c2d4	family_blackmoon

Detected Gafgyt variant 64 IoCs

resource	yara_rule
static1/unpack001/some-samples-master/010c1e2ffb9d2fc30a429b7db204ed7b	family_gafgyt
static1/unpack001/some-samples-master/093a129db41d875c403cc3e788718acf	family_gafgyt
static1/unpack001/some-samples-master/0dbe09fd79fdbb0cd9bc287bbba20ae4	family_gafgyt
static1/unpack001/some-samples-master/0f31a711956fcae6335b4c73ab710a0a	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/apache2	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/bash	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/cron	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/ftp	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/ntpd	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/openssh	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/pftp	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/sh	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/sshd	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/tftp	family_gafgyt
static1/unpack001/some-samples-master/103.9.77.253/wget	family_gafgyt
static1/unpack001/some-samples-master/1038d3cc5d3179a5da7f1bea2f660a0b	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/apache2	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/bash	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/cron	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/ftp	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/ntpd	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/openssh	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/pftp	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/sh	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/sshd	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/tftp	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.68/wget	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/apache2	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/bash	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/cron	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/ftp	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/ntpd	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/openssh	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/pftp	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/sh	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/sshd	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/tftp	family_gafgyt
static1/unpack001/some-samples-master/107.174.34.70/wget	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/bash	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/bash.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/cron	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/cron.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/ftp	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/ftp.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/ntpd	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/nut	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/nut.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/openssh	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/openssh.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/pftp	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/pftp.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/sh	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/sh.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/sshd	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/sshd.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/tftp	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/tftp.1	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/wget	family_gafgyt
static1/unpack001/some-samples-master/159.203.76.24/wget.1	family_gafgyt
static1/unpack001/some-samples-master/173.212.226.176/k32	family_gafgyt
static1/unpack001/some-samples-master/173.212.226.176/k38	family_gafgyt
static1/unpack001/some-samples-master/173.212.226.176/k48	family_gafgyt

Detects Kaiten/Tsunami Payload 64 IoCs

resource	yara_rule
static1/unpack001/some-samples-master/173.212.226.176/k32	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/k38	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/k48	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/k58	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/k64	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/k68	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/kar	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/kml	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/kms	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/kpc	family_kaiten2
static1/unpack001/some-samples-master/173.212.226.176/ksh	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k32	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k32.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k32.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k32.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k38	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k38.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k38.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k38.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k440	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k440.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k48	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k48.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k48.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k48.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k4l	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k4l.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k4t	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k4t.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k58	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k58.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k58.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k58.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k5l	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k5l.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k64	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k64.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k64.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k64.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k68	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k68.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k68.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k68.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k6l	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k6l.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k7l	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/k7l.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kar	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kar.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/km68.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/km68.2	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kml	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kml.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kml.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kml.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kms	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kms.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kms.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kms.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kpc	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kpc.1	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kpc.3	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/kpc.4	family_kaiten2
static1/unpack001/some-samples-master/5.189.171.210/ksh	family_kaiten2

Detects Kaiten/Tsunami payload 64 IoCs

resource	yara_rule
static1/unpack001/some-samples-master/173.212.226.176/k32	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/k38	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/k48	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/k58	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/k64	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/k68	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/kar	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/kml	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/kms	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/kpc	family_kaiten
static1/unpack001/some-samples-master/173.212.226.176/ksh	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k32	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k32.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k32.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k32.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k38	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k38.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k38.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k38.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k440	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k440.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k48	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k48.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k48.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k48.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k4l	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k4l.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k4t	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k4t.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k58	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k58.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k58.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k58.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k5l	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k5l.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k64	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k64.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k64.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k64.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k68	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k68.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k68.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k68.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k6l	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k6l.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k7l	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/k7l.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kar	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kar.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/km68.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/km68.2	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kml	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kml.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kml.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kml.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kms	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kms.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kms.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kms.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kpc	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kpc.1	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kpc.3	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/kpc.4	family_kaiten
static1/unpack001/some-samples-master/5.189.171.210/ksh	family_kaiten

Gafgyt family
gafgyt

Gh0st RAT payload 6 IoCs

resource	yara_rule
static1/unpack001/some-samples-master/260e3c90813fb8cbcadbd1d2631e1687	family_gh0strat
static1/unpack001/some-samples-master/26174ad308524227c51063d00ace9a7b	family_gh0strat
static1/unpack001/some-samples-master/2ae81302ee475219b0bcf0f177bfae7e	family_gh0strat
static1/unpack001/some-samples-master/73e815a756cc7422e87fba432ec575cd	family_gh0strat
static1/unpack001/some-samples-master/ce0a28a558b07ad3d9fa7b1225e5aa09	family_gh0strat
static1/unpack001/some-samples-master/e5ea2c907432eda61d245ca8eebca160	family_gh0strat

Gh0strat family
gh0strat
Kaiten family
kaiten
Mirai family
mirai
Pony family
pony
Redosdru family
redosdru

RunningRat payload 1 IoCs

resource	yara_rule
static1/unpack001/some-samples-master/b8bf2d99d00586a9ca87e4c10de7d2e2	family_runningrat

Runningrat family
runningrat

XorDDoS payload 1 IoCs

resource	yara_rule
static1/unpack001/some-samples-master/6f651328b7088ae6460724a40faa6c21	family_xorddos

Xorddos family
xorddos

Suspicious Office macro 1 IoCs

Office document equipped with macros.

macro

resource
static1/unpack001/some-samples-master/0771a7a8ac18f4c8357fb6bdf36502bf

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
static1/unpack001/some-samples-master/28fb687fbdcfc7ddf639d4662442cb11	aspack_v212_v242

VMProtect packed file 1 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/some-samples-master/ce759a2dbafd3ffb200c75cbf840a50f	vmprotect

Requests dangerous framework permissions 7 IoCs

description	ioc
Allows an app to create windows using the type LayoutParams.TYPE_APPLICATION_OVERLAY, shown on top of all other apps.	android.permission.SYSTEM_ALERT_WINDOW
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows access to the list of accounts in the Accounts Service.	android.permission.GET_ACCOUNTS
Allows an application to write to external storage.	android.permission.WRITE_EXTERNAL_STORAGE
Allows read only access to phone state, including the current cellular network information, the status of any ongoing calls, and a list of any PhoneAccounts registered on the device.	android.permission.READ_PHONE_STATE
Allows an application to read from external storage.	android.permission.READ_EXTERNAL_STORAGE

AutoIT Executable 3 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack001/some-samples-master/48100ae2327c512aa8e152a9bad32614	autoit_exe
static1/unpack001/some-samples-master/a2aed8c9f19b1f25a0adbef06071a9ca	autoit_exe
static1/unpack001/some-samples-master/fbfbffce9014ece7aac7a2ea7c6d0d77	autoit_exe

Malformed data in PDF
A PDF can contain malformed data to evade detection
pdf

UPX packed file 43 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/some-samples-master/0157d50dcd839afb5ec4b79cae965360	upx
static1/unpack001/some-samples-master/041d0d4f4c81575dda02d3e4e4a19eaf	upx
static1/unpack001/some-samples-master/0db6576a2b40f0e0ce9c09ae45d8105d	upx
static1/unpack001/some-samples-master/0f150f878a3f7f5e518ede83960e490f	upx
static1/unpack001/some-samples-master/10cfb7229c27ea6146a22ee7323390b9	upx
static1/unpack001/some-samples-master/1184a5166f8eaf6e9d83ccb7300e0a49	upx
static1/unpack001/some-samples-master/1454b8e731c97d2a06b41096a4fc7bda	upx
static1/unpack001/some-samples-master/1811285337a25c9e1f1a67452cbdf405	upx
static1/unpack001/some-samples-master/1d595738eea03bf526c3f585a8b62aaa	upx
static1/unpack001/some-samples-master/25c7cc5b578cf167590fa8cd194b9bea	upx
static1/unpack001/some-samples-master/28f65f1f4b30e226d6ca81535522442c	upx
static1/unpack001/some-samples-master/2a6b91e7dbc795eedd9d357e1e9d8e02	upx
static1/unpack001/some-samples-master/453d8a77ca97a5ba336bb07601e41fff	upx
static1/unpack001/some-samples-master/490449529b74cfcde90c7877814d7545	upx
static1/unpack001/some-samples-master/49f6bb9dc62521d42ea0d6cac534b57a	upx
static1/unpack001/some-samples-master/5153fa1cad24cb66d4bfa0a0d14c2dbd	upx
static1/unpack001/some-samples-master/5370b96ad1b77ece9cc34e30522e6005	upx
static1/unpack001/some-samples-master/59d4aa47323fe7c1106f99c1a84d31c0	upx
static1/unpack001/some-samples-master/6343e3ea75ac7f248d6ddbbc40660906	upx
static1/unpack001/some-samples-master/63c54c6691d60b1b050730ed64193a13	upx
static1/unpack001/some-samples-master/6ab1a56516d5ef8fd50c4c607f414759	upx
static1/unpack001/some-samples-master/802385019eac7a847e8c90ffc95d9ac6	upx
static1/unpack001/some-samples-master/8b4d731c42034e732c2df433f038f4d0	upx
static1/unpack001/some-samples-master/8bf4d5e163897e396398b42c5d0dc660	upx
static1/unpack001/some-samples-master/8c039eaf6d4f61fc2e0812582d781f04	upx
static1/unpack001/some-samples-master/904b677b0eed8f7862dcba7e66b05002	upx
static1/unpack001/some-samples-master/951099938ee7369496193795175a0692	upx
static1/unpack001/some-samples-master/995636f9bedea126114ac09a8fd5a0a6	upx
static1/unpack001/some-samples-master/9edd04ea0fe6d10b8033410ab4e84749	upx
static1/unpack001/some-samples-master/a300b525674b530d7d30be3bec9cc67d	upx
static1/unpack001/some-samples-master/a74766869b86277e6de5d7f0a3094ceb	upx
static1/unpack001/some-samples-master/aa8792c2f2e11a880661e60177515613	upx
static1/unpack001/some-samples-master/bf1fd48aae230c0a45323f7bfeb88176	upx
static1/unpack001/some-samples-master/bf663e2f1f4a9a11421f578628f7ee8d	upx
static1/unpack001/some-samples-master/ca1d43704efc432084374c690dc4f9a7	upx
static1/unpack001/some-samples-master/cae8a8524eeb0e7de1fb3704bd14b7ba	upx
static1/unpack001/some-samples-master/cf3c11163f16ea2ce4e0fdc884c31722	upx
static1/unpack001/some-samples-master/d40c91e2f94a124f98102c8c143bb563	upx
static1/unpack001/some-samples-master/ddbcac3eeafd7b58ac80f17be0263eb9	upx
static1/unpack001/some-samples-master/eb6ee085fb89027279ab53e1c6bc91e0	upx
static1/unpack001/some-samples-master/eebf3d63bc995b3dda4988670751bfb8	upx
static1/unpack001/some-samples-master/eec8a9f1e71d8d66b4de0daab316e75f	upx
static1/unpack001/some-samples-master/fcfaea4a013703b52d82c4fcb0aecd41	upx

Detected phishing page
Hiding page source
phishing

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/some-samples-master/05367b6e911d2a1d934bed7807a405e8	pyinstaller

Unsigned PE 438 IoCs

Checks for missing Authenticode signature.

resource
unpack001/some-samples-master/0157d50dcd839afb5ec4b79cae965360
unpack002/out.upx
unpack001/some-samples-master/033438e83f7195912faa9b0058760b49
unpack001/some-samples-master/03f0474cfb848e99f715e8cd59acdb6c
unpack001/some-samples-master/0400212cb20748b0899928617944fa35
unpack001/some-samples-master/040053a6988a0753dd0bdb1d54c9f09a
unpack001/some-samples-master/041d0d4f4c81575dda02d3e4e4a19eaf
unpack004/out.upx
unpack001/some-samples-master/044ebd46fd258b3e171d527d3931f082
unpack001/some-samples-master/05367b6e911d2a1d934bed7807a405e8
unpack001/some-samples-master/05d8e078a999a4d9f871569fc93966e8
unpack001/some-samples-master/065b9111c4ba27e837a0ceb3cd963356
unpack001/some-samples-master/06f862c049a8210b0b64d75fe4f7440c
unpack001/some-samples-master/0719037c7f5631c5d8551232a3a874a5
unpack001/some-samples-master/07a7ea1eeb988a77710cf25e31adfb55
unpack001/some-samples-master/08453c78a4c4e608dac8afcda9793077
unpack001/some-samples-master/08b938a9978f82efe446526c50372cde
unpack001/some-samples-master/0a2c841961c6b4b6b09a9bfc9a79a94c
unpack001/some-samples-master/0abd719d9108612e187eeacd63059b3b
unpack001/some-samples-master/0adebe74c4f4dd36f42de83360165928
unpack001/some-samples-master/0afa86234c4d4f54e4c96d08005ed1e8
unpack001/some-samples-master/0b1ca95c7a25652422d61aa53c17172b
unpack001/some-samples-master/0b40a2fff66d3c7f728b2d0e9ae861a6
unpack001/some-samples-master/0baa76aff41923c511bb56f88fe949cf
unpack001/some-samples-master/0c68af19725733f5551891cae27f4222
unpack001/some-samples-master/0db6576a2b40f0e0ce9c09ae45d8105d
unpack001/some-samples-master/0ed2773438d578e9fd7e9c0e92902820
unpack001/some-samples-master/0f150f878a3f7f5e518ede83960e490f
unpack007/out.upx
unpack001/some-samples-master/0f6777a7ab07757fab514933169d37c8
unpack001/some-samples-master/10052360d8bc7b894ba82d85a0440a01
unpack001/some-samples-master/106e6f0e5bd7763640d27503980fb446
unpack001/some-samples-master/10cfb7229c27ea6146a22ee7323390b9
unpack001/some-samples-master/1184a5166f8eaf6e9d83ccb7300e0a49
unpack009/out.upx
unpack001/some-samples-master/11fd85b0d430b1813516d7af9a743750
unpack001/some-samples-master/1229b82e79effc0134b976bccb7acfa0
unpack001/some-samples-master/12a41bbf4f905ccc9004721754b78064
unpack001/some-samples-master/12d5bad2f934cbf1384fecbb889fdc0e
unpack001/some-samples-master/1395c7506fece30615dd70276b68a27a
unpack001/some-samples-master/1454b8e731c97d2a06b41096a4fc7bda
unpack001/some-samples-master/14ef3ae1403ebde118b77e02b323942a
unpack001/some-samples-master/1517814c4d44cc632abb52d2d6307f15
unpack001/some-samples-master/158c6917263f9febc0d0c539d1afc1e1
unpack001/some-samples-master/15da1a241c86cc0f00ed3352a1450158
unpack001/some-samples-master/165622754f824013e5045cc3b252daf5
unpack001/some-samples-master/16b5bec618321daef93e58ec1eba7c51
unpack001/some-samples-master/1720b1748ad7b8ac0bfc1c3636fead95
unpack001/some-samples-master/175b35b7108e3bae4656870edb87e2b0
unpack001/some-samples-master/1811285337a25c9e1f1a67452cbdf405
unpack001/some-samples-master/1927aac48c95ecf61c50ec60ef643955
unpack001/some-samples-master/19532de6db3bda8916afaf8a555ef352
unpack001/some-samples-master/1993708e0c2e1502e2d49618927fb018
unpack001/some-samples-master/1a2ff52a28e6558f3bc67f334cd68b24
unpack001/some-samples-master/1a8030d54d5108e91fd86a72b62c58fe
unpack001/some-samples-master/1a89371ea1bfae68ce3242ce40d80bd3
unpack001/some-samples-master/1b36da50bf91cc64fb5cce52b1a34373
unpack001/some-samples-master/1bda150b6499ef328e9f5210fc8a60b7
unpack001/some-samples-master/1c1a6b70b5e2b13c019d5cbdf0f12738
unpack001/some-samples-master/1cc220919b386853ab90fdd8953a1e2d
unpack001/some-samples-master/1d595738eea03bf526c3f585a8b62aaa
unpack001/some-samples-master/1eb5b93203f2ee6d0cc0c61f634eeb63
unpack001/some-samples-master/1ed645b73efb041a4d9ba1365e5c02aa
unpack001/some-samples-master/1ef8ac208d26166d018632e66c1d11ce
unpack001/some-samples-master/2022ced584e0502d7783f111368bf90b
unpack001/some-samples-master/20a51bf0c489d3f2792cfae6ef4ee337
unpack001/some-samples-master/211b9ae69e887c1566927ad5961b72b8
unpack001/some-samples-master/21327f85d0fd09b558c9ceb5589cf90d
unpack001/some-samples-master/228b7e4fbf847a14e9892cdb13e48735
unpack001/some-samples-master/230606dd8b0d62e2a8a04ef61b2d8707
unpack001/some-samples-master/246fef4f911ea7a6de3be2a2414c1d06
unpack001/some-samples-master/250dc18291858c2e262159e16c129596
unpack001/some-samples-master/259996763570987566eb485409e5c134
unpack001/some-samples-master/25c7cc5b578cf167590fa8cd194b9bea
unpack001/some-samples-master/260e3c90813fb8cbcadbd1d2631e1687
unpack001/some-samples-master/26174ad308524227c51063d00ace9a7b
unpack001/some-samples-master/28770e17d1a6bffcaac19a1074b4c2b5
unpack001/some-samples-master/28f65f1f4b30e226d6ca81535522442c
unpack001/some-samples-master/28fb687fbdcfc7ddf639d4662442cb11
unpack001/some-samples-master/2967a855f21eabe467005cf2350ce14b
unpack001/some-samples-master/2a6b91e7dbc795eedd9d357e1e9d8e02
unpack001/some-samples-master/2ae81302ee475219b0bcf0f177bfae7e
unpack001/some-samples-master/2bc9d040b950ef893635e7e87ad1a38a
unpack001/some-samples-master/2cc80b81edb2133206d29ec44ed8aaa1
unpack001/some-samples-master/2ce0f26f8154e62ee21b0b1deecf203c
unpack001/some-samples-master/2d5509cffc232392ee99706a22dbb9f9
unpack001/some-samples-master/2d65edba1c5b8dd019ed516e5f7671dd
unpack001/some-samples-master/2dc95677d93972b17cf6cb26f18fa5d6
unpack001/some-samples-master/2de164e59aad8b980a3a9fac6a1e3991
unpack001/some-samples-master/3091dc5a93259d6112040f1f75a4f552
unpack001/some-samples-master/30a76f7935aa35cb2a5e6b1bd4d6aa49
unpack001/some-samples-master/3150a5dc0b76f9fe870ae0b889a0439e
unpack001/some-samples-master/316b770a101557bd9efe983e9b30501c
unpack001/some-samples-master/32fcfc7bebbc050814f6d2124340f4eb
unpack001/some-samples-master/345b327f97a632483f885eb2747d7413
unpack001/some-samples-master/34ee279f6006907db002c144aa621d04
unpack001/some-samples-master/3540ad8e052ff4c735336ec65e5ce07a
unpack001/some-samples-master/36297e785139d3f5c6de68cc4bf6a1a9
unpack001/some-samples-master/3806953d0eda6981eb74f6203b418cd1
unpack001/some-samples-master/382765c418f3feacd077235715721c17
unpack001/some-samples-master/389fe5ab3ba604684f41da181cfe1322
unpack001/some-samples-master/38ab51a820114973be8c0a18f6943d88
unpack001/some-samples-master/39168904db066b6604465734866d184d
unpack001/some-samples-master/3a3d445e26e05a8849e6d0e98aea1db8
unpack001/some-samples-master/3b5698b90dd761d8a2d085859164a540
unpack001/some-samples-master/3b5e01b8660510940a03cb5f4e6ac2e5
unpack001/some-samples-master/3c0447a8e05bc9ed43128ed22c22e23a
unpack001/some-samples-master/3c42d694a841d68ae71a7fc5d5666e98
unpack001/some-samples-master/3cdd9152472e707fd64184ed44d2b6b9
unpack001/some-samples-master/3d4e88b3ba4d128bb171b74b1f6f641a
unpack001/some-samples-master/3d88a57d3277ca5ec548a8fa7b2bd1cb
unpack001/some-samples-master/3de9332a6363d5004cf5b5fd415408d4
unpack001/some-samples-master/3e0777b65d74b7dae4fd10d55ef37d76
unpack001/some-samples-master/3e5e5b58fca0b1d36abb5c9905d8ab3b
unpack001/some-samples-master/3eab5d298c5423ff30cef60036c43472
unpack001/some-samples-master/3f652d9bc17a4be3c0e497ea19848344
unpack001/some-samples-master/3f728a8dd4c3663ecf741c25d3a0afe0
unpack001/some-samples-master/400436dbbd0d666ea83c76f87bb0baa2
unpack001/some-samples-master/408dd2723e016ab43403ee536fb4a653
unpack001/some-samples-master/40ab038edcb63ab93e99f271c15dab23
unpack001/some-samples-master/40ebefdec6870263827ce6425702e785
unpack001/some-samples-master/41dce00a064f8b11d00494dbe7d10512
unpack001/some-samples-master/4288509810e48d8a3595af5b090907be
unpack001/some-samples-master/42a333becf9ceecdde9b311933959d3d
unpack001/some-samples-master/44062802e4930b1b6289067522307c9d
unpack001/some-samples-master/453d8a77ca97a5ba336bb07601e41fff
unpack001/some-samples-master/46de6b51bee4d77f905451ef0f2cc2d2
unpack001/some-samples-master/48100ae2327c512aa8e152a9bad32614
unpack001/some-samples-master/484014cfcb70a39296ca04415f71a750
unpack001/some-samples-master/48569438a353a811f58dbfacf279efb7
unpack001/some-samples-master/486a409826c9ef0c933fb2ec27793909
unpack001/some-samples-master/490449529b74cfcde90c7877814d7545
unpack001/some-samples-master/49f6bb9dc62521d42ea0d6cac534b57a
unpack001/some-samples-master/4bcb724ec54739aa675b8028272f0f4e
unpack001/some-samples-master/4db52ef39c64ba2961d3edb8d5d3790a
unpack001/some-samples-master/4dc96972f615252173f94c7578b1759c
unpack001/some-samples-master/4e432458b79e109fb807841f9ac59fde
unpack001/some-samples-master/4ff4a8ac43c73b3829ec8452f7ef5ad7
unpack001/some-samples-master/4ffaa768d4605d6ee43767e388b49659
unpack001/some-samples-master/50c76bddbddbe1cf94c513a2e0c63e46
unpack001/some-samples-master/511756fb6e203ef95813b576a59af46e
unpack001/some-samples-master/5153fa1cad24cb66d4bfa0a0d14c2dbd
unpack001/some-samples-master/51cd0cb35fac3344d4edeeaf27af7e29
unpack001/some-samples-master/521d12adf82251412010d1332d00ca9d
unpack001/some-samples-master/5240dbac3452e83b53ee3094861945b1
unpack001/some-samples-master/529039ea1e25c7d74567e9ee935a4778
unpack001/some-samples-master/53309bd4c8bb25277f788383ee5c8b46
unpack001/some-samples-master/535a433087ae940e4c56a4494bbc40ce
unpack001/some-samples-master/5370b96ad1b77ece9cc34e30522e6005
unpack001/some-samples-master/56009819664c69234e701d7b5b8abdd0
unpack001/some-samples-master/5601c69020b1f8f0ca8db5d7c7cddd9d
unpack001/some-samples-master/574b6291056e7b0a466c75e79d00fad1
unpack001/some-samples-master/583eaf10e08ecca625132aa55ccf4822
unpack001/some-samples-master/59327342887ac2f25d057d9882f932d0
unpack001/some-samples-master/5952d08ff2b65a49574bc845f45d04a6
unpack001/some-samples-master/59b78fe5e224f029d39daf255366d7af
unpack001/some-samples-master/59c4666a1dba8f2640df9e70b708f6f3
unpack001/some-samples-master/59d4aa47323fe7c1106f99c1a84d31c0
unpack001/some-samples-master/5a9e9e381cfcdb93bbc12d68b8f29e9c
unpack001/some-samples-master/5abf5e44b169139e1da5b8b92378ed0b
unpack001/some-samples-master/5b396f7a6ac5f4364b1df8f27e789f92
unpack001/some-samples-master/5b47a6996341128e1cf696db9d0146d0
unpack001/some-samples-master/5e28aa7d4e48c41841852a991720e0c9
unpack001/some-samples-master/5fb5a0aa70b5b2a060325ecdc6d557fb
unpack001/some-samples-master/5fba3695c9d7bcb50e284e477e387331
unpack001/some-samples-master/5fefa28dc272db8c0958ca9d47e6c67d
unpack001/some-samples-master/5ffdc8b7825f72a04d5c97b6a4d80e7e
unpack001/some-samples-master/6075553af99fc0bb3832a74ccd1a0432
unpack001/some-samples-master/60845bcba502021120bd7783195a7c99
unpack001/some-samples-master/609a36eafa8fa35b7518cca1f7ce9110
unpack001/some-samples-master/60bff34118410797a6af975ad44f30b0
unpack001/some-samples-master/60f58cd5e93ad8bcaa5859d6386c87e8
unpack001/some-samples-master/6114d93e05f70d2c374b49e43dbffda3
unpack001/some-samples-master/61dae9a483748ecaacf9515cc1d8e7f1
unpack001/some-samples-master/621c0b356c49edc5ce4cf3ee88c30f82
unpack001/some-samples-master/62301e2210aa4d1b42409243ecac2225
unpack001/some-samples-master/6343e3ea75ac7f248d6ddbbc40660906
unpack001/some-samples-master/63855ded640246757df10a5a46ee6109
unpack001/some-samples-master/63a10ce379f80a6944dcd7adb4bf56f3
unpack001/some-samples-master/63c54c6691d60b1b050730ed64193a13
unpack001/some-samples-master/63f020fdd37d5fbbd716dc5e43d8dbae
unpack001/some-samples-master/64584e3e6a53cf2b078f363575826c8b
unpack001/some-samples-master/65047d9e2f90ed75a133096d982c44b5
unpack001/some-samples-master/656feb55eade6808af9aa5c5d1f00fab
unpack001/some-samples-master/6762dc5e8cf5687f9b8479c7818bd0e0
unpack001/some-samples-master/67770360f75083d30aabe37430e2e560
unpack001/some-samples-master/682fd115f075f91e920f296e4a62111f
unpack001/some-samples-master/683cf9bccccf3ab30d8655e0fc3996f6
unpack001/some-samples-master/69231c0c5f533a3bee41c1fbdbb53d88
unpack001/some-samples-master/6ab1a56516d5ef8fd50c4c607f414759
unpack001/some-samples-master/6af431cc9821d0a6d956a228e7943b0a
unpack001/some-samples-master/6b84d15c887367907dac30e8d07fbbe4
unpack001/some-samples-master/6bd26cf5c685f77d039470ae3395cc5d
unpack001/some-samples-master/6c4451e10064eb10d087edc76b44c4eb
unpack001/some-samples-master/6cd9bea620cd41caa1eda4ecc3721a34
unpack001/some-samples-master/6d7ef86775a953d44f42dfcd53abd646
unpack001/some-samples-master/6dc33eb4cf615919897a419c6c96e46e
unpack001/some-samples-master/6ea5177e6c6dab05f0b38fb8d8f5c2d4
unpack001/some-samples-master/6f3922a916f999c436898967b8f6a8a9
unpack001/some-samples-master/6f42f6160b72c55d6f77787604254f5e
unpack001/some-samples-master/707df6533b2e87cc37187391ce44a4c5
unpack001/some-samples-master/70894ef96231f052f4a21676f53f277f
unpack001/some-samples-master/71458de6b8b101323f43751aab1e5f0d
unpack001/some-samples-master/7239f60af00f3d5151452af63faa9c68
unpack001/some-samples-master/72f9bfb879b2a6ff7ce436ddbdca9a75
unpack001/some-samples-master/73178297b175c8706ec7cb05eae84e70
unpack001/some-samples-master/73e68c1bf7a0bf425369f14c58648d40
unpack001/some-samples-master/73e815a756cc7422e87fba432ec575cd
unpack001/some-samples-master/7411c3317e75cc79b5b946575d8f3ea7
unpack001/some-samples-master/74343ab4a8f640c93997d619af4bb125
unpack001/some-samples-master/74c5ddfd3e2fd6bdd5b873f87d10c9b1
unpack001/some-samples-master/7538a91b893c216dcb93e58bac16de9e
unpack001/some-samples-master/754909c485b8b02e3097fb4d99c66e39
unpack001/some-samples-master/7561f95f0f001441634fdac906030b72
unpack001/some-samples-master/75a17fdecf691351a31ae5fba30a8168
unpack001/some-samples-master/75f0638e40cb937d9a553eb08b57d54c
unpack001/some-samples-master/774ddd848f1349fc4490cc3b5b1d8324
unpack001/some-samples-master/779df3e9d22b688c2483a16130d3887c
unpack001/some-samples-master/77c7368474ad38adbb4cc87861ff4454
unpack001/some-samples-master/7954fe5bbef387bc9f117ac9cf20aab0
unpack001/some-samples-master/7a0e087457d980d162024a5e32459e19
unpack001/some-samples-master/7a1a46ee84e1d2689317ef2f0999830f
unpack001/some-samples-master/7a7420bb625e807b18b96dfea38b6e78
unpack001/some-samples-master/7d2de57b6fdc8f679e0ecbfd072b3792
unpack001/some-samples-master/7d50dd3519e87fcf78ee0342dfd8fef8
unpack001/some-samples-master/7e067bca9ec00d81dad93181bbc5e607
unpack001/some-samples-master/7e2871b8d37f12f2954d4e84643b6496
unpack001/some-samples-master/7e74627dcb8707c41c7f44c0d5106aec
unpack001/some-samples-master/7eef50ffbfde57a8556dee36ea16d8ae
unpack001/some-samples-master/7f86a0661c7b4b6f0f209734d3f4f9f6
unpack001/some-samples-master/7feccbef4ed3a323ed763d24d022e4df
unpack001/some-samples-master/8009e4433aad21916a7761d374ee2be9
unpack001/some-samples-master/802385019eac7a847e8c90ffc95d9ac6
unpack001/some-samples-master/80a3314f16d6bdc4278f849023f4c206
unpack001/some-samples-master/818818f23802d9f4730f9b19dae7cc0a
unpack001/some-samples-master/81ae92669839137a7de49b6872daa37d
unpack001/some-samples-master/825a2caa170dcc1d89275757e29a51f3
unpack001/some-samples-master/8293defcb63d004f63772ec6e5c4af69
unpack001/some-samples-master/85875718160f86a6b2a50befab250f43
unpack001/some-samples-master/85898e64ffc1675bad1d52278bbb14eb
unpack001/some-samples-master/85956d7b3126d1793b2e40b07906ee1a
unpack001/some-samples-master/85c70c3437ebe4b0b630a653b7a480ab
unpack001/some-samples-master/8689f535c76384d25e9f8505ca8c5d43
unpack001/some-samples-master/86e9bd5c25896e156f8c8880bbde4aa9
unpack001/some-samples-master/8742a138c7d2e6c762533a25f67b40a6
unpack001/some-samples-master/88320a273ade0faac495e3973390a301
unpack001/some-samples-master/8843dd6c0d37f2b24cc3f3e5ce5564cb
unpack001/some-samples-master/8958c1a8a7763b18bb28b5a75bab5d50
unpack001/some-samples-master/897b5cf83b914cb1115da050d5b85e71
unpack001/some-samples-master/89bc29851374029d6263d6f9c7317bbf
unpack001/some-samples-master/89ed8780cae257293f610817d6bf1a2e
unpack001/some-samples-master/8b4d731c42034e732c2df433f038f4d0
unpack001/some-samples-master/8bf4d5e163897e396398b42c5d0dc660
unpack001/some-samples-master/8c039eaf6d4f61fc2e0812582d781f04
unpack001/some-samples-master/8d9de9b4f1ba883703a72da3d7c0f63b
unpack001/some-samples-master/8dbdd9122dadc54f21747cc4f0ab267c
unpack001/some-samples-master/8e2b714a764d849f44757244b10afe6d
unpack001/some-samples-master/8e6bfea06cb00553ee29b3822b349bd6
unpack001/some-samples-master/8ef9adffb514ff67aa8c36eabb4a8505
unpack001/some-samples-master/8f04b2750034c29e85648fb2d10fb788
unpack001/some-samples-master/8f1c524cd3dd25e3d7b0e958db51048f
unpack001/some-samples-master/91072ab67693d55655781c1ac624e04a
unpack001/some-samples-master/91a61e3be9cc7251972f6ee8d4836cb4
unpack001/some-samples-master/91c25bd8f25df7c7054e4d617ff5859b
unpack001/some-samples-master/939c552fbc07410a99400ebcbcafcc2f
unpack001/some-samples-master/93b124fd91692f34b438893ec24fafae
unpack001/some-samples-master/951099938ee7369496193795175a0692
unpack001/some-samples-master/995636f9bedea126114ac09a8fd5a0a6
unpack001/some-samples-master/996c2b2ca30180129c69352a3a3515e4
unpack001/some-samples-master/99e16f11a0698d3ba32a79f74ef426b6
unpack001/some-samples-master/9a82e7615a8e385ccad3f2489e3d4270
unpack001/some-samples-master/9b9fa2d8cbca3ab72f4ff49b43a3e139
unpack001/some-samples-master/9badf1f59d53811ca267be44db4d1a3b
unpack001/some-samples-master/9c74958288c2bf97d47278713d6cadbb
unpack001/some-samples-master/9c7d8e9d3a93425d97d4ec0d6040edc7
unpack001/some-samples-master/9d74d29bf8b5fd1647167f28f5b960c7
unpack001/some-samples-master/9ed5b26e4f30b0b93f3c20dc9601c69b
unpack001/some-samples-master/9edd04ea0fe6d10b8033410ab4e84749
unpack001/some-samples-master/9f7c52579eee931f7f702aa724cfeb8c
unpack001/some-samples-master/9f89b03b643dfff83e0d38f760cf773d
unpack001/some-samples-master/a1189ffb5f1bfd6feaec9a9363f0c126
unpack001/some-samples-master/a1cb6b40b49d78103444c32f4f5c1022
unpack001/some-samples-master/a2aed8c9f19b1f25a0adbef06071a9ca
unpack001/some-samples-master/a300b525674b530d7d30be3bec9cc67d
unpack001/some-samples-master/a3e21eaf099d33e5c82062e46ffc537b
unpack001/some-samples-master/a434ad1696258dec5357d78a8b8974ae
unpack001/some-samples-master/a456188b902062bd9ffa19c219c6fd1f
unpack001/some-samples-master/a55b9addb2447db1882a3ae995a70151
unpack001/some-samples-master/a63b52ff9f8d7436d23abde2ef81c9a5
unpack001/some-samples-master/a74766869b86277e6de5d7f0a3094ceb
unpack001/some-samples-master/a7b19fa2603ce6e652dcd281f4259b5c
unpack001/some-samples-master/aa8792c2f2e11a880661e60177515613
unpack001/some-samples-master/aaf1daa82802809808329b0e88af63f2
unpack001/some-samples-master/ab53dd7afdcbfc2310eddf02c7f7b5da
unpack001/some-samples-master/aba1850d725e94269e88bb91e3a28eac
unpack001/some-samples-master/aba2d86ed17f587eb6d57e6c75f64f05
unpack001/some-samples-master/ad4c1dd7282a183d83cd0befec7276d6
unpack001/some-samples-master/ada42a5224fa8eefb8df470f4f4a1d90
unpack001/some-samples-master/ae12bb54af31227017feffd9598a6f5e
unpack001/some-samples-master/ae2e796443d66a9838e2ef9418c66f20
unpack001/some-samples-master/aea474acdcd38dd1e977d18d71b42a3b
unpack001/some-samples-master/af09317971cc46ebf8affbad4c323372
unpack001/some-samples-master/b0072a5ab9de3ba507a19615c09d38ee
unpack001/some-samples-master/b035ddc1f0738c3f90cb5c0b804e1775
unpack001/some-samples-master/b0cd3d088eb05f326d67fd6e39ef73e0
unpack001/some-samples-master/b12f7b40eab2f0bfdb630e2c9d8ca91c
unpack001/some-samples-master/b2c03024ad43a1829c7c3384866de8e6
unpack001/some-samples-master/b45191e9cb211dd3d03c70e8f6d3a496
unpack001/some-samples-master/b4c3eb66967be33e3b6e8afd9dc95bd2
unpack001/some-samples-master/b560121eee6712b446c952d6b6a765b1
unpack001/some-samples-master/b5b63b7518f122f81bb415dabd9552de
unpack001/some-samples-master/b7d598174f269019592dfadf98741f54
unpack001/some-samples-master/b7f05ebd44042521156058ad6f502ea8
unpack001/some-samples-master/b88f4f911fb1e01bf693c23f8f67f861
unpack001/some-samples-master/b8bcc3d6564d7c4385696a02d90b1c6c
unpack001/some-samples-master/b8bf2d99d00586a9ca87e4c10de7d2e2
unpack001/some-samples-master/b92f8f94aebcaad1a2c6f1c0bbb53974
unpack001/some-samples-master/b9e38afedc8580e4cefdc1a55d278982
unpack001/some-samples-master/ba61f2157ddd1effa6a39470fdbcdbef
unpack001/some-samples-master/bab1c043a2fba947f682b6a012a9f362
unpack001/some-samples-master/bac2139a8642ac742944a56536e3c23e
unpack001/some-samples-master/bb8e7b24085ec90cb0d009f1e4171639
unpack001/some-samples-master/bbca9b30b33a8a0d2af2d231f5d236e3
unpack001/some-samples-master/bbe66dcf224dc72fcdf5f977e7a9aa85
unpack001/some-samples-master/bbebdf7ebc05bc51f17cac713f89c59b
unpack001/some-samples-master/bca6b5961501a06924152765fcc34927
unpack001/some-samples-master/bcd74a3d98b02c29085ab040be6c6166
unpack001/some-samples-master/be63dcb074361039ebe932d800858a50
unpack001/some-samples-master/be993ec8adf0ff174334c6cdd19b8e40
unpack001/some-samples-master/bf1fd48aae230c0a45323f7bfeb88176
unpack001/some-samples-master/bf663e2f1f4a9a11421f578628f7ee8d
unpack001/some-samples-master/c0da979c2c7c8e15b925bd9c662c3506
unpack001/some-samples-master/c1736b814389cb6602329186c8181b35
unpack001/some-samples-master/c1a25e62ad4e999841e2f4e325aceccd
unpack001/some-samples-master/c1ed645e76739a2d4559f6f499a009dc
unpack001/some-samples-master/c1fc4f4d554c733bb80490750c9fb5c3
unpack001/some-samples-master/c29986f0da4fb7c86b44bf91cd84497e
unpack001/some-samples-master/c2fcfb112bb4824fc542d7ab8dfdb627
unpack001/some-samples-master/c3d10a9c2dbe063d6c8b0259fd7fde67
unpack001/some-samples-master/c4e0a5bba00000a045c6937e16065f24
unpack001/some-samples-master/c50f098872cff26ee5aed262273d4ebf
unpack001/some-samples-master/c52248f66e3be1f01bc92d19266015e1
unpack001/some-samples-master/c57f6053a26adde30b97c7f23e27e67b
unpack001/some-samples-master/c5c9571700c68c9d29f58a07db6b37ee
unpack001/some-samples-master/c6c6c6c8938a209b6ac7d4633598897a
unpack001/some-samples-master/c77f9b8f3ae8487316627c3dc47bc6bd
unpack001/some-samples-master/c7963e0f20081867a108893fba878680
unpack001/some-samples-master/c86b9c09258f31e1bca843e9c74a9049
unpack001/some-samples-master/c88efe442e53e9bf48d858978f68cba5
unpack001/some-samples-master/c8be3a7e91cfa426531935853823e4ba
unpack001/some-samples-master/c8c45e2e8b99d4b6ec84fc6e0373b260
unpack001/some-samples-master/c97a51579408490bef8fe843f7171f00
unpack001/some-samples-master/c9dc36146bd454810db8637e971a9800
unpack001/some-samples-master/ca1d43704efc432084374c690dc4f9a7
unpack001/some-samples-master/ca89d207ced5fb0cdb87ff148f607447
unpack001/some-samples-master/cae8a8524eeb0e7de1fb3704bd14b7ba
unpack001/some-samples-master/cb10e48c6a73dbd10d3d12ffad65ea69
unpack001/some-samples-master/cba87dafb959a4a20692d2cd4ea0c820
unpack001/some-samples-master/cbde4cd2ea60ef92fa85279c635fae35
unpack001/some-samples-master/cdf4f36260549df807f21ed17dbeb630
unpack001/some-samples-master/ce0a28a558b07ad3d9fa7b1225e5aa09
unpack001/some-samples-master/ce63de48f8e73d825da0e6ce5f8d185c
unpack001/some-samples-master/ce759a2dbafd3ffb200c75cbf840a50f
unpack001/some-samples-master/cea5278394bce8713dc1f282619c0c44
unpack001/some-samples-master/ceec01f1321c4abd3a319adba71b8ce1
unpack001/some-samples-master/cf3c11163f16ea2ce4e0fdc884c31722
unpack001/some-samples-master/d14bc9efe80aeb7d172cbb590f80eba7
unpack001/some-samples-master/d21ecc08d442e227087064634912bed3
unpack001/some-samples-master/d21f48ba215faa68388323950b2edcc2
unpack001/some-samples-master/d335904e0fc1209cced63553bebb5203
unpack001/some-samples-master/d40da1f72e74cc5c70d4acfdb1bfcf8e
unpack001/some-samples-master/d51a275d1eeca59849ba6fc7fb65dab7
unpack001/some-samples-master/d5dd6485c449a5595cb1bf8aee934d4c
unpack001/some-samples-master/d6c4ca1164323b956f0e3607af4e7997
unpack001/some-samples-master/d8370e8b5aab1149efc1424cfdcd28f5
unpack001/some-samples-master/dca6264d41ed671cc2775f8ed78a318b
unpack001/some-samples-master/dd4d46b9612efc391469bba8553358b6
unpack001/some-samples-master/ddbcac3eeafd7b58ac80f17be0263eb9
unpack001/some-samples-master/ddf47abbabb81324524a67cd54712c1f
unpack001/some-samples-master/de8a03cda24007751d76f6db55b8a14b
unpack001/some-samples-master/deed3a3ac601dfc6d01bddbe1e35a59e
unpack001/some-samples-master/def03c7e2ff7606986d35e6c35deb944
unpack001/some-samples-master/e0638234fb697f2c4ff961fee8f702f6
unpack001/some-samples-master/e0c9b706b33501c4eacfb11ea3ecc299
unpack001/some-samples-master/e0ddd8bf8e3b97ad25855721dc75daae
unpack001/some-samples-master/e35c9d795e7fb1db54465ef46d70efe6
unpack001/some-samples-master/e49bce75070a7a3c63a7cebb699342b3
unpack001/some-samples-master/e4bf2a30dbd845dd020ff7d73f6e3a07
unpack001/some-samples-master/e51d220f7c36714e7b156e2b36ec80fe
unpack001/some-samples-master/e5297cd3c8e1d2436ceec5a1202aadb9
unpack001/some-samples-master/e5511f2e961a0d1d382d37741daedc42
unpack001/some-samples-master/e5552fd7aec3f66bf72abfee200a0187
unpack001/some-samples-master/e5ea2c907432eda61d245ca8eebca160
unpack001/some-samples-master/e67d157a41bdafc13270edbce3e1c2a5
unpack001/some-samples-master/e76746853eb1a4e83cc928a0cb52bbce
unpack001/some-samples-master/e8c94edc96d9a7ed1a23f546bb8d8b76
unpack001/some-samples-master/e8dcd9656c674dddc995fbcfee7a21ce
unpack001/some-samples-master/e8dd64c28995b7dea36715c70c256085
unpack001/some-samples-master/e8e1c00a586bf69bb7bd967ebbfb162e
unpack001/some-samples-master/e9da72d8ac0ce4aeca62a54396c4bc72
unpack001/some-samples-master/e9ee6a2d73bb09393df9f62940a318d3
unpack001/some-samples-master/eab58be633f14973c4fb785da2f72330
unpack001/some-samples-master/eb18a7d302bbc8c0b3ed2cd1612e8d59
unpack001/some-samples-master/eb3e131b337941e07dcdd51b1e04124d
unpack001/some-samples-master/eb5a2cb8b2f86152184e0ffedc333231
unpack001/some-samples-master/eb6ee085fb89027279ab53e1c6bc91e0
unpack001/some-samples-master/eba7a21116e0e8de53f605aab3a4344b
unpack001/some-samples-master/ec091d840d8e6e179804cf5a2ea81e58
unpack001/some-samples-master/eca76979b83142f1a9531a0c7ab01779
unpack001/some-samples-master/eccb44e2a6cb4ece00f17f2a56d918f4
unpack001/some-samples-master/ed077a76c6a51876c50acfba71801cc1
unpack001/some-samples-master/ed64809b8d2ae44b98266a8e7009b767
unpack001/some-samples-master/ee0efafc69a13cd57d714ffdc603d8fc
unpack001/some-samples-master/ee8bbd4ec4f19684f279054448a27601
unpack001/some-samples-master/eebf3d63bc995b3dda4988670751bfb8
unpack001/some-samples-master/eec8a9f1e71d8d66b4de0daab316e75f
unpack001/some-samples-master/ef847188568e63d01eb20d1fb9e3bee2
unpack001/some-samples-master/ef999396ff80bd6d36550e2eba54eae4
unpack001/some-samples-master/efdb6033dccf27fe103b8fc13bc4f2d7
unpack001/some-samples-master/f0586879d9a3ec0ce2e1ee66c8fd1929
unpack001/some-samples-master/f0b9f50c6a247ac5ca9cc95135b83dcf
unpack001/some-samples-master/f0ebb02a5937d7ab0a70f5ed8c47a639
unpack001/some-samples-master/f231ea2ef5967a229eaeeeb620a369de
unpack001/some-samples-master/f344fd5de76240617d34c5c019e6c3f8
unpack001/some-samples-master/f41dbc94bda2639b17966e1ac024e5c9
unpack001/some-samples-master/f572aeaf0c71b394d177f7161fadc3b6
unpack001/some-samples-master/f5de3fd248004cecbe23054f31b0f3ad
unpack001/some-samples-master/f5eb53b4920c97595bcea81b5cf3c0e5
unpack001/some-samples-master/f62e0d79f8f442903fd5f4f5e9bc47ee
unpack001/some-samples-master/f62f911042f2165c5ff465f74a7ca202
unpack001/some-samples-master/f671d23d45ca06e64d8e4c801254a19c
unpack001/some-samples-master/f9c2d8dc6d0fc4e5cc64d141bee41c41
unpack001/some-samples-master/fbfbffce9014ece7aac7a2ea7c6d0d77
unpack001/some-samples-master/fc2f4a1746fb1d8418c6bd867b1973bd
unpack001/some-samples-master/fcfaea4a013703b52d82c4fcb0aecd41
unpack001/some-samples-master/fd365e280b5d5125d7045fd10f877e58
unpack001/some-samples-master/fdbcc27417a705f78f340db3101bd95d
unpack001/some-samples-master/ffdee03cb4c4c23b2db269b47e4669d5

NSIS installer 31 IoCs

installer

resource	yara_rule
static1/unpack001/some-samples-master/11ec260e74560de7c5470dc101d7a9a8	nsis_installer_2
static1/unpack001/some-samples-master/14ef3ae1403ebde118b77e02b323942a	nsis_installer_1
static1/unpack001/some-samples-master/14ef3ae1403ebde118b77e02b323942a	nsis_installer_2
static1/unpack001/some-samples-master/34ede954ca99e626bb26e15a72ebf069	nsis_installer_2
static1/unpack001/some-samples-master/39be7b0264476422173df484bd34ee0f	nsis_installer_2
static1/unpack001/some-samples-master/4bcb724ec54739aa675b8028272f0f4e	nsis_installer_1
static1/unpack001/some-samples-master/4bcb724ec54739aa675b8028272f0f4e	nsis_installer_2
static1/unpack001/some-samples-master/6075553af99fc0bb3832a74ccd1a0432	nsis_installer_1
static1/unpack001/some-samples-master/6075553af99fc0bb3832a74ccd1a0432	nsis_installer_2
static1/unpack001/some-samples-master/75a17fdecf691351a31ae5fba30a8168	nsis_installer_1
static1/unpack001/some-samples-master/75a17fdecf691351a31ae5fba30a8168	nsis_installer_2
static1/unpack001/some-samples-master/82cbd932efd941c62d388c3942167bb1	nsis_installer_2
static1/unpack001/some-samples-master/897b5cf83b914cb1115da050d5b85e71	nsis_installer_1
static1/unpack001/some-samples-master/897b5cf83b914cb1115da050d5b85e71	nsis_installer_2
static1/unpack001/some-samples-master/8e2b714a764d849f44757244b10afe6d	nsis_installer_1
static1/unpack001/some-samples-master/8e2b714a764d849f44757244b10afe6d	nsis_installer_2
static1/unpack001/some-samples-master/c1736b814389cb6602329186c8181b35	nsis_installer_1
static1/unpack001/some-samples-master/c1736b814389cb6602329186c8181b35	nsis_installer_2
static1/unpack001/some-samples-master/c79dfcd9b989f48ae7900d41a2164618	nsis_installer_2
static1/unpack001/some-samples-master/cf36c081e492947b8f2d2b6022dad222	nsis_installer_1
static1/unpack001/some-samples-master/cf36c081e492947b8f2d2b6022dad222	nsis_installer_2
static1/unpack001/some-samples-master/dca6264d41ed671cc2775f8ed78a318b	nsis_installer_1
static1/unpack001/some-samples-master/dca6264d41ed671cc2775f8ed78a318b	nsis_installer_2
static1/unpack001/some-samples-master/ef7d1863f4980ab0c8bda142fee67f92	nsis_installer_1
static1/unpack001/some-samples-master/ef7d1863f4980ab0c8bda142fee67f92	nsis_installer_2
static1/unpack001/some-samples-master/f0ebb02a5937d7ab0a70f5ed8c47a639	nsis_installer_1
static1/unpack001/some-samples-master/f0ebb02a5937d7ab0a70f5ed8c47a639	nsis_installer_2
static1/unpack001/some-samples-master/f344fd5de76240617d34c5c019e6c3f8	nsis_installer_1
static1/unpack001/some-samples-master/f344fd5de76240617d34c5c019e6c3f8	nsis_installer_2
static1/unpack001/some-samples-master/f3c14bca37b316604004ca1de2a9e85a	nsis_installer_1
static1/unpack001/some-samples-master/f3c14bca37b316604004ca1de2a9e85a	nsis_installer_2

Files

master.zip
.zip
some-samples-master/000c817925bc84f700337ac1307bb1b1
.html
some-samples-master/00c5a99a4a45fd4fa41f2a1dcf8690ff
.js
some-samples-master/00d2876c4ad4ef3bfefe452f55da9432
.html .js polyglot
some-samples-master/010c1e2ffb9d2fc30a429b7db204ed7b
.elf linux x64
some-samples-master/0138333b333805fa0baf93f6d0ccf342
.html .js polyglot
some-samples-master/0157d50dcd839afb5ec4b79cae965360
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 940KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 589KB - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 484KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 888KB - Virtual size: 884KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/015f8027e55c523a326dd06a1082b5f4
.js
some-samples-master/019be7ae89b0e13eb1b0f1ceb1d355fc
.js
some-samples-master/01ac76f3ad93c942aa0c88ff747d06fd
.js
some-samples-master/01c3927bd930a986d3eb6b8662527ed5
.js
some-samples-master/01cf52ba3d0b385551b1d9fcad2e7b59
.html .js polyglot
some-samples-master/01d8f0b4a1bef3acef8ec448a640bbb5
.js
some-samples-master/01e080585e79879ea4e54844a2737d84
.html .js polyglot
some-samples-master/01ed8720e305d7f53ee7cf91f1e4ca8e
.html .js polyglot
some-samples-master/02150a19ad62efe92ebb7bc8a15daa4f
.js
some-samples-master/02169ba27d563c5b0bcf3cae3910a0f6
.js
some-samples-master/025bd85aa045e26d7119ef83020740cf
some-samples-master/027159c684c78666d4a1eac52f89cd57
.html
some-samples-master/029ae6facedcbfccc0d3c3b67f22f981
.js
some-samples-master/02a2271ab9a4dc40c18ae373ce5f5e76
.html .js polyglot
some-samples-master/02b4ae8f58aa467ccc35354f25588660
.js
some-samples-master/02b6b06bd6de4bf0c35fff9cc9777139
.js
some-samples-master/02b97e4dc929c4ceca97b7b8160ea699
.html
some-samples-master/0328c5d684b71ef077471f8c0db26bec
.html .js polyglot
some-samples-master/033438e83f7195912faa9b0058760b49
.exe windows:5 windows x86 arch:x86

bdf0bfb5a047e04bc36fa07c99211d26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClipboardFormatA

gdi32

ExtSelectClipRgn

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA

advapi32

RegSetValueExA

shlwapi

PathFindFileNameA

oledlg

ord8

ole32

CoRevokeClassObject

oleaut32

SysAllocStringLen

Sections

.text
Size: 111KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/0357aa49ea850b11b99d09a2479c321b
.html
some-samples-master/03f0474cfb848e99f715e8cd59acdb6c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 479KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0400212cb20748b0899928617944fa35
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 542KB - Virtual size: 542KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 507KB - Virtual size: 506KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/040053a6988a0753dd0bdb1d54c9f09a
.exe windows:4 windows x86 arch:x86

36ad125d833d401ebd011e5cfb5c0ce2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
ReleaseMutex
GetFileSize
GetFileAttributesA
WaitForSingleObject
GetLastError
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
ExitThread
GetStartupInfoA
GetModuleHandleA
CloseHandle
WinExec
LoadLibraryA
GetProcAddress
GlobalAlloc
Sleep
TerminateProcess

user32

GetDesktopWindow
wsprintfA

advapi32

StartServiceCtrlDispatcherA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA

ws2_32

WSAStartup
closesocket
htonl
select
recv
setsockopt
socket
connect
WSACleanup
send
htons
__WSAFDIsSet
inet_addr
sendto
inet_ntoa

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
realloc
malloc
atoi
strncpy
strcspn
strstr
sprintf
strncmp
exit
free

Sections

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0401dc9afaa60b84879841fb82e02ce8
.pdf
some-samples-master/040a9955fb4b181fcc94f0849822e599
.html .js polyglot
some-samples-master/041d0d4f4c81575dda02d3e4e4a19eaf
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/043968d44462938dd4723b01b17682c9
.html
some-samples-master/044ebd46fd258b3e171d527d3931f082
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/046e77de0fc709a5d33db244a57d9328
.js
some-samples-master/04bbb595940afcd76d8d3821fd1be7e8
.html .js polyglot
some-samples-master/04bcd50eafb37f9a81dc0cd42730b40f
.exe windows:5 windows x86 arch:x86

20dd26497880c05caed9305b3c8b9109

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24-05-2016 00:00

Not After

24-06-2027 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:9e:63:75:ea:e2:a1:ea:88:88:5e:c1:75:8c:21:64
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06-06-2017 00:00

Not After

06-06-2018 23:59

Subject

CN=RuiQing Software Technology Beijing Inc,O=RuiQing Software Technology Beijing Inc,POSTALCODE=100096,STREET=BeiDuan ErCeng A215+STREET=No.A215\,2/F\,North Section\,No.3\,Xisanqi Building materials city\,Haidian District,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

78:ca:78:7a:36:b2:19:ef:92:e7:d6:21:02:c0:20:03:d5:86:df:fe
Signer

Actual PE Digest

78:ca:78:7a:36:b2:19:ef:92:e7:d6:21:02:c0:20:03:d5:86:df:fe

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
TranslateMessage
SetWindowLongW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
LoadStringW
GetSystemMetrics
ExitWindowsEx
DispatchMessageW
DestroyWindow
CharUpperBuffW
CallWindowProcW

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
SizeofResource
SignalObjectAndWait
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResetEvent
RemoveDirectoryW
ReadFile
MultiByteToWideChar
LockResource
LoadResource
LoadLibraryW
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetUserDefaultLangID
GetThreadLocale
GetSystemInfo
GetSystemDirectoryW
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentVariableW
GetDiskFreeSpaceW
GetCurrentProcess
GetCommandLineW
GetCPInfo
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
EnumCalendarInfoW
DeleteFileW
CreateProcessW
CreateFileW
CreateEventW
CreateDirectoryW
CloseHandle
Sleep

comctl32

InitCommonControls

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/04c3fc4a88588ee47d33d066920ac410
some-samples-master/04f43e7c6fdc81522eb71a4cc7ea4860
.js
some-samples-master/04f9f5a537d8b21acca26e702dbd9dac
.js
some-samples-master/050593622dcd38e2808c0f839c34cf45
.js
some-samples-master/05367b6e911d2a1d934bed7807a405e8
.exe windows:4 windows x86 arch:x86

4e3e7ce958acceeb80e70eeb7d75870e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateProcessW
DeleteCriticalSection
EnterCriticalSection
ExpandEnvironmentStringsW
FormatMessageA
GetCommandLineW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetExitCodeProcess
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetShortPathNameW
GetStartupInfoW
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
SetDllDirectoryW
SetEnvironmentVariableW
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

__argc
__dllonexit
__lconv_init
__set_app_type
__setusermatherr
__wargv
__wgetmainargs
__winitenv
_amsg_exit
_cexit
_findclose
_fileno
_fmode
_fullpath
_get_osfhandle
_getpid
_initterm
_iob
_lock
_onexit
_setmode
_stat
_strdup
_unlock
_vsnprintf
_vsnwprintf
_wcmdln
_wfindfirst
_wfindnext
_wfopen
_wmkdir
_wremove
_wrmdir
_wstat
_wtempnam
abort
calloc
clearerr
exit
fclose
feof
ferror
fflush
fprintf
fread
free
fseek
ftell
fwrite
getenv
malloc
mbstowcs
memcpy
setbuf
setlocale
signal
sprintf
strcat
strchr
strcmp
strcpy
strlen
strncat
strncmp
strncpy
strrchr
strtok
vfprintf
wcscat
wcscmp
wcscpy
wcslen

ws2_32

ntohl

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 49KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/05374bd1a8ecac0dff7c01db09c95517
.html
some-samples-master/056b077e8568a8169d59af8ad7e2a77c
.js
some-samples-master/057dc4cfd33f43b55b9a4ebd596e67fc
.js
some-samples-master/05820bf9009bd7c3075367a0a07b9766
.html .js polyglot
some-samples-master/05b1fa7a6cae0447123987bdc679bcab
.js
some-samples-master/05d8e078a999a4d9f871569fc93966e8
.exe windows:5 windows x86 arch:x86

ed36d6b5bc2364ec85cc07421435bb85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

nddeapi

NDdeShareAddA
NDdeShareDelA
NDdeShareGetInfoA

kernel32

GetModuleFileNameA
lstrcmpiA
GetDateFormatA
GetModuleHandleW
GetProcAddress
CreateMailslotW
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyA
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogA
ClearEventLogW
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrW
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopA
wsprintfA
PostMessageA
GetDlgItemTextW
IsDialogMessageA
DispatchMessageW
GetMessageA
LoadMenuA
LoadStringA
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateA
InsertMenuW
GetPropW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/05ed65e72c49f3a7267b026e96e06393
.html
some-samples-master/05ff56bb1e63924df2b64de45459efd7
.html .js polyglot
some-samples-master/065b9111c4ba27e837a0ceb3cd963356
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qnk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/066fec4e379fed280d80c28a1e496468
.js
some-samples-master/067b329c87371224e00e1093364a76e5
.js
some-samples-master/0691792ef43586dc91b1a17bca232001
.html
some-samples-master/06cb4e153ea3ba9e8e70df0daec04777
.js
some-samples-master/06f862c049a8210b0b64d75fe4f7440c
.exe windows:4 windows x86 arch:x86

2a9849bfbc5344069cad371500b4190e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetMessageA
DispatchMessageA
LoadAcceleratorsA
TranslateMessage
LoadCursorA
LoadMenuA
RegisterClassExA
BeginPaint
GetClientRect
DrawTextA
EndPaint
PostQuitMessage
SetTimer
DialogBoxParamA
DefWindowProcA
DestroyWindow
EndDialog
SendMessageA
CreateWindowExA
ShowWindow
UpdateWindow
LoadCursorW
LoadBitmapW
MoveWindow
SetWindowPos
InvalidateRect
EnableWindow
FlashWindowEx
GetParent
GetKeyState
DeferWindowPos
SetWindowLongW
GetWindowLongW
DrawFocusRect
IsChild
DrawFrameControl
GetScrollInfo
FindWindowA
GetClassNameA

kernel32

SetLastError
GetCurrentDirectoryA
CreateFileA
GetLastError
lstrcpyA
GetModuleHandleA
lstrcmpA
lstrlenA
GetStartupInfoA
GetVersionExA

gdi32

CreateCompatibleBitmap
SelectObject
DeleteObject
DeleteDC
CreateCompatibleDC

comctl32

ord17

msvcrt

memset
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0719037c7f5631c5d8551232a3a874a5
.exe windows:5 windows x86 arch:x86

0d8311e93942ad10fcf0d64fa2da79e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

ExtractIconW
ShellAboutW
SHCreateShellItem
DragQueryPoint
DragFinish
SHGetDataFromIDListA
SHGetDiskFreeSpaceA
DllRegisterServer
StrStrW
DragQueryFileA
SHQueryRecycleBinA
StrChrW
DuplicateIcon

kernel32

WaitForSingleObject
GetCurrentProcess
GetModuleHandleW
GetFileAttributesA
FindNextFileA
GetTempPathW
GetModuleFileNameA
IsBadReadPtr
GetExpandedNameW
GetCurrentThread
LoadLibraryA
GetProfileSectionA
GetProcAddress
GetStringTypeA
WaitNamedPipeA
InitializeCriticalSection
GetConsoleAliasW
SearchPathW
GetLogicalDriveStringsW

odbctrac

TraceSQLCancel
TraceSQLError

authz

AuthzFreeAuditEvent
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeContext

modemui

drvSetDefaultCommConfigA
CountryRunOnce

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/075703d3a735d1130d33ee153d29daf2
.html .js polyglot
some-samples-master/0771a7a8ac18f4c8357fb6bdf36502bf
.doc windows office2003

ThisDocument

Module1
some-samples-master/07869ea10183f624ae42a4d059c4aeb9
.js
some-samples-master/0790860c417346be6ee5e99e0ffbb553
.html .js polyglot
some-samples-master/07a7ea1eeb988a77710cf25e31adfb55
.exe windows:4 windows x86 arch:x86

da2c25e045f4fbf2ca264bbb89e6fa2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord459
ord561
ord825
ord743
ord5500
ord617
ord5301
ord6354
ord6352
ord5214
ord296
ord2036
ord986
ord520
ord823
ord4159
ord6117
ord2621
ord1134
ord1205
ord1199
ord1247
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord2486
ord4003
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord2725
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord1206
ord2623
ord338
ord1223
ord4823
ord1849
ord4244
ord2583
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord4403
ord5240
ord5290
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5253
ord3998
ord4723
ord1942
ord4272
ord5259
ord1859
ord4246
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord4163
ord2120
ord4457
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4953
ord4612
ord1168

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
_setmbcp

kernel32

GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
GetProcessHeap
VirtualFree
FreeLibrary
VirtualAlloc
IsBadReadPtr
ExitProcess
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
EnableWindow

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/07b38cc17205c6f8cc887c80d79f76fd
.js
some-samples-master/07d27e6008fb2c226c68f9f268cc6d3c
.html
some-samples-master/07d5ba8126524c3634f56db3cc4f1784
.html .js polyglot
some-samples-master/07e66ecd3f6e16d10922fe6268a19987
.html .js polyglot
some-samples-master/07edb730214fe28f66fa4be0f02ab79e
some-samples-master/080395a0a6471016e6ea96c3b4c51f8f
.html .js polyglot
some-samples-master/080664fded54f3c35dc438fb192394e5
.html .js polyglot
some-samples-master/08095218a44d456ea98bbc73d07af766
.js
some-samples-master/0832e7107225f7684633a540e0332f56
.html .js polyglot
some-samples-master/08453c78a4c4e608dac8afcda9793077
.exe windows:4 windows x86 arch:x86

821c3c157aa70dd41f3fb8b96793b6d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
OpenProcess
CopyFileA
GetSystemInfo
GetSystemDefaultUILanguage
GetVersionExA
GetThreadLocale
TerminateProcess
GetTempPathA
WinExec
lstrlenA
OpenMutexA
ReleaseMutex
ExitProcess
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
LoadLibraryA
GetProcAddress
CloseHandle
CreateThread
MultiByteToWideChar
lstrcpyA
OutputDebugStringA
ExitThread
Sleep
GetTickCount
lstrcatA
GetLastError
GetLocaleInfoA
GetACP
GetSystemTimeAsFileTime
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId

user32

wsprintfA

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
RegisterServiceCtrlHandlerA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus
OpenServiceA
CloseServiceHandle
DeleteService
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
StartServiceCtrlDispatcherA

shell32

SHChangeNotify
ShellExecuteExA

msvcr80

__CxxFrameHandler3
atoi
strncpy
strcspn
??_U@YAPAXI@Z
??2@YAPAXI@Z
_CxxThrowException
strncmp
_except_handler4_common
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_invoke_watson
_controlfp_s
printf
srand
rand
_time64
strstr
??3@YAXPAX@Z
memset
strchr
malloc
realloc
__iob_func
fprintf
__setusermatherr
sprintf

ws2_32

WSAIoctl
setsockopt
htonl
recv
WSACleanup
WSAGetLastError
select
__WSAFDIsSet
WSASocketA
closesocket
connect
htons
sendto
WSAStartup
send
inet_addr
gethostbyname
socket

shlwapi

SHDeleteKeyA

netapi32

NetLocalGroupAddMembers
NetUserAdd

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/08a120dc8808cb404113c0c03f1e6d83
.html
some-samples-master/08b0f1b4246306bdfbaee8835b2d5f87
some-samples-master/08b938a9978f82efe446526c50372cde
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

SPACE

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.spm
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xzcsbrj
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/08e25d839a668501d8c8024b3144d3b7
.vbs
some-samples-master/090d6a9349e18c9d7232382e4c4bda7a
.js
some-samples-master/093a129db41d875c403cc3e788718acf
.elf linux sh
some-samples-master/094060604fd9e0feb2a82c6197120c24
.js
some-samples-master/09a572eea2e16b83fa36375ae89420a9
.html .js polyglot
some-samples-master/09d0807ee87e05651effbe7add77d41e
.html
some-samples-master/09ec4383bf4723cb2210cd15d84fd6fb
.js
some-samples-master/09eede0706045eed2dcaa2d1f43d9140
.html .js polyglot
some-samples-master/09ef8fed415f58a763903e1fd219c521
.js
some-samples-master/09f6f2863159def17d98236255aa5dcf
.html .js polyglot
some-samples-master/09f7c502b134164cfcf928b3c0f15e47
.js
some-samples-master/0a2c841961c6b4b6b09a9bfc9a79a94c
.exe windows:4 windows x86 arch:x86

c58bf6ee9989bd7f3e24b623740f6b2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord641
ord860
ord540
ord324
ord2362
ord2370
ord4234
ord2818
ord4853
ord535
ord858
ord4224
ord1168
ord5981
ord3092
ord1200
ord6334
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord823
ord4159
ord6117
ord2621
ord1134
ord2725
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord2399
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord3136
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord2379
ord1942
ord4588
ord4370
ord4892
ord4532
ord5259
ord3399
ord3734
ord384
ord303
ord686
ord4272
ord537
ord2862
ord1146
ord2096
ord3303
ord4125
ord2915
ord4129
ord2764
ord1842
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord5282
ord2649
ord1665
ord4436
ord4427
ord807
ord796
ord674
ord527
ord554
ord529
ord366
ord794
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord5252
ord3481
ord2252
ord4083
ord922
ord924
ord926
ord1841
ord4533
ord4340
ord4347
ord4720
ord4889
ord4963
ord4960
ord6054
ord5281
ord1725
ord2091
ord364
ord784
ord4241
ord1849
ord2583
ord4403
ord5253
ord4244
ord3301
ord3910
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4710
ord4998
ord4376
ord5265
ord4531
ord825

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_except_handler3
realloc
free
malloc
atoi
__CxxFrameHandler
_mbscmp
_stricmp

kernel32

MultiByteToWideChar
lstrlenW
InitializeCriticalSection
GetCurrentThreadId
GetCommandLineA
lstrcmpiA
DeleteCriticalSection
HeapDestroy
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
lstrcpyA
lstrcatA
lstrlenA
Sleep
CloseHandle
WriteFile
CreateFileA
ReadFile
GetFileSize
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
HeapFree
GetStartupInfoA
WideCharToMultiByte
GetModuleHandleA
GetShortPathNameA

user32

EnableWindow
GetWindowRect
CharNextA
GetClientRect
SetWindowLongA
LoadIconA
UpdateWindow
SendMessageA
GetWindowLongA

comctl32

ImageList_ReplaceIcon

ole32

CoRegisterClassObject
CoInitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoRevokeClassObject
CLSIDFromProgID

oleaut32

SysFreeString
LoadTypeLi
RegisterTypeLi
VariantClear
SafeArrayDestroy
SysAllocString

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0a3c96d5224ceaac21933852a66941c7
.html
some-samples-master/0abd719d9108612e187eeacd63059b3b
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/0adebe74c4f4dd36f42de83360165928
.exe windows:4 windows x86 arch:x86

888f7c3cb1911069f97ed9c2bd4061db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetPriorityClass
GetCurrentProcess
ResumeThread
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
DebugBreak
lstrcmpiA
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
GetFileAttributesA
GetDriveTypeA
ReadFile
GetFileSize
CallNamedPipeA
GetUserDefaultLangID
lstrlenW
FileTimeToSystemTime
SetFilePointer
GetTempPathA
GetTempFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetLastError
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
SetFileAttributesA
GetModuleHandleA
SetLastError
GetWindowsDirectoryA
GetShortPathNameA
CreateFileA
WriteFile
CloseHandle
MoveFileA
lstrcpyA
GetTickCount
CopyFileA
DeleteFileA
GetModuleFileNameA
lstrcpynA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FreeLibrary
lstrlenA
HeapAlloc
lstrcatA

user32

CharNextA
GetKeyboardType
PeekMessageA
MsgWaitForMultipleObjects
SetCursor
SetWindowLongA
SetTimer
EndDialog
GetSystemMetrics
BeginDeferWindowPos
GetWindowTextA
SetWindowTextA
DeferWindowPos
EndDeferWindowPos
LoadStringA
GetClientRect
ScreenToClient
PostMessageA
GetDC
ReleaseDC
ShowWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendMessageA
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
wvsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetMessageA
RedrawWindow
KillTimer
InvalidateRect
UpdateWindow
GetDlgItemTextA
LoadCursorA
TranslateMessage
DispatchMessageA
wsprintfA
LoadImageA

gdi32

UpdateColors
SetTextColor
SetBkMode
GetDeviceCaps
SelectPalette
CreateHalftonePalette
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
DeleteObject
RealizePalette
BitBlt
DeleteDC
SelectObject

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
StrRChrA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
VariantClear

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0afa86234c4d4f54e4c96d08005ed1e8
.exe windows:4 windows x86 arch:x86

fbbce7c2573190fd915a6974ae051f80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord2514
ord641
ord825
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord4465
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord4710
ord755
ord470
ord1168
ord823
ord2379
ord1146
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord5163
ord4673

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
strlen
malloc
free
__CxxFrameHandler
memcpy
memset
realloc
_stricmp
_controlfp

kernel32

GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
CloseHandle
WriteFile
CreateFileA
ReadFile
GetFileSize
GetModuleHandleA
GetStartupInfoA
LocalAlloc
InterlockedExchange
RaiseException
GetLastError
HeapAlloc

user32

LoadIconA
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetSystemMetrics
EnableWindow

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/0b0e059e8d2e61bf125ec0a69b35708f
.js
some-samples-master/0b1ca95c7a25652422d61aa53c17172b
.exe windows:4 windows x86 arch:x86

2da643f403b05d133ca8b82f7df595cb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaFreeVarList
__vbaEnd
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
__vbaCopyBytes
__vbaStrCat
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord667
ord593
ord594
_adj_fdiv_m16i
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaFileClose
EVENT_SINK_AddRef
DllFunctionCall
_adj_fpatan
EVENT_SINK_Release
ord600
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
__vbaStrToUnicode
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaVarCat
_CIlog
__vbaFileOpen
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaStrToAnsi
__vbaVarDup
__vbaVarCopy
_CIatan
__vbaStrMove
_allmul
_CItan
__vbaFPInt
_CIexp
__vbaFreeStr
__vbaFreeObj

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0b40a2fff66d3c7f728b2d0e9ae861a6
.exe windows:5 windows x86 arch:x86

17629baadbe8b61e5bb8f9e0f985e5aa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
CreateDesktopW
LoadBitmapW
GetClassLongA
GetMessageA
LoadStringW
wsprintfA
PeekMessageA
PostMessageA
InsertMenuW
DrawStateW
LoadCursorA
DialogBoxParamA
GetPropW
LoadMenuA
CharToOemA

crypt32

CryptFindOIDInfo
CertOpenStore
CertFindAttribute
CertFindCRLInStore
CryptEnumOIDInfo
CertGetNameStringA
CryptMemAlloc
CertCreateCRLContext
CertCloseStore
CertFindExtension
CertDuplicateCRLContext
CertFreeCRLContext
CryptMemFree
CryptMemRealloc
CertCreateContext

kernel32

LoadLibraryExW
GetProfileSectionA
GetConsoleAliasW
MoveFileExA
GetTempPathW
OpenJobObjectA
MapViewOfFile
Heap32Next
OpenMutexW
CreateFileMappingA
GetModuleHandleA
WaitForSingleObject
GetACP
GetProcAddress
InterlockedExchange

certcli

CACloseCA
CAEnumNextCA
CACloseCertType
CADeleteCA
CAEnumFirstCA

shlwapi

PathIsURLA
UrlEscapeA
UrlGetLocationA
UrlCompareA
UrlHashA
PathIsRootA
UrlGetPartA
UrlCanonicalizeW
UrlIsNoHistoryA
PathCommonPrefixW
UrlCombineA
PathCombineW

advapi32

InitializeSid
RegLoadKeyA
LogonUserA
OpenEventLogA
RegEnumKeyA
RegCreateKeyExA
RegDeleteValueW
RegRestoreKeyA
CryptSignHashA
RegReplaceKeyA
ClearEventLogW

ctl3d32

Ctl3dGetVer
Ctl3dRegister
Ctl3dCtlColor
Ctl3dUnregister

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/0b6cd1f58e73ef9f375e605caf71e4fc
.js
some-samples-master/0ba543a6b92129e8518682ab2c2fdc20
.js
some-samples-master/0baa76aff41923c511bb56f88fe949cf
.exe windows:5 windows x86 arch:x86

209ce47a376ae20dfd884855c2481212

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAEnumFirstCA
CAEnumNextCA
CACloseCertType
CACloseCA

modemui

drvGetDefaultCommConfigA
InvokeControlPanel

authz

AuthzFreeResourceManager
AuthzInitializeContextFromSid
AuthzAddSidsToContext
AuthzFreeContext

shell32

DragQueryFileA
DragFinish
ShellAboutA
SHGetDataFromIDListA
SHGetFileInfoA
FindExecutableA
SHFileOperationA
DragQueryPoint
SHGetMalloc
DragAcceptFiles
ExtractIconA
DllUnregisterServer
DuplicateIcon

kernel32

WaitNamedPipeA
LoadLibraryExA
SystemTimeToFileTime
GetProfileSectionA
Heap32First
OpenSemaphoreW
GetModuleHandleA
WaitForSingleObject
GetCurrentProcess
GetConsoleAliasW
CreateJobObjectA
GetCommandLineW
GetTickCount
CreateFileA
GetProcAddress
GetLogicalDriveStringsW
ReadConsoleA
GetStringTypeA
GetOEMCP
SearchPathW

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_MEM_READ
some-samples-master/0bb0f3933209914b5884acb458fbb5de
.html .js polyglot
some-samples-master/0bfe29a25e24350f66fffdcc0e0e6f4a
.js
some-samples-master/0bff2b4736d621cfb8f384884c5a0412
.html .js polyglot
some-samples-master/0c097be12c63761274bad0d9fccf1aba
some-samples-master/0c2b7a9c3753a340725ce3ee9067a44f
.html .js polyglot
some-samples-master/0c444f94eb5925001cf3f1129d70cdfc
.js
some-samples-master/0c68af19725733f5551891cae27f4222
.exe windows:4 windows x86 arch:x86

31810ec6d40780156e9846be41b3d3e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaResume
ord661
__vbaHresultCheckObj
_adj_fdiv_m32
ord667
__vbaAryDestruct
__vbaExitProc
__vbaI4Abs
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
ord527
__vbaGenerateBoundsError
DllFunctionCall
_adj_fpatan
ord676
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
__vbaI2Var
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaDerefAry1
_adj_fdivr_m32
_adj_fdiv_r
ord100
ord610
__vbaVarDup
_CIatan
__vbaStrMove
ord618
ord543
_allmul
_CItan
ord547
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 664KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0d1ffe1b0da5aca9b3c1806d1c5ed28a
.js
some-samples-master/0d378f21f2b2750de74cc8daea86af69
.js
some-samples-master/0d5c2b7c60e7556cf8bc8bfe64a6fc23
.js
some-samples-master/0d64569afe34803f997d19ff4aa06a26
.js
some-samples-master/0d8c6211d9c67db5414afde30d8b75cc
.html .js polyglot
some-samples-master/0da8a925b098861d3fe19483ac083126
.html .js polyglot
some-samples-master/0db23a5d3f13fee42c0fe5b460d2c682
.js
some-samples-master/0db6576a2b40f0e0ce9c09ae45d8105d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 100KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/0dbe09fd79fdbb0cd9bc287bbba20ae4
.elf linux x64
some-samples-master/0dc90ba86620e1abe33ebbb838397b48
.js
some-samples-master/0dced6805f8da8e65191a72c7238c80f
.html .js polyglot
some-samples-master/0e293f3ee181602ca09e6108ef1ec38e
.html
some-samples-master/0e3505dbb09090a44503251a5c8808bd
.exe windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

53:32:25:a4:19:5c:34:9e:b2:de:67:b0:4d:02:a0:c4
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

05-04-2016 00:00

Not After

20-08-2017 23:59

Subject

CN=Crawler Group\, LLC,O=Crawler Group\, LLC,L=Wilmington,ST=Delaware,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0e61546830e4286521967c4b245b74a4
.html .js polyglot
some-samples-master/0eb5cc1251634b2f063806129ef1aa01
.html
some-samples-master/0ed2773438d578e9fd7e9c0e92902820
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 559KB - Virtual size: 558KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/0f150f878a3f7f5e518ede83960e490f
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 742KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/0f27c2092ae06c79d485ab72c98e23e1
.html .js polyglot
some-samples-master/0f2b4f4d21f36fa9b02a61a51783cf8d
.html
some-samples-master/0f31a711956fcae6335b4c73ab710a0a
.elf linux arm
some-samples-master/0f3566580a44669fa6aaa28254ff58f8
.js
some-samples-master/0f6777a7ab07757fab514933169d37c8
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/0f763811971c807399089aa4c20d120c
.js
some-samples-master/0f78a4e4865382d355469063ba96bdb3
.html
some-samples-master/0f7fb26913914421e26dcbdb5c6af222
some-samples-master/0f85c94356648489b7472aa50835435c
.html
some-samples-master/0fd3e4d2c677a0cd0c3477eaa31257d3
.js
some-samples-master/0fe34117cc6ed70954621baac460978e
.html .js polyglot
some-samples-master/10052360d8bc7b894ba82d85a0440a01
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

tyrij

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xur
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/101c50f35e787e4bd87a813ddb2a0637
.html .js polyglot
some-samples-master/102e10e17baae0cbf97c543dd0337570
some-samples-master/103.26.76.44/dvrHelper
.elf linux sh
some-samples-master/103.26.76.44/mirai.arm
.elf linux arm
some-samples-master/103.26.76.44/mirai.arm.1
.elf linux arm
some-samples-master/103.26.76.44/mirai.arm5n
.elf linux arm
some-samples-master/103.26.76.44/mirai.arm7
.elf linux arm
some-samples-master/103.26.76.44/mirai.m68k
.elf linux
some-samples-master/103.26.76.44/mirai.mips
.elf linux mipsbe
some-samples-master/103.26.76.44/mirai.mpsl
.elf linux mipsel
some-samples-master/103.26.76.44/mirai.ppc
.elf linux ppc
some-samples-master/103.26.76.44/mirai.sh4
.elf linux sh
some-samples-master/103.26.76.44/mirai.spc
.elf linux sparc
some-samples-master/103.26.76.44/mirai.x86
.elf linux x86
some-samples-master/103.9.77.253/
.elf linux arm
some-samples-master/103.9.77.253/apache2
.elf linux arm
some-samples-master/103.9.77.253/bash
.elf linux x64
some-samples-master/103.9.77.253/cron
.elf linux ppc
some-samples-master/103.9.77.253/ftp
.elf linux x86
some-samples-master/103.9.77.253/ntpd
.elf linux mipsbe
some-samples-master/103.9.77.253/openssh
.elf linux sh
some-samples-master/103.9.77.253/pftp
.elf linux
some-samples-master/103.9.77.253/sh
.elf linux sparc
some-samples-master/103.9.77.253/sshd
.elf linux mipsel
some-samples-master/103.9.77.253/tftp
.elf linux arm
some-samples-master/103.9.77.253/wget
.elf linux x86
some-samples-master/10343de9257e43c3d3a1fc678c26656a
.js
some-samples-master/1038d3cc5d3179a5da7f1bea2f660a0b
.elf linux x86
some-samples-master/105cc53cf945eb16ce6267596453bae4
.js
some-samples-master/106e6f0e5bd7763640d27503980fb446
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/107.174.34.68/
.elf linux arm
some-samples-master/107.174.34.68/597e812e875da845cd2cbfd30f6709b3105fe18c77aceadc6e2460dadde222f9
.sh linux
some-samples-master/107.174.34.68/apache2
.elf linux arm
some-samples-master/107.174.34.68/bash
.elf linux x64
some-samples-master/107.174.34.68/cron
.elf linux ppc
some-samples-master/107.174.34.68/ftp
.elf linux x86
some-samples-master/107.174.34.68/ntpd
.elf linux mipsbe
some-samples-master/107.174.34.68/openssh
.elf linux sh
some-samples-master/107.174.34.68/pftp
.elf linux
some-samples-master/107.174.34.68/sh
.elf linux sparc
some-samples-master/107.174.34.68/sshd
.elf linux mipsel
some-samples-master/107.174.34.68/tftp
.elf linux arm
some-samples-master/107.174.34.68/wget
.elf linux x86
some-samples-master/107.174.34.70/apache2
.elf linux arm
some-samples-master/107.174.34.70/bash
.elf linux x64
some-samples-master/107.174.34.70/cron
.elf linux ppc
some-samples-master/107.174.34.70/ftp
.elf linux x86
some-samples-master/107.174.34.70/ntpd
.elf linux mipsbe
some-samples-master/107.174.34.70/openssh
.elf linux sh
some-samples-master/107.174.34.70/pftp
.elf linux
some-samples-master/107.174.34.70/sh
.elf linux sparc
some-samples-master/107.174.34.70/sshd
.elf linux mipsel
some-samples-master/107.174.34.70/tftp
.elf linux arm
some-samples-master/107.174.34.70/wget
.elf linux x86
some-samples-master/10b1f9229a0970c68ec83c7b3c36c4b3
.html .js polyglot
some-samples-master/10b3b7401f18fe04aad8af403de5ad2d
.html .js polyglot
some-samples-master/10c4f4fe21d0f1d582e03c5717d11395
.js
some-samples-master/10cfb7229c27ea6146a22ee7323390b9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uro
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/1107869bf938f6eaf9f39305798d79dd
.html
some-samples-master/113.53.235.91/mirai.arm
.elf linux arm
some-samples-master/113.53.235.91/mirai.arm.1
.elf linux arm
some-samples-master/113.53.235.91/mirai.arm5n
.elf linux arm
some-samples-master/113.53.235.91/mirai.arm7
.elf linux arm
some-samples-master/113.53.235.91/mirai.m68k
.elf linux
some-samples-master/113.53.235.91/mirai.mips
.elf linux mipsbe
some-samples-master/113.53.235.91/mirai.mpsl
.elf linux mipsel
some-samples-master/113.53.235.91/mirai.ppc
.elf linux ppc
some-samples-master/113.53.235.91/mirai.sh4
.elf linux sh
some-samples-master/113.53.235.91/mirai.spc
.elf linux sparc
some-samples-master/113.53.235.91/mirai.x86
.elf linux x86
some-samples-master/11716d8039e719e8a76e722f06ae2e15
.html .js polyglot
some-samples-master/1184a5166f8eaf6e9d83ccb7300e0a49
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 96B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/119.28.72 .174:280_mirai/mirai.arm
.elf linux arm
some-samples-master/119.28.72 .174:280_mirai/mirai.arm7
.elf linux arm
some-samples-master/119.28.72 .174:280_mirai/mirai.m68k
.elf linux
some-samples-master/119.28.72 .174:280_mirai/mirai.mips
.elf linux mipsbe
some-samples-master/119.28.72 .174:280_mirai/mirai.mpsl
.elf linux mipsel
some-samples-master/119.28.72 .174:280_mirai/mirai.ppc
.elf linux ppc
some-samples-master/119.28.72 .174:280_mirai/mirai.sh4
.elf linux sh
some-samples-master/119.28.72 .174:280_mirai/mirai.spc
.elf linux sparc
some-samples-master/119.28.72 .174:280_mirai/mirai.x86
.elf linux x86
some-samples-master/119.28.72.174:280_dlr/dlr.arm
.elf linux arm
some-samples-master/119.28.72.174:280_dlr/dlr.arm7
.elf linux arm
some-samples-master/119.28.72.174:280_dlr/dlr.arm7a
.elf linux arm
some-samples-master/119.28.72.174:280_dlr/dlr.m68k
.elf linux
some-samples-master/119.28.72.174:280_dlr/dlr.mips
.elf linux mipsbe
some-samples-master/119.28.72.174:280_dlr/dlr.mpsl
.elf linux mipsel
some-samples-master/119.28.72.174:280_dlr/dlr.ppc
.elf linux ppc
some-samples-master/119.28.72.174:280_dlr/dlr.sh4
.elf linux sh
some-samples-master/119.28.72.174:280_dlr/dlr.spc
.elf linux sparc
some-samples-master/119.28.72.174:280_dlr/dlr.x86
.elf linux x86
some-samples-master/119.28.72.174:280_do/do.arm
.elf linux arm
some-samples-master/119.28.72.174:280_do/do.arm7
.elf linux arm
some-samples-master/119.28.72.174:280_do/do.m68k
.elf linux
some-samples-master/119.28.72.174:280_do/do.mips
.elf linux mipsbe
some-samples-master/119.28.72.174:280_do/do.mpsl
.elf linux mipsel
some-samples-master/119.28.72.174:280_do/do.sh4
.elf linux sh
some-samples-master/119.28.72.174:280_do/do.spc
.elf linux sparc
some-samples-master/119.28.72.174:280_do/do.x86
.elf linux x64
some-samples-master/1196425f1a9e075570f7c3395988e909
.html .js polyglot
some-samples-master/11bc606269a161555431bacf37f7c1e4
.exe windows:4 windows x86 arch:x86

3a8eb283f62eca7206b65c62b7d51bd5

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b2:4a:d3:15:23:2d:f3:7a:ba:90:7c:9f:63:f6:18:44
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

22-01-2015 00:00

Not After

21-01-2017 23:59

Subject

CN=Ammyy LLC,O=Ammyy LLC,POSTALCODE=115230,STREET=Varshavskoe shosse 32,L=Moscow,ST=Moscow,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

27:66:ee:56:eb:49:f3:8e:ab:d7:70:a2:fc:84:de:22
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:0a:0b:47:69:6d:44:c2:52:8d:76:b3:30:51:8a:17:fc:c3:1c:aa
Signer

Actual PE Digest

00:0a:0b:47:69:6d:44:c2:52:8d:76:b3:30:51:8a:17:fc:c3:1c:aa

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAGetLastError
send
recv
select
WSAStartup
getpeername
getservbyport
ntohs
gethostbyaddr
gethostbyname
getservbyname
htonl
inet_ntoa
inet_addr
WSAIoctl
connect
accept
htons
bind
listen
socket
__WSAFDIsSet
shutdown
setsockopt
ioctlsocket
WSACleanup
closesocket

gdi32

GetDIBits
CreateCompatibleBitmap
RealizePalette
SelectPalette
CreatePalette
GetSystemPaletteEntries
GdiFlush
CombineRgn
GetRegionData
SetStretchBltMode
CreateDIBitmap
DeleteDC
SelectObject
CreateCompatibleDC
BitBlt
SetBkMode
CreateFontIndirectA
DPtoLP
GetDeviceCaps
CreateFontA
StretchBlt
CreateRectRgn
ExtTextOutA
GetBitmapBits
GetObjectA
CreateDIBSection
SetBitmapBits
CreateRectRgnIndirect
SelectClipRgn
TextOutW
CreatePatternBrush
SetTextAlign
SetBrushOrgEx
ExtTextOutW
SetTextColor
SetBkColor
GetTextExtentPoint32W
CreateSolidBrush
DeleteObject
GetStockObject

user32

FindWindowA
OpenDesktopA
VkKeyScanExA
SendMessageTimeoutA
LoadIconA
IntersectRect
IsWindowVisible
GetIconInfo
GetCursorInfo
EqualRect
OpenInputDesktop
CloseDesktop
GetUserObjectInformationA
LoadKeyboardLayoutA
EmptyClipboard
SetClipboardData
RegisterClassExA
GetDesktopWindow
PeekMessageA
MsgWaitForMultipleObjects
mouse_event
MapVirtualKeyA
LockWorkStation
SetThreadDesktop
keybd_event
SetDlgItemTextA
SetDlgItemInt
GetKeyboardState
ToAsciiEx
DestroyAcceleratorTable
TranslateAcceleratorA
CreateAcceleratorTableA
SetWindowTextA
ReleaseCapture
SetCapture
GetAsyncKeyState
GetThreadDesktop
SystemParametersInfoW
SwitchToThisWindow
SendMessageA
FindWindowW
MessageBoxA
ShowWindow
wsprintfA
RegisterClassExW
DestroyCursor
MessageBeep
wsprintfW
SetCursorPos
GetClipboardOwner
OpenClipboard
GetClipboardData
CloseClipboard
ShowWindowAsync
SetScrollInfo
GetWindow
WindowFromPoint
ReleaseDC
GetDC
DestroyIcon
DrawIconEx
LoadImageA
EnableWindow
SetDlgItemTextW
DestroyWindow
SetWindowPos
SetClassLongW
InsertMenuItemW
ChangeClipboardChain
MapWindowPoints
InsertMenuItemA
EnumWindows
GetClassNameA
GetWindowTextA
KillTimer
GetWindowLongW
PostMessageA
DrawTextW
SetRect
ShowScrollBar
IsIconic
ScrollWindowEx
AdjustWindowRectEx
GetMenuState
GetWindowPlacement
SetWindowPlacement
GetSysColorBrush
AppendMenuW
SetClipboardViewer
SetWindowsHookExA
UnhookWindowsHookEx
DrawTextA
EndDialog
CreateDialogParamW
DialogBoxParamA
CallWindowProcW
CallWindowProcA
DefWindowProcA
IsWindowUnicode
GetSystemMenu
RedrawWindow
InvalidateRect
DrawStateA
DrawEdge
GetClientRect
CreateWindowExA
IsWindow
GetParent
GetWindowLongA
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetActiveWindow
SetCursor
SetTimer
PostThreadMessageA
MoveWindow
BeginPaint
EndPaint
GetDlgItemInt
SendDlgItemMessageA
MapDialogRect
SetWindowLongA
ClientToScreen
LoadCursorA
RegisterClassW
CreateWindowExW
SetWindowLongW
UpdateWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
ScreenToClient
SetWindowTextW
SetMenu
LoadMenuA
GetMenuItemInfoA
SetMenuItemInfoA
GetSubMenu
SetMenuItemInfoW
GetMenuItemID
EnableMenuItem
GetMenuItemCount
CheckMenuItem
GetKeyState
SetForegroundWindow
SetFocus
GetFocus
PostQuitMessage
DefWindowProcW
CreatePopupMenu
GetCursorPos
TrackPopupMenu
GetSysColor
GetSystemMetrics
GetMenuItemInfoW
DrawMenuBar
AppendMenuA
DestroyMenu
MessageBoxW
GetDlgItem
SendMessageW
GetWindowRect
SystemParametersInfoA

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteA
SHGetMalloc
ShellExecuteExW
SHGetFolderPathA
SHGetFolderPathW
SHGetFileInfoW
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconA

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

msvcrt

_strnicmp
_strupr
_strlwr
_controlfp
_iob
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_wcsicmp
wcschr
__CxxFrameHandler
strlen
isspace
memchr
_errno
strtol
isdigit
strstr
memcpy
??2@YAPAXI@Z
_purecall
free
memset
malloc
sprintf
printf
fwrite
srand
time
_CxxThrowException
rand
atol
_stricmp
isprint
tolower
strncpy
atoi
abs
wcscpy
strcmp
strcpy
wcslen
memcmp
iswspace
wcsncmp
_wtoi
_ultow
_stat
strchr
_ftol
swprintf
strcat
strtoul
calloc
_rotl
_rotr
fopen
fread
fclose
fseek
ftell
fflush
wcsncpy
wcsrchr
vsprintf
vswprintf
memmove
strrchr
strncmp
mbstowcs
wcscmp
wcsstr
iswdigit
_beginthreadex
_endthreadex
atof
_i64tow
wcscat
realloc
exit
fprintf
sscanf
getenv
floor
fputc
_CIpow
_CIacos
??1type_info@@UAE@XZ
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
_exit
_XcptFilter
_acmdln

secur32

FreeCredentialsHandle
InitializeSecurityContextA
FreeContextBuffer
AcquireCredentialsHandleA
CompleteAuthToken
QuerySecurityPackageInfoA

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiClassGuidsFromNameA
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList

iphlpapi

GetAdaptersInfo

advapi32

RegOpenKeyExA
FreeSid
SetFileSecurityW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
ConvertSidToStringSidA
GetTokenInformation
OpenProcessToken
RegCloseKey
RegQueryValueExA
ImpersonateLoggedOnUser
RevertToSelf
GetUserNameA
StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExA
SetServiceStatus
SetTokenInformation
DuplicateTokenEx
CreateProcessAsUserW
QueryServiceStatus
CloseServiceHandle
OpenServiceA
OpenSCManagerA
CreateServiceW
DeleteService
ControlService
StartServiceA
StartServiceW
RegCreateKeyExA
RegQueryValueExW
RegSetValueExW
RegSetValueExA
RegDeleteKeyA
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
SetEntriesInAclA
AllocateAndInitializeSid

shlwapi

PathGetDriveNumberA

comdlg32

GetOpenFileNameW
GetSaveFileNameW

userenv

LoadUserProfileA
UnloadUserProfile

comctl32

CreateToolbarEx
ImageList_Create
ImageList_Draw
ImageList_Destroy
ord17
ImageList_GetIconSize
ImageList_ReplaceIcon
ImageList_Add
ImageList_Duplicate
_TrackMouseEvent
CreatePropertySheetPageW
PropertySheetW

wininet

HttpSendRequestA
HttpQueryInfoA
InternetConnectA
InternetSetOptionA
InternetCloseHandle
InternetReadFile
InternetOpenA
HttpOpenRequestA

dsound

ord7
ord6
ord2
ord1

kernel32

SizeofResource
LoadResource
LockResource
GetLocalTime
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetFileTime
GetFileTime
OpenMutexA
CreateMutexA
ResetEvent
FindResourceExA
OpenEventA
CreateEventA
ExitProcess
SetUnhandledExceptionFilter
GetSystemDirectoryA
CompareFileTime
GetSystemTimeAsFileTime
GetSystemDirectoryW
lstrcatW
LoadLibraryW
QueryPerformanceFrequency
ReadFile
QueryPerformanceCounter
GetExitCodeProcess
BeginUpdateResourceW
EndUpdateResourceW
UpdateResourceA
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
LoadLibraryA
FreeLibrary
GetFileSize
SetFilePointer
WriteFile
WaitForSingleObject
CreateThread
GetFileAttributesW
GetStartupInfoW
CreateProcessW
lstrcmpiW
lstrcmpW
MulDiv
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameW
GetComputerNameA
LocalAlloc
GetExitCodeThread
SystemTimeToFileTime
MoveFileW
DeleteFileW
GetTempPathW
CreateFileW
FindFirstFileW
FindClose
CreateFileA
DeviceIoControl
GetUserDefaultUILanguage
GetModuleHandleA
GetProcAddress
GetLocaleInfoA
CreateDirectoryW
SetCurrentDirectoryW
SetProcessShutdownParameters
GetVersionExA
GetCurrentProcess
GetLastError
CloseHandle
LocalFree
GetCurrentThreadId
GetCurrentProcessId
Sleep
GetTickCount
InterlockedIncrement
InterlockedDecrement
lstrlenA
lstrlenW
TerminateProcess
GlobalUnlock
GlobalLock
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
GlobalAlloc
GetDriveTypeW
RemoveDirectoryW
FindNextFileW
SetFileAttributesW
GetLogicalDrives
ProcessIdToSessionId
SleepEx
CreateDirectoryA
DeleteFileA
GlobalFree
IsBadReadPtr
lstrcmpA
LocalFileTimeToFileTime
WaitNamedPipeW
lstrcpyA
GetCurrentDirectoryA
FindResourceA
DuplicateHandle
CreateSemaphoreA
SetThreadPriority
TlsSetValue
GetCurrentThread
TlsAlloc
ResumeThread
TlsGetValue
InterlockedExchange
GetStartupInfoA
SetEvent
SetLastError

Sections

.text
Size: 520KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/11d1c625cb8e90e307ace1879670c807
.js
some-samples-master/11ec260e74560de7c5470dc101d7a9a8
.exe windows:5 windows x86 arch:x86

470282e4fe2ebbf8acb122584604aac8

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0a:2a:ba:6b:7a:02:e3:c3:73:fd:2c:65:4b:31:1b:19
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19-09-2016 00:00

Not After

19-09-2017 23:59

Subject

CN=上海旭岑投资合伙企业（有限合伙）,OU=IT部,O=上海旭岑投资合伙企业（有限合伙）,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6f:a1:82:ac:2d:80:d0:62:fb:43:4a:05:f2:95:a9:f5:76:f1:4c:54
Signer

Actual PE Digest

6f:a1:82:ac:2d:80:d0:62:fb:43:4a:05:f2:95:a9:f5:76:f1:4c:54

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
SetWindowPos
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
EndDialog
GetSystemMetrics
CreatePopupMenu
AppendMenuA
GetWindowRect
SetDlgItemTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadBitmapA
IsWindowVisible
CallWindowProcA
GetMessagePos
ScreenToClient
CheckDlgButton
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
CharNextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
TrackPopupMenu
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint

kernel32

RemoveDirectoryA
GetSystemDirectoryA
lstrcatA
GetTempFileNameA
CreateFileA
CreateProcessA
CreateDirectoryA
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
SetErrorMode
GetVersion
lstrlenA
GetCommandLineA
GetTempPathA
GetWindowsDirectoryA
ExitProcess
CopyFileA
GetCurrentProcess
GetModuleFileNameA
GetFileSize
GetTickCount
Sleep
SetFileAttributesA
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsA
lstrcmpA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
SetFileSecurityA

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

ntdll

_allshl
_aulldiv
_allmul
_alldiv
_allrem
_allshr

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 792KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/11f9903fc52c271d929b87fdd1c143b2
.js
some-samples-master/11fd85b0d430b1813516d7af9a743750
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 234KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/122072cfef0fa64dca88ebd7f94237dd
.js
some-samples-master/1229b82e79effc0134b976bccb7acfa0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uro
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/123a036a674e4a17c022c212bf0f670c
.html .js polyglot
some-samples-master/127ed401a046f0ae9e0f859dbab053f9
.apk android

com.naphew.sys7

com.android.apache.MainActivity

Activities

com.android.apache.MainActivity

android.intent.action.MAIN

com.android.apache.BronewSec

android.intent.action.MAIN

com.wnyiq.iecyvtd.zxpe

android.intent.action.MAIN

Permissions

android.permission.ACCESS_NETWORK_STATE
android.permission.SYSTEM_ALERT_WINDOW
android.permission.INTERNET
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_TASKS
android.permission.READ_PHONE_STATE
com.android.launcher.permission.INSTALL_SHORTCUT
com.android.launcher.permission.UNINSTALL_SHORTCUT
android.permission.ACCESS_WIFI_STATE
android.permission.GET_ACCOUNTS
android.permission.WRITE_EXTERNAL_STORAGE
android.permission.GET_TASKS
android.permission.INTERNET
android.permission.READ_PHONE_STATE
com.android.launcher.permission.READ_SETTINGS
android.permission.RECEIVE_BOOT_COMPLETED
android.permission.READ_EXTERNAL_STORAGE

Receivers

com.android.apache.FzuiyeReceiver

android.intent.action.USER_PRESENT
android.intent.action.BOOT_COMPLETED
android.net.conn.CONNECTIVITY_CHANGE

com.pbf.s2smain.s.MainReceiver

android.intent.action.BOOT_COMPLETED
android.intent.action.USER_PRESENT

com.wnyiq.iecyvtd.hljo

android.intent.action.PACKAGE_ADDED
android.intent.action.USER_PRESENT
android.intent.action.BOOT_COMPLETED

Services
some-samples-master/12a41bbf4f905ccc9004721754b78064
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/12c04dd832a62f1b845fc660acee1eae
.js
some-samples-master/12c8d237585a3d4aceee5e57e8821d65
.html .js polyglot
some-samples-master/12d5bad2f934cbf1384fecbb889fdc0e
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 213KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/12e25814747d20c76a6b9b7236f2ed06
.html .js polyglot
some-samples-master/13220d43903553985d514d2c8bd3a1fa
.js
some-samples-master/133c1140d7f461b74fab5989910ff5af
.js
some-samples-master/133ddb2d8888ea9d9803de03316e8218
.js
some-samples-master/133facc32fcfa40dd8557d9d41d64845
.html
some-samples-master/13507838af1ce5d9f97f76884ff872aa
.exe windows:5 windows x86 arch:x86

3761264be1c53c591ab8b2afd8b13867

Code Sign

1b:e7:15
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

01-01-2014 07:00

Not After

30-05-2031 07:00

Subject

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03-05-2011 07:00

Not After

03-05-2031 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:a6:9e:72:e3:8a:fe:48
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

08-12-2015 18:56

Not After

08-12-2016 18:56

Subject

CN=Super Click Interactive,O=Super Click Interactive,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

cb:c1:fa:e6:cd:4f:1a:97:53:dd:07:df:2f:08:1b:df:8a:99:3a:ba
Signer

Actual PE Digest

cb:c1:fa:e6:cd:4f:1a:97:53:dd:07:df:2f:08:1b:df:8a:99:3a:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

gdi32

CreateBitmap
AbortPath
PolyPolygon
FlattenPath
DeleteObject
EnumObjects
SelectObject
CreateFontIndirectA
CreateFontA
SelectClipPath

user32

DispatchMessageA
TranslateMessage
PostMessageA
RegisterClassA
GetWindowLongA
DrawTextW
EndPaint
ShowWindow
DrawTextA
GetDC
SendMessageA
SendMessageW
GetMessageA
CreateWindowExA
GetGuiResources
InvertRect
BeginPaint

kernel32

RtlUnwind
GetSystemTimeAsFileTime
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
FormatMessageA
LocalFree
TerminateThread
GetLogicalProcessorInformation
RegisterWaitForSingleObject
CreateTimerQueue
GetMailslotInfo
SuspendThread
DeleteTimerQueue
GetLastError
MultiByteToWideChar
lstrcmpiA
GetFileAttributesA
GetProcAddress
WaitForSingleObject
ReleaseMutex
CloseHandle
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateMutexA
GetVersionExA
GetCurrentProcess
GetVersion
lstrcpynA
ExitProcess
GetModuleFileNameA
FreeLibrary
DeleteFileA
SetEnvironmentVariableA
DuplicateHandle
GetCurrentProcessId
GetEnvironmentVariableA
GetExitCodeProcess
TerminateProcess
ResumeThread
CreateProcessA
GetCommandLineA
LoadLibraryA
FlushFileBuffers
WriteFile
SetCurrentDirectoryA
CreateDirectoryA
GetTempPathA
GetModuleHandleA
ReadConsoleA
WriteConsoleA
GetStdHandle
GetCurrentDirectoryA
GetFullPathNameA
SetErrorMode
QueueUserWorkItem
HeapSize

msvcrt

realloc
rand
_pgmptr
srand
__argc
__argv
memmove
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_callnewh
_ismbblead
__getmainargs
_cexit
_exit
_XcptFilter
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_controlfp
memset
__CxxFrameHandler
atoi
_snprintf
_time64
memcpy
free
malloc

ole32

CoInitializeEx
OleInitialize
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID

shell32

SHGetPathFromIDListA
SHGetDiskFreeSpaceExA
ShellExecuteExA
SHFileOperationA
SHBrowseForFolderA
SHGetInstanceExplorer

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/1362e0c7c5063a0270f00be898c2d0f8
.js
some-samples-master/1395c7506fece30615dd70276b68a27a
.exe windows:4 windows x86 arch:x86

e525ca4f54be07c57842039dc3171cb2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
UpdateWindow
SendMessageW
InvalidateRect
DrawFocusRect
DrawFrameControl
DefWindowProcW
CreateWindowExW
DestroyWindow
MessageBoxW
SetFocus
LoadStringW
PostQuitMessage
EndPaint
DrawTextW
GetWindowRect
BeginPaint
GetDesktopWindow
GetMessageW
TranslateMessage
DispatchMessageW
LoadIconW
LoadBitmapW
RegisterClassExW
GetClassNameA

kernel32

ExitProcess
GetCommandLineW
SetLastError
lstrlenW
GetSystemInfo
GetCurrentDirectoryW
lstrcatW
CreateFileW
GetModuleHandleA
GetLastError
lstrcpyW
GetModuleHandleW
lstrcmpA
lstrlenA
GetStartupInfoA

gdi32

CreateCompatibleDC

comctl32

ord17

shell32

CommandLineToArgvW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memset

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/139a81b4e4691162989131cbe0a0bc21
.html .js polyglot
some-samples-master/13e2cf545c9bec618272a090a2e36cdc
.html .js polyglot
some-samples-master/144.76.197.58_hajimeeee.sh/hajimeeee.sh
.sh linux
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.arm
.elf linux arm
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.arm5n
.elf linux arm
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.arm7
.elf linux arm
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.m68k
.elf linux
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.mips
.elf linux mipsbe
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.mpsl
.elf linux mipsel
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.ppc
.elf linux ppc
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.sh4
.elf linux sh
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.spc
.elf linux sparc
some-samples-master/144.76.197.58_hajimeeee.sh/mirai.x86
.elf linux x86
some-samples-master/1454b8e731c97d2a06b41096a4fc7bda
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/145e2f0fe6d15ecd1998994fbf6efc9b
.js
some-samples-master/14ef3ae1403ebde118b77e02b323942a
.exe windows:4 windows x86 arch:x86

7fa974366048f9c551ef45714595665e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
GetWindowsDirectoryA
SetFileTime
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetTempPathA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/1517814c4d44cc632abb52d2d6307f15
.exe windows:5 windows x86 arch:x86

0ebb3c09b06b1666d307952e824c8697

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wextract.pdb

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
lstrlenA
GetModuleFileNameA
GetSystemDirectoryA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
FreeResource
GetProcAddress
LoadResource
SizeofResource
FindResourceA
lstrcatA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
LockResource

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/151b59a896d356ef9c94b073be77058a
.html .js polyglot
some-samples-master/1556f29c099ba7e666b6716972476aa4
.js
some-samples-master/155d038c1adacc2ca99dd9f92f797ad8
.js
some-samples-master/15642f0433c8d7609b44372f7496ad74
.js
some-samples-master/1588c129d85f15da0c252e2ca44063b3
.html
some-samples-master/158c6917263f9febc0d0c539d1afc1e1
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/159.203.76.24/bash
.elf linux x64
some-samples-master/159.203.76.24/bash.1
.elf linux x64
some-samples-master/159.203.76.24/cron
.elf linux x86
some-samples-master/159.203.76.24/cron.1
.elf linux x86
some-samples-master/159.203.76.24/ftp
.elf linux ppc
some-samples-master/159.203.76.24/ftp.1
.elf linux ppc
some-samples-master/159.203.76.24/ntpd
.elf linux mipsbe
some-samples-master/159.203.76.24/nut
.elf linux sparc
some-samples-master/159.203.76.24/nut.1
.elf linux sparc
some-samples-master/159.203.76.24/openssh
.elf linux sh
some-samples-master/159.203.76.24/openssh.1
.elf linux sh
some-samples-master/159.203.76.24/pftp
.elf linux x86
some-samples-master/159.203.76.24/pftp.1
.elf linux x86
some-samples-master/159.203.76.24/sh
.elf linux
some-samples-master/159.203.76.24/sh.1
.elf linux
some-samples-master/159.203.76.24/sshd
.elf linux mipsel
some-samples-master/159.203.76.24/sshd.1
.elf linux mipsel
some-samples-master/159.203.76.24/tftp
.elf linux arm
some-samples-master/159.203.76.24/tftp.1
.elf linux arm
some-samples-master/159.203.76.24/wget
.elf linux arm
some-samples-master/159.203.76.24/wget.1
.elf linux arm
some-samples-master/159431a42b4a601705b43a187b8fee3d
.html
some-samples-master/15da1a241c86cc0f00ed3352a1450158
.exe windows:5 windows x86 arch:x86

34777d7aef5134fd431006c35a3398b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DuplicateHandle
OpenEventA
CreateFileMappingA
LoadLibraryA
GetModuleHandleA
CreateFileA
DeleteFileA
FindFirstFileA
CompareStringA
CompareStringW
SetThreadLocale
WaitForSingleObject
GetFileSize
ReadFile
GetTickCount
OpenEventW
OpenSemaphoreW
GetFileType
CreateFileW
DecodePointer
EncodePointer
WriteConsoleW
SetFilePointerEx
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetConsoleCtrlHandler
GetProcessHeap
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcess
GetModuleFileNameW
GetProcAddress
GetCommandLineW
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
RaiseException

user32

GetAltTabInfoA
FindWindowExW
DeleteMenu
GetMenu
GetClipboardData
SetWindowPos
CloseWindow
GetAltTabInfoW
GetWindow
GetWindowTextLengthW
GetWindowTextW
GetWindowTextA
IsZoomed
OpenIcon
DefWindowProcA
ShowWindow

gdi32

CreateSolidBrush
GetPixelFormat

oleaut32

SafeArrayCreate

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 791KB - Virtual size: 790KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/161441bb6611e9152ffa97a50e2d906b
some-samples-master/16237df3c156e1fd2239d3b84b585140
.html .js polyglot
some-samples-master/1627b06b2fbeb385424f45e088b4c159
.html .js polyglot
some-samples-master/1648fce457c97ed47e177f562140a7f6
.js
some-samples-master/165622754f824013e5045cc3b252daf5
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/169fbfb7d14510c405a5b6781fae4f0d
.html
some-samples-master/16a47e9653bbaa3441075da7210a91c2
.html
some-samples-master/16b5985b6e68f0944fceab89f68477aa
.js
some-samples-master/16b5bec618321daef93e58ec1eba7c51
.exe windows:5 windows x86 arch:x86

2fa6daa65e3fdbb87e7067ee7fa45c4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
lstrcpyA
CloseHandle
ReadFile
GetFileSize
CreateFileA
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

tyrij

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/16b5d3b5d0138be92c932635dfb60321
.js
some-samples-master/16fc17bb1376110eaa03fa9187e48588
.html .js polyglot
some-samples-master/1720b1748ad7b8ac0bfc1c3636fead95
.exe windows:4 windows x86 arch:x86

87b1bf5d6ea7e7bea778583978f61b64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clbcatq

DowngradeAPL
SetSetupSave

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range

user32

wsprintfA
LoadBitmapW
IsDialogMessageA
DispatchMessageW
PostMessageW
CharToOemA
LoadIconA
IsCharLowerW
DialogBoxParamA
MessageBoxA
GetClassLongA
DrawStateW
PeekMessageW
InsertMenuW

cryptdll

MD5Update
MD5Final

kernel32

GetCommandLineW
InterlockedIncrement
CreateNamedPipeA
GetEnvironmentVariableW
WaitForSingleObject
GetLocalTime
CreateThread
GetModuleFileNameW
FindClose
FindResourceExA
OpenProcess
GlobalAddAtomA
GetConsoleTitleA
SetPriorityClass
FindNextFileW
CreateFileMappingW
FindFirstFileW
FormatMessageA
CloseHandle
GetLogicalDriveStringsA
GetProcAddress
GetPrivateProfileStringA
CreateDirectoryA
CreateSemaphoreW
LoadLibraryA
SetEnvironmentVariableA
GetModuleHandleA

shlwapi

UrlGetPartW
PathCompactPathW
UrlCreateFromPathW
UrlCombineA
UrlEscapeW
UrlCompareW
UrlUnescapeW
PathIsRootW
UrlHashA
UrlIsNoHistoryW
UrlGetLocationA
PathCommonPrefixW
UrlIsW
PathCombineA

rsaenh

CPDecrypt
CPDeriveKey

shell32

Shell_NotifyIconA
DllCanUnloadNow
DragQueryFileA
DllGetVersion
SHBrowseForFolderW
SHGetFolderPathA
StrChrA
ExtractIconW
SHEmptyRecycleBinA
SHCreateDirectoryExA

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 538KB - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dec
Size: 2KB - Virtual size: 256KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/173.0.52.188/fyfa
.elf linux mipsbe
some-samples-master/173.0.52.188/fyfa1
.elf linux mipsel
some-samples-master/173.0.52.188/fyfa2
.elf linux sh
some-samples-master/173.0.52.188/fyfa3
.elf linux x64
some-samples-master/173.0.52.188/fyfa4
.elf linux arm
some-samples-master/173.0.52.188/fyfa5
.elf linux x86
some-samples-master/173.0.52.188/fyfa6
.elf linux ppc
some-samples-master/173.0.52.188/fyfa7
.elf linux x86
some-samples-master/173.0.52.188/fyfa8
.elf linux
some-samples-master/173.0.52.188/fyfa9
.elf linux sparc
some-samples-master/173.212.226.176/k32
.elf linux x86
some-samples-master/173.212.226.176/k38
.elf linux x86
some-samples-master/173.212.226.176/k48
.elf linux x86
some-samples-master/173.212.226.176/k58
.elf linux x86
some-samples-master/173.212.226.176/k64
.elf linux x64
some-samples-master/173.212.226.176/k68
.elf linux x86
some-samples-master/173.212.226.176/kar
.elf linux arm
some-samples-master/173.212.226.176/kml
.elf linux mipsel
some-samples-master/173.212.226.176/kms
.elf linux mipsbe
some-samples-master/173.212.226.176/kpc
.elf linux ppc
some-samples-master/173.212.226.176/ksh
.elf linux sh
some-samples-master/173133120498495d172e9b3739a0f4f7
.html
some-samples-master/175b35b7108e3bae4656870edb87e2b0
.exe windows:4 windows x86 arch:x86

489d9615bbda948758a597af9520b5e5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord641
ord2514
ord2621
ord1134
ord823
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord4698
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord1146
ord1168
ord800
ord4160
ord540
ord2863
ord2379
ord755
ord470
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord1775
ord4673

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
realloc
free
memcpy
memset
strlen
_CxxThrowException
__CxxFrameHandler
malloc
printf

kernel32

Sleep
WriteFile
GetProcAddress
LoadLibraryA
ReadFile
GetFileSize
HeapAlloc
GetProcessHeap
VirtualAlloc
IsBadReadPtr
HeapFree
VirtualFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA
CloseHandle

user32

LoadIconA
SendMessageA
AppendMenuA
GetSystemMenu
DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
EnableWindow

Exports

Exports

stricmp

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/179.43.146.30/
.elf linux arm
some-samples-master/179.43.146.30/apache2
.elf linux arm
some-samples-master/179.43.146.30/bash
.elf linux x64
some-samples-master/179.43.146.30/cron
.elf linux ppc
some-samples-master/179.43.146.30/ftp
.elf linux x86
some-samples-master/179.43.146.30/ntpd
.elf linux mipsbe
some-samples-master/179.43.146.30/openssh
.elf linux sh
some-samples-master/179.43.146.30/pftp
.elf linux
some-samples-master/179.43.146.30/sh
.elf linux sparc
some-samples-master/179.43.146.30/sshd
.elf linux mipsel
some-samples-master/179.43.146.30/tftp
.elf linux arm
some-samples-master/179.43.146.30/wget
.elf linux x86
some-samples-master/17c0acea87045439b7db3f84d375d936
some-samples-master/17d2b535eabc43ddf34961c752a8fb64
.html .js polyglot
some-samples-master/17d566e750bc4853a78d0c8c0b679b6c
.html
some-samples-master/17e4b91d92ae53d4997c6d2670375c7f
.html .js polyglot
some-samples-master/1811285337a25c9e1f1a67452cbdf405
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/185.114.227.116/5e020cb8552bf503b96b2839e370237222746c724f861aaea80f586a2da0aa06
some-samples-master/185.114.227.116/oharm
.elf linux arm
some-samples-master/185.114.227.116/ohi686
.elf linux x86
some-samples-master/185.114.227.116/ohmips
.elf linux mipsbe
some-samples-master/185.114.227.116/ohmips64
.elf linux mipsbe
some-samples-master/185.114.227.116/ohmipsel
.elf linux mipsel
some-samples-master/185.114.227.116/ohppc
.elf linux ppc
some-samples-master/185.114.227.116/ohsh4
.elf linux sh
some-samples-master/185.114.227.116/ohsparc
.elf linux sparc
some-samples-master/185.114.227.116/ohx64
.elf linux x64
some-samples-master/185.145.131.173_FUS<num>/FUS1
.elf linux mipsbe
some-samples-master/185.145.131.173_FUS<num>/FUS11
.elf linux arm
some-samples-master/185.145.131.173_FUS<num>/FUS12
.elf linux arm
some-samples-master/185.145.131.173_FUS<num>/FUS2
.elf linux mipsel
some-samples-master/185.145.131.173_FUS<num>/FUS3
.elf linux sh
some-samples-master/185.145.131.173_FUS<num>/FUS4
.elf linux x64
some-samples-master/185.145.131.173_FUS<num>/FUS5
.elf linux arm
some-samples-master/185.145.131.173_FUS<num>/FUS6
.elf linux x86
some-samples-master/185.145.131.173_FUS<num>/FUS7
.elf linux ppc
some-samples-master/185.145.131.173_FUS<num>/FUS8
.elf linux x86
some-samples-master/185.145.131.173_FUS<num>/FUS9
.elf linux
some-samples-master/185.145.131.173_FUS<num>/link
some-samples-master/185.145.131.173_FUS<num>/meth.sh
.sh linux
some-samples-master/185.145.131.236/HIH1
.elf linux mipsbe
some-samples-master/185.145.131.236/HIH11
.elf linux arm
some-samples-master/185.145.131.236/HIH12
.elf linux arm
some-samples-master/185.145.131.236/HIH2
.elf linux mipsel
some-samples-master/185.145.131.236/HIH3
.elf linux sh
some-samples-master/185.145.131.236/HIH4
.elf linux x64
some-samples-master/185.145.131.236/HIH5
.elf linux arm
some-samples-master/185.145.131.236/HIH6
.elf linux x86
some-samples-master/185.145.131.236/HIH7
.elf linux ppc
some-samples-master/185.145.131.236/HIH8
.elf linux x86
some-samples-master/185.145.131.236/HIH9
.elf linux
some-samples-master/185.145.131.236/IOK1
.elf linux mipsbe
some-samples-master/185.145.131.236/IOK11
.elf linux arm
some-samples-master/185.145.131.236/IOK12
.elf linux arm
some-samples-master/185.145.131.236/IOK2
.elf linux mipsel
some-samples-master/185.145.131.236/IOK3
.elf linux sh
some-samples-master/185.145.131.236/IOK4
.elf linux x64
some-samples-master/185.145.131.236/IOK5
.elf linux arm
some-samples-master/185.145.131.236/IOK6
.elf linux x86
some-samples-master/185.145.131.236/IOK7
.elf linux ppc
some-samples-master/185.145.131.236/IOK8
.elf linux x86
some-samples-master/185.145.131.236/IOK9
.elf linux
some-samples-master/185.145.131.243_ddos_sh/SSS1
.elf linux mipsbe
some-samples-master/185.145.131.243_ddos_sh/SSS11
.elf linux arm
some-samples-master/185.145.131.243_ddos_sh/SSS12
.elf linux arm
some-samples-master/185.145.131.243_ddos_sh/SSS2
.elf linux mipsel
some-samples-master/185.145.131.243_ddos_sh/SSS3
.elf linux sh
some-samples-master/185.145.131.243_ddos_sh/SSS4
.elf linux x64
some-samples-master/185.145.131.243_ddos_sh/SSS5
.elf linux arm
some-samples-master/185.145.131.243_ddos_sh/SSS6
.elf linux x86
some-samples-master/185.145.131.243_ddos_sh/SSS7
.elf linux ppc
some-samples-master/185.145.131.243_ddos_sh/SSS8
.elf linux x86
some-samples-master/185.145.131.243_ddos_sh/SSS9
.elf linux
some-samples-master/185.145.131.243_ddos_sh/ddos.sh
.sh linux
some-samples-master/185.165.29.24_baws_sh/[CPU]
.elf linux arm
some-samples-master/185.165.29.24_baws_sh/apache2
.elf linux arm
some-samples-master/185.165.29.24_baws_sh/bash
.elf linux x64
some-samples-master/185.165.29.24_baws_sh/cron
.elf linux ppc
some-samples-master/185.165.29.24_baws_sh/ftp
.elf linux x86
some-samples-master/185.165.29.24_baws_sh/ntpd
.elf linux mipsbe
some-samples-master/185.165.29.24_baws_sh/openssh
.elf linux sh
some-samples-master/185.165.29.24_baws_sh/pftp
.elf linux
some-samples-master/185.165.29.24_baws_sh/sh
.elf linux sparc
some-samples-master/185.165.29.24_baws_sh/sshd
.elf linux mipsel
some-samples-master/185.165.29.24_baws_sh/telnetd
.elf linux ppc
some-samples-master/185.165.29.24_baws_sh/tftp
.elf linux arm
some-samples-master/185.165.29.24_baws_sh/wget
.elf linux x86
some-samples-master/185.25.50.5_tor/t32.dll
some-samples-master/18528a2c7a2a05292f2d62906c492a38
.html
some-samples-master/188.25.157.171/dvrHelper
.elf linux sh
some-samples-master/188.25.157.171/mirai.arm
.elf linux arm
some-samples-master/188.25.157.171/mirai.arm5n
.elf linux arm
some-samples-master/188.25.157.171/mirai.arm7
.elf linux arm
some-samples-master/188.25.157.171/mirai.m68k
.elf linux
some-samples-master/188.25.157.171/mirai.mips
.elf linux mipsbe
some-samples-master/188.25.157.171/mirai.mpsl
.elf linux mipsel
some-samples-master/188.25.157.171/mirai.ppc
.elf linux ppc
some-samples-master/188.25.157.171/mirai.sh4
.elf linux sh
some-samples-master/188.25.157.171/mirai.spc
.elf linux sparc
some-samples-master/188.25.157.171/mirai.x86
.elf linux x86
some-samples-master/18ddcd6e2d0534a9fd5ed10621035b28
.js
some-samples-master/18fae0740fe1596f5132b8c37bd90baf
.html .js polyglot
some-samples-master/190ae870da98caf56770b54e04c9252c
.js
some-samples-master/19104d78db598a2f054a90a537466ed1
.js
some-samples-master/1927aac48c95ecf61c50ec60ef643955
.exe windows:4 windows x86 arch:x86

888f7c3cb1911069f97ed9c2bd4061db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetPriorityClass
GetCurrentProcess
ResumeThread
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
DebugBreak
lstrcmpiA
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
GetFileAttributesA
GetDriveTypeA
ReadFile
GetFileSize
CallNamedPipeA
GetUserDefaultLangID
lstrlenW
FileTimeToSystemTime
SetFilePointer
GetTempPathA
GetTempFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetLastError
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
SetFileAttributesA
GetModuleHandleA
SetLastError
GetWindowsDirectoryA
GetShortPathNameA
CreateFileA
WriteFile
CloseHandle
MoveFileA
lstrcpyA
GetTickCount
CopyFileA
DeleteFileA
GetModuleFileNameA
lstrcpynA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FreeLibrary
lstrlenA
HeapAlloc
lstrcatA

user32

CharNextA
GetKeyboardType
PeekMessageA
MsgWaitForMultipleObjects
SetCursor
SetWindowLongA
SetTimer
EndDialog
GetSystemMetrics
BeginDeferWindowPos
GetWindowTextA
SetWindowTextA
DeferWindowPos
EndDeferWindowPos
LoadStringA
GetClientRect
ScreenToClient
PostMessageA
GetDC
ReleaseDC
ShowWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendMessageA
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
wvsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetMessageA
RedrawWindow
KillTimer
InvalidateRect
UpdateWindow
GetDlgItemTextA
LoadCursorA
TranslateMessage
DispatchMessageA
wsprintfA
LoadImageA

gdi32

UpdateColors
SetTextColor
SetBkMode
GetDeviceCaps
SelectPalette
CreateHalftonePalette
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
DeleteObject
RealizePalette
BitBlt
DeleteDC
SelectObject

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
StrRChrA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
VariantClear

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/19532de6db3bda8916afaf8a555ef352
.exe windows:6 windows x86 arch:x86

34d7726575c0717426b9cfc1c2ce2171

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Admin\Desktop\ransom\ThisProgram\Debug\ThisProgram.pdb

Imports

rpcrt4

UuidCreateSequential

kernel32

VirtualQuery
MultiByteToWideChar
GetLastError
CreateFileW
CreateProcessA
GetFileAttributesExW
GetModuleHandleW
GetExitCodeProcess
WaitForSingleObject
SetEnvironmentVariableA
ReadConsoleW
SetStdHandle
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
GetModuleFileNameW
HeapValidate
GetSystemInfo
RaiseException
RtlUnwind
GetCommandLineA
FatalAppExitA
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
SetEndOfFile
CreateSemaphoreW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
WriteFile
CloseHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetFileType
ReadFile
SetFilePointerEx
SetConsoleCtrlHandler
FreeLibrary
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
OutputDebugStringA
WriteConsoleW
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetModuleFileNameA
GetCurrentThread
GetCurrentThreadId
HeapAlloc
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation

user32

ShowWindow
FindWindowA

advapi32

RegQueryValueExW
RegOpenKeyExW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
RegSetValueExW

wininet

InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetOpenW

Sections

.textbss
Size: - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 889KB - Virtual size: 889KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/195d6fc3689d579a9c7e1f363f15a9e2
.html
some-samples-master/198.167.140.187_bin.sh/
.elf linux arm
some-samples-master/198.167.140.187_bin.sh/apache2
.elf linux arm
some-samples-master/198.167.140.187_bin.sh/bash
.elf linux x64
some-samples-master/198.167.140.187_bin.sh/cron
.elf linux ppc
some-samples-master/198.167.140.187_bin.sh/ftp
.elf linux x86
some-samples-master/198.167.140.187_bin.sh/ntpd
.elf linux mipsbe
some-samples-master/198.167.140.187_bin.sh/openssh
.elf linux sh
some-samples-master/198.167.140.187_bin.sh/pftp
.elf linux
some-samples-master/198.167.140.187_bin.sh/sh
.elf linux sparc
some-samples-master/198.167.140.187_bin.sh/sshd
.elf linux mipsel
some-samples-master/198.167.140.187_bin.sh/tftp
.elf linux arm
some-samples-master/198.167.140.187_bin.sh/wget
.elf linux x86
some-samples-master/1985bca478756ce0bc32b58bc3a4b97c
.js
some-samples-master/198aa4b2469500b2d0a17156c210092f
some-samples-master/1993708e0c2e1502e2d49618927fb018
.exe windows:4 windows x86 arch:x86

b40dba371e51a4e33e7bbf54defa4172

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1859
ord4246
ord2723
ord3059
ord4303
ord5012
ord5472
ord3403
ord2878
ord6055
ord4077
ord1776
ord5237
ord2649
ord1665
ord2725
ord674
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord823
ord1858
ord4245
ord5101
ord2101
ord2390
ord5100
ord5104
ord4467
ord3351
ord976
ord2879
ord4152
ord2382
ord5283
ord4436
ord2445
ord4427
ord401
ord5254
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4612
ord4615
ord1168

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
free
realloc
__CxxFrameHandler
_setmbcp
_stricmp
_controlfp

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
Sleep
GetModuleHandleA
GetStartupInfoA

user32

EnableWindow

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/19a37fd8499086086d63549c023333f6
some-samples-master/19b4fd0cf164eefdb3a6e2e784eda125
.js
some-samples-master/19de0569cd454239a3b8d70c0fbcbd36
.html .js polyglot
some-samples-master/1a2ca473766456a5ba6a9cd36739fabc
.js
some-samples-master/1a2ff52a28e6558f3bc67f334cd68b24
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 280KB - Virtual size: 264KB

Size: 284KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA

Size: - Virtual size:

Size: - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA

Size: - Virtual size:
some-samples-master/1a4021a6923c9d0420d521be90dd851c
.html .js polyglot
some-samples-master/1a693249cb5de85df65ea14759c58c16
.html .js polyglot
some-samples-master/1a8030d54d5108e91fd86a72b62c58fe
.exe windows:4 windows x86 arch:x86

4c06843edb64cff0e4b8c693ca71361c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
ord697
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord521
_CIsin
ord524
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
DllFunctionCall
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
ord648
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaI4Str
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord100
ord610
__vbaStrToAnsi
ord613
_CIatan
ord618
__vbaStrMove
ord619
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 432KB - Virtual size: 430KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/1a89371ea1bfae68ce3242ce40d80bd3
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/1a964897a1f3fe242ea391622edb3626
.js
some-samples-master/1ab25d0411070ef4ac5c6f8a7b2cdd00
.js
some-samples-master/1b07116e98b5c4a005d27b484af2152e
.js
some-samples-master/1b3484e6f41ed5ad56ecb958a07a2a09
.html
some-samples-master/1b36da50bf91cc64fb5cce52b1a34373
.exe windows:4 windows x86 arch:x86

1f73e8fa0bfe6a7ec5a36e795a55c2bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
DuplicateHandle
CreateFileA
GetLastError
TerminateProcess
CopyFileA
GlobalMemoryStatusEx
GetSystemInfo
GetSystemDefaultUILanguage
GetStartupInfoA
GetModuleHandleA
WaitForSingleObject
MultiByteToWideChar
GetTempPathA
WinExec
OpenMutexA
ReleaseMutex
ExitProcess
lstrlenA
FreeLibrary
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
LoadLibraryA
GetProcAddress
CreateThread
CloseHandle
lstrcpyA
OutputDebugStringA
HeapFree
ExitThread
Sleep
GetTickCount
lstrcatA
GetProcessHeap
HeapAlloc
GetLocalTime

user32

wsprintfA

advapi32

OpenProcessToken
CreateServiceA
StartServiceA
RegOpenKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenServiceA
DeleteService
CloseServiceHandle
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegEnumKeyExA
RegEnumValueA
RegOpenKeyExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegCloseKey
FreeSid

shell32

SHChangeNotify
ShellExecuteExA

msvcrt

srand
time
printf
_ftol
sprintf
fprintf
_iob
_local_unwind2
realloc
malloc
__CxxFrameHandler
strstr
atoi
strncpy
strcspn
wcscpy
_CxxThrowException
localtime
memcpy
??2@YAPAXI@Z
strncmp
??3@YAXPAX@Z
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
rand
strlen
memset
strcpy
strchr
strncat
strcat
_except_handler3
strcmp
_strnicmp

ws2_32

WSAGetLastError
WSACleanup
htonl
send
select
sendto
inet_addr
gethostbyname
socket
htons
connect
closesocket
__WSAFDIsSet
recv
WSAIoctl
setsockopt
WSASocketA
WSAStartup

shlwapi

SHDeleteKeyA

netapi32

NetUserAdd
NetLocalGroupAddMembers

msvcp60

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
??0Init@ios_base@std@@QAE@XZ

pdh

PdhOpenQueryA
PdhAddCounterA
PdhCollectQueryData
PdhGetFormattedCounterValue
PdhCloseQuery
PdhEnumObjectItemsA

iphlpapi

GetIfTable

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/1b3f31c57751cc36baf57b121d086e4d
.html .js polyglot
some-samples-master/1b400ba5f696672b743524af1c635dbe
.js
some-samples-master/1b785ad008b381045d41a3c8e174f0a9
.js
some-samples-master/1ba73a8a76dab05e06508fe1db829c3c
some-samples-master/1bda150b6499ef328e9f5210fc8a60b7
.exe windows:4 windows x86 arch:x86

36ad125d833d401ebd011e5cfb5c0ce2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
ReleaseMutex
GetFileSize
GetFileAttributesA
WaitForSingleObject
GetLastError
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
ExitThread
GetStartupInfoA
GetModuleHandleA
CloseHandle
WinExec
LoadLibraryA
GetProcAddress
GlobalAlloc
Sleep
TerminateProcess

user32

GetDesktopWindow
wsprintfA

advapi32

StartServiceCtrlDispatcherA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA

ws2_32

WSAStartup
closesocket
htonl
select
recv
setsockopt
socket
connect
WSACleanup
send
htons
__WSAFDIsSet
inet_addr
sendto
inet_ntoa

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
realloc
malloc
atoi
strncpy
strcspn
strstr
sprintf
strncmp
exit
free

Sections

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/1be351a0313500246d0cab437a8597c1
.doc windows office2003
some-samples-master/1c12e136e761f5edf0c33efcb3b0db7a
.js
some-samples-master/1c1a6b70b5e2b13c019d5cbdf0f12738
.exe windows:4 windows x86 arch:x86

80bdc9bb83b743b0e1aa86562399fdea

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetDlgItemTextW
DrawStateW
LoadIconA
InsertMenuW
DispatchMessageA
LoadCursorA
DialogBoxParamA
PeekMessageA
CreateWindowExW
IsDialogMessageW
LoadBitmapW
wsprintfA
GetPropW
CharUpperW
GetClassLongA

kernel32

CreateJobObjectA
GetCurrentThread
InterlockedExchange
CreateWaitableTimerA
lstrcatA
GetModuleHandleA
FindResourceA
GetCommandLineA
CreateSemaphoreA
GetPrivateProfileStringA
SetLastError
GetLogicalDriveStringsA
WaitForSingleObject
DefineDosDeviceA
GetCurrentDirectoryA
lstrcpy
FormatMessageA
LoadLibraryA
CreateDirectoryW
GetCurrentProcess
CreateProcessA
IsBadCodePtr
IsBadStringPtrA
ReadConsoleA
GlobalAddAtomW
GetProcAddress
GetFileAttributesA

cmpbk32

PhoneBookEnumCountries
PhoneBookLoad
PhoneBookFreeFilter
PhoneBookEnumNumbers
PhoneBookCopyFilter

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.opc
Size: 518KB - Virtual size: 517KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/1c28f78b8391958a9bf47c59cea3ff92
some-samples-master/1c6a7b86fcdf5f05357d00583bca0a1c
.html .js polyglot
some-samples-master/1c97a0a6fc078d7c93a4c8248f64b9c7
.js
some-samples-master/1cc220919b386853ab90fdd8953a1e2d
.exe windows:5 windows x86 arch:x86

40fe9f896e831aeda5632ee747a81837

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LocalFree
GetCurrentProcessId
LoadLibraryA
LocalAlloc
GetProcAddress
GetModuleHandleA
GetVersionExA
ExitProcess
ReadFile
CloseHandle
CreateProcessW
GetStartupInfoW
CreatePipe
GetCommandLineW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
IsDebuggerPresent

user32

ShowWindow
RegisterClassExA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
SetTimer
FlashWindow
DestroyWindow
PostQuitMessage
KillTimer
DefWindowProcA
keybd_event
CreateWindowExA

shell32

CommandLineToArgvW

msvcr90

__p__fmode
_crt_debugger_hook
_controlfp_s
_invoke_watson
_except_handler4_common
strcpy_s
_except_handler3
memset
strstr
puts
wprintf
_decode_pointer
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
exit
__initenv
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
printf
_encode_pointer
__set_app_type
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/1d112632bd7e1e8cab032e549a882bac
.js
some-samples-master/1d405242192767ecd1891c9534008b17
.html .js polyglot
some-samples-master/1d48a2265b08fdd4f007c58d4e243001
.js
some-samples-master/1d4aa620709207fce45dcf2cd6b6a976
.html
some-samples-master/1d595738eea03bf526c3f585a8b62aaa
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/1d6037a94cf4f84edec9fcc5b056ff8c
some-samples-master/1d799fea505ca7f137a9fced8a2cb4dd
.js
some-samples-master/1dd59c1bedddfd664b830443aece99ec
.js
some-samples-master/1dfb1d9225d8c5786c84bede0a2fe217
.html
some-samples-master/1dfe9845100ed0daa0e2782d4ac99c4c
.html .js polyglot
some-samples-master/1e6fd0aa46c90cec79b82b5e8363d7ac
.html .js polyglot
some-samples-master/1eb5b93203f2ee6d0cc0c61f634eeb63
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/1ec1efa313530aaf024f3a060cdc931a
.html .js polyglot
some-samples-master/1ed645b73efb041a4d9ba1365e5c02aa
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.pmj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/1ef8ac208d26166d018632e66c1d11ce
.exe windows:4 windows x86 arch:x86

59a6da2a3114d750766c56837b8ccf12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
free
_controlfp
realloc
_stricmp

kernel32

GetModuleHandleA
FreeLibrary
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
VirtualAlloc
GetProcessHeap
HeapAlloc
GetStartupInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 794B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/1f2c6cbbb48540be8e7a11f70d81ea2a
.js
some-samples-master/1f6add98a274f127ff3ea484908af205
.js
some-samples-master/1fb4873879f56842cf6c7197a81f7736
.js
some-samples-master/1fe28256dfcc945107b2cd4b170c5e9b
.js
some-samples-master/1ff4280d744a84edbc6e67e2f7166fe2
.html
some-samples-master/2003f31f607ec1d1ac1f67c90b527454
.js
some-samples-master/201c9394a9175c5204f141dc176da951
.js
some-samples-master/2022ced584e0502d7783f111368bf90b
.exe windows:5 windows x86 arch:x86

abfb62dfc24fbc2fb2bdbbdd26faa0fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\桌面\20170823源码集合\20170730改版企业版2.9源码\serverdata\Release\NewTest.pdb

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
ReadFile
GetFileSize
lstrcpyA
CloseHandle
CreateFileA
FreeLibrary
WriteFile
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapCreate
HeapDestroy
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetConsoleCtrlHandler
InterlockedExchange
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

Kessmia

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2022df025755201db746b19abe771216
.html .js polyglot
some-samples-master/2053e42b2dd3b6bc61263ffba2fc002c
.html .js polyglot
some-samples-master/207ca88505509183e54b50141dadf9bb
.js
some-samples-master/208a4d37ed78cabfc8d3f90306a22e72
.js
some-samples-master/209da191470ea19c2dde6d1acb2dde5d
.html .js polyglot
some-samples-master/20a51bf0c489d3f2792cfae6ef4ee337
.exe windows:5 windows x86 arch:x86

92ecf985d7128974aed3f20f6dfa66d0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
DeleteFileA
VirtualFree
GetLastError
LoadLibraryA
DecodePointer
CreateFileW
Sleep
GetVersion
CreateProcessA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetStdHandle
WriteFile
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
CloseHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
SetStdHandle
GetStringTypeW
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
RaiseException
GetProcAddress

user32

CreateIconFromResource
DdePostAdvise

advapi32

SystemFunction036
AllocateLocallyUniqueId
FindFirstFreeAce

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 281KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/210133d28128b92bbd4f8d9537c0340d
.elf linux ppc
some-samples-master/211719bb29caa2042e5db8a7c84efb43
.html .js polyglot
some-samples-master/211b9ae69e887c1566927ad5961b72b8
.exe windows:4 windows x86 arch:x86

0fa9a08282241fecf69984aea760ef64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
GetProcessHeap
FreeLibrary
HeapAlloc
CloseHandle
WriteFile
Sleep
CreateFileA
ReadFile
GetFileSize
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

msvcr80

exit
_acmdln
_ismbblead
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc
memset
memcpy
_initterm
_stricmp

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/212.237.33.66/mirai.arm
.elf linux arm
some-samples-master/212.237.33.66/mirai.arm.1
.elf linux arm
some-samples-master/212.237.33.66/mirai.arm5n
.elf linux arm
some-samples-master/212.237.33.66/mirai.arm7
.elf linux arm
some-samples-master/212.237.33.66/mirai.m68k
.elf linux
some-samples-master/212.237.33.66/mirai.mips
.elf linux mipsbe
some-samples-master/212.237.33.66/mirai.mpsl
.elf linux mipsel
some-samples-master/212.237.33.66/mirai.ppc
.elf linux ppc
some-samples-master/212.237.33.66/mirai.sh4
.elf linux sh
some-samples-master/212.237.33.66/mirai.spc
.elf linux sparc
some-samples-master/212.237.33.66/mirai.x86
.elf linux x86
some-samples-master/212.237.8.149/apache2
.elf linux arm
some-samples-master/212.237.8.149/bash
.elf linux x64
some-samples-master/212.237.8.149/cron
.elf linux ppc
some-samples-master/212.237.8.149/ftp
.elf linux x86
some-samples-master/212.237.8.149/ntpd
.elf linux mipsbe
some-samples-master/212.237.8.149/openssh
.elf linux sh
some-samples-master/212.237.8.149/pftp
.elf linux
some-samples-master/212.237.8.149/sh
.elf linux sparc
some-samples-master/212.237.8.149/sshd
.elf linux mipsel
some-samples-master/212.237.8.149/tftp
.elf linux arm
some-samples-master/212.237.8.149/wget
.elf linux x86
some-samples-master/21327f85d0fd09b558c9ceb5589cf90d
.exe windows:4 windows x86 arch:x86

6a19edb827d7db76f5b650a699546fbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

l*x3c/|SHi92XCHgH8.9nwc*QhFhjUy

Imports

wintrust

CryptCATAdminReleaseCatalogContext

user32

GetDialogBaseUnits
GetMenuStringW
SubtractRect
GetDlgItemInt

advapi32

QueryServiceConfigA
CheckTokenMembership

rpcrt4

NdrOleFree

shlwapi

PathIsDirectoryEmptyW

ole32

PropVariantClear
CoFreeLibrary
OleLoadFromStream

shell32

SHBrowseForFolderA

mprapi

MprAdminTransportGetInfo

crypt32

CryptSIPAddProvider

gdi32

FillRgn
PtVisible

kernel32

RemoveDirectoryW
SetEnvironmentVariableW
ReleaseMutex
WTSGetActiveConsoleSessionId
FreeLibraryAndExitThread
PostQueuedCompletionStatus

Sections

.text
Size: 4KB - Virtual size: 820B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Yc|LjXl
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jA
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

o7F8m2
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

B
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iklbSk
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/21391aaa6231cb7e1c07042444c906ef
.html
some-samples-master/215d73dc038d57d665122c4269a01016
.js
some-samples-master/2176a335a921c37ada60f353f9fb08be
.js
some-samples-master/21b094594b3374082b83cc94071edd61
.js
some-samples-master/21b7a7d70044444fadd71a20b49419b3
.html
some-samples-master/21e07ceea6910609d05006d7ce65081c
some-samples-master/2200566127e8de5c0881c7d899d3553d
some-samples-master/2207f7cccfedbc289705a04b1ce8fa32
.html .js polyglot
some-samples-master/22156bdc25c468d8b9130f191c2aee33
.js
some-samples-master/223afa2bb92736bca2175129e96457f8
.html
some-samples-master/228b7e4fbf847a14e9892cdb13e48735
.exe windows:4 windows x86 arch:x86

f5a59bdc6ca2470dcd77a89286f04a07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord807
ord641
ord860
ord540
ord554
ord324
ord825
ord2370
ord4234
ord1200
ord1168
ord823
ord5884
ord5655
ord4163
ord6625
ord4710
ord6334
ord858
ord2379
ord4099
ord1911
ord3316
ord3314
ord5242
ord6121
ord1774
ord2490
ord5010
ord5658
ord2395
ord6322
ord2609
ord1006
ord1787
ord6123
ord4291
ord1994
ord5192
ord775
ord503
ord537
ord5708
ord1261
ord924
ord926
ord6640
ord2366
ord2818
ord2820
ord3811
ord5697
ord5699
ord4033
ord2582
ord4402
ord3370
ord3640
ord2411
ord2023
ord4218
ord2578
ord6055
ord1776
ord4398
ord5290
ord3402
ord4424
ord3830
ord4853
ord616
ord693
ord567
ord2299
ord2302
ord3996
ord3874
ord6907
ord3998
ord2915
ord4224
ord4673
ord3663
ord3571
ord3619
ord3573
ord3626
ord755
ord5787
ord6172
ord2414
ord1146
ord5789
ord1641
ord5875
ord470
ord2864
ord4284
ord3797
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord317
ord561
ord635
ord2621
ord1134
ord2725
ord4160
ord2863
ord941
ord4129
ord5683
ord686
ord3337
ord5575
ord839
ord433
ord1656
ord2141
ord434
ord939
ord2393
ord384
ord2862
ord2096
ord3301
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4376
ord3582
ord5265
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__CxxFrameHandler
_gcvt
_CxxThrowException
exit
_ftol
_mbscmp
_setmbcp
_stricmp
realloc
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
_controlfp

kernel32

GetTickCount
GetProcessHeap
VirtualAlloc
IsBadReadPtr
HeapFree
FreeLibrary
GetStartupInfoA
ExitProcess
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
GetCurrentDirectoryA
GetProcAddress
LoadLibraryA
VirtualFree
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree
HeapAlloc

user32

CallNextHookEx
LoadBitmapA
GetClientRect
SetWindowRgn
GetWindowLongA
GetWindowRgn
InvalidateRect
UpdateWindow
SetCapture
GetClassNameA
GetSystemMetrics
IsIconic
ReleaseCapture
CallWindowProcA
SetWindowLongA
SetFocus
GetDlgCtrlID
GetParent
GetWindowRect
SendMessageA
EnableWindow
SetWindowsHookExA
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
UnhookWindowsHookEx

gdi32

CreatePatternBrush
CreateSolidBrush
RoundRect
CreateRectRgn
PtInRegion
DeleteObject
CreateFontA

comctl32

ImageList_ReplaceIcon

ole32

CoUninitialize

oleaut32

SysAllocString
VariantClear

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2294a948495404876e8091897ca9d177
.js
some-samples-master/22dd41f490b0701f443c63bff0e1b77c
.html .js polyglot
some-samples-master/23.95.43.182/
.elf linux arm
some-samples-master/23.95.43.182/apache2
.elf linux arm
some-samples-master/23.95.43.182/hoho586
.elf linux x86
some-samples-master/23.95.43.182/hoho686
.elf linux x86
some-samples-master/23.95.43.182/hohoarm6
.elf linux arm
some-samples-master/23.95.43.182/hohom68k
.elf linux
some-samples-master/23.95.43.182/hohomips
.elf linux mipsbe
some-samples-master/23.95.43.182/hohomipsel
.elf linux mipsel
some-samples-master/23.95.43.182/hohoppc
.elf linux ppc
some-samples-master/23.95.43.182/hohosh
.elf linux sparc
some-samples-master/23.95.43.182/hohosh4
.elf linux sh
some-samples-master/23.95.43.182/hohox86
.elf linux x64
some-samples-master/230606dd8b0d62e2a8a04ef61b2d8707
.exe windows:5 windows x86 arch:x86

e4319b81fbef6bafcfa26e0e6cc0de2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
OpenEventLogW
ClearEventLogA
LogonUserW
InitializeAcl
CryptSignHashW
RegOpenKeyA
ControlService
RegReplaceKeyA
RegSaveKeyA
RegCreateKeyExA
RegUnLoadKeyA

authz

AuthzAddSidsToContext
AuthzInitializeContextFromSid

uxtheme

GetWindowTheme
GetThemeAppProperties
DrawThemeText
GetThemeBackgroundExtent
GetThemeSysFont
GetThemeSysInt
GetThemePosition
IsThemeActive
GetCurrentThemeName
GetThemeFilename
GetThemeEnumValue
CloseThemeData
GetThemeSysBool
GetThemeBackgroundRegion

wtsapi32

WTSFreeMemory
WTSSetSessionInformationW
WTSVirtualChannelRead
WTSWaitSystemEvent
WTSRegisterSessionNotification
WTSQueryUserToken
WTSVirtualChannelPurgeInput
WTSQuerySessionInformationA
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSEnumerateServersA

kernel32

WaitForSingleObject
CreateJobObjectW
GetProcAddress
GetStringTypeW
OpenJobObjectA
InitializeCriticalSection
GetCommandLineW
MoveFileA
GetModuleHandleA
GetTempPathA
ReadConsoleA
GetProfileSectionA
GetSystemDirectoryA
CreateMailslotA
CreateFileW
GetLogicalDriveStringsA
GetModuleFileNameW
UnmapViewOfFile
GetDateFormatA
GetVersion
LoadLibraryExA
GetExpandedNameA
lstrcmpiA
DeleteFileW
SearchPathW
GetTickCount
GetFileAttributesW
MoveFileExA
GetConsoleAliasA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_MEM_READ
some-samples-master/233647d8a5fedb9ef02a559d918a260c
.js
some-samples-master/23899f63ccc8b2aaf3233c97f3414733
.js
some-samples-master/23d7b5c4bef4a46ea20b89e107655e49
.html .js polyglot
some-samples-master/23ff2cf30095fcad96db5c25afd0f534
.js
some-samples-master/2400ce56d7af41b98a0d7537d0e6dfa5
.html .js polyglot
some-samples-master/2439cb96c3bad7476bcdd8a32bdcb5e5
.js
some-samples-master/243d7de4130741a5cffe38c5cb519333
.html .js polyglot
some-samples-master/243dd0183763a8fa44bd056951ecc300
.html .js polyglot
some-samples-master/246fef4f911ea7a6de3be2a2414c1d06
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ifc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/2494c8508f8182414e4116c37ef7e688
.html
some-samples-master/24ceb40276b900b4a455ebdead4ef5eb
.exe windows:4 windows x86 arch:x86

04250a756f0ea2090e68c5b143ee55de

Code Sign

3b:e9:44:7e:60:2b:a5:66:be:f0:89:fb:32:8a:2f:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA

Not Before

15-03-2017 04:12

Not After

31-12-2039 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord823
ord2135
ord825
ord818
ord1949
ord800
ord535
ord540
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord4425
ord3597
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord2575
ord4396
ord2124
ord3574
ord616
ord609
ord641
ord3811
ord860
ord324
ord2291
ord2367
ord2295
ord2364
ord6640
ord2299
ord2289
ord2370
ord2302
ord4234
ord6334
ord2642
ord1200
ord537
ord858
ord4710
ord2645
ord1081
ord4224
ord6453
ord2820
ord2818
ord939
ord926
ord4099
ord1907
ord5161
ord5162
ord5160
ord4905
ord4742
ord4976
ord4948
ord4358
ord4377
ord4854
ord5287
ord4835
ord768
ord489
ord4258
ord3301
ord6905
ord1908
ord1690
ord2528
ord5288
ord4439
ord2054
ord4431
ord771
ord1008
ord497
ord4259
ord2379
ord6215
ord3092
ord4715
ord3663
ord1871
ord6571
ord879
ord882
ord3610
ord656
ord6645
ord922
ord924
ord1168
ord1858
ord4245
ord5101
ord2101
ord2723
ord2390
ord3059
ord5100
ord5104
ord4303
ord3351
ord5012
ord976
ord5472
ord3403
ord2879
ord2878
ord4152
ord4077
ord5237
ord2382
ord5283
ord2649
ord1665
ord4436
ord2445
ord4427
ord527
ord401
ord674
ord794
ord2115
ord5254
ord6600
ord6698
ord2014
ord6395
ord5455
ord3298
ord4483
ord1781
ord2793
ord2955
ord2858
ord5652
ord5019
ord5106
ord6849
ord5003
ord6831
ord4669
ord4490
ord4345
ord4647
ord5022
ord4492
ord4512
ord4962
ord6824
ord971
ord2058
ord4645
ord2548
ord6872
ord5956
ord4037
ord6704
ord3353
ord4622
ord6481
ord6523
ord6329
ord4382
ord4388
ord4493
ord5824
ord1729
ord2582
ord4402
ord3370
ord3640
ord693
ord3996
ord6779
ord6907
ord3998
ord1844
ord3630
ord2580
ord4400
ord801
ord682
ord541
ord4275
ord3619
ord3573
ord3626
ord755
ord5789
ord6172
ord5875
ord2414
ord1641
ord470
ord4450
ord4671
ord4676
ord1882
ord4250
ord4945
ord3254
ord2440
ord1694
ord5006
ord5656
ord4470
ord5103
ord4467
ord3350
ord975
ord5475
ord4154
ord5285
ord736
ord807
ord733
ord450
ord439
ord554
ord436
ord747
ord5495
ord2104
ord4460
ord2494
ord2627
ord2626
ord4163
ord6625
ord6064
ord5252
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5714
ord3738
ord815
ord459
ord561
ord743
ord1768
ord3830
ord617
ord5301
ord6354
ord6352
ord5214
ord296
ord5503
ord2635
ord2558
ord5500
ord2036
ord986
ord6137
ord5914
ord411
ord4159
ord6117
ord2621
ord1134
ord2512
ord5289
ord5098
ord4620
ord4563
ord5092
ord4554
ord5122
ord5127
ord5128
ord1894
ord4254
ord2486
ord4015
ord4957
ord4861
ord4826
ord3187
ord4950
ord2437
ord2171
ord5020
ord4517
ord4640
ord4916
ord5002
ord4494
ord4491
ord5021
ord4605
ord5000
ord4416
ord5090
ord5501
ord4628
ord4657
ord5752
ord4155
ord2991
ord3417
ord5025
ord3514
ord6344
ord5627
ord1003
ord3449
ord3787
ord3250
ord4697
ord3060
ord3066
ord6336
ord2510
ord2542
ord5244
ord5742
ord1747
ord5577
ord3172
ord5654
ord4423
ord4956
ord4860
ord2402
ord4387
ord3454
ord3198
ord6081
ord6175
ord3261
ord4623
ord4430
ord715
ord748
ord1206
ord2623
ord415
ord456
ord775
ord1223
ord4825
ord335
ord5826
ord2740
ord2801
ord1911
ord3316
ord3314
ord5242
ord6121
ord1774
ord2490
ord5010
ord5658
ord2395
ord6322
ord2609
ord1006
ord1787
ord6123
ord4291
ord1994
ord5192
ord503
ord5699
ord5708
ord1261
ord5697
ord5703
ord4614
ord4613
ord1912
ord4260
ord4456
ord2587
ord4406
ord3394
ord3729
ord4792
ord4589
ord5076
ord4340
ord4347
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord6054
ord5240
ord5281
ord3748
ord1725
ord2091
ord4432
ord804
ord776
ord504
ord5260
ord1133
ord6069
ord4721
ord5677
ord6842
ord2535
ord4899
ord6844
ord2371
ord4508
ord6696
ord738
ord2652
ord1567
ord1199
ord2394
ord1265
ord2175
ord268
ord1669
ord6651
ord441
ord1992
ord4994
ord5981
ord3256
ord6009
ord5037
ord2109
ord6143
ord2764
ord5600
ord5597
ord692
ord1848
ord773
ord501
ord4243
ord6242
ord4284
ord2754
ord6762
ord2859
ord4774
ord5861
ord1083
ord4448
ord1859
ord4246
ord3869
ord2127
ord2391
ord5102
ord5105
ord4468
ord2880
ord4153
ord2383
ord5284
ord4437

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_setmbcp
_stricmp
__CxxFrameHandler
_mbscmp
exit
_ftol
_CxxThrowException
atoi
atof
sprintf
_controlfp
_itoa
realloc
free
__dllonexit
_exit
??1type_info@@UAE@XZ
_onexit

kernel32

LoadLibraryA
GetModuleHandleA
FreeLibrary
HeapAlloc
HeapFree
IsBadReadPtr
VirtualFree
VirtualAlloc
GetProcessHeap
ExitProcess
GetStartupInfoA
GetProcAddress
Sleep

user32

SetTimer
LoadBitmapA
LoadCursorA
GetWindowRect
GetSysColor
DrawTextA
SetWindowLongA
FillRect
OffsetRect
GetClientRect
UpdateWindow
SendMessageA
EnableWindow
GetSystemMetrics

gdi32

CreateFontA
CreateCompatibleDC
BitBlt
GetObjectA
GetStockObject
SelectObject
CreateSolidBrush
GetTextMetricsA

advapi32

RegQueryValueExA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegOpenKeyA

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/24d5def51905d60e866a7a8c151c5a0d
some-samples-master/250c2ffd25ccf26ffbcebfe1a07a477a
.html .js polyglot
some-samples-master/250dc18291858c2e262159e16c129596
.exe windows:4 windows x86 arch:x86

b40dba371e51a4e33e7bbf54defa4172

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1859
ord4246
ord2723
ord3059
ord4303
ord5012
ord5472
ord3403
ord2878
ord6055
ord4077
ord1776
ord5237
ord2649
ord1665
ord2725
ord674
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord823
ord1858
ord4245
ord5101
ord2101
ord2390
ord5100
ord5104
ord4467
ord3351
ord976
ord2879
ord4152
ord2382
ord5283
ord4436
ord2445
ord4427
ord401
ord5254
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4612
ord4615
ord1168

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
free
realloc
__CxxFrameHandler
_setmbcp
_stricmp
_controlfp

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
Sleep
GetModuleHandleA
GetStartupInfoA

user32

EnableWindow

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

QQINBb
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/2549e86fe838fb6f7da15e001a63c7b8
.html .js polyglot
some-samples-master/255e1e3f0d5fa7f7071edadeaa17b9cd
.html .js polyglot
some-samples-master/258c19a94e29c1b16c3d41807978df57
some-samples-master/259996763570987566eb485409e5c134
.exe windows:5 windows x86 arch:x86

87d62a0750e82ec084bb8a5fefcb1790

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHandleCount
GetProcessTimes
GetProcessIoCounters
ExitProcess
GetMailslotInfo
LoadLibraryW
GetSystemWow64DirectoryA
SetProcessAffinityMask
CloseHandle
WriteConsoleW
SetStdHandle
ReadConsoleW
ReadFile
FlushFileBuffers
GetStringTypeW
GlobalAlloc
GetCPInfo
GetProcAddress
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
EncodePointer
DecodePointer
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
RaiseException
RtlUnwind
GetCommandLineW
IsProcessorFeaturePresent
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetLastError
GetCurrentThreadId
GetFileType
DeleteCriticalSection
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
LCMapStringW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
CreateFileW

user32

GetMessageExtraInfo
ShowScrollBar
EnableScrollBar
LoadImageW
GetCaretPos
SetPropA

advapi32

OpenEventLogA
LookupPrivilegeNameA

winhttp

WinHttpOpen
WinHttpCloseHandle
WinHttpCreateUrl

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 864KB - Virtual size: 864KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/25c210eaa4cc90e9db126cdb2fc6dd00
.html .js polyglot
some-samples-master/25c7cc5b578cf167590fa8cd194b9bea
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 736KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 566KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/25c9aa9a3e48ac379cc9ce130aba4794
.js
some-samples-master/25cd767346033b7bf2d769e2292c2ba6
.html .js polyglot
some-samples-master/25eeadac6535b3fd10bbe76191de26a4
.html .js polyglot
some-samples-master/260e3c90813fb8cbcadbd1d2631e1687
.exe windows:4 windows x86 arch:x86

f9049a97ceb236bf460223ab4273bc71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
TerminateThread
WinExec
OutputDebugStringA
GetModuleFileNameA
LocalSize
MultiByteToWideChar
GetSystemDirectoryA
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
GetTickCount
GlobalMemoryStatus
GetSystemInfo
CopyFileA
ExitProcess
ReleaseMutex
OpenEventA
SetErrorMode
CreateMutexA
CreateThread
SetFileAttributesA
MoveFileExA
DefineDosDeviceA
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
lstrcmpiA
GetCurrentThreadId
GetModuleHandleA
LoadLibraryA
GetProcAddress
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
GetFileSize
RemoveDirectoryA
LocalAlloc
FindFirstFileA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
lstrcatA
CreateProcessA
lstrlenA
GetFileAttributesA
CreateDirectoryA
GetLastError
DeleteFileA
CancelIo
InterlockedExchange
SetEvent
lstrcpyA
ResetEvent
WaitForSingleObject
CloseHandle
InitializeCriticalSection
CreateEventA
VirtualAlloc
Sleep
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
GetVersionExA

user32

wsprintfA
EnumWindows
SetProcessWindowStation
CharNextA
OpenDesktopA
GetUserObjectInformationA
OpenInputDesktop
OpenWindowStationA
GetProcessWindowStation
ExitWindowsEx
GetWindowThreadProcessId
IsWindowVisible
GetWindowTextA
CloseDesktop
SetThreadDesktop

advapi32

OpenProcessToken
OpenEventLogA
ClearEventLogA
CloseEventLog
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
OpenServiceA
CloseServiceHandle
RegOpenKeyExA
RegQueryValueA
RegCloseKey
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
SetServiceStatus
RegisterServiceCtrlHandlerA
AdjustTokenPrivileges
LookupPrivilegeValueA
StartServiceCtrlDispatcherA
StartServiceA
UnlockServiceDatabase
ChangeServiceConfig2A
LockServiceDatabase
CreateServiceA
RegEnumValueA

shell32

ShellExecuteA
SHGetFileInfoA
SHGetSpecialFolderPathA

msvcrt

__set_app_type
_strnicmp
_controlfp
_strcmpi
__p__fmode
__p__commode
__CxxFrameHandler
_CxxThrowException
??3@YAXPAX@Z
memmove
ceil
_ftol
strstr
??2@YAPAXI@Z
free
malloc
_except_handler3
strrchr
strncpy
exit
strncat
strchr
sprintf
mbstowcs
wcslen
wcstombs
atoi
wcscpy
realloc
rand
strncmp
_beginthreadex
calloc
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv

ws2_32

closesocket
recv
ntohs
socket
gethostbyname
htons
select
send
gethostname
getsockname
connect
setsockopt
WSAIoctl
WSAStartup
WSACleanup

msvcp60

?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

netapi32

NetUserDel
NetUserSetInfo
NetUserGetLocalGroups
NetApiBufferFree
NetUserGetInfo
NetUserEnum
NetLocalGroupAddMembers
NetUserAdd

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

psapi

GetModuleFileNameExA
EnumProcessModules

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/26174ad308524227c51063d00ace9a7b
.exe windows:4 windows x86 arch:x86

815b5a2fb6f90d046265595f0f852647

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CloseHandle
GetModuleFileNameA
GetVersionExA
GetCommandLineA
CreateMutexA
CopyFileA
GetSystemDirectoryA
GlobalMemoryStatusEx
HeapAlloc
GetLocalTime
VirtualProtect
HeapFree
SetEvent
lstrcmpiA
Process32Next
Process32First
WaitForSingleObject
CreateEventA
GetStartupInfoA
CreateFileA
WriteFile
lstrcatA
LocalAlloc
LocalSize
LocalFree
OutputDebugStringA
GetTickCount
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
lstrlenA
GetLastError
VirtualFree
Sleep
InterlockedExchange
VirtualAlloc
GetProcessHeap

user32

wsprintfA

advapi32

ChangeServiceConfig2A
OpenSCManagerA
CreateServiceA
LockServiceDatabase
UnlockServiceDatabase
OpenServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyExA

msvcrt

__dllonexit
??3@YAXPAX@Z
ceil
_ftol
__CxxFrameHandler
_CxxThrowException
??2@YAPAXI@Z
_except_handler3
printf
strstr
strncpy
strrchr
rand
exit
strncmp
realloc
free
_beginthreadex
strchr
??1type_info@@UAE@XZ
_strcmpi
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_stricmp
_strupr

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tlwtcdf
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/261c2c6beebd675ae648d2dd5633e213
.js
some-samples-master/2647bff494b96ab728bebfe0558fa994
.js
some-samples-master/265524e29e9474c337f8d86116f17e71
.html .js polyglot
some-samples-master/2674bdaceeb3346da6a27a1ec362a13b
.js
some-samples-master/267e55919f1511f7c3de4aacbffda8ec
some-samples-master/26c66d11ec6b7763114a512fd917de29
.js
some-samples-master/26c748e68c6804fbbd670402d264013e
.html .js polyglot
some-samples-master/277c5c6593e0d8b49c0fe734a60f6d9c
.html
some-samples-master/2781f1117eda14a7a7567ae8568697ec
.js
some-samples-master/278a258e55ffb89b3139cb33e6221092
.js
some-samples-master/27ba33fc71504ee5e83b20c86e8e7755
.js
some-samples-master/27c4af9c05d3ddbab5e8252d66218494
.js
some-samples-master/280b07580254357fb26da010aabc419e
.js
some-samples-master/2836ff63f8997f7a05975c336855cd3c
.js
some-samples-master/2848151a5a5ce937d3a4deb50b9c975c
.html .js polyglot
some-samples-master/286a4b6bf319b75f2c3f15394caf2f2f
.html .js polyglot
some-samples-master/28770e17d1a6bffcaac19a1074b4c2b5
.exe windows:5 windows x86 arch:x86

dd92dbc4f012d46b55d5ec576c20725f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

authz

AuthzAddSidsToContext
AuthzFreeContext
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeAuditEvent

clusapi

CloseClusterNode
ClusterEnum
CloseClusterGroup

kernel32

SetLastError
GetFileAttributesA
LoadLibraryA
GetModuleFileNameW
GetModuleHandleW
GetLogicalDriveStringsW
GetProcAddress
CreateMailslotA
GetCommandLineA
CreateFileA
MoveFileExA
UnmapViewOfFile
GetOEMCP
WaitForSingleObject
CreateJobObjectA

user32

LoadCursorW
PeekMessageA
LoadIconW
CharToOemA
LoadStringA
GetClassLongW
LoadMenuA
IsDialogMessageA
LoadBitmapA
InsertMenuA
GetPropA

rsaenh

CPDecrypt
CPGenKey
CPEncrypt

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2889426cea6ae4454b0aba6287069de3
.html
some-samples-master/28a13871cb3522bc1f1a5cc247aef288
.html
some-samples-master/28bc124997452c7b1b3c6cc363d29e27
some-samples-master/28e4640ca23c0fdbc973cd11c1a538b5
.html .js polyglot
some-samples-master/28f65f1f4b30e226d6ca81535522442c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/28fb687fbdcfc7ddf639d4662442cb11
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 22KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/29186e4924a66797f7a924fb36852d05
.js
some-samples-master/295e67515ed8e9884faab285c6e6525a
.js
some-samples-master/2967a855f21eabe467005cf2350ce14b
.exe windows:5 windows x86 arch:x86

027ea80e8125c6dda271246922d4c3b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb

Imports

kernel32

GetLastError
SetLastError
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GetTickCount
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
HeapSize
GetConsoleCP
GetConsoleMode
SetFilePointerEx
DecodePointer

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/2967f559e8d93db22f8d15d9d796ee67
.js
some-samples-master/298a3347b22eeda5ac4371a92e52e943
.html
some-samples-master/299561ff824b32d8aea67464c78d4750
.html .js polyglot
some-samples-master/299e197ce936ce4f2bcfec86e784d1d0
.html
some-samples-master/29a88070e6211fb42c5745a1d3d5201b
.html .js polyglot
some-samples-master/29ae7308e49f0e07ecad059ddb698954
.html
some-samples-master/29b47092acecdf6e3436007670b039ea
.html .js polyglot
some-samples-master/29ca07b5fe9ca7412eb83ba9a98a609d
.html
some-samples-master/2a3ce9526f0b8345c63c4d855d6e30ea
.html
some-samples-master/2a4bddf1a4b66ab3d43e523890d2828a
.html .js polyglot
some-samples-master/2a5306ee5ca69f31124a0e5ce4fde4dc
.html .js polyglot
some-samples-master/2a5a924a455837b7038f5ceed9a8df73
.html .js polyglot
some-samples-master/2a5dbc9b69edc0aca46f3933000947fd
.html .js polyglot
some-samples-master/2a6b91e7dbc795eedd9d357e1e9d8e02
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/2a8c02ee32828279c301503a66c2b998
.html
some-samples-master/2aa52ef358b72abf4ef85a817062f079
.js
some-samples-master/2aaa17e364774a1f002b0482805ad211
.html
some-samples-master/2ab71c59ad86260ce22d42e95f1943de
.js
some-samples-master/2ae40009dcaf091e3ff925e107086a71
.js
some-samples-master/2ae81302ee475219b0bcf0f177bfae7e
.exe windows:4 windows x86 arch:x86

483b635a76ccebd2763596fc407bbe4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetCurrentProcessId
HeapAlloc
GetProcessHeap
DeleteFileA
CreateDirectoryA
GetFileAttributesA
lstrcpyA
lstrlenA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
FindNextFileA
LocalReAlloc
FindFirstFileA
LocalAlloc
GetFileSize
ReadFile
SetFilePointer
MoveFileA
lstrcatA
CreateProcessA
ExitProcess
WinExec
WriteFile
CreateFileA
GetModuleFileNameA
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
HeapFree
MapViewOfFile
CreateFileMappingA
UnmapViewOfFile
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
WaitForMultipleObjects
LocalSize
TerminateProcess
OpenProcess
GetCurrentThreadId
GlobalMemoryStatus
GetSystemInfo
GetComputerNameA
GetTickCount
OpenEventA
SetErrorMode
OutputDebugStringA
CreateMutexA
GetCurrentProcess
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
CopyFileA
LCMapStringW
LCMapStringA
SetStdHandle
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
HeapSize
IsBadWritePtr
HeapReAlloc
HeapCreate
HeapDestroy
SetUnhandledExceptionFilter
InitializeCriticalSection
CancelIo
InterlockedExchange
ResetEvent
GetLastError
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
CreateThread
ResumeThread
SetEvent
WaitForSingleObject
Sleep
TerminateThread
CloseHandle
FreeLibrary
LoadLibraryA
GetVersionExA
GetProcAddress
SetLastError
TlsAlloc
GetVersion
GetCommandLineA
ExitThread
TlsGetValue
TlsSetValue
RaiseException
RtlUnwind

user32

TranslateMessage
GetMessageA
CharNextA
wsprintfA
GetWindowTextA
MessageBoxA
LoadCursorA
DispatchMessageA
SendMessageA
keybd_event
MapVirtualKeyA
SetCapture
WindowFromPoint
SetCursorPos
mouse_event
CloseClipboard
BlockInput
GetWindowThreadProcessId
CloseWindow
IsWindow
PostMessageA
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
CloseDesktop
IsWindowVisible
GetDesktopWindow
ExitWindowsEx
GetCursorPos
GetCursorInfo
DestroyCursor
ReleaseDC
GetDC
SetRect
GetSystemMetrics
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
InitializeSecurityDescriptor
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
FreeSid
RegCreateKeyExA
RegSetValueExA
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken

shell32

SHGetSpecialFolderPathA

ws2_32

WSAStartup
WSACleanup
WSAIoctl
setsockopt
htons
gethostbyname
socket
select
getsockname
htonl
WSASocketA
sendto
connect
inet_addr
send
closesocket
recv

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2b141bde748bbd524d66ddf57d53de1d
some-samples-master/2b17f13f0cdb7e47fee1ad0354703772
.js
some-samples-master/2b20a128b72cea13e6dc3a13b0ed26df
.js
some-samples-master/2b2e29785834a03d4b150eccd598ea79
.html .js polyglot
some-samples-master/2b69af95d7b18936ebf4639a0f84a767
.html .js polyglot
some-samples-master/2b6b174cf87d3108bce9e6bb92ce0685
.js
some-samples-master/2b7144bff978eb118e75eb43a2501a1f
.js
some-samples-master/2b7f4b60031811ac310deae65f5dcc56
.js
some-samples-master/2bc9d040b950ef893635e7e87ad1a38a
.exe windows:4 windows x86 arch:x86

888f7c3cb1911069f97ed9c2bd4061db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetPriorityClass
GetCurrentProcess
ResumeThread
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
DebugBreak
lstrcmpiA
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
GetFileAttributesA
GetDriveTypeA
ReadFile
GetFileSize
CallNamedPipeA
GetUserDefaultLangID
lstrlenW
FileTimeToSystemTime
SetFilePointer
GetTempPathA
GetTempFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetLastError
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
SetFileAttributesA
GetModuleHandleA
SetLastError
GetWindowsDirectoryA
GetShortPathNameA
CreateFileA
WriteFile
CloseHandle
MoveFileA
lstrcpyA
GetTickCount
CopyFileA
DeleteFileA
GetModuleFileNameA
lstrcpynA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FreeLibrary
lstrlenA
HeapAlloc
lstrcatA

user32

CharNextA
GetKeyboardType
PeekMessageA
MsgWaitForMultipleObjects
SetCursor
SetWindowLongA
SetTimer
EndDialog
GetSystemMetrics
BeginDeferWindowPos
GetWindowTextA
SetWindowTextA
DeferWindowPos
EndDeferWindowPos
LoadStringA
GetClientRect
ScreenToClient
PostMessageA
GetDC
ReleaseDC
ShowWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendMessageA
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
wvsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetMessageA
RedrawWindow
KillTimer
InvalidateRect
UpdateWindow
GetDlgItemTextA
LoadCursorA
TranslateMessage
DispatchMessageA
wsprintfA
LoadImageA

gdi32

UpdateColors
SetTextColor
SetBkMode
GetDeviceCaps
SelectPalette
CreateHalftonePalette
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
DeleteObject
RealizePalette
BitBlt
DeleteDC
SelectObject

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
StrRChrA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
VariantClear

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2bee8a702d17baaa9fc334fb06c1483d
.html .js polyglot
some-samples-master/2c00e1bfd0c3974da644e05018c89244
.js
some-samples-master/2c513494ffe3d448af0453c938eb9d92
.html .js polyglot
some-samples-master/2c840ba038ca602f092c23fc2c226503
.html .js polyglot
some-samples-master/2c9b2b843f4b10e71e3296dd7727e04d
some-samples-master/2ca96188547192b9f70e70360aa19c7f
.js
some-samples-master/2cc0c0120d9f87e5cb0e3199d43d9ece
.js
some-samples-master/2cc80b81edb2133206d29ec44ed8aaa1
.exe windows:5 windows x64 arch:x64

32256f269e466c28a2e212d10d20a9f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
RtlVirtualUnwind
RtlGetVersion
NtQuerySystemInformation

kernel32

DecodePointer
FreeLibrary
HeapAlloc
GetCurrentProcess
HeapFree
WaitForSingleObject
GetModuleHandleW
GetProcessHeap
CreateProcessA
GetSystemDirectoryA
GetProcAddress
IsWow64Process
GetModuleHandleA
LoadLibraryExA
VirtualProtect
GetCurrentProcessId
LCMapStringW
GetStringTypeW
CreateFileW
CloseHandle
HeapSize
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
SetFilePointer
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
ExitProcess
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
EncodePointer
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
HeapSetInformation
GetVersion
HeapCreate
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
HeapReAlloc
LoadLibraryW
WriteConsoleW
MultiByteToWideChar

user32

LoadIconW
SetWindowLongPtrW
CreateWindowExW
RegisterClassExW
UnregisterClassW
DefWindowProcW

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/2ccb27224c72921aedce34d3a3216bf2
.html .js polyglot
some-samples-master/2ce0f26f8154e62ee21b0b1deecf203c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/2ceaff7a92d8bb7762c58bb57ddf450d
.html .js polyglot
some-samples-master/2d152b7cea186edc2b9c3dcbc4034f2e
.html
some-samples-master/2d4ff69ef4167e766d909c00705dfc0b
.html .js polyglot
some-samples-master/2d5509cffc232392ee99706a22dbb9f9
.exe windows:4 windows x86 arch:x86

79fba00d02b5cac2ccb4ba3ecc74453f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

mfc42

ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord825
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord5252
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord5100
ord986
ord520
ord4159
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord540
ord338
ord800
ord4823
ord5651
ord3127
ord3616
ord5440
ord860
ord350
ord2740
ord858
ord3663
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord3693
ord813
ord1641
ord560
ord3626
ord2414
ord5260
ord4133
ord4297
ord2535
ord2859
ord3059
ord2390
ord2723
ord4242
ord1842
ord823
ord296

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_ftol
_CxxThrowException
__CxxFrameHandler

kernel32

GetModuleHandleA
GetStartupInfoA
LoadLibraryA
GetProcAddress
Sleep

user32

GetClientRect
GetDC
UpdateWindow
EnableWindow

gdi32

SelectObject
CreatePen

Exports

Exports

Ip

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2d5a33b97ce10907202ac736db23df2a
.js
some-samples-master/2d65edba1c5b8dd019ed516e5f7671dd
.exe windows:5 windows x86 arch:x86

934d1a498b34c53edb7df6bd408b95d9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeW
LCMapStringW
LoadLibraryW
HeapSize
RtlUnwind
IsValidCodePage
GetOEMCP
GetACP
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
HeapReAlloc
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
WriteConsoleW
SetFilePointer
lstrcpyA
AreFileApisANSI
LocalFree
GetCurrentThreadId
LoadLibraryA
GetPrivateProfileStringA
GetProcAddress
GetLastError
MultiByteToWideChar
CreateFileW
HeapCreate
Sleep
GetEnvironmentStrings
FormatMessageA
GetProcessHeap
GetTickCount
FreeEnvironmentStringsA
HeapFree
HeapAlloc
GetCPInfo
lstrlenA
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
SetStdHandle
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
EncodePointer
DecodePointer
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA

user32

SetWindowTextA
SendMessageA
GetSystemMetrics
ReleaseCapture
MapWindowPoints
AdjustWindowRect
MonitorFromRect
PostMessageA
SetLayeredWindowAttributes
GetCursorPos
SetWindowPos
DefWindowProcA
GetDlgItem
BeginPaint
GetUserObjectInformationA
ReleaseDC
GetWindowLongA
SetCursorPos
InvalidateRect
MessageBoxA
SetWindowLongA
SetRect
GetDC
WinHelpA
DrawTextExA
EndPaint
ClientToScreen
DestroyWindow
SetFocus
GetWindowRect
PostQuitMessage
GetWindowDC
GetThreadDesktop
SetCapture
KillTimer
SetForegroundWindow
WindowFromPoint
GetClientRect
PtInRect

gdi32

GetTextExtentPoint32A
SetWindowExtEx
SetTextColor
DeleteDC
SelectObject
CreateCompatibleDC
RealizePalette
SelectPalette
BitBlt

advapi32

LogonUserA
ControlService
BuildExplicitAccessWithNameA
IsValidSid
OpenSCManagerA
QueryServiceStatusEx
AllocateAndInitializeSid
QueryServiceObjectSecurity
SetSecurityDescriptorDacl
ChangeServiceConfigA
InitializeSecurityDescriptor
RegQueryValueExA
GetSidSubAuthorityCount
SetServiceObjectSecurity
SetEntriesInAclA
CloseServiceHandle
OpenServiceA
GetSidIdentifierAuthority
CreateProcessAsUserA
GetSecurityDescriptorDacl

ole32

CoUninitialize
OleInitialize
CoCreateInstance
CoInitialize

wininet

HttpSendRequestA
InternetCloseHandle
InternetConnectA
HttpOpenRequestA

winmm

mmioAscend

wintrust

CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
CryptCATAdminEnumCatalogFromHash

rpcrt4

UuidHash
RpcStringBindingComposeW

dbghelp

SymGetOptions

winhttp

WinHttpOpen
WinHttpOpenRequest

urlmon

ObtainUserAgentString

snmpapi

SnmpUtilMemAlloc

ntdsapi

DsCrackUnquotedMangledRdnA

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2d6c11e4d00808a41694eab7cf4e3f6a
.html .js polyglot
some-samples-master/2d6cf7ab30b1274885d77f737dabda92
.js
some-samples-master/2d751a2b258124250cd27c0e3ea0417f
.js
some-samples-master/2dab34b33f6af7c9a7985ed86e1073ec
.html
some-samples-master/2dbbc9437409578fcb1fe1a661e33cf0
some-samples-master/2dc95677d93972b17cf6cb26f18fa5d6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2de164e59aad8b980a3a9fac6a1e3991
.exe windows:4 windows x86 arch:x86

7e6127f10c815a0c27e140fb7d30586b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
UpdateWindow
LoadCursorW
LoadBitmapW
InvalidateRect
GetKeyboardState
ScrollWindow
RemovePropW
CreateWindowExW
RegisterClipboardFormatW
LoadMenuW
LoadStringW
SendDlgItemMessageW
RemoveMenu
SetCapture
ScreenToClient
DrawFocusRect
DrawFrameControl
GetDesktopWindow
GetMessageW
TranslateMessage
DispatchMessageW
LoadIconW
RegisterClassExW
BeginPaint
GetWindowRect
DrawTextW
EndPaint
PostQuitMessage
SetFocus
MessageBoxW
DefWindowProcW
DestroyWindow
SetCaretPos
SendMessageW
GetClassNameA

kernel32

GetStartupInfoA
GetCommandLineW
SetLastError
lstrlenW
GetSystemInfo
GetCurrentDirectoryW
lstrcatW
CreateFileW
ExitProcess
GetLastError
lstrcpyW
GetModuleHandleW
lstrcmpA
lstrlenA
GetModuleHandleA

gdi32

CreateCompatibleDC

comctl32

ord17

shell32

CommandLineToArgvW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memset

Sections

.text
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2dfbef963b6c1d50a754a5bbdbcc6710
.html .js polyglot
some-samples-master/2e0f426b6f63ffb302336054f60d1069
.exe windows:4 windows x86 arch:x86

6b41b49cb60c6234a51830ad22997a9b

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-09-2006 01:53

Not After

16-09-2011 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-09-2006 01:53

Not After

16-09-2011 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:02:30:7e:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10-03-2008 21:57

Not After

10-06-2009 22:07

Subject

CN=Microsoft Windows Component Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11-10-2005 21:55

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

32:f1:9a:fa:e6:fe:fd:7f:9f:6d:16:6d:40:c8:ba:00:2d:f8:84:e4
Signer

Actual PE Digest

32:f1:9a:fa:e6:fe:fd:7f:9f:6d:16:6d:40:c8:ba:00:2d:f8:84:e4

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

mfc42

ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord825
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord5252
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord3350
ord4159
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord540
ord338
ord800
ord4823
ord5651
ord3127
ord3616
ord5440
ord860
ord350
ord2740
ord858
ord3663
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord3693
ord813
ord1641
ord560
ord3626
ord2414
ord5260
ord4133
ord4297
ord2535
ord2859
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord823
ord520

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_ftol
_CxxThrowException
__CxxFrameHandler

kernel32

HeapCreate
GetProcAddress
LoadLibraryA
HeapAlloc
HeapDestroy
HeapFree
GetStartupInfoA
GetModuleHandleA
OutputDebugStringA

user32

wsprintfA
EnableWindow
MessageBoxA
GetClientRect
GetDC
UpdateWindow

gdi32

SelectObject
CreatePen

Exports

Exports

Ip

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/2e1f2dcd62609e9766e0d1680f336747
.js
some-samples-master/2ed44961d66bba976434f0a06c617a18
.js
some-samples-master/2ed920d8116f73c05dd3268b642e3f62
some-samples-master/2ef75302c9af47ecc1f6bacea06ad42f
.html
some-samples-master/2efb0ffcdfa6367f0c06d886e7e0155e
.html .js polyglot
some-samples-master/2f1d15a052a5b202fe0c6ccc6c0f9530
.js
some-samples-master/2f24cbf62a8dee7241b654da04beb960
.js
some-samples-master/2f788c4af89111723a963f22a2e173ba
.js
some-samples-master/2fb5e7a6f4cc0e2323635676035a6219
.js
some-samples-master/2fef60d7a39bd3c624d8487df25f77db
.html
some-samples-master/2fffd3ea287a0635d1600832deedef13
.js
some-samples-master/30039e1a7797604eea03c4e2348c18ec
.html
some-samples-master/30421f9294060d630f33b8fde471e245
.html .js polyglot
some-samples-master/3091dc5a93259d6112040f1f75a4f552
.exe windows:5 windows x86 arch:x86

49091c5c46d1ed156931ed11f43d3afa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxzip32\Release\sfxzip.pdb

Imports

kernel32

GetLastError
SetLastError
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileTime
CloseHandle
CreateFileW
CreateDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
MoveFileW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GetTickCount
SetCurrentDirectoryW
GetExitCodeProcess
WaitForSingleObject
GetLocalTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetCurrentProcess
TerminateProcess
RtlUnwind
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
HeapSize
GetConsoleCP
GetConsoleMode
SetFilePointerEx
DecodePointer

Sections

.text
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/309db9fbce175b01aa0dec38a8deaa69
.html .js polyglot
some-samples-master/30a76f7935aa35cb2a5e6b1bd4d6aa49
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/30ba83a4f2c6c463f88ac19ddabb2f2e
.html .js polyglot
some-samples-master/30f1beef59ccf94c0d06e42391e8fbf5
.js
some-samples-master/31.184.198.147/8643525fb8dc2fda1382b8e7f6997cd5e31e250114721de2b061be39c866c4be
some-samples-master/31.184.198.147/oharm
.elf linux arm
some-samples-master/31.184.198.147/ohi686
.elf linux x86
some-samples-master/31.184.198.147/ohmips
.elf linux mipsbe
some-samples-master/31.184.198.147/ohmips64
.elf linux mipsbe
some-samples-master/31.184.198.147/ohmipsel
.elf linux mipsel
some-samples-master/31.184.198.147/ohppc
.elf linux ppc
some-samples-master/31.184.198.147/ohsh4
.elf linux sh
some-samples-master/31.184.198.147/ohsparc
.elf linux sparc
some-samples-master/31.184.198.147/ohx64
.elf linux x64
some-samples-master/31.184.198.161/oharm
.elf linux arm
some-samples-master/31.184.198.161/ohi686
.elf linux x86
some-samples-master/31.184.198.161/ohmips
.elf linux mipsbe
some-samples-master/31.184.198.161/ohmips64
.elf linux mipsbe
some-samples-master/31.184.198.161/ohmipsel
.elf linux mipsel
some-samples-master/31.184.198.161/ohppc
.elf linux ppc
some-samples-master/31.184.198.161/ohsh4
.elf linux sh
some-samples-master/31.184.198.161/ohsparc
.elf linux sparc
some-samples-master/31.184.198.161/ohx64
.elf linux x64
some-samples-master/31182321830fd0ecfdaf1b04114e89e9
.html .js polyglot
some-samples-master/311a4826f465f84361d2fd6bb2908980
.html
some-samples-master/3134ff6529ef055b232452e3f29bdece
some-samples-master/313cd5f5d5e7adc9497012d91244ee39
.js
some-samples-master/3150a5dc0b76f9fe870ae0b889a0439e
.exe windows:4 windows x86 arch:x86

28e3a58132364197d7cb29ee104004bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
Process32Next
Process32First
ExitThread
GetTickCount
GetCurrentProcessId
TerminateThread
GetWindowsDirectoryA
GetCurrentProcess
GetSystemDirectoryA
GetLocalTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalMemoryStatusEx
GetSystemInfo
ExitProcess
RemoveDirectoryA
DuplicateHandle
OpenEventA
WinExec
GetCurrentThreadId
CopyFileA
SetFileAttributesA
GetVersion
DeviceIoControl
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
GetModuleHandleA
GetComputerNameA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
lstrcmpiA
GetExitCodeThread
CreateToolhelp32Snapshot
LocalAlloc
FindFirstFileA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
CreateProcessA
CreateDirectoryA
GetLastError
DeleteFileA
CreateThread
GetVersionExA
GetPrivateProfileStringA
lstrcmpA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcatA
ExpandEnvironmentStringsA
GetPrivateProfileSectionNamesA
lstrlenA
OpenProcess
GetFileAttributesA
CancelIo
InterlockedExchange
lstrcpyA
ResetEvent
WaitForSingleObject
WideCharToMultiByte
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
SetEvent
Sleep
CreateEventA
LocalSize
HeapFree
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
RaiseException
GetFileSize
GetModuleFileNameA

user32

GetForegroundWindow
GetAsyncKeyState
GetKeyState
BlockInput
SendMessageA
SystemParametersInfoA
keybd_event
MapVirtualKeyA
SetCapture
GetWindowTextA
SetCursorPos
mouse_event
ExitWindowsEx
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
ReleaseDC
GetCursorPos
GetMessageA
GetInputState
IsWindowVisible
PostMessageA
ShowWindow
EnumWindows
MessageBoxA
wsprintfA
CharNextA
CloseClipboard
PostThreadMessageA
WindowFromPoint
GetThreadDesktop
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
OpenDesktopA

gdi32

GetDIBits
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateCompatibleBitmap

advapi32

EnumServicesStatusA
IsValidSid
LookupAccountNameA
LsaClose
LsaRetrievePrivateData
LsaOpenPolicy
RegCloseKey
RegQueryValueA
RegOpenKeyExA
StartServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
UnlockServiceDatabase
ChangeServiceConfigA
LockServiceDatabase
QueryServiceStatus
DeleteService
ControlService
QueryServiceConfigA
RegOpenKeyA
CreateProcessAsUserA
SetTokenInformation
DuplicateTokenEx
StartServiceCtrlDispatcherA
ChangeServiceConfig2A
CreateServiceA
RegCreateKeyA
CloseEventLog
ClearEventLogA
OpenEventLogA
LookupAccountSidA
GetTokenInformation
OpenProcessToken

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetFileInfoA

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString

wininet

InternetCloseHandle

mfc42

ord6648
ord2764
ord4129
ord926
ord924
ord922
ord535
ord858
ord6663
ord860
ord4278
ord2818
ord939
ord6877
ord800
ord540
ord823
ord825
ord537

msvcrt

vsprintf
calloc
wcstombs
_beginthreadex
wcscpy
mbstowcs
fopen
fwrite
fclose
__getmainargs
_mbsstr
wcsstr
_mbslwr
_wcsupr
_iob
fprintf
_CIacos
time
srand
rand
_errno
strchr
strcat
strncpy
strncmp
atoi
strrchr
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
exit
_CIpow
__dllonexit
_onexit
_exit
_XcptFilter
printf
_acmdln
_stricmp
_strnicmp
_access
_local_unwind2
__CxxFrameHandler
memcpy
memmove
_ftol
memcmp
_purecall
sprintf
strcpy
strlen
strstr
memset
_except_handler3
strcmp
free
malloc

netapi32

NetUserAdd
NetLocalGroupAddMembers
NetUserGetInfo
NetApiBufferFree
NetUserGetLocalGroups
NetUserSetInfo
NetUserDel
NetUserEnum

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

ws2_32

listen
sendto
recvfrom
__WSAFDIsSet
WSASocketA
htonl
accept
WSAGetLastError
connect
setsockopt
WSAIoctl
WSACleanup
getpeername
bind
getsockname
inet_addr
inet_ntoa
send
select
recv
ntohs
closesocket
socket
gethostbyname
gethostname
htons
WSAStartup

userenv

GetProfilesDirectoryA
GetUserProfileDirectoryA

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA
WTSEnumerateSessionsA

psapi

EnumProcessModules
GetModuleFileNameExA

winmm

waveInStart
waveInOpen
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInGetNumDevs
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveInReset

Sections

.text
Size: 372KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 112KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/316b770a101557bd9efe983e9b30501c
.exe windows:5 windows x86 arch:x86

8b0a418d8796dfadd23af6859414072c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
GetProcessHeap
FreeLibrary
HeapAlloc
CloseHandle
CreateFileA
Sleep
ReadFile
GetFileSize
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
QueryPerformanceCounter

msvcr90

exit
_acmdln
_initterm
_ismbblead
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc
memset
memcpy
_initterm_e
_stricmp

imagehlp

MakeSureDirectoryPathExists

wininet

InternetCloseHandle

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3177ee98af68299db4dff254c8154b43
.html .js polyglot
some-samples-master/321de007f75d73b0ab62567e9e81f6e7
.html .js polyglot
some-samples-master/3250d2dde03a8739b4083cb56c1a142a
.js
some-samples-master/32fcfc7bebbc050814f6d2124340f4eb
.exe windows:5 windows x86 arch:x86

86110347c6b69e2ee0252624d9264336

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
LoadIconA
ShowWindow
CreateWindowExA
wsprintfA
EndDialog
DestroyWindow
DefWindowProcA
DialogBoxParamA
EnableWindow
UpdateWindow
LoadStringA
PostQuitMessage
RegisterClassExA
LoadCursorA
DispatchMessageA
TranslateMessage
GetMessageA
GetWindowRect
GetDesktopWindow
MessageBoxA
GetScrollPos
LockWindowUpdate
OpenClipboard
MapWindowPoints
MessageBeep
GetCursorPos
EndDeferWindowPos
EnableMenuItem
ShowCaret
GetActiveWindow
FrameRect
GetScrollRange
RegisterClassA
ModifyMenuA
SetTimer
SetDlgItemTextA

kernel32

GetProcessHeap
HeapAlloc
GetCommandLineA
GetModuleHandleA
ExitProcess
SetLastError
GetSystemInfo
GetCurrentDirectoryA
lstrcatA
CreateFileA
GetLastError
lstrcmpA
lstrlenA
MapViewOfFile
GetStartupInfoA

Sections

.text
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/333b1bfc685eac9c35aba5786e63d996
.doc windows office2003

ThisDocument

Module1
some-samples-master/334377e963c8517cf00de0760e6173cc
.js
some-samples-master/3365b153de60ec457d6a5c1fcd5eb4ae
.js
some-samples-master/336d5ebc5436534e61d16e63ddfca327
some-samples-master/338afa99deb66c2cfd5057c0359faa6c
.js
some-samples-master/33bf16cb823e685f1ec6c298be5caafb
.exe windows:5 windows x86 arch:x86

3761264be1c53c591ab8b2afd8b13867

Code Sign

1b:e7:15
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

01-01-2014 07:00

Not After

30-05-2031 07:00

Subject

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03-05-2011 07:00

Not After

03-05-2031 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:a6:9e:72:e3:8a:fe:48
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

08-12-2015 18:56

Not After

08-12-2016 18:56

Subject

CN=Super Click Interactive,O=Super Click Interactive,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d9:92:7d:3a:92:76:0d:20:6c:2a:cd:c1:1c:cb:de:b9:37:39:35:96
Signer

Actual PE Digest

d9:92:7d:3a:92:76:0d:20:6c:2a:cd:c1:1c:cb:de:b9:37:39:35:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

gdi32

CreateBitmap
AbortPath
PolyPolygon
FlattenPath
DeleteObject
EnumObjects
SelectObject
CreateFontIndirectA
CreateFontA
SelectClipPath

user32

DispatchMessageA
TranslateMessage
PostMessageA
RegisterClassA
GetWindowLongA
DrawTextW
EndPaint
ShowWindow
DrawTextA
GetDC
SendMessageA
SendMessageW
GetMessageA
CreateWindowExA
GetGuiResources
InvertRect
BeginPaint

kernel32

RtlUnwind
GetSystemTimeAsFileTime
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
FormatMessageA
LocalFree
TerminateThread
GetLogicalProcessorInformation
RegisterWaitForSingleObject
CreateTimerQueue
GetMailslotInfo
SuspendThread
DeleteTimerQueue
GetLastError
MultiByteToWideChar
lstrcmpiA
GetFileAttributesA
GetProcAddress
WaitForSingleObject
ReleaseMutex
CloseHandle
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateMutexA
GetVersionExA
GetCurrentProcess
GetVersion
lstrcpynA
ExitProcess
GetModuleFileNameA
FreeLibrary
DeleteFileA
SetEnvironmentVariableA
DuplicateHandle
GetCurrentProcessId
GetEnvironmentVariableA
GetExitCodeProcess
TerminateProcess
ResumeThread
CreateProcessA
GetCommandLineA
LoadLibraryA
FlushFileBuffers
WriteFile
SetCurrentDirectoryA
CreateDirectoryA
GetTempPathA
GetModuleHandleA
ReadConsoleA
WriteConsoleA
GetStdHandle
GetCurrentDirectoryA
GetFullPathNameA
SetErrorMode
QueueUserWorkItem
HeapSize

msvcrt

realloc
rand
_pgmptr
srand
__argc
__argv
memmove
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_callnewh
_ismbblead
__getmainargs
_cexit
_exit
_XcptFilter
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_controlfp
memset
__CxxFrameHandler
atoi
_snprintf
_time64
memcpy
free
malloc

ole32

CoInitializeEx
OleInitialize
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID

shell32

SHGetPathFromIDListA
SHGetDiskFreeSpaceExA
ShellExecuteExA
SHFileOperationA
SHBrowseForFolderA
SHGetInstanceExplorer

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/33cad6dda58f6133c7899edfdb079128
some-samples-master/33dcf85e5f9c09d025c115b4194650cb
.html
some-samples-master/34165002bf9db60b5b2145ee103e39dd
.html .js polyglot
some-samples-master/341a4f97bcf38d26004168e393f02cb7
.js
some-samples-master/341fb7f70da529f5966b085ae58a3196
.js
some-samples-master/342b5e86d7231293955dc610edf6e985
.js
some-samples-master/34421e456a1b044ace3255af48ef7d58
.html .js polyglot
some-samples-master/345b327f97a632483f885eb2747d7413
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lif
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/347807d9b4a4ddabeb3b676dbde8dab6
.html .js polyglot
some-samples-master/3478f6db072dcbed801ef53d0d28f973
.html .js polyglot
some-samples-master/348f24904e32ee4f6eab2eaafaa4c016
.js
some-samples-master/34a20a3972dfbc91c6783dee848b8e7e
.js
some-samples-master/34b7fa8191b8509d815b56b8ba31790e
some-samples-master/34ede954ca99e626bb26e15a72ebf069
.exe windows:5 windows x86 arch:x86

470282e4fe2ebbf8acb122584604aac8

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

0a:2a:ba:6b:7a:02:e3:c3:73:fd:2c:65:4b:31:1b:19
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

19-09-2016 00:00

Not After

19-09-2017 23:59

Subject

CN=上海旭岑投资合伙企业（有限合伙）,OU=IT部,O=上海旭岑投资合伙企业（有限合伙）,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bd:95:d7:95:c1:95:3d:be:e5:3b:f1:5b:78:cc:e9:c3:dc:d5:3f:09
Signer

Actual PE Digest

bd:95:d7:95:c1:95:3d:be:e5:3b:f1:5b:78:cc:e9:c3:dc:d5:3f:09

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
SetWindowPos
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
EndDialog
GetSystemMetrics
CreatePopupMenu
AppendMenuA
GetWindowRect
SetDlgItemTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadBitmapA
IsWindowVisible
CallWindowProcA
GetMessagePos
ScreenToClient
CheckDlgButton
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
CharNextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
TrackPopupMenu
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint

kernel32

RemoveDirectoryA
GetSystemDirectoryA
lstrcatA
GetTempFileNameA
CreateFileA
CreateProcessA
CreateDirectoryA
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
SetErrorMode
GetVersion
lstrlenA
GetCommandLineA
GetTempPathA
GetWindowsDirectoryA
ExitProcess
CopyFileA
GetCurrentProcess
GetModuleFileNameA
GetFileSize
GetTickCount
Sleep
SetFileAttributesA
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsA
lstrcmpA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
SetFileSecurityA

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

ntdll

_allshl
_aulldiv
_allmul
_alldiv
_allrem
_allshr

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 768KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/34ee279f6006907db002c144aa621d04
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/34f0f8f7f40d3ffa0e38333786ecaba8
.html .js polyglot
some-samples-master/34f7e0eae1561835fe9fa1fae810532a
.js
some-samples-master/3540ad8e052ff4c735336ec65e5ce07a
.exe windows:5 windows x86 arch:x86

d2a23e69cec9356bb66b0beb0d633ac9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSaveKeyW
RegRestoreKeyA
RegEnumKeyA
RegCreateKeyExA
RegReplaceKeyA
ReadEventLogA
RegUnLoadKeyA
IsTextUnicode
CryptSignHashW
ClearEventLogA
OpenEventLogW
RegOpenKeyW
RegDeleteValueW

shell32

SHGetFileInfoA
DragFinish
SHGetMalloc
ExtractIconW
ShellMessageBoxW
FindExecutableA
StrStrA
SHChangeNotify
DragQueryFileA
ShellAboutA
DragQueryPoint

shlwapi

UrlIsW
UrlCompareW
PathIsURLA
PathCommonPrefixW
UrlIsOpaqueW
UrlHashA
UrlIsNoHistoryW
PathCompactPathW
UrlGetPartW
PathCombineW
UrlGetLocationA
UrlEscapeA
UrlUnescapeW
PathStripPathA

modemui

InvokeControlPanel
drvSetDefaultCommConfigA

comsvcs

RecycleSurrogate
CoCreateActivity
CoEnterServiceDomain

kernel32

DeleteFileA
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetCommandLineA
WaitForSingleObject
CreateWaitableTimerW
OpenEventW
WaitNamedPipeA
InterlockedIncrement
GetProcessHeap
OpenMutexW
FindNextFileA
MoveFileExW
LoadLibraryExW

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/355b7d075c61514c7850ee1ebc50518c
some-samples-master/356d7a56c288e494e0ee04dc7540a46e
.html .js polyglot
some-samples-master/35719b0f2e1356cba8371dfda0e4afe6
.js
some-samples-master/35b1baffd379640ae2768911e08e3a31
.js
some-samples-master/35e4e95127acfeee471c07b31198b923
.html
some-samples-master/35fdac7cf403940cb7a06a546f5c8051
.html .js polyglot
some-samples-master/361850002d0b053397d1299f10492404
.js
some-samples-master/36297e785139d3f5c6de68cc4bf6a1a9
.exe windows:4 windows x86 arch:x86

c6628e4b37bd4bd745d49e73710febcd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord825
ord823

msvcrt

__set_app_type
__p__fmode
__p__commode
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
_adjust_fdiv
__CxxFrameHandler
_CxxThrowException
memmove
_ftol
memcpy
memset
memcmp
malloc
_except_handler3
realloc
strlen
strcat
free
strstr
strcpy
exit
atoi
rand
sprintf
strncmp
_XcptFilter
_exit
??1type_info@@UAE@XZ
calloc
_beginthreadex

kernel32

LocalAlloc
RaiseException
ExitProcess
FreeLibrary
GetStartupInfoA
CreateToolhelp32Snapshot
Process32First
Process32Next
lstrcmpiA
CopyFileA
GetCurrentThreadId
MoveFileA
MoveFileExA
CreateThread
GetModuleFileNameA
GetProcAddress
LoadLibraryA
CreateEventA
WaitForSingleObject
ResetEvent
SetEvent
InterlockedExchange
CancelIo
Sleep
CloseHandle
WriteFile
SetFilePointer
CreateFileA
GetFileSize
ReadFile
GetWindowsDirectoryA
VirtualAlloc
GetFileAttributesA
CreateProcessA
lstrlenA
lstrcpyA
TerminateThread
lstrcatA
GetTickCount
DeleteFileA
GetLastError
GetCurrentProcess
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
OpenEventA
CreateMutexA

user32

CloseDesktop
LoadIconA
LoadCursorA
RegisterClassA
PostThreadMessageA
GetInputState
GetMessageA
ShowWindow
GetWindow
FindWindowA
FindWindowExA
SendMessageA
GetDlgCtrlID
SetThreadDesktop
GetUserObjectInformationA
GetThreadDesktop
wsprintfA
SendInput
PostMessageA
OpenDesktopA
OpenInputDesktop

gdi32

GetStockObject

advapi32

StartServiceCtrlDispatcherA
AdjustTokenPrivileges
CloseEventLog
ClearEventLogA
OpenSCManagerA
CreateServiceA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
OpenServiceA
StartServiceA
CloseServiceHandle
RegOpenKeyExA
LookupPrivilegeValueA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken
OpenEventLogA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

iphlpapi

GetIfTable

wininet

InternetCloseHandle
InternetOpenUrlA
InternetOpenA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/36333753098e8d8a10559022dd6d5a89
.html
some-samples-master/367152a8765ada2b0b5253af6fc84de3
.js
some-samples-master/3681f9fb1d8d937b1ba57b18fc7bbd46
.js
some-samples-master/36b994229a7a750b266665afb3af2b89
.html
some-samples-master/36bdfc8896c5a5e3096629c8e53d5221
.html .js polyglot
some-samples-master/36c711dc8ba21ec4b730ae3407822e18
.html .js polyglot
some-samples-master/36ec0982d84a1d605f01b546bd75246b
.html .js polyglot
some-samples-master/37150c3a07cbe57e3d5369ebda4e4a62
.html .js polyglot
some-samples-master/3754cfafa2b54c49794a0283e5971de3
.js
some-samples-master/37687b54d1a2fdcfbaae0004c1ec04ef
.html .js polyglot
some-samples-master/37926e7e1738770fb56d37bf8358a14b
.html .js polyglot
some-samples-master/379504714e48bb63a9a2a1c7d950d14e
.js
some-samples-master/37c331e8d3b4ad29a8d81014bb455109
.html .js polyglot
some-samples-master/3806953d0eda6981eb74f6203b418cd1
.exe windows:5 windows x86 arch:x86

0f5a34db9f244a5b90c7dc3980446f0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

authz

AuthzAddSidsToContext
AuthzFreeContext
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeAuditEvent

clusapi

CloseClusterNode
ClusterEnum
CloseClusterGroup

kernel32

SetLastError
GetFileAttributesA
LoadLibraryA
GetModuleFileNameW
GetModuleHandleW
GetLogicalDriveStringsW
GetProcAddress
CreateMailslotW
GetCommandLineA
CreateFileA
MoveFileExA
UnmapViewOfFile
GetOEMCP
WaitForSingleObject
CreateJobObjectA

user32

LoadCursorW
PeekMessageA
LoadIconW
CharToOemA
LoadStringA
GetClassLongA
LoadMenuA
IsDialogMessageA
LoadBitmapA
InsertMenuA
GetPropW

rsaenh

CPDecrypt
CPGenKey
CPEncrypt

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3811cb3345547776a234cda144f8a99c
.html .js polyglot
some-samples-master/382765c418f3feacd077235715721c17
.exe windows:4 windows x86 arch:x86

2e4e70556ef762103a5f4a3094ab65c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
VirtualFree
FreeLibrary
WriteFile
GetStringTypeA
LCMapStringW
RtlUnwind
RaiseException
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
SetUnhandledExceptionFilter
IsBadWritePtr
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
GetStringTypeW

user32

wsprintfA

Exports

Exports

Update

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/385ff330dbb766766e2b65e2426c5fae
.js
some-samples-master/3863ae1c0e504ae087526c746585124b
.js
some-samples-master/3873be795965e9d5a33fcccbdc754f71
.html
some-samples-master/389c3539ea1c10e02436d2a4f26fc892
.js
some-samples-master/389fe5ab3ba604684f41da181cfe1322
.exe windows:5 windows x86 arch:x86

dce551a4ab2a469e3edf82fddeed8c7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
OpenEventLogW
ClearEventLogA
LogonUserW
InitializeAcl
CryptSignHashW
RegOpenKeyA
ControlService
RegReplaceKeyW
RegSaveKeyA
RegCreateKeyExW
RegUnLoadKeyA

authz

AuthzAddSidsToContext
AuthzInitializeContextFromSid

uxtheme

GetWindowTheme
GetThemeAppProperties
DrawThemeText
GetThemeBackgroundExtent
GetThemeSysFont
GetThemeSysInt
GetThemePosition
IsThemeActive
GetCurrentThemeName
GetThemeFilename
GetThemeEnumValue
CloseThemeData
GetThemeSysBool
GetThemeBackgroundRegion

shell32

ShellMessageBoxA
DragQueryFileA
SHGetDesktopFolder
SHGetDataFromIDListA
ShellAboutA
StrChrA
DragFinish
FindExecutableA
DragQueryPoint
SHGetDiskFreeSpaceA
SHFree

kernel32

WaitForSingleObject
CreateJobObjectA
GetProcAddress
GetStringTypeW
OpenSemaphoreA
InitializeCriticalSection
GetCommandLineW
MoveFileA
GetModuleHandleA
GetTempPathA
ReadConsoleA
GetProfileSectionA
GetSystemDirectoryA
CreateMailslotA
CreateFileW
GetLogicalDriveStringsA
GetModuleFileNameW
UnmapViewOfFile
GetDateFormatA
GetVersion
LoadLibraryExA
GetExpandedNameA
lstrcmpiA
DeleteFileW
SearchPathW
GetTickCount
GetFileAttributesW
MoveFileExA
GetConsoleAliasW

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_MEM_READ
some-samples-master/38ab51a820114973be8c0a18f6943d88
.exe windows:4 windows x86 arch:x86

2161077afa062de3a3f99e8800cdab51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5065
ord1727
ord5261
ord2446
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord823
ord2135
ord825
ord818
ord1949
ord4034
ord800
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5280
ord2124
ord4425
ord3749
ord324
ord641
ord4234
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord1134
ord1168
ord2379
ord755
ord470
ord6334
ord858
ord3499
ord2515
ord355
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord3597
ord6055
ord1576

msvcrt

_except_handler3
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
free
realloc
_CxxThrowException
__CxxFrameHandler
_setmbcp
_stricmp
__set_app_type

kernel32

Sleep
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA

user32

DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
EnableWindow
SendMessageA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/38bb30c0a6c2301eccc194c627941811
.js
some-samples-master/38d813eff207ab497fc97170301f0f68
.js
some-samples-master/38f4ea2c13fb5cce10c12ee449acddcd
.html .js polyglot
some-samples-master/391040b0b9ff1fe6b59fe842849c5c40
.html .js polyglot
some-samples-master/39168904db066b6604465734866d184d
.exe windows:5 windows x86 arch:x86

94ff79712dfe35326a2407f022dfea5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
LCMapStringW
GetModuleFileNameW
GetStdHandle
WriteFile
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
HeapSize
RtlUnwind
CloseHandle
OutputDebugStringA
OpenEventA
LoadLibraryA
GetLastError
GlobalUnlock
ReadFile
HeapCreate
Sleep
GlobalAlloc
GlobalLock
GetTickCount
HeapAlloc
lstrlenA
GetFileSize
IsProcessorFeaturePresent
CreateFileA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
HeapFree
HeapReAlloc
GetCurrentThreadId
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
MultiByteToWideChar
GetProcAddress
GetModuleHandleW
ExitProcess
DecodePointer
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

VkKeyScanA
LoadImageA
SetClipboardData
CheckMenuItem
EndPaint
CloseClipboard
PostQuitMessage
SendDlgItemMessageA
GetSubMenu
CopyImage
SendMessageA
BeginPaint
GetDC
GetForegroundWindow
EnumPropsA
SetScrollPos
PeekMessageA
ReleaseDC
EmptyClipboard
GetDlgItem
EndDialog
DefWindowProcA
GetMenuStringA
ShowWindow
GetMenuItemCount
DispatchMessageA
OpenClipboard
SetWindowTextA

gdi32

PatBlt
SetViewportOrgEx
SetWindowExtEx
SetTextColor
DeleteDC
CreateMetaFileA
DeleteObject
SelectObject
CreateCompatibleDC
SetMapMode
CreateCompatibleBitmap
SaveDC
SetWorldTransform
SetViewportExtEx
GetTextMetricsA
GetStockObject
ModifyWorldTransform
TextOutA
SetGraphicsMode

advapi32

EncryptFileW
AllocateAndInitializeSid
EncryptionDisable
EqualDomainSid

shell32

ExtractIconExA
SHBrowseForFolderA

ole32

CoUnmarshalInterface
CreateStreamOnHGlobal

oleaut32

SysAllocString
VariantInit
SysFreeString
VariantClear

msimg32

GradientFill

gdiplus

GdiplusStartup

tapi32

lineSetTollListA

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/39375e2cfc894b3127a260ef11684061
.html
some-samples-master/396e45c03c57befb4bb34af70bcb3562
.html .js polyglot
some-samples-master/3972f58f40e0dd079daca03e27ff41ec
.js
some-samples-master/3995f9f8b9f9f6dafda2203a0633e3cb
.html
some-samples-master/399a6c8d8dea2b463a7edf2b1ec2eb20
.html .js polyglot
some-samples-master/39a7d982da841cdf9f04c5e19ee14164
some-samples-master/39be7b0264476422173df484bd34ee0f
.exe windows:5 windows x86 arch:x86

470282e4fe2ebbf8acb122584604aac8

Code Sign

1a:92:2c:e1:85:bb:1d:fd:3d:65:dc:b2:98:8b:21:87
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

04-11-2015 09:06

Not After

04-11-2016 09:06

Subject

CN=Shanghai Yishen Network Technology Co.\, Ltd.,O=Shanghai Yishen Network Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
SetWindowPos
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
EndDialog
GetSystemMetrics
CreatePopupMenu
AppendMenuA
GetWindowRect
SetDlgItemTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadBitmapA
IsWindowVisible
CallWindowProcA
GetMessagePos
ScreenToClient
CheckDlgButton
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
CharNextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
TrackPopupMenu
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint

kernel32

RemoveDirectoryA
GetSystemDirectoryA
lstrcatA
GetTempFileNameA
CreateFileA
CreateProcessA
CreateDirectoryA
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
SetErrorMode
GetVersion
lstrlenA
GetCommandLineA
GetTempPathA
GetWindowsDirectoryA
ExitProcess
CopyFileA
GetCurrentProcess
GetModuleFileNameA
GetFileSize
GetTickCount
Sleep
SetFileAttributesA
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsA
lstrcmpA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
SetFileSecurityA

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

ntdll

_allshl
_aulldiv
_allmul
_alldiv
_allrem
_allshr

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 720KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3a3d445e26e05a8849e6d0e98aea1db8
.exe windows:4 windows x86 arch:x86

045a6431c0c7cdf273cfc60b87bf3a1d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord583
_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
ord695
__vbaStrVarMove
ord588
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
ord519
ord629
ord661
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
_CIsin
__vbaChkstk
__vbaGosubFree
EVENT_SINK_AddRef
__vbaI2I4
DllFunctionCall
__vbaFpUI1
_adj_fpatan
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
ord710
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaGosub
ord608
ord609
__vbaFPException
ord644
_CIlog
__vbaErrorOverflow
__vbaNew2
__vbaInStr
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarDup
ord614
__vbaFpI4
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3ac9fc0f9c18cec0d13dd326e5b628c6
.js
some-samples-master/3ad24a60b30d465aaf005d976f430508
.html
some-samples-master/3adad87418e2b3daddf20942cd0facfb
.js
some-samples-master/3af544e65204d52d4a42d7e435d28fed
.js
some-samples-master/3b1a81f908392efc34d4c239810ceb62
.js
some-samples-master/3b20ef374a5b81eb1299e25b4c3784c6
.js
some-samples-master/3b370b856b0365860ff44e0fa1d31564
.html .js polyglot
some-samples-master/3b5698b90dd761d8a2d085859164a540
.exe windows:5 windows x86 arch:x86

54cfb611ac4ffc059d18dfdcd11ea7c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprAdminBufferFree
MprAdminConnectionEnum
MprInfoBlockAdd

kernel32

GetModuleFileNameW
lstrcmpiA
GetDateFormatA
GetModuleHandleA
GetProcAddress
CreateMailslotA
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyW
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogW
ClearEventLogA
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrA
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopW
wsprintfA
PostMessageA
GetDlgItemTextW
IsDialogMessageA
DispatchMessageW
GetMessageA
LoadMenuA
LoadStringW
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateW
InsertMenuW
GetPropA

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/3b57f0b83cd6b4c4fb1a458caec24ba3
.html
some-samples-master/3b5e01b8660510940a03cb5f4e6ac2e5
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3bb008f3686fcb24a654f01eb343f004
.doc windows office2003

ThisDocument

Module1
some-samples-master/3be52544e394afde55fe14958fa3ccc3
.html
some-samples-master/3c0447a8e05bc9ed43128ed22c22e23a
.exe windows:5 windows x86 arch:x86

46ec036f108b9442762024102130efcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

nddeapi

NDdeShareAddA
NDdeShareDelA
NDdeShareGetInfoA

kernel32

GetModuleFileNameA
lstrcmpiA
GetDateFormatW
GetModuleHandleW
GetProcAddress
CreateMailslotW
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyA
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogA
ClearEventLogW
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrW
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopA
wsprintfA
PostMessageW
GetDlgItemTextW
IsDialogMessageA
DispatchMessageA
GetMessageA
LoadMenuA
LoadStringA
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateA
InsertMenuW
GetPropW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/3c0c7d2b91d10d78b1a5b19d753da1ec
.html .js polyglot
some-samples-master/3c42d694a841d68ae71a7fc5d5666e98
.exe windows:4 windows x86 arch:x86

716fd7bb95d13ec98c02ba655191877c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
WriteFile
CreateFileA
MoveFileA
DeleteFileA
GetModuleFileNameA
GetLocalTime
CloseHandle
WaitForSingleObject
GetVersionExA
CopyFileA
LocalAlloc
HeapAlloc
GetProcessHeap
VirtualProtect
HeapFree
SetEvent
CreateEventA
lstrcmpiA
GetStartupInfoA
GetModuleHandleA
LocalSize
LocalFree
OutputDebugStringA
GetTickCount
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
lstrlenA
GetLastError
Sleep
InterlockedExchange
VirtualAlloc
VirtualFree
GlobalMemoryStatusEx

user32

wsprintfA

advapi32

StartServiceCtrlDispatcherA
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
RegCloseKey
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenEventLogA
ClearEventLogA
CloseEventLog

msvcrt

??3@YAXPAX@Z
memcpy
ceil
_ftol
__CxxFrameHandler
_CxxThrowException
memset
??2@YAPAXI@Z
memcmp
strlen
_except_handler3
_local_unwind2
printf
strstr
strcpy
strncpy
strrchr
atoi
strcspn
rand
sprintf
realloc
free
_beginthreadex
fclose
fprintf
fopen
strchr
??1type_info@@UAE@XZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_strupr
_stricmp

Sections

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hxcysbk
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/3c47d0009992c84aac7e0da3a129a70f
.html .js polyglot
some-samples-master/3c7951b8c2cc286a535941ce88d4bde9
.js
some-samples-master/3c95b3af772300d157558a9459011355
.html .js polyglot
some-samples-master/3cd041f155f977db52c7063a73983d2f
.html
some-samples-master/3cdd9152472e707fd64184ed44d2b6b9
.exe windows:4 windows x86 arch:x86

888f7c3cb1911069f97ed9c2bd4061db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetPriorityClass
GetCurrentProcess
ResumeThread
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
DebugBreak
lstrcmpiA
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
GetFileAttributesA
GetDriveTypeA
ReadFile
GetFileSize
CallNamedPipeA
GetUserDefaultLangID
lstrlenW
FileTimeToSystemTime
SetFilePointer
GetTempPathA
GetTempFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetLastError
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
SetFileAttributesA
GetModuleHandleA
SetLastError
GetWindowsDirectoryA
GetShortPathNameA
CreateFileA
WriteFile
CloseHandle
MoveFileA
lstrcpyA
GetTickCount
CopyFileA
DeleteFileA
GetModuleFileNameA
lstrcpynA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FreeLibrary
lstrlenA
HeapAlloc
lstrcatA

user32

CharNextA
GetKeyboardType
PeekMessageA
MsgWaitForMultipleObjects
SetCursor
SetWindowLongA
SetTimer
EndDialog
GetSystemMetrics
BeginDeferWindowPos
GetWindowTextA
SetWindowTextA
DeferWindowPos
EndDeferWindowPos
LoadStringA
GetClientRect
ScreenToClient
PostMessageA
GetDC
ReleaseDC
ShowWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendMessageA
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
wvsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetMessageA
RedrawWindow
KillTimer
InvalidateRect
UpdateWindow
GetDlgItemTextA
LoadCursorA
TranslateMessage
DispatchMessageA
wsprintfA
LoadImageA

gdi32

UpdateColors
SetTextColor
SetBkMode
GetDeviceCaps
SelectPalette
CreateHalftonePalette
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
DeleteObject
RealizePalette
BitBlt
DeleteDC
SelectObject

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
StrRChrA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
VariantClear

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3ceed0847f8dd643f0f18214d54bb9de
.js
some-samples-master/3d08be7bdd95782805bf248faaff93ce
.html .js polyglot
some-samples-master/3d1a3f18269d24fa1712e59f1684ccbb
some-samples-master/3d2dd2f68420f65e8b0b06fb425b438f
.js
some-samples-master/3d4e88b3ba4d128bb171b74b1f6f641a
.exe windows:4 windows x86 arch:x86

9dab094f599dafe54de861be50d7e7a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACloseCertType
CAEnumNextCA

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range

user32

wsprintfW
LoadBitmapA
IsDialogMessageA
DispatchMessageA
PostMessageA
CharToOemA
LoadIconA
IsCharLowerW
DialogBoxParamW
MessageBoxA
GetClassLongA
DrawStateW
PeekMessageW
InsertMenuW

comsvcs

CoEnterServiceDomain
CoLoadServices

kernel32

GetCommandLineW
InterlockedIncrement
CreateNamedPipeW
GetEnvironmentVariableW
WaitForSingleObject
SetLocalTime
CreateThread
GetComputerNameExA
CloseHandle
FindResourceExW
OpenThread
GlobalAddAtomW
GetConsoleTitleW
SetPriorityClass
FindNextFileA
CreateFileMappingW
FindFirstFileA
FormatMessageW
SetLastError
GetLogicalDriveStringsW
GetProcAddress
GetPrivateProfileStringA
CreateDirectoryW
CreateSemaphoreA
LoadLibraryA
SetEnvironmentVariableA
GetModuleHandleA

shlwapi

UrlGetPartA
PathCompactPathW
UrlCreateFromPathA
UrlCombineW
UrlEscapeW
UrlCompareW
UrlUnescapeA
PathIsRootA
UrlHashW
UrlIsNoHistoryA
UrlGetLocationW
PathCommonPrefixW
UrlIsW
PathCombineW

resutils

ClusWorkerStart
ClusWorkerTerminate

shell32

SHFree
DllCanUnloadNow
DragQueryFileA
DllGetVersion
SHBrowseForFolderA
SHGetDesktopFolder
StrChrA
ExtractIconA
SHEmptyRecycleBinW
SHCreateDirectoryExW

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 541KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dec
Size: 512B - Virtual size: 256KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3d62c584ee8b24dec0d116ee680c63fc
.html .js polyglot
some-samples-master/3d7192a2305ee008a45c4d93d1be5a18
.js
some-samples-master/3d746628efd3de67bba6a45075e662c9
.html .js polyglot
some-samples-master/3d7bbac20ea18795671f6a84a79979dd
.html .js polyglot
some-samples-master/3d86d7a013b195c828029e119547d417
.html .js polyglot
some-samples-master/3d88a57d3277ca5ec548a8fa7b2bd1cb
.exe windows:4 windows x86 arch:x86

4748f5aa0968ca39b89cb3c398c490dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
CloseHandle
CreateFileA
WriteFile
ReadFile
GetFileSize
RtlUnwind
RaiseException
GetLastError
HeapReAlloc
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
InitializeCriticalSection
InterlockedExchange
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
LocalAlloc

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/3d8fa49e00397f9ba703f6bafd8ec6ed
.html .js polyglot
some-samples-master/3d91d4568ab49248ff283802140470de
.js
some-samples-master/3da340163d78ff11a2e50b20bda3a746
.html
some-samples-master/3de9332a6363d5004cf5b5fd415408d4
.exe windows:4 windows x86 arch:x86

a377ca748007a040f13eec61b0d8c11f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord825
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord5252
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord2879
ord617
ord5301
ord5214
ord296
ord986
ord520
ord4159
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord6215
ord823

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
malloc
free
printf
_CxxThrowException
realloc
__CxxFrameHandler

kernel32

HeapAlloc
VirtualAlloc
GetProcAddress
LoadLibraryA
Sleep
HeapFree
VirtualFree
FreeLibrary
CloseHandle
WriteFile
ReadFile
GetFileSize
GetModuleHandleA
GetStartupInfoA
GetProcessHeap

user32

EnableWindow
UpdateWindow

Exports

Exports

stricmp

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3e0557b5a6736edfc699be5cf1b06193
.html .js polyglot
some-samples-master/3e0777b65d74b7dae4fd10d55ef37d76
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qnk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/3e239ae5d29cdb9d7157b836563dd5c5
.html .js polyglot
some-samples-master/3e5e5b58fca0b1d36abb5c9905d8ab3b
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/3e6d91f8cf6913147f8117dc8de97b2a
.html
some-samples-master/3e7fd4b3ee07fe7b2cd8c1098c48170a
.html .js polyglot
some-samples-master/3e800d37a3736cbac15cffd90a8fe2f0
.html .js polyglot
some-samples-master/3eab5d298c5423ff30cef60036c43472
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/3f3583d85a7d4bd7a8fca5c9a7bdf62e
.html
some-samples-master/3f3bfebb2bf5f2b153d246c243ccbf3a
.html .js polyglot
some-samples-master/3f5d3376e59b0af117527afdd5a8d2ea
.js
some-samples-master/3f5dc1a8209740739f7dd71228ebca27
some-samples-master/3f652d9bc17a4be3c0e497ea19848344
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 513KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/3f728a8dd4c3663ecf741c25d3a0afe0
.exe windows:4 windows x86 arch:x86

da2c25e045f4fbf2ca264bbb89e6fa2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord459
ord561
ord825
ord743
ord5500
ord617
ord5301
ord6354
ord6352
ord5214
ord296
ord2036
ord986
ord520
ord823
ord4159
ord6117
ord2621
ord1134
ord1205
ord1199
ord1247
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord2486
ord4003
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord2725
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord1206
ord2623
ord338
ord1223
ord4823
ord1849
ord4244
ord2583
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord4403
ord5240
ord5290
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5253
ord3998
ord4723
ord1942
ord4272
ord5259
ord1859
ord4246
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord4163
ord2120
ord4457
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4953
ord4612
ord1168

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
_setmbcp

kernel32

GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
GetProcessHeap
VirtualFree
FreeLibrary
VirtualAlloc
IsBadReadPtr
ExitProcess
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
EnableWindow

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/3f7a008d05c00a984a36f8bfcb4764f8
.js
some-samples-master/3f82c243f981d945dca28cee38ad65dd
.html
some-samples-master/3ff428feda0258ee1e6ed969004ac7bb
.html .js polyglot
some-samples-master/4000a775038dd850315a2e6d1bc9bba0
.html .js polyglot
some-samples-master/400436dbbd0d666ea83c76f87bb0baa2
.exe windows:5 windows x86 arch:x86

ce980057dd94f410d2d84fe5157eb68f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
lstrcpyA
CloseHandle
ReadFile
CreateFileA
FreeLibrary
WriteFile
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
EncodePointer
DecodePointer
HeapCreate
HeapFree
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameW
RaiseException
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/40568916f110e4c6f31bf641452fdfed
.js
some-samples-master/406e38bd0e484e8169bbe449209c0613
.js
some-samples-master/408dd2723e016ab43403ee536fb4a653
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 479KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/408eddecbb23df32407efa41a2722a67
.js
some-samples-master/40ab038edcb63ab93e99f271c15dab23
.exe windows:5 windows x86 arch:x86

ff88aea570522123ddf1d5f2330ca295

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
WriteFile
GetModuleFileNameA
GetProcessHeap
DeviceIoControl
CreateFileW
GetStartupInfoW
GetFileType
GetStdHandle
DeleteCriticalSection
GetCurrentThreadId
SetLastError
IsDebuggerPresent
HeapSize
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
FlushFileBuffers
GetConsoleCP
WriteConsoleW
GetStringTypeW
OutputDebugStringW
GetEnvironmentStringsW
SetStdHandle
GetModuleHandleExW
ExitProcess
HeapFree
IsProcessorFeaturePresent
GetCommandLineA
RtlUnwind
RaiseException
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
GetModuleHandleA
lstrcpyA
VirtualQuery
MulDiv
WaitForSingleObject
SetEvent
GetLastError
SetFilePointerEx
HeapAlloc
GlobalAlloc
CloseHandle
GetProcAddress

user32

GetSystemMetrics
TranslateAcceleratorA
CreateAcceleratorTableA
LoadAcceleratorsA
KillTimer
SetTimer
GetAsyncKeyState
EnumWindowStationsW
GetMessageA
TranslateMessage
DispatchMessageA
GetSystemMenu
CreatePopupMenu
AppendMenuA
TrackPopupMenu
InsertMenuItemA
SendMessageA
DefWindowProcA
DefWindowProcW
PostQuitMessage
RegisterClassExA
CreateWindowExA
SendDlgItemMessageA
GetDlgItem
DialogBoxIndirectParamA
ShowWindow
IsWindow
LoadImageA
FreeDDElParam
UnpackDDElParam
GetAncestor
DlgDirSelectExA
DlgDirListA
MapDialogRect
LoadStringA
UpdateWindow
DestroyIcon
LoadIconA
LoadCursorA
LoadBitmapA
FindWindowA
SetClassLongA
SetWindowLongA
GetWindowLongA
GetSysColor
GetCursorPos
SetCursor
ShowCursor
MessageBoxW
MessageBoxA
GetClientRect
GetWindowTextA
SetWindowRgn
EndPaint
BeginPaint
ReleaseDC
GetDC
SetForegroundWindow
CreateWindowExW

gdi32

SetLayout
SelectObject
GetDeviceCaps
DeleteObject
CreateSolidBrush
CreateRectRgn
CreatePen
CreateFontA
CreateEllipticRgn
CreateCompatibleDC
CombineRgn
TextOutA

comdlg32

ChooseColorA

shell32

Shell_NotifyIconA
SHEmptyRecycleBinA
SHQueryRecycleBinA
SHGetFolderPathA
ExtractAssociatedIconA

ole32

RevokeDragDrop
CoCreateInstance
CoLockObjectExternal
GetHGlobalFromStream
CoInitialize

ws2_32

listen
htons
send
socket
ioctlsocket
closesocket
bind
accept
recv
gethostname
WSAStartup
WSACleanup
WSAIoctl

avifil32

AVIFileRelease
AVIFileInit
AVIFileOpenA
AVIFileInfoA
AVIStreamOpenFromFileA
AVIFileExit

msvfw32

GetOpenFileNamePreviewA

msimg32

GradientFill

winmm

waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutOpen

comctl32

ImageList_Create
ImageList_Add
ImageList_GetImageCount

opengl32

glTexCoord2f
glLoadIdentity
glClear
glBegin
glVertex3f

eappcfg

EapHostPeerFreeMemory
EapHostPeerFreeErrorMemory
EapHostPeerInvokeInteractiveUI

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/40ebefdec6870263827ce6425702e785
.exe windows:5 windows x86 arch:x86

11655b86788e0a31e09187487014ca31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
CreateDesktopW
LoadBitmapW
GetClassLongA
GetMessageA
LoadStringW
wsprintfA
PeekMessageA
PostMessageA
InsertMenuW
DrawStateA
LoadCursorA
DialogBoxParamA
GetPropA
LoadMenuA
CharToOemA

crypt32

CryptFindOIDInfo
CertOpenStore
CryptProtectData
CertFindCTLInStore
CryptHashMessage
CertGetNameStringA
CryptMsgUpdate
CertCreateCRLContext
CryptSignMessage
CertFindExtension
CertDuplicateCTLContext
CertFreeCTLContext
CertDuplicateStore
CryptMemRealloc
CryptDecodeMessage

kernel32

LoadLibraryExW
GetProfileSectionW
GetConsoleAliasA
MoveFileExA
GetTempPathA
OpenEventW
MapViewOfFile
Heap32First
OpenWaitableTimerW
CreateFileMappingA
GetModuleHandleA
WaitForSingleObject
GetOEMCP
GetProcAddress
InterlockedExchange

certcli

CACloseCA
CAEnumNextCA
CACloseCertType
CADeleteCA
CAEnumFirstCA

shlwapi

PathIsURLA
PathAppendA
UrlGetLocationA
UrlCompareA
UrlHashA
PathIsRootA
UrlGetPartA
UrlCanonicalizeW
UrlIsNoHistoryA
PathCommonPrefixW
UrlCombineA
PathCombineW

advapi32

InitializeSid
RegLoadKeyA
LogonUserA
OpenEventLogA
RegEnumKeyA
RegCreateKeyExA
RegDeleteValueA
RegRestoreKeyA
CryptSignHashA
RegReplaceKeyA
ClearEventLogA

mprapi

MprAdminBufferFree
MprInfoBlockAdd
MprAdminConnectionEnum
MprInfoBlockFind

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_MEM_WRITE
some-samples-master/40ffb88aff806823768153a1213717c6
.html .js polyglot
some-samples-master/41c2812065ed139a6f50180280ff4cb4
some-samples-master/41dce00a064f8b11d00494dbe7d10512
.exe windows:4 windows x86 arch:x86

f44271ed486c6e589fdd79248a803f49

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

gwew.ozpdb

Imports

msi

ord160

advapi32

CryptSetProviderExA
LookupPrivilegeValueA

kernel32

LoadLibraryA
FindAtomA
GetComputerNameA
CreateFileW
LocalFree
InterlockedDecrement
ReadFile
CloseHandle
LocalAlloc
RaiseException
GetProcessHeap
GetCommandLineA
GetUserDefaultLCID
GetLastError
InterlockedExchange
GetProcAddress
FreeLibrary

ws2_32

inet_addr

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.FQsdvv
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

33uZk2
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/41e3652eb241023d7b91423a1acbfebe
.html .js polyglot
some-samples-master/41f69f94d9a979cfd05c2304b2f46cb0
.js
some-samples-master/420b2d8d9b14908b86bbe8538597f02a
.js
some-samples-master/4210d9a767daedfaa080f179a45ccf79
.html
some-samples-master/421900035b93abcc4f1c0ad845639096
.html .js polyglot
some-samples-master/4230a06d69bd2852c028e0039eb0c158
.html .js polyglot
some-samples-master/42669c4c823b0e184f0ce3c2ec14e9f8
.html .js polyglot
some-samples-master/427807f4e6268dc5731752c8d03188ea
.html .js polyglot
some-samples-master/4284b20a39453a0fd6a0636717d65f09
.html
some-samples-master/4288509810e48d8a3595af5b090907be
.exe windows:4 windows x86 arch:x86

5aecdf3191d2f7f7d2a53e6125582fbd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RevertToSelf
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCloseKey
OpenThreadToken
ImpersonateLoggedOnUser

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExA
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongA
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageW
PeekMessageA
OffsetRect
OemToCharA
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxA
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessagePos
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassLongA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowExA
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CharNextW
CallWindowProcA
CallNextHookEx
BeginPaint
CharNextA
CharLowerBuffA
CharLowerA
CharUpperBuffA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryA
RemoveDirectoryA
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentDirectoryA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrcpyA
WritePrivateProfileStringA
WriteFile
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQuery
VirtualFree
VirtualAllocEx
VirtualAlloc
TryEnterCriticalSection
TerminateProcess
SuspendThread
Sleep
SizeofResource
SetThreadLocale
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
RemoveDirectoryA
ReadFile
RaiseException
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalFindAtomA
GlobalDeleteAtom
GlobalAddAtomA
GetVersionExA
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
GetStdHandle
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileSize
GetFileAttributesExA
GetFileAttributesA
GetExitCodeThread
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringW
CompareStringA
CloseHandle
Sleep
GetProcAddress
GetModuleHandleA

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
RectVisible
RealizePalette
Polyline
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
BitBlt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoUninitialize
CoInitialize
CoCreateGuid

comctl32

_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create

crypt32

CryptUnprotectMemory
CryptProtectMemory

Sections

.text
Size: 934KB - Virtual size: 934KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/428b7f8958c871d686850e7a43d69fc6
some-samples-master/429559c83c59db241124030782cf54d8
.html .js polyglot
some-samples-master/42a333becf9ceecdde9b311933959d3d
.exe windows:5 windows x86 arch:x86

cea1dd997df5b4005e10de1ef8f6c407

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTickCount
HeapReAlloc
RtlUnwind
RaiseException
GetCommandLineA
GetStartupInfoA
ExitProcess
VirtualProtect
GetSystemInfo
VirtualQuery
HeapSize
HeapCreate
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetModuleHandleW
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
WideCharToMultiByte
GetFileSize
ReadFile
CreateFileA
WriteFile
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
HeapAlloc
FreeLibrary
GetProcessHeap
HeapFree
Sleep
IsBadReadPtr
VirtualFree
LoadLibraryA
GetProcAddress
GetEnvironmentStringsW
VirtualAlloc

user32

RegisterClipboardFormatA
PostThreadMessageA
CharNextA
CharUpperA
GetSysColorBrush
ReleaseCapture
LoadCursorA
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
GetSysColor
SystemParametersInfoA
DestroyMenu
CopyRect
UnhookWindowsHookEx
DrawIcon
AppendMenuA
SendMessageA
GetSystemMenu
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
GetForegroundWindow
CopyAcceleratorTableA
IsIconic
GetClientRect
LoadIconA
EnableWindow
GetSystemMetrics
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
GetDlgItem
IsWindow
GetClassLongA

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
CreateBitmap
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA
GetObjectA
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
SysFreeString

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/4367b513928b74f3c6759d13538f49d8
some-samples-master/43f4312cb5bdd215ac1d097294dc2250
.js
some-samples-master/43fddd6e978c3b5b126ba04db6b9e6be
some-samples-master/44062802e4930b1b6289067522307c9d
.exe windows:4 windows x86 arch:x86

da2c25e045f4fbf2ca264bbb89e6fa2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord459
ord561
ord825
ord743
ord5500
ord617
ord5301
ord6354
ord6352
ord5214
ord296
ord2036
ord986
ord520
ord823
ord4159
ord6117
ord2621
ord1134
ord1205
ord1199
ord1247
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord2486
ord4003
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord2725
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord1206
ord2623
ord338
ord1223
ord4823
ord1849
ord4244
ord2583
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord4403
ord5240
ord5290
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5253
ord3998
ord4723
ord1942
ord4272
ord5259
ord1859
ord4246
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord4163
ord2120
ord4457
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4953
ord4612
ord1168

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
_setmbcp

kernel32

GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
GetProcessHeap
VirtualFree
FreeLibrary
VirtualAlloc
IsBadReadPtr
ExitProcess
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
EnableWindow

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/44213c024e796b47210866c22fc17077
.js
some-samples-master/4423a973498903b9230cc09954e8e819
.exe windows:6 windows x86 arch:x86

7d8b20c2b5771f3b03a412b9b2ca354a

Code Sign

3b:27:38:b1:06:89:ae:55:ff:1f:80:a3:25:83:5a:e0
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

25-01-2017 00:00

Not After

25-01-2018 23:59

Subject

CN=RFP LLC,O=RFP LLC,L=Москва,ST=Moscow,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e1:bf:dc:f5:76:66:c6:fc:a7:0f:52:22:5b:88:70:25:08:7b:c4:e7
Signer

Actual PE Digest

e1:bf:dc:f5:76:66:c6:fc:a7:0f:52:22:5b:88:70:25:08:7b:c4:e7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Dropbox (Личный)\Private\Projects\Launcher\Sources\RFPLauncer\Build\RFPLauncer.pdb

Imports

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

kernel32

EnterCriticalSection
DeleteCriticalSection
GetEnvironmentVariableW
MoveFileExA
SystemTimeToFileTime
GetCurrentProcess
CreateDirectoryW
GetSystemDirectoryW
WideCharToMultiByte
FileTimeToSystemTime
GetEnvironmentVariableA
ExitThread
FindFirstFileA
GetProcAddress
CopyFileA
FindClose
RemoveDirectoryW
GetModuleFileNameA
GetModuleHandleA
CreateMutexA
ReleaseMutex
FileTimeToLocalFileTime
DeleteFileW
LocalFree
LeaveCriticalSection
AreFileApisANSI
DeleteFileA
CreateThread
LCMapStringW
WriteFile
GetConsoleMode
GetConsoleCP
HeapReAlloc
OutputDebugStringW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
RaiseException
RtlUnwind
HeapSize
GetFileType
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
GetVersionExA
VirtualAlloc
VirtualFree
CloseHandle
GetLastError
CreateFileW
SetFileAttributesW
ReadFile
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
GetModuleFileNameW
GetStdHandle
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
GetProcessHeap
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
SetFilePointer
CreateFileA
WriteConsoleW
SetEndOfFile
ReadConsoleW
SetFilePointerEx
GetStringTypeW
FlushFileBuffers
SetStdHandle
LoadLibraryExW
GetCurrentThreadId
DecodePointer
EncodePointer
HeapAlloc
HeapFree

user32

MoveWindow
LoadCursorA
FindWindowA
UpdateWindow
LoadImageA
AdjustWindowRectEx
DispatchMessageA
PostMessageA
ShowWindow
GetDesktopWindow
DefWindowProcA
MonitorFromWindow
EndPaint
GetWindowRect
RegisterClassExA
PostQuitMessage
DrawTextA
LoadIconA
GetClientRect
SendMessageA
BeginPaint
GetMonitorInfoA
GetDC
TranslateMessage
SetRect
UnregisterClassA
GetWindowLongA
CreateWindowExA
PeekMessageA
ReleaseDC

gdi32

SetTextColor
SetBkMode
SelectObject
CreateCompatibleDC
GetObjectA
GetStockObject
BitBlt

wininet

InternetOpenW
HttpQueryInfoA
InternetConnectA
InternetReadFile
InternetConnectW
HttpSendRequestW
HttpOpenRequestA
HttpOpenRequestW
HttpSendRequestA
InternetOpenA
InternetCloseHandle
InternetOpenUrlA

shell32

SHGetKnownFolderPath
SHGetPathFromIDListW
ShellExecuteW
SHGetSpecialFolderLocation
SHFileOperationA
ShellExecuteA

advapi32

RegFlushKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree

oleaut32

VariantClear
SysFreeString
SysAllocString

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/444bcb3a3fcf8389296c49467f27e1d6
some-samples-master/445984cf6a0599111377cb81af33b501
.html
some-samples-master/4459eeec5145f2e6c8661b2463960960
.js
some-samples-master/445e0e6333942de66a554b38538cf388
.js
some-samples-master/44970ba34023a072a7f7e8fade58f175
.js
some-samples-master/44e9a66b457f5001dfc53ddbd0783be5
.js
some-samples-master/45288ec5f41472dcd8a7104f1c9654ab
.html .js polyglot
some-samples-master/453d8a77ca97a5ba336bb07601e41fff
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/458209785dc26bb53040e5c71f4dc870
.html
some-samples-master/458948568b097ee28fc29aac2d25e58e
.js
some-samples-master/45a6c326624197cfbecc4a2c8880ab87
.html .js polyglot
some-samples-master/45bf6c129d56744ae6cc881ef21a3b85
.js
some-samples-master/45e1e7d3f8afd15f8e75b0b09639c894
.html
some-samples-master/45f5cc2f1088df4ee09515ce1e8fd9a1
.js
some-samples-master/46.166.185.92/bash
.elf linux x64
some-samples-master/46.166.185.92/cron
.elf linux x86
some-samples-master/46.166.185.92/ftp
.elf linux ppc
some-samples-master/46.166.185.92/ntpd
.elf linux mipsbe
some-samples-master/46.166.185.92/nut
.elf linux sparc
some-samples-master/46.166.185.92/openssh
.elf linux sh
some-samples-master/46.166.185.92/pftp
.elf linux x86
some-samples-master/46.166.185.92/sh
.elf linux
some-samples-master/46.166.185.92/sshd
.elf linux mipsel
some-samples-master/46.166.185.92/tftp
.elf linux arm
some-samples-master/46.166.185.92/wget
.elf linux arm
some-samples-master/464d6abe55b637766f5b48846fd589a0
.html
some-samples-master/469544bc557bf21a5756145a4bf81c3f
some-samples-master/469f51872dbb208c32729f958bb0774b
.html .js polyglot
some-samples-master/46dde71e343df77a747452f24bb0ef72
.html .js polyglot
some-samples-master/46de6b51bee4d77f905451ef0f2cc2d2
.exe windows:4 windows x86 arch:x86

bb55dac967bc1fbce122a6290fbf6008

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1816
ord1146
ord800
ord4160
ord540
ord2446
ord2379
ord755
ord470
ord6215
ord941
ord940
ord860
ord690
ord2915
ord5207
ord389
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord825
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord4710
ord4998
ord4853
ord4376
ord5265
ord1205
ord1199
ord1134
ord2621
ord5717
ord5716
ord6354
ord5500
ord2514
ord815
ord561
ord3738
ord3081
ord3262
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord743
ord446
ord4003
ord2486
ord4226
ord4622
ord1223
ord290
ord2623
ord1206
ord1168
ord614
ord4424
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord2985
ord3136
ord4465
ord3259
ord3147
ord2982
ord1799
ord823
ord2863

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
_beginthreadex
strncat
strchr
_except_handler3
strncmp
sprintf
rand
_access
atoi
exit
_mbscmp
_mbsicmp
strcpy
strstr
free
strcat
realloc
strlen
memset
memcmp
memcpy
_ftol
_CxxThrowException
__CxxFrameHandler
memmove
malloc

kernel32

CreateFileA
SetFilePointer
WriteFile
CancelIo
InterlockedExchange
SetEvent
WaitForSingleObject
CloseHandle
VirtualAlloc
Sleep
EnterCriticalSection
LeaveCriticalSection
GetFileAttributesA
DeleteCriticalSection
LoadLibraryA
GetProcAddress
SetFileAttributesA
MoveFileExA
CopyFileA
ExpandEnvironmentStringsA
GetCurrentThreadId
HeapFree
GetFileSize
lstrcmpiA
GetStartupInfoA
ExitProcess
GetCurrentProcess
GetVersion
DeviceIoControl
Beep
lstrcpyA
TerminateThread
lstrcatA
GetTickCount
DeleteFileA
GetLastError
HeapAlloc
GetModuleHandleA
lstrlenA
FreeLibrary
LoadLibraryW
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatusEx
GetSystemInfo
GetProcessHeap
ReadFile
GetVersionExA
FindClose
FindNextFileA
RemoveDirectoryA
CreateMutexA
GetModuleFileNameA
GetLocalTime
VirtualFree
CreateDirectoryA

user32

LoadCursorA
RegisterClassA
PostThreadMessageA
GetInputState
GetMessageA
IsIconic
GetSystemMetrics
GetClientRect
EnableWindow
GetSystemMenu
AppendMenuA
SendMessageA
LoadIconA
wsprintfA
MoveWindow
ExitWindowsEx
SetThreadDesktop
GetUserObjectInformationA
DrawIcon

gdi32

GetStockObject

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA
RegOpenKeyA
CloseServiceHandle
StartServiceA
UnlockServiceDatabase
ChangeServiceConfig2A
LockServiceDatabase
CreateServiceA
FreeSid
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegEnumKeyExA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString

ws2_32

getsockname
gethostname
WSAIoctl
setsockopt
connect
htons
gethostbyname
socket
recv
select
closesocket
send

winmm

mciSendStringA

iphlpapi

GetIfTable

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/470b75868bf30755fe96870caad86051
.html .js polyglot
some-samples-master/47732174d54d54f3d6c75bef28d6bb01
.html .js polyglot
some-samples-master/478d5dcc94b1de643c7a9ab879ef8d23
.js
some-samples-master/48100ae2327c512aa8e152a9bad32614
.exe windows:5 windows x86 arch:x86

21634e8b08d82f0c85fdef261dcc3085

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
recv
send
setsockopt
ntohs
recvfrom
select
WSAStartup
htons
accept
listen
bind
closesocket
connect
WSACleanup
ioctlsocket
sendto
WSAGetLastError
inet_addr
gethostbyname
gethostname
socket

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

timeGetTime
waveOutSetVolume
mciSendStringW

comctl32

ImageList_Destroy
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_Create
InitCommonControlsEx
ImageList_ReplaceIcon

mpr

WNetUseConnectionW
WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W

wininet

InternetReadFile
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetCrackUrlW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
HttpSendRequestW
FtpOpenFileW
FtpGetFileSize
InternetOpenUrlW
InternetConnectW
InternetQueryDataAvailable

psapi

GetProcessMemoryInfo

iphlpapi

IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho

userenv

UnloadUserProfile
DestroyEnvironmentBlock
CreateEnvironmentBlock
LoadUserProfileW

uxtheme

IsThemeActive

kernel32

WaitForSingleObject
HeapAlloc
GetProcessHeap
HeapFree
Sleep
GetCurrentThreadId
MultiByteToWideChar
MulDiv
GetVersionExW
GetSystemInfo
FreeLibrary
LoadLibraryA
GetProcAddress
SetErrorMode
WideCharToMultiByte
lstrcpyW
lstrlenW
GetModuleHandleW
QueryPerformanceCounter
VirtualFreeEx
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
CreateFileW
SetFilePointerEx
ReadFile
WriteFile
FlushFileBuffers
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CloseHandle
MoveFileW
CopyFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceFrequency
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceNamesW
OutputDebugStringW
GetTempPathW
GetTempFileNameW
DeviceIoControl
GetLocalTime
CompareStringW
DeleteCriticalSection
CreateThread
LeaveCriticalSection
GetStdHandle
CreatePipe
InterlockedExchange
TerminateThread
LoadLibraryExW
FindResourceExW
VirtualFree
FormatMessageW
GetExitCodeProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
CreateHardLinkW
SetFileAttributesW
GetShortPathNameW
CreateEventW
SetEvent
GetEnvironmentVariableW
SetEnvironmentVariableW
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
GlobalFree
GlobalMemoryStatusEx
Beep
GetSystemDirectoryW
GetComputerNameW
GetWindowsDirectoryW
GetCurrentProcessId
GetProcessIoCounters
CreateProcessW
SetPriorityClass
LoadLibraryW
VirtualAlloc
GetLastError
GetModuleFileNameW
GetFullPathNameW
SetCurrentDirectoryW
IsDebuggerPresent
GetCurrentDirectoryW
lstrcmpiW
RaiseException
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
DuplicateHandle
GetCurrentProcess
EnterCriticalSection
GetCurrentThread
ExitProcess
GetModuleHandleExW
ExitThread
GetSystemTimeAsFileTime
ResumeThread
GetCommandLineW
IsProcessorFeaturePresent
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStringTypeW
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
RtlUnwind
ReadConsoleW
SetFilePointer
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
WriteConsoleW
SetEndOfFile
FindNextFileW
SetEnvironmentVariableA

user32

CopyImage
SetWindowPos
GetCursorInfo
RegisterHotKey
ClientToScreen
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
MonitorFromPoint
GetMonitorInfoW
SetWindowLongW
SetLayeredWindowAttributes
FlashWindow
GetClassLongW
TranslateAcceleratorW
IsDialogMessageW
GetSysColor
InflateRect
DrawFocusRect
DrawTextW
FrameRect
DrawFrameControl
FillRect
PtInRect
DestroyAcceleratorTable
CreateAcceleratorTableW
SetCursor
GetWindowDC
GetSystemMetrics
DrawMenuBar
GetActiveWindow
CharNextW
wsprintfW
RedrawWindow
DestroyMenu
SetMenu
GetWindowTextLengthW
CreateMenu
IsDlgButtonChecked
DefDlgProcW
CallWindowProcW
ReleaseCapture
SetCapture
MonitorFromRect
LoadImageW
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
SetMenuDefaultItem
InsertMenuItemW
IsMenu
TrackPopupMenuEx
AdjustWindowRectEx
DeleteMenu
CheckMenuRadioItem
GetMenuItemID
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
SetForegroundWindow
IsIconic
UnregisterHotKey
SystemParametersInfoW
keybd_event
SendInput
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
GetKeyState
VkKeyScanW
LoadStringW
DialogBoxParamW
MessageBeep
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
CopyRect
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetMenu
DestroyWindow
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
InvalidateRect
GetWindowLongW
GetWindowThreadProcessId
AttachThreadInput
GetFocus
ScreenToClient
SendMessageTimeoutW
EnumChildWindows
CharUpperBuffW
GetClassNameW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
SetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenDesktopW
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
GetUserObjectSecurity
SetRect
SetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
BlockInput
GetMessageW
LockWindowUpdate
DispatchMessageW
TranslateMessage
GetCursorPos
PeekMessageW
MessageBoxW
DefWindowProcW
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSysColorBrush
GetForegroundWindow
MessageBoxA
DestroyIcon
FindWindowW
CharLowerBuffW
GetWindowTextW

gdi32

SetPixel
DeleteObject
GetTextExtentPoint32W
ExtCreatePen
StrokeAndFillPath
StrokePath
GetDeviceCaps
CloseFigure
LineTo
AngleArc
CreateCompatibleBitmap
CreateCompatibleDC
MoveToEx
Ellipse
PolyDraw
BeginPath
SelectObject
StretchBlt
GetDIBits
DeleteDC
GetPixel
CreateDCW
GetStockObject
Rectangle
SetViewportOrgEx
GetObjectW
SetBkMode
RoundRect
SetBkColor
CreatePen
CreateSolidBrush
SetTextColor
CreateFontW
GetTextFaceW
EndPath

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

GetAclInformation
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
GetUserNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegConnectRegistryW
InitializeSecurityDescriptor
InitializeAcl
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
CreateProcessWithLogonW
GetLengthSid
CopySid
InitiateSystemShutdownExW
LogonUserW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
GetTokenInformation
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
AddAce
GetAce

shell32

DragQueryPoint
ShellExecuteExW
DragQueryFileW
SHEmptyRecycleBinW
SHBrowseForFolderW
SHGetFolderPathW
SHFileOperationW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetMalloc
ExtractIconExW
Shell_NotifyIconW
ShellExecuteW
DragFinish

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
ProgIDFromCLSID
CLSIDFromProgID
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoCreateInstance
IIDFromString
StringFromGUID2
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
GetRunningObjectTable
CoGetInstanceFromFile
CoGetObject
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket

oleaut32

RegisterTypeLi
LoadTypeLibEx
VariantCopyInd
SysReAllocString
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
UnRegisterTypeLi
SafeArrayCreateVector
SysAllocString
SysStringLen
VariantTimeToSystemTime
VarR8FromDec
SafeArrayGetVartype
OleLoadPicture
QueryPathOfRegTypeLi
VariantCopy
VariantClear
CreateDispTypeInfo
CreateStdDispatch
DispCallFunc
VariantChangeType
SafeArrayAllocDescriptorEx
VariantInit

Sections

.text
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/483f7d199b581b18e46b639bf4da98e4
.js
some-samples-master/484014cfcb70a39296ca04415f71a750
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 467KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/48404dab25a3cfdcd2311797b942bf91
.html .js polyglot
some-samples-master/484e6955278eb3920c4b4331ebaba6c7
.html .js polyglot
some-samples-master/48569438a353a811f58dbfacf279efb7
.exe windows:4 windows x86 arch:x86

08d539fcbfb11dab72897254d69750d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextFaceA

avifil32

AVIClearClipboard

comdlg32

GetSaveFileNameW
CommDlgExtendedError
ChooseFontW
GetOpenFileNameW
GetFileTitleW

msi

ord30

user32

GetSystemMetrics
CharNextW
SetForegroundWindow
CloseClipboard
MoveWindow
CountClipboardFormats
FindWindowW
SendMessageW

kernel32

WTSGetActiveConsoleSessionId
GetFullPathNameW
DeleteAtom
GetSystemDirectoryA
ConvertDefaultLocale
GetProcessHeap

mpr

WNetGetProviderNameA

msvcrt

setvbuf

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

7x
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/486a409826c9ef0c933fb2ec27793909
.exe windows:4 windows x86 arch:x86

bc2007c9f291a8f51c0c0c3bd8d12df9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\PROGS\23423483849238902384

Imports

kernel32

LoadLibraryA
GetProcAddress
FileTimeToSystemTime
GetThreadTimes
GetCurrentThread
CreateFileA
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapFree
RtlUnwind
HeapAlloc
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
GetLastError
HeapDestroy
HeapCreate
VirtualFree
TerminateProcess
GetCurrentProcess
ExitProcess
VirtualAlloc
TlsAlloc
GetCurrentThreadId
TlsFree
TlsSetValue
TlsGetValue
SetLastError
GetFileAttributesW
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
InitializeCriticalSection
VirtualQuery
InterlockedExchange
GetCPInfo
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetACP
GetOEMCP
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
VirtualProtect
GetSystemInfo
LCMapStringA
LCMapStringW
SetFilePointer
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetStdHandle
FlushFileBuffers

Sections

.sdff
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/48eaf5b51d26c360aa0960145e9b2fd1
.html
some-samples-master/490449529b74cfcde90c7877814d7545
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/49538bb0b06e96709094c5e6c1c86afb
.html .js polyglot
some-samples-master/49b3284dd2718d805219b15472026431
.js
some-samples-master/49c304ac54d22547654c5e0bbcbed517
.html .js polyglot
some-samples-master/49f4836e1f837f7bf46621b0450100e8
.js
some-samples-master/49f6bb9dc62521d42ea0d6cac534b57a
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ghsuoql
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/49f86e503809a9d08a406ad00d278225
.html .js polyglot
some-samples-master/4a222be1ab013ec86c6ffd716e8f898e
.html .js polyglot
some-samples-master/4a853d87af1725ef5385582aa8f3fde9
.html .js polyglot
some-samples-master/4a92244edf4f84ac04aca58531dc1325
.js
some-samples-master/4b066519e4856043fe8f6b19088ba4fd
.html .js polyglot
some-samples-master/4b0f270cf9632cbef6eed92b33e84f9b
.html .js polyglot
some-samples-master/4b3996d537203a25ec1f37eb1ace3c07
.html
some-samples-master/4b3ca52e8dc6af9647b32b5fe1fc1e19
.js
some-samples-master/4bb9ca2a2f38e0f9ac9e163bc0c5fcfc
.html .js polyglot
some-samples-master/4bcb724ec54739aa675b8028272f0f4e
.exe windows:4 windows x86 arch:x86

b78ecf47c0a3e24a6f4af114e2d1f5de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
Sleep
GetTickCount
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
GetFileAttributesA
SetFileAttributesA
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
GetFullPathNameA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
ReadFile
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
CloseHandle
SetCurrentDirectoryA
MoveFileA
CompareFileTime
GetShortPathNameA
SearchPathA
lstrcmpiA
SetFileTime
lstrcmpA
ExpandEnvironmentStringsA
GlobalUnlock
GetDiskFreeSpaceA
GlobalFree
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegEnumValueA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/4bd295b688ed4c8eeba02401cd6c9d63
.html .js polyglot
some-samples-master/4bfc56c80b54934f87996edf9c096dcf
.sh linux
some-samples-master/4c08093828f3d042c07ee434af9ca71c
.js
some-samples-master/4c0c6ee4fcab42286daf1db1727d2781
.elf linux x86
some-samples-master/4c1dcfa2f90ba4b2e10500096ce9f3be
.html .js polyglot
some-samples-master/4c2120bf96b973112825ffc60cd937fc
.html .js polyglot
some-samples-master/4c37c8aea89fe4fcc219bf1ed22058f6
.html
some-samples-master/4c3f581a058b2c1f8d5e93c908b20328
.js
some-samples-master/4c462fbb90f4edf5e48f2ea7810947e4
.js
some-samples-master/4c749776c8c008489e3c162d8b65ca85
.js
some-samples-master/4c8486fa0ef20f7b2553a3e5824929b0
.js
some-samples-master/4cb02c49557630e9e7ec1855f0ee6242
.js
some-samples-master/4ced06f0330b78328a8dde84f5a777da
.js
some-samples-master/4d09ef7dccb45c66157b3ca57df57c5e
.js
some-samples-master/4d572ccdc7e2e2a5b78d72b31a05299a
.html
some-samples-master/4da12d3d0e20f7ee6180e29f2433dda2
.html
some-samples-master/4db52ef39c64ba2961d3edb8d5d3790a
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

GetInstantMediaInfo

Sections

.text
Size: 308KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ifc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/4dc3ff70b22f74d12dcdd5a3c58b1363
.html
some-samples-master/4dc96972f615252173f94c7578b1759c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rol
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/4df3811c73ff1acc90f1cb403078db7d
.html .js polyglot
some-samples-master/4e1a3d8e8c87a13f20e0f65f12f46cb2
.js
some-samples-master/4e31c85a56f5e5fdc948198b2517d1bc
.html
some-samples-master/4e432458b79e109fb807841f9ac59fde
.exe windows:5 windows x86 arch:x86

29e205f281d342df57e7d9f8460f25ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\WWW\modulesv6\SBotv6\DllexeServices\cpp\newfile\sb20\Release\sb20.pdb

Imports

kernel32

GetNativeSystemInfo
FreeLibrary
HeapAlloc
HeapFree
VirtualFree
GetProcessHeap
IsBadReadPtr
SetLastError
GetProcAddress
VirtualAlloc
LoadLibraryA
VirtualProtect
GetLastError
HeapReAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
DecodePointer
TlsFree
GetModuleHandleW
GetCurrentThreadId
HeapCreate
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
RtlUnwind
MultiByteToWideChar
ReadFile
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
Sleep
CloseHandle
CreateFileA
SetFilePointer
SetStdHandle
IsProcessorFeaturePresent
LoadLibraryW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetEndOfFile
HeapSize
WriteConsoleW
CreateFileW

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 182KB - Virtual size: 782KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/4e4be2401e4282a0e506e1b28e1867fd
.js
some-samples-master/4e4c14069978d7818e8107bfcdffaae2
.js
some-samples-master/4e50c0cafdcd0b2402ebfe7f97ba7754
.html
some-samples-master/4e5b46e9b8bf394d7fd0d3b36ee557e2
.js
some-samples-master/4e7bfa660e50d21cb10d8cbefd93a746
.html
some-samples-master/4e9844bf6f0eec940ead71a6cec1f561
.html .js polyglot
some-samples-master/4eaa1f57d9accbf7b82f95904dfcc86b
.html .js polyglot
some-samples-master/4ec871c286df45b3e3421a9a28191ee1
.html .js polyglot
some-samples-master/4ec9b47f3e033b6078d93cb8969ab73d
.html
some-samples-master/4ed74a0bf5878d4c274cbee1b03054e0
.html .js polyglot
some-samples-master/4ef8137540d0148f86a45c3d4e04e6e2
.js
some-samples-master/4efcaf3dfa461247d6c90cd8510b3e48
.exe windows:5 windows x86 arch:x86

54bfbda9461ebbc26a82dd3c82501dd9

Code Sign

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

08-04-2015 01:00

Not After

08-04-2023 01:00

Subject

CN=WoSign Time Stamping Signer G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

1d:27:67:31:19:fb:06:96:27:6c:d8:bb:c3:cb:1c:50
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

23-01-2017 05:07

Not After

23-04-2018 05:07

Subject

CN=Kunshan Kuaila Information Technology Co.\, Ltd.,O=Kunshan Kuaila Information Technology Co.\, Ltd.,L=Kunshan,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

08-04-2015 01:00

Not After

08-04-2023 01:00

Subject

CN=WoSign Time Stamping Signer G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

20:a4:98:0f:a4:65:1c:37:ad:f2:f0:0c:4e:4d:13:e7:3c:b7:5a:86:96:85:63:4f:42:1e:db:62:f0:50:ea:b2
Signer

Actual PE Digest

20:a4:98:0f:a4:65:1c:37:ad:f2:f0:0c:4e:4d:13:e7:3c:b7:5a:86:96:85:63:4f:42:1e:db:62:f0:50:ea:b2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\吴玲玉\代码文件\微端制作\2、游戏微端\Ss 神印王座\Release\ShenYinR.pdb

Imports

kernel32

LocalAlloc
GetThreadLocale
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetFileSizeEx
GetFileTime
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
GetFileType
GetCurrentThread
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
FileTimeToLocalFileTime
LCMapStringA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FormatMessageW
LocalFree
GlobalFree
GetModuleHandleA
GetCurrentProcessId
ResumeThread
WaitForMultipleObjects
ExitThread
CreateSemaphoreW
ReleaseSemaphore
SetEvent
DeleteCriticalSection
lstrcmpiW
lstrcmpW
MulDiv
InitializeCriticalSection
LoadLibraryExW
GetShortPathNameW
FileTimeToSystemTime
UnmapViewOfFile
GetFileSize
lstrlenW
FreeResource
WriteProcessMemory
GetLocaleInfoA
IsWow64Process
VirtualAllocEx
GlobalUnlock
TerminateProcess
GetVersionExW
ReadProcessMemory
VirtualFreeEx
GlobalAlloc
GlobalLock
LocalFileTimeToFileTime
GetCurrentDirectoryW
ReadFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
CreatePipe
CreateEventW
ResetEvent
GetStdHandle
CreateProcessW
GetModuleHandleW
CreateThread
InterlockedCompareExchange
IsProcessorFeaturePresent
SetFileAttributesW
CreateToolhelp32Snapshot
FindNextFileW
Process32NextW
SetProcessWorkingSetSize
RemoveDirectoryW
Process32FirstW
FindClose
GetFileAttributesW
OpenProcess
WaitForSingleObject
FindFirstFileW
GetProcAddress
GetTickCount
lstrlenA
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntW
GetCurrentThreadId
EnterCriticalSection
SetLastError
RaiseException
FlushInstructionCache
LeaveCriticalSection
GetCurrentProcess
WideCharToMultiByte
DeleteFileW
CloseHandle
GetLastError
WritePrivateProfileStringW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
CopyFileW
Sleep
LoadLibraryW
WriteFile
GetPrivateProfileStringW
CreateDirectoryW
SetUnhandledExceptionFilter
FreeLibrary
CreateMutexW
GetCommandLineW
ExitProcess
LockResource
SizeofResource
LoadResource
GetModuleFileNameA
FindResourceW

user32

IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
GetMenu
OffsetRect
SystemParametersInfoA
MapVirtualKeyW
GetKeyNameTextW
GetMenuItemID
GetMenuItemCount
IntersectRect
GetActiveWindow
MapDialogRect
CreateDialogIndirectParamW
WindowFromPoint
EndDialog
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetLastActivePopup
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
EndPaint
ClientToScreen
GetWindowTextLengthW
DestroyAcceleratorTable
CharNextW
RegisterWindowMessageW
FillRect
IsChild
SetCapture
UnregisterClassW
GetFocus
GetParent
InvalidateRgn
CreateAcceleratorTableW
SetFocus
BeginPaint
InflateRect
GetWindowTextW
GetDlgItem
RedrawWindow
GetSysColor
GetWindowPlacement
SetWindowTextW
GetDesktopWindow
FindWindowExW
GetWindowThreadProcessId
wsprintfW
ScreenToClient
SystemParametersInfoW
CopyRect
SetWindowRgn
SetRectEmpty
TranslateMessage
PeekMessageW
DispatchMessageW
SetCursor
UpdateLayeredWindow
IsIconic
SetWindowContextHelpId
LoadImageW
GetSubMenu
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
CopyAcceleratorTableW
SetActiveWindow
GetSysColorBrush
SetForegroundWindow
GetDC
LoadIconW
LoadMenuW
ReleaseDC
CharUpperW
RegisterClipboardFormatW
GetMessageW
GetNextDlgTabItem
ValidateRect
MessageBoxW
IsWindowVisible
CheckMenuItem
MoveWindow
KillTimer
GetClientRect
SetRect
GetSystemMetrics
PostMessageW
SetParent
SetTimer
GetWindowRect
MonitorFromPoint
TrackPopupMenu
LoadCursorW
GetClassInfoExW
RegisterClassExW
AppendMenuW
GetClassNameW
SetWindowPos
GetCursorPos
CreatePopupMenu
CreateWindowExW
EqualRect
ReleaseCapture
DestroyMenu
GetMonitorInfoW
GetWindow
DestroyWindow
PostQuitMessage
GetWindowLongW
SetWindowLongW
ShowWindow
IsWindow
UpdateWindow
CallWindowProcW
DefWindowProcW
PtInRect
InvalidateRect
SendMessageW
EnableWindow
UnregisterHotKey
RegisterHotKey
IsWindowEnabled
UnregisterClassA

gdi32

RectVisible
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
DPtoLP
CreateCompatibleBitmap
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
GetObjectW
GetStockObject
CreateSolidBrush
CreateRoundRectRgn
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
BitBlt
CreateCompatibleDC
TextOutW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
AdjustTokenPrivileges
RegOpenKeyExW
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegCloseKey

shell32

CommandLineToArgvW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsW
PathRenameExtensionW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
CoTaskMemRealloc
OleLockRunning
CoFreeUnusedLibraries
CoTaskMemFree
CLSIDFromProgID
CoInitialize
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject
OleUninitialize
OleInitialize
StringFromGUID2
CLSIDFromString

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString
SysStringLen
LoadTypeLi
OleCreateFontIndirect
VarUI4FromStr
LoadRegTypeLi
VariantChangeType
VariantCopy

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetCrackUrlW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
InternetOpenW
InternetReadFile
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
InternetCloseHandle
InternetCanonicalizeUrlW
InternetQueryDataAvailable

gdiplus

GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStream
GdipDeleteBrush
GdipFree
GdipCloneBrush
GdipDrawImageRectRectI
GdipSetTextRenderingHint
GdipDeleteFont
GdipDeleteGraphics
GdipDeleteFontFamily
GdipCreateSolidFill
GdipAlloc
GdipCreateFont
GdipDrawString
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipCreateStringFormat
GdipDeleteStringFormat
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectRect
GdipGetImageHeight
GdipGetImageWidth
GdipReleaseDC
GdipDeletePen
GdipFillRectangle
GdipDrawImageRectI
GdipCreatePen1
GdipDrawLineI

psapi

EmptyWorkingSet
EnumProcesses
EnumProcessModules
GetModuleFileNameExW
GetModuleBaseNameW

snmpapi

SnmpUtilOidCpy
SnmpUtilVarBindFree
SnmpUtilOidNCmp

sensapi

IsNetworkAlive

ws2_32

WSAGetLastError
htons
recv
socket
__WSAFDIsSet
select
gethostbyname
send
connect
WSAStartup
closesocket

Sections

.text
Size: 443KB - Virtual size: 442KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/4f8118d6deacf8f45fefcc6fe8ec290b
.js
some-samples-master/4fa345eb8a6e35d10528f5a86c6a4620
.js
some-samples-master/4fa82d8089ad1ad64e115a6b3c9b5142
.html
some-samples-master/4faec45b5ad35e36ce2289095843b001
.exe windows:1 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

73:06:5f:fb:16:ea:da:22:9a:8f:f7:83:c9:0d:4a:4d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-09-2013 00:00

Not After

20-10-2014 23:59

Subject

CN=Stellar Information Systems Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Stellar Information Systems Limited,L=Gurgaon,ST=Haryana,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:de:82:3f:7b:8a:64:06:f2:e6:0d:fd:de:98:92:b6:ff:36:47:27
Signer

Actual PE Digest

3a:de:82:3f:7b:8a:64:06:f2:e6:0d:fd:de:98:92:b6:ff:36:47:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/4fc176e73528128abaf4df0196108995
.js
some-samples-master/4fc2a7ed39bc79ecfa23da265b1b0728
.js
some-samples-master/4fd11f367a15b8699fc8faaa08b8f431
.js
some-samples-master/4fdb35f699ddcbe15bba6e3a0bfd831e
some-samples-master/4fe798679fe37d287f60fa9d136a83dc
some-samples-master/4ff4a8ac43c73b3829ec8452f7ef5ad7
.exe windows:6 windows x86 arch:x86

412387f66267716c458a541657005f28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\thui\Desktop\Demo Files\Ken's Malware\Ken's Malware - Copy\Originals\scanner\scanner\src\Release\stage1.pdb

Imports

kernel32

CreateProcessW
RaiseException
CreateFileW
DecodePointer
WriteConsoleW
SetFilePointerEx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
GetLastError
GetModuleFileNameW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RtlUnwind
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetStdHandle
WriteFile
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
CloseHandle
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetFileAttributesExW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
CompareStringW
LCMapStringW
SetStdHandle
GetFileType
GetStringTypeW
GetProcessHeap
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
Sleep

user32

MessageBoxA

wininet

FtpGetFileA
InternetOpenW
InternetCloseHandle
InternetConnectA

advapi32

SystemFunction036

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/4ffaa768d4605d6ee43767e388b49659
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/5.189.171.210/arc32
.elf linux x86
some-samples-master/5.189.171.210/arc32.1
.elf linux x86
some-samples-master/5.189.171.210/arc32.2
.elf linux x86
some-samples-master/5.189.171.210/arc38
.elf linux x86
some-samples-master/5.189.171.210/arc38.1
.elf linux x86
some-samples-master/5.189.171.210/arc38.2
.elf linux x86
some-samples-master/5.189.171.210/arc440
.elf linux ppc
some-samples-master/5.189.171.210/arc440.1
.elf linux ppc
some-samples-master/5.189.171.210/arc48
.elf linux x86
some-samples-master/5.189.171.210/arc48.1
.elf linux x86
some-samples-master/5.189.171.210/arc48.2
.elf linux x86
some-samples-master/5.189.171.210/arc4l
.elf linux sh
some-samples-master/5.189.171.210/arc4t
.elf linux mipsel
some-samples-master/5.189.171.210/arc58
.elf linux x86
some-samples-master/5.189.171.210/arc58.1
.elf linux x86
some-samples-master/5.189.171.210/arc58.2
.elf linux x86
some-samples-master/5.189.171.210/arc5l
.elf linux x64
some-samples-master/5.189.171.210/arc64
.elf linux x64
some-samples-master/5.189.171.210/arc64.1
.elf linux x64
some-samples-master/5.189.171.210/arc64.2
.elf linux x86
some-samples-master/5.189.171.210/arc68
.elf linux x86
some-samples-master/5.189.171.210/arc68.1
.elf linux x86
some-samples-master/5.189.171.210/arc68.2
.elf linux
some-samples-master/5.189.171.210/arc6l
.elf linux arm
some-samples-master/5.189.171.210/arc7l
.elf linux arm
some-samples-master/5.189.171.210/arcar
.elf linux arm
some-samples-master/5.189.171.210/arcar.1
.elf linux arm
some-samples-master/5.189.171.210/arcm68
.elf linux
some-samples-master/5.189.171.210/arcm68.1
.elf linux arm
some-samples-master/5.189.171.210/arcml
.elf linux mipsel
some-samples-master/5.189.171.210/arcml.1
.elf linux mipsel
some-samples-master/5.189.171.210/arcml.2
.elf linux x86
some-samples-master/5.189.171.210/arcms
.elf linux mipsbe
some-samples-master/5.189.171.210/arcms.1
.elf linux mipsbe
some-samples-master/5.189.171.210/arcms.2
.elf linux mipsbe
some-samples-master/5.189.171.210/arcpc
.elf linux ppc
some-samples-master/5.189.171.210/arcpc.1
.elf linux ppc
some-samples-master/5.189.171.210/arcpc.2
.elf linux sparc
some-samples-master/5.189.171.210/arcsh
.elf linux sh
some-samples-master/5.189.171.210/arcsh.1
.elf linux sh
some-samples-master/5.189.171.210/arcsh.2
.elf linux ppc
some-samples-master/5.189.171.210/arcsprc
.elf linux sparc
some-samples-master/5.189.171.210/arcsprc.1
.elf linux arm
some-samples-master/5.189.171.210/k32
.elf linux x86
some-samples-master/5.189.171.210/k32.1
.elf linux x86
some-samples-master/5.189.171.210/k32.2
.elf linux x86
some-samples-master/5.189.171.210/k32.3
.elf linux x86
some-samples-master/5.189.171.210/k32.4
.elf linux x86
some-samples-master/5.189.171.210/k38
.elf linux x86
some-samples-master/5.189.171.210/k38.1
.elf linux x86
some-samples-master/5.189.171.210/k38.2
.elf linux x86
some-samples-master/5.189.171.210/k38.3
.elf linux x86
some-samples-master/5.189.171.210/k38.4
.elf linux x86
some-samples-master/5.189.171.210/k440
.elf linux ppc
some-samples-master/5.189.171.210/k440.1
.elf linux ppc
some-samples-master/5.189.171.210/k48
.elf linux x86
some-samples-master/5.189.171.210/k48.1
.elf linux x86
some-samples-master/5.189.171.210/k48.2
.elf linux x86
some-samples-master/5.189.171.210/k48.3
.elf linux x86
some-samples-master/5.189.171.210/k48.4
.elf linux x86
some-samples-master/5.189.171.210/k4l
.elf linux sh
some-samples-master/5.189.171.210/k4l.1
.elf linux sh
some-samples-master/5.189.171.210/k4t
.elf linux mipsel
some-samples-master/5.189.171.210/k4t.1
.elf linux mipsel
some-samples-master/5.189.171.210/k58
.elf linux x86
some-samples-master/5.189.171.210/k58.1
.elf linux x86
some-samples-master/5.189.171.210/k58.2
.elf linux x86
some-samples-master/5.189.171.210/k58.3
.elf linux arm
some-samples-master/5.189.171.210/k58.4
.elf linux arm
some-samples-master/5.189.171.210/k5l
.elf linux x64
some-samples-master/5.189.171.210/k5l.1
.elf linux x64
some-samples-master/5.189.171.210/k64
.elf linux x64
some-samples-master/5.189.171.210/k64.1
.elf linux x64
some-samples-master/5.189.171.210/k64.2
.elf linux x64
some-samples-master/5.189.171.210/k64.3
.elf linux x86
some-samples-master/5.189.171.210/k64.4
.elf linux x86
some-samples-master/5.189.171.210/k68
.elf linux x86
some-samples-master/5.189.171.210/k68.1
.elf linux x86
some-samples-master/5.189.171.210/k68.2
.elf linux x86
some-samples-master/5.189.171.210/k68.3
.elf linux
some-samples-master/5.189.171.210/k68.4
.elf linux
some-samples-master/5.189.171.210/k6l
.elf linux arm
some-samples-master/5.189.171.210/k6l.1
.elf linux arm
some-samples-master/5.189.171.210/k7l
.elf linux arm
some-samples-master/5.189.171.210/k7l.1
.elf linux arm
some-samples-master/5.189.171.210/kar
.elf linux arm
some-samples-master/5.189.171.210/kar.1
.elf linux arm
some-samples-master/5.189.171.210/kar.2
.elf linux arm
some-samples-master/5.189.171.210/km68
.elf linux
some-samples-master/5.189.171.210/km68.1
.elf linux arm
some-samples-master/5.189.171.210/km68.2
.elf linux arm
some-samples-master/5.189.171.210/kml
.elf linux mipsel
some-samples-master/5.189.171.210/kml.1
.elf linux mipsel
some-samples-master/5.189.171.210/kml.2
.elf linux mipsel
some-samples-master/5.189.171.210/kml.3
.elf linux x86
some-samples-master/5.189.171.210/kml.4
.elf linux x86
some-samples-master/5.189.171.210/kms
.elf linux mipsbe
some-samples-master/5.189.171.210/kms.1
.elf linux mipsbe
some-samples-master/5.189.171.210/kms.2
.elf linux mipsbe
some-samples-master/5.189.171.210/kms.3
.elf linux mipsbe
some-samples-master/5.189.171.210/kms.4
.elf linux mipsbe
some-samples-master/5.189.171.210/kpc
.elf linux ppc
some-samples-master/5.189.171.210/kpc.1
.elf linux ppc
some-samples-master/5.189.171.210/kpc.2
.elf linux ppc
some-samples-master/5.189.171.210/kpc.3
.elf linux sparc
some-samples-master/5.189.171.210/kpc.4
.elf linux sparc
some-samples-master/5.189.171.210/kpc440
.elf linux ppc
some-samples-master/5.189.171.210/ksh
.elf linux sh
some-samples-master/5.189.171.210/ksh.1
.elf linux sh
some-samples-master/5.189.171.210/ksh.2
.elf linux sh
some-samples-master/5.189.171.210/ksh.3
.elf linux ppc
some-samples-master/5.189.171.210/ksh.4
.elf linux ppc
some-samples-master/5.189.171.210/ksparc
.elf linux sparc
some-samples-master/5.189.171.210/ksprc
.elf linux arm
some-samples-master/5.189.171.210/ksprc.1
.elf linux arm
some-samples-master/503ac8f8c730a3244a413ac086b524e5
.html .js polyglot
some-samples-master/503d841a78bdd7b1b08655c5d71153b7
.html .js polyglot
some-samples-master/50482af3c367fe38bdd4ada17b47ec2b
some-samples-master/506ab2db31cd23c39ca1ebff7b7df4b7
.html
some-samples-master/5096cf6867206b20426313cd7c87552c
.js
some-samples-master/50adf24f2cb8c74be462196d65edef89
some-samples-master/50c2eccda1425ee3b657cfbff063638f
.js
some-samples-master/50c76bddbddbe1cf94c513a2e0c63e46
.exe windows:4 windows x86 arch:x86

412dc7f10a73d76f53eef0202fc88e4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

mfc42

ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord6625
ord4457
ord5252
ord825
ord823
ord4163
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord5012
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord540
ord338
ord800
ord4823
ord5440
ord858
ord5651
ord3127
ord3616
ord860
ord350
ord3126
ord3613
ord3663
ord2740
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord813
ord560
ord5260
ord4133
ord4297
ord2535
ord3693
ord3626
ord2414
ord1641
ord2859
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord4159

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strcmp
memset
memcpy
_ftol
_CxxThrowException
__CxxFrameHandler

kernel32

HeapCreate
GetProcAddress
LoadLibraryA
HeapAlloc
HeapDestroy
HeapFree
GetStartupInfoA
GetModuleHandleA
OutputDebugStringA

user32

UpdateWindow
EnableWindow
MessageBoxA
GetClientRect
GetDC
wsprintfA

gdi32

SelectObject
CreatePen

Exports

Exports

Ip

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/50ed34113357195a1f560dccb3f85ed4
.html .js polyglot
some-samples-master/50f820351b2562a5d76c8a62129c1cee
.js
some-samples-master/51.15.5.250:801_bins/mirai.arm
.elf linux arm
some-samples-master/51.15.5.250:801_bins/mirai.arm7
.elf linux arm
some-samples-master/51.15.5.250:801_bins/mirai.m68k
.elf linux
some-samples-master/51.15.5.250:801_bins/mirai.mips
.elf linux mipsbe
some-samples-master/51.15.5.250:801_bins/mirai.mpsl
.elf linux mipsel
some-samples-master/51.15.5.250:801_bins/mirai.ppc
.elf linux ppc
some-samples-master/51.15.5.250:801_bins/mirai.sh4
.elf linux sh
some-samples-master/51.15.5.250:801_bins/mirai.spc
.elf linux sparc
some-samples-master/51.15.5.250:801_bins/mirai.x86
.elf linux x86
some-samples-master/510e4ef7517920cfecb56277405eaedf
some-samples-master/511756fb6e203ef95813b576a59af46e
.exe windows:5 windows x86 arch:x86

b933bb8364afc27e16c8073ea70ff235

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostMessageW
DispatchMessageA
GetDlgItemTextW
LoadStringA
GetPropW
GetClassLongW
IsCharUpperA
DrawStateA
IsDialogMessageA
LoadMenuA
CreateDesktopA
LoadIconW
LoadCursorA

kernel32

WaitForSingleObject
GetCurrentProcess
GetModuleHandleW
GetFileAttributesA
FindNextFileA
GetTempPathW
GetModuleFileNameA
IsBadReadPtr
GetExpandedNameW
GetCurrentThread
LoadLibraryA
GetProfileSectionA
GetProcAddress
GetStringTypeA
WaitNamedPipeA
InitializeCriticalSection
GetConsoleAliasW
SearchPathW
GetLogicalDriveStringsA

odbctrac

TraceSQLCancel
TraceSQLError

authz

AuthzFreeAuditEvent
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeContext

modemui

drvSetDefaultCommConfigA
CountryRunOnce

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/5153fa1cad24cb66d4bfa0a0d14c2dbd
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/51618f614dd5c5672107d585725bab1b
.html .js polyglot
some-samples-master/51c362832f5df870bee4bb2c124d6849
.html .js polyglot
some-samples-master/51cd0cb35fac3344d4edeeaf27af7e29
.exe windows:4 windows x86 arch:x86

2ed7e4c6ac065b55c5be46aa51538de6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

et34634t.pdb

Imports

setupapi

SetupCommitFileQueueA
SetupDiOpenDeviceInterfaceW

comdlg32

GetOpenFileNameW

ntdll

memcpy

kernel32

UpdateResourceW
lstrcmpiA
GetProcessWorkingSetSize
CancelIo
VirtualQuery
GetCommandLineW
GetCurrentProcess
lstrcatA
GetEnvironmentStrings
GetWindowsDirectoryA
GetCurrentProcessId

clusapi

GetClusterResourceKey

gdi32

CreateHatchBrush

ole32

CoGetInstanceFromFile

user32

DrawEdge
EmptyClipboard
RemovePropW

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/521d12adf82251412010d1332d00ca9d
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/521f42c0262bfa3de427343f0b94d4e7
.html .js polyglot
some-samples-master/524018a89a0237f1936d6f9e8fbceb73
.html .js polyglot
some-samples-master/5240dbac3452e83b53ee3094861945b1
.exe windows:4 windows x86 arch:x86

888a652af78189d2a93205079fbc3058

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetLastError
CopyFileA
GetSystemDefaultUILanguage
GetStartupInfoA
GetModuleHandleA
GetTempPathA
WinExec
lstrlenA
MultiByteToWideChar
OpenMutexA
ReleaseMutex
ExitProcess
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
LoadLibraryA
GetProcAddress
CloseHandle
CreateThread
lstrcpyA
OutputDebugStringA
Sleep
ExitThread
GetTickCount
lstrcatA
GetSystemInfo

user32

wsprintfA

advapi32

OpenProcessToken
CreateServiceA
StartServiceA
RegOpenKeyA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenServiceA
CloseServiceHandle
DeleteService
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA
SHChangeNotify

msvcrt

malloc
??3@YAXPAX@Z
__CxxFrameHandler
strstr
atoi
strncpy
strcspn
wcscpy
_CxxThrowException
??2@YAPAXI@Z
strncmp
realloc
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_iob
fprintf
sprintf
_ftol
printf
time
srand
rand
strchr
_except_handler3
__dllonexit

ws2_32

WSACleanup
setsockopt
select
sendto
WSAStartup
send
inet_addr
gethostbyname
socket
htons
connect
closesocket
__WSAFDIsSet
recv
WSAIoctl
WSASocketA
htonl
WSAGetLastError

shlwapi

SHDeleteKeyA

netapi32

NetLocalGroupAddMembers
NetUserAdd

msvcp60

??1Init@ios_base@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/5244d845694e2dd668288bf35ef6e1c3
.sh linux
some-samples-master/52698b64c698196d24e6f77ee7e6d787
.html .js polyglot
some-samples-master/52797eb1a966583c4f0f9d5e890d08d3
.html .js polyglot
some-samples-master/52861a061ecff37c9784c3dba82559d1
some-samples-master/529039ea1e25c7d74567e9ee935a4778
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\work\x testing\new advance modification\WindowsFormsApplication5\WindowsFormsApplication5\obj\x86\Debug\WindowsFormsApplication5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 107KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
some-samples-master/52b02b0d59277e50d38f077510f6da67
.js
some-samples-master/52b0feeaf90f508bbaed15aa098255b4
.html .js polyglot
some-samples-master/52c3257ccd44a72bf1157dc2fe3bf0a2
.html .js polyglot
some-samples-master/530824b5d2c10988df13fa86dedb4854
.js
some-samples-master/53309bd4c8bb25277f788383ee5c8b46
.exe windows:4 windows x86 arch:x86

412dc7f10a73d76f53eef0202fc88e4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

mfc42

ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord6625
ord4457
ord5252
ord825
ord823
ord4163
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord5012
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord540
ord338
ord800
ord4823
ord5440
ord858
ord5651
ord3127
ord3616
ord860
ord350
ord3126
ord3613
ord3663
ord2740
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord813
ord560
ord5260
ord4133
ord4297
ord2535
ord3693
ord3626
ord2414
ord1641
ord2859
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord4159

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strcmp
memset
memcpy
_ftol
_CxxThrowException
__CxxFrameHandler

kernel32

HeapCreate
GetProcAddress
LoadLibraryA
HeapAlloc
HeapDestroy
HeapFree
GetStartupInfoA
GetModuleHandleA
OutputDebugStringA

user32

UpdateWindow
EnableWindow
MessageBoxA
GetClientRect
GetDC
wsprintfA

gdi32

SelectObject
CreatePen

Exports

Exports

Ip

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/534d36d7d12f0a8892c6724bdf62dd2d
.html .js polyglot
some-samples-master/534eeeb928ef76948923aabd3f33e2ad
.js
some-samples-master/535a433087ae940e4c56a4494bbc40ce
.exe windows:4 windows x86 arch:x86

2baf2cf5457a6cbc889a1294e9abb0e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord100

Sections

.text
Size: 508KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/5370b96ad1b77ece9cc34e30522e6005
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/53734edfc758d3d6449bcf3917e1e710
.html
some-samples-master/5382d19e7fb6d61e7d19fc86aa2ce7c7
.js
some-samples-master/538510d927ead182a97717aa85ca25ed
.html .js polyglot
some-samples-master/53b676ea11b7162d6803759f38c6dbee
.js
some-samples-master/53f3902078f9e6cae21293facd9b5e1c
.html
some-samples-master/53fdbb8345c737a48832989c4640d889
.html
some-samples-master/540c7fe135b86b4eccc94c327775c635
.html
some-samples-master/540e0396a97c3dd846a5f4ffc55ed141
.html
some-samples-master/5424ba2d9bd1bbc254b996d8e7478c8d
some-samples-master/54471856c2023da192acb09a2e888553
.js
some-samples-master/5450a58b2038c1471c68fa372b9a4e4f
.js
some-samples-master/54547ab1a4fa56f660a32985f15a8ed0
.html .js polyglot
some-samples-master/548f4d2aa157b761b0ebdcd97813a5e7
.js
some-samples-master/5494b26d74c4c09d2d978b503148e3fe
.js
some-samples-master/54cb91395cdaad9d47882533c21fc0e9
.exe windows:6 windows x64 arch:x64

efe162fd3d51ded9dd66fa4ac219bf53

Code Sign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ed:72:df:71:20:8f:78:36:d0:ab:00:9f:ca:97:e0:1f
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

22-12-2014 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO SHA-256 Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:d2:82:a2:d9:a2:c1:58:50:5b:17:8d:59:51:8b:7b
Certificate

Issuer

CN=COMODO SHA-256 Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

10-12-2015 00:00

Not After

01-12-2018 23:59

Subject

CN=Simon Tatham,O=Simon Tatham,L=Cambridge,ST=Cambridgeshire,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ed:72:df:71:20:8f:78:36:d0:ab:00:9f:ca:97:e0:1f
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

22-12-2014 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO SHA-256 Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:d2:82:a2:d9:a2:c1:58:50:5b:17:8d:59:51:8b:7b
Certificate

Issuer

CN=COMODO SHA-256 Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

10-12-2015 00:00

Not After

01-12-2018 23:59

Subject

CN=Simon Tatham,O=Simon Tatham,L=Cambridge,ST=Cambridgeshire,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

68:b5:45:13:bd:8f:a3:c8:13:99:2c:69:3c:f7:d4:ea:1c:78:11:fa:e8:52:93:b7:e2:ed:10:f9:cf:57:58:cc
Signer

Actual PE Digest

68:b5:45:13:bd:8f:a3:c8:13:99:2c:69:3c:f7:d4:ea:1c:78:11:fa:e8:52:93:b7:e2:ed:10:f9:cf:57:58:cc

Digest Algorithm

sha256

PE Digest Matches

true

98:7a:93:86:11:68:e2:13:29:bb:c4:50:23:af:76:f0:de:49:5f:64
Signer

Actual PE Digest

98:7a:93:86:11:68:e2:13:29:bb:c4:50:23:af:76:f0:de:49:5f:64

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

gdi32

CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreateFontIndirectA
CreatePalette
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
ExcludeClipRect
ExtTextOutA
ExtTextOutW
GetBkMode
GetCharABCWidthsFloatA
GetCharWidth32A
GetCharWidth32W
GetCharWidthA
GetCharWidthW
GetCharacterPlacementW
GetDeviceCaps
GetObjectA
GetPixel
GetStockObject
GetTextExtentExPointA
GetTextExtentPoint32A
GetTextMetricsA
IntersectClipRect
LineTo
MoveToEx
Polyline
RealizePalette
Rectangle
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetPaletteEntries
SetPixel
SetTextAlign
SetTextColor
TextOutA
TranslateCharsetInfo
UnrealizeObject
UpdateColors

user32

AppendMenuA
BeginPaint
CheckDlgButton
CheckMenuItem
CheckRadioButton
CloseClipboard
CreateCaret
CreateDialogParamA
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefDlgProcA
DefWindowProcA
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyWindow
DialogBoxParamA
DispatchMessageA
DispatchMessageW
DrawEdge
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FindWindowA
FlashWindow
GetCapture
GetCaretBlinkTime
GetClientRect
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetDoubleClickTime
GetForegroundWindow
GetKeyboardLayout
GetKeyboardState
GetMessageA
GetMessageTime
GetParent
GetQueueStatus
GetScrollInfo
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongPtrA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
HideCaret
InsertMenuA
InvalidateRect
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsZoomed
KillTimer
LoadCursorA
LoadIconA
MapDialogRect
MessageBeep
MessageBoxA
MessageBoxIndirectA
MoveWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongPtrA
SetClipboardData
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetKeyboardState
SetScrollInfo
SetTimer
SetWindowLongPtrA
SetWindowPlacement
SetWindowPos
SetWindowTextA
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoA
ToAsciiEx
TrackPopupMenu
TranslateMessage
UpdateWindow
WinHelpA

comdlg32

ChooseColorA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

imm32

ImmGetCompositionStringW
ImmGetContext
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow

advapi32

AllocateAndInitializeSid
CopySid
EqualSid
GetLengthSid
GetUserNameA
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

kernel32

Beep
ClearCommBreak
CloseHandle
CompareStringW
ConnectNamedPipe
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateNamedPipeA
CreatePipe
CreateProcessA
CreateThread
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindFirstFileExA
FindNextFileA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommState
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LocalAlloc
LocalFree
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetCommBreak
SetCommState
SetCommTimeouts
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFilePointerEx
SetHandleInformation
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeA
WideCharToMultiByte
WriteConsoleW
WriteFile

Sections

.00cfg
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 587KB - Virtual size: 587KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/54ce460b92abc0e2797bf99c62b6092a
.js
some-samples-master/54daad58cce5003bee58b28a4f465f49
.exe windows:1 windows x86 arch:x86

Code Sign

0f:f1:ef:66:bd:62:1c:65:b7:4b:4d:e4:14:25:71:7f
Certificate

Issuer

CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30-10-2013 00:00

Not After

04-01-2017 12:00

Subject

CN=Wen Jia Liu,O=Wen Jia Liu,L=Sydney,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2014 00:00

Not After

22-10-2024 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:c4:d1:e5:8a:4a:68:0c:56:8d:a3:04:7e:7e:4d:5f
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11-02-2011 12:00

Not After

10-02-2026 12:00

Subject

CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2021 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:0c:b4:1e:4f:b3:70:c4:5c:43:44:76:51:62:58:2f
Certificate

Issuer

CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

30-10-2013 00:00

Not After

04-01-2017 12:00

Subject

CN=Wen Jia Liu,O=Wen Jia Liu,L=Sydney,ST=New South Wales,C=AU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0b:7e:10:90:3c:38:49:0f:fa:2f:67:9a:87:a1:a7:b9
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 High Assurance Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:ce:42:94:59:02:a4:f3:c0:40:b0:ff:77:93:d1:4f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

24-12-2015 00:00

Not After

07-01-2025 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

83:33:12:d6:73:40:58:da:f9:36:91:31:58:17:af:f2:3f:e7:11:0a:e3:31:bd:85:7b:43:70:47:90:53:db:12
Signer

Actual PE Digest

83:33:12:d6:73:40:58:da:f9:36:91:31:58:17:af:f2:3f:e7:11:0a:e3:31:bd:85:7b:43:70:47:90:53:db:12

Digest Algorithm

sha256

PE Digest Matches

true

b1:cd:ff:77:4a:7c:de:e6:76:24:73:fd:3c:9a:c6:c7:05:79:d7:d3
Signer

Actual PE Digest

b1:cd:ff:77:4a:7c:de:e6:76:24:73:fd:3c:9a:c6:c7:05:79:d7:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/551e88f8469b9cfc2713e542d8f4e743
.js
some-samples-master/5533eb66a863782381d2abef4a310f11
.html .js polyglot
some-samples-master/554484246b53d7d9ac58cb21edbd31cd
.html
some-samples-master/5554db6f041a31df2e3e30a0c0fbcb66
.js
some-samples-master/5557056feb8ec68340015aa1c2263172
.js
some-samples-master/5557e7ec83f23fff87f273a9a38c100e
.html .js polyglot
some-samples-master/556f2a0937911a1f222fd3cb35d4b634
.html
some-samples-master/558252b87ad966520c134657c2b231cf
.js
some-samples-master/55b7e024c59c78239c08ecad4225e397
some-samples-master/55c0d4e9d1a40b9fbbd63b390878616f
.js
some-samples-master/56009819664c69234e701d7b5b8abdd0
.exe windows:4 windows x86 arch:x86

a95492aac4de632d416f4240afbf674c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

2dsgdw.pdb

Imports

kernel32

GetCommandLineW
GetOEMCP
GetModuleHandleA
GetProcAddress
GetStringTypeW
AreFileApisANSI

msvcrt

wprintf

user32

GetFocus
OemKeyScan

lz32

LZStart
LZInit

powrprof

IsPwrShutdownAllowed

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/5601c69020b1f8f0ca8db5d7c7cddd9d
.exe windows:4 windows x86 arch:x86

f7a9b33b8a99a98d91563c62d9c69262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertControlStore
CertAddStoreToCollection
CertFindCRLInStore
CertSaveStore
CertFindChainInStore
CryptFindOIDInfo
CertFindAttribute
CertGetNameStringA
CertFreeCRLContext
CertNameToStrA
CertDeleteCRLFromStore

kernel32

LoadLibraryA
GetCommandLineA
FindResourceExA
FormatMessageA
GetEnvironmentVariableA
DeleteFileA
SetPriorityClass
OpenFileMappingA
lstrcmp
CreateJobObjectA
GetModuleHandleA
GetFileAttributesA
GetTempFileNameA
WaitForSingleObject
WriteConsoleA
CreateSemaphoreW
FileTimeToSystemTime
lstrcmpiA
DecodePointer
CreateProcessA
CreateDirectoryA
GetProcAddress

shlwapi

UrlCreateFromPathW
UrlUnescapeA
UrlIsNoHistoryW
UrlCanonicalizeW
UrlGetPartA
UrlEscapeA
UrlCombineW
UrlHashW
PathIsRootW
UrlIsA
UrlGetLocationW
UrlCompareW

cmpbk32

PhoneBookLoad
PhoneBookCopyFilter
PhoneBookFreeFilter
PhoneBookEnumCountries

untfs

FormatEx
Format
Chkdsk
Recover
Extend

clusapi

CloseClusterGroup
ClusterControl
CloseClusterNode
CloseCluster

dsprop

ErrMsgParam
CrackName
CheckADsError
FindSheet

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lock
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/560c702361a06aa2c3d691619e3d7faa
.html
some-samples-master/561c96b149b0f9368aa04a46db6a5080
.js
some-samples-master/5620ccb6f8a167d8b724847737638232
.js
some-samples-master/5637660fa2b02204cf0ebcbd952ffd11
.js
some-samples-master/566c1e70c0deaa3c80a6179166809bfd
.js
some-samples-master/568e62fa4b60ea40b305778bf7ef3294
some-samples-master/56a97c0e25176fc0bbb0a43f3ca8b893
.elf linux ppc
some-samples-master/56d08f3a7ed0328637bafd2e601f0ceb
.dll windows:5 windows x86 arch:x86

f5c8ec3086b696954a8e1597d43620e7

Code Sign

01
Certificate

Issuer

CN=luzscotch.com.org,O=luzscotch,C=GO

Not Before

21-08-2017 18:47

Not After

21-08-2018 18:47

Subject

CN=luzscotch.com.org,O=luzscotch,C=GO

09:10:d7:ec:40:2c:5f:3e:ff:ef:ac:3f:84:38:e0:1c:55:45:66:22
Signer

Actual PE Digest

09:10:d7:ec:40:2c:5f:3e:ff:ef:ac:3f:84:38:e0:1c:55:45:66:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysAllocStringLen

advapi32

RegLoadKeyW

user32

SetWindowPlacement

kernel32

GetVersion
GetVersionExW
GetVersion
RtlUnwind
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

DeleteEnhMetaFile

version

GetFileVersionInfoW

netapi32

NetWkstaGetInfo

ole32

CoInitialize

comctl32

ImageList_SetBkColor

msvcrt

memset

shell32

SHGetFolderPathW

wininet

InternetCloseHandle

winspool.drv

ClosePrinter

wsock32

closesocket

Exports

Exports

��/��D?��p�[�^s$�ý[�|,�;5T��`��gnv��9�3� ��8üZ�� H~MAz�R��=z��o�L#K[js�vմG��;5؟�m��lX+O77?��cy�߅��L�� i��~�8��^�|�@�b�u��Ah�hN��.ܳ��DQѯn��m�=�H=eG<�D�1��ߧ��#��M�ZS��7�.�p@��ȟ�GZ^��0��z�YSOɼ9v��a.�{��fhS�7̃�qɌ�`�!�<�1;�Gx�E��#��,�7BC��ݛ�`��YU�p��K��9?]J�5+Z�I~*��h>P��b� ��~1��a_W�U�W�z��C��Hp7�*\T��` ?ŗW�F�x�%S| 2��;��Ó��l�7α�u�z�^��l�Ƚk ��\p��+��J<��k!�Į+I��.�1 ɓ��Bͯǻya0�j�t�X��.��.�Y)>�qL� ��b(>]K"y9�P�DBA^9��>..�mj��ݯ�k*w'CGt��oHF��"/��V�v�{�v�'��I*��j��X��3j��Ń�� \�"�>�P�VleW ynQ��-��%C�0��:�ȔSv��O}�q`��T��g.�K�d1��:HF�/�ڔyF��!%.��=�s�� 8�q�e��X4��8އ��Is��;�q�/�� ˹�,��W`��j4b��N��a_�6��x5mq-$9��/�L��`�}��nʆq�P?��3�8ے�O��}�>fȋi��G5B9�T��$�7�v��AdAg��G��0��D̾"��J�Y��kY[��p��%��^[��g;�� z�'@��v3�/H�uN�#��o�F�؋t��oA�h�d�2��3 �@��Y3��S�8��Z��k��Q#p,X&�Y}�׬ !� �}��%�˓v��ciU�d�j}[-��z'U<N-j@~�s�� ��sw�x��-�\%!��3 <�>�9��o��:@�p�b�RB�@Hc)e�Ji�?\� r'��=��V�q.<�ܮdڋ+m~c�d�7��{�#��, e�h�a��E�u;�=Ir"�m$��=u��M"/'Y�p��t��J�E9�j6{��dӛ��R��6�y<>�c��w�� .̙:DS��U��,)��݁4�a&C}�}S�v�^�X�x�O۶m�n��S7�F�v��\ړ��u bW�(ό�n�#��jㄩ)U��U�d�X�e��j��P0��˵�,ZZ+�L�fT�s��x��^�q#HQ�@�tM��m�Y�r��%1��_��0<.�2R��p�Z��2�zad^�l��:��f��k�J3ՒKO0[<�CwDV�� +É��{�0P qsf�г.�� &�nH)đ��ŭ��ǝ�g`��}e�z��;��Q�i��L�Ċ��6�n� L�,zb�<�6�7��U�No��5u�;�ݩ+[HT';��s�x�MY�n��$6��*��<�_X�X}n��͸�*��m(�:��N#R2��ܴRv��J��{�I߉c��:�'*��g��޶66Έ�R��2��g\��X��&9oj�\� ��O(+�>��؅<��&��$ ��l��g�eQ��xKq R�ڿ|K�B� w�׼Q�"C!�:��r�f�V 9�(�S�G"�:�gBEpmN��J�b4�� O��l��2`�=C�}׿wug��gЈ�j�A��ziIجWò預��?�Ah��r�)Le�y��ӱaRk��Z��I�ٞ��p�pL�A ��`NM$9��1�D�z~�/��y��L mr�w>�[Q/ۃb�jݘX/3Q��2|B�4r�� T�U"��y��L"�t��KG��g$GbQ��2��\��<pr�䛪:m;��~�x"wG��d��0�M��#xpV��yF9\�;��+��S][�u�9!��,�u�t'��/4��u�m]��Ca$$vf5V��0X��Q\q��}��xxhr-Yv �ͿB ��?�ph;�:��-�cH�=��U��)�ʡ��ùPó�r�6�h�{|�E�U��Q�J�NS:Y��X�� LR�C0թ��mO�;�o��. �f��ܷ.� ��Ս�s,�/f��@ G��0 8��d�oa��F��>��4�Cxp�Ob�G��(�x��+ V5O�${�d��[��jƩة㌜�vv��eti8x1NY�ä��o��9X�T�0--�(�ؽ�93H��u��`�� {G�_�xP;��3�V&}�8�f>ה`CX!̀� �qG��y��J��p��C�;#V�#Km��AL�$`>Kĵ�Ʈ<c�{zjWc.��P[o> >/�2"J1@xC-:��4C�&�U��">V��0Cl�s��֫�e�h�5+H��?8��8Wݼ�tP��4FE��O�O+��2Ѵ�tr��d��>[`j��&��r��jB�44��Gg��\��"-kt&W��I��ha��a |A�f��`�qܰl��s��!�yӬ�X+=88��:jsʩ�ܢ�{c��97_J��V(��h(t8=ǆ5d��*LfȲ��{>�>;�m��if��穴��K��f��.�m�|��%쫧0^��Ӵcd��r�;�eT�1_��i��q��0�A;��6��N��t�X!�[r��v�9. �QG޼��}�NX��W �]�!]�O��E��Eiʇ��ZI/�g��ύ��'v��}�ү�X}Q)��d�g
PontoEntraKL
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/574b6291056e7b0a466c75e79d00fad1
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/575c3b6f7800752aa3bfffbf50385e12
.js
some-samples-master/575e8758d38623e943a86a5531664166
.js
some-samples-master/576b17e563ee2476863c692684866c87
.html .js polyglot
some-samples-master/57dd765f3467783c1c903aa860e042bd
.html
some-samples-master/57e7f64a9157a4658c61e604b0668344
.html .js polyglot
some-samples-master/57e9f50f081ee72f3cd057eea7705346
.js
some-samples-master/583eaf10e08ecca625132aa55ccf4822
.exe windows:4 windows x86 arch:x86

da2c25e045f4fbf2ca264bbb89e6fa2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord459
ord561
ord825
ord743
ord5500
ord617
ord5301
ord6354
ord6352
ord5214
ord296
ord2036
ord986
ord520
ord823
ord4159
ord6117
ord2621
ord1134
ord1205
ord1199
ord1247
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord2486
ord4003
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord2725
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord1206
ord2623
ord338
ord1223
ord4823
ord1849
ord4244
ord2583
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord4403
ord5240
ord5290
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5253
ord3998
ord4723
ord1942
ord4272
ord5259
ord1859
ord4246
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord4163
ord2120
ord4457
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4953
ord4612
ord1168

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
_setmbcp

kernel32

GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
GetProcessHeap
VirtualFree
FreeLibrary
VirtualAlloc
IsBadReadPtr
ExitProcess
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
EnableWindow

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/584207e26731fdf3982fd6374c4c780b
.js
some-samples-master/58a4420a292139dcd8b7a196292b0f13
.html
some-samples-master/58c2c4661e4c10845dd65161be9834f0
.js
some-samples-master/58c6d1cdb12fc267b1751b0da604696f
.js
some-samples-master/58ef3a1a0ee3e8c7adce1230bfcfe81f
.html
some-samples-master/58f01999050baffee2a3563804f54588
some-samples-master/59327342887ac2f25d057d9882f932d0
.exe windows:4 windows x86 arch:x86

5e1c34f465dbf32ff42f65ad292ae084

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
system
memcpy
fseek
ftell
fread
log10
_wfopen
fclose
fopen
wcsncpy
wcslen
wcscmp
memmove
wcscpy
wcscat
strlen
strcpy
strcat
memcmp
atoi
_stricmp
longjmp
_setjmp3
malloc
free
fwrite
ferror
time
srand
rand
wcsncmp
localtime
mktime
gmtime
fabs
ceil
floor
_wcsnicmp
_wcsdup
_isnan
_wcsicmp
setlocale
swscanf
exit
__p__iob
fprintf
sprintf
getenv
sscanf
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
ReleaseMutex
CloseHandle
CreateMutexW
GetLastError
GetCurrentProcess
SetErrorMode
GetDiskFreeSpaceExW
GetUserDefaultLangID
GetSystemDirectoryW
GetVersionExW
WideCharToMultiByte
FreeLibrary
HeapAlloc
LoadLibraryW
GetProcAddress
HeapFree
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CreateThread
TerminateThread
CreateFileW
GetFileSize
ReadFile
Sleep
GetCurrentThreadId
GetCurrentProcessId
GetModuleFileNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessW
SetFilePointer
SetEndOfFile
WriteFile
MultiByteToWideChar
MulDiv
SetFileAttributesW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
HeapReAlloc
SetCurrentDirectoryW
GetTempPathW
CreateDirectoryW
GetDriveTypeW
FindFirstFileW
FindClose
GetFileAttributesW
DeleteFileW
FindNextFileW
RemoveDirectoryW
CopyFileW
HeapSize
LoadLibraryA
SetLastError
GetLocalTime
GlobalAlloc
GlobalFree
TlsAlloc
TlsSetValue
DeleteCriticalSection

user32

SetWindowLongW
ShowWindow
ExitWindowsEx
SendMessageW
GetActiveWindow
ClipCursor
ShowCursor
GetWindowRect
SetCursorPos
DestroyWindow
InvalidateRect
GetForegroundWindow
BeginPaint
EndPaint
DefWindowProcW
LoadIconW
RegisterClassExW
CreateWindowExW
MessageBoxW
GetWindowThreadProcessId
IsWindowVisible
GetWindowLongA
IsWindowEnabled
EnableWindow
EnumWindows
SetWindowPos
OemToCharW
GetSysColorBrush
SetClassLongW
GetParent
GetWindowLongW
GetWindow
RedrawWindow
GetSysColor
GetClassNameW
IsWindow
FillRect
DrawIconEx
DrawTextW
GetDlgCtrlID
CallWindowProcW
ScreenToClient
GetIconInfo
UpdateWindow
ReleaseCapture
DrawStateW
SetCapture
GetSystemMetrics
SetWindowTextW
GetWindowTextLengthW
GetWindowTextW
GetClientRect
LoadCursorW
SendMessageA
GetDC
InflateRect
GetPropW
ReleaseDC
GetWindowDC
RemovePropW
SetPropW
ValidateRect
MapWindowPoints
MoveWindow
PeekMessageW
TranslateMessage
DispatchMessageW
DrawFrameControl
SetActiveWindow
UnregisterClassW
DestroyAcceleratorTable
RegisterClassW
AdjustWindowRectEx
CreateAcceleratorTableW
GetMenu
IsZoomed
IsIconic
MsgWaitForMultipleObjects
GetMessageW
TranslateAcceleratorW
SetFocus
GetFocus
EnumChildWindows
PostMessageW
DefFrameProcW
LoadImageW
SetCursor
SystemParametersInfoW
GetKeyState
GetCursorPos
IsChild
DestroyIcon
CreateIconFromResourceEx
CreateIconFromResource
CharUpperW

gdi32

GetStockObject
DeleteObject
CreateDCW
GetDeviceCaps
CreateFontW
DeleteDC
CreateSolidBrush
CreatePatternBrush
SetBkMode
SetTextColor
SetBkColor
SelectObject
GetObjectType
GetObjectW
ExcludeClipRect
CreateCompatibleBitmap
CreateCompatibleDC
StretchBlt
CreateDIBSection
GetObjectA
GetDIBits
BitBlt
CreateBitmap
SetPixel
SetStretchBltMode
SetBrushOrgEx
SetDIBits

advapi32

OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetUserNameW
RegOpenKeyExW
RegConnectRegistryW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW

comctl32

InitCommonControlsEx
ImageList_SetBkColor
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Destroy
ImageList_Remove
ImageList_AddMasked
ImageList_Create
ImageList_Add
ImageList_ReplaceIcon

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoCreateGuid
StringFromGUID2
CoTaskMemFree
RevokeDragDrop

shell32

ExtractIconW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteExW

winmm

timeEndPeriod
timeBeginPeriod

imagehlp

MakeSureDirectoryPathExists

setupapi

SetupIterateCabinetW

Sections

.code
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/593cc435c6a883f5344be2dcb2dfb62e
.js
some-samples-master/5952d08ff2b65a49574bc845f45d04a6
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/5952f9e533d53fd92dfdda6c2e89266f
.html .js polyglot
some-samples-master/59b3e99d09fdb6e5493651f8f949e634
.html .js polyglot
some-samples-master/59b78fe5e224f029d39daf255366d7af
.exe windows:4 windows x86 arch:x86

ea5e52358c5cd8b2a8f83a6225e905ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

=qc5v4234v5\\23v45234\\22345v2345.7Ru.pdb

Imports

winspool.drv

DeleteMonitorW

advapi32

GetOldestEventLogRecord
IsWellKnownSid
GetServiceDisplayNameA

msvcrt

srand

kernel32

AreFileApisANSI
GetComputerNameExW
ExitProcess
IsValidCodePage
LoadLibraryA
WriteProfileSectionA
GetProcAddress

user32

GetClassNameW
GetKeyboardLayoutNameA
DeferWindowPos
GetLastActivePopup
LoadCursorW
GetOpenClipboardWindow
DdeGetLastError
wsprintfW
GetClipboardViewer
FindWindowW
GetCapture

gdi32

AddFontResourceA
GetViewportExtEx
GetTextCharsetInfo
GetCharWidth32A
GetTextMetricsA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/59bdc9da7a4a946f8cac3c4c3e068470
.js
some-samples-master/59c1a8354bdfc0f873bdb53c8c45d1ce
.exe windows:4 windows x86 arch:x86

d2c82993d1a616abe994cabd5db7b4f8

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5c:4c:c8:41:6f:57:2f:51:11:39:9e:45:3c:05:6a:f9
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

15-09-2008 00:00

Not After

15-09-2011 23:59

Subject

CN=MJT Net Ltd,O=MJT Net Ltd,POSTALCODE=EC1V 4PY,STREET=145-157 St John Street+STREET=2nd Floor LPL,L=London,ST=London,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

53:3c:86:fd:b2:04:81:8f:37:9f:c6:8f:bf:0a:7e:f0:0d:a3:72:1d
Signer

Actual PE Digest

53:3c:86:fd:b2:04:81:8f:37:9f:c6:8f:bf:0a:7e:f0:0d:a3:72:1d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetUnhandledExceptionFilter
lstrcmpiA
lstrcpyA
lstrlenA
_lclose
GetModuleFileNameA
_lread
_llseek
_lopen
_lwrite
_lcreat
CreateDirectoryA
SetCurrentDirectoryA
lstrcatA
FreeLibrary
GetProcAddress
LoadLibraryA
GetDiskFreeSpaceA
UnhandledExceptionFilter
RemoveDirectoryA
DeleteFileA
GetTempPathA
GetCurrentDirectoryA
CloseHandle
GetExitCodeProcess
LocalFree
Sleep
HeapSize
RtlUnwind
LCMapStringW
LCMapStringA
GetStringTypeW
GetCurrentProcess
GetFileAttributesA
TerminateProcess
MultiByteToWideChar
GetStringTypeA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetStdHandle
InitializeCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoA

user32

TranslateMessage
DispatchMessageA
PeekMessageA
wsprintfA
LoadCursorA
SetCursor
MessageBoxA
MsgWaitForMultipleObjects

advapi32

GetTokenInformation
OpenProcessToken

shell32

ShellExecuteExA

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/59c4666a1dba8f2640df9e70b708f6f3
.exe windows:4 windows x86 arch:x86

bd5e8698754318ada504c871902ce600

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetFileTime
GetTickCount
RtlUnwind
HeapReAlloc
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetCommandLineA
GetProcessHeap
GetStartupInfoA
ExitProcess
RaiseException
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
GetStdHandle
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetACP
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FileTimeToLocalFileTime
SetErrorMode
FileTimeToSystemTime
GetOEMCP
GetCPInfo
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetThreadLocale
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GetModuleFileNameW
GlobalFlags
WritePrivateProfileStringA
FormatMessageA
LocalFree
MulDiv
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
GlobalUnlock
GlobalFree
GetCurrentProcessId
SetLastError
GlobalAddAtomA
CloseHandle
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
FindResourceA
LoadResource
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
GetModuleHandleA
lstrlenA
CompareStringW
CompareStringA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
Sleep
LoadLibraryA
GetProcAddress
LockResource
SizeofResource
FreeEnvironmentStringsA
FreeResource

user32

InvalidateRgn
GetNextDlgGroupItem
MessageBeep
UnregisterClassA
RegisterClipboardFormatA
PostThreadMessageA
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
LoadIconA
SendDlgItemMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
InvalidateRect
GetWindowTextA
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SetWindowLongA
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
SendMessageA
IsIconic
GetClientRect
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
GetWindowLongA
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
GetSysColorBrush
ReleaseCapture
SetFocus
LoadCursorA
EnableWindow
GetSystemMetrics
CharUpperA
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
MessageBoxA
IsWindowEnabled
GetLastActivePopup
IsChild

gdi32

SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
CreateBitmap
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
ExtTextOutA
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoRevokeClassObject
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CoTaskMemAlloc

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
SysFreeString

Sections

.text
Size: 200KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 260KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/59d4aa47323fe7c1106f99c1a84d31c0
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 124KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/59eabb93c0bea14462dbe885bdb458a8
.js
some-samples-master/59f82b3bcc988792afcac69bca2309e80e5a05f9e881966d6a33c081838d6b54
some-samples-master/5a0e7e2a6a6f370287197922a229d3ef
.js
some-samples-master/5a38303e5ebdf7b2aa7aec3c2f33d16c
.html .js polyglot
some-samples-master/5a4afa0cd73b0f00303c255c0dd753de
.html .js polyglot
some-samples-master/5a749795ed47ccda19ebf8ba841e1eeb
.exe windows:5 windows x86 arch:x86

dd11a323726e93fd00a46a554e433b2d

Code Sign

6d:cc:7f:fc:9a:26:d2:1a:90:cd:e9:3e:72:1c:bd:fe
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

09-03-2017 06:31

Not After

09-02-2018 06:31

Subject

CN=PengXin Network Tech Co.\, LTD.,O=PengXin Network Tech Co.\, LTD.,L=Yantai,ST=Shandong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:39:65:c4:72:e0:dc:2b:d9:65:00:00:00:00:00:39
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29-04-2015 17:12

Not After

29-04-2025 17:12

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

23:9b:f3:be:64:85:5b:7f:65:28:2f:d5:fd:a6:74:77
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

09-03-2017 06:24

Not After

09-02-2018 06:24

Subject

CN=PengXin Network Tech Co.\, LTD.,O=PengXin Network Tech Co.\, LTD.,L=Yantai,ST=Shandong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:39:65:c4:72:e0:dc:2b:d9:65:00:00:00:00:00:39
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

29-04-2015 17:12

Not After

29-04-2025 17:12

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

08-04-2015 01:00

Not After

08-04-2023 01:00

Subject

CN=WoSign Time Stamping Signer G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4d:31:f9:69:8f:09:be:69:6f:8f:6e:1c:43:ae:16:11:76:e1:b2:a8:95:04:c7:ee:f6:c0:fd:a6:c3:ab:51:ea
Signer

Actual PE Digest

4d:31:f9:69:8f:09:be:69:6f:8f:6e:1c:43:ae:16:11:76:e1:b2:a8:95:04:c7:ee:f6:c0:fd:a6:c3:ab:51:ea

Digest Algorithm

sha256

PE Digest Matches

true

8d:3f:b7:2a:2a:35:2c:00:c6:37:a4:d1:d2:be:2c:3d:76:cf:02:b5
Signer

Actual PE Digest

8d:3f:b7:2a:2a:35:2c:00:c6:37:a4:d1:d2:be:2c:3d:76:cf:02:b5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\@WORK~~~~~~~~~\@学习项目\1_新后台下载器\下载器服务文字版\Output\卓大师刷机专家v5.3.0.1 官方版_600_123.pdb

Imports

winmm

mixerGetLineControlsW
mixerOpen
mixerClose
mixerGetLineInfoW
mixerSetControlDetails
waveOutSetVolume

kernel32

CreateToolhelp32Snapshot
GetFileAttributesW
CreateFileA
GetTickCount
GetPrivateProfileStringA
WritePrivateProfileStringA
GetModuleFileNameA
OutputDebugStringA
ExitProcess
FreeResource
FindResourceW
LoadResource
GlobalLock
GlobalAlloc
SizeofResource
GlobalUnlock
LockResource
DeleteFileA
VirtualProtect
lstrcmpiW
LocalFree
GetNativeSystemInfo
GetPrivateProfileStringW
VirtualFreeEx
ReadProcessMemory
VirtualAllocEx
WriteProcessMemory
GetCurrentProcessId
CreateDirectoryA
SetLastError
WTSGetActiveConsoleSessionId
lstrlenA
UnmapViewOfFile
FindResourceExW
SetWaitableTimer
CreateWaitableTimerW
GetEnvironmentVariableW
CreateEventA
GetLocalTime
TerminateProcess
lstrcmpA
FileTimeToSystemTime
LocalAlloc
FileTimeToLocalFileTime
RemoveDirectoryW
InterlockedExchangeAdd
DeleteFileW
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
QueryPerformanceCounter
Process32NextW
FreeEnvironmentStringsW
GetStringTypeW
GetLocaleInfoW
GetTimeZoneInformation
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetFileType
SetHandleCount
IsValidCodePage
GetOEMCP
GetACP
GetStdHandle
HeapCreate
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CompareStringW
GetCPInfo
LCMapStringW
RtlUnwind
GetStartupInfoW
HeapSetInformation
GetCommandLineA
GetSystemTimeAsFileTime
CreateThread
GetCurrentThreadId
ExitThread
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
InitializeCriticalSectionAndSpinCount
RaiseException
InterlockedExchange
DecodePointer
EncodePointer
GetSystemInfo
Module32FirstW
Process32FirstW
WritePrivateProfileStringW
GetVersionExW
WideCharToMultiByte
OpenProcess
GetModuleHandleW
CreateDirectoryW
SetEnvironmentVariableA
WriteConsoleW
SetStdHandle
TlsGetValue
FreeLibrary
InterlockedIncrement
InterlockedDecrement
OutputDebugStringW
TlsSetValue
LoadLibraryW
FormatMessageW
CloseHandle
WinExec
FindNextFileW
lstrcatW
FindClose
GetLongPathNameW
GetTempPathW
MultiByteToWideChar
CreateFileW
ReadFile
GetCurrentProcess
CreateProcessW
GetModuleFileNameW
TlsFree
TlsAlloc
DeleteCriticalSection
InitializeCriticalSection
VirtualQuery
GetCommandLineW
ReleaseMutex
WaitForMultipleObjects
MoveFileW
WaitForSingleObject
SetFilePointerEx
SetEndOfFile
SetFilePointer
CreateMutexW
SetFileAttributesW
GetEnvironmentStringsW
lstrcpyW
CopyFileW
Sleep
WriteFile
FindFirstFileW
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
GetLastError
lstrlenW
lstrcmpW
lstrcpynW
IsValidLocale

user32

SendMessageA
LoadStringW
FindWindowA
WindowFromPoint
SetWindowTextW
MoveWindow
CreateDesktopW
DrawTextW
UpdateWindow
SetWindowPos
WindowFromDC
IsWindow
CreateWindowExW
RegisterClassW
GetSystemMetrics
RegisterHotKey
SendMessageW
DestroyMenu
CallWindowProcW
DefWindowProcW
FindWindowW
FindWindowExA
SetLayeredWindowAttributes
ScreenToClient
GetAsyncKeyState
GetWindowDC
UpdateLayeredWindow
SetWindowLongW
GetDlgItem
ReleaseDC
GetClassNameW
SystemParametersInfoW
IntersectRect
GetDC
GetUpdateRect
GetClassInfoW
BeginPaint
LoadCursorW
GetParent
PostMessageW
LoadImageW
IsMenu
GetWindowRect
DestroyWindow
EndPaint
DispatchMessageW
MessageBoxW
PeekMessageW
TranslateMessage
UnregisterClassW
PostQuitMessage
GetMessageW
TranslateAcceleratorW
SetTimer
wsprintfW
ShowWindow
InvalidateRect
LoadIconW
PtInRect
GetWindowLongW
CopyRect
GetMenuItemCount
EnableMenuItem
SetRect
GetClientRect
DeleteMenu
GetSystemMenu
SetCursor
MessageBoxA
KillTimer
GetWindowThreadProcessId
ReleaseCapture
FindWindowExW
GetCursorPos
SetCursorPos
SetCapture
SendInput

gdi32

SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectW
DeleteObject
DeleteDC
SaveDC
GetStockObject
RestoreDC
BitBlt
SetTextCharacterExtra
GetTextExtentPoint32W
SetWindowOrgEx
CreateSolidBrush
TextOutW
SetBkMode
SetTextColor
GetObjectA
CreateFontIndirectA

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueW
GetLengthSid
FreeSid
AllocateAndInitializeSid
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserW
ConvertSidToStringSidW
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameW
GetUserNameW
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
RegOpenKeyW
RegQueryValueExW
CloseServiceHandle
OpenSCManagerW
StartServiceCtrlDispatcherW
DeregisterEventSource
ChangeServiceConfig2W
SetServiceStatus
RegisterServiceCtrlHandlerW
CreateServiceW

shell32

SHGetPathFromIDListW
SHGetDesktopFolder
ord165
ShellExecuteA
SHGetSpecialFolderLocation
SHGetFolderPathW
SHFileOperationW
SHChangeNotify
ShellExecuteW
SHGetFolderLocation
SHGetSpecialFolderPathW
CommandLineToArgvW

ole32

OleInitialize
CLSIDFromString
CreateStreamOnHGlobal
CoTaskMemFree
CoInitialize
CoUninitialize
CoCreateInstance
StgCreateDocfile
OleCreate
OleUninitialize

oleaut32

VariantClear
SafeArrayCreateVector
VariantInit
SysAllocString
SafeArrayDestroy
SafeArrayCreate
SysFreeString
SafeArrayAccessData

shlwapi

PathAddBackslashW
StrCmpW
StrRetToStrW
PathFindFileNameW
PathIsDirectoryW
StrCatW
PathAppendA
PathRemoveFileSpecA
StrToIntW
PathAppendW
StrStrIW
StrCpyW
PathFileExistsW
PathFileExistsA
PathRemoveFileSpecW

gdiplus

GdipDrawRectangleI
GdipDeleteStringFormat
GdipCreatePen1
GdipCreateStringFormat
GdipDrawLineI
GdipFillRectangleI
GdipCreateLineBrushI
GdipCreateFontFamilyFromName
GdipCreateFont
GdipDeleteFontFamily
GdipSetSmoothingMode
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipDeletePen
GdipGetImageWidth
GdipCreateFromHDC
GdiplusShutdown
GdipDrawImageRectRectI
GdipGetImageHeight
GdipCreateFontFromDC
GdipGetFontHeight
GdipDrawString
GdipDisposeImage
GdipAlloc
GdipCreateSolidFill
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCloneBrush
GdipFree
GdipDeleteBrush
GdipLoadImageFromStream
GdiplusStartup
GdipDeleteGraphics
GdipDrawImageRectRect
GdipCloneImage

urlmon

URLDownloadToFileW

wininet

HttpSendRequestA
HttpOpenRequestW
HttpQueryInfoW
HttpAddRequestHeadersW
InternetConnectW
InternetReadFile
InternetCrackUrlW
InternetOpenW
InternetCloseHandle

winhttp

WinHttpSetTimeouts
WinHttpReceiveResponse
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpOpen
WinHttpQueryDataAvailable
WinHttpCloseHandle
WinHttpSendRequest
WinHttpConnect

netapi32

Netbios

wtsapi32

WTSQueryUserToken

crypt32

CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetNameStringW
CryptQueryObject
CertNameToStrW
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam

setupapi

SetupIterateCabinetW

userenv

DestroyEnvironmentBlock
CreateEnvironmentBlock

Exports

Exports

arcfour_LTX__is_block_algorithm
arcfour_LTX__mcrypt_algorithm_version
arcfour_LTX__mcrypt_decrypt
arcfour_LTX__mcrypt_encrypt
arcfour_LTX__mcrypt_get_algo_iv_size
arcfour_LTX__mcrypt_get_algorithms_name
arcfour_LTX__mcrypt_get_block_size
arcfour_LTX__mcrypt_get_key_size
arcfour_LTX__mcrypt_get_size
arcfour_LTX__mcrypt_get_supported_key_sizes
arcfour_LTX__mcrypt_self_test
arcfour_LTX__mcrypt_set_key
blowfish_LTX__is_block_algorithm
blowfish_LTX__mcrypt_algorithm_version
blowfish_LTX__mcrypt_decrypt
blowfish_LTX__mcrypt_encrypt
blowfish_LTX__mcrypt_get_algorithms_name
blowfish_LTX__mcrypt_get_block_size
blowfish_LTX__mcrypt_get_key_size
blowfish_LTX__mcrypt_get_size
blowfish_LTX__mcrypt_get_supported_key_sizes
blowfish_LTX__mcrypt_self_test
blowfish_LTX__mcrypt_set_key
blowfish_compat_LTX__is_block_algorithm
blowfish_compat_LTX__mcrypt_algorithm_version
blowfish_compat_LTX__mcrypt_decrypt
blowfish_compat_LTX__mcrypt_encrypt
blowfish_compat_LTX__mcrypt_get_algorithms_name
blowfish_compat_LTX__mcrypt_get_block_size
blowfish_compat_LTX__mcrypt_get_key_size
blowfish_compat_LTX__mcrypt_get_size
blowfish_compat_LTX__mcrypt_get_supported_key_sizes
blowfish_compat_LTX__mcrypt_self_test
blowfish_compat_LTX__mcrypt_set_key
cast_128_LTX__is_block_algorithm
cast_128_LTX__mcrypt_algorithm_version
cast_128_LTX__mcrypt_decrypt
cast_128_LTX__mcrypt_encrypt
cast_128_LTX__mcrypt_get_algorithms_name
cast_128_LTX__mcrypt_get_block_size
cast_128_LTX__mcrypt_get_key_size
cast_128_LTX__mcrypt_get_size
cast_128_LTX__mcrypt_get_supported_key_sizes
cast_128_LTX__mcrypt_self_test
cast_128_LTX__mcrypt_set_key
cast_256_LTX__is_block_algorithm
cast_256_LTX__mcrypt_algorithm_version
cast_256_LTX__mcrypt_decrypt
cast_256_LTX__mcrypt_encrypt
cast_256_LTX__mcrypt_get_algorithms_name
cast_256_LTX__mcrypt_get_block_size
cast_256_LTX__mcrypt_get_key_size
cast_256_LTX__mcrypt_get_size
cast_256_LTX__mcrypt_get_supported_key_sizes
cast_256_LTX__mcrypt_self_test
cast_256_LTX__mcrypt_set_key
des_LTX__is_block_algorithm
des_LTX__mcrypt_algorithm_version
des_LTX__mcrypt_decrypt
des_LTX__mcrypt_encrypt
des_LTX__mcrypt_get_algorithms_name
des_LTX__mcrypt_get_block_size
des_LTX__mcrypt_get_key_size
des_LTX__mcrypt_get_size
des_LTX__mcrypt_get_supported_key_sizes
des_LTX__mcrypt_self_test
des_LTX__mcrypt_set_key
end_mcrypt
enigma_LTX__is_block_algorithm
enigma_LTX__mcrypt_algorithm_version
enigma_LTX__mcrypt_decrypt
enigma_LTX__mcrypt_encrypt
enigma_LTX__mcrypt_get_algo_iv_size
enigma_LTX__mcrypt_get_algorithms_name
enigma_LTX__mcrypt_get_block_size
enigma_LTX__mcrypt_get_key_size
enigma_LTX__mcrypt_get_size
enigma_LTX__mcrypt_get_supported_key_sizes
enigma_LTX__mcrypt_self_test
enigma_LTX__mcrypt_set_key
gost_LTX__is_block_algorithm
gost_LTX__mcrypt_algorithm_version
gost_LTX__mcrypt_decrypt
gost_LTX__mcrypt_encrypt
gost_LTX__mcrypt_get_algorithms_name
gost_LTX__mcrypt_get_block_size
gost_LTX__mcrypt_get_key_size
gost_LTX__mcrypt_get_size
gost_LTX__mcrypt_get_supported_key_sizes
gost_LTX__mcrypt_self_test
gost_LTX__mcrypt_set_key
init_mcrypt
loki97_LTX__is_block_algorithm
loki97_LTX__mcrypt_algorithm_version
loki97_LTX__mcrypt_decrypt
loki97_LTX__mcrypt_encrypt
loki97_LTX__mcrypt_get_algorithms_name
loki97_LTX__mcrypt_get_block_size
loki97_LTX__mcrypt_get_key_size
loki97_LTX__mcrypt_get_size
loki97_LTX__mcrypt_get_supported_key_sizes
loki97_LTX__mcrypt_self_test
loki97_LTX__mcrypt_set_key
mcrypt
mcrypt_dlopen
mcrypt_enc_get_algorithms_name
mcrypt_enc_get_block_size
mcrypt_enc_get_iv_size
mcrypt_enc_get_key_size
mcrypt_enc_get_modes_name
mcrypt_enc_get_state
mcrypt_enc_get_supported_key_sizes
mcrypt_enc_is_block_algorithm
mcrypt_enc_is_block_algorithm_mode
mcrypt_enc_is_block_mode
mcrypt_enc_mode_has_iv
mcrypt_enc_self_test
mcrypt_enc_set_state
mcrypt_free
mcrypt_generic
mcrypt_generic_deinit
mcrypt_generic_end
mcrypt_generic_init
mcrypt_get_algo_iv_size
mcrypt_get_size
mcrypt_mode_get_size
mcrypt_module_algorithm_version
mcrypt_module_close
mcrypt_module_get_algo_block_size
mcrypt_module_get_algo_key_size
mcrypt_module_get_algo_supported_key_sizes
mcrypt_module_is_block_algorithm
mcrypt_module_is_block_algorithm_mode
mcrypt_module_is_block_mode
mcrypt_module_mode_version
mcrypt_module_open
mcrypt_module_self_test
mcrypt_perror
mcrypt_set_key
mcrypt_strerror
mdecrypt
mdecrypt_generic
rc2_LTX__is_block_algorithm
rc2_LTX__mcrypt_algorithm_version
rc2_LTX__mcrypt_decrypt
rc2_LTX__mcrypt_encrypt
rc2_LTX__mcrypt_get_algorithms_name
rc2_LTX__mcrypt_get_block_size
rc2_LTX__mcrypt_get_key_size
rc2_LTX__mcrypt_get_size
rc2_LTX__mcrypt_get_supported_key_sizes
rc2_LTX__mcrypt_self_test
rc2_LTX__mcrypt_set_key
rijndael_128_LTX__is_block_algorithm
rijndael_128_LTX__mcrypt_algorithm_version
rijndael_128_LTX__mcrypt_decrypt
rijndael_128_LTX__mcrypt_encrypt
rijndael_128_LTX__mcrypt_get_algorithms_name
rijndael_128_LTX__mcrypt_get_block_size
rijndael_128_LTX__mcrypt_get_key_size
rijndael_128_LTX__mcrypt_get_size
rijndael_128_LTX__mcrypt_get_supported_key_sizes
rijndael_128_LTX__mcrypt_self_test
rijndael_128_LTX__mcrypt_set_key
rijndael_192_LTX__is_block_algorithm
rijndael_192_LTX__mcrypt_algorithm_version
rijndael_192_LTX__mcrypt_decrypt
rijndael_192_LTX__mcrypt_encrypt
rijndael_192_LTX__mcrypt_get_algorithms_name
rijndael_192_LTX__mcrypt_get_block_size
rijndael_192_LTX__mcrypt_get_key_size
rijndael_192_LTX__mcrypt_get_size
rijndael_192_LTX__mcrypt_get_supported_key_sizes
rijndael_192_LTX__mcrypt_self_test
rijndael_192_LTX__mcrypt_set_key
rijndael_256_LTX__is_block_algorithm
rijndael_256_LTX__mcrypt_algorithm_version
rijndael_256_LTX__mcrypt_decrypt
rijndael_256_LTX__mcrypt_encrypt
rijndael_256_LTX__mcrypt_get_algorithms_name
rijndael_256_LTX__mcrypt_get_block_size
rijndael_256_LTX__mcrypt_get_key_size
rijndael_256_LTX__mcrypt_get_size
rijndael_256_LTX__mcrypt_get_supported_key_sizes
rijndael_256_LTX__mcrypt_self_test
rijndael_256_LTX__mcrypt_set_key
saferplus_LTX__is_block_algorithm
saferplus_LTX__mcrypt_algorithm_version
saferplus_LTX__mcrypt_decrypt
saferplus_LTX__mcrypt_encrypt
saferplus_LTX__mcrypt_get_algorithms_name
saferplus_LTX__mcrypt_get_block_size
saferplus_LTX__mcrypt_get_key_size
saferplus_LTX__mcrypt_get_size
saferplus_LTX__mcrypt_get_supported_key_sizes
saferplus_LTX__mcrypt_self_test
saferplus_LTX__mcrypt_set_key
serpent_LTX__is_block_algorithm
serpent_LTX__mcrypt_algorithm_version
serpent_LTX__mcrypt_decrypt
serpent_LTX__mcrypt_encrypt
serpent_LTX__mcrypt_get_algorithms_name
serpent_LTX__mcrypt_get_block_size
serpent_LTX__mcrypt_get_key_size
serpent_LTX__mcrypt_get_size
serpent_LTX__mcrypt_get_supported_key_sizes
serpent_LTX__mcrypt_self_test
serpent_LTX__mcrypt_set_key
tripledes_LTX__is_block_algorithm
tripledes_LTX__mcrypt_algorithm_version
tripledes_LTX__mcrypt_decrypt
tripledes_LTX__mcrypt_encrypt
tripledes_LTX__mcrypt_get_algorithms_name
tripledes_LTX__mcrypt_get_block_size
tripledes_LTX__mcrypt_get_key_size
tripledes_LTX__mcrypt_get_size
tripledes_LTX__mcrypt_get_supported_key_sizes
tripledes_LTX__mcrypt_self_test
tripledes_LTX__mcrypt_set_key
twofish_LTX__is_block_algorithm
twofish_LTX__mcrypt_algorithm_version
twofish_LTX__mcrypt_decrypt
twofish_LTX__mcrypt_encrypt
twofish_LTX__mcrypt_get_algorithms_name
twofish_LTX__mcrypt_get_block_size
twofish_LTX__mcrypt_get_key_size
twofish_LTX__mcrypt_get_size
twofish_LTX__mcrypt_get_supported_key_sizes
twofish_LTX__mcrypt_self_test
twofish_LTX__mcrypt_set_key
wake_LTX__is_block_algorithm
wake_LTX__mcrypt_algorithm_version
wake_LTX__mcrypt_decrypt
wake_LTX__mcrypt_encrypt
wake_LTX__mcrypt_get_algo_iv_size
wake_LTX__mcrypt_get_algorithms_name
wake_LTX__mcrypt_get_block_size
wake_LTX__mcrypt_get_key_size
wake_LTX__mcrypt_get_size
wake_LTX__mcrypt_get_supported_key_sizes
wake_LTX__mcrypt_self_test
wake_LTX__mcrypt_set_key
xtea_LTX__is_block_algorithm
xtea_LTX__mcrypt_algorithm_version
xtea_LTX__mcrypt_decrypt
xtea_LTX__mcrypt_encrypt
xtea_LTX__mcrypt_get_algorithms_name
xtea_LTX__mcrypt_get_block_size
xtea_LTX__mcrypt_get_key_size
xtea_LTX__mcrypt_get_size
xtea_LTX__mcrypt_get_supported_key_sizes
xtea_LTX__mcrypt_self_test
xtea_LTX__mcrypt_set_key

Sections

.text
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/5a8e68d09ded43511f8256c9a44b3f37
.js
some-samples-master/5a9e9e381cfcdb93bbc12d68b8f29e9c
.exe windows:4 windows x86 arch:x86

5af054bb14435b8128385b083318c625

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3370
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord3640
ord693
ord641
ord567
ord324
ord825
ord775
ord800
ord2302
ord4234
ord3996
ord4710
ord6907
ord3998
ord4224
ord860
ord540
ord6334
ord858
ord616
ord1200
ord2818
ord3301
ord2411
ord2023
ord4218
ord2578
ord4398
ord3402
ord3582
ord2370
ord2299
ord1994
ord5192
ord1911
ord3316
ord3314
ord5242
ord6121
ord1774
ord2490
ord5010
ord5658
ord2395
ord6322
ord2609
ord1006
ord1787
ord6123
ord4291
ord503
ord537
ord5708
ord1261
ord2575
ord4396
ord3574
ord609
ord2642
ord5703
ord3610
ord656
ord5981
ord1168
ord823
ord1842
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord5282
ord2649
ord1665
ord4436
ord4427
ord796
ord674
ord554
ord529
ord366
ord807
ord2627
ord6000
ord4837
ord4457
ord5252
ord4413
ord2298
ord3337
ord535
ord6640
ord5697
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord6199
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord4159
ord6117
ord2621
ord1134
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord3571
ord3626
ord2414
ord640
ord2405
ord6021
ord5785
ord1640
ord1641
ord1146
ord323
ord470
ord3663
ord635
ord3171
ord5181
ord317
ord2301
ord922
ord924
ord4123
ord5692
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4402
ord1776
ord4078
ord6055
ord2582
ord3597
ord4425
ord5280
ord4407
ord1775
ord6052
ord2514
ord4998
ord4853
ord4376
ord2117
ord5265
ord1576

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
free
realloc
atol
_setmbcp
_stricmp
__CxxFrameHandler
_mbscmp
_ltoa
_CxxThrowException
_itoa
atoi

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualFree
LoadLibraryA
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA
GetProcAddress
ExitProcess
IsBadReadPtr
CopyFileA

user32

GetClientRect
CopyRect
UpdateWindow
EnableWindow
SendMessageA
LoadBitmapA

gdi32

GetMapMode
GetObjectA
DPtoLP
StretchBlt
CreateCompatibleDC

Sections

.text
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/5abf5e44b169139e1da5b8b92378ed0b
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

mscoree

_CorExeMain

Sections

.text
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/5ae47f66417412c5780a387ca4a60282
.html
some-samples-master/5b006d8094aebc16357875e3b1a84370
.html .js polyglot
some-samples-master/5b2164c80727b210a498d57d994b1311
.html .js polyglot
some-samples-master/5b396f7a6ac5f4364b1df8f27e789f92
.exe windows:5 windows x86 arch:x86

377c1fc5ff1b35a85c04cdffdbc02e1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Nextop\consent\externa.pdb

Imports

kernel32

LCMapStringW
SetStdHandle
HeapSize
MultiByteToWideChar
WriteConsoleW
RtlUnwind
Sleep
IsValidCodePage
GetOEMCP
GetStringTypeW
GlobalLock
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
HeapReAlloc
lstrcpyA
lstrcpyW
CloseHandle
lstrcatW
EnumDateFormatsA
GlobalFree
GetProcAddress
GetLastError
FlushFileBuffers
GlobalUnlock
lstrlenW
CreateFileW
LoadLibraryW
WideCharToMultiByte
GlobalAlloc
GetACP
LockFile
TlsSetValue
TlsGetValue
GetCurrentProcess
GetCPInfo
HeapAlloc
TlsAlloc
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
HeapCreate
IsProcessorFeaturePresent
EncodePointer
DecodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
ReadConsoleInputA
SetConsoleMode
GetConsoleMode

user32

SetClipboardData
LoadImageA
OpenClipboard
GetWindow
GetDesktopWindow
GetDlgItem
EmptyClipboard
GetWindowLongA
IsWindow
FindWindowA
CreateDialogParamW
DestroyWindow
CloseClipboard
SetTimer
SetActiveWindow
GetSubMenu
SetForegroundWindow
GetParent
IsWindowEnabled
SetFocus

gdi32

BitBlt
PatBlt
GetTextExtentPoint32A
StartPage
DeleteDC
CreateDIBSection
CopyEnhMetaFileA
DeleteObject
SelectObject
CreateCompatibleDC
ColorMatchToTarget
GetTextMetricsA
SetTextAlign
GetObjectA

winspool.drv

ConnectToPrinterDlg

advapi32

RegCreateKeyExA
RegCloseKey

shell32

SHQueryRecycleBinA
SHEmptyRecycleBinA
SHGetFileInfoA

ole32

CreateILockBytesOnHGlobal
CoInitialize
OleGetClipboard

oleaut32

OleTranslateColor

netapi32

NetApiBufferFree
NetUserEnum

psapi

GetDeviceDriverFileNameA
EnumDeviceDrivers
GetDeviceDriverBaseNameA

msimg32

GradientFill

winmm

waveOutUnprepareHeader
mmioDescend

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

shlwapi

PathCompactPathA

dbghelp

EnumerateLoadedModules

usp10

ScriptTextOut

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/5b47a6996341128e1cf696db9d0146d0
.exe windows:4 windows x86 arch:x86

d8f5f326d59bd53d34818d2c72e3b0d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
WinExec
GetTickCount
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
SetFilePointer
WriteFile
CreateFileA
SetPriorityClass
LoadResource
FindResourceA
EnumResourceNamesA
WaitForSingleObject
GetLastError
GetWindowsDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
TerminateProcess
ExitThread
GetStartupInfoA
GetCurrentProcess
GetCurrentThread
SetThreadPriority
Sleep
CreateThread
LoadLibraryA
LockResource
GetProcAddress
GetModuleHandleA
CreateProcessA

user32

GetDesktopWindow
wsprintfA

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA
ShellExecuteA

ws2_32

closesocket
WSAStartup
inet_ntoa
select
recv
setsockopt
WSAIoctl
socket
connect
htonl
send
WSACleanup
__WSAFDIsSet
inet_addr
sendto
htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

netapi32

NetUserAdd
NetLocalGroupAddMembers

msvcrt

sprintf
strcmp
??2@YAPAXI@Z
_onexit
__dllonexit
_controlfp
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
strncmp
strcat
wcscpy
realloc
malloc
strlen
atoi
strncpy
strcspn
memset
strstr
strcpy
exit
memcpy
localtime
time
free

Sections

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/5b6f548f929c19e77579c4844faa2ba6
.html
some-samples-master/5b6f942d14871919e413d69e39ce7b84
.html
some-samples-master/5b7cb06d941b780d131d1fb8caa9d012
.js
some-samples-master/5ba2672a2ea583bcf93513a2c76fb4f2
.html .js polyglot
some-samples-master/5bcb122a4fb7d1a1513a92ed9efc87f5
.html
some-samples-master/5bdc598d37feedc1b45d5581f6574815
.html
some-samples-master/5c0e2185eca672b7142277123c3615a3
.js
some-samples-master/5c13c8c1edccce782a6878ce58100e4d
.html .js polyglot
some-samples-master/5c31a8b430acec215d76c6404472f9ac
.html
some-samples-master/5c72f5b0d7f6bca122c5d10de7f4080c
.html
some-samples-master/5c923a055b57b7aa63a4a3003bfe6083
.js
some-samples-master/5caa13d6e4daa5ea60cc8ec1bdff1fe8
.html .js polyglot
some-samples-master/5cb48d81494be1165b26c1acca0845aa
.html
some-samples-master/5cc0d3b3fb767cdc26d777175de772c9
.html .js polyglot
some-samples-master/5cc21fc5020aba86601a2e3642067c22
.js
some-samples-master/5cc97ebe0f95217e7e6acb4f3975161d
.html
some-samples-master/5ccfde6bc2ba5be726121b750c58b298
.js
some-samples-master/5d38f353b6e00f32d3df68e2d613e9a1
.html .js polyglot
some-samples-master/5d5882d84bca20995dc62faa9fd45ba5
.html
some-samples-master/5d8a2d0caf7a71aad1b80401bdab592b
.js
some-samples-master/5dcf1cba27ac7b3dda68e3770ce8f266
.elf linux x86
some-samples-master/5dde4788f3572986f74999ab372fd751
.html
some-samples-master/5dfd1137e6fde2f26496a1f9ddbf79be
.html
some-samples-master/5e28aa7d4e48c41841852a991720e0c9
.exe windows:4 windows x86 arch:x86

a60a8fef8a15cc73e0287d30a151b623

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582
MethCallEngine
ord519
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord608
ord539
ord100
ord616
ord542
ord544
ord581

Sections

.text
Size: 616KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/5e3dec5308adbd80ba109670de9a7051
.js
some-samples-master/5e5a01993639a473fa096657b439db06
.html .js polyglot
some-samples-master/5ecf41beb128003c3049152b4ec0b52f
.js
some-samples-master/5edbbcb4752b448bac58b5421127fa39
.html
some-samples-master/5edf8d7073adafb2c61728232859f1cd
.js
some-samples-master/5f040dc5f7dac442cd11c9868566dc8e
.js
some-samples-master/5fa5ff00f8637efa5f6a3e9c7f0d04e3
.js
some-samples-master/5fac4ff12c5a684866547c263815e3ee
.js
some-samples-master/5fb5a0aa70b5b2a060325ecdc6d557fb
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/5fba3695c9d7bcb50e284e477e387331
.exe windows:4 windows x86 arch:x86

c2e6155614bd15cb06494fa52b00ca6d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
ord517
_adj_fprem1
ord519
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
ord702
_adj_fdivr_m16i
ord598
__vbaVarTstLt
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
DllFunctionCall
_adj_fpatan
ord676
__vbaRedim
ord678
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
ord539
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarAdd
__vbaVarCopy
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/5fefa28dc272db8c0958ca9d47e6c67d
.exe windows:4 windows x86 arch:x86

e5fc5a45d628ebc048d2e26a9ac81d4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaStrI2
__vbaR8ForNextCheck
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaFreeVar
__vbaAryMove
__vbaLateIdCall
__vbaStrVarMove
__vbaLenBstr
__vbaEnd
__vbaFreeVarList
__vbaPut3
_adj_fdiv_m64
__vbaRaiseEvent
__vbaFreeObjList
ord516
_adj_fprem1
ord518
__vbaRecAnsiToUni
__vbaCopyBytes
__vbaResume
__vbaStrCat
__vbaLsetFixstr
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord666
__vbaAryVar
__vbaAryDestruct
__vbaLateMemSt
ord591
__vbaExitProc
ord593
__vbaI4Abs
ord594
__vbaObjSet
__vbaOnError
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaBoolVar
__vbaRefVarAry
__vbaBoolVarNull
__vbaFpR8
__vbaVarTstLt
_CIsin
ord631
__vbaErase
ord525
__vbaChkstk
ord526
__vbaFileClose
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaStrCmp
__vbaGet3
ord529
__vbaAryConstruct2
__vbaPutOwner3
ord561
__vbaI2I4
DllFunctionCall
__vbaCastObjVar
__vbaLbound
__vbaRedimPreserve
__vbaStrR4
_adj_fpatan
__vbaLateIdCallLd
__vbaRedim
__vbaRecUniToAnsi
EVENT_SINK_Release
__vbaNew
ord600
__vbaUI1I2
_CIsqrt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaUI1I4
__vbaStr2Vec
__vbaExceptHandler
ord711
__vbaStrToUnicode
__vbaPrintFile
_adj_fprem
_adj_fdivr_m64
__vbaFPException
ord717
__vbaStrVarVal
__vbaUbound
__vbaVarCat
ord535
__vbaI2Var
ord537
ord644
__vbaStopExe
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
ord648
__vbaNew2
ord570
__vbaVar2Vec
_adj_fdiv_m32i
ord572
_adj_fdivr_m32i
__vbaStrCopy
ord573
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord578
ord685
ord100
__vbaI4Var
__vbaVarAdd
__vbaAryLock
__vbaVarDup
__vbaStrToAnsi
__vbaFpI2
__vbaFpI4
ord616
ord617
_CIatan
__vbaUI1Str
__vbaCastObj
__vbaStrMove
__vbaAryCopy
__vbaStrVarCopy
__vbaR8IntI4
ord619
_allmul
__vbaLateIdSt
_CItan
__vbaFPInt
__vbaAryUnlock
_CIexp
__vbaRecAssign
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/5ffdc8b7825f72a04d5c97b6a4d80e7e
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/604cfaa798e41c675e81480806cc5877
.js
some-samples-master/6061706495985dc7882aa3164456eb6a
.html .js polyglot
some-samples-master/606de03f65b2d31185a92de14b9c81bd
.html
some-samples-master/6075553af99fc0bb3832a74ccd1a0432
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/60845bcba502021120bd7783195a7c99
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

GetInstantMediaInfo

Sections

.text
Size: 308KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gda
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/609a36eafa8fa35b7518cca1f7ce9110
.exe windows:4 windows x86 arch:x86

28e3a58132364197d7cb29ee104004bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
Process32Next
Process32First
ExitThread
GetTickCount
GetCurrentProcessId
TerminateThread
GetWindowsDirectoryA
GetCurrentProcess
GetSystemDirectoryA
GetLocalTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalMemoryStatusEx
GetSystemInfo
ExitProcess
RemoveDirectoryA
DuplicateHandle
OpenEventA
WinExec
GetCurrentThreadId
CopyFileA
SetFileAttributesA
GetVersion
DeviceIoControl
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
GetModuleHandleA
GetComputerNameA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
lstrcmpiA
GetExitCodeThread
CreateToolhelp32Snapshot
LocalAlloc
FindFirstFileA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
CreateProcessA
CreateDirectoryA
GetLastError
DeleteFileA
CreateThread
GetVersionExA
GetPrivateProfileStringA
lstrcmpA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcatA
ExpandEnvironmentStringsA
GetPrivateProfileSectionNamesA
lstrlenA
OpenProcess
GetFileAttributesA
CancelIo
InterlockedExchange
lstrcpyA
ResetEvent
WaitForSingleObject
WideCharToMultiByte
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
SetEvent
Sleep
CreateEventA
LocalSize
HeapFree
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
RaiseException
GetFileSize
GetModuleFileNameA

user32

GetForegroundWindow
GetAsyncKeyState
GetKeyState
BlockInput
SendMessageA
SystemParametersInfoA
keybd_event
MapVirtualKeyA
SetCapture
GetWindowTextA
SetCursorPos
mouse_event
ExitWindowsEx
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
ReleaseDC
GetCursorPos
GetMessageA
GetInputState
IsWindowVisible
PostMessageA
ShowWindow
EnumWindows
MessageBoxA
wsprintfA
CharNextA
CloseClipboard
PostThreadMessageA
WindowFromPoint
GetThreadDesktop
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
OpenDesktopA

gdi32

GetDIBits
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateCompatibleBitmap

advapi32

EnumServicesStatusA
IsValidSid
LookupAccountNameA
LsaClose
LsaRetrievePrivateData
LsaOpenPolicy
RegCloseKey
RegQueryValueA
RegOpenKeyExA
StartServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
UnlockServiceDatabase
ChangeServiceConfigA
LockServiceDatabase
QueryServiceStatus
DeleteService
ControlService
QueryServiceConfigA
RegOpenKeyA
CreateProcessAsUserA
SetTokenInformation
DuplicateTokenEx
StartServiceCtrlDispatcherA
ChangeServiceConfig2A
CreateServiceA
RegCreateKeyA
CloseEventLog
ClearEventLogA
OpenEventLogA
LookupAccountSidA
GetTokenInformation
OpenProcessToken

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetFileInfoA

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString

wininet

InternetCloseHandle

mfc42

ord6648
ord2764
ord4129
ord926
ord924
ord922
ord535
ord858
ord6663
ord860
ord4278
ord2818
ord939
ord6877
ord800
ord540
ord823
ord825
ord537

msvcrt

vsprintf
calloc
wcstombs
_beginthreadex
wcscpy
mbstowcs
fopen
fwrite
fclose
__getmainargs
_mbsstr
wcsstr
_mbslwr
_wcsupr
_iob
fprintf
_CIacos
time
srand
rand
_errno
strchr
strcat
strncpy
strncmp
atoi
strrchr
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
exit
_CIpow
__dllonexit
_onexit
_exit
_XcptFilter
printf
_acmdln
_stricmp
_strnicmp
_access
_local_unwind2
__CxxFrameHandler
memcpy
memmove
_ftol
memcmp
_purecall
sprintf
strcpy
strlen
strstr
memset
_except_handler3
strcmp
free
malloc

netapi32

NetUserAdd
NetLocalGroupAddMembers
NetUserGetInfo
NetApiBufferFree
NetUserGetLocalGroups
NetUserSetInfo
NetUserDel
NetUserEnum

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

ws2_32

listen
sendto
recvfrom
__WSAFDIsSet
WSASocketA
htonl
accept
WSAGetLastError
connect
setsockopt
WSAIoctl
WSACleanup
getpeername
bind
getsockname
inet_addr
inet_ntoa
send
select
recv
ntohs
closesocket
socket
gethostbyname
gethostname
htons
WSAStartup

userenv

GetProfilesDirectoryA
GetUserProfileDirectoryA

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA
WTSEnumerateSessionsA

psapi

EnumProcessModules
GetModuleFileNameExA

winmm

waveInStart
waveInOpen
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInGetNumDevs
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveInReset

Sections

.3y3Jk3p
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xqLYm6v
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.TmqlIYP
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Qb6P0wK
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oR3bg80
Size: 69KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Du9GSmz
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

fdfgdfgd
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/609ebcc284da7de4cc9d176a36e5608c
.html .js polyglot
some-samples-master/60bff34118410797a6af975ad44f30b0
.exe windows:4 windows x86 arch:x86

412dc7f10a73d76f53eef0202fc88e4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

mfc42

ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord6625
ord4457
ord5252
ord825
ord823
ord4163
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord5012
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord540
ord338
ord800
ord4823
ord5440
ord858
ord5651
ord3127
ord3616
ord860
ord350
ord3126
ord3613
ord3663
ord2740
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord813
ord560
ord5260
ord4133
ord4297
ord2535
ord3693
ord3626
ord2414
ord1641
ord2859
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord4159

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strcmp
memset
memcpy
_ftol
_CxxThrowException
__CxxFrameHandler

kernel32

HeapCreate
GetProcAddress
LoadLibraryA
HeapAlloc
HeapDestroy
HeapFree
GetStartupInfoA
GetModuleHandleA
OutputDebugStringA

user32

UpdateWindow
EnableWindow
MessageBoxA
GetClientRect
GetDC
wsprintfA

gdi32

SelectObject
CreatePen

Exports

Exports

Ip

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/60d6761cf2325c5fe66eab0c610a9b4a
.html
some-samples-master/60e5b733eb3feac3203cba6b87e96e56
.js
some-samples-master/60f58cd5e93ad8bcaa5859d6386c87e8
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 240KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

QinVv
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/60f75cc9b401774cfe3b91c8e12e6bdd
.html
some-samples-master/60fb59e1e30782c2e03a742124d09aac
.html .js polyglot
some-samples-master/6114d93e05f70d2c374b49e43dbffda3
.exe windows:5 windows x86 arch:x86

1c6c4ab66f19220993eeea15d5c49645

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\kreid\Desktop\이모탈 최종 수정\Release\Win32Project8.pdb

Imports

kernel32

SuspendThread
ResumeThread
GetModuleHandleA
OpenProcess
HeapSize
GetCommandLineA
CreateToolhelp32Snapshot
Sleep
GetLastError
TerminateThread
HeapReAlloc
CloseHandle
RaiseException
CreateThread
HeapAlloc
HeapDestroy
GetProcAddress
DeleteCriticalSection
ReadProcessMemory
GetCurrentProcessId
GetProcessHeap
FreeLibrary
GetTickCount
OpenThread
IsDebuggerPresent
WaitForSingleObject
DeleteFileA
SizeofResource
LockResource
FindResourceExW
LoadResource
FindResourceW
VirtualAllocEx
WideCharToMultiByte
CreateRemoteThread
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
Thread32First
Thread32Next
InitializeCriticalSectionAndSpinCount
GetProcessId
TerminateProcess
GetCurrentProcess
HeapFree
WriteProcessMemory

user32

EnableWindow
SendMessageA
SetClassLongA
UnhookWindowsHookEx
SetDlgItemTextA
GetWindowThreadProcessId
IsWindowVisible
PostMessageA
ScreenToClient
SendMessageW
CallNextHookEx
WaitForInputIdle
EndDialog
DialogBoxParamA
ShowWindow
GetDlgItemTextA
FindWindowExA
SetWindowsHookExA
SetDlgItemTextW
GetDoubleClickTime
MessageBoxA
GetForegroundWindow
LoadIconA
EnumWindows
SendDlgItemMessageA
GetDlgItemInt
GetDlgItem
PostQuitMessage
SetDlgItemInt
GetWindowTextLengthA
GetCursorPos
EndPaint
BeginPaint

gdi32

SetTextColor
SetBkColor
DeleteObject
CreateSolidBrush

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

shell32

ShellExecuteExA
DragQueryFileA
DragFinish

libcrypto-1_1

SHA256_Final
SHA256_Init
SHA256_Update

msvcp140

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_BADOFF@std@@3_JB
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ

vcruntime140

_except_handler4_common
_CxxThrowException
__std_exception_destroy
__std_exception_copy
memcpy
__vcrt_InitializeCriticalSectionEx
__CxxFrameHandler3
memset
memmove

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_get_narrow_winmain_command_line
_initterm
_initterm_e
_exit
exit
_c_exit
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_cexit
_invalid_parameter_noinfo
terminate
_controlfp_s
_errno
_crt_atexit
_invalid_parameter_noinfo_noreturn
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-stdio-l1-1-0

fclose
fread
fopen
__stdio_common_vsprintf
__stdio_common_vfprintf
__p__commode
__acrt_iob_func
_set_fmode

api-ms-win-crt-heap-l1-1-0

_callnewh
_set_new_mode
free
malloc

api-ms-win-crt-convert-l1-1-0

atof
atol

api-ms-win-crt-string-l1-1-0

strnlen

api-ms-win-crt-math-l1-1-0

_except1
__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/611e3ccdf8ab9d4ac038cfe6dc6d6f6c
some-samples-master/612078b5ad1aeca81ef8d53c63e7288f
.js
some-samples-master/616a68e4bc25fa892027651fde00a67f
some-samples-master/618825d5a9a5f740e68d2092ec3cda98
.html .js polyglot
some-samples-master/619cd745110ee8c02d1807faa1a62c35
.html .js polyglot
some-samples-master/61dae9a483748ecaacf9515cc1d8e7f1
.exe windows:5 windows x86 arch:x86

3eef63a9074cade023a62e2ebdf31860

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Projects\7妹子\20150606\Server\Release\Server.pdb

Imports

ws2_32

WSAIoctl
select
recv
__WSAFDIsSet
gethostname
connect
WSAStartup
inet_addr
htonl
htons
setsockopt
sendto
socket
closesocket
gethostbyname
send
WSASocketA

iphlpapi

GetNetworkParams

dnsapi

DnsFree
DnsQuery_A

kernel32

ReadConsoleW
LCMapStringW
FlushFileBuffers
SetStdHandle
WriteConsoleW
CreateFileW
IsDebuggerPresent
CreateFileA
GetTickCount
WriteFile
GlobalAlloc
InitializeCriticalSectionAndSpinCount
Sleep
TerminateProcess
RaiseException
GetLastError
GlobalFree
DecodePointer
DeleteCriticalSection
CloseHandle
DeleteFileA
CreateThread
GetCurrentProcess
WaitForSingleObject
CopyFileA
GetModuleFileNameA
GetCurrentThreadId
GetCurrentProcessId
ExitProcess
GlobalMemoryStatus
SetErrorMode
FreeLibrary
SetUnhandledExceptionFilter
ReadFile
GetEnvironmentVariableA
GetProcAddress
LoadLibraryA
GetSystemInfo
CreateMutexA
GetVersionExA
WinExec
HeapFree
HeapAlloc
EncodePointer
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCommandLineA
GetProcessHeap
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
GetModuleFileNameW
HeapSize
SetLastError
UnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
CreateDirectoryW
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExW
OutputDebugStringW
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
GetStringTypeW
SetEndOfFile

user32

wsprintfA

advapi32

AllocateAndInitializeSid
FreeSid
CheckTokenMembership
OpenProcessToken
RegSetValueExA
RegQueryValueExA
RegCloseKey
AdjustTokenPrivileges
RegOpenKeyA
LookupPrivilegeValueA

shell32

ShellExecuteExA
SHGetSpecialFolderPathA

shlwapi

PathFindFileNameA
PathRemoveFileSpecA

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/61eebdeec596d2f9c65010eb4d623750
.html
some-samples-master/620358334fb400b4fc89dd05ea6512a6
.html .js polyglot
some-samples-master/620e7780fdc5367d4b8f72cb44f261a9
.html .js polyglot
some-samples-master/62122b1ded1e0e360cf900a8dd9c48c6
.html .js polyglot
some-samples-master/62164fc7bdf05535f238f6c32c0712b5
.js
some-samples-master/621c0b356c49edc5ce4cf3ee88c30f82
.exe windows:5 windows x86 arch:x86

cea1dd997df5b4005e10de1ef8f6c407

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetFileSizeEx
GetFileTime
GetTickCount
HeapReAlloc
RtlUnwind
RaiseException
GetCommandLineA
GetStartupInfoA
ExitProcess
VirtualProtect
GetSystemInfo
VirtualQuery
HeapSize
HeapCreate
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GetModuleHandleW
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
WritePrivateProfileStringA
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GetVersionExA
InterlockedDecrement
FormatMessageA
LocalFree
MultiByteToWideChar
MulDiv
lstrlenA
GlobalUnlock
GlobalFree
FreeResource
GetCurrentProcessId
GetLastError
SetLastError
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
GetLocaleInfoA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
GetModuleHandleA
WideCharToMultiByte
GetFileSize
ReadFile
CreateFileA
WriteFile
CloseHandle
FindResourceA
LoadResource
LockResource
SizeofResource
HeapAlloc
FreeLibrary
GetProcessHeap
HeapFree
Sleep
IsBadReadPtr
VirtualFree
LoadLibraryA
GetProcAddress
GetEnvironmentStringsW
VirtualAlloc

user32

RegisterClipboardFormatA
PostThreadMessageA
CharNextA
CharUpperA
GetSysColorBrush
ReleaseCapture
LoadCursorA
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextA
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
OffsetRect
IntersectRect
GetWindowPlacement
GetWindowRect
GetSysColor
SystemParametersInfoA
DestroyMenu
CopyRect
UnhookWindowsHookEx
DrawIcon
AppendMenuA
SendMessageA
GetSystemMenu
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
GetForegroundWindow
CopyAcceleratorTableA
IsIconic
GetClientRect
LoadIconA
EnableWindow
GetSystemMetrics
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
SetWindowsHookExA
SetCursor
MessageBoxA
IsWindowEnabled
GetLastActivePopup
GetWindowLongA
GetWindowThreadProcessId
EndDialog
GetNextDlgTabItem
GetDlgItem
IsWindow
GetClassLongA

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
SetWindowExtEx
ScaleWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
TextOutA
RectVisible
PtVisible
CreateBitmap
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
ExtTextOutA
GetObjectA
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA

oledlg

ord8

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CoGetClassObject

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
VariantCopy
SysFreeString

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/62301e2210aa4d1b42409243ecac2225
.exe windows:4 windows x86 arch:x86

9c15ccc622da634e443d97681aa24fe4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
BeginPaint
GetParent
SetWindowLongW
GetWindowLongW
CopyRect
GetWindowRect
GetClientRect
SetWindowTextW
EnableWindow
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
FrameRect
CharUpperBuffW
ModifyMenuW
SetMenuDefaultItem
CopyIcon
IsDlgButtonChecked
CheckDlgButton
GetDlgItem
MoveWindow
ShowWindow
SendMessageW
GetDoubleClickTime
LockWindowUpdate
SetParent
SetCursorPos
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
GetSystemMenu
GetComboBoxInfo
ReuseDDElParam
UnpackDDElParam
GetMenuBarInfo
InsertMenuItemW
TranslateAcceleratorW
LoadAcceleratorsW
IntersectRect
BringWindowToTop
SetMenuItemBitmaps
IsMenu
WaitForInputIdle
HiliteMenuItem

gdi32

GetCharWidth32A
GetGlyphOutlineA
ExtEscape
GetColorSpace

kernel32

GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
RtlUnwind
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetCurrentProcessId
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetFileType
IsValidCodePage
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleHandleA
GetLastError
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetProcAddress
Sleep
GetModuleHandleW
HeapCreate
HeapReAlloc
VirtualAlloc
VirtualFree
HeapSize
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetHandleCount
GetMailslotInfo
SetLastError
PostQueuedCompletionStatus
GlobalAlloc
SetUnhandledExceptionFilter
GetFileSize
GetTickCount
SetEnvironmentVariableW
LCMapStringW
GetLocalTime
GetSystemTimeAsFileTime
HeapAlloc
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapFree

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BSS
Size: 380KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/627f9b1338eba4db01633a36a6f7bc49
.js
some-samples-master/629a0bf73a1b9e97556e514a716d4afc
.html .js polyglot
some-samples-master/62b6239144bf1df1a67a511ab36f7e73
.js
some-samples-master/6343e3ea75ac7f248d6ddbbc40660906
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 41KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/634c0bdde7a28bf2e608f3e80c153351
.html
some-samples-master/63855ded640246757df10a5a46ee6109
.exe windows:4 windows x86 arch:x86

a377ca748007a040f13eec61b0d8c11f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord825
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord5252
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord2879
ord617
ord5301
ord5214
ord296
ord986
ord520
ord4159
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord6215
ord823

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
malloc
free
printf
_CxxThrowException
realloc
__CxxFrameHandler

kernel32

HeapAlloc
VirtualAlloc
GetProcAddress
LoadLibraryA
Sleep
HeapFree
VirtualFree
FreeLibrary
CloseHandle
WriteFile
ReadFile
GetFileSize
GetModuleHandleA
GetStartupInfoA
GetProcessHeap

user32

EnableWindow
UpdateWindow

Exports

Exports

stricmp

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/63a10ce379f80a6944dcd7adb4bf56f3
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/63c54c6691d60b1b050730ed64193a13
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/63df7cb53220de2f479c9f718f759293
.html .js polyglot
some-samples-master/63ed156f8d2efad83cb2d835c3575d16
some-samples-master/63f020fdd37d5fbbd716dc5e43d8dbae
.exe windows:4 windows x86 arch:x86

11d08b4a3eed579808ff2f1a8b705d71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadCursorA
RegisterClassExA
BeginPaint
EndPaint
PostQuitMessage
LoadStringA
SetFocus
MessageBoxA
DefWindowProcA
DestroyWindow
CreateWindowExA
LoadIconA
SendMessageA
ShowWindow
UpdateWindow
LoadCursorW
LoadBitmapW
InvalidateRect
ScrollWindow
RemovePropW
RegisterClipboardFormatW
SendDlgItemMessageW
RemoveMenu
ScreenToClient
DrawFocusRect
DrawFrameControl
GetClassNameA

kernel32

WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
HeapFree
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetVersion
GetCommandLineA
GetModuleHandleA
HeapAlloc
VirtualAlloc
GetProcAddress
WideCharToMultiByte
CreateFileA
GetStartupInfoA
lstrlenA
lstrcmpA
lstrcpyA
GetLastError
ExitProcess
LoadLibraryA
lstrcatA
GetCurrentDirectoryA
GetSystemInfo
SetLastError

gdi32

CreateCompatibleDC
TextOutA

comctl32

ord17

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/63f35f09a45b6973411f91c3ff1fab64
.js
some-samples-master/64584e3e6a53cf2b078f363575826c8b
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 388KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/647c1ba7a3cf2741173355ad85436a8f
.js
some-samples-master/64908def7ca76875436035e860d94d0d
.js
some-samples-master/64aa4e550527db38358e052a859a87b7
.html .js polyglot
some-samples-master/65047d9e2f90ed75a133096d982c44b5
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/6516c798cb0e4a0a66fdff8114e3cf2c
.html .js polyglot
some-samples-master/6521a92292ce620a276fc7209dc016de
.vbs
some-samples-master/652d4ee11abc4536f28d648a9115cf6e
.html .js polyglot
some-samples-master/6566f45e8c88f0bfd733e5dea11205d9
.html
some-samples-master/656feb55eade6808af9aa5c5d1f00fab
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/65d25d138098b969f4f345cdeaa043d4
.html .js polyglot
some-samples-master/6640094ede30ef2edccabe22dcec3ce7
some-samples-master/669e9b52d219d688dbcf8d615ad744ba
.js
some-samples-master/66bc0d64f2eccc2c6ec992aa7581a4db
.js
some-samples-master/66bd4f05355e7961b13964c0124f7ad8
.html .js polyglot
some-samples-master/66c08d2e00c19f858433dd3df7333385
.js
some-samples-master/66ff6bc6e98080fde0a3764a4f03ece6
.exe windows:5 windows x86 arch:x86

23ee14b7b8bad73645664a22cfd7f754

Code Sign

54:7c:fd:c5:d7:0f:d7:c9:44:a9:ba:11:e8:8c:cb:1c
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06-11-2015 00:00

Not After

05-11-2016 23:59

Subject

CN=PC Utilities Software Limited,OU=IT Department,O=PC Utilities Software Limited,POSTALCODE=W1H 1DP,STREET=78 York Street,L=London,ST=England,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19-01-2010 00:00

Not After

18-01-2038 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:1b:80:ce:9a:43:f1:e3:46:7d:57:b3:f5:91:68:6a:5f:ab:8a:b6
Signer

Actual PE Digest

dd:1b:80:ce:9a:43:f1:e3:46:7d:57:b3:f5:91:68:6a:5f:ab:8a:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\CPPwrapper_VS2010\Release_RS\optimizerpro_silent.pdb

Imports

kernel32

GetExitCodeProcess
GetModuleFileNameW
SizeofResource
LockResource
CloseHandle
WaitForSingleObject
CreateProcessW
LoadResource
GetTempPathW
FindResourceA
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
IsProcessorFeaturePresent
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
LoadLibraryW
GetProcessHeap

advapi32

RegCloseKey
RegFlushKey
RegCreateKeyExW
RegSetValueExW

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/670304102c8d68c6a734aa61ef735069
.js
some-samples-master/671f42a4f3bd9fc2a3af21d0f6fa1afd
.js
some-samples-master/674310bb921f3c25384a6980c129b9cd
.html .js polyglot
some-samples-master/6749d8e8da5c91af933609245d5233a6
.exe windows:5 windows x86 arch:x86

adf0b4b073ff0b3b11c0fe234adc2df1

Code Sign

20:19:87:7a:93:3d:8e:2e:71:54:8e:a4:ab:48:27:f1
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

06-08-2015 00:00

Not After

04-10-2017 23:59

Subject

CN=LLC Mail.Ru,O=LLC Mail.Ru,L=Moscow,ST=Moscow,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

17-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1e:6b:b3:4b:5a:1a:d6:c5:5d:99:5c:57:3b:f9:4f:72:ef:b0:91:50
Signer

Actual PE Digest

1e:6b:b3:4b:5a:1a:d6:c5:5d:99:5c:57:3b:f9:4f:72:ef:b0:91:50

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Build\desktop_apps\_out\MailRuUpdater.pdb

Imports

kernel32

DecodePointer
CreateEventW
RemoveDirectoryW
TerminateProcess
RaiseException
DuplicateHandle
WaitForSingleObjectEx
GetTickCount
GetModuleHandleA
CreateSemaphoreA
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentThreadId
GetCurrentProcess
GetEnvironmentVariableW
GetSystemTimeAsFileTime
SetFileAttributesW
GetCommandLineW
CreateProcessW
GetModuleFileNameW
WaitForSingleObject
LocalFree
GetCurrentProcessId
OpenProcess
GlobalMemoryStatusEx
EnumResourceNamesW
LoadLibraryExW
FreeLibrary
MultiByteToWideChar
OutputDebugStringW
CreateFileW
FindResourceExW
FindResourceW
SystemTimeToFileTime
GetSystemTime
SetFileTime
SizeofResource
LoadResource
LockResource
FindNextFileW
FindFirstFileW
ExpandEnvironmentStringsW
FindClose
SetEvent
CreateEventA
WideCharToMultiByte
GetACP
GetModuleHandleW
SetLastError
GetProcAddress
MoveFileExW
CloseHandle
GetLastError
GetFullPathNameA
CreateFileA
HeapCompact
SetFilePointer
MapViewOfFile
UnmapViewOfFile
UnlockFile
FlushViewOfFile
LockFile
UnlockFileEx
GetFileAttributesA
HeapCreate
HeapValidate
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetTempPathA
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
InitializeCriticalSection
DeleteFileA
QueryPerformanceFrequency
SetEnvironmentVariableA
SetEnvironmentVariableW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
VirtualProtect
VirtualFree
VirtualAlloc
FreeLibraryAndExitThread
FindFirstChangeNotificationW
FindNextChangeNotification
FindCloseChangeNotification
GetSystemDirectoryW
GetVolumeInformationW
GetComputerNameW
ReleaseSemaphore
QueryDosDeviceW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetTempPathW
GetFileAttributesW
FormatMessageW
FreeResource
ResumeThread
LoadLibraryW
CreateDirectoryW
WriteFile
GetFileSize
ReadFile
OutputDebugStringA
GetStartupInfoW
GetBinaryTypeW
GetVersionExW
ResetEvent
ReleaseMutex
WaitForMultipleObjects
CreateMutexW
OpenMutexW
SetUnhandledExceptionFilter
GetSystemInfo
GetDiskFreeSpaceExW
GetProcessTimes
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCurrentThread
Sleep
LoadLibraryA
GetStringTypeExW
LCMapStringW
LCMapStringA
GetUserDefaultLCID
GetStringTypeExA
GetCurrentDirectoryW
DeleteFileW
GetFileAttributesExW
GetFileInformationByHandle
GetFileTime
GetFullPathNameW
SetEndOfFile
SetFilePointerEx
DeviceIoControl
GetWindowsDirectoryW
CreateDirectoryExW
CopyFileW
AreFileApisANSI
FormatMessageA
IsDebuggerPresent
OpenEventA
WaitForMultipleObjectsEx
SetWaitableTimer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetLogicalProcessorInformation
CreateWaitableTimerA
RtlUnwind
GetStdHandle
GetFileType
GetModuleHandleExW
WriteConsoleW
GetConsoleMode
ReadConsoleW
GetCPInfo
IsProcessorFeaturePresent
GetConsoleCP
TryEnterCriticalSection
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
GetThreadPriority
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
UnhandledExceptionFilter
CreateSemaphoreW
ExitThread
GetDateFormatW
GetTimeFormatW
CompareStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
ExitProcess
FlushFileBuffers
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetTimeZoneInformation
SetStdHandle
IsValidCodePage
GetOEMCP
QueryPerformanceCounter
GetThreadTimes

user32

SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
FindWindowExW
wsprintfW
DestroyIcon
LoadImageW
GetIconInfo
LoadStringA
LoadStringW
SendMessageW
IsWindow
GetDlgItem
MessageBoxW

gdi32

GetDIBits
DeleteObject
DeleteDC
CreateCompatibleDC
GetObjectW

advapi32

CryptHashData
CryptVerifySignatureW
CryptDestroyKey
SetEntriesInAclW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
LookupAccountNameW
ConvertSidToStringSidW
ControlService
EnumServicesStatusW
QueryServiceConfigW
OpenProcessToken
GetTokenInformation
LookupAccountSidW
AdjustTokenPrivileges
LookupPrivilegeValueW
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
StartServiceW
StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerW
QueryServiceStatusEx
CreateServiceW
ChangeServiceConfig2W
RegQueryInfoKeyW
SetNamedSecurityInfoW
DuplicateTokenEx
CreateProcessAsUserW
RegDeleteValueW
RegEnumValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CryptCreateHash
CheckTokenMembership
CryptDestroyHash
CreateWellKnownSid
EqualSid
AllocateAndInitializeSid
FreeSid
CryptGenRandom

shell32

ord680
CommandLineToArgvW
ShellExecuteW
ShellExecuteExW
SHGetFolderPathW

ole32

CoCreateGuid
StringFromCLSID
CoInitializeEx
CoCreateInstance
CoTaskMemFree
CoUninitialize

oleaut32

VariantInit
SysStringLen
VariantClear
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

PathIsDirectoryEmptyW

urlmon

CoInternetParseUrl

psapi

EnumProcesses
GetProcessImageFileNameW
GetProcessMemoryInfo

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

wtsapi32

WTSQueryUserToken
WTSFreeMemory
WTSWaitSystemEvent
WTSEnumerateSessionsW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

crypt32

CryptUnprotectData
CryptDecodeObjectEx
CryptImportPublicKeyInfo
CryptStringToBinaryA

winhttp

WinHttpOpen
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpSendRequest
WinHttpSetStatusCallback
WinHttpSetOption
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpWriteData
WinHttpReadData
WinHttpConnect

d3d9

Direct3DCreate9

Exports

Exports

??0?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@QAE@XZ
??0?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@QAE@XZ
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@Vdate@gregorian@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vdate@gregorian@boost@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@Vpath@filesystem@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vpath@filesystem@boost@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@Vptime@posix_time@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vptime@posix_time@boost@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@23@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ@51
??_B?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@3@XZ@51
??_B?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@3@XZ@51
?get_const_instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@Vdate@gregorian@boost@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@Vdate@gregorian@boost@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@Vpath@filesystem@boost@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@Vpath@filesystem@boost@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@Vptime@posix_time@boost@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@Vptime@posix_time@boost@@@23@XZ
?get_const_instance@?$singleton@V?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@serialization@boost@@@serialization@boost@@SAABV?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@23@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@SAABV?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAABV?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAABV?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAABV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAABV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@3@XZ
?get_const_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@SAABV?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@3@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@Vdate@gregorian@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vdate@gregorian@boost@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@Vpath@filesystem@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vpath@filesystem@boost@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@Vptime@posix_time@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vptime@posix_time@boost@@@23@XZ
?get_instance@?$singleton@V?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@23@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@3@XZ
?get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@3@XZ
?get_instance@?$singleton@V?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_instance@?$singleton@V?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@3@XZ
?get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAAV?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SAAAV?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@3@XZ
?get_mutable_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ
?get_mutable_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ
?instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@Vdate@gregorian@boost@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@Vdate@gregorian@boost@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@Vpath@filesystem@boost@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@Vpath@filesystem@boost@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@Vptime@posix_time@boost@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@Vptime@posix_time@boost@@@23@A
?instance@?$singleton@V?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@serialization@boost@@@serialization@boost@@0AAV?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@23@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@3@A
?instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@0AAV?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@3@A
?instance@?$singleton@V?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@0AAV?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@3@A
?instance@?$singleton@V?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@0AAV?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@3@A
?instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@0AAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@A
?instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@0AAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@3@A
?instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@0AAV?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@3@A
?is_destroyed@?$singleton@V?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?is_destroyed@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@SA_NXZ
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?load_object_data@?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?save_object_data@?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UCollectingData@sysinfo@mailru@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UCollectingSettings@sysinfo@mailru@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UProcessInfo@sysinfo@mailru@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@UProcessKey@sysinfo@mailru@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@Vdate@gregorian@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vdate@gregorian@boost@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@Vdate@gregorian@boost@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@Vpath@filesystem@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vpath@filesystem@boost@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@Vpath@filesystem@boost@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@Vptime@posix_time@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vptime@posix_time@boost@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@Vptime@posix_time@boost@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@serialization@boost@@@serialization@boost@@CAAAV?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@34@XZ@4V?$singleton_wrapper@V?$extended_type_info_typeid@Vtime_duration@posix_time@boost@@@serialization@boost@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$iserializer@Vtext_wiarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@4@XZ@4V?$singleton_wrapper@V?$map@Vtext_wiarchive@archive@boost@@@extra_detail@detail@archive@boost@@@734@A
?t@?1??get_instance@?$singleton@V?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@serialization@boost@@CAAAV?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@4@XZ@4V?$singleton_wrapper@V?$map@Vtext_woarchive@archive@boost@@@extra_detail@detail@archive@boost@@@734@A
?t@?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@XZ@4V?$singleton_wrapper@V?$multiset@PBVextended_type_info@serialization@boost@@Ukey_compare@detail@23@V?$allocator@PBVextended_type_info@serialization@boost@@@std@@@std@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@serialization@boost@@CAAAV?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@XZ@4V?$singleton_wrapper@V?$multiset@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@Utype_compare@234@V?$allocator@PBVextended_type_info_typeid_0@typeid_system@serialization@boost@@@std@@@std@@@detail@34@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingData@sysinfo@mailru@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@UCollectingSettings@sysinfo@mailru@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessInfo@sysinfo@mailru@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@UProcessKey@sysinfo@mailru@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@V?$map@UProcessKey@sysinfo@mailru@@UProcessInfo@23@U?$less@UProcessKey@sysinfo@mailru@@@std@@V?$allocator@U?$pair@$$CBUProcessKey@sysinfo@mailru@@UProcessInfo@23@@std@@@6@@std@@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@Vdate@gregorian@3@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@Vpath@filesystem@3@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@Vptime@posix_time@3@@detail@archive@boost@@@634@A
?t@?1??get_instance@?$singleton@V?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@serialization@boost@@CAAAV?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@4@XZ@4V?$singleton_wrapper@V?$oserializer@Vtext_woarchive@archive@boost@@Vtime_duration@posix_time@3@@detail@archive@boost@@@634@A

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 608KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/6762dc5e8cf5687f9b8479c7818bd0e0
.exe windows:5 windows x86 arch:x86

2fa6daa65e3fdbb87e7067ee7fa45c4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
lstrcpyA
CloseHandle
ReadFile
GetFileSize
CreateFileA
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

tyrij

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/67770360f75083d30aabe37430e2e560
.exe windows:5 windows x86 arch:x86

a4ea82985b4425e5c12f327b98ae76dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSaveKeyW
RegRestoreKeyA
RegEnumKeyA
RegCreateKeyExA
RegReplaceKeyA
ReadEventLogW
RegUnLoadKeyA
IsTextUnicode
CryptSignHashA
ClearEventLogA
OpenEventLogW
RegOpenKeyA
RegDeleteValueW

shell32

SHGetFileInfoA
DragFinish
SHGetMalloc
ExtractIconW
ShellMessageBoxW
FindExecutableA
StrStrA
SHChangeNotify
DragQueryFileW
ShellAboutW
SHGetFolderPathA

shlwapi

UrlIsW
UrlCompareW
PathIsURLW
PathCommonPrefixW
UrlIsOpaqueW
UrlHashA
UrlIsNoHistoryW
PathCompactPathW
UrlGetPartW
PathCombineW
UrlGetLocationW
UrlEscapeA
UrlUnescapeW
PathStripPathA

untfs

Recover
Extend

comsvcs

RecycleSurrogate
CoCreateActivity
CoEnterServiceDomain

kernel32

DeleteFileA
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetCommandLineA
WaitForSingleObject
CreateWaitableTimerW
OpenEventW
WaitNamedPipeW
InterlockedIncrement
GetProcessHeap
OpenMutexA
FindNextFileA
MoveFileExW
LoadLibraryExW

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/678f66bc57bdc78ac34cfbd7cbda5f0b
.js
some-samples-master/67af794da15f1f7b714807a43e5517a9
.js
some-samples-master/67dbd75e639fb6bd3cb46269f85627bf
.js
some-samples-master/67dd905c871906316ea34a0937f9a205
.js
some-samples-master/682afe2e3ff7ab605e73404db76aa2f3
.html .js polyglot
some-samples-master/682fd115f075f91e920f296e4a62111f
.exe windows:4 windows x86 arch:x86

f364927563f71f8c941b05e157ccc61b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord459
ord561
ord743
ord5301
ord6354
ord6352
ord617
ord5500
ord5214
ord296
ord2036
ord986
ord520
ord4159
ord6117
ord2621
ord1134
ord1205
ord1199
ord1247
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord825
ord823
ord1825
ord4238
ord2486
ord4003
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord2725
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord1206
ord2623
ord338
ord1223
ord4823
ord1849
ord4244
ord2583
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord4403
ord5240
ord5290
ord3748
ord1726
ord4432
ord5253
ord4723
ord3998
ord4532
ord3371
ord3641
ord303
ord813
ord800
ord1942
ord4272
ord5259
ord3399
ord3734
ord1859
ord4246
ord3869
ord2127
ord2723
ord2391
ord3059
ord5102
ord5105
ord4468
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2880
ord2878
ord4153
ord4077
ord5237
ord2383
ord5284
ord2649
ord1665
ord4437
ord4428
ord796
ord554
ord529
ord402
ord674
ord807
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord2120
ord4457
ord5255
ord4163
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4387
ord4612
ord1168

msvcrt

_except_handler3
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
memset
_CxxThrowException
memcpy
__CxxFrameHandler
_setmbcp
__set_app_type

kernel32

CloseHandle
CreateFileA
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
GetProcessHeap
VirtualFree
FreeLibrary
VirtualAlloc
IsBadReadPtr
ExitProcess
GetModuleHandleA
GetStartupInfoA
WriteFile

user32

UpdateWindow
EnableWindow

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/683cf9bccccf3ab30d8655e0fc3996f6
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/6847276823d9b87a286e0089ad41ad93
.dll windows:5 windows x86 arch:x86

39b280f230f651f8fe415398b0c81978

Code Sign

01
Certificate

Issuer

CN=comabemltda.com.br,O=comabemltda,C=SP

Not Before

22-08-2017 06:33

Not After

22-08-2019 06:33

Subject

CN=comabemltda.com.br,O=comabemltda,C=SP

09:27:90:25:28:0f:c8:62:ff:49:64:f1:87:4b:3f:1f:91:ad:06:27
Signer

Actual PE Digest

09:27:90:25:28:0f:c8:62:ff:49:64:f1:87:4b:3f:1f:91:ad:06:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysAllocStringLen

advapi32

RegReplaceKeyW

user32

DdeConnect

kernel32

GetVersion
GetVersionExW
GetVersion
VirtualQuery
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

CreateHalftonePalette

version

VerQueryValueW

netapi32

NetWkstaGetInfo

ole32

OleSetMenuDescriptor

comctl32

ImageList_DragMove

msvcrt

memcpy

shell32

SHGetSpecialFolderLocation

wininet

DeleteUrlCacheEntryW

winspool.drv

DocumentPropertiesW

wsock32

recv

Exports

Exports

PontoEntraKL
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/6879cf13a200a2525fed9d76cbeb0a13
.html .js polyglot
some-samples-master/68ccbe421043b5f881902c8aa7f9143a
.html .js polyglot
some-samples-master/68d8eecc9c4541d275b9da291a60492e
some-samples-master/69.90.132.142/
.elf linux arm
some-samples-master/69.90.132.142/apache2
.elf linux arm
some-samples-master/69.90.132.142/bash
.elf linux x64
some-samples-master/69.90.132.142/cron
.elf linux ppc
some-samples-master/69.90.132.142/ftp
.elf linux x86
some-samples-master/69.90.132.142/ntpd
.elf linux mipsbe
some-samples-master/69.90.132.142/openssh
.elf linux sh
some-samples-master/69.90.132.142/pftp
.elf linux
some-samples-master/69.90.132.142/sh
.elf linux sparc
some-samples-master/69.90.132.142/sshd
.elf linux mipsel
some-samples-master/69.90.132.142/tftp
.elf linux arm
some-samples-master/69.90.132.142/wget
.elf linux x86
some-samples-master/690af5d02ba6f9e3058ad37ca654cbd8e2872ddd5b22080e27e8c558eecaa88f
.sh linux
some-samples-master/69130688d5c3b7bdefbea1da26e96c02
.js
some-samples-master/69231c0c5f533a3bee41c1fbdbb53d88
.exe windows:5 windows x86 arch:x86

5eaac47720578002935bc805bee562e3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
TerminateThread
GetACP
GetLastError
GetProcAddress
GetExitCodeThread
GetModuleHandleA
CompareStringW
WriteConsoleOutputCharacterW
GetTimeZoneInformation
FlushFileBuffers
CloseHandle
CreateFileA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GlobalMemoryStatus
CompareStringA
FillConsoleOutputCharacterA
GetStartupInfoW
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetOEMCP
IsValidCodePage
MultiByteToWideChar
HeapSize
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
SetEnvironmentVariableA

user32

GetNextDlgGroupItem
LoadBitmapA
LoadIconA
GetRegisteredRawInputDevices
GetRawInputDeviceInfoA
LoadAcceleratorsA
RegisterRawInputDevices
LoadCursorA
GetDlgCtrlID
GetDialogBaseUnits
LoadCursorFromFileA

advapi32

ChangeServiceConfigW
ClearEventLogW

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 821KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/6937d66eda2ec30443861583e717c55a
some-samples-master/695c165f9f69ce9d133d7fc0ebcd4f4b
.js
some-samples-master/6a268d9eccc29c8e6cecfce9df44740b
.js
some-samples-master/6aa871825dc1a8137303d604afdfe9e0
.html
some-samples-master/6ab1a56516d5ef8fd50c4c607f414759
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.heb
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/6aeb958bf5fad79b2f7127bc8de1c6d3
.js
some-samples-master/6af431cc9821d0a6d956a228e7943b0a
.exe windows:5 windows x86 arch:x86

0cd4ab3a47a1a51b9c1f295cd6d874b1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\true\Settle\Children\Ball\hole\dress\Record\BabyCatch.pdb

Imports

kernel32

GetCPInfo
GetOEMCP
HeapFree
HeapAlloc
HeapReAlloc
GetStartupInfoW
RtlUnwind
RaiseException
VirtualAlloc
HeapSize
ExitProcess
TerminateProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetACP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetProcessHeap
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetLocaleInfoA
GlobalFlags
CreateFileA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
lstrcmpA
GlobalGetAtomNameA
InterlockedIncrement
GetModuleHandleW
CompareStringA
GetCurrentThreadId
CloseHandle
FormatMessageA
MultiByteToWideChar
lstrlenA
GetCurrentProcessId
GetModuleFileNameA
FreeLibrary
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
SizeofResource
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GetLastError
SetLastError
Sleep
UnhandledExceptionFilter
WaitNamedPipeA

ws2_32

connect
gethostbyaddr
WSAStartup
WSACleanup
bind
accept
closesocket
socket

oleaut32

VariantClear
VariantChangeType
VariantInit

user32

PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
DestroyMenu
ClientToScreen
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetWindowTextA
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
SendMessageA
GetParent
GetWindowLongA
SetWindowTextA
RegisterClassA
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxA
UnhookWindowsHookEx
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA

gdi32

CreateBitmap
SetBkColor
DeleteObject
ExtTextOutA
SaveDC
RestoreDC
SetMapMode
PtVisible
RectVisible
TextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
SetTextColor
GetClipBox
GetDeviceCaps

Sections

.text
Size: 455KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/6b22c7fc37f15ab7826c7ea8ab059b31
.html
some-samples-master/6b475e51a3efe0f145418c6fd9d81a4a
.html .js polyglot
some-samples-master/6b65854efc1106dc1783a31a4e185c01
.html .js polyglot
some-samples-master/6b6dcc5e793ff5684f1e5418cf7077a2
.js
some-samples-master/6b7505d143f524859f5cca61ada68cf4
.html .js polyglot
some-samples-master/6b84d15c887367907dac30e8d07fbbe4
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

TenXu
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zwt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/6b9efd0f6d97cf78b15089828973c2bb
.html .js polyglot
some-samples-master/6ba5bb3af009c36d73f0d3251108c92a
.html
some-samples-master/6bd26cf5c685f77d039470ae3395cc5d
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/6c0b779eb073feae504282c1e89dbc2a
.js
some-samples-master/6c1b042d104d1a851f8867ab860cd313
.html .js polyglot
some-samples-master/6c2adbd78ed3229f994b0b1083d10435
.html .js polyglot
some-samples-master/6c4451e10064eb10d087edc76b44c4eb
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xiaozi
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/6c508cd3e814a370360fa619b6f38045
.js
some-samples-master/6cbc9666b86a7473d750257a7b12d7a7
.js
some-samples-master/6cd9bea620cd41caa1eda4ecc3721a34
.exe windows:4 windows x86 arch:x86

a675ed5c5e4f3f2350a36036a89c9b18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

imm32

ImmGetCompositionStringW

winspool.drv

DeleteMonitorA

shell32

SHGetFileInfoA

comdlg32

CommDlgExtendedError

msvcrt

wprintf
srand

gdi32

AddFontResourceA
GetTextMetricsA

kernel32

LocalAlloc
GetProcAddress
GetLastError
InterlockedExchange
FreeLibrary
LocalFree
LoadLibraryA
QueryActCtxW
QueryDosDeviceW
GetComputerNameExW
ExitProcess
AreFileApisANSI
IsValidCodePage
RaiseException

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/6d0b1dfafdcfd66329882928ca77885e
.html
some-samples-master/6d34d224a7720ba47b681d7d77ef99ec
.html .js polyglot
some-samples-master/6d3a69a2f33bd3ad8d1d7aab38975ca0
.html .js polyglot
some-samples-master/6d7ef86775a953d44f42dfcd53abd646
.exe windows:4 windows x86 arch:x86

36ad125d833d401ebd011e5cfb5c0ce2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
ReleaseMutex
GetFileSize
GetFileAttributesA
WaitForSingleObject
GetLastError
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
ExitThread
GetStartupInfoA
GetModuleHandleA
CloseHandle
WinExec
LoadLibraryA
GetProcAddress
GlobalAlloc
Sleep
TerminateProcess

user32

GetDesktopWindow
wsprintfA

advapi32

StartServiceCtrlDispatcherA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA

ws2_32

WSAStartup
closesocket
htonl
select
recv
setsockopt
socket
connect
WSACleanup
send
htons
__WSAFDIsSet
inet_addr
sendto
inet_ntoa

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
realloc
malloc
atoi
strncpy
strcspn
strstr
sprintf
strncmp
exit
free

Sections

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/6db50873565946688adbc295b71df792
.elf linux x64
some-samples-master/6dbf90396d524e6659cd7708535a64e4
.html
some-samples-master/6dc33eb4cf615919897a419c6c96e46e
.exe windows:4 windows x86 arch:x86

b454611f3b3d425a234f0759edb8f715

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
ord588
__vbaStrVarMove
ord697
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaOnError
_adj_fdiv_m16i
ord702
_adj_fdivr_m16i
ord521
ord523
__vbaVarTstLt
_CIsin
ord525
__vbaChkstk
EVENT_SINK_AddRef
__vbaVarTstEq
DllFunctionCall
ord672
__vbaLbound
_adj_fpatan
ord675
ord678
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
_adj_fprem
_adj_fdivr_m64
ord609
__vbaFPException
ord538
_CIlog
ord539
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarAdd
__vbaVarDup
ord613
ord616
_CIatan
__vbaStrMove
ord619
ord542
_allmul
_CItan
ord547
_CIexp
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 456KB - Virtual size: 453KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/6dcf16f5c9521d03008c914247ccde96
.html .js polyglot
some-samples-master/6dda8db9a3bc95b425d708a5360753d6
.html .js polyglot
some-samples-master/6e0dfb28d34aa8fb44639fca29a684d5
.html
some-samples-master/6e1def1b6a1178069d955553caf87ac8
.js
some-samples-master/6e20b6d5b3d24210c118c1049436f9ef
.dll windows:5 windows x86 arch:x86

b55a1a2f7d4f8d77bf4e45c63ee202c6

Code Sign

01
Certificate

Issuer

CN=luzscotch.com.org,O=luzscotch,C=GO

Not Before

21-08-2017 18:47

Not After

21-08-2018 18:47

Subject

CN=luzscotch.com.org,O=luzscotch,C=GO

3b:fb:16:a7:a8:15:93:0a:82:7a:76:ff:12:4f:c0:6f:21:17:44:96
Signer

Actual PE Digest

3b:fb:16:a7:a8:15:93:0a:82:7a:76:ff:12:4f:c0:6f:21:17:44:96

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SafeArrayGetUBound

advapi32

RegSetValueExW

user32

GetKeyState

kernel32

GetVersion
GetVersionExW
GetVersion
GetFileAttributesExW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

gdi32

SetBkColor

version

GetFileVersionInfoSizeW

netapi32

NetApiBufferFree

ole32

CreateBindCtx

comctl32

ImageList_DrawEx

msvcrt

memset

shell32

IsUserAnAdmin

wininet

DeleteUrlCacheEntryW

winspool.drv

DocumentPropertiesW

wsock32

htons

Exports

Exports

PontoEntraKL
TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
i��+�7�'X�36.��UyG��C�q$ŏQ��b��o��w��و*�=��N�y�3BV��]�T�f��L}�$�V �Q)셀��q�4��"Γ�3԰Eq cE�9.�H��~q��RJDR)� �V4ٞ��i��x�X�傖�4��D�I��Q��q}�<Ǖ�N�A�F��E)��.�D'��Ҳ��z��sM��!r��c�v'��L��H@4+��[��!7�Q��9 wA��'衡&�B!�sAL��8r�h� ��*��4�2�m��n�&�[��$t��~4�F�+O0�2Ӱ U6m��hޑ<N�l��=c��\�"s�[�%�Mb.��31��Y'��B[�>}��Q�&`o�2��mH�\�g/��&t#7�c��<�Ѕb�I�a��׭v�%�4V��ԑ� IU��3�؃�#@�ɚq�L�>�x��T͔nj��)"�� ' ��ҏ�{S�hzw�$�q*H!� ��r0ʂ{q��]��ϳ钨P%�H��zt �<g&L��RiOyR��`on,�o>�j| V�؟��eN�YWT��n�P4�\�4u�1�<��*��Ak�L��P{n(xfs{v�2hq��_`��o\��`}GF!>,W@{�ԣ}�- ��"�c= D3�a؇o2��<W4�_��}�c�� N �Kn�`��6Ti��f�ip��|��HX�&��t��~��'OՈ�_�0�q��m[��.E7O� ˠ̄�d��hCz�}f ��8GX�ݭ�e�l*b!#��5�M��r��@�G�J�B7u7��X�~�1�C�ugT��3��1S�u��M�� &��g��`�@S��i��M�0 �+��[��f%��I�]L��IFU�p�[a�F�80�PC�WDξ��k�V �̐��h�\��r�淉��+ס��'WB�9��(��N �Zo-�he��Q9>^) T$D�S��P��Dr�n�v,m��|��L�^u΀"�I]�8R9ã�״)��l(h�0s5ԁ�g.9�rܱ5��#�w��¯�v��i��=��l6�hͳn�![��!��F={�"��DB�C�`��*�&�� T��j��ɦH��, �x�~�,/�(�g��.��Vb�w�s��4&��%�J��~�U4|�d��|�E��>�Q��|��w^�փ�)xX�f��J;y>��v��ȳ;�_IJ�G�@�n��*[7��X��+��]e�y��K�{��n�J4�}��lt{�Rz��3�`��Q6�wR藍��U,G�na�R��.��XIz9�>�Y��2L�Ea��F�"��EZ��QF��壯�6��H�[�%��3T�lq�U03��Ϯ9ƌ��v�_��7^)��M�'��B.'0��*8m5g!Qff��=[��n5�(=FsB�s�@o��x��WYdK��!��1��k#��nt��^S��ծ��$[MU��j��M��?�7�� r4L��ˏ9FU�V��\ām`��iN�e��GY�a�Jle�UG'�d��҃8{,#�Iʴ��a��>�99t��B�(+;��^�1�D�K�W�{|��_8b�wr�3?��1��L��2u�ݳm�z]�W�v�3#�� ]ϙRv�$]��F ��q��V��Y.S�ש9Y�2�,-��Yr��Jj3��^��TW��X}��)�/2��r�q qw݄�<o�{�wS ��Y��B�Pe�?ڗ�� l�X8:KE>U��1$"�]�]��n�<�|��K��J�:.;��z��'��E��b�Q�"+��^� ��g�.+��opD��Y��p[��ph�w�W�7�� ז ��t��E@��3�!�|��s>��j��$��D*t��V��c��bD��ӕK��ծ��M�h=�~�� 4Jp/�$^��M�a�� A�p7zUⵂ ��r��Aƀ6�]�Q��ϑ��TĬ)F�Z��7�A�9�� $�G�K��Q=8yh��Hl��%f��Β�'��S�=Q|r�ޮ?��,5��X�g��R$�9՟map͋N��։ V��gG��".�}��t�E� VG�ҒT�s�N$$G��3�nn�� Kwp�۵/>l�?��Hx.|��"��54��3�� ӋV��;HӼvj�F9`��c-��oK0�/�J�qx{�IX�P��Y#4mpPL�*k�;+#�^�Rڂ�n�;�/�v�~0�Y��@kC�V��!��E ��=��u��n��y��D��^�\�L%XI0��<{��W�;w.�qadQ��n��:��a��D��ğ�!�r0Ho�HQ(�j��^�1�u��)f�.��,�Q}m��HmHق�s�\��?�(̰߄'ct��A�/{�k�י��;x(AM�o��IB͆/�X�O��;�Z��?i��}��#V�ջ��G��vF4��Cu��d�xP�D�cGў��p��"q�v��g.��lϱ�afi��,��A�%�~�cT� ;��2+*ZQkQ� ��){��&+e>Vq��W4wCI(F�a�6��ap`�)i�)�±��*��z#D7h߰�@��U��R�"3��}A(��SS��Z�O'��ֲ�#U$�� ܧ% ��F��'��;Ɵ��k��&j�L�� ?��Ԗhw��`��U��P},�_�ˣ�`��b��1�q�pi�+|�4��)?ct��J��.d�N[� �'J�3v�$�4�t7��D~�S�q RJVŶ�� Ur��ת�`�S��$�]Fu<��i�{#��C�wb*/��

Sections

.text
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: - Virtual size: 181B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/6e28e9582f7b2fbeb2cb227946af4c91
.html
some-samples-master/6e5bfd980393a414e1c714a0ff4cacf7
.html .js polyglot
some-samples-master/6e60fbd111b8883396d8531cb12c6135
.js
some-samples-master/6e84c3786fd64fa04bddb85bf2c81512
.html
some-samples-master/6e92cc3dc7bcdc96e4369f522edc37b1
.html .js polyglot
some-samples-master/6ea5177e6c6dab05f0b38fb8d8f5c2d4
.exe windows:4 windows x86 arch:x86

6d3700c4e08e81f815c03b342751446b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetModuleFileNameA
CopyFileA
CloseHandle
ReadFile
GetFileSize
IsBadReadPtr
WriteFile
GetCommandLineA
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
GetModuleHandleA
CreateFileA
GetProcessHeap
GetTempPathA
GetSystemDirectoryA
GetWindowsDirectoryA
GetVersionExA
GetLastError
GetCurrentProcess
MultiByteToWideChar
WideCharToMultiByte
GetStartupInfoA
GetVersion
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
GetProcAddress
RaiseException
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
SetFilePointer
SetUnhandledExceptionFilter
IsBadCodePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers

user32

TranslateMessage
DispatchMessageA
wsprintfA
MessageBoxA
GetMessageA
PeekMessageA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/6ee47aca149f6d5f655fff730b22c3de
.js
some-samples-master/6ef85d291b730ca11d6c6fa9158b6349
.html .js polyglot
some-samples-master/6f22e8b9746f3c7657ca17e7c294f73b
.js
some-samples-master/6f336e07fe284b7fc45430927c1798cd
.js
some-samples-master/6f3922a916f999c436898967b8f6a8a9
.exe windows:4 windows x86 arch:x86

235096e2a496a993ff24c1dfe13636b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5883
ord4284
ord2453
ord2097
ord384
ord6625
ord4413
ord2864
ord2862
ord2753
ord816
ord323
ord562
ord289
ord4299
ord640
ord5786
ord3571
ord3626
ord3663
ord2414
ord1641
ord1146
ord3706
ord1640
ord5785
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord815
ord561
ord6199
ord617
ord5301
ord5214
ord296
ord986
ord520
ord4159
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord860
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord2725
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord755
ord470
ord1168
ord5882
ord5885
ord6146
ord686
ord540
ord2919
ord5572
ord5683
ord4129
ord858
ord800
ord924
ord356
ord2770
ord1980
ord6334
ord1200
ord668
ord5252
ord4457
ord2117
ord6000
ord2626
ord2627
ord2494
ord6067
ord6215
ord807
ord366
ord529
ord554
ord674
ord796
ord4427
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4436
ord4837
ord3798
ord1665
ord2649
ord5282
ord4353
ord6374
ord5163
ord2385
ord5237
ord4407
ord1776
ord4077
ord6055
ord4151
ord2878
ord2879
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord823
ord1775
ord825

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
strncpy
strrchr
time
srand
rand
_beginthreadex
_access
sprintf
strcpy
strstr
_except_handler3
free
realloc
exit
malloc
_CxxThrowException
memcmp
memset
__CxxFrameHandler
memmove
_ftol
_controlfp

kernel32

CreateProcessA
GetFileAttributesA
ReadFile
GetWindowsDirectoryA
GetFileSize
CreateFileA
SetFilePointer
WriteFile
CancelIo
InterlockedExchange
SetEvent
lstrlenA
ResetEvent
WaitForSingleObject
CloseHandle
CreateEventA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
Sleep
InitializeCriticalSection
GetProcAddress
LoadLibraryA
TerminateThread
lstrcatA
GetLastError
GetCurrentProcess
GetModuleFileNameA
HeapAlloc
GetProcessHeap
IsBadReadPtr
VirtualProtect
HeapFree
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
ExitProcess
DeleteFileA
DuplicateHandle
OpenProcess
CreateDirectoryA
GetLocalTime
OpenEventA
WinExec
ExpandEnvironmentStringsA
GetCurrentThreadId
CopyFileA
Process32First
FreeLibrary
GetModuleHandleA
lstrcpyA
LocalFree
LocalAlloc
RaiseException
GetStartupInfoA

gdi32

DeleteDC
DeleteObject
StretchBlt
BitBlt
GetDeviceCaps
CreateCompatibleDC
CreateRectRgnIndirect
GetObjectA
CreateCompatibleBitmap
SelectObject

advapi32

CreateServiceA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
OpenServiceA
StartServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA

shell32

ShellExecuteA
SHAppBarMessage

Sections

.text
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/6f42f6160b72c55d6f77787604254f5e
.exe windows:4 windows x86 arch:x86

311d24ebc3888a3b13d330ca720eb836

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
FreeLibrary
ReadFile
GetFileSize
SetFilePointer
CloseHandle
WriteFile
lstrcpyA
VirtualAlloc
CreateFileA
CreateProcessA
WaitForSingleObject
CreateThread
lstrlenA
GetStringTypeA
LCMapStringW
HeapReAlloc
HeapAlloc
RtlUnwind
RaiseException
HeapFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
VirtualFree
IsBadWritePtr
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
GetStringTypeW

wininet

InternetCloseHandle

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/6f651328b7088ae6460724a40faa6c21
.elf linux x86
some-samples-master/6fbe70e5c0a70fa4f18b87c51288f575
.js
some-samples-master/6fd68e8a4c0b0e65b4d095d8617d60af
.js
some-samples-master/6fe5ba95223bde2db0927e2005def6cc
.js
some-samples-master/6ff64d39855c565c37dab7586569e9c8
some-samples-master/7040f5eb5630b21afd69b768c709fd03
.html
some-samples-master/7050dc2f0678f0cd955dfe2b26310959
.doc windows office2003

ThisDocument

Module1
some-samples-master/70553eb11245b28bb9b8ec491497cb58
.html .js polyglot
some-samples-master/707df6533b2e87cc37187391ce44a4c5
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 311KB - Virtual size: 808KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 31KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10.1MB - Virtual size: 75.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BIAUEB
Size: 146KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/70894ef96231f052f4a21676f53f277f
.exe windows:4 windows x86 arch:x86

a4708e94f865f4bd2880ce7eb3501f03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_stricmp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

kernel32

CreateFileA
WriteFile
CloseHandle
FreeLibrary
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
VirtualAlloc
GetProcessHeap
HeapAlloc
GetFileSize
SetFilePointer
Sleep
GetModuleHandleA
GetStartupInfoA
ReadFile

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/708c78d8ad0438d16b7f218b2ea24354
.js
some-samples-master/70ad7ceb50d1ba62f80590f1aa50909b
.js
some-samples-master/70eebb8f1ae717abcc70895b70197ace
.html .js polyglot
some-samples-master/712596a6684c05e52556d9171eec5a6d
.html .js polyglot
some-samples-master/71458de6b8b101323f43751aab1e5f0d
.exe windows:4 windows x86 arch:x86

405ccb86f7e5bbe464ba08fe94e923c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
_adj_fdiv_m64
ord698
_adj_fprem1
ord519
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord667
__vbaAryDestruct
ord591
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
__vbaVarTstLt
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
__vbaGenerateBoundsError
__vbaAryConstruct2
__vbaObjVar
DllFunctionCall
__vbaRedimPreserve
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
__vbaUI1I2
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
__vbaErrorOverflow
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaDerefAry1
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaVarAdd
__vbaVarDup
ord616
__vbaVarCopy
__vbaFpI4
_CIatan
ord618
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 664KB - Virtual size: 662KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/717a2a2cf1c45e85e80e02270b69253c
.html
some-samples-master/7183fda341226696e2022e276cbfa1c9
.js
some-samples-master/7189f53c6194cf6dc4300598b9a38ce8
.js
some-samples-master/71a742f5f73cd179cbc839f8767e005c
.js
some-samples-master/71ac3611e8633fa48ad7a84dec2d226a
.html
some-samples-master/71f7f21d8e5246e2fb2d0585a4bc3ff2
.js
some-samples-master/7239f60af00f3d5151452af63faa9c68
.exe windows:5 windows x86 arch:x86

efd7677657e95c6580f53b115a483b30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\LAS\customerssn\braille\unfaith.pdb

Imports

kernel32

GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetProcAddress
InterlockedDecrement
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcess
TerminateProcess
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
HeapSize
LoadLibraryW
LCMapStringW
MultiByteToWideChar
GetStringTypeW
HeapCreate
GetEnvironmentStrings
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineA
DeleteFileA
GetConsoleTitleA
HeapAlloc
lstrlenA
CreatePipe
FindFirstFileA
GetFileAttributesA
HeapFree
RtlUnwind
FindNextFileA
FindClose
RemoveDirectoryA
Sleep
RaiseException
GetCurrentDirectoryW
GetCurrentThreadId
SetLastError
InterlockedExchange
GetLastError
DecodePointer

user32

DestroyWindow
MessageBoxA
LoadImageA
GetDC
SetClipboardViewer
PostQuitMessage
GetClientRect
SendMessageA
GetClipboardData
OpenClipboard
GetDlgItem
CharLowerA
SetWindowTextA
ChangeClipboardChain
IsWindowEnabled
GetMonitorInfoA
MonitorFromRect
GetWindowRect
GetSysColor
GetWindowTextLengthA
GetWindowLongA
GetSysColorBrush
GetParent
BeginPaint
EndPaint
DefWindowProcA
SetWindowLongA
ShowCursor
IsDlgButtonChecked
KillTimer
GetWindowThreadProcessId
DdeCreateStringHandleW
GetDlgItemTextA
CreateWindowExA
GetProcessWindowStation
SetProcessWindowStation
CreateDesktopA
SetThreadDesktop
CloseDesktop
CloseWindowStation
GetThreadDesktop
GetUserObjectInformationA
LoadIconA
DestroyIcon
ReleaseDC
MapWindowPoints
GetCursorPos
PtInRect
WindowFromPoint

gdi32

DeleteObject
SelectPalette
GetPixel
FlattenPath
GdiComment
StretchBlt
CreateCompatibleDC
BitBlt
DeleteDC
GetDIBColorTable
CreateBitmap
CreateDIBSection
SetDIBColorTable
GetStockObject
GetObjectA
GetCurrentObject
GetPaletteEntries
SelectObject
SetTextColor

comdlg32

ChooseColorA

advapi32

LookupAccountNameW

shell32

SHGetFolderPathA

ole32

CoCreateInstance
PropVariantClear
CoLockObjectExternal
CoInitialize

avifil32

AVIStreamCreate
AVIFileInit
AVISaveOptions

crypt32

CertEnumSystemStoreLocation

shlwapi

PathAppendA

comctl32

ImageList_Create
ImageList_ReplaceIcon
ord17

gdiplus

GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage

opengl32

glShadeModel
glEnable

imm32

ImmUnregisterWordW
ImmConfigureIMEA

dbghelp

SymInitialize
SymGetOptions
SymSetOptions

wtsapi32

WTSEnumerateProcessesA
WTSFreeMemory

uxtheme

OpenThemeData

dnsapi

DnsAcquireContextHandle_A

traffic

TcDeregisterClient
TcAddFlow

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/7255977a54767e3e3baa8291af8574b3
.html .js polyglot
some-samples-master/7297216069b88051d791a454d6df0270
.html .js polyglot
some-samples-master/72b9d12aabe0440fd02ca36492efc5a1
.html .js polyglot
some-samples-master/72ded3da9c72729d222b7e52904c1a69
.html
some-samples-master/72f9bfb879b2a6ff7ce436ddbdca9a75
.exe windows:4 windows x86 arch:x86

afb4499cc3d71ae164287edf0970a208

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3254
ord2441
ord1695
ord5006
ord5656
ord4470
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5476
ord3403
ord2879
ord2878
ord4154
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5285
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord736
ord807
ord739
ord450
ord439
ord554
ord442
ord825
ord747
ord5495
ord2104
ord4460
ord2494
ord2627
ord2626
ord4163
ord6625
ord6064
ord5252
ord4614
ord4613
ord1942
ord4272
ord4589
ord4899
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord4078
ord5240
ord5290
ord4441
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5259
ord2535
ord4723
ord4448
ord1842
ord4242
ord5472
ord4151
ord5282
ord796
ord794
ord674
ord529
ord527
ord366
ord6000
ord2117
ord4457
ord2252
ord1133
ord3481
ord3797
ord4284
ord1895
ord4958
ord3407
ord4990
ord4927
ord4932
ord4937
ord4717
ord4688
ord4946
ord5018
ord5108
ord4912
ord4646
ord4980
ord4522
ord4993
ord4537
ord5075
ord4038
ord3281
ord3353
ord4626
ord4424
ord457
ord749
ord4653
ord6194
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord459
ord561
ord743
ord1134
ord1199
ord1205
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5241
ord5280
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1894
ord4254
ord2486
ord4015
ord4957
ord4861
ord4826
ord3187
ord4950
ord2437
ord2171
ord5020
ord4517
ord4640
ord4916
ord5002
ord4494
ord4491
ord5021
ord3106
ord4605
ord5000
ord4416
ord5090
ord5501
ord4628
ord4657
ord5752
ord4155
ord2991
ord3417
ord5025
ord3514
ord6344
ord5627
ord1003
ord3449
ord3787
ord3250
ord4697
ord3060
ord3066
ord6336
ord2510
ord2542
ord5244
ord5742
ord1747
ord5577
ord3172
ord5654
ord4423
ord4956
ord4860
ord2402
ord4387
ord3454
ord3198
ord6081
ord6175
ord3261
ord4623
ord4430
ord748
ord1206
ord2623
ord456
ord1223
ord4825
ord1849
ord4244
ord2583
ord4403
ord5253
ord3998
ord1576
ord4251
ord1886
ord823
ord4676
ord4671
ord4857
ord4450
ord1168

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
??1type_info@@UAE@XZ
free
realloc
memset
_CxxThrowException
memcpy
__CxxFrameHandler
_setmbcp
_stricmp
_onexit

kernel32

GetProcAddress
Sleep
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
LoadLibraryA

user32

EnableWindow
SendMessageA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/73178297b175c8706ec7cb05eae84e70
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lif
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/731cdd106e540bf99054b50ef27ae15e
.html
some-samples-master/73551d0a8fdcbe02d09c3d74901b0028
.js
some-samples-master/737d02eb888984dcb5c53bab72d4bca5
.html
some-samples-master/738ab2b3dc8c4e3a69b701f6492429db
.js
some-samples-master/738b2d4782e244ab45ed77b3b7591540
.html
some-samples-master/73b785650da3d07b3da642c9f6df228a
.html .js polyglot
some-samples-master/73e68c1bf7a0bf425369f14c58648d40
.exe windows:4 windows x86 arch:x86

30d6c8883797cfa4d392035d602bf3f8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord825
ord807
ord686
ord800
ord2494
ord2627
ord2626
ord6146
ord5885
ord5882
ord2453
ord1146
ord1168
ord2096
ord5883
ord4284
ord6625
ord540
ord384
ord4457
ord5252
ord2862
ord5265
ord4376
ord4998
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord2301
ord4234
ord2379
ord3092
ord4710
ord4853
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord4353
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord617
ord6215
ord5301
ord5214
ord296
ord986
ord520
ord4159
ord6117
ord2621
ord1134
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord1945
ord4273
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord3571
ord640
ord813
ord323
ord560
ord3663
ord3626
ord2414
ord5260
ord4464
ord283
ord472
ord5785
ord1641
ord1640
ord2859
ord2405
ord2818
ord537
ord4133
ord4297
ord5788
ord5787
ord1200
ord860
ord1175
ord6374
ord5163
ord2385
ord5237
ord4407
ord1776
ord4077
ord6055
ord4151
ord2878
ord2879
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord5307
ord823

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
strcpy
time
srand
memcpy
memset
__CxxFrameHandler
_CxxThrowException
printf
realloc
free
malloc
strlen
rand

kernel32

WriteFile
ReadFile
CloseHandle
GetModuleHandleA
GetStartupInfoA
FreeLibrary
HeapFree
IsBadReadPtr
Sleep
VirtualFree
GetProcessHeap
VirtualAlloc
HeapAlloc
GetFileSize
GetProcAddress
LoadLibraryA

user32

KillTimer
InvalidateRect
wsprintfA
GetClientRect
LoadImageA
UpdateWindow
EnableWindow
GetDC
SetTimer
LoadIconA
GetSysColor
SendMessageA

gdi32

DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
Rectangle

shell32

ShellAboutA

comctl32

ImageList_ReplaceIcon
ImageList_SetBkColor

winmm

mciSendStringA

Exports

Exports

stricmp

Sections

.text
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/73e815a756cc7422e87fba432ec575cd
.exe windows:4 windows x86 arch:x86

815b5a2fb6f90d046265595f0f852647

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CloseHandle
GetModuleFileNameA
GetVersionExA
GetCommandLineA
CreateMutexA
CopyFileA
GetSystemDirectoryA
GlobalMemoryStatusEx
HeapAlloc
GetLocalTime
VirtualProtect
HeapFree
SetEvent
lstrcmpiA
Process32Next
Process32First
WaitForSingleObject
CreateEventA
GetStartupInfoA
CreateFileA
WriteFile
lstrcatA
LocalAlloc
LocalSize
LocalFree
OutputDebugStringA
GetTickCount
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
lstrlenA
GetLastError
VirtualFree
Sleep
InterlockedExchange
VirtualAlloc
GetProcessHeap

user32

wsprintfA

advapi32

ChangeServiceConfig2A
OpenSCManagerA
CreateServiceA
LockServiceDatabase
UnlockServiceDatabase
OpenServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenEventLogA
ClearEventLogA
CloseEventLog
RegOpenKeyExA

msvcrt

__dllonexit
??3@YAXPAX@Z
ceil
_ftol
__CxxFrameHandler
_CxxThrowException
??2@YAPAXI@Z
_except_handler3
printf
strstr
strncpy
strrchr
rand
exit
strncmp
realloc
free
_beginthreadex
strchr
??1type_info@@UAE@XZ
_strcmpi
_onexit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
_stricmp
_strupr

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/7411c3317e75cc79b5b946575d8f3ea7
.exe windows:4 windows x86 arch:x86

e1468697ddfc2db74e41d821d1cb1947

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord609
ord800
ord641
ord1146
ord1168
ord860
ord567
ord540
ord324
ord3626
ord3663
ord2414
ord2370
ord2302
ord4234
ord4710
ord4853
ord2820
ord3811
ord537
ord4224
ord535
ord6334
ord2379
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord2582
ord4402
ord3370
ord3640
ord2587
ord4406
ord3394
ord3729
ord804
ord693
ord616
ord2289
ord2362
ord6907
ord3998
ord2818
ord3996
ord6215
ord3092
ord858
ord3301
ord3317
ord2642
ord3874
ord801
ord541
ord2385
ord924
ord926
ord5861
ord6143
ord3499
ord2515
ord355
ord6778
ord3790
ord6199
ord3721
ord795
ord4033
ord3610
ord656
ord6648
ord5683
ord3177
ord1175
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord6438
ord2621
ord1134
ord686
ord797
ord781
ord810
ord554
ord807
ord384
ord3708
ord3398
ord3733
ord2586
ord4405
ord3723
ord5655
ord2639
ord6146
ord5885
ord5883
ord2120
ord2118
ord2623
ord4000
ord2862
ord2096
ord4160
ord2863
ord755
ord470
ord839
ord433
ord5575
ord2141
ord1656
ord434
ord668
ord2770
ord356
ord939
ord3303
ord941
ord2915
ord2923
ord2012
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4376
ord5265
ord3573
ord3574
ord4424
ord3402
ord5290
ord4396
ord1776
ord6055
ord2575
ord823
ord1200
ord922
ord825
ord1576

msvcrt

__set_app_type
_controlfp
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
??1type_info@@UAE@XZ
strcat
rand
_CxxThrowException
memset
__CxxFrameHandler
_mbscmp
_setmbcp
wcslen
memcpy
atoi
__p__fmode

kernel32

GetLastError
MultiByteToWideChar
lstrlenA
GetProcAddress
LoadLibraryA
VirtualAlloc
FreeLibrary
LocalFree
GetTickCount
GetCurrentDirectoryA
GetModuleHandleA
GetStartupInfoA
InterlockedIncrement
WideCharToMultiByte
InterlockedDecrement

user32

SendMessageA
EnableWindow
LoadIconA
DrawIcon
PostMessageA
AppendMenuA
IsIconic
GetSystemMetrics
GetSystemMenu
LoadBitmapA
GetClientRect

comctl32

ImageList_ReplaceIcon

ole32

CLSIDFromProgID
CoCreateInstance
OleRun
CoUninitialize
CoInitialize
CLSIDFromString

oleaut32

SysStringByteLen
GetActiveObject
VariantCopy
VariantChangeType
SysAllocString
VariantInit
VariantClear
GetErrorInfo
SysAllocStringByteLen
SysFreeString

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/7414b2af27f74c118e259c2f9c3d0029
.js
some-samples-master/74173d879be50e6834ff5956900af42f
.exe windows:5 windows x86 arch:x86

37b1c5a46f79da11ae82188c5bd0ad8d

Code Sign

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

08-04-2015 01:00

Not After

08-04-2023 01:00

Subject

CN=WoSign Time Stamping Signer G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

1d:27:67:31:19:fb:06:96:27:6c:d8:bb:c3:cb:1c:50
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

23-01-2017 05:07

Not After

23-04-2018 05:07

Subject

CN=Kunshan Kuaila Information Technology Co.\, Ltd.,O=Kunshan Kuaila Information Technology Co.\, Ltd.,L=Kunshan,ST=Jiangsu,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

6a:0f:db:e6:78:b3:1e:23:2c:ba:5a:e1:4d:9d:bf:1b
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

08-04-2015 01:00

Not After

08-04-2023 01:00

Subject

CN=WoSign Time Stamping Signer G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

02:0c:e5:b0:a7:5e:33:f4:ea:aa:35:57:91:8d:5f:66:9f:f1:2f:7f:48:d9:e7:40:be:0e:68:ea:e8:0d:96:54
Signer

Actual PE Digest

02:0c:e5:b0:a7:5e:33:f4:ea:aa:35:57:91:8d:5f:66:9f:f1:2f:7f:48:d9:e7:40:be:0e:68:ea:e8:0d:96:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\吴玲玉\代码文件\微端制作\2、602游戏微端\Cs 传奇世界\Release\CqsjR.pdb

Imports

kernel32

FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GlobalFlags
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetFileSizeEx
GetFileTime
SetErrorMode
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
FileTimeToLocalFileTime
GetEnvironmentStringsW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
GetCurrentDirectoryA
GetDriveTypeA
GetProcessHeap
SetEnvironmentVariableA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
FormatMessageW
LocalFree
GlobalFree
GetModuleHandleA
GetCurrentProcessId
ResumeThread
WaitForMultipleObjects
ExitThread
CreateSemaphoreW
ReleaseSemaphore
SetEvent
DeleteCriticalSection
lstrcmpiW
lstrcmpW
MulDiv
InitializeCriticalSection
LoadLibraryExW
GetShortPathNameW
FileTimeToSystemTime
UnmapViewOfFile
GetFileSize
GetThreadLocale
LCMapStringA
LocalAlloc
FreeResource
WriteProcessMemory
IsWow64Process
VirtualAllocEx
GlobalUnlock
TerminateProcess
GetVersionExW
ReadProcessMemory
VirtualFreeEx
GlobalAlloc
GlobalLock
LocalFileTimeToFileTime
GetCurrentDirectoryW
ReadFile
SetFileTime
SystemTimeToFileTime
SetFilePointer
CreateEventW
ResetEvent
lstrlenW
GetModuleHandleW
CreateThread
InterlockedCompareExchange
IsProcessorFeaturePresent
SetFileAttributesW
CreateToolhelp32Snapshot
FindNextFileW
Process32NextW
SetProcessWorkingSetSize
RemoveDirectoryW
Process32FirstW
FindClose
GetFileAttributesW
OpenProcess
WaitForSingleObject
FindFirstFileW
GetProcAddress
GetTickCount
lstrlenA
IsBadWritePtr
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntW
GetCurrentThreadId
EnterCriticalSection
SetLastError
RaiseException
FlushInstructionCache
LeaveCriticalSection
GetCurrentProcess
WideCharToMultiByte
DeleteFileW
CloseHandle
GetLastError
WritePrivateProfileStringW
MultiByteToWideChar
CreateFileW
GetModuleFileNameW
CopyFileW
Sleep
LoadLibraryW
WriteFile
GetPrivateProfileStringW
CreateDirectoryW
SetUnhandledExceptionFilter
FreeLibrary
CreateMutexW
GetCommandLineW
ExitProcess
LockResource
SizeofResource
LoadResource
FreeEnvironmentStringsW
FindResourceW

user32

IsDialogMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
GetKeyState
SetMenu
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
GetMenu
OffsetRect
SystemParametersInfoA
MapVirtualKeyW
GetKeyNameTextW
GetMenuItemID
GetMenuItemCount
IntersectRect
GetActiveWindow
MapDialogRect
CreateDialogIndirectParamW
WindowFromPoint
EndDialog
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
IsWindowEnabled
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
EndPaint
ClientToScreen
GetWindowTextLengthW
DestroyAcceleratorTable
CharNextW
RegisterWindowMessageW
FillRect
IsChild
SetCapture
UnregisterClassW
GetFocus
GetParent
InvalidateRgn
CreateAcceleratorTableW
SetFocus
BeginPaint
InflateRect
GetWindowTextW
GetDlgItem
RedrawWindow
GetSysColor
GetWindowPlacement
SetWindowTextW
GetDesktopWindow
FindWindowExW
GetWindowThreadProcessId
wsprintfW
ScreenToClient
GetClientRect
SystemParametersInfoW
CopyRect
SetWindowRgn
SetRectEmpty
TranslateMessage
PeekMessageW
DispatchMessageW
SetCursor
UpdateLayeredWindow
SetWindowContextHelpId
IsIconic
LoadImageW
PostThreadMessageW
MessageBeep
GetNextDlgGroupItem
IsRectEmpty
CopyAcceleratorTableW
SetActiveWindow
GetSysColorBrush
KillTimer
GetSubMenu
SetForegroundWindow
GetDC
LoadIconW
CharUpperW
RegisterClipboardFormatW
GetMessageW
GetNextDlgTabItem
ValidateRect
SetRect
LoadMenuW
ReleaseDC
MessageBoxW
GetSystemMetrics
IsWindowVisible
CheckMenuItem
MoveWindow
PostMessageW
SetParent
SetTimer
GetWindowRect
MonitorFromPoint
TrackPopupMenu
LoadCursorW
GetClassInfoExW
RegisterClassExW
AppendMenuW
GetClassNameW
SetWindowPos
GetCursorPos
CreatePopupMenu
CreateWindowExW
EqualRect
ReleaseCapture
DestroyMenu
GetMonitorInfoW
GetWindow
DestroyWindow
PostQuitMessage
GetWindowLongW
SetWindowLongW
ShowWindow
IsWindow
UpdateWindow
CallWindowProcW
DefWindowProcW
PtInRect
InvalidateRect
SendMessageW
EnableWindow
UnregisterHotKey
RegisterHotKey
GetLastActivePopup
UnregisterClassA

gdi32

RectVisible
CreateFontIndirectW
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
DPtoLP
CreateCompatibleBitmap
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
GetObjectW
GetStockObject
CreateSolidBrush
CreateRoundRectRgn
DeleteDC
CreateDIBSection
DeleteObject
SelectObject
BitBlt
CreateCompatibleDC
TextOutW

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegOpenKeyW
RegQueryValueW
RegEnumKeyW
RegEnumKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
AdjustTokenPrivileges
RegOpenKeyExW
LookupPrivilegeValueW
OpenProcessToken
RegSetValueExW
RegCloseKey

shell32

CommandLineToArgvW
Shell_NotifyIconW
SHGetSpecialFolderPathW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW

comctl32

_TrackMouseEvent

shlwapi

PathFileExistsW
PathRenameExtensionW
PathFindExtensionW
PathFindFileNameW
UrlUnescapeW
PathStripToRootW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
CreateILockBytesOnHGlobal
CoTaskMemRealloc
OleLockRunning
CoTaskMemFree
CoFreeUnusedLibraries
CLSIDFromProgID
CoInitialize
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoUninitialize
CoCreateInstance
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemAlloc
CoGetClassObject
OleUninitialize
OleInitialize
StringFromGUID2
CLSIDFromString

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantInit
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString
VariantChangeType
SysStringLen
LoadTypeLi
OleCreateFontIndirect
VarUI4FromStr
LoadRegTypeLi
VariantCopy

wininet

InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetCrackUrlW
DeleteUrlCacheEntryW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
InternetOpenW
InternetReadFile
InternetConnectW
HttpSendRequestW
HttpAddRequestHeadersW
HttpQueryInfoW
HttpOpenRequestW
InternetCloseHandle
InternetCanonicalizeUrlW
InternetQueryDataAvailable

gdiplus

GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStream
GdipDeleteBrush
GdipFree
GdipCloneBrush
GdipDrawImageRectRectI
GdipSetTextRenderingHint
GdipDeleteFont
GdipDeleteGraphics
GdipDeleteFontFamily
GdipCreateSolidFill
GdipAlloc
GdipCreateFont
GdipDrawString
GdipCreateFontFamilyFromName
GdipCreateFromHDC
GdipCreateStringFormat
GdipDeleteStringFormat
GdiplusShutdown
GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipReleaseDC
GdipDeletePen
GdipFillRectangle
GdipDrawLineI
GdipDrawImageRectI
GdipDrawImageRectRect
GdipCreatePen1

psapi

EmptyWorkingSet
EnumProcesses
EnumProcessModules
GetModuleFileNameExW
GetModuleBaseNameW

iphlpapi

GetAdaptersInfo
GetAdaptersAddresses

netapi32

Netbios

snmpapi

SnmpUtilOidCpy
SnmpUtilVarBindFree
SnmpUtilOidNCmp

sensapi

IsNetworkAlive

ws2_32

WSAGetLastError
htons
recv
socket
__WSAFDIsSet
select
gethostbyname
send
connect
WSAStartup
closesocket

Sections

.text
Size: 443KB - Virtual size: 443KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/7428cc45a9a88cf8761268e7a1bd8182
.html
some-samples-master/74343ab4a8f640c93997d619af4bb125
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/74bcbb3025b0faef8b432c8696d73c56
.js
some-samples-master/74c5ddfd3e2fd6bdd5b873f87d10c9b1
.exe windows:4 windows x86 arch:x86

248cc9c4a19f8ec2c7a8a93e3fe84ff7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarTstGt
_CIcos
_adj_fptan
__vbaStrI4
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
ord516
_adj_fprem1
__vbaStrCat
__vbaError
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenBstrB
_adj_fdiv_m32
__vbaObjSet
ord596
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaFPFix
__vbaVarTstLt
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
ord671
_adj_fpatan
__vbaLateIdCallLd
ord678
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord609
__vbaFPException
_CIlog
ord646
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaDerefAry1
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaI4Var
__vbaVarAdd
__vbaInStrB
__vbaVarDup
__vbaFpI4
_CIatan
__vbaStrMove
_allmul
_CItan
ord547
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 208KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/7538a91b893c216dcb93e58bac16de9e
.exe windows:4 windows x86 arch:x86

36ad125d833d401ebd011e5cfb5c0ce2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
ReleaseMutex
GetFileSize
GetFileAttributesA
WaitForSingleObject
GetLastError
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
ExitThread
GetStartupInfoA
GetModuleHandleA
CloseHandle
WinExec
LoadLibraryA
GetProcAddress
GlobalAlloc
Sleep
TerminateProcess

user32

GetDesktopWindow
wsprintfA

advapi32

StartServiceCtrlDispatcherA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA

ws2_32

WSAStartup
closesocket
htonl
select
recv
setsockopt
socket
connect
WSACleanup
send
htons
__WSAFDIsSet
inet_addr
sendto
inet_ntoa

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
realloc
malloc
atoi
strncpy
strcspn
strstr
sprintf
strncmp
exit
free

Sections

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/753d843f14b273d2e8794e150e8d1911
.html
some-samples-master/754909c485b8b02e3097fb4d99c66e39
.exe windows:4 windows x86 arch:x86

d8f5f326d59bd53d34818d2c72e3b0d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
WinExec
GetTickCount
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
SetFilePointer
WriteFile
CreateFileA
SetPriorityClass
LoadResource
FindResourceA
EnumResourceNamesA
WaitForSingleObject
GetLastError
GetWindowsDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
TerminateProcess
ExitThread
GetStartupInfoA
GetCurrentProcess
GetCurrentThread
SetThreadPriority
Sleep
CreateThread
LoadLibraryA
LockResource
GetProcAddress
GetModuleHandleA
CreateProcessA

user32

GetDesktopWindow
wsprintfA

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA
ShellExecuteA

ws2_32

closesocket
WSAStartup
inet_ntoa
select
recv
setsockopt
WSAIoctl
socket
connect
htonl
send
WSACleanup
__WSAFDIsSet
inet_addr
sendto
htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

netapi32

NetUserAdd
NetLocalGroupAddMembers

msvcrt

sprintf
strcmp
??2@YAPAXI@Z
_onexit
__dllonexit
_controlfp
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
strncmp
strcat
wcscpy
realloc
malloc
strlen
atoi
strncpy
strcspn
memset
strstr
strcpy
exit
memcpy
localtime
time
free

Sections

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/7561f95f0f001441634fdac906030b72
.exe windows:4 windows x86 arch:x86

f95b9df843b72444322e3b75e667014b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultUILanguage
GetComputerNameA
GetSystemInfo
WaitForSingleObject
lstrlenA
WinExec
CopyFileA
GlobalMemoryStatus
GetModuleHandleA
CompareStringW
CompareStringA
CreateThread
CloseHandle
CreateProcessA
lstrcatA
GetModuleFileNameA
GetTempPathA
MoveFileA
MoveFileExA
GetCurrentProcessId
lstrcpyA
GetCurrentProcess
ExitThread
Sleep
GetTickCount
LoadLibraryA
GetLastError
GetProcAddress
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetConsoleCtrlHandler
SetStdHandle
GetOEMCP
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
SetEnvironmentVariableA
SetFilePointer
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
TerminateProcess
HeapReAlloc
HeapSize
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate

user32

wsprintfA

advapi32

CreateServiceA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
OpenServiceA
StartServiceA
RegSetValueExA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenSCManagerA

ws2_32

select
__WSAFDIsSet
send
WSAIoctl
WSAStartup
WSASocketA
recv
setsockopt
htonl
sendto
WSACleanup
socket
htons
connect
closesocket
inet_addr
gethostbyname
WSAGetLastError

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

iphlpapi

GetIfTable

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/75a17fdecf691351a31ae5fba30a8168
.exe windows:4 windows x86 arch:x86

e160ef8e55bb9d162da4e266afd9eef3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
SearchPathA
GetShortPathNameA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetEnvironmentVariableA
GetWindowsDirectoryA
GetTempPathA
Sleep
CloseHandle
LoadLibraryA
lstrlenA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
ReadFile
lstrcpyA
lstrcatA
GetSystemDirectoryA
GetVersion
GetProcAddress
GlobalAlloc
CompareFileTime
SetFileTime
ExpandEnvironmentStringsA
lstrcmpiA
lstrcmpA
WaitForSingleObject
GlobalFree
GetExitCodeProcess
GetModuleHandleA
SetErrorMode
GetCommandLineA
LoadLibraryExA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
WriteFile
FindClose
WritePrivateProfileStringA
MultiByteToWideChar
MulDiv
GetPrivateProfileStringA
FreeLibrary

user32

CreateWindowExA
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
GetDC
SystemParametersInfoA
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
GetDlgItem
wsprintfA
SetForegroundWindow
ShowWindow
IsWindow
LoadImageA
SetWindowLongA
SetClipboardData
EmptyClipboard
OpenClipboard
EndPaint
PostQuitMessage
FindWindowExA
SendMessageTimeoutA
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

CoCreateInstance
CoTaskMemFree
OleInitialize
OleUninitialize

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/75b4695f5baba96e636b7ae14cbdd0ad
.html .js polyglot
some-samples-master/75c3bdf3477ee2112b0a9b874289f8bb
.js
some-samples-master/75f0638e40cb937d9a553eb08b57d54c
.exe windows:4 windows x86 arch:x86

f7a9b33b8a99a98d91563c62d9c69262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CertControlStore
CertAddStoreToCollection
CertFindCRLInStore
CertSaveStore
CertFindChainInStore
CryptFindOIDInfo
CertFindAttribute
CertGetNameStringA
CertFreeCRLContext
CertNameToStrA
CertDeleteCRLFromStore

kernel32

LoadLibraryA
GetCommandLineA
FindResourceExA
FormatMessageA
GetEnvironmentVariableA
DeleteFileA
SetPriorityClass
OpenFileMappingA
lstrcmp
CreateJobObjectA
GetModuleHandleA
GetFileAttributesA
GetTempFileNameA
WaitForSingleObject
WriteConsoleA
CreateSemaphoreW
FileTimeToSystemTime
lstrcmpiA
DecodePointer
CreateProcessA
CreateDirectoryA
GetProcAddress

shlwapi

UrlCreateFromPathW
UrlUnescapeA
UrlIsNoHistoryW
UrlCanonicalizeW
UrlGetPartA
UrlEscapeA
UrlCombineW
UrlHashW
PathIsRootW
UrlIsA
UrlGetLocationW
UrlCompareW

cmpbk32

PhoneBookLoad
PhoneBookCopyFilter
PhoneBookFreeFilter
PhoneBookEnumCountries

untfs

FormatEx
Format
Chkdsk
Recover
Extend

clusapi

CloseClusterGroup
ClusterControl
CloseClusterNode
CloseCluster

dsprop

ErrMsgParam
CrackName
CheckADsError
FindSheet

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lock
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/76.74.170.253/bash
.elf linux x64
some-samples-master/76.74.170.253/bash.1
.elf linux x64
some-samples-master/76.74.170.253/cron
.elf linux x86
some-samples-master/76.74.170.253/cron.1
.elf linux x86
some-samples-master/76.74.170.253/ftp
.elf linux ppc
some-samples-master/76.74.170.253/ftp.1
.elf linux ppc
some-samples-master/76.74.170.253/ntpd
.elf linux mipsbe
some-samples-master/76.74.170.253/ntpd.1
.elf linux mipsbe
some-samples-master/76.74.170.253/nut
.elf linux sparc
some-samples-master/76.74.170.253/nut.1
.elf linux sparc
some-samples-master/76.74.170.253/openssh
.elf linux sh
some-samples-master/76.74.170.253/openssh.1
.elf linux sh
some-samples-master/76.74.170.253/pftp
.elf linux x86
some-samples-master/76.74.170.253/pftp.1
.elf linux x86
some-samples-master/76.74.170.253/sh
.elf linux
some-samples-master/76.74.170.253/sh.1
.elf linux
some-samples-master/76.74.170.253/sshd
.elf linux mipsel
some-samples-master/76.74.170.253/sshd.1
.elf linux mipsel
some-samples-master/76.74.170.253/tftp
.elf linux arm
some-samples-master/76.74.170.253/tftp.1
.elf linux arm
some-samples-master/76.74.170.253/wget
.elf linux arm
some-samples-master/76.74.170.253/wget.1
.elf linux arm
some-samples-master/7600434196cef9873b1a7c6581a638cb
.js
some-samples-master/76051b2dc279c72144ada8c3063adeba
.html .js polyglot
some-samples-master/768b3bb71beb4b4c076870bac43bceee
some-samples-master/76d1d248419761f138b35d55f10a693e
.html .js polyglot
some-samples-master/76f17bbdde79de830c26f8b8143c81ce
.html
some-samples-master/76f5697445a6571253797c20649838f2
.html
some-samples-master/77.247.178.189/bash
.elf linux x64
some-samples-master/77.247.178.189/bash.1
.elf linux x64
some-samples-master/77.247.178.189/bash.2
.elf linux x64
some-samples-master/77.247.178.189/bash.3
.elf linux x64
some-samples-master/77.247.178.189/bash.4
.elf linux x64
some-samples-master/77.247.178.189/bash.5
.elf linux x64
some-samples-master/77.247.178.189/cron
.elf linux ppc
some-samples-master/77.247.178.189/cron.1
.elf linux ppc
some-samples-master/77.247.178.189/cron.2
.elf linux ppc
some-samples-master/77.247.178.189/cron.3
.elf linux ppc
some-samples-master/77.247.178.189/cron.4
.elf linux ppc
some-samples-master/77.247.178.189/cron.5
.elf linux ppc
some-samples-master/77.247.178.189/ftp
.elf linux x86
some-samples-master/77.247.178.189/ftp.1
.elf linux x86
some-samples-master/77.247.178.189/ftp.2
.elf linux x86
some-samples-master/77.247.178.189/ftp.3
.elf linux x86
some-samples-master/77.247.178.189/ftp.4
.elf linux x86
some-samples-master/77.247.178.189/ftp.5
.elf linux x86
some-samples-master/77.247.178.189/ntpd
.elf linux mipsbe
some-samples-master/77.247.178.189/ntpd.1
.elf linux mipsbe
some-samples-master/77.247.178.189/ntpd.2
.elf linux mipsbe
some-samples-master/77.247.178.189/ntpd.3
.elf linux mipsbe
some-samples-master/77.247.178.189/ntpd.4
.elf linux mipsbe
some-samples-master/77.247.178.189/ntpd.5
.elf linux mipsbe
some-samples-master/77.247.178.189/openssh
.elf linux sh
some-samples-master/77.247.178.189/openssh.1
.elf linux sh
some-samples-master/77.247.178.189/openssh.2
.elf linux sh
some-samples-master/77.247.178.189/openssh.3
.elf linux sh
some-samples-master/77.247.178.189/openssh.4
.elf linux sh
some-samples-master/77.247.178.189/openssh.5
.elf linux sh
some-samples-master/77.247.178.189/pftp
.elf linux
some-samples-master/77.247.178.189/pftp.1
.elf linux
some-samples-master/77.247.178.189/pftp.2
.elf linux
some-samples-master/77.247.178.189/pftp.3
.elf linux
some-samples-master/77.247.178.189/pftp.4
.elf linux
some-samples-master/77.247.178.189/pftp.5
.elf linux
some-samples-master/77.247.178.189/sshd
.elf linux mipsel
some-samples-master/77.247.178.189/sshd.1
.elf linux mipsel
some-samples-master/77.247.178.189/sshd.2
.elf linux mipsel
some-samples-master/77.247.178.189/sshd.3
.elf linux mipsel
some-samples-master/77.247.178.189/sshd.4
.elf linux mipsel
some-samples-master/77.247.178.189/sshd.5
.elf linux mipsel
some-samples-master/77.247.178.189/tftp
.elf linux arm
some-samples-master/77.247.178.189/tftp.1
.elf linux arm
some-samples-master/77.247.178.189/tftp.2
.elf linux arm
some-samples-master/77.247.178.189/tftp.3
.elf linux arm
some-samples-master/77.247.178.189/tftp.4
.elf linux arm
some-samples-master/77.247.178.189/tftp.5
.elf linux arm
some-samples-master/77.247.178.189/wget
.elf linux x86
some-samples-master/77.247.178.189/wget.1
.elf linux x86
some-samples-master/77.247.178.189/wget.2
.elf linux x86
some-samples-master/77.247.178.189/wget.3
.elf linux x86
some-samples-master/77.247.178.189/wget.4
.elf linux x86
some-samples-master/77.247.178.189/wget.5
.elf linux x86
some-samples-master/771d04f8effd830ed2039eb7f32814b4
.html
some-samples-master/772ca302ace651d9e818dd5a0696abc2
.js
some-samples-master/77386bdeb676c271bebf37cdcaacb746
.html .js polyglot
some-samples-master/774ddd848f1349fc4490cc3b5b1d8324
.exe windows:5 windows x86 arch:x86

e25287f821f1be5b872e2895317bdb16

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc100

ord13767
ord11726
ord7510
ord7584
ord901
ord6316
ord13480
ord11420
ord4724
ord310
ord13485
ord13482
ord13484
ord13481
ord3409
ord5238
ord11172
ord11180
ord7355
ord9449
ord11184
ord11153
ord11787
ord5098
ord4774
ord6112
ord4078
ord2000
ord7141
ord266
ord265
ord1288
ord888
ord6835
ord9399
ord4622
ord4903
ord5095
ord8439
ord4881
ord4625
ord4606
ord6897
ord6898
ord6888
ord4772
ord7357
ord8304
ord1201
ord761
ord6641
ord6634
ord6671
ord9281
ord2003
ord7363
ord1929
ord1987
ord11421
ord13301
ord7073
ord13299
ord8486
ord3676
ord3618
ord11806
ord7091
ord1732
ord3871
ord918
ord14075
ord10922
ord2163
ord13181
ord11413
ord7144
ord13483
ord342
ord6293
ord2088
ord1294
ord1296

msvcr100

_setmbcp
memcpy
__CxxFrameHandler3
_stricmp
_controlfp_s
_invoke_watson
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
__set_app_type
_fmode
_commode
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_onexit
_lock
__dllonexit
_unlock
realloc
free
malloc
memset

kernel32

GetFileSize
CloseHandle
WriteFile
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
CreateFileA
InterlockedExchange
DecodePointer
EncodePointer
HeapFree
FreeLibrary
GetProcessHeap
HeapAlloc
IsBadReadPtr
VirtualProtect
VirtualFree
LoadLibraryA
GetProcAddress
Sleep
ReadFile

comctl32

InitCommonControlsEx

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenUrlA
InternetReadFile
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/779df3e9d22b688c2483a16130d3887c
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/77c7368474ad38adbb4cc87861ff4454
.exe windows:1 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/77d77e0d392c5b3357b55c9c3a463527
.html .js polyglot
some-samples-master/77fa5807fafe10df3fe13eec64a62c28
.html
some-samples-master/77fdd73d1d446da85e18f46e114e199a
.html
some-samples-master/78105df599a93e8bb07f7eae7baccec5
.js
some-samples-master/782edd09ada90b48bd3c33f4f3017012
.elf linux sparc
some-samples-master/7856e1bc16176fd59b7cda2580218a3c
.js
some-samples-master/785888353de2a5679492b9beddb6531a
.html .js polyglot
some-samples-master/794bc26757923ba8610ba402e0f8a226
.html .js polyglot
some-samples-master/7954fe5bbef387bc9f117ac9cf20aab0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

GetInstantMediaInfo

Sections

.text
Size: 308KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 260KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uro
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/79a1adc2d38e235452b3a5e71566e534
.js
some-samples-master/79ab41fe407c3ce4e99ee5b989678dc7
.js
some-samples-master/79d6ce92570970f5eca148e092384e3b
.js
some-samples-master/79e9dfb20b8ab30073a601d49d1330ad
.js
some-samples-master/79f68266a8559906d29733859f3ddf9c
.exe windows:4 windows x86 arch:x86

6b41b49cb60c6234a51830ad22997a9b

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10-01-1997 07:00

Not After

31-12-2020 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-09-2006 01:53

Not After

16-09-2011 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-09-2006 01:53

Not After

16-09-2011 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:02:30:7e:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10-03-2008 21:57

Not After

10-06-2009 22:07

Subject

CN=Microsoft Windows Component Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11-10-2005 21:55

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

0f:8d:73:87:8f:92:31:40:fc:25:b1:1c:f3:69:5d:0d:bf:3c:5a:ad
Signer

Actual PE Digest

0f:8d:73:87:8f:92:31:40:fc:25:b1:1c:f3:69:5d:0d:bf:3c:5a:ad

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

mfc42

ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord825
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord5252
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord3350
ord4159
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord540
ord338
ord800
ord4823
ord5651
ord3127
ord3616
ord5440
ord860
ord350
ord2740
ord858
ord3663
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord3693
ord813
ord1641
ord560
ord3626
ord2414
ord5260
ord4133
ord4297
ord2535
ord2859
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord823
ord520

msvcrt

_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_ftol
_CxxThrowException
__CxxFrameHandler

kernel32

HeapCreate
GetProcAddress
LoadLibraryA
HeapAlloc
HeapDestroy
HeapFree
GetStartupInfoA
GetModuleHandleA
OutputDebugStringA

user32

wsprintfA
EnableWindow
MessageBoxA
GetClientRect
GetDC
UpdateWindow

gdi32

SelectObject
CreatePen

Exports

Exports

Ip

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/7a0751f20166b7b4c5cb7d48a325ee44
.js
some-samples-master/7a0c4360d2c3f67cdaa43857d9f4e6e5
some-samples-master/7a0e087457d980d162024a5e32459e19
.exe windows:4 windows x86 arch:x86

d1bea546319df4f4529dd91864ae95b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
CloseHandle
WriteFile
CreateFileA
OutputDebugStringA
HeapReAlloc
RtlUnwind
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
IsBadWritePtr
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
SetConsoleCtrlHandler
SetFilePointer
SetEndOfFile
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Exports

Exports

SPACE

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/7a199101db8ebaed0736b1a9a1ea7197
.elf linux ppc
some-samples-master/7a1a46ee84e1d2689317ef2f0999830f
.exe windows:4 windows x86 arch:x86

28e3a58132364197d7cb29ee104004bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
Process32Next
Process32First
ExitThread
GetTickCount
GetCurrentProcessId
TerminateThread
GetWindowsDirectoryA
GetCurrentProcess
GetSystemDirectoryA
GetLocalTime
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GlobalMemoryStatusEx
GetSystemInfo
ExitProcess
RemoveDirectoryA
DuplicateHandle
OpenEventA
WinExec
GetCurrentThreadId
CopyFileA
SetFileAttributesA
GetVersion
DeviceIoControl
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
TerminateProcess
PeekNamedPipe
WaitForMultipleObjects
GetModuleHandleA
GetComputerNameA
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
lstrcmpiA
GetExitCodeThread
CreateToolhelp32Snapshot
LocalAlloc
FindFirstFileA
LocalReAlloc
FindNextFileA
LocalFree
FindClose
GetLogicalDriveStringsA
GetVolumeInformationA
GetDiskFreeSpaceExA
GetDriveTypeA
CreateProcessA
CreateDirectoryA
GetLastError
DeleteFileA
CreateThread
GetVersionExA
GetPrivateProfileStringA
lstrcmpA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcatA
ExpandEnvironmentStringsA
GetPrivateProfileSectionNamesA
lstrlenA
OpenProcess
GetFileAttributesA
CancelIo
InterlockedExchange
lstrcpyA
ResetEvent
WaitForSingleObject
WideCharToMultiByte
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
SetEvent
Sleep
CreateEventA
LocalSize
HeapFree
MoveFileA
WriteFile
SetFilePointer
ReadFile
CreateFileA
RaiseException
GetFileSize
GetModuleFileNameA

user32

GetForegroundWindow
GetAsyncKeyState
GetKeyState
BlockInput
SendMessageA
SystemParametersInfoA
keybd_event
MapVirtualKeyA
SetCapture
GetWindowTextA
SetCursorPos
mouse_event
ExitWindowsEx
SetClipboardData
EmptyClipboard
OpenClipboard
GetClipboardData
GetSystemMetrics
SetRect
GetDC
GetDesktopWindow
ReleaseDC
GetCursorPos
GetMessageA
GetInputState
IsWindowVisible
PostMessageA
ShowWindow
EnumWindows
MessageBoxA
wsprintfA
CharNextA
CloseClipboard
PostThreadMessageA
WindowFromPoint
GetThreadDesktop
CloseDesktop
SetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
OpenDesktopA

gdi32

GetDIBits
BitBlt
DeleteDC
DeleteObject
CreateCompatibleDC
CreateDIBSection
SelectObject
CreateCompatibleBitmap

advapi32

EnumServicesStatusA
IsValidSid
LookupAccountNameA
LsaClose
LsaRetrievePrivateData
LsaOpenPolicy
RegCloseKey
RegQueryValueA
RegOpenKeyExA
StartServiceA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
AdjustTokenPrivileges
LookupPrivilegeValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
RegEnumValueA
RegDeleteValueA
RegDeleteKeyA
UnlockServiceDatabase
ChangeServiceConfigA
LockServiceDatabase
QueryServiceStatus
DeleteService
ControlService
QueryServiceConfigA
RegOpenKeyA
CreateProcessAsUserA
SetTokenInformation
DuplicateTokenEx
StartServiceCtrlDispatcherA
ChangeServiceConfig2A
CreateServiceA
RegCreateKeyA
CloseEventLog
ClearEventLogA
OpenEventLogA
LookupAccountSidA
GetTokenInformation
OpenProcessToken

shell32

ShellExecuteA
SHGetSpecialFolderPathA
SHGetFileInfoA

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysFreeString

wininet

InternetCloseHandle

mfc42

ord6648
ord2764
ord4129
ord926
ord924
ord922
ord535
ord858
ord6663
ord860
ord4278
ord2818
ord939
ord6877
ord800
ord540
ord823
ord825
ord537

msvcrt

vsprintf
calloc
wcstombs
_beginthreadex
wcscpy
mbstowcs
fopen
fwrite
fclose
__getmainargs
_mbsstr
wcsstr
_mbslwr
_wcsupr
_iob
fprintf
_CIacos
time
srand
rand
_errno
strchr
strcat
strncpy
strncmp
atoi
strrchr
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
exit
_CIpow
__dllonexit
_onexit
_exit
_XcptFilter
printf
_acmdln
_stricmp
_strnicmp
_access
_local_unwind2
__CxxFrameHandler
memcpy
memmove
_ftol
memcmp
_purecall
sprintf
strcpy
strlen
strstr
memset
_except_handler3
strcmp
free
malloc

netapi32

NetUserAdd
NetLocalGroupAddMembers
NetUserGetInfo
NetApiBufferFree
NetUserGetLocalGroups
NetUserSetInfo
NetUserDel
NetUserEnum

msvcp60

?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

ws2_32

listen
sendto
recvfrom
__WSAFDIsSet
WSASocketA
htonl
accept
WSAGetLastError
connect
setsockopt
WSAIoctl
WSACleanup
getpeername
bind
getsockname
inet_addr
inet_ntoa
send
select
recv
ntohs
closesocket
socket
gethostbyname
gethostname
htons
WSAStartup

userenv

GetProfilesDirectoryA
GetUserProfileDirectoryA

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationA
WTSEnumerateSessionsA

psapi

EnumProcessModules
GetModuleFileNameExA

winmm

waveInStart
waveInOpen
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
waveInAddBuffer
waveInGetNumDevs
waveOutUnprepareHeader
waveOutOpen
waveOutClose
waveOutWrite
waveOutPrepareHeader
waveInReset

Sections

.28bDIZX
Size: 370KB - Virtual size: 369KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.a9Gzw0a
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.1Ek24kI
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.0VSY31Y
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.E96W16F
Size: 69KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.m17114I
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

565611
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/7a1bcc109bc0268da6a986d7abd605b1
.js
some-samples-master/7a21099e34b1821e001e4a5823c2ae07
.js
some-samples-master/7a30de8c18885c60c08d9b487660678b
.html .js polyglot
some-samples-master/7a43ce8700a4a474aa0fdb3731e2a9e5
some-samples-master/7a4d5b5d7133ce5c021686adbd69f055
.js
some-samples-master/7a7420bb625e807b18b96dfea38b6e78
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 212KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/7a77ae31dcf3c2f4f72c05cece67daf1
some-samples-master/7a9f540dd8b827442b45229b9cc89c0f
.elf linux ppc
some-samples-master/7aa430667cb5917c71ceded5b726ef40
some-samples-master/7aa5b7115dc044fe1fba5e1d46c4d461
.html
some-samples-master/7acfe81f71e166364c90bfe156250da6
.html
some-samples-master/7afc4a90bd65812d5eea3910f7e3f296
.js
some-samples-master/7b0b49f6815840aa15695ac28f190e82
.html .js polyglot
some-samples-master/7b6b3c852d62c1b944aca52fbc30fbf4
.js
some-samples-master/7bca15e5f9f433bf0c65af46ff13d859
some-samples-master/7bce247853573e991e438dc8d18eb264
.html .js polyglot
some-samples-master/7c38278a77e542bb54c71d383ee4cba1
.js
some-samples-master/7c6672653e14d7ae38bd69c89d7090c9
.html
some-samples-master/7c73d0405b6a1ca8bcddc148ec19278c
.html .js polyglot
some-samples-master/7c7d11233fc1310989d6dbdd443fc881
.js
some-samples-master/7cc0d96286eea749fbbf23491fe3a7c3
.html
some-samples-master/7cf36a07531233364812dbd56624abc3
.html .js polyglot
some-samples-master/7d07e8a55ed5bf9d42adb823e3cdb375
.js
some-samples-master/7d1b10d48ed8fa40fe3ef43db9769623
.js
some-samples-master/7d2de57b6fdc8f679e0ecbfd072b3792
.exe windows:4 windows x86 arch:x86

1cd6153ef3f0ed7005ff868ac370207e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
ord693
__vbaFreeVar
__vbaFreeVarList
_adj_fdiv_m64
_adj_fprem1
__vbaSetSystemError
__vbaHresultCheckObj
__vbaLenBstrB
_adj_fdiv_m32
__vbaAryDestruct
__vbaObjSet
_adj_fdiv_m16i
_adj_fdivr_m16i
ord521
_CIsin
ord525
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
__vbaLbound
_adj_fpatan
__vbaRedim
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
ord539
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
ord616
_CIatan
__vbaStrMove
_allmul
ord651
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 408KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/7d50dd3519e87fcf78ee0342dfd8fef8
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/7d99b1c96d69abbc1056ee2232576290
.html .js polyglot
some-samples-master/7def3f0d5b1aab1233e7e81cbdd0c201
.html .js polyglot
some-samples-master/7e03fe1791f4d2372f59ca9e26df4dd5
.exe windows:5 windows x86 arch:x86

3761264be1c53c591ab8b2afd8b13867

Code Sign

1b:e7:15
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

01-01-2014 07:00

Not After

30-05-2031 07:00

Subject

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03-05-2011 07:00

Not After

03-05-2031 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:a6:9e:72:e3:8a:fe:48
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

08-12-2015 18:56

Not After

08-12-2016 18:56

Subject

CN=Super Click Interactive,O=Super Click Interactive,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fd:80:99:61:36:3c:1f:ca:41:8c:02:bc:64:04:d5:9c:4f:d3:2b:a2
Signer

Actual PE Digest

fd:80:99:61:36:3c:1f:ca:41:8c:02:bc:64:04:d5:9c:4f:d3:2b:a2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

gdi32

CreateBitmap
AbortPath
PolyPolygon
FlattenPath
DeleteObject
EnumObjects
SelectObject
CreateFontIndirectA
CreateFontA
SelectClipPath

user32

DispatchMessageA
TranslateMessage
PostMessageA
RegisterClassA
GetWindowLongA
DrawTextW
EndPaint
ShowWindow
DrawTextA
GetDC
SendMessageA
SendMessageW
GetMessageA
CreateWindowExA
GetGuiResources
InvertRect
BeginPaint

kernel32

RtlUnwind
GetSystemTimeAsFileTime
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
FormatMessageA
LocalFree
TerminateThread
GetLogicalProcessorInformation
RegisterWaitForSingleObject
CreateTimerQueue
GetMailslotInfo
SuspendThread
DeleteTimerQueue
GetLastError
MultiByteToWideChar
lstrcmpiA
GetFileAttributesA
GetProcAddress
WaitForSingleObject
ReleaseMutex
CloseHandle
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateMutexA
GetVersionExA
GetCurrentProcess
GetVersion
lstrcpynA
ExitProcess
GetModuleFileNameA
FreeLibrary
DeleteFileA
SetEnvironmentVariableA
DuplicateHandle
GetCurrentProcessId
GetEnvironmentVariableA
GetExitCodeProcess
TerminateProcess
ResumeThread
CreateProcessA
GetCommandLineA
LoadLibraryA
FlushFileBuffers
WriteFile
SetCurrentDirectoryA
CreateDirectoryA
GetTempPathA
GetModuleHandleA
ReadConsoleA
WriteConsoleA
GetStdHandle
GetCurrentDirectoryA
GetFullPathNameA
SetErrorMode
QueueUserWorkItem
HeapSize

msvcrt

realloc
rand
_pgmptr
srand
__argc
__argv
memmove
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_callnewh
_ismbblead
__getmainargs
_cexit
_exit
_XcptFilter
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_controlfp
memset
__CxxFrameHandler
atoi
_snprintf
_time64
memcpy
free
malloc

ole32

CoInitializeEx
OleInitialize
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID

shell32

SHGetPathFromIDListA
SHGetDiskFreeSpaceExA
ShellExecuteExA
SHFileOperationA
SHBrowseForFolderA
SHGetInstanceExplorer

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/7e067bca9ec00d81dad93181bbc5e607
.exe windows:4 windows x86 arch:x86

412dc7f10a73d76f53eef0202fc88e4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

PlaySoundA

mfc42

ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5282
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord796
ord674
ord554
ord529
ord366
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord6625
ord4457
ord5252
ord825
ord823
ord4163
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord5012
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord540
ord338
ord800
ord4823
ord5440
ord858
ord5651
ord3127
ord3616
ord860
ord350
ord3126
ord3613
ord3663
ord2740
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord813
ord560
ord5260
ord4133
ord4297
ord2535
ord3693
ord3626
ord2414
ord1641
ord2859
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord4159

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strcmp
memset
memcpy
_ftol
_CxxThrowException
__CxxFrameHandler

kernel32

HeapCreate
GetProcAddress
LoadLibraryA
HeapAlloc
HeapDestroy
HeapFree
GetStartupInfoA
GetModuleHandleA
OutputDebugStringA

user32

UpdateWindow
EnableWindow
MessageBoxA
GetClientRect
GetDC
wsprintfA

gdi32

SelectObject
CreatePen

Exports

Exports

Ip

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/7e2249a0fb48140d312e59538f2af43d
.html
some-samples-master/7e2871b8d37f12f2954d4e84643b6496
.exe windows:5 windows x86 arch:x86

f4887e4b2efc080c49dc209f980e5682

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\[Project]\[BaizhuLocalStorage]\Output\Release\BZDownload.pdb

Imports

imm32

ImmDisableIME

ws2_32

getsockname
getsockopt
ntohs
WSAIoctl
getaddrinfo
freeaddrinfo
recvfrom
sendto
accept
listen
ioctlsocket
gethostname
htonl
ntohl
inet_ntoa
bind
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
WSACleanup
WSAStartup
connect
htons
setsockopt
recv
socket
closesocket
gethostbyname
send
getpeername

winhttp

WinHttpReadData
WinHttpAddRequestHeaders
WinHttpQueryDataAvailable
WinHttpOpenRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpOpen
WinHttpCloseHandle
WinHttpConnect
WinHttpSendRequest
WinHttpCrackUrl
WinHttpSetTimeouts

kernel32

GetTickCount
FreeLibrary
LoadLibraryW
GetTempPathW
LoadLibraryA
DeleteFileW
GetSystemDefaultLangID
GetTimeZoneInformation
GetVersionExA
GetSystemTime
VirtualFree
VirtualAlloc
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
CreateFileW
FreeResource
FindResourceW
LoadResource
SizeofResource
InterlockedExchange
ResetEvent
GetExitCodeThread
ResumeThread
InterlockedIncrement
WideCharToMultiByte
Process32First
TerminateProcess
Process32FirstW
Process32Next
Process32NextW
CreateToolhelp32Snapshot
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
CreateDirectoryW
lstrcpynW
GetFileAttributesW
FileTimeToSystemTime
GetModuleFileNameW
FindClose
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
lstrcmpiW
lstrlenW
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
lstrcatW
OutputDebugStringW
lstrcpyW
LocalAlloc
DeleteFileA
LocalLock
LocalUnlock
LocalSize
LocalFree
CreateThread
SetProcessWorkingSetSize
SetLastError
SleepEx
VerSetConditionMask
GetModuleHandleA
VerifyVersionInfoA
FormatMessageA
GetFileType
GetStdHandle
PeekNamedPipe
ExpandEnvironmentStringsA
GetThreadContext
SetThreadContext
VirtualQuery
CreateProcessW
InterlockedCompareExchange
FlushInstructionCache
VirtualProtect
SuspendThread
LoadLibraryExW
GetACP
AreFileApisANSI
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
UnhandledExceptionFilter
GetCPInfo
GetFileInformationByHandle
FileTimeToLocalFileTime
SetFilePointerEx
GetLocalTime
RtlUnwind
GetCommandLineW
ExitThread
GetSystemInfo
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
IsDebuggerPresent
EncodePointer
GetStringTypeW
WaitForMultipleObjects
CreateEventW
WritePrivateProfileStringW
MultiByteToWideChar
GetSystemDirectoryA
lstrlenA
GetFullPathNameW
SetEnvironmentVariableA
WriteConsoleW
GetDriveTypeW
FindFirstFileExW
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsW
CreateProcessA
SetEvent
WaitForSingleObject
InterlockedDecrement
CreateDirectoryA
Sleep
ExitProcess
GetProcAddress
GetCurrentThread
GetModuleFileNameA
GetTempPathA
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
CreateFileMappingW
InitializeCriticalSection
GetModuleHandleW
GetComputerNameW
GetCurrentProcess
SetUnhandledExceptionFilter
UnmapViewOfFile
MapViewOfFile
CreateMutexW
CreateFileA
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
GetLastError
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetConsoleMode
ReadConsoleW
IsValidCodePage
GetOEMCP
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
LocalReAlloc

user32

IsRectEmpty
OffsetRect
MapWindowPoints
ClientToScreen
GetActiveWindow
GetClassNameW
GetParent
SetClassLongW
GetClassLongW
ScreenToClient
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
GetCaretBlinkTime
CreateCaret
GetCursorPos
GetWindowRect
RemovePropW
SetPropW
SetClipboardData
GetClipboardData
EqualRect
CharUpperBuffW
CharLowerBuffW
GetKeyState
GetSysColor
PtInRect
RedrawWindow
GetFocus
IsMenu
GetMenuStringW
DestroyMenu
GetSubMenu
UnregisterClassW
DispatchMessageW
SendMessageW
IsWindow
ShowWindow
TranslateMessage
SetForegroundWindow
GetMessageW
DefWindowProcW
UpdateWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
SetWindowPos
UpdateLayeredWindow
IntersectRect
SetCursor
DrawTextW
GetPropW
FillRect
IsZoomed
SetWindowRgn
SystemParametersInfoW
OpenClipboard
EmptyClipboard
CloseClipboard
CreateWindowExW
PeekMessageW
RegisterClassExW
LoadCursorW
PostQuitMessage
CharNextA
MessageBoxW
PostMessageW
GetDesktopWindow
InvalidateRect
EnableWindow
SetWindowTextA
EnableMenuItem
GetWindowTextW
LoadIconW
GetSystemMenu
GetSystemMetrics
SetWindowLongW
ReleaseDC
GetWindowLongW
GetDC
BeginPaint
DestroyWindow
EndPaint
CallWindowProcW
KillTimer
SetTimer
GetMenuItemCount
TrackPopupMenu
EndMenu
GetIconInfo
DestroyCursor
LoadImageW
CopyRect
SetRectEmpty
wsprintfW
GetClientRect

gdi32

GetCurrentObject
GetStockObject
GetViewportOrgEx
SetBkColor
SetTextColor
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetClipBox
CreatePatternBrush
PatBlt
CombineRgn
GetBkColor
GetBkMode
GetTextColor
SetRectRgn
CreateRoundRectRgn
ExtCreateRegion
GetRegionData
EnumFontsW
SetViewportOrgEx
SelectClipRgn
CreateRectRgn
BitBlt
CreateDIBSection
StretchBlt
SetDIBColorTable
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontW
GetDIBColorTable
GetObjectW
TextOutW
CreateSolidBrush
DeleteDC
CreateBitmap
TextOutA

advapi32

CryptGetHashParam
RegOpenKeyExA
RegCloseKey
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
RegQueryValueExA
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA

shell32

ShellExecuteW
SHGetPathFromIDListW
Shell_NotifyIconW
SHBrowseForFolderW
ord165
ShellExecuteA
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoUninitialize

oleaut32

LoadTypeLi
VariantInit
VariantClear
SysAllocString
VariantChangeType
DispGetIDsOfNames
GetErrorInfo
SysFreeString

shlwapi

StrStrIW
PathAppendW
PathFileExistsA
PathFileExistsW
StrStrIA
PathAppendA

gdiplus

GdiplusStartup
GdipDeleteBrush
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipDisposeImage
GdipAlloc
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImageHeight
GdipFree
GdiplusShutdown
GdipCreateSolidFill
GdipDrawRectangle
GdipDrawLinesI
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipFillPieI
GdipSetSmoothingMode
GdipGetImagePixelFormat
GdipFillRectangle
GdipLoadImageFromStream
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipGetImageWidth
GdipImageGetFrameDimensionsCount

msimg32

GradientFill
TransparentBlt
AlphaBlend

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupIterateCabinetW

d3d9

Direct3DCreate9

dbghelp

MiniDumpWriteDump

rasapi32

RasEnumConnectionsW

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

_TrackMouseEvent
ord17

crypt32

CertFreeCertificateContext

wldap32

ord301
ord200
ord30
ord79
ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord60
ord211
ord46
ord143
ord35

Sections

.text
Size: 879KB - Virtual size: 878KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dtd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dtc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/7e573e39fc9f9f333f6d84547b71481b
.js
some-samples-master/7e74627dcb8707c41c7f44c0d5106aec
.exe windows:4 windows x86 arch:x86

b90ff77ffc4997b42f3450b12342ffd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
_stricmp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

kernel32

CreateFileA
CloseHandle
FreeLibrary
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
VirtualAlloc
GetProcessHeap
HeapAlloc
Sleep
ReadFile
GetFileSize
GetModuleHandleA
GetStartupInfoA
WriteFile

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/7e82bb09ada94d2bb9f1f0a5d7307ffc
some-samples-master/7e922e91f371371c7598d36e3841df97
.html .js polyglot
some-samples-master/7ea5b8497bc074da3b8821afc24644b0
.js
some-samples-master/7eef50ffbfde57a8556dee36ea16d8ae
.exe windows:5 windows x86 arch:x86

4a3e896b295785cf8d7280a6d79ca0e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
FindFirstFileW
GetCurrentThread
FileTimeToSystemTime
SetThreadPriority
FindClose
FindNextFileW
GetWindowsDirectoryW
GetCommandLineW
CreateDirectoryW
LoadLibraryW
lstrcmpiA
WTSGetActiveConsoleSessionId
MoveFileExW
SetFilePointer
SetEndOfFile
WriteFile
ExpandEnvironmentStringsW
GetPrivateProfileStringW
FlushFileBuffers
GetPrivateProfileIntW
GetUserDefaultUILanguage
CreateMutexW
SetErrorMode
GetComputerNameW
TerminateThread
WriteProcessMemory
CreateThread
SetHandleInformation
GetExitCodeProcess
ReadFile
GetExitCodeThread
CreatePipe
GetEnvironmentVariableW
FileTimeToDosDateTime
GetTempFileNameW
VirtualFree
GetTickCount
SystemTimeToFileTime
SetFilePointerEx
GetLogicalDriveStringsW
HeapFree
GetProcessHeap
SetFileTime
VirtualQueryEx
Thread32First
WideCharToMultiByte
ReadProcessMemory
HeapDestroy
HeapCreate
lstrcpynW
Thread32Next
GetTimeZoneInformation
MultiByteToWideChar
lstrlenW
GetTempPathW
GetFileSizeEx
OpenMutexW
VirtualProtectEx
VirtualAllocEx
RemoveDirectoryW
QueryDosDeviceW
GetFileTime
ReleaseMutex
FileTimeToLocalFileTime
GetVolumeNameForVolumeMountPointW
GetFileInformationByHandle
GetSystemTime
InterlockedExchange
GetLocalTime
ResetEvent
SetLastError
GetLastError
CreateEventA
SetFileAttributesW
GetLogicalDrives
GetDriveTypeW
lstrcmpiW
LoadLibraryA
FreeLibrary
GetFileAttributesW
GlobalUnlock
GlobalLock
GetCurrentProcessId
HeapReAlloc
OpenEventW
SetEvent
LocalFree
GetVersionExW
GetNativeSystemInfo
WaitForMultipleObjects
CreateEventW
Sleep
ResumeThread
DeleteFileW
DuplicateHandle
CreateToolhelp32Snapshot
VirtualProtect
Process32NextW
CreateFileMappingA
Process32FirstW
GetProcAddress
CreateFileW
TerminateProcess
CopyFileW
OpenProcess
CreateRemoteThread
IsBadReadPtr
GetModuleHandleW
GetCurrentProcess
CreateProcessW
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
GetFileSize
CloseHandle
GetFileAttributesExW
GetProcessId
EnterCriticalSection
VirtualAlloc
LeaveCriticalSection
VirtualFreeEx
InitializeCriticalSection
SetThreadContext
GetThreadContext
ExitProcess
ExitThread
GetModuleFileNameW
HeapAlloc

user32

CharUpperW
CharLowerA
GetDC
CharLowerW
MsgWaitForMultipleObjects
LoadImageW
ToUnicode
PeekMessageW
DispatchMessageW
GetForegroundWindow
CharLowerBuffA
GetKeyboardState
TranslateMessage
GetMessageW
GetCursorPos
GetIconInfo
DrawIcon
MessageBoxA
CharToOemW
ExitWindowsEx
GetClipboardData

advapi32

InitiateSystemShutdownExW
CryptCreateHash
AllocateAndInitializeSid
LookupPrivilegeValueW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptReleaseContext
RegCreateKeyExW
GetTokenInformation
GetSidSubAuthorityCount
OpenThreadToken
CryptAcquireContextW
GetSidSubAuthority
OpenProcessToken
CryptGetHashParam
IsWellKnownSid
RegCloseKey
RegEnumValueW
RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyW
EqualSid
RegQueryValueExW
RegQueryValueExA
ConvertSidToStringSidW
GetLengthSid
CreateProcessAsUserW
CreateProcessAsUserA
SetSecurityInfo
FreeSid
RegOpenKeyExW
GetSecurityDescriptorSacl
CheckTokenMembership
SetSecurityDescriptorSacl
CryptDestroyHash
AdjustTokenPrivileges
RegSetValueExW
GetSecurityDescriptorDacl
CryptHashData
RegEnumKeyExW
RegEnumKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW

shlwapi

PathUnquoteSpacesW
PathRemoveBackslashW
PathQuoteSpacesW
PathRenameExtensionW
StrCmpNIA
UrlUnescapeA
wvnsprintfW
PathIsDirectoryW
PathAddBackslashW
SHDeleteValueW
PathSkipRootW
SHDeleteKeyW
PathCombineW
PathAddExtensionW
PathMatchSpecW
wvnsprintfA
StrStrIA
StrStrIW
StrCmpNIW
PathRemoveFileSpecW
PathFindFileNameW
PathIsURLW

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

secur32

GetUserNameExW

ole32

StringFromGUID2
CoInitializeEx
CoInitialize
CoGetObject
CLSIDFromString
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity

gdi32

GetDeviceCaps

ws2_32

WSAGetOverlappedResult
WSARecv
WSAEventSelect
WSAEnumNetworkEvents
WSAConnect
WSAGetLastError
inet_addr
gethostbyname
getpeername
recvfrom
WSAIoctl
connect
WSAAddressToStringW
WSAStartup
getaddrinfo
WSASocketA
shutdown
setsockopt
sendto
recv
bind
socket
freeaddrinfo
WSASetLastError
send
listen
WSAWaitForMultipleEvents
getsockname
accept
WSACloseEvent
WSAResetEvent
closesocket
select
WSACreateEvent
WSASend

crypt32

PFXImportCertStore
CertDeleteCertificateFromStore
CryptUnprotectData
CertCloseStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
PFXExportCertStoreEx
CertOpenSystemStoreW

wininet

HttpQueryInfoA
InternetSetStatusCallbackA
InternetOpenA
InternetSetOptionA
InternetCrackUrlW
InternetCrackUrlA
InternetQueryOptionW
InternetConnectA
InternetQueryOptionA
InternetCloseHandle
HttpEndRequestW
HttpSendRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetSetFilePointer
InternetGetCookieA
HttpOpenRequestW
HttpOpenRequestA
HttpAddRequestHeadersW
InternetSetStatusCallbackW
GetUrlCacheEntryInfoW
HttpSendRequestW
InternetReadFile
InternetReadFileExA
InternetQueryDataAvailable
HttpSendRequestExW
HttpSendRequestExA

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString

netapi32

NetApiBufferFree
NetUserEnum
NetUserGetInfo

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ntdll

NtQueryKey

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/7f5f7818d281ca4f765d27485107b9ca
.html .js polyglot
some-samples-master/7f8521843c9f48f2486479e2f6627fbb
.html .js polyglot
some-samples-master/7f86a0661c7b4b6f0f209734d3f4f9f6
.exe windows:5 windows x86 arch:x86

01d3e95f04abdaafab59f55da046f829

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\桌面\20170730改版企业版2.9源码\serverdata\Release\NewTest.pdb

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
lstrcpyA
CloseHandle
ReadFile
GetFileSize
CreateFileA
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapCreate
HeapDestroy
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/7fa0f88bc455b0769c839df1dba636c7
.html .js polyglot
some-samples-master/7fb09a59c3e8f9ea3d46598bbbc27b16
.js
some-samples-master/7fe25d38cd9c5b81c5acda16518a2702
.html .js polyglot
some-samples-master/7feccbef4ed3a323ed763d24d022e4df
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/7ff1c2dfbe83973acf366d432c4ab598
.html .js polyglot
some-samples-master/8009e4433aad21916a7761d374ee2be9
.exe windows:5 windows x86 arch:x86

169dbb2bfac932eeb207c950d5b2f249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSaveKeyW
RegRestoreKeyW
RegEnumKeyA
RegCreateKeyExA
RegReplaceKeyA
ReadEventLogA
RegUnLoadKeyA
IsTextUnicode
CryptSignHashA
ClearEventLogW
OpenEventLogW
RegOpenKeyW
RegDeleteValueA

shell32

SHGetFileInfoA
DragFinish
SHGetMalloc
ExtractIconA
ShellMessageBoxA
FindExecutableA
StrStrA
SHChangeNotify
DragQueryFileA
ShellAboutA
DragQueryPoint

shlwapi

UrlIsW
UrlCompareW
PathIsURLA
PathCommonPrefixW
UrlIsOpaqueW
UrlHashA
UrlIsNoHistoryW
PathCompactPathW
UrlGetPartW
PathCombineW
UrlGetLocationA
UrlEscapeA
UrlUnescapeW
PathStripPathA

modemui

InvokeControlPanel
drvSetDefaultCommConfigA

comsvcs

RecycleSurrogate
CoCreateActivity
CoEnterServiceDomain

kernel32

DeleteFileA
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetCommandLineA
WaitForSingleObject
CreateWaitableTimerA
OpenSemaphoreA
WaitNamedPipeA
InterlockedIncrement
GetProcessHeap
OpenMutexW
FindNextFileA
MoveFileExA
LoadLibraryExW

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/802385019eac7a847e8c90ffc95d9ac6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/80592afad730280a1031fbeff4e9beb5
.elf linux x86
some-samples-master/806fefb13f122479c7dc06511888f939
.js
some-samples-master/808f69c9fa85188337b54703ee87f140
some-samples-master/80a3314f16d6bdc4278f849023f4c206
.exe windows:4 windows x86 arch:x86

f6baa5eaa8231d4fe8e922a2e6d240ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHGetMalloc
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
ShellExecuteExW

gdi32

CreateCompatibleDC
CreateFontIndirectW
DeleteObject
DeleteDC
GetCurrentObject
StretchBlt
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
SetStretchBltMode
GetObjectW

advapi32

FreeSid
AllocateAndInitializeSid
CheckTokenMembership

user32

GetWindowLongW
GetMenu
SetWindowPos
GetWindowDC
ReleaseDC
GetDlgItem
GetParent
GetWindowRect
GetClassNameA
CreateWindowExW
SetTimer
GetMessageW
DispatchMessageW
KillTimer
DestroyWindow
SendMessageW
EndDialog
wsprintfW
GetWindowTextW
GetWindowTextLengthW
GetSysColor
wsprintfA
SetWindowTextW
MessageBoxA
ScreenToClient
GetClientRect
SetWindowLongW
UnhookWindowsHookEx
SetFocus
GetSystemMetrics
SystemParametersInfoW
ShowWindow
DrawTextW
GetDC
ClientToScreen
GetWindow
DialogBoxIndirectParamW
DrawIconEx
CallWindowProcW
DefWindowProcW
CallNextHookEx
PtInRect
SetWindowsHookExW
LoadImageW
LoadIconW
MessageBeep
EnableWindow
IsWindow
EnableMenuItem
GetSystemMenu
CreateWindowExA
wvsprintfW
CharUpperW
GetKeyState
CopyImage

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoInitialize

oleaut32

VariantClear
SysFreeString
OleLoadPicture
SysAllocString

kernel32

GetFileSize
SetFilePointer
ReadFile
WaitForMultipleObjects
GetModuleHandleA
SetFileTime
SetEndOfFile
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FormatMessageW
lstrcpyW
LocalFree
IsBadReadPtr
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
TerminateThread
InitializeCriticalSection
ResetEvent
SetEvent
CreateEventW
GetVersionExW
GetModuleFileNameW
GetCurrentProcess
SetProcessWorkingSetSize
SetCurrentDirectoryW
GetDriveTypeW
CreateFileW
GetCommandLineW
GetStartupInfoW
CreateProcessW
CreateJobObjectW
ResumeThread
AssignProcessToJobObject
CreateIoCompletionPort
SetInformationJobObject
GetQueuedCompletionStatus
GetExitCodeProcess
CloseHandle
SetEnvironmentVariableW
GetTempPathW
GetSystemTimeAsFileTime
lstrlenW
CompareFileTime
SetThreadLocale
FindFirstFileW
DeleteFileW
FindNextFileW
FindClose
RemoveDirectoryW
ExpandEnvironmentStringsW
WideCharToMultiByte
VirtualAlloc
GlobalMemoryStatusEx
lstrcmpW
GetEnvironmentVariableW
lstrcmpiW
lstrlenA
GetLocaleInfoW
MultiByteToWideChar
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetSystemDefaultLCID
lstrcmpiA
GlobalAlloc
GlobalFree
MulDiv
FindResourceExA
SizeofResource
LoadResource
LockResource
LoadLibraryA
GetProcAddress
GetModuleHandleW
ExitProcess
lstrcatW
GetDiskFreeSpaceExW
SetFileAttributesW
SetLastError
Sleep
GetExitCodeThread
WaitForSingleObject
CreateThread
GetLastError
SystemTimeToFileTime
GetLocalTime
GetFileAttributesW
CreateDirectoryW
WriteFile
GetStdHandle
VirtualFree
GetStartupInfoA

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
memcmp
free
memcpy
_wtol
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
_beginthreadex
_EH_prolog
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
memset
_wcsnicmp
strncmp
wcsncmp
malloc
memmove
_purecall

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/80b24ee589afb21a3829fdb022ceda59
.html .vbs polyglot
some-samples-master/80e1bb38b1789a08307a4ecc0df896cb
.html .js polyglot
some-samples-master/813391f0144c9f8c40454fc231c1f447
.html
some-samples-master/81787bdaedfe960c89914d85f24e9a40
some-samples-master/818818f23802d9f4730f9b19dae7cc0a
.exe windows:5 windows x86 arch:x86

e46d0f037bce12b13147a212c0e82514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Took\Fill\surprise\name\Land\Captain\plan\Himeither.pdb

Imports

kernel32

GetModuleHandleA
InterlockedExchange
CompareStringA
GetLocaleInfoW
GetSystemTimeAsFileTime
GetTimeFormatA
GetDateFormatA
RaiseException
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetStartupInfoW
HeapAlloc
HeapReAlloc
HeapSize
ExitProcess
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
VirtualAlloc
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
CreateFileA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
InterlockedCompareExchange
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalFlags
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
LoadLibraryA
lstrcmpW
GetVersionExA
lstrlenA
lstrcmpA
CompareStringW
InterlockedIncrement
GetCurrentThreadId
CloseHandle
MultiByteToWideChar
FormatMessageW
lstrlenW
WideCharToMultiByte
GetCurrentProcessId
FreeLibrary
FindResourceW
LoadResource
LockResource
SizeofResource
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleW
TlsFree
GlobalFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalAlloc
GlobalHandle
GlobalUnlock
GlobalReAlloc
GlobalLock
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalFree
LocalAlloc
GetLastError
SetLastError
GetTempPathW
GetCurrentDirectoryW
MulDiv
Sleep
LoadLibraryW
HeapFree
GetProcAddress

user32

InflateRect
SetParent
EndDeferWindowPos
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
DestroyMenu
ClientToScreen
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
PostMessageW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
GetMenu
SetWindowLongW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetWindow
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetWindowTextW
LoadCursorW
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
SetWindowsHookExW
CallNextHookEx
DispatchMessageW
GetKeyState
PeekMessageW
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
SendMessageW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
MessageBoxW
SetWindowTextW
PostQuitMessage
UnhookWindowsHookEx
RegisterWindowMessageW
LoadIconW
IntersectRect
ExitWindowsEx
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
GetClientRect
GetMessageTime

ole32

CoRevokeClassObject
CoUninitialize
OleInitialize
OleSetContainedObject
CoInitialize
OleUninitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

gdi32

DeleteObject
SetBkColor
SetTextColor
CreateBitmap
ExtTextOutW
SaveDC
RestoreDC
SetMapMode
PtVisible
RectVisible
TextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
GetDeviceCaps
GetClipBox

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 749KB - Virtual size: 749KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/81896657c5ce74289be0995022f76e0b
.html .js polyglot
some-samples-master/8194e1d28082372b30f8a77efbda213d
.html .js polyglot
some-samples-master/81ae92669839137a7de49b6872daa37d
.exe windows:5 windows x86 arch:x86

f13b1fe29c1915757f4f8668fd03fde1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSaveKeyA
RegRestoreKeyA
RegEnumKeyA
RegCreateKeyExA
RegReplaceKeyA
RegDeleteTreeA
RegUnLoadKeyA
LogonUserA
CryptSignHashA
ClearEventLogW
OpenEventLogA
RegOpenKeyA
RegDeleteValueW

shell32

SHGetFileInfoW
Shell_NotifyIconA
SHFree
ExtractIconW
SHDefExtractIconA
FindExecutableW
StrStrA
StrRChrA
DragQueryFileW
ShellAboutA
SHGetFolderPathW

shlwapi

UrlIsA
UrlCompareA
PathIsURLW
PathCommonPrefixA
UrlIsOpaqueW
UrlHashW
UrlIsNoHistoryW
PathCompactPathW
UrlGetPartW
PathCombineA
UrlGetLocationA
UrlEscapeA
PathIsRootA
UrlCanonicalizeA

authz

AuthzFreeResourceManager
AuthzFreeAuditEvent

ctl3d32

Ctl3dUnregister
Ctl3dGetVer
Ctl3dEnabled

kernel32

DeleteFileW
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetCommandLineA
WaitForSingleObject
CreateJobObjectA
OpenJobObjectA
WaitNamedPipeW
InterlockedExchange
GetTickCount
OpenMutexA
FindNextFileA
MoveFileExA
LoadLibraryExW

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/81c4603681c46036.i586_3df80916a0d54cdf5eb3d476b4ae176d
.elf linux x86
some-samples-master/81c4603681c46036.i586_70252409356eb79f9fe3cc6fee5644a7
.elf linux x86
some-samples-master/81db52bd2b57c1d3daab4ec702a0be47
.html .js polyglot
some-samples-master/81e0b9400eb8bd83dd14fb8fe190b72d
.elf linux x86
some-samples-master/81f2e78a06cb975d17bab87baa38360d
.html
some-samples-master/820258e5c751fe9cc20f5802cbcd4ba1
.html .js polyglot
some-samples-master/821b4d695dfec859392623ffe32d2f32
some-samples-master/8225d4fcc486cd0b8ee1a1b6e3a935fd
.html
some-samples-master/8230e93f31694361b246ecd6e30644a3
.html
some-samples-master/823cd394661233ff66d0630b5530c868
.js
some-samples-master/825a2caa170dcc1d89275757e29a51f3
.exe windows:5 windows x86 arch:x86

01d3e95f04abdaafab59f55da046f829

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\桌面\20170730改版企业版2.9源码\serverdata\Release\NewTest.pdb

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
lstrcpyA
CloseHandle
ReadFile
GetFileSize
CreateFileA
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapCreate
HeapDestroy
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/828747d64fe5c9b956550dff864c3767
.html .js polyglot
some-samples-master/8293defcb63d004f63772ec6e5c4af69
.exe windows:5 windows x86 arch:x86

de3a66dd5f28f9b9ef0e9b02902fb728

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\Mention\clothes\Investigatin.pdb

Imports

kernel32

LocalFree
lstrcpyA
SetEnvironmentVariableA
CompareStringW
GetStringTypeW
MultiByteToWideChar
LCMapStringW
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
Sleep
RtlUnwind
GetTimeZoneInformation
LoadLibraryA
LoadLibraryW
lstrcatA
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
EnumTimeFormatsA
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
FindClose
GetProcAddress
lstrcmpiA
GetLastError
FindFirstFileA
SetThreadLocale
CreateDirectoryA
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
HeapCreate
EncodePointer
GetModuleFileNameW
GetStdHandle
WriteFile
DecodePointer
ExitProcess
GetModuleHandleW
IsProcessorFeaturePresent
HeapFree
IsDebuggerPresent
HeapAlloc
LoadResource
GetTickCount
FindResourceExW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileExA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
TerminateProcess

user32

GetCursorPos
SetWindowTextW
GetSubMenu
CallWindowProcA
DrawMenuBar
DefWindowProcA
GetClassNameW
CreateWindowExA
GetWindowLongA
MessageBoxA
EndPaint
DestroyWindow
GetUserObjectInformationA
GetClassNameA
SetWindowLongA
CopyImage
LoadBitmapA
GetParent
GetProcessWindowStation
IsWindowEnabled
SendMessageA
BeginPaint
TrackPopupMenuEx
CreatePopupMenu

gdi32

DeleteObject
FillRgn
GetEnhMetaFilePixelFormat
GetGlyphOutlineW
GetObjectA
CreateSolidBrush
DeleteDC

winspool.drv

StartDocPrinterA
StartPagePrinter
ClosePrinter
OpenPrinterA
GetPrinterDataA
EndDocPrinter

comdlg32

PageSetupDlgA
PrintDlgA

oleaut32

RevokeActiveObject
VarUI8FromUI1

ws2_32

WSCDeinstallProvider
WSAGetQOSByName

shlwapi

PathCompactPathA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_GetImageCount

gdiplus

GdiplusStartup
GdiplusShutdown

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/8298fcd061440d8ef6339d823fde9f6e
.html .js polyglot
some-samples-master/82cbd932efd941c62d388c3942167bb1
.exe windows:5 windows x86 arch:x86

cc8fac15860bc0b22fa21b2df13d2eed

Code Sign

62:b0:0a:f7:b4:2a:23:9d:1c:14:09:00:7f:ae:ff:b5
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

04-11-2015 09:27

Not After

04-11-2016 09:27

Subject

CN=Shanghai Yishen Network Technology Co.\, Ltd.,O=Shanghai Yishen Network Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
SetWindowPos
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
EndDialog
GetSystemMetrics
CreatePopupMenu
AppendMenuA
GetWindowRect
SetDlgItemTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadBitmapA
IsWindowVisible
CallWindowProcA
GetMessagePos
ScreenToClient
CheckDlgButton
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
CharNextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
TrackPopupMenu
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint

kernel32

RemoveDirectoryA
GetSystemDirectoryA
LoadLibraryA
lstrcatA
lstrlenA
GetTempFileNameA
CreateFileA
CreateProcessA
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
SetErrorMode
GetVersion
GetCommandLineA
GetTempPathA
GetWindowsDirectoryA
ExitProcess
CopyFileA
GetCurrentProcess
GetModuleFileNameA
GetFileSize
GetTickCount
Sleep
SetFileAttributesA
CreateDirectoryA
GetLastError
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
SetFileTime
CloseHandle
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsA
lstrcmpA
lstrcmpiA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
SetFileSecurityA

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

ntdll

_allshl
_aulldiv
_aulldvrm
_allmul
_alldiv
_allshr
_allrem

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 624KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/833ea573bce8ce8339d2e1824874fcdc
.js
some-samples-master/838467b26a3eda077bb67b1b8f5f51ad
.html .js polyglot
some-samples-master/8391b2ca59adf389b83c5c4ae900ffaa
.html .js polyglot
some-samples-master/839a515c6cb50c16ef4c806878500e8f
.js
some-samples-master/83ed570f63271d301dbe5f37b6db7aed
.html
some-samples-master/840030c6dce53f52f664e52e628c05cf
.html .js polyglot
some-samples-master/842f61354b3f82c1ea33ec35abaac9a7
.html .js polyglot
some-samples-master/844290834b6450425b146d4517cdf780
.elf linux x86
some-samples-master/8481e5cb8eb1c6681d34bd970f19c12d
.html .js polyglot
some-samples-master/84a63deeafb5ce716a65d2924afd6df7
.html .js polyglot
some-samples-master/84fb8955ed14d24e14534c24c76810db
some-samples-master/852ff88033de2639e1d58225a18edc44
.html
some-samples-master/854d7c02a76f294f1f730b9f672cedcb
.html .js polyglot
some-samples-master/855c8a81cdf187a2481ed128452fb734
.js
some-samples-master/85875718160f86a6b2a50befab250f43
.exe windows:5 windows x86 arch:x86

e7e07b93fdc69b81173827f60d465a09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSaveKeyW
RegRestoreKeyA
RegEnumKeyA
RegCreateKeyExA
RegReplaceKeyA
ReadEventLogW
RegUnLoadKeyA
LogonUserA
CryptSignHashA
ClearEventLogA
OpenEventLogW
RegOpenKeyA
RegDeleteValueW

shell32

SHGetFileInfoA
DragFinish
SHGetMalloc
ExtractIconW
ShellMessageBoxW
FindExecutableA
StrStrA
SHChangeNotify
DragQueryFileW
ShellAboutW
SHGetFolderPathA

shlwapi

UrlIsW
UrlCompareW
PathIsURLW
PathCommonPrefixW
UrlIsOpaqueW
UrlHashW
UrlIsNoHistoryW
PathCompactPathW
UrlGetPartW
PathCombineW
UrlGetLocationW
UrlEscapeW
UrlUnescapeA
PathStripPathA

untfs

Recover
Extend

cryptdll

CDLocateRng
MD5Init
MD5Update

kernel32

DeleteFileA
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetCommandLineA
WaitForSingleObject
CreateWaitableTimerA
OpenEventW
WaitNamedPipeW
InterlockedIncrement
GetTickCount
OpenMutexA
FindNextFileA
MoveFileExW
LoadLibraryExW

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/85898e64ffc1675bad1d52278bbb14eb
.exe windows:4 windows x86 arch:x86

821c3c157aa70dd41f3fb8b96793b6d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
OpenProcess
CopyFileA
GetSystemInfo
GetSystemDefaultUILanguage
GetVersionExA
GetThreadLocale
TerminateProcess
GetTempPathA
WinExec
lstrlenA
OpenMutexA
ReleaseMutex
ExitProcess
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
SetThreadPriority
LoadLibraryA
GetProcAddress
CloseHandle
CreateThread
MultiByteToWideChar
lstrcpyA
OutputDebugStringA
ExitThread
Sleep
GetTickCount
lstrcatA
GetLastError
GetLocaleInfoA
GetACP
GetSystemTimeAsFileTime
InterlockedExchange
InterlockedCompareExchange
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId

user32

wsprintfA

advapi32

CreateServiceA
StartServiceA
RegOpenKeyA
RegisterServiceCtrlHandlerA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus
OpenServiceA
CloseServiceHandle
DeleteService
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
StartServiceCtrlDispatcherA

shell32

SHChangeNotify
ShellExecuteExA

msvcr80

__CxxFrameHandler3
atoi
strncpy
strcspn
??_U@YAPAXI@Z
??2@YAPAXI@Z
_CxxThrowException
strncmp
_except_handler4_common
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_invoke_watson
_controlfp_s
printf
srand
rand
_time64
strstr
??3@YAXPAX@Z
memset
strchr
malloc
realloc
__iob_func
fprintf
__setusermatherr
sprintf

ws2_32

WSAIoctl
setsockopt
htonl
recv
WSACleanup
WSAGetLastError
select
__WSAFDIsSet
WSASocketA
closesocket
connect
htons
sendto
WSAStartup
send
inet_addr
gethostbyname
socket

shlwapi

SHDeleteKeyA

netapi32

NetLocalGroupAddMembers
NetUserAdd

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/85956d7b3126d1793b2e40b07906ee1a
.exe windows:5 windows x86 arch:x86

3e5f6c4e8a2577d4052cee25ca87823c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\zcg\Desktop\files\ms15-051\ms15-051\Win32\ms15-051.pdb

Imports

ntdll

RtlUnwind
RtlGetVersion
NtQuerySystemInformation

kernel32

FreeLibrary
HeapAlloc
GetCurrentProcess
HeapFree
WaitForSingleObject
GetModuleHandleW
GetProcessHeap
CreateProcessA
GetSystemDirectoryA
InterlockedExchange
GetProcAddress
IsWow64Process
GetModuleHandleA
LoadLibraryExA
VirtualProtect
GetCurrentProcessId
IsProcessorFeaturePresent
LCMapStringW
GetStringTypeW
CreateFileW
CloseHandle
HeapSize
IsValidCodePage
GetOEMCP
EnterCriticalSection
LeaveCriticalSection
GetCommandLineA
HeapSetInformation
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
Sleep
GetLastError
ExitProcess
DecodePointer
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
EncodePointer
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
HeapReAlloc
LoadLibraryW
WriteConsoleW
MultiByteToWideChar
SetFilePointer
SetStdHandle
GetCPInfo
GetACP

user32

UnregisterClassW
RegisterClassExW
LoadIconW
SetWindowLongW
DefWindowProcW
CreateWindowExW

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/85c70c3437ebe4b0b630a653b7a480ab
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 160KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/85e06f647d354802069eaaf4e2da3471
.html
some-samples-master/85f7033a11b62ca813a6044469ffbf19
.html .js polyglot
some-samples-master/8620e65437de76f953a680ab4ac5247c
.js
some-samples-master/86269bf92da9cee45e34b6a6e9a2845d
.html .js polyglot
some-samples-master/8639dcfe804745d6c57fda8297394d4d
.html
some-samples-master/8689f535c76384d25e9f8505ca8c5d43
.exe windows:4 windows x86 arch:x86

36ad125d833d401ebd011e5cfb5c0ce2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
ReleaseMutex
GetFileSize
GetFileAttributesA
WaitForSingleObject
GetLastError
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
ExitThread
GetStartupInfoA
GetModuleHandleA
CloseHandle
WinExec
LoadLibraryA
GetProcAddress
GlobalAlloc
Sleep
TerminateProcess

user32

GetDesktopWindow
wsprintfA

advapi32

StartServiceCtrlDispatcherA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

ShellExecuteA
SHChangeNotify
ShellExecuteExA

ws2_32

WSAStartup
closesocket
htonl
select
recv
setsockopt
socket
connect
WSACleanup
send
htons
__WSAFDIsSet
inet_addr
sendto
inet_ntoa

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

msvcrt

??2@YAPAXI@Z
??3@YAXPAX@Z
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
realloc
malloc
atoi
strncpy
strcspn
strstr
sprintf
strncmp
exit
free

Sections

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/869debb0e6580ac74dd321fbefb6a2ed
some-samples-master/86bf4819706529d8abf295ec9419c7ef
.html .js polyglot
some-samples-master/86de1d0ae2c2716eb7f40d1cebef8697
.html .js polyglot
some-samples-master/86e9bd5c25896e156f8c8880bbde4aa9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/86f2c3ce1975bcc6d9e7d47438c70312
.js
some-samples-master/8701213fa958f7a52a2ecdbf909b6e91
.html
some-samples-master/871edb29e03d127e52bfdaf10f6325fc
.html .js polyglot
some-samples-master/87428540bd55fa637a4929348d2ee736
.js
some-samples-master/8742a138c7d2e6c762533a25f67b40a6
.exe windows:5 windows x86 arch:x86

46ec036f108b9442762024102130efcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE

Imports

nddeapi

NDdeShareAddA
NDdeShareDelA
NDdeShareGetInfoA

kernel32

GetModuleFileNameA
lstrcmpiA
GetDateFormatW
GetModuleHandleW
GetProcAddress
CreateMailslotW
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyA
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogA
ClearEventLogW
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrW
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopA
wsprintfA
PostMessageW
GetDlgItemTextW
IsDialogMessageA
DispatchMessageA
GetMessageA
LoadMenuA
LoadStringA
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateA
InsertMenuW
GetPropW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/874fc1c6421010f837c68242b2640e6f
.html
some-samples-master/87b6969abb881c05bf52be2c6ce86f2d
.js
some-samples-master/88320a273ade0faac495e3973390a301
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tqn
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/8843dd6c0d37f2b24cc3f3e5ce5564cb
.dll windows:5 windows x86 arch:x86

87695cae3846255f1d81b19599ef52e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

LoadStringW

advapi32

RegQueryValueExW

winspool.drv

ClosePrinter
GetDefaultPrinterW

winmm

timeEndPeriod

version

VerQueryValueW

oleaut32

SysReAllocStringLen
SysFreeString
SafeArrayGetLBound

comctl32

ImageList_EndDrag

gdi32

SetAbortProc

ole32

OleUninitialize

shell32

Shell_NotifyIconW

Exports

Exports

_a

Sections

Size: - Virtual size: 2.0MB

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/88625d47995595c6e488b0a9d16c60e2
.html .js polyglot
some-samples-master/886c04e400a44818f583d107bbe62fbf
.js
some-samples-master/88a3d2f7d4acb84a6a5222004c03af8b
.html
some-samples-master/88ad4addbea1d2c4e769ba9fe02216c7
.js
some-samples-master/88caf3ffdebfb4cf0bef329c54c53fd2
.js
some-samples-master/88da9e3778e71349871f5b549592f5da
.js
some-samples-master/88de0f8eb87251b7ade6a71b77cd24dd
some-samples-master/88eeb228eed67d1a08e3e7ff0e8b49aa
.html
some-samples-master/892e725b8044da54c9ac91393c9f3af7
.html .js polyglot
some-samples-master/8958c1a8a7763b18bb28b5a75bab5d50
.exe windows:4 windows x86 arch:x86

888f7c3cb1911069f97ed9c2bd4061db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetPriorityClass
GetCurrentProcess
ResumeThread
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
DebugBreak
lstrcmpiA
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
GetFileAttributesA
GetDriveTypeA
ReadFile
GetFileSize
CallNamedPipeA
GetUserDefaultLangID
lstrlenW
FileTimeToSystemTime
SetFilePointer
GetTempPathA
GetTempFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetLastError
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
SetFileAttributesA
GetModuleHandleA
SetLastError
GetWindowsDirectoryA
GetShortPathNameA
CreateFileA
WriteFile
CloseHandle
MoveFileA
lstrcpyA
GetTickCount
CopyFileA
DeleteFileA
GetModuleFileNameA
lstrcpynA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FreeLibrary
lstrlenA
HeapAlloc
lstrcatA

user32

CharNextA
GetKeyboardType
PeekMessageA
MsgWaitForMultipleObjects
SetCursor
SetWindowLongA
SetTimer
EndDialog
GetSystemMetrics
BeginDeferWindowPos
GetWindowTextA
SetWindowTextA
DeferWindowPos
EndDeferWindowPos
LoadStringA
GetClientRect
ScreenToClient
PostMessageA
GetDC
ReleaseDC
ShowWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendMessageA
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
wvsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetMessageA
RedrawWindow
KillTimer
InvalidateRect
UpdateWindow
GetDlgItemTextA
LoadCursorA
TranslateMessage
DispatchMessageA
wsprintfA
LoadImageA

gdi32

UpdateColors
SetTextColor
SetBkMode
GetDeviceCaps
SelectPalette
CreateHalftonePalette
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
DeleteObject
RealizePalette
BitBlt
DeleteDC
SelectObject

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
StrRChrA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
VariantClear

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/89780c88b6fcc1440663038405e3deaf
.html
some-samples-master/897b5cf83b914cb1115da050d5b85e71
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/897b67f20b58e94ef1c1d4dd5f1d7358
.html
some-samples-master/89994353604c350f32aae395a283752c
.js
some-samples-master/89bc29851374029d6263d6f9c7317bbf
.exe windows:4 windows x86 arch:x86

a250cb9130479ac86c0182066a244012

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3254
ord2441
ord1695
ord5006
ord5656
ord4470
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5476
ord3403
ord2879
ord2878
ord4154
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5285
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord736
ord807
ord739
ord450
ord439
ord554
ord442
ord825
ord747
ord5495
ord2104
ord4460
ord2494
ord2627
ord2626
ord4163
ord6625
ord6064
ord5252
ord4614
ord4613
ord1942
ord4272
ord4589
ord4899
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord4078
ord5240
ord5290
ord4441
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5259
ord2535
ord4723
ord4448
ord1842
ord4242
ord5472
ord4151
ord5282
ord796
ord794
ord674
ord529
ord527
ord366
ord6000
ord2117
ord4457
ord2252
ord1133
ord3481
ord3797
ord4284
ord1895
ord4958
ord3407
ord4990
ord4927
ord4932
ord4937
ord4717
ord4688
ord4946
ord5018
ord5108
ord4912
ord4646
ord4980
ord4522
ord4993
ord4537
ord5075
ord4038
ord3281
ord3353
ord4626
ord4424
ord457
ord749
ord4653
ord6194
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord459
ord561
ord743
ord1134
ord1199
ord1205
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5241
ord5280
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1894
ord4254
ord2486
ord4015
ord4957
ord4861
ord4826
ord3187
ord4950
ord2437
ord2171
ord5020
ord4517
ord4640
ord4916
ord5002
ord4494
ord4491
ord5021
ord3106
ord4605
ord5000
ord4416
ord5090
ord5501
ord4628
ord4657
ord5752
ord4155
ord2991
ord3417
ord5025
ord3514
ord6344
ord5627
ord1003
ord3449
ord3787
ord3250
ord4697
ord3060
ord3066
ord6336
ord2510
ord2542
ord5244
ord5742
ord1747
ord5577
ord3172
ord5654
ord4423
ord4956
ord4860
ord2402
ord4387
ord3454
ord3198
ord6081
ord6175
ord3261
ord4623
ord4430
ord748
ord1206
ord2623
ord456
ord1223
ord4825
ord1849
ord4244
ord2583
ord4403
ord5253
ord3998
ord1576
ord4251
ord1886
ord823
ord4676
ord4671
ord4857
ord4450
ord1168

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
free
realloc
_CxxThrowException
__CxxFrameHandler
_setmbcp
_stricmp
_XcptFilter

kernel32

GetProcAddress
Sleep
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
LoadLibraryA

user32

EnableWindow
SendMessageA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/89ed8780cae257293f610817d6bf1a2e
.exe windows:5 windows x86 arch:x86

09039f41fc88a3e991a6e3505504e428

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
GetTempFileNameW
GetVolumeNameForVolumeMountPointA
GetWindowsDirectoryA
CreateProcessW
FindFirstFileW
GetCurrentProcess
FindClose
DeviceIoControl
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetLogicalDrives
GetDriveTypeW
GetVolumeInformationW
GetDiskFreeSpaceExW
FindNextFileW
CreateThread
LocalFree
CreateEventA
GetTempPathW
GetModuleFileNameW
ExitProcess
FindAtomA
GlobalFindAtomA
GlobalAddAtomA
AddAtomA
GetVersionExA
GetUserDefaultUILanguage
MulDiv
OpenMutexA
SetThreadPriority
GetCurrentThread
CopyFileW
GetUserDefaultLangID
GetSystemDefaultLangID
SetUnhandledExceptionFilter
SetErrorMode
CloseHandle
ReadFile
WriteFile
FlushFileBuffers
GetFileSizeEx
SetFilePointer
SetFileTime
CreateFileW
DeleteFileW
MoveFileExW
GetSystemTimeAsFileTime
lstrlenA
LoadLibraryW
HeapReAlloc
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
VirtualQuery
GetStringTypeW
LCMapStringW
SetFileAttributesW
GetFileAttributesExW
FreeLibrary
LoadLibraryA
InterlockedDecrement
Sleep
GetTickCount
GetLastError
GetSystemDirectoryW
VirtualFree
GetProcAddress
GetModuleHandleA
VirtualAlloc
HeapCreate
GetStdHandle
TerminateProcess
IsDebuggerPresent
UnhandledExceptionFilter
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetCurrentThreadId
SetLastError
GetModuleHandleW
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsProcessorFeaturePresent
GetStartupInfoW
HeapSetInformation
GetCommandLineA
HeapFree
HeapAlloc
RaiseException
RtlUnwind

advapi32

CryptEncrypt
CryptGenRandom
CryptReleaseContext
AllocateAndInitializeSid
SetEntriesInAclA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
CryptImportKey
CryptAcquireContextA
RegDeleteValueA
RegSetValueExW
RegSetValueExA
AccessCheck
MapGenericMask
DuplicateToken
OpenThreadToken
GetFileSecurityW
CryptGetKeyParam
CryptSetHashParam
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptHashData
SetTokenInformation
OpenProcessToken
EqualSid
GetTokenInformation
RegCloseKey
RegOpenKeyExA
CryptDestroyKey

mpr

WNetCloseEnum
WNetAddConnection2W
WNetOpenEnumW
WNetEnumResourceW

shell32

ShellExecuteW
SHGetFolderPathW

wininet

InternetCrackUrlA
InternetCloseHandle
InternetSetOptionA
InternetQueryOptionA
InternetOpenA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpSendRequestExA
HttpEndRequestA
HttpQueryInfoA
InternetReadFile
InternetWriteFile
HttpAddRequestHeadersA

gdi32

SetBkMode
GetDeviceCaps
SetTextColor
GetDIBits
SelectObject
CreateCompatibleDC
DeleteDC
CreateFontA
CreateSolidBrush
GetObjectA
DeleteObject
CreateCompatibleBitmap

user32

GetDC
ReleaseDC
DrawTextW
FillRect
GetSystemMetrics
SystemParametersInfoW
FrameRect

ole32

CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx

netapi32

DsRoleGetPrimaryDomainInformation
DsRoleFreeMemory

urlmon

ObtainUserAgentString

oleaut32

VariantInit
SysFreeString
SysStringByteLen
VariantClear
SysAllocString
SysAllocStringByteLen

Sections

.text
Size: 473KB - Virtual size: 473KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.cdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/8a49ab84f360b89c89af57b2173469f1
.html .js polyglot
some-samples-master/8a6f1d521bfe71ae06e7e33a4c4e71cb
.html
some-samples-master/8a813a34c1c992fc4633686ffa3a699f
.html
some-samples-master/8b4d731c42034e732c2df433f038f4d0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/8b8c9df6d91003117f89387808657327
.js
some-samples-master/8b926bfd35e314d1d27658eda3f52476
.js
some-samples-master/8bb4ce0fcfac32b479fab01457b4cf6e
.html .js polyglot
some-samples-master/8bb7bd8d5fa0fa1569567802964ce840
.html
some-samples-master/8bd3edc28b5ddfe69c8fe816a7957b29
.js
some-samples-master/8bf4d5e163897e396398b42c5d0dc660
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 420KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 366KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/8bfa7d35df16d2d16ee07ec5f3838188
.js
some-samples-master/8c039eaf6d4f61fc2e0812582d781f04
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/8c56f18aea5b9c0a81ddc75cf28d859a
.html
some-samples-master/8c63454a36ac6132cfe9bb2cbfedf86a
some-samples-master/8c862b5a87dc2cfe56beed02acab5d93
.js
some-samples-master/8c87d74608c6cfb19fd83e7907ca6e48
.html .js polyglot
some-samples-master/8cd38d7f72c86ed9f87872631ebbc081
.jpg
some-samples-master/8ce690e27a19f99314c89183f0461efa
.html
some-samples-master/8d3473ffd905062751e672c6a481706d
.html
some-samples-master/8d3b307403c8de0382034eb7e933a024
.html .js polyglot
some-samples-master/8d63736d1be7edc73be720fdf6f7dd87
some-samples-master/8d68ace9e84ff4c17b06626c15fcd668
some-samples-master/8d82b5ef9911efef7067079ca86c55cf
.html .js polyglot
some-samples-master/8d85df16ced80502c796649e4c806d31
.html
some-samples-master/8d94b2fa68c46d5e98291b1c5b00a4d6
.js
some-samples-master/8d9de9b4f1ba883703a72da3d7c0f63b
.exe windows:4 windows x86 arch:x86

afb4499cc3d71ae164287edf0970a208

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3254
ord2441
ord1695
ord5006
ord5656
ord4470
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5476
ord3403
ord2879
ord2878
ord4154
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5285
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord736
ord807
ord739
ord450
ord439
ord554
ord442
ord825
ord747
ord5495
ord2104
ord4460
ord2494
ord2627
ord2626
ord4163
ord6625
ord6064
ord5252
ord4614
ord4613
ord1942
ord4272
ord4589
ord4899
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord4078
ord5240
ord5290
ord4441
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5259
ord2535
ord4723
ord4448
ord1842
ord4242
ord5472
ord4151
ord5282
ord796
ord794
ord674
ord529
ord527
ord366
ord6000
ord2117
ord4457
ord2252
ord1133
ord3481
ord3797
ord4284
ord1895
ord4958
ord3407
ord4990
ord4927
ord4932
ord4937
ord4717
ord4688
ord4946
ord5018
ord5108
ord4912
ord4646
ord4980
ord4522
ord4993
ord4537
ord5075
ord4038
ord3281
ord3353
ord4626
ord4424
ord457
ord749
ord4653
ord6194
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord459
ord561
ord743
ord1134
ord1199
ord1205
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5241
ord5280
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1894
ord4254
ord2486
ord4015
ord4957
ord4861
ord4826
ord3187
ord4950
ord2437
ord2171
ord5020
ord4517
ord4640
ord4916
ord5002
ord4494
ord4491
ord5021
ord3106
ord4605
ord5000
ord4416
ord5090
ord5501
ord4628
ord4657
ord5752
ord4155
ord2991
ord3417
ord5025
ord3514
ord6344
ord5627
ord1003
ord3449
ord3787
ord3250
ord4697
ord3060
ord3066
ord6336
ord2510
ord2542
ord5244
ord5742
ord1747
ord5577
ord3172
ord5654
ord4423
ord4956
ord4860
ord2402
ord4387
ord3454
ord3198
ord6081
ord6175
ord3261
ord4623
ord4430
ord748
ord1206
ord2623
ord456
ord1223
ord4825
ord1849
ord4244
ord2583
ord4403
ord5253
ord3998
ord1576
ord4251
ord1886
ord823
ord4676
ord4671
ord4857
ord4450
ord1168

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
??1type_info@@UAE@XZ
free
realloc
memset
_CxxThrowException
memcpy
__CxxFrameHandler
_setmbcp
_stricmp
_onexit

kernel32

GetProcAddress
Sleep
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
LoadLibraryA

user32

EnableWindow
SendMessageA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/8dbdd9122dadc54f21747cc4f0ab267c
.exe windows:4 windows x86 arch:x86

d84aa147665ad4c0412da8195463cfdb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetDlgItemTextW
DrawStateW
LoadIconA
InsertMenuW
DispatchMessageW
LoadCursorA
DialogBoxParamA
PeekMessageA
CreateWindowExW
IsDialogMessageA
LoadBitmapA
wsprintfA
GetPropW
CharUpperA
GetClassLongA

kernel32

CreateFileA
OpenProcess
InterlockedExchange
CreateWaitableTimerW
lstrcatA
GetModuleHandleA
FindResourceExA
GetCommandLineA
CreateSemaphoreA
GetPrivateProfileStringW
SetErrorMode
GetLogicalDriveStringsW
WaitForSingleObject
DefineDosDeviceA
GetCurrentDirectoryA
lstrcpy
FormatMessageW
LoadLibraryA
CreateDirectoryA
GetCurrentProcess
CreateProcessW
IsBadCodePtr
IsBadStringPtrA
ReadConsoleA
GlobalAddAtomA
GetProcAddress
GetFileAttributesW

cmpbk32

PhoneBookEnumCountries
PhoneBookLoad
PhoneBookFreeFilter
PhoneBookEnumNumbers
PhoneBookCopyFilter

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.opc
Size: 522KB - Virtual size: 521KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/8de28b25524a6cf81507f992258c0c83
.html .js polyglot
some-samples-master/8e2b714a764d849f44757244b10afe6d
.exe windows:4 windows x86 arch:x86

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetCurrentDirectoryA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/8e2d4c939205081e6eec16a301e7a627
.js
some-samples-master/8e2ec74ffca623bf2a6e793f537122b3
.html .js polyglot
some-samples-master/8e39821a9dd8a2ee2c3b5b189181ec43
.html .js polyglot
some-samples-master/8e5d6498f7919b5bf04e526c5bf25e65
.html .js polyglot
some-samples-master/8e5d6c13e3e275a2233266ea7e91cb8c
.html
some-samples-master/8e5f7eb788fcc26e8dc0e3d12956db79
.html .js polyglot
some-samples-master/8e6bfea06cb00553ee29b3822b349bd6
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/8e84344e7ead11e7337de7fe2de34c56
.html
some-samples-master/8ea0c98ddbaf6fe9f1f43c7c185c71fe
.html .js polyglot
some-samples-master/8eb0722f0d2cd84f67fea441e89a2dbf
.html .js polyglot
some-samples-master/8eb33a69e1ee791143dad7847fad1ce8
.js
some-samples-master/8ef9adffb514ff67aa8c36eabb4a8505
.exe windows:5 windows x86 arch:x86

aef1b996d1dd749cf8f99f58c180b50b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\postmaster\merge\Peasants\Billy.pdb

Imports

kernel32

HeapReAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
WriteFile
InterlockedDecrement
GetConsoleCP
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
GetConsoleMode
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
HeapSize
CloseHandle
WriteConsoleW
MultiByteToWideChar
LCMapStringW
GetStringTypeW
CreateFileW
LocalFree
DeviceIoControl
GetConsoleScreenBufferInfo
GetProcessWorkingSetSize
LoadLibraryA
GetProcAddress
GetLastError
TlsGetValue
TlsAlloc
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetConsoleWindow
LoadLibraryW
SetCommState
FormatMessageA
SetConsoleScreenBufferSize
UnhandledExceptionFilter
ExitProcess
GetModuleHandleW
Sleep
DeleteCriticalSection
SetHandleCount
AllocConsole
lstrlenA
GetCurrentThreadId
CreateFileA
DecodePointer
EncodePointer
EnterCriticalSection
LeaveCriticalSection
SetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetSystemTimeAsFileTime
GetCommandLineA
HeapSetInformation
GetStartupInfoW
RaiseException
HeapAlloc
HeapFree
IsProcessorFeaturePresent

user32

LoadCursorA
SetClipboardData
GetSystemMetrics
OpenClipboard
DispatchMessageA
AppendMenuA
CreatePopupMenu
EndPaint
DestroyWindow
GetMessageA
CloseClipboard
GetWindowRect
InsertMenuItemA
RegisterClassExA
TrackPopupMenu
KillTimer
GetParent
LoadIconA
IsWindowEnabled
GetClientRect
SendMessageA
BeginPaint
SetWindowWord
WinHelpA
GetIconInfo
GetDC
TranslateMessage
GetCursorInfo
MessageBoxA
InvalidateRect
CreateWindowExA
EmptyClipboard
GetDlgItem
DefWindowProcA
GetDesktopWindow
GetSysColor
SetWindowPos
GetCursorPos

gdi32

SetBkColor
BeginPath
StrokePath
BitBlt
SelectClipPath
GetICMProfileW
GetTextExtentPoint32A
StretchBlt
CreateFontIndirectA
TextOutA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
GetKerningPairsA
CombineRgn
CreateCompatibleBitmap
EndPath
CreateRectRgn
CreatePen
PolyBezier
GetObjectA
GetStockObject
CreateSolidBrush

winspool.drv

OpenPrinterA
DeletePortA
ClosePrinter
DeletePrinter
DeleteMonitorA
DeletePrinterDriverA

comdlg32

PageSetupDlgA

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

msacm32

acmDriverPriority
acmDriverRemove

version

GetFileVersionInfoW

imm32

ImmGetVirtualKey

tapi32

lineAccept

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/8f04b2750034c29e85648fb2d10fb788
.exe windows:5 windows x86 arch:x86

cfac7bcc49b765715575f0586af08d1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\provided\Elgar\Outlet\Workflow\photog.pdb

Imports

kernel32

HeapReAlloc
HeapSize
GetStringTypeW
MultiByteToWideChar
LCMapStringW
LoadLibraryW
EnterCriticalSection
LeaveCriticalSection
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
GetProcAddress
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
InterlockedDecrement
GetCurrentThreadId
GetConsoleTitleA
GetCurrentProcessId
GetTickCount
SetConsoleTitleA
Sleep
GetConsoleWindow
GetModuleHandleA
MulDiv
HeapCreate
LockResource
IsValidCodePage
GetModuleHandleW
HeapAlloc
_llseek
_lread
_lclose
LocalAlloc
CreateToolhelp32Snapshot
CloseHandle
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetModuleFileNameW
GetStdHandle
WriteFile
DecodePointer
ExitProcess
RtlUnwind
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
SetUnhandledExceptionFilter
Process32NextW
SetHandleCount
GetLastError
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
HeapSetInformation
HeapFree
GetCommandLineA

user32

HideCaret
InvalidateRect
SetClassLongA
SetWindowLongA
IsWindow
wsprintfA
FindWindowA
SetWindowPos
GetDlgItem
CreateWindowExA
FindWindowExA
GetDC
ReleaseDC
SendDlgItemMessageA
GetSysColor
GetWindowTextA
DrawFocusRect
DefWindowProcA
GetSystemMetrics
LoadCursorA
SetCursor
GetWindowTextW
BeginPaint
GetClientRect
FillRect
EndPaint
SetWindowTextA
SetFocus
CreateMenu
SetCapture
CreatePopupMenu
GetParent

gdi32

CreateFontA
CreateSolidBrush
CreatePen
SelectObject
Ellipse
SetTextColor
SetBkColor
SetTextAlign
ExtTextOutW
GetDeviceCaps

comdlg32

GetOpenFileNameA

advapi32

SetEntriesInAclW
FreeSid
AllocateAndInitializeSid
RegOpenKeyExW
InitializeSecurityDescriptor
CheckTokenMembership

oleaut32

VarDateFromR8
VarDateFromBool

odbc32

ord1
ord45
ord2
ord3
ord7
ord41

wininet

GopherGetLocatorTypeW
GetUrlCacheGroupAttributeA
GopherCreateLocatorA
FtpPutFileW
FtpRemoveDirectoryA

psapi

EnumPageFilesA

avifil32

AVIFileOpenA
AVIFileInit

msimg32

GradientFill
AlphaBlend

secur32

AcceptSecurityContext

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/8f0ae68249f9ed948ba1a7ce666ababb
.html .js polyglot
some-samples-master/8f0f2050df751613427becd800d904f5
.html .js polyglot
some-samples-master/8f1bbadcc7981704ecffbe00afe22d89
.js
some-samples-master/8f1c524cd3dd25e3d7b0e958db51048f
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/8fa70b6de6ff5c7477a4d516899bd145
.js
some-samples-master/8fd1b344f24b44158c538b952ffa1578
.html
some-samples-master/8fe396d87cf9cff8f66d0181d3d9a8cc
.html .js polyglot
some-samples-master/8ff017ec72312945f98894412c3f8cb7
.html .js polyglot
some-samples-master/90214adc48d7ee36b33f56df2eb5cdff
.html .js polyglot
some-samples-master/902e554dbb98daac28917f1463d8f084
.html
some-samples-master/904b677b0eed8f7862dcba7e66b05002
.elf linux x86
some-samples-master/90569766b0896256f25254fdeae1edf4
.html
some-samples-master/9060a4a2eea00d451d1e601c0d6e0ed8
.html
some-samples-master/90cf7fb95d1d1bc1f756a794447ceebc
.html .js polyglot
some-samples-master/90f584d7893649d0e127beb98880b79b
some-samples-master/9103ab525241504bb5b0551a7ceded0d
.js
some-samples-master/91072ab67693d55655781c1ac624e04a
.exe windows:4 windows x86 arch:x86

679b9ba38406e9f1db4d15be030d14a6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
ord697
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
ord519
ord629
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord667
__vbaAryDestruct
ord591
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
ord702
__vbaObjSetAddref
_adj_fdivr_m16i
ord523
__vbaVarTstLt
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
DllFunctionCall
ord672
__vbaLbound
_adj_fpatan
ord676
ord678
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
_adj_fprem
_adj_fdivr_m64
ord609
__vbaFPException
__vbaUbound
__vbaStrVarVal
__vbaDateVar
ord538
_CIlog
ord539
ord570
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
__vbaR8Var
_adj_fdiv_r
ord685
ord100
__vbaVarAdd
__vbaVarDup
ord613
_CIatan
__vbaStrMove
ord619
_allmul
ord544
_CItan
ord547
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 416KB - Virtual size: 415KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/91171ffbdb89b4f318050270f855084f
some-samples-master/9128d1cd7da2d056a598c72027253ac8
.html .js polyglot
some-samples-master/912cc4c6d099a0ac193528f6a16b8c6a
.js
some-samples-master/9139d7bb95dae285c68f908cfaab365f
.js
some-samples-master/914177c290b23cd19cd776b5aee482ad
.js
some-samples-master/914f188fa91b4f555132bddf71718d85
.html .js polyglot
some-samples-master/915676e6c6dd579fb9337cb798e9339e
.html
some-samples-master/9179f69c956ac006e92bba6ebd888263
.html .js polyglot
some-samples-master/919348552ed1ae3e1093e6bc8dff05d7
.js
some-samples-master/91a61e3be9cc7251972f6ee8d4836cb4
.exe windows:4 windows x86 arch:x86

c1daee15b475e4f335ca5a11d6cefa4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACloseCertType
CAEnumNextCA

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range

user32

wsprintfA
LoadBitmapA
IsDialogMessageA
DispatchMessageW
PostMessageA
CharToOemA
LoadIconA
IsCharLowerW
DialogBoxParamW
MessageBoxA
GetClassLongA
DrawStateW
PeekMessageW
InsertMenuW

comsvcs

CoEnterServiceDomain
CoLoadServices

kernel32

GetCommandLineW
InterlockedIncrement
CreateNamedPipeW
GetEnvironmentVariableW
WaitForSingleObject
GetLocalTime
CreateThread
GetComputerNameExA
CloseHandle
FindResourceExW
OpenThread
GlobalAddAtomW
GetConsoleTitleW
SetPriorityClass
FindNextFileA
CreateFileMappingW
FindFirstFileA
FormatMessageW
TlsGetValue
GetLogicalDriveStringsW
GetProcAddress
GetPrivateProfileStringA
CreateDirectoryW
CreateSemaphoreA
LoadLibraryA
SetEnvironmentVariableA
GetModuleHandleA

shlwapi

UrlGetPartA
PathCompactPathW
UrlCreateFromPathA
UrlCombineA
UrlEscapeW
UrlCompareW
UrlUnescapeA
PathIsRootW
UrlHashW
UrlIsNoHistoryA
UrlGetLocationW
PathCommonPrefixW
UrlIsW
PathCombineW

resutils

ClusWorkerStart
ClusWorkerTerminate

shell32

SHFree
DllCanUnloadNow
DragQueryFileA
DllGetVersion
SHBrowseForFolderA
SHGetFolderPathA
StrChrA
ExtractIconA
SHEmptyRecycleBinW
SHCreateDirectoryExW

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 540KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dec
Size: 512B - Virtual size: 256KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/91c25bd8f25df7c7054e4d617ff5859b
.exe windows:4 windows x86 arch:x86

f5a59bdc6ca2470dcd77a89286f04a07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord807
ord641
ord860
ord540
ord554
ord324
ord825
ord2370
ord4234
ord1200
ord1168
ord823
ord5884
ord5655
ord4163
ord6625
ord4710
ord6334
ord858
ord2379
ord4099
ord1911
ord3316
ord3314
ord5242
ord6121
ord1774
ord2490
ord5010
ord5658
ord2395
ord6322
ord2609
ord1006
ord1787
ord6123
ord4291
ord1994
ord5192
ord775
ord503
ord537
ord5708
ord1261
ord924
ord926
ord6640
ord2366
ord2818
ord2820
ord3811
ord5697
ord5699
ord4033
ord2582
ord4402
ord3370
ord3640
ord2411
ord2023
ord4218
ord2578
ord6055
ord1776
ord4398
ord5290
ord3402
ord4424
ord3830
ord4853
ord616
ord693
ord567
ord2299
ord2302
ord3996
ord3874
ord6907
ord3998
ord2915
ord4224
ord4673
ord3663
ord3571
ord3619
ord3573
ord3626
ord755
ord5787
ord6172
ord2414
ord1146
ord5789
ord1641
ord5875
ord470
ord2864
ord4284
ord3797
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord317
ord561
ord635
ord2621
ord1134
ord2725
ord4160
ord2863
ord941
ord4129
ord5683
ord686
ord3337
ord5575
ord839
ord433
ord1656
ord2141
ord434
ord939
ord2393
ord384
ord2862
ord2096
ord3301
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4376
ord3582
ord5265
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__CxxFrameHandler
_gcvt
_CxxThrowException
exit
_ftol
_mbscmp
_setmbcp
_stricmp
realloc
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
_controlfp

kernel32

GetTickCount
GetProcessHeap
VirtualAlloc
IsBadReadPtr
HeapFree
FreeLibrary
GetStartupInfoA
ExitProcess
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
GetCurrentDirectoryA
GetProcAddress
LoadLibraryA
VirtualFree
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree
HeapAlloc

user32

CallNextHookEx
LoadBitmapA
GetClientRect
SetWindowRgn
GetWindowLongA
GetWindowRgn
InvalidateRect
UpdateWindow
SetCapture
GetClassNameA
GetSystemMetrics
IsIconic
ReleaseCapture
CallWindowProcA
SetWindowLongA
SetFocus
GetDlgCtrlID
GetParent
GetWindowRect
SendMessageA
EnableWindow
SetWindowsHookExA
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
UnhookWindowsHookEx

gdi32

CreatePatternBrush
CreateSolidBrush
RoundRect
CreateRectRgn
PtInRegion
DeleteObject
CreateFontA

comctl32

ImageList_ReplaceIcon

ole32

CoUninitialize

oleaut32

SysAllocString
VariantClear

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/91cf2e4b6084f02a64da32a14e8657c4
.html .js polyglot
some-samples-master/92d50c043f74b2a9f27e5a487f6b4430
.html .js polyglot
some-samples-master/93018c201f978fd69fbce9111aa88aba
.js
some-samples-master/93267dc2ca272a527e597d143e5ae23b
.html .js polyglot
some-samples-master/93290f022d9d37681d72adf6af3bd80b
.html .js polyglot
some-samples-master/932e10b20a250b27a32dfd66c3663f8e
.elf linux x64
some-samples-master/9351787186021814c73cf7dd386c4f3d
.html .js polyglot
some-samples-master/93550a67f4122bc2811a7bb05c2baf9e
.html
some-samples-master/939b7fcaf96201c12bdc51c409355dda
.exe windows:5 windows x86 arch:x86

b729b61eb1515fcf7b3e511e4e66258b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

74:10:00:f6:01:81:2e:b3:6c:c3:65:9e:15:d6:16:89
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

03-04-2013 00:00

Not After

02-06-2015 23:59

Subject

CN=Wandou Technology Ltd,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Wandou Technology Ltd,O=Wandou Technology Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0a:e3:82:44:df:2f:a7:36:0c:af:ca:f5:cd:bc:dd:11:ed:7d:a2:ad
Signer

Actual PE Digest

0a:e3:82:44:df:2f:a7:36:0c:af:ca:f5:cd:bc:dd:11:ed:7d:a2:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
CreateFileW
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
CloseHandle
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
GlobalLock
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
MulDiv
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
lstrcpynA

user32

ScreenToClient
GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
CheckDlgButton
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
DispatchMessageW
PeekMessageW
wsprintfA
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
GetClassInfoW
ExitWindowsEx
FindWindowExW
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
IsWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
SelectObject

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumValueW

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/939c552fbc07410a99400ebcbcafcc2f
.exe windows:5 windows x86 arch:x86

2499bb0fe1577d7050ef6cd9c1ae1a30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

nddeapi

NDdeShareAddA
NDdeShareDelA
NDdeShareGetInfoA

kernel32

GetModuleFileNameA
lstrcmpiA
GetDateFormatW
GetModuleHandleW
GetProcAddress
CreateMailslotW
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesA
DeleteFileW
SearchPathA
GetOEMCP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyA
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogA
ClearEventLogW
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeSid
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrW
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHQueryRecycleBinA

user32

GetClassLongW
LoadBitmapA
CreateDesktopA
wsprintfA
PostMessageW
GetDlgItemTextW
IsDialogMessageA
DispatchMessageA
GetMessageA
LoadMenuA
LoadStringA
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateA
InsertMenuA
GetPropW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/93b124fd91692f34b438893ec24fafae
.exe windows:5 windows x86 arch:x86

99b0ad58a9f168965318cf202e1932ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\[Project]\[Baizhu_Proj]\Output\Release\BZDownload.pdb

Imports

imm32

ImmDisableIME

ws2_32

getpeername
getsockname
getsockopt
ntohs
WSAIoctl
getaddrinfo
freeaddrinfo
recvfrom
sendto
accept
listen
ioctlsocket
gethostname
htonl
ntohl
WSASetLastError
select
__WSAFDIsSet
WSAGetLastError
WSACleanup
WSAStartup
connect
htons
setsockopt
recv
socket
closesocket
gethostbyname
send
bind

winhttp

WinHttpReadData
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpCrackUrl
WinHttpReceiveResponse
WinHttpOpen
WinHttpCloseHandle
WinHttpConnect
WinHttpSendRequest
WinHttpQueryDataAvailable
WinHttpSetTimeouts

kernel32

GetTickCount
FreeLibrary
LoadLibraryW
GetTempPathW
LoadLibraryA
DeleteFileW
GetSystemDefaultLangID
GetTimeZoneInformation
GetVersionExA
GetSystemTime
VirtualFree
VirtualAlloc
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
CreateFileW
FreeResource
FindResourceW
LoadResource
SizeofResource
InterlockedExchange
ResetEvent
GetExitCodeThread
ResumeThread
InterlockedIncrement
WideCharToMultiByte
GetThreadContext
SetThreadContext
VirtualQuery
InterlockedCompareExchange
FlushInstructionCache
VirtualProtect
SuspendThread
Process32First
TerminateProcess
Process32FirstW
Process32Next
Process32NextW
CreateToolhelp32Snapshot
GetTempFileNameW
SystemTimeToTzSpecificLocalTime
CreateDirectoryW
lstrcpynW
GetFileAttributesW
FileTimeToSystemTime
GetModuleFileNameW
FindClose
SetLastError
LoadLibraryExW
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetCurrentDirectoryW
DeleteFileA
lstrlenW
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
lstrcatW
OutputDebugStringW
lstrcpyW
LocalAlloc
LocalReAlloc
LocalLock
LocalUnlock
LocalSize
LocalFree
CreateThread
SetProcessWorkingSetSize
SleepEx
VerSetConditionMask
GetModuleHandleA
VerifyVersionInfoA
FormatMessageA
GetFileType
GetStdHandle
PeekNamedPipe
ExpandEnvironmentStringsA
GetACP
AreFileApisANSI
GetModuleHandleExW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
UnhandledExceptionFilter
GetCPInfo
GetFileInformationByHandle
FileTimeToLocalFileTime
SetFilePointerEx
GetLocalTime
RtlUnwind
GetCommandLineW
ExitThread
GetSystemInfo
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
IsDebuggerPresent
EncodePointer
GetStringTypeW
WaitForMultipleObjects
CreateEventW
WritePrivateProfileStringW
MultiByteToWideChar
GetSystemDirectoryA
lstrlenA
GetFullPathNameW
SetEnvironmentVariableA
WriteConsoleW
GetDriveTypeW
FindFirstFileExW
SetStdHandle
FlushFileBuffers
FreeEnvironmentStringsW
CreateProcessA
SetEvent
WaitForSingleObject
InterlockedDecrement
CreateDirectoryA
Sleep
ExitProcess
GetProcAddress
GetCurrentThread
GetModuleFileNameA
GetTempPathA
GetCurrentProcessId
CloseHandle
GetCurrentThreadId
CreateFileMappingW
InitializeCriticalSection
GetModuleHandleW
GetComputerNameW
GetCurrentProcess
SetUnhandledExceptionFilter
UnmapViewOfFile
MapViewOfFile
CreateMutexW
CreateFileA
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapSize
GetLastError
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
HeapAlloc
HeapReAlloc
GetConsoleMode
ReadConsoleW
IsValidCodePage
GetOEMCP
GetConsoleCP
QueryPerformanceCounter
GetEnvironmentStringsW
lstrcmpiW

user32

IsRectEmpty
OffsetRect
MapWindowPoints
ClientToScreen
GetActiveWindow
GetClassNameW
GetParent
SetClassLongW
GetClassLongW
ScreenToClient
SetCaretPos
ShowCaret
HideCaret
DestroyCaret
GetCaretBlinkTime
CreateCaret
GetCursorPos
GetWindowRect
RemovePropW
SetPropW
SetClipboardData
GetClipboardData
EqualRect
CharUpperBuffW
CharLowerBuffW
GetKeyState
GetSysColor
PtInRect
RedrawWindow
GetFocus
IsMenu
GetMenuStringW
DestroyMenu
GetSubMenu
UnregisterClassW
DispatchMessageW
SendMessageW
IsWindow
ShowWindow
TranslateMessage
SetForegroundWindow
GetMessageW
DefWindowProcW
UpdateWindow
ReleaseCapture
SetCapture
GetCapture
SetFocus
SetWindowPos
UpdateLayeredWindow
IntersectRect
SetCursor
DrawTextW
GetPropW
FillRect
IsZoomed
SetWindowRgn
SystemParametersInfoW
OpenClipboard
EmptyClipboard
CloseClipboard
CreateWindowExW
PeekMessageW
RegisterClassExW
LoadCursorW
PostQuitMessage
CharNextA
MessageBoxW
PostMessageW
GetDesktopWindow
EnableWindow
SetWindowTextA
EnableMenuItem
GetWindowTextW
InvalidateRect
LoadIconW
GetSystemMenu
GetSystemMetrics
SetWindowLongW
ReleaseDC
GetWindowLongW
GetDC
BeginPaint
DestroyWindow
EndPaint
CallWindowProcW
KillTimer
SetTimer
GetMenuItemCount
TrackPopupMenu
EndMenu
GetIconInfo
DestroyCursor
LoadImageW
CopyRect
SetRectEmpty
wsprintfW
GetClientRect

gdi32

GetCurrentObject
GetStockObject
GetViewportOrgEx
SetBkColor
SetTextColor
GetTextExtentPoint32W
GetTextExtentPointW
GetTextMetricsW
GetClipBox
CreatePatternBrush
PatBlt
CombineRgn
GetBkColor
GetBkMode
GetTextColor
SetRectRgn
CreateRoundRectRgn
ExtCreateRegion
GetRegionData
EnumFontsW
SetViewportOrgEx
SelectClipRgn
CreateRectRgn
BitBlt
CreateDIBSection
StretchBlt
SetDIBColorTable
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontW
GetDIBColorTable
GetObjectW
TextOutW
CreateSolidBrush
DeleteDC
CreateBitmap
TextOutA

advapi32

CryptGetHashParam
RegOpenKeyExA
RegCloseKey
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
RegQueryValueExA
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA

shell32

ShellExecuteW
SHGetPathFromIDListW
Shell_NotifyIconW
SHBrowseForFolderW
ord165
ShellExecuteA
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

ole32

CoInitialize
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal
CLSIDFromString
CLSIDFromProgID
StringFromGUID2
CoUninitialize

oleaut32

LoadTypeLi
VariantInit
VariantClear
SysAllocString
VariantChangeType
DispGetIDsOfNames
GetErrorInfo
SysFreeString

shlwapi

StrStrIW
PathAppendW
PathFileExistsA
PathFileExistsW
StrStrIA
PathAppendA

gdiplus

GdiplusStartup
GdipDeleteBrush
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipDisposeImage
GdipAlloc
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImageHeight
GdipFree
GdiplusShutdown
GdipCreateSolidFill
GdipDrawRectangle
GdipDrawLinesI
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipFillPieI
GdipSetSmoothingMode
GdipGetImagePixelFormat
GdipFillRectangle
GdipLoadImageFromStream
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipGetImageWidth

msimg32

GradientFill
TransparentBlt
AlphaBlend

setupapi

SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupIterateCabinetW

d3d9

Direct3DCreate9

dbghelp

MiniDumpWriteDump

rasapi32

RasEnumConnectionsW

version

VerQueryValueW
GetFileVersionInfoA
GetFileVersionInfoSizeA

comctl32

_TrackMouseEvent
ord17

crypt32

CertFreeCertificateContext

wldap32

ord200
ord301
ord30
ord79
ord33
ord32
ord27
ord26
ord22
ord41
ord50
ord60
ord211
ord46
ord143
ord35

Sections

.text
Size: 847KB - Virtual size: 847KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dtd
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dtc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/94.177.217.132/apache2
.elf linux arm
some-samples-master/94.177.217.132/bash
.elf linux x64
some-samples-master/94.177.217.132/cron
.elf linux ppc
some-samples-master/94.177.217.132/ftp
.elf linux x86
some-samples-master/94.177.217.132/ntpd
.elf linux mipsbe
some-samples-master/94.177.217.132/openssh
.elf linux sh
some-samples-master/94.177.217.132/pftp
.elf linux
some-samples-master/94.177.217.132/sh
.elf linux sparc
some-samples-master/94.177.217.132/sshd
.elf linux mipsel
some-samples-master/94.177.217.132/tftp
.elf linux arm
some-samples-master/94.177.217.132/wget
.elf linux x86
some-samples-master/9426e2e598b8a5f527da593b2083a18a
.html
some-samples-master/943360901d671d89e5f5904a456e4ae1
.html .js polyglot
some-samples-master/94885341c3f3af147ade52f430c33e1e
.html .js polyglot
some-samples-master/951099938ee7369496193795175a0692
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wtq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/95240c63b8824252d6b3f7439c4ba737
.xml
some-samples-master/953351fc1f575a9fd7ee1740f7fbc743
.html .js polyglot
some-samples-master/9544f1f97487ef208cef564db3b4cd82
.html .js polyglot
some-samples-master/957b5591fa346e8cb54c506008dd1b84
some-samples-master/9594e2caabf4f01c51bf9d55599585ae
.js
some-samples-master/959cc8a45fab741da943136c417d6d77
.js
some-samples-master/962c53a2079f2e24ca3e686ba3dd2564
.js
some-samples-master/9648bc1e63d84bf9e983c772933452f6
.sh linux
some-samples-master/964e3e23f3ea1b30c3c10d1481b766ed
.html .js polyglot
some-samples-master/96b1945c7d338593a8466f060e6bdb4e
.html .js polyglot
some-samples-master/96bc4c13633f5c885eb085a03d0abe82
.exe windows:4 windows x86 arch:x86

2d6e483d9c688e5b6cef9c84e6b3fba0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

28:d4:55:b9:9c:7e:f4:76:ce:d5:b1:79:52:81:03:ce
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

24-03-2016 00:00

Not After

23-04-2017 23:59

Subject

CN=深圳瓶子科技有限公司,O=深圳瓶子科技有限公司,L=深圳市,ST=广东省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

16:5f:9b:36:2a:7b:29:9a:16:9c:d5:8d:1f:06:82:8f:1d:b4:16:46
Signer

Actual PE Digest

16:5f:9b:36:2a:7b:29:9a:16:9c:d5:8d:1f:06:82:8f:1d:b4:16:46

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenUrlA
InternetReadFile

kernel32

LeaveCriticalSection
Sleep
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
CloseHandle
CreateFileA
WriteFile
ReadFile
GetFileSize
RtlUnwind
RaiseException
GetLastError
HeapReAlloc
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
EnterCriticalSection
HeapDestroy
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
InitializeCriticalSection
HeapSize
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/96dd80012c33291e1621b66f5bd66967
.exe windows:5 windows x86 arch:x86

46a8110916744589827b2dbc22bfe985

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5a:b7:01:5b:75:65:34:ac:c6:78:e7:db:75:d2:2d:97
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

29-10-2015 06:17

Not After

29-10-2016 06:17

Subject

CN=Hefei Lewei Information Technology Co.\,Ltd.,O=Hefei Lewei Information Technology Co.\,Ltd.,L=Hefei,ST=Anhui,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

34:2b:b5:e5:ab:f7:0d:d0:f9:e9:49:c7:a0:b9:8e:b5:64:e9:8d:a9
Signer

Actual PE Digest

34:2b:b5:e5:ab:f7:0d:d0:f9:e9:49:c7:a0:b9:8e:b5:64:e9:8d:a9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
ExitProcess
FindFirstFileW
MapViewOfFile
UnmapViewOfFile
GetCurrentProcess
GetSystemDirectoryW
TerminateProcess
GetSystemDirectoryA
GetProcAddress
FindClose
GetLocalTime
Process32FirstW
CreateFileMappingW
Process32NextW
FindNextFileW
CreateToolhelp32Snapshot
SetFileAttributesW
CreateMutexW
SetUnhandledExceptionFilter
GetComputerNameW
GetModuleFileNameW
SetCurrentDirectoryW
GetCurrentThreadId
GetCurrentProcessId
LoadLibraryW
GetTempPathW
MoveFileW
DeleteFileW
DosDateTimeToFileTime
SystemTimeToFileTime
ReadFile
CreateFileW
GetCurrentDirectoryW
GetFileType
LocalFree
GetVersionExW
FlushFileBuffers
WriteConsoleW
SetStdHandle
LoadLibraryExW
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
QueryPerformanceCounter
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
RtlUnwind
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
UnhandledExceptionFilter
GetStdHandle
AreFileApisANSI
GetModuleHandleExW
GetModuleHandleW
CreateThread
DeleteFileA
GetTempPathA
CloseHandle
WaitForMultipleObjects
CreateDirectoryA
CreateProcessA
Sleep
InitializeCriticalSection
WriteFile
GetTickCount
WaitForSingleObject
InterlockedDecrement
SetEndOfFile
SetFilePointer
CreateFileA
DeleteCriticalSection
DecodePointer
EnterCriticalSection
HeapReAlloc
HeapSize
GetLastError
InterlockedExchange
RaiseException
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetProcessHeap
HeapFree
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCommandLineW
IsProcessorFeaturePresent
ResumeThread
ExitThread
EncodePointer
VirtualQuery
VirtualProtect
VirtualAlloc
GetSystemInfo
OutputDebugStringW
IsDebuggerPresent
HeapAlloc
lstrlenA

user32

DefWindowProcW
SetWindowTextA
DispatchMessageW
CreateWindowExW
ShowWindow
GetCursorPos
SetWindowPos
MessageBoxW
PtInRect
BeginPaint
SetCursor
CopyRect
SetRect
GetDesktopWindow
ReleaseDC
GetWindowTextW
LoadMenuW
EndPaint
SendMessageW
GetMessageW
PostQuitMessage
LoadIconW
RegisterClassExW
TranslateMessage
IsWindow
GetDC
TrackPopupMenu
FillRect
DrawTextA
GetSubMenu
LoadCursorW
CharNextA
SetRectEmpty
GetSystemMetrics
DestroyWindow
SetForegroundWindow

gdi32

CreateCompatibleBitmap
FrameRgn
GetTextExtentPoint32A
EnumFontsW
SetTextColor
StretchBlt
SetBkMode
CreateFontW
GetDIBColorTable
CreateRoundRectRgn
CreateSolidBrush
TextOutA
BitBlt
DeleteDC
CreateDIBSection
SetDIBColorTable
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA

shell32

ord165
SHGetPathFromIDListW
Shell_NotifyIconW
ShellExecuteA
SHGetPathFromIDListA
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation

ole32

CoUninitialize
CoInitialize
CreateStreamOnHGlobal
CoCreateInstance

oleaut32

VariantClear
SysAllocString
SysFreeString
GetErrorInfo

ws2_32

recv
send
gethostbyname
closesocket
WSAStartup
recvfrom
sendto
connect
inet_ntoa
inet_addr
htons
setsockopt
socket

shlwapi

StrStrIA
PathAppendW
PathFileExistsA
PathIsDirectoryW
PathRemoveFileSpecW
PathFileExistsW
StrStrIW

gdiplus

GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImageHeight
GdipDisposeImage
GdiplusShutdown
GdipFree
GdiplusStartup
GdipGetImageWidth
GdipCloneImage
GdipBitmapLockBits
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipAlloc
GdipDrawImageI
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipCreateBitmapFromScan0

msimg32

TransparentBlt
AlphaBlend

iphlpapi

GetAdaptersInfo

setupapi

SetupIterateCabinetW

urlmon

URLDownloadToFileW

dbghelp

MiniDumpWriteDump

Sections

.text
Size: 219KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 411KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/96fbfe4c1ef1da38619a292a761e8510
.html .js polyglot
some-samples-master/970171634891750579e33c7f2a840cfb
.elf linux
some-samples-master/978f33b00baaedfda5c0fd37c1d899a2
.html .js polyglot
some-samples-master/97a28f1db30b10ba6274b662ae1bf4ad
.html .js polyglot
some-samples-master/97c4163a1fc573008b0caea6dcc7e9b0
.js
some-samples-master/98505386a66aaa05471977c92ef0b75b
.html .js polyglot
some-samples-master/986d52084832d424ebfff444186446f1
.js
some-samples-master/987bcba30836bee6cbc46f952cbb733d
.js
some-samples-master/988b20198b3de3851b018be76c65a94b
.js
some-samples-master/988ebfa6227cd8a2792e8d3e26252890
.html
some-samples-master/98dc6f5d32ac85639f16d270155d7855
.html .js polyglot
some-samples-master/99044b27c055930f6e8f3941069527ca
.js
some-samples-master/990bda201a6276984910ddf839098b6a
.js
some-samples-master/995636f9bedea126114ac09a8fd5a0a6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/996c2b2ca30180129c69352a3a3515e4
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/997f4653ef9845f6bd9c55e53dcc61f1
.html .js polyglot
some-samples-master/99a3edde709e9872a6d360d563e37d47
.js
some-samples-master/99e16f11a0698d3ba32a79f74ef426b6
.exe windows:5 windows x86 arch:x86

abfb62dfc24fbc2fb2bdbbdd26faa0fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\桌面\20170823源码集合\20170730改版企业版2.9源码\serverdata\Release\NewTest.pdb

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
ReadFile
GetFileSize
lstrcpyA
CloseHandle
CreateFileA
FreeLibrary
WriteFile
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapCreate
HeapDestroy
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetConsoleCtrlHandler
InterlockedExchange
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

Kessmia

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/99e40541c89186c4a3225184b1df349b
.js
some-samples-master/9a0720741c4c9017313e7d0be81c970f
.html .js polyglot
some-samples-master/9a44d5d67acd4bf81bbed9e22db45a65
.html
some-samples-master/9a61a27660b45a2454a71b2805a43c68
.html
some-samples-master/9a7f25257b1f262cef7cf41c17984983
.js
some-samples-master/9a82e7615a8e385ccad3f2489e3d4270
.dll windows:5 windows x86 arch:x86

d390c1168b7d1452fda05f0b8fe4a20c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

advapi32

RegOpenKeyExW

oleaut32

SysFreeString
SafeArrayGetLBound
SysFreeString

ole32

IsEqualGUID

winmm

PlaySoundW

shell32

Shell_NotifyIconW

msvcrt

memset

winspool.drv

GetDefaultPrinterW
OpenPrinterW

wininet

FindCloseUrlCache

wsock32

WSAAsyncGetServByName

version

GetFileVersionInfoSizeW

gdi32

CreateDIBitmap

comctl32

ImageList_GetIconSize

Exports

Exports

_a

Sections

Size: - Virtual size: 6.0MB

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.1MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/9aac5536dd8dbde2272fc44f4c9b6033
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24-05-2016 00:00

Not After

24-06-2027 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:04:31:65:2e:96:26:64:83:35:97:1f:60:13:a3:46
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

30-07-2014 00:00

Not After

29-07-2017 23:59

Subject

CN=FortCloud Security Info Tech Co.\,Ltd.,OU=R&D dept.,O=FortCloud Security Info Tech Co.\,Ltd.,L=Xiamen,ST=Fujian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

18:a9:d7:49:cb:39:d2:91:87:2b:3a:45:32:61:e2:b6
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

18-01-2016 00:00

Not After

29-07-2017 23:59

Subject

CN=FortCloud Security Info Tech Co.\,Ltd.,OU=R&D dept.,O=FortCloud Security Info Tech Co.\,Ltd.,L=Xiamen,ST=Fujian,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:f1:0f:ce:68:f0:9b:fa:e5:5b:18:cd:8f:20:01:77
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

24-05-2016 00:00

Not After

24-06-2027 00:00

Subject

CN=GlobalSign TSA for Advanced - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02-08-2011 10:00

Not After

29-03-2029 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fc:a4:2b:3c:0d:ac:03:8c:40:62:77:d3:7d:88:85:92:97:bf:32:c6:00:ad:f1:ac:f5:e4:c7:4f:dd:0c:7b:88
Signer

Actual PE Digest

fc:a4:2b:3c:0d:ac:03:8c:40:62:77:d3:7d:88:85:92:97:bf:32:c6:00:ad:f1:ac:f5:e4:c7:4f:dd:0c:7b:88

Digest Algorithm

sha256

PE Digest Matches

false

5f:71:30:3b:52:13:cc:b0:7a:f9:c6:23:d4:32:db:f1:eb:9c:bb:b8
Signer

Actual PE Digest

5f:71:30:3b:52:13:cc:b0:7a:f9:c6:23:d4:32:db:f1:eb:9c:bb:b8

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

Update

Sections

Size: 80KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lzbdlvoa
Size: 780KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xibpewhj
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/9adc66aef1b65f6dca02dbb7549f8ed4
.html .js polyglot
some-samples-master/9b2e2e9e63fd722f98ebdbce0f942e56
.html
some-samples-master/9b3a022cfd85fa072799ff49097097be
.html .js polyglot
some-samples-master/9b9a370d2ec61356ed14d02f1e0495af
.html .js polyglot
some-samples-master/9b9fa2d8cbca3ab72f4ff49b43a3e139
.exe windows:5 windows x86 arch:x86

e24946fd3b548d18411ea3dc85666a69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
OpenEventLogW
ClearEventLogA
LogonUserW
InitializeAcl
CryptSignHashW
RegOpenKeyA
ControlService
RegReplaceKeyA
RegSaveKeyA
RegCreateKeyExA
RegUnLoadKeyA

authz

AuthzAddSidsToContext
AuthzInitializeContextFromSid

shlwapi

UrlIsNoHistoryW
PathIsRootW
UrlGetLocationW
UrlCombineW
PathCommonPrefixA
UrlIsOpaqueW
PathCompactPathW
PathAppendA
PathCombineA
UrlCompareW
PathIsURLW
UrlIsA
UrlHashW
UrlGetPartW

wtsapi32

WTSFreeMemory
WTSSetSessionInformationW
WTSVirtualChannelRead
WTSWaitSystemEvent
WTSRegisterSessionNotification
WTSQueryUserToken
WTSVirtualChannelPurgeInput
WTSQuerySessionInformationA
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSEnumerateServersA

kernel32

WaitForSingleObject
CreateJobObjectW
GetProcAddress
GetStringTypeW
OpenJobObjectW
InitializeCriticalSection
GetCommandLineW
MoveFileA
GetModuleHandleA
GetTempPathA
ReadConsoleA
GetProfileSectionA
GetSystemDirectoryA
CreateMailslotA
CreateFileW
GetLogicalDriveStringsA
GetModuleFileNameW
UnmapViewOfFile
GetDateFormatA
GetVersion
LoadLibraryExA
GetExpandedNameA
lstrcmpiA
DeleteFileW
SearchPathW
GetTickCount
GetFileAttributesW
MoveFileExA
GetConsoleAliasA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_MEM_READ
some-samples-master/9badf1f59d53811ca267be44db4d1a3b
.exe windows:4 windows x86 arch:x86

49a526b35562ce87561ca59dc456f93e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5065
ord1727
ord5261
ord2446
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord2135
ord818
ord1949
ord4034
ord5265
ord4376
ord4998
ord4710
ord2514
ord6052
ord1775
ord5280
ord2124
ord4425
ord3597
ord641
ord860
ord324
ord2370
ord4234
ord4853
ord4224
ord6334
ord2362
ord2302
ord5575
ord939
ord922
ord924
ord926
ord858
ord2688
ord3749
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord941
ord539
ord2366
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2621
ord1134
ord1146
ord1168
ord4160
ord2863
ord2379
ord755
ord470
ord6640
ord2820
ord3317
ord3811
ord3337
ord859
ord537
ord2642
ord3092
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord823
ord1200
ord825
ord540
ord535
ord800
ord4033
ord2818
ord433
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
free
realloc
_CxxThrowException
atof
exit
atoi
__CxxFrameHandler
_mbscmp
_setmbcp
wcslen
_stricmp
_controlfp

kernel32

LocalFree
GetLastError
MultiByteToWideChar
lstrlenA
InterlockedIncrement
ExitProcess
GetProcAddress
LoadLibraryA
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualFree
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA
WideCharToMultiByte
InterlockedDecrement

user32

SendMessageA
EnableWindow
DrawIcon
IsIconic
GetSystemMetrics
LoadIconA
AppendMenuA
GetSystemMenu
GetClientRect

ole32

CLSIDFromProgID
CoUninitialize
CoCreateInstance
OleRun
CoInitialize
CLSIDFromString

oleaut32

SysStringByteLen
VariantChangeType
SysAllocString
VariantInit
GetErrorInfo
SysAllocStringByteLen
VariantClear
SysFreeString

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/9bb7b04899b9128f29e8b3067a5ca388
.html
some-samples-master/9bd0e77531b4cc8f16434f127c86cb52
.html
some-samples-master/9bd39572d2f483358056a4df5b6cd8c9
some-samples-master/9bd78180eba63efd57986ae7477c161e
.exe windows:4 windows x86 arch:x86

a9195a8a8937e85bea5074cc852f8fd8

Code Sign

3b:e9:44:7e:60:2b:a5:66:be:f0:89:fb:32:8a:2f:02
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA

Not Before

15-03-2017 04:12

Not After

31-12-2039 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord686
ord1099
ord1574
ord772
ord3701
ord500
ord1862
ord4220
ord2584
ord3654
ord3663
ord2438
ord6142
ord4083
ord2863
ord5606
ord2859
ord3571
ord3573
ord3693
ord3626
ord5875
ord4129
ord2763
ord4277
ord5683
ord2414
ord2567
ord5788
ord2614
ord858
ord1641
ord2971
ord5759
ord6192
ord5756
ord6186
ord4330
ord6189
ord6021
ord6172
ord5873
ord5789
ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord3619
ord640
ord6194
ord1640
ord323
ord5785
ord2405
ord2864
ord1175
ord2096
ord2408
ord5860
ord807
ord2920
ord2012
ord2120
ord554
ord4163
ord1644
ord1146
ord5572
ord2919
ord939
ord940
ord941
ord5787
ord4133
ord4297
ord1621
ord2764
ord4202
ord5856
ord536
ord2452
ord2753
ord1195
ord472
ord5440
ord6383
ord5450
ord6394
ord2575
ord4396
ord3574
ord809
ord609
ord556
ord4275
ord4284
ord2379
ord5053
ord4774
ord5981
ord6270
ord283
ord613
ord6880
ord289
ord2122
ord4160
ord1858
ord4245
ord5101
ord2101
ord2723
ord2390
ord3059
ord5100
ord5104
ord4467
ord4303
ord3351
ord5012
ord976
ord5472
ord3403
ord2879
ord2878
ord4152
ord4077
ord5237
ord2382
ord5283
ord2649
ord4627
ord4436
ord2445
ord4427
ord401
ord674
ord5254
ord2582
ord4402
ord3370
ord3640
ord2411
ord2023
ord4218
ord384
ord4398
ord3582
ord693
ord616
ord3996
ord6907
ord3998
ord808
ord6508
ord3301
ord3396
ord3731
ord2862
ord2121
ord2623
ord1168
ord755
ord470
ord6741
ord797
ord2586
ord4405
ord3723
ord804
ord2118
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord617
ord5214
ord296
ord4159
ord6117
ord2621
ord1134
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord2587
ord4406
ord3394
ord3729
ord6215
ord6785
ord1859
ord4246
ord2494
ord2627
ord2626
ord6000
ord2117
ord6625
ord4457
ord4267
ord6197
ord6379
ord2086
ord860
ord6283
ord6282
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord1601
ord823
ord1200
ord2645
ord540
ord3874
ord4224
ord535
ord537
ord5710
ord800
ord2818
ord6199
ord2642
ord2302
ord567
ord656
ord3610
ord4424
ord3402
ord5290
ord1776
ord6055
ord4710
ord4234
ord641
ord825
ord324
ord3597
ord2578
ord4425
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4853
ord4376
ord1665
ord5265
ord1576

msvcrt

_setmbcp
_stricmp
atoi
__CxxFrameHandler
free
malloc
wcscpy
wcslen
_ftol
memmove
_mbsnbcpy
_CxxThrowException
realloc
??1type_info@@UAE@XZ
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_mbscmp

kernel32

GetModuleHandleA
FreeLibrary
HeapFree
IsBadReadPtr
VirtualFree
VirtualAlloc
GetProcessHeap
HeapAlloc
LoadLibraryA
GetProcAddress
ExitProcess
lstrcmpiA
FindResourceA
LoadResource
LockResource
GetCPInfo
lstrlenW
GetVersion
GetVersionExA
FormatMessageA
lstrlenA
LocalAlloc
InterlockedIncrement
InterlockedDecrement
LocalFree
GetLastError
MultiByteToWideChar
WideCharToMultiByte
GetStartupInfoA

user32

DrawIconEx
DestroyIcon
SystemParametersInfoA
GetSysColor
CopyRect
InflateRect
DrawEdge
SetRect
GetMenuItemInfoA
wsprintfA
MessageBoxA
EnableWindow
OffsetRect
DrawFocusRect
GetWindowRect
ReleaseDC
ClientToScreen
WindowFromPoint
GetActiveWindow
InvalidateRect
GetDC
GetParent
GetNextDlgTabItem
IsMenu
SendMessageA
GetWindowLongA
DestroyCursor
GetSubMenu
GrayStringA
TabbedTextOutA
PostMessageA
DrawTextA
LoadBitmapA
GetSysColorBrush
GetMenuStringA
CreateMenu
CreatePopupMenu
GetMenuItemID
GetMenuState
GetDesktopWindow
IsIconic
ModifyMenuA
GetMenuItemCount
LoadIconA
LoadMenuA
DrawStateA
GetClientRect
SetCursor
FrameRect
AppendMenuA
FillRect
GetSystemMetrics

gdi32

SelectObject
CreateDIBSection
SetPixel
GetPixel
GetObjectA
PtVisible
RectVisible
PatBlt
DeleteObject
ExtTextOutA
Escape
GetStockObject
SetBkColor
DeleteDC
Ellipse
GetTextExtentPoint32A
GetTextExtentPoint32W
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
CreatePen
TextOutA
GetDeviceCaps
GetBkMode

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteExA

comctl32

ImageList_AddMasked
ImageList_Draw
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_GetIcon
_TrackMouseEvent

ole32

CoInitialize
CoCreateInstance
OleRun
CoUninitialize

oleaut32

VariantInit
VariantCopy
SysAllocString
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysFreeString
GetErrorInfo
VariantChangeType

Sections

.text
Size: 180KB - Virtual size: 178KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/9bf03b15c86422cb54de9a50926fbd3b
.html .js polyglot
some-samples-master/9c20cb06bc296b6915fa3f57bfeb92e3
.js
some-samples-master/9c4ed24790d97c06f8ac7863a15f0c91
.html
some-samples-master/9c6a1b7fcd074812df0ae4eb19a851eb
.js
some-samples-master/9c74958288c2bf97d47278713d6cadbb
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.khe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/9c7d8e9d3a93425d97d4ec0d6040edc7
.exe windows:5 windows x86 arch:x86

9edd728283d14b994185dd3dc80692db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostMessageA
DispatchMessageW
MessageBoxA
LoadStringW
GetPropA
GetClassLongA
IsCharUpperA
DrawStateW
IsDialogMessageW
LoadMenuW
CreateDesktopW
LoadIconA
LoadCursorA

kernel32

WaitForSingleObject
GetCurrentProcess
GetModuleHandleW
GetFileAttributesW
FindNextFileA
GetTempPathW
GetModuleFileNameA
IsBadReadPtr
GetExpandedNameW
GetCurrentThread
LoadLibraryA
GetProfileSectionA
GetProcAddress
GetStringTypeA
WaitNamedPipeA
LeaveCriticalSection
GetConsoleAliasW
SearchPathW
GetLogicalDriveStringsA

odbctrac

TraceSQLCancel
TraceSQLError

cfgmgr32

CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range
CMP_Init_Detection

modemui

drvSetDefaultCommConfigA
CountryRunOnce

Sections

.text
Size: 574KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/9c8e0593ba342152a39c1a6d38740218
some-samples-master/9c96fbbc001785316146d80258f59a29
.html
some-samples-master/9cab5f500371675633619528bc083628
.html .js polyglot
some-samples-master/9cb2aebfbbb99fcc274e005c8aefe32c
.js
some-samples-master/9cba62926e41ef81ce13f657cacc0c15
.html
some-samples-master/9cd53805cf3fcfd0fe8dca1b070b250d
.js
some-samples-master/9d05613451dfe95b26a918e1bfc6a1ac
.html .js polyglot
some-samples-master/9d2d23ef20edd4e089a726035a097dc2
.js
some-samples-master/9d3a56a3e2f2da4d945cb90d94486835
.js
some-samples-master/9d6b565829e06cd3bdde793e7ab12efe
.js
some-samples-master/9d74d29bf8b5fd1647167f28f5b960c7
.exe windows:5 windows x86 arch:x86

cd41b26900bba7f86a61b61ea4739161

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
GetLocaleInfoA
GetBinaryTypeA
GetLastError
GetProcAddress
LocalAlloc
GetModuleHandleA
MultiByteToWideChar
LCMapStringW
IsProcessorFeaturePresent
GetCommandLineW
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapFree
Sleep
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
WideCharToMultiByte
HeapSize
HeapAlloc
HeapReAlloc
GetStringTypeW

winhttp

WinHttpCloseHandle
WinHttpCheckPlatform

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 613KB - Virtual size: 637KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/9db71a9e28732e9cb1e5daca6a8ca17a
.js
some-samples-master/9e04116e630bffbfcfdebf44dc22b8ee
.js
some-samples-master/9e11e865653ba6cc6017fab80d84c0e1
.js
some-samples-master/9e3aedd2cec7e0a10d8bc8a51ed4530c
.js
some-samples-master/9ebf4a7409c07a127dbe621d7ae3ac4f
.html .js polyglot
some-samples-master/9ecca2a09cf04e7f4c65d04968aa98f8
.html
some-samples-master/9ed5b26e4f30b0b93f3c20dc9601c69b
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/9edd04ea0fe6d10b8033410ab4e84749
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/9f0c755e72a8ea12721e55ddc7571d4f
.js
some-samples-master/9f7c52579eee931f7f702aa724cfeb8c
.exe windows:5 windows x86 arch:x86

3fdda9f38dc7a915c52fe68a039893be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\桌面\20170730改版企业版2.9源码\serverdata\Release\NewTest.pdb

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
lstrcpyA
CloseHandle
ReadFile
GetFileSize
CreateFileA
FreeLibrary
WriteFile
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapCreate
HeapDestroy
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetConsoleCtrlHandler
InterlockedExchange
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

Kessmia

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/9f831ce2ca516a0cf6edb452f0ea5ec1
.html .js polyglot
some-samples-master/9f89b03b643dfff83e0d38f760cf773d
.exe windows:5 windows x86 arch:x86

36788404a28da1850d23d306bef29d21

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\built\tuchcancel\MOSS\CursorUse.pdb

Imports

kernel32

GetStringTypeW
LCMapStringW
HeapSize
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
IsProcessorFeaturePresent
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
GetStdHandle
GetQueuedCompletionStatus
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
LoadLibraryW
EncodePointer
DeleteCriticalSection
SetFilePointer
GetConsoleCP
GetConsoleMode
HeapReAlloc
FlushFileBuffers
SetStdHandle
WriteConsoleW
CreateFileW
ReadConsoleInputA
SetConsoleMode
GlobalFree
GetTempPathA
MultiByteToWideChar
GlobalLock
GlobalAlloc
GlobalDeleteAtom
GlobalAddAtomA
GetVolumePathNamesForVolumeNameW
SetConsoleTitleA
GetModuleFileNameA
LocalFree
GetCurrentProcess
GetConsoleTitleA
GetPrivateProfileSectionA
GetPrivateProfileStringA
ExpandEnvironmentStringsA
GetLocaleInfoA
GetModuleFileNameW
CreateIoCompletionPort
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
HeapAlloc
GetModuleHandleA
ReadDirectoryChangesW
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
CloseHandle
WriteFile
GetStartupInfoW
HeapSetInformation
GetCommandLineA
RtlUnwind
RaiseException
HeapFree
DecodePointer
ExitProcess
GetModuleHandleW
GetThreadLocale
FormatMessageA

user32

SetCapture
OffsetRect
SendMessageA
GetWindowTextA
GetDC
ReleaseDC
SendDlgItemMessageA
GetDlgItem
SetWindowTextA
GetFocus
GetScrollPos
GetWindowTextLengthA
DefWindowProcA
GetDlgItemTextA
BeginPaint
GetClientRect
DefMDIChildProcA
CreateDialogParamA
IsDlgButtonChecked
DrawTextA
LoadImageA
SetScrollRange
SetScrollPos
EndPaint
SetWindowLongA
GetWindowPlacement
GetTabbedTextExtentA
GetWindowRect
FreeDDElParam
PostMessageA
PackDDElParam
EndDialog
LoadCursorA
LoadIconA
DeleteMenu
GetSystemMenu
FindWindowExA
ReleaseCapture
PtInRect
SetRectEmpty
FillRect
GetWindowDC
FindWindowA
PostQuitMessage
ValidateRect
GetDialogBaseUnits
OemToCharA
MessageBoxA
ShowWindow
SetWindowPos
InvalidateRect
DestroyWindow
DialogBoxParamA
LoadStringA
GetSysColor

gdi32

GetTextExtentPoint32A
CreateFontIndirectA
GetMapMode
GetTextExtentPointA
Ellipse
MoveToEx
LineTo
SetViewportOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
SetBkMode
SetTextColor
SetBkColor
CreateSolidBrush
TextOutA
GetTextMetricsA
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject
PatBlt
SetBrushOrgEx
CreatePatternBrush
CreateBitmap
CreateFontA
Rectangle
SelectObject
GetStockObject
SetROP2
CreateDIBSection

winspool.drv

EnumJobsA
GetPrinterA
ConnectToPrinterDlg

advapi32

RegCreateKeyExA
GetNamedSecurityInfoA
FreeSid
OpenProcessToken
SetNamedSecurityInfoA
AllocateAndInitializeSid
SetEntriesInAclA
CryptGetUserKey
CryptGetProvParam
RegCloseKey

shell32

ord654
ShellExecuteA
SHGetFileInfoA

ole32

CoUninitialize
CoInitializeEx

msacm32

acmFormatEnumA
acmMetrics

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

shlwapi

PathFindFileNameA
PathFindExtensionA
StrPBrkA

gdiplus

GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipFree
GdipCloneImage
GdipGetImageGraphicsContext
GdipAlloc

opengl32

glMatrixMode
glViewport
glLoadIdentity
wglShareLists

dbghelp

EnumerateLoadedModules64

winhttp

WinHttpGetIEProxyConfigForCurrentUser

urlmon

CreateURLMoniker

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 915KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/README.md
some-samples-master/a0179e6e90cd29f7a6954e9940f66db0
.html
some-samples-master/a01b15528fa0a55f2d691d1d448034b5
.html .js polyglot
some-samples-master/a03898e3b6f2f53237d2659b5a5b0769
.html .js polyglot
some-samples-master/a07b0bb452ae0c5d3d6fbf7e7f6501a7
.js
some-samples-master/a088f41f40a55773107c7da429ad4edf
.html
some-samples-master/a0c8199c48709e100fe0a446a0a3e0ef
.js
some-samples-master/a11712ee963109fb46eedfb8d8e4121e
.js
some-samples-master/a11841e8fc41bf3f6ab2007275ad4805
.html .js polyglot
some-samples-master/a1189ffb5f1bfd6feaec9a9363f0c126
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 423KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/a18525e8064f21ff371c74026a628845
.html
some-samples-master/a1a2d993f56ebc9415e71bcea74f197c
.js
some-samples-master/a1cb6b40b49d78103444c32f4f5c1022
.exe windows:4 windows x86 arch:x86

631e2d4578e5677fbfae05984f6ec325

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
RegCreateKeyExA
LogonUserW
RegSaveKeyW
OpenEventLogA
RegOpenKeyA
RegEnumKeyA
RegUnLoadKeyW
OpenServiceA
RegDeleteValueA

cmpbk32

PhoneBookEnumNumbers
PhoneBookFreeFilter
PhoneBookLoad
PhoneBookCopyFilter
PhoneBookEnumCountries

dsprop

CrackName
CheckADsError

untfs

Format
FormatEx
Recover

shlwapi

UrlUnescapeW
UrlHashA
UrlCombineW
PathCombineA
UrlGetLocationW
UrlIsA
UrlIsNoHistoryW
UrlCompareA
UrlCanonicalizeW
UrlGetPartA
PathCompactPathW
PathCommonPrefixW

crypt32

CertCompareCertificate
CertRemoveStoreFromCollection
CertOpenStore
CertSaveStore
CertAlgIdToOID
CertGetNameStringA
CertDeleteCRLFromStore
CertFindChainInStore
CertFindCRLInStore
CertNameToStrA
CertDuplicateCRLContext
CryptEnumOIDInfo

clusapi

ClusterEnum
CloseClusterNode
CloseCluster
CloseClusterGroup

kernel32

FindNextFileA
GetModuleHandleA
FindClose
WriteConsoleA
lstrcmp
GetProcAddress
CreateProcessW
GetFileAttributesA
FindFirstFileW
CreateJobObjectA
GetConsoleTitleW
lstrcpy
CreateDirectoryA
OpenProcess
OpenThread
GetLogicalDriveStringsW
lstrcmpiA
WaitForSingleObject
DeleteFileA
GetCommandLineA
GetEnvironmentVariableW
GetPriorityClass
GetTempFileNameA
LoadLibraryA
CreateFileMappingW
FileTimeToSystemTime

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lock
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/a1febf2ccbe404ef23862c30aaa3040c
.js
some-samples-master/a21ada4cc22079f478829f670df83d64
.html .js polyglot
some-samples-master/a2aed8c9f19b1f25a0adbef06071a9ca
.exe windows:5 windows x86 arch:x86

21634e8b08d82f0c85fdef261dcc3085

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

__WSAFDIsSet
recv
send
setsockopt
ntohs
recvfrom
select
WSAStartup
htons
accept
listen
bind
closesocket
connect
WSACleanup
ioctlsocket
sendto
WSAGetLastError
inet_addr
gethostbyname
gethostname
socket

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

timeGetTime
waveOutSetVolume
mciSendStringW

comctl32

ImageList_Destroy
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
ImageList_Create
InitCommonControlsEx
ImageList_ReplaceIcon

mpr

WNetUseConnectionW
WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W

wininet

InternetReadFile
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetCrackUrlW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
HttpSendRequestW
FtpOpenFileW
FtpGetFileSize
InternetOpenUrlW
InternetConnectW
InternetQueryDataAvailable

psapi

GetProcessMemoryInfo

iphlpapi

IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho

userenv

UnloadUserProfile
DestroyEnvironmentBlock
CreateEnvironmentBlock
LoadUserProfileW

uxtheme

IsThemeActive

kernel32

WaitForSingleObject
HeapAlloc
GetProcessHeap
HeapFree
Sleep
GetCurrentThreadId
MultiByteToWideChar
MulDiv
GetVersionExW
GetSystemInfo
FreeLibrary
LoadLibraryA
GetProcAddress
SetErrorMode
WideCharToMultiByte
lstrcpyW
lstrlenW
GetModuleHandleW
QueryPerformanceCounter
VirtualFreeEx
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
CreateFileW
SetFilePointerEx
ReadFile
WriteFile
FlushFileBuffers
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
DeleteFileW
CloseHandle
MoveFileW
CopyFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceFrequency
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceNamesW
OutputDebugStringW
GetTempPathW
GetTempFileNameW
DeviceIoControl
GetLocalTime
CompareStringW
DeleteCriticalSection
CreateThread
LeaveCriticalSection
GetStdHandle
CreatePipe
InterlockedExchange
TerminateThread
LoadLibraryExW
FindResourceExW
VirtualFree
FormatMessageW
GetExitCodeProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
CreateHardLinkW
SetFileAttributesW
GetShortPathNameW
CreateEventW
SetEvent
GetEnvironmentVariableW
SetEnvironmentVariableW
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
GlobalFree
GlobalMemoryStatusEx
Beep
GetSystemDirectoryW
GetComputerNameW
GetWindowsDirectoryW
GetCurrentProcessId
GetProcessIoCounters
CreateProcessW
SetPriorityClass
LoadLibraryW
VirtualAlloc
GetLastError
GetModuleFileNameW
GetFullPathNameW
SetCurrentDirectoryW
IsDebuggerPresent
GetCurrentDirectoryW
lstrcmpiW
RaiseException
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
InterlockedIncrement
DuplicateHandle
GetCurrentProcess
EnterCriticalSection
GetCurrentThread
ExitProcess
GetModuleHandleExW
ExitThread
GetSystemTimeAsFileTime
ResumeThread
GetCommandLineW
IsProcessorFeaturePresent
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStringTypeW
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
RtlUnwind
ReadConsoleW
SetFilePointer
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
WriteConsoleW
SetEndOfFile
FindNextFileW
SetEnvironmentVariableA

user32

CopyImage
SetWindowPos
GetCursorInfo
RegisterHotKey
ClientToScreen
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
MonitorFromPoint
GetMonitorInfoW
SetWindowLongW
SetLayeredWindowAttributes
FlashWindow
GetClassLongW
TranslateAcceleratorW
IsDialogMessageW
GetSysColor
InflateRect
DrawFocusRect
DrawTextW
FrameRect
DrawFrameControl
FillRect
PtInRect
DestroyAcceleratorTable
CreateAcceleratorTableW
SetCursor
GetWindowDC
GetSystemMetrics
DrawMenuBar
GetActiveWindow
CharNextW
wsprintfW
RedrawWindow
DestroyMenu
SetMenu
GetWindowTextLengthW
CreateMenu
IsDlgButtonChecked
DefDlgProcW
CallWindowProcW
ReleaseCapture
SetCapture
MonitorFromRect
LoadImageW
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
SetMenuDefaultItem
InsertMenuItemW
IsMenu
TrackPopupMenuEx
AdjustWindowRectEx
DeleteMenu
CheckMenuRadioItem
GetMenuItemID
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
SetForegroundWindow
IsIconic
UnregisterHotKey
SystemParametersInfoW
keybd_event
SendInput
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
GetKeyState
VkKeyScanW
LoadStringW
DialogBoxParamW
MessageBeep
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
CopyRect
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetMenu
DestroyWindow
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
InvalidateRect
GetWindowLongW
GetWindowThreadProcessId
AttachThreadInput
GetFocus
ScreenToClient
SendMessageTimeoutW
EnumChildWindows
CharUpperBuffW
GetClassNameW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
SetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenDesktopW
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
GetUserObjectSecurity
SetRect
SetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
BlockInput
GetMessageW
LockWindowUpdate
DispatchMessageW
TranslateMessage
GetCursorPos
PeekMessageW
MessageBoxW
DefWindowProcW
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSysColorBrush
GetForegroundWindow
MessageBoxA
DestroyIcon
FindWindowW
CharLowerBuffW
GetWindowTextW

gdi32

SetPixel
DeleteObject
GetTextExtentPoint32W
ExtCreatePen
StrokeAndFillPath
StrokePath
GetDeviceCaps
CloseFigure
LineTo
AngleArc
CreateCompatibleBitmap
CreateCompatibleDC
MoveToEx
Ellipse
PolyDraw
BeginPath
SelectObject
StretchBlt
GetDIBits
DeleteDC
GetPixel
CreateDCW
GetStockObject
Rectangle
SetViewportOrgEx
GetObjectW
SetBkMode
RoundRect
SetBkColor
CreatePen
CreateSolidBrush
SetTextColor
CreateFontW
GetTextFaceW
EndPath

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

GetAclInformation
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegCreateKeyExW
GetUserNameW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegConnectRegistryW
InitializeSecurityDescriptor
InitializeAcl
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
CreateProcessWithLogonW
GetLengthSid
CopySid
InitiateSystemShutdownExW
LogonUserW
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
GetTokenInformation
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
AddAce
GetAce

shell32

DragQueryPoint
ShellExecuteExW
DragQueryFileW
SHEmptyRecycleBinW
SHBrowseForFolderW
SHGetFolderPathW
SHFileOperationW
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetMalloc
ExtractIconExW
Shell_NotifyIconW
ShellExecuteW
DragFinish

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
ProgIDFromCLSID
CLSIDFromProgID
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoCreateInstance
IIDFromString
StringFromGUID2
CreateStreamOnHGlobal
CoInitialize
CoUninitialize
GetRunningObjectTable
CoGetInstanceFromFile
CoGetObject
CoInitializeSecurity
CoCreateInstanceEx
CoSetProxyBlanket

oleaut32

RegisterTypeLi
LoadTypeLibEx
VariantCopyInd
SysReAllocString
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
UnRegisterTypeLi
SafeArrayCreateVector
SysAllocString
SysStringLen
VariantTimeToSystemTime
VarR8FromDec
SafeArrayGetVartype
OleLoadPicture
QueryPathOfRegTypeLi
VariantCopy
VariantClear
CreateDispTypeInfo
CreateStdDispatch
DispCallFunc
VariantChangeType
SafeArrayAllocDescriptorEx
VariantInit

Sections

.text
Size: 560KB - Virtual size: 559KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 938KB - Virtual size: 937KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/a2afca513756b44e7097caf2b406d5ac
some-samples-master/a300b525674b530d7d30be3bec9cc67d
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 608KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/a307af657a53491ce414c9eca2596bd3
.js
some-samples-master/a310259e720a8cc3afb0397886840d5f
.js
some-samples-master/a328163113f5a56124f4e834b0beff65
some-samples-master/a32f30fabf31087328bcd09d5e23c0b7
.js
some-samples-master/a33251c6e7306efd42151233336c8edc
.html .js polyglot
some-samples-master/a3415709687c74d28093d5584681e264
.js
some-samples-master/a3447eba999d1d4485fd6cef86045bb7
.html .js polyglot
some-samples-master/a3727f7ce92fb3cb5cfc55d850ff39c0
.js
some-samples-master/a375eaa8f9443d758e99ac11e33136bf
.html .js polyglot
some-samples-master/a382b0455dac66ced6baca105cd35a3c
.js
some-samples-master/a3e21eaf099d33e5c82062e46ffc537b
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/a41bdaa65fac12c3238a9b956a8b4276
.js
some-samples-master/a434ad1696258dec5357d78a8b8974ae
.exe windows:4 windows x86 arch:x86

3cb36d491d80f01f4b2e1913a2285787

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamOut
midiOutPrepareHeader
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
waveOutPause
waveOutReset
waveOutClose
waveOutGetNumDevs
waveOutOpen
midiStreamStop
midiOutReset
midiStreamClose
midiStreamRestart
midiOutUnprepareHeader
midiStreamOpen
midiStreamProperty

ws2_32

WSACleanup
closesocket
getpeername
accept
WSAAsyncSelect
recvfrom
ioctlsocket
inet_ntoa
recv

kernel32

GetWindowsDirectoryA
GetSystemDirectoryA
MultiByteToWideChar
SetLastError
GetTimeZoneInformation
GetVersion
WideCharToMultiByte
GetACP
HeapSize
GetLocalTime
GetSystemTime
RtlUnwind
GetStartupInfoA
GetOEMCP
GetCPInfo
GetProcessVersion
SetErrorMode
GlobalFlags
GetCurrentThread
GetFileTime
TlsGetValue
LocalReAlloc
TlsSetValue
TlsFree
GlobalHandle
TlsAlloc
LocalAlloc
lstrcmpA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcmpiA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
DuplicateHandle
lstrcpynA
FileTimeToLocalFileTime
FileTimeToSystemTime
LocalFree
InterlockedDecrement
InterlockedIncrement
OpenProcess
TerminateProcess
GetCurrentProcess
GetFileSize
SetFilePointer
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateSemaphoreA
ResumeThread
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
GetProfileStringA
WriteFile
WaitForMultipleObjects
CreateFileA
SetEvent
FindResourceA
LoadResource
LockResource
ReadFile
GetModuleFileNameA
GetCurrentThreadId
ExitProcess
GlobalSize
GlobalFree
DeleteCriticalSection
InitializeCriticalSection
lstrcatA
lstrlenA
WinExec
lstrcpyA
FindNextFileA
InterlockedExchange
GlobalReAlloc
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
GetFullPathNameA
FreeLibrary
LoadLibraryA
GetLastError
GetVersionExA
WritePrivateProfileStringA
CreateThread
CreateEventA
Sleep
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathA
FindFirstFileA
FindClose
SetFileAttributesA
GetFileAttributesA
DeleteFileA
CopyFileA
CreateDirectoryA
SetCurrentDirectoryA
GetVolumeInformationA
GetModuleHandleA
GetProcAddress
MulDiv
GetCommandLineA
GetTickCount
CreateProcessA
WaitForSingleObject
CloseHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
SetEnvironmentVariableA
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
CompareStringA
CompareStringW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
RaiseException

user32

PeekMessageA
SetMenu
GetMenu
IsIconic
SetFocus
GetActiveWindow
GetWindow
DestroyAcceleratorTable
SetWindowRgn
GetMessagePos
ScreenToClient
DefWindowProcA
GetClassInfoA
IsZoomed
PostQuitMessage
CopyAcceleratorTableA
GetKeyState
TranslateAcceleratorA
IsWindowEnabled
ShowWindow
SystemParametersInfoA
LoadImageA
EnumDisplaySettingsA
ClientToScreen
EnableMenuItem
GetSubMenu
GetDlgCtrlID
CreateAcceleratorTableA
CreateMenu
ModifyMenuA
AppendMenuA
CreatePopupMenu
CopyRect
LoadBitmapA
WinHelpA
KillTimer
SetTimer
ReleaseCapture
GetCapture
SetCapture
GetScrollRange
SetScrollRange
SetScrollPos
SetRect
InflateRect
IntersectRect
GetSysColorBrush
DestroyIcon
PtInRect
OffsetRect
IsWindowVisible
EnableWindow
RedrawWindow
GetWindowLongA
SetWindowLongA
GetSysColor
SetActiveWindow
SetCursorPos
LoadCursorA
SetCursor
GetDC
FillRect
IsRectEmpty
ReleaseDC
IsChild
DestroyMenu
SetForegroundWindow
GetWindowRect
EqualRect
UpdateWindow
ValidateRect
InvalidateRect
GetClientRect
GetFocus
GetParent
GetTopWindow
PostMessageA
IsWindow
SetParent
DestroyCursor
SendMessageA
SetWindowPos
MessageBoxA
GetCursorPos
GetSystemMetrics
EmptyClipboard
SetClipboardData
OpenClipboard
GetClipboardData
CloseClipboard
wsprintfA
WaitForInputIdle
DrawIconEx
CreateIconFromResource
CreateIconFromResourceEx
RegisterClipboardFormatA
DispatchMessageA
GetMessageA
WindowFromPoint
DrawFocusRect
DrawEdge
DrawFrameControl
TranslateMessage
LoadIconA
GetDesktopWindow
GetClassNameA
GetWindowThreadProcessId
FindWindowA
GetDlgItem
GetWindowTextA
GetForegroundWindow
ChildWindowFromPointEx
UnregisterClassA
SetRectEmpty
GetWindowTextLengthA
CharUpperA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
DestroyWindow
CreateDialogIndirectParamA
EndDialog
GetNextDlgTabItem
GetWindowPlacement
RegisterWindowMessageA
GetLastActivePopup
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
UnhookWindowsHookEx
SetPropA
GetClassLongA
CallNextHookEx
SetWindowsHookExA
CreateWindowExA
GetMenuItemID
GetMenuItemCount
RegisterClassA
GetScrollPos
AdjustWindowRectEx
MapWindowPoints
SendDlgItemMessageA
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
CheckMenuItem
SetMenuItemBitmaps
GetMenuState
GetMenuCheckMarkDimensions
LoadStringA

gdi32

Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetViewportExtEx
ExtSelectClipRgn
CreateFontIndirectA
EndPage
EndDoc
DeleteDC
StartDocA
StartPage
BitBlt
CreateCompatibleDC
Ellipse
Rectangle
LPtoDP
DPtoLP
GetCurrentObject
GetTextMetricsA
GetTextExtentPoint32A
GetDeviceCaps
SetStretchBltMode
CreateRectRgnIndirect
SetBkColor
LineTo
MoveToEx
ExcludeClipRect
GetClipBox
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
GetStockObject
CreateSolidBrush
FillRgn
CreateRectRgn
CombineRgn
PatBlt
CreatePen
GetObjectA
SelectObject
CreateBitmap
CreateDCA
CreateCompatibleBitmap
GetPolyFillMode
GetStretchBltMode
GetROP2
GetBkColor
GetBkMode
GetTextColor
CreateRoundRectRgn
CreateEllipticRgn
PathToRegion
EndPath
BeginPath
GetWindowOrgEx
GetViewportOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
SetTextColor
SetROP2
SetPolyFillMode
GetWindowExtEx
GetDIBits
RealizePalette
SelectPalette
StretchBlt
CreatePalette
GetSystemPaletteEntries
CreateDIBitmap
GetClipRgn
SelectClipRgn
RoundRect
DeleteObject
SetBkMode
RestoreDC
SaveDC
CreatePolygonRgn

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
Shell_NotifyIconA
SHGetSpecialFolderPathA

ole32

CLSIDFromString
OleUninitialize
OleInitialize

oleaut32

LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi

comctl32

ord17
ImageList_Destroy

comdlg32

ChooseColorA
GetFileTitleA
GetSaveFileNameA
GetOpenFileNameA

Sections

.text
Size: 500KB - Virtual size: 497KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/a43b769209199b8e99e240eb2751f4ce
.js
some-samples-master/a444561d29e40f90094bc4f59ae1cb60
.html .js polyglot
some-samples-master/a456188b902062bd9ffa19c219c6fd1f
.exe windows:4 windows x86 arch:x86

ff8f6d94da1a183189da289b15c5b7dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
ord588
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
ord698
__vbaFreeObjList
_adj_fprem1
ord519
ord629
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord667
__vbaAryDestruct
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord523
__vbaVarTstLt
_CIsin
ord631
ord632
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
__vbaDateR8
DllFunctionCall
ord672
__vbaLbound
_adj_fpatan
ord675
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
_adj_fprem
_adj_fdivr_m64
ord609
__vbaFPException
__vbaDateVar
ord538
_CIlog
ord539
ord648
ord570
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarAdd
__vbaVarDup
ord616
_CIatan
__vbaStrMove
ord618
ord619
_allmul
ord544
_CItan
ord546
ord547
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 424KB - Virtual size: 421KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/a4a47decd4ee946486fdc199477f53ec
.html .js polyglot
some-samples-master/a4c3aed737c90b4acd97ec6bc0154b90
.js
some-samples-master/a4dc03c879317829482ec6833a067b18
.html .js polyglot
some-samples-master/a51898a82589fba74bca66252ad84edf
some-samples-master/a547ff7d856745aa90c173583a2f53aa
.html .js polyglot
some-samples-master/a55b9addb2447db1882a3ae995a70151
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/a567132f7557c2e6da2fec11a65022fb
.js
some-samples-master/a5c309c7dd1ffbda6be5e697d7f2503a
.js
some-samples-master/a5dc819d1c20e21fac2072824c7fa575
.js
some-samples-master/a6369c894ae623d71fcf3480c1c6cd3e
.html
some-samples-master/a63b52ff9f8d7436d23abde2ef81c9a5
.exe windows:4 windows x86 arch:x86

3104583a121eab7f8ccf92486756eca7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
OutputDebugStringA
WinExec
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
LoadLibraryA
WaitForSingleObject
ExitProcess
GetLastError
CreateMutexA
lstrlenA
CopyFileA
FreeLibrary
GetSystemInfo
LCMapStringA
SetStdHandle
GetProcAddress
CreateThread
CloseHandle
CreateProcessA
TerminateProcess
GetSystemDirectoryA
lstrcatA
lstrcpyA
GetCurrentProcessId
ExitThread
Sleep
GetModuleFileNameA
GetTickCount
GetOEMCP
GetACP
GetCPInfo
LCMapStringW
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
FlushFileBuffers
HeapReAlloc
VirtualAlloc
SetFilePointer
WriteFile
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentStringsW
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
SetHandleCount
GetStdHandle
GetFileType
HeapAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings

user32

wsprintfA

advapi32

CreateServiceA
OpenServiceA
StartServiceA
RegOpenKeyA
RegSetValueExA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA

ws2_32

__WSAFDIsSet
WSAIoctl
recv
socket
connect
send
WSAStartup
select
WSAGetLastError
setsockopt
htons
htonl
sendto
WSACleanup
inet_addr
gethostbyname
WSASocketA
closesocket

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/a688d2e7ac5742e2deba0f31fb62c058
.html
some-samples-master/a68e5200c1126b762d03e49c222388e8
.html .js polyglot
some-samples-master/a6a3fae657dc4cba24535a9ceb736f0b
.exe windows:4 windows x86 arch:x86

e8991ea26876294a9f794f7280e55d6b

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

24-05-2016 00:00

Not After

24-06-2027 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16-11-2006 01:54

Not After

16-11-2026 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b3:41:e9:6d:b4:fe:b0:4c
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

12-08-2016 10:26

Not After

12-08-2017 06:05

Subject

CN=Beijing Baofeng Technology Co.\, Ltd.,O=Beijing Baofeng Technology Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1e:fd:51:f1:52:57:fc:3e:ca:4a:eb:c4:0d:b1:2f:bd:ee:54:e8:9b
Signer

Actual PE Digest

1e:fd:51:f1:52:57:fc:3e:ca:4a:eb:c4:0d:b1:2f:bd:ee:54:e8:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord5289
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord6055
ord1776
ord5290
ord3402
ord3721
ord800
ord795
ord1146
ord1168
ord860
ord540
ord567
ord2370
ord2302
ord2379
ord755
ord470
ord6334
ord926
ord922
ord941
ord858
ord537
ord2818
ord3663
ord823
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord2055
ord4673

msvcrt

__set_app_type
_except_handler3
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
sprintf
free
_CxxThrowException
__CxxFrameHandler
realloc
_stricmp
_itoa

kernel32

GetProcAddress
HeapAlloc
GetProcessHeap
VirtualProtect
VirtualFree
HeapFree
FreeLibrary
IsProcessorFeaturePresent
GetSystemInfo
GlobalMemoryStatus
CloseHandle
WriteFile
CreateFileA
Sleep
OutputDebugStringA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA

user32

GetClientRect
GetSystemMetrics
SendMessageA
IsIconic
SystemParametersInfoA
EnableWindow
LoadIconA
DrawIcon

Exports

Exports

SPACE

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/a6bd91e3d51e60f65d23bd416194834f
.html
some-samples-master/a6d1e8a3d130b2311c753930479c270b
.html .js polyglot
some-samples-master/a701bcd69a3ce7947fbc86256c2103d5
.html
some-samples-master/a7083b664930ee6bc73776b19c0348e6
.html
some-samples-master/a74766869b86277e6de5d7f0a3094ceb
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 124KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/a76f9a01c9368e05d1d00b24b74aabfb
.js
some-samples-master/a770571104107efec8305162b4d73db8
.html .js polyglot
some-samples-master/a771bb4abe46a7858e698c9a9203ca2f
.js
some-samples-master/a7b19fa2603ce6e652dcd281f4259b5c
.exe windows:4 windows x86 arch:x86

d296e4da3cbfe8c03e42174e3e6940bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3749
ord5065
ord1727
ord5261
ord2446
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord823
ord2135
ord825
ord818
ord1949
ord4034
ord5265
ord4376
ord4998
ord4710
ord2514
ord6052
ord1775
ord5280
ord2124
ord4425
ord3597
ord641
ord860
ord324
ord2358
ord2370
ord4234
ord4853
ord4224
ord861
ord6334
ord6376
ord2302
ord2818
ord924
ord926
ord6741
ord6508
ord6640
ord2299
ord3092
ord3097
ord1200
ord5575
ord2688
ord858
ord922
ord5951
ord2642
ord5981
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2621
ord1134
ord1146
ord1168
ord4160
ord2863
ord2379
ord755
ord470
ord2086
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord433
ord540
ord535
ord800
ord4033
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
atoi
_mbscmp
free
realloc
__CxxFrameHandler
_mbsicmp
_CxxThrowException
_setmbcp
_stricmp
_controlfp

kernel32

GetLastError
lstrlenA
GetProcAddress
LoadLibraryA
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualFree
IsBadReadPtr
HeapFree
FreeLibrary
ExitProcess
GetModuleHandleA
GetStartupInfoA
LocalFree
MultiByteToWideChar

user32

IsIconic
GetClientRect
GetSystemMenu
AppendMenuA
LoadIconA
SendMessageA
EnableWindow
GetSystemMetrics
DrawIcon

ole32

CLSIDFromProgID
CoCreateInstance
OleRun
CLSIDFromString

oleaut32

VariantInit
GetErrorInfo
SysAllocString
VariantClear

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/a7b677a0429192fb1c1784fea1a2f058
.js
some-samples-master/a7c1d6b5f2d2b8eaa80089778caf4bf9
.js
some-samples-master/a7fe649c790bb3dd2f7b1da6148b8114
some-samples-master/a870ad99ca47385a322066a9f6f875ac
.js
some-samples-master/a8b829ef03e28e132b440b5d555164dd
.js
some-samples-master/a8c46257b47c1853ec560a0770527747
.html .js polyglot
some-samples-master/a8f27758813345035c3ccfe12fbb60f8
.html .js polyglot
some-samples-master/a8fcbec33d2162c78eb509eef69c72da
.js
some-samples-master/a908aa889a2156049fb1e05858586e98
some-samples-master/a90aaad9edf82baa8982f94db54345e4
.js
some-samples-master/a970f4143be298ab3085a87125c0c7bb
.html .js polyglot
some-samples-master/a999913e1b9c418181a220b3c7ff8cdd
.html
some-samples-master/a9cad103b86967843040e244520de521
.html .js polyglot
some-samples-master/a9f1ba9451d1df8c5c73a06c167f9cb9
.html
some-samples-master/aa276c55cb0038afc189d57197f9884e
.html .js polyglot
some-samples-master/aa6480b2eb0cdf337aa295767d911def
.html .js polyglot
some-samples-master/aa727f7deded1e828143a209c1147993
.html
some-samples-master/aa8792c2f2e11a880661e60177515613
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ifc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/aab43d9485fd707a995233e9bb942c61
.html .js polyglot
some-samples-master/aadd746f0ff28ad26116f5251746b86f
.html .js polyglot
some-samples-master/aaf1daa82802809808329b0e88af63f2
.exe windows:4 windows x86 arch:x86

a250cb9130479ac86c0182066a244012

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3254
ord2441
ord1695
ord5006
ord5656
ord4470
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5476
ord3403
ord2879
ord2878
ord4154
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5285
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord736
ord807
ord739
ord450
ord439
ord554
ord442
ord825
ord747
ord5495
ord2104
ord4460
ord2494
ord2627
ord2626
ord4163
ord6625
ord6064
ord5252
ord4614
ord4613
ord1942
ord4272
ord4589
ord4899
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord4078
ord5240
ord5290
ord4441
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5259
ord2535
ord4723
ord4448
ord1842
ord4242
ord5472
ord4151
ord5282
ord796
ord794
ord674
ord529
ord527
ord366
ord6000
ord2117
ord4457
ord2252
ord1133
ord3481
ord3797
ord4284
ord1895
ord4958
ord3407
ord4990
ord4927
ord4932
ord4937
ord4717
ord4688
ord4946
ord5018
ord5108
ord4912
ord4646
ord4980
ord4522
ord4993
ord4537
ord5075
ord4038
ord3281
ord3353
ord4626
ord4424
ord457
ord749
ord4653
ord6194
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord459
ord561
ord743
ord1134
ord1199
ord1205
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5241
ord5280
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1894
ord4254
ord2486
ord4015
ord4957
ord4861
ord4826
ord3187
ord4950
ord2437
ord2171
ord5020
ord4517
ord4640
ord4916
ord5002
ord4494
ord4491
ord5021
ord3106
ord4605
ord5000
ord4416
ord5090
ord5501
ord4628
ord4657
ord5752
ord4155
ord2991
ord3417
ord5025
ord3514
ord6344
ord5627
ord1003
ord3449
ord3787
ord3250
ord4697
ord3060
ord3066
ord6336
ord2510
ord2542
ord5244
ord5742
ord1747
ord5577
ord3172
ord5654
ord4423
ord4956
ord4860
ord2402
ord4387
ord3454
ord3198
ord6081
ord6175
ord3261
ord4623
ord4430
ord748
ord1206
ord2623
ord456
ord1223
ord4825
ord1849
ord4244
ord2583
ord4403
ord5253
ord3998
ord1576
ord4251
ord1886
ord823
ord4676
ord4671
ord4857
ord4450
ord1168

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
free
realloc
_CxxThrowException
__CxxFrameHandler
_setmbcp
_stricmp
_XcptFilter

kernel32

GetProcAddress
Sleep
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
LoadLibraryA

user32

EnableWindow
SendMessageA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ab0f5e146839a822debfb632a64d83a7
.js
some-samples-master/ab2153f037dcd98d1ff255b0474a4e31
.js
some-samples-master/ab27f6c7634e9efc13fb2db29216a0a8
.elf linux x64
some-samples-master/ab45618f64f0a2c5aa052cdff846a464
.js
some-samples-master/ab4d1af0dddf06fd482bcdb7a32d5640
.html .js polyglot
some-samples-master/ab53dd7afdcbfc2310eddf02c7f7b5da
.exe windows:4 windows x86 arch:x86

fdd2947214548fe703c42f54ac249249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultUILanguage
GetComputerNameA
GetSystemInfo
WaitForSingleObject
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
EnumResourceNamesA
EndUpdateResourceA
WinExec
UpdateResourceA
BeginUpdateResourceA
GlobalFree
ReadFile
GlobalAlloc
GetFileSize
GetFileAttributesA
GetLastError
CopyFileA
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA
GetTempPathA
MoveFileA
MoveFileExA
CreateThread
CloseHandle
CreateProcessA
lstrcatA
GetCurrentProcessId
lstrcpyA
GetCurrentProcess
ExitThread
Sleep
GetTickCount
LoadLibraryA
lstrlenA
GetProcAddress

user32

wsprintfA

advapi32

OpenSCManagerA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
OpenServiceA
StartServiceA
RegSetValueExA
CloseServiceHandle
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
CreateServiceA

msvcrt

__setusermatherr
memcpy
??3@YAXPAX@Z
_controlfp
sprintf
localtime
time
rand
srand
memset
fprintf
printf
_except_handler3
_local_unwind2
__CxxFrameHandler
_ftol
strcat
strcpy
??2@YAPAXI@Z
strstr
atoi
strncmp
free
_iob
__dllonexit
_onexit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
strlen
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

ws2_32

WSACleanup
sendto
htonl
setsockopt
WSAGetLastError
WSASocketA
socket
gethostbyname
recv
send
__WSAFDIsSet
select
htons
connect
closesocket
WSAStartup
inet_addr
WSAIoctl

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

iphlpapi

GetIfTable

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ab581480ef2f9ab191ee3cbb48e9bd83
.js
some-samples-master/aba1850d725e94269e88bb91e3a28eac
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/aba2d86ed17f587eb6d57e6c75f64f05
.exe windows:4 windows x86 arch:x86

87e83bda436138fd7844ecd76decc70d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

FtpFindFirstFileA
FtpGetFileA
FtpOpenFileA
FtpPutFileA
InternetCloseHandle
InternetConnectA
InternetFindNextFileA
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetSetOptionA

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FindAtomA
FindResourceA
GetAtomNameA
GetCommandLineA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetStartupInfoA
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadResource
LockResource
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WriteFile

msvcrt

_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_beginthread
_beginthreadex
_cexit
_endthread
_endthreadex
_ftime
_iob
_onexit
_setjmp
_setmode
abort
atexit
calloc
exit
fclose
fopen
fprintf
fputc
fputs
free
fscanf
fwrite
longjmp
malloc
memcmp
memcpy
memmove
memset
printf
rand
realloc
signal
sprintf
srand
strcmp
strcpy
strlen
strncpy
strstr
vfprintf

shell32

ShellExecuteA

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/abafd0bf4fc4098d1f09d6b89eb249c1
.html .js polyglot
some-samples-master/abb37d08d6d49230b4c1fa31abe673ee
.elf linux sparc
some-samples-master/abddb7e0d500734aaa584394c0463327
.js
some-samples-master/ac9468d67d4c889b45dd7d916346359d
some-samples-master/acd8c3fd028304c63e20fecd6df3781b
.html .js polyglot
some-samples-master/acee1755537122d72a10fe8d4ecc6dd6
.exe windows:4 windows x86 arch:x86

4d4ae6ed4d7bf3fa0da7e66ebcc3ff07

Code Sign

04:4e:3b:f5:89:76:88:0f:fd:07:44:48:a8:f7:a0:58
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

21-07-2016 00:00

Not After

25-07-2019 12:00

Subject

CN=Malwarebytes Corporation,O=Malwarebytes Corporation,L=Santa Clara,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2014 00:00

Not After

22-10-2024 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11-02-2011 12:00

Not After

10-02-2026 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-11-2006 00:00

Not After

10-11-2021 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:5d:90:b7:15:5a:86:b6:eb:80:e2:a1:5a:74:b3:18
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26-01-2016 00:00

Not After

04-04-2018 12:00

Subject

SERIALNUMBER=5430750,CN=Malwarebytes Corporation,O=Malwarebytes Corporation,POSTALCODE=95054,STREET=12th Floor+STREET=3979 Freedom Circle,L=Santa Clara,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02-01-2017 00:00

Not After

01-04-2028 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

f7:59:6e:c2:a8:fc:fe:cd:14:8c:af:64:e1:5e:53:94:0f:7e:ef:fd:ba:54:16:63:ea:6e:65:62:07:91:54:26
Signer

Actual PE Digest

f7:59:6e:c2:a8:fc:fe:cd:14:8c:af:64:e1:5e:53:94:0f:7e:ef:fd:ba:54:16:63:ea:6e:65:62:07:91:54:26

Digest Algorithm

sha256

PE Digest Matches

false

ea:33:f5:ce:79:9f:6a:25:47:26:69:57:54:46:f4:5e:39:26:79:e2
Signer

Actual PE Digest

ea:33:f5:ce:79:9f:6a:25:47:26:69:57:54:46:f4:5e:39:26:79:e2

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
ord588
__vbaFreeVarList
ord697
__vbaEnd
_adj_fdiv_m64
ord516
_adj_fprem1
ord629
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaOnError
_adj_fdiv_m16i
_adj_fdivr_m16i
ord598
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaStrCmp
DllFunctionCall
ord670
_adj_fpatan
ord675
__vbaLateIdCallLd
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord608
__vbaFPException
__vbaI2Var
ord538
_CIlog
__vbaNew2
ord570
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
_adj_fdivr_m32
_adj_fdiv_r
ord100
__vbaI4Var
__vbaFpI2
__vbaFpI4
_CIatan
ord618
__vbaStrMove
ord543
_allmul
_CItan
ord546
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 548KB - Virtual size: 545KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ad0f92e07f699e54b0351f6c4e3b5f9b
some-samples-master/ad23166383280b049ac85bf92346a749
.html
some-samples-master/ad2ca713208636caf3853ce9314eda39
.js
some-samples-master/ad4c1dd7282a183d83cd0befec7276d6
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\AppData\Roaming\WTF\GoodMorning\obj\Release\OAs.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/ad7ef2989c086bebeeb5cfe9031bfaf1
.js
some-samples-master/ad8a15449271c2ac490cca00b89b08aa
.html .js polyglot
some-samples-master/ada42a5224fa8eefb8df470f4f4a1d90
.exe windows:4 windows x86 arch:x86

208436fb6168e4d8672465d72787c9ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
HeapAlloc
GetProcessHeap
VirtualAlloc
GetProcAddress
LoadLibraryA
HeapFree
VirtualFree
CloseHandle
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
HeapReAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
GetLastError
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetStdHandle

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/adaf5cc674216e00f0e282de05603c2c
.html
some-samples-master/adee7cbee93ee74b0c875934e1bb6a42
.js
some-samples-master/ae12bb54af31227017feffd9598a6f5e
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/ae2e796443d66a9838e2ef9418c66f20
.exe windows:4 windows x86 arch:x86

876f369193c811b1654082ac6140a376

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACloseCertType
CAEnumNextCA

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range

user32

wsprintfW
LoadBitmapA
IsDialogMessageA
DispatchMessageA
PostMessageA
CharToOemA
LoadIconA
IsCharLowerW
DialogBoxParamW
MessageBoxA
GetClassLongA
DrawStateW
PeekMessageW
InsertMenuW

comsvcs

CoEnterServiceDomain
CoLoadServices

kernel32

GetCommandLineA
InterlockedIncrement
CreateNamedPipeW
GetEnvironmentVariableW
WaitForSingleObject
SetLocalTime
CreateThread
GetComputerNameExA
CloseHandle
FindResourceExW
OpenThread
GlobalAddAtomW
GetConsoleTitleW
SetPriorityClass
FindNextFileA
CreateFileMappingW
FindFirstFileA
FormatMessageW
SetLastError
GetLogicalDriveStringsW
GetProcAddress
GetPrivateProfileStringA
CreateDirectoryW
CreateSemaphoreA
LoadLibraryA
GetTempPathA
GetModuleHandleA

shlwapi

UrlGetPartA
PathCompactPathW
UrlCreateFromPathA
UrlCombineW
UrlEscapeW
UrlCompareW
UrlUnescapeA
PathIsRootA
UrlHashA
UrlIsNoHistoryA
UrlGetLocationW
PathCommonPrefixW
UrlIsW
PathCombineW

resutils

ClusWorkerStart
ClusWorkerTerminate

shell32

SHGetMalloc
DllCanUnloadNow
DragQueryFileA
DllGetVersion
SHBrowseForFolderA
SHGetDesktopFolder
StrChrA
ExtractIconA
SHEmptyRecycleBinW
SHCreateDirectoryExW

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 540KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dec
Size: 512B - Virtual size: 256KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ae2f577702bbea61a23b7c7acb9b5cef
.js
some-samples-master/ae820c264e172773b3d478082471a396
.html .js polyglot
some-samples-master/aea474acdcd38dd1e977d18d71b42a3b
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 172KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/aebbbdefb5a35e69a7c6a3d73aa4984c
.html .js polyglot
some-samples-master/aec0561c5ef4c154d853089a77100986
.js
some-samples-master/aede05842f781315a7b5c8519b367929
.html .js polyglot
some-samples-master/af09317971cc46ebf8affbad4c323372
.exe windows:4 windows x86 arch:x86

915ca1ebbe753746e97c161a3d891b9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord4159
ord6117
ord2621
ord823
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord540
ord338
ord4823
ord2818
ord3499
ord2515
ord355
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord5714
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord5240
ord5290
ord3748
ord1726
ord4432
ord813
ord560
ord5260
ord640
ord323
ord1641
ord3571
ord3626
ord2414
ord1640
ord5785
ord2535
ord2754
ord858
ord6148
ord2568
ord6268
ord6271
ord3225
ord3257
ord3912
ord2544
ord2543
ord2511
ord978
ord1731
ord5851
ord2883
ord2398
ord2418
ord6224
ord6226
ord2429
ord2250
ord4541
ord5477
ord2259
ord4836
ord4440
ord3720
ord794
ord527
ord4732
ord6230
ord2864
ord4264
ord4763
ord4766
ord4789
ord4588
ord4370
ord4892
ord3692
ord5791
ord535
ord1842
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4303
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord4077
ord5237
ord5282
ord2649
ord1665
ord4436
ord4427
ord796
ord674
ord554
ord529
ord366
ord807
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord2120
ord4457
ord4163
ord5852
ord3481
ord2252
ord5252
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4612
ord4615
ord6385
ord800
ord353
ord5442
ord3318
ord1979
ord1200
ord665
ord825
ord4543
ord3663

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
strcpy
__CxxFrameHandler
memcpy
memset
malloc
strlen
_stricmp
free
realloc

kernel32

CreateFileA
Sleep
ReadFile
GetFileSize
HeapAlloc
GetProcessHeap
VirtualAlloc
LoadLibraryA
VirtualFree
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA
GlobalFree
GlobalUnlock
GlobalHandle
GlobalLock
GlobalAlloc
CloseHandle
VirtualProtect
GetProcAddress
WriteFile

user32

RedrawWindow
GetCapture
ReleaseCapture
SetCapture
InvalidateRect
GetClientRect
GetSysColor
LoadImageA
EnableWindow
UpdateWindow
OffsetRect

gdi32

StretchDIBits
DeleteObject
CreatePalette
BitBlt
CreateCompatibleDC
GetObjectA
RealizePalette

imagehlp

MakeSureDirectoryPathExists

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/af4aa29d6e3fce9206b0d21b09b7bc40c3a2128bc5eb02ff239ed2f3549532bb_mirai
.elf linux arm
some-samples-master/af72072fae554b216d151ba14438b5bd
.js
some-samples-master/af8ac2a4307d949833cf26af5d958bdf
.exe windows:4 windows x86 arch:x86

938f2da2102daa2604b773017a49c17c

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3e:61:0c:00:c4:d7:25:b9:68:92:79:cc:88:ee:a5:94
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

21-07-2011 00:00

Not After

11-01-2013 23:59

Subject

CN=TMRG\, Inc.,O=TMRG\, Inc.,L=Reston,ST=Virginia,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\src\trunk\client\BundleInstall\SmallStandalone\rkinstaller.pdb

Imports

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

wininet

InternetCloseHandle
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetGetConnectedState
HttpQueryInfoA

comctl32

ord17

wsock32

closesocket
shutdown
ioctlsocket
gethostbyname
setsockopt
socket
connect
send
WSAGetLastError
listen
WSAStartup
WSASetLastError
recv
select
__WSAFDIsSet
htons
bind
accept

kernel32

GetStartupInfoA
GetCurrentProcess
OpenMutexA
GetSystemDirectoryA
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrlenW
WideCharToMultiByte
GetModuleFileNameA
GetSystemTimeAsFileTime
Sleep
CreateDirectoryA
RemoveDirectoryA
SetEvent
OpenEventA
GetVolumeInformationA
GetVersionExA
GetWindowsDirectoryA
SetFileAttributesA
GetFileAttributesA
WriteFile
CopyFileA
WritePrivateProfileStringA
FreeLibrary
GetProcAddress
LoadLibraryA
WaitForSingleObject
CreateProcessA
lstrcmpiA
ReadFile
CompareFileTime
GetTimeZoneInformation
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
GetModuleHandleA
FindClose
FindNextFileA
FindFirstFileA
GetTempPathA
HeapAlloc
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
GetLocalTime
OutputDebugStringA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
IsValidCodePage
GetOEMCP
GetACP
TlsAlloc
GetConsoleOutputCP
WriteConsoleA
GetStdHandle
SetHandleCount
SetStdHandle
CloseHandle
DeleteFileA
GetTickCount
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
SetEndOfFile
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLastError
GetTempFileNameA
HeapFree
CreateFileA
MoveFileExA
WriteConsoleW
CreateFileW
ExitProcess
HeapSize
GetCurrentThread
SetLastError
TlsGetValue
GetCPInfo
LCMapStringW
LCMapStringA
GetCommandLineA
CreateThread
GetCurrentThreadId
ExitThread
LocalFileTimeToFileTime
SetFileTime
TlsFree
TlsSetValue
OpenProcess
LocalAlloc
LocalFree
WaitForMultipleObjects
TryEnterCriticalSection
CreateEventA
ResetEvent
CreateMutexA
ReleaseMutex
CreateSemaphoreA
ReleaseSemaphore
CreateWaitableTimerA
CancelWaitableTimer
SetWaitableTimer
QueryPerformanceFrequency
QueryPerformanceCounter
SystemTimeToFileTime
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetSystemTime
GetComputerNameA
GetVersion
GetPrivateProfileSectionA
WritePrivateProfileSectionA
FindFirstFileW
FindNextFileW
GetShortPathNameA
FormatMessageA
GetModuleFileNameW
LoadLibraryExA
MapViewOfFile
CreateFileMappingA
GetCurrentProcessId
UnmapViewOfFile
Process32Next
Process32First
CreateToolhelp32Snapshot
SetFilePointer
DeleteFileW
InterlockedExchange
InterlockedCompareExchange
MultiByteToWideChar
lstrlenA
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFileType
GetConsoleCP
GetConsoleMode
FlushFileBuffers

user32

LoadImageA
GetSystemMetrics
LoadMenuA
KillTimer
GetClientRect
SetWindowTextA
PostMessageA
SetWindowPos
LoadStringA
PostQuitMessage
GetDesktopWindow
GetWindowRect
MoveWindow
DestroyWindow
DefWindowProcA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
SetForegroundWindow
ReleaseDC
GetDC
ExitWindowsEx

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
SetSecurityInfo
SetFileSecurityA
GetSidSubAuthorityCount
GetSidSubAuthority
IsValidSid
SetTokenInformation
GetLengthSid
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor
AllocateAndInitializeSid
EqualSid
RegSetKeySecurity
RegDeleteKeyA
RegSaveKeyA
RegFlushKey
RegEnumKeyExA
RegCreateKeyExA
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
FreeSid
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegEnumValueA
RegCloseKey
OpenProcessToken
DuplicateTokenEx
CreateProcessAsUserA
GetTokenInformation

ole32

OleRun
CoCreateInstance
CoTaskMemFree
StringFromGUID2
OleInitialize

oleaut32

SysAllocString
SetErrorInfo
VariantChangeType
GetErrorInfo
LoadTypeLi
VariantClear
VariantInit
SysFreeString
DispGetIDsOfNames
CreateErrorInfo

shlwapi

SHCopyKeyA

gdi32

GetDeviceCaps

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 344KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/aff5e211126ea9e81af86efccde92d25
some-samples-master/b0072a5ab9de3ba507a19615c09d38ee
.exe windows:5 windows x86 arch:x86

500c72ceb1b3026af771067ce1a18a41

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
lstrcpyA
SetFilePointerEx
SetStdHandle
LoadLibraryA
GetProcAddress
lstrlenW
GetSystemTimeAdjustment
GetThreadSelectorEntry
WriteConsoleW
GetTickCount
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
OutputDebugStringW
EncodePointer
DecodePointer
GetCommandLineW
RaiseException
RtlUnwind
IsProcessorFeaturePresent
GetLastError
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapFree
HeapAlloc
SetLastError
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
HeapReAlloc
LCMapStringW
CreateFileW

user32

GetAltTabInfoA
GetListBoxInfo
SendDlgItemMessageA

gdi32

SetPixel
PlayMetaFileRecord
SetPolyFillMode
StretchDIBits
SetStretchBltMode
StretchBlt

shell32

DragFinish
DragQueryPoint
ShellAboutA
DragQueryFileW
DragAcceptFiles
ShellExecuteA
FindExecutableA

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 867KB - Virtual size: 866KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b01b80b1a73bfaf968ae78ce1d42a23b
.html .js polyglot
some-samples-master/b025ae1dd90a224df12d74218b34ab97
.js
some-samples-master/b033655d7a09ae057fcaf1e17a807902
.html .js polyglot
some-samples-master/b035ddc1f0738c3f90cb5c0b804e1775
.exe windows:5 windows x86 arch:x86

00b3845b82b40f6d2d60a3ca550972b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostMessageA
DispatchMessageW
MessageBoxA
LoadStringW
GetPropA
GetClassLongA
IsCharUpperW
DrawStateW
IsDialogMessageW
LoadMenuW
CreateDesktopW
LoadIconA
LoadCursorA

kernel32

WaitForSingleObject
GetCurrentProcessId
GetModuleHandleW
GetFileAttributesW
FindNextFileA
GetTempPathA
GetModuleFileNameW
IsBadWritePtr
GetExpandedNameA
GetCurrentThreadId
LoadLibraryA
GetProfileSectionW
GetProcAddress
GetStringTypeA
WaitNamedPipeW
LeaveCriticalSection
GetConsoleAliasA
SearchPathA
GetLogicalDriveStringsW

odbctrac

TraceSQLCancel
TraceSQLError

cfgmgr32

CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range
CMP_Init_Detection

msimg32

AlphaBlend
GradientFill

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/b0632be01b5a20880e9bc6ec18491391
.exe windows:5 windows x86 arch:x86

f7133dc3da4e026f9a88f7afc71a034c

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

30:d3:c1:67:26:5b:52:0c:b8:7f:25:84:4f:95:cb:04
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

29-10-2013 00:00

Not After

27-12-2016 23:59

Subject

CN=Shanda Games,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Security Labs,O=Shanda Games,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ae:07:28:8e:62:68:5c:2b:dc:e7:03:ca:d7:aa:4f:11:8b:4f:c1:dd
Signer

Actual PE Digest

ae:07:28:8e:62:68:5c:2b:dc:e7:03:ca:d7:aa:4f:11:8b:4f:c1:dd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\svnroot\kuaizip\trunk\bin\Release\X86\KzUpdateAgency.pdb

Imports

kernel32

GetLocalTime
LoadLibraryW
GetModuleHandleExW
GetModuleFileNameW
ExpandEnvironmentStringsA
LoadLibraryA
GetProcAddress
FreeLibrary
GetStdHandle
GetFileType
WaitForMultipleObjects
PeekNamedPipe
ReadFile
VerSetConditionMask
VerifyVersionInfoA
SleepEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
Sleep
FormatMessageA
SetLastError
GetTickCount
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
CreateMutexW
GetLastError
Process32NextW
Process32FirstW
WriteProcessMemory
VirtualProtect
GetProcessHeap
SetEndOfFile
CreateFileW
SetEnvironmentVariableA
GetTimeZoneInformation
CreateFileA
WriteConsoleW
WideCharToMultiByte
MultiByteToWideChar
Process32First
lstrcmpiA
Process32Next
CreateToolhelp32Snapshot
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
ExitThread
GetCurrentThreadId
CreateThread
GetCurrentProcessId
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileInformationByHandle
SetFilePointer
FindClose
GetDriveTypeA
FindFirstFileA
RtlUnwind
GetModuleHandleW
ExitProcess
RaiseException
CompareStringA
GetCPInfo
CompareStringW
LCMapStringA
LCMapStringW
WriteFile
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
VirtualAlloc
GetConsoleCP
GetConsoleMode
GetModuleHandleA
SetStdHandle
FlushFileBuffers
GetFullPathNameA
GetCurrentDirectoryA
HeapSize
InitializeCriticalSectionAndSpinCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP

advapi32

CryptDestroyKey
RegQueryValueExA
RegCreateKeyExA
RegOpenKeyExA
OpenServiceA
CloseServiceHandle
QueryServiceStatus
OpenSCManagerA
RegOpenCurrentUser
RegOpenKeyExW
RegCloseKey
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptAcquireContextA
CryptImportKey
CryptReleaseContext
CryptEncrypt
RegSetValueExA

shell32

SHGetSpecialFolderPathA

shlwapi

StrStrIA
PathFileExistsW
PathFileExistsA

imagehlp

MakeSureDirectoryPathExists

ws2_32

getsockname
ntohs
bind
htons
getsockopt
getpeername
closesocket
socket
connect
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup
gethostname
ioctlsocket
freeaddrinfo
getaddrinfo
sendto
recvfrom
accept
listen

user32

WindowFromPoint
GetSystemMetrics

Sections

.text
Size: 455KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b06d483af8f08d08b97a84e8d5d2db1f
.html .js polyglot
some-samples-master/b0cd3d088eb05f326d67fd6e39ef73e0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.zwt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/b0eb425b55bed12e0c7f1167b583c47b
.html .js polyglot
some-samples-master/b0f3fba841b15dd25c1aa5adf83e3a61
.js
some-samples-master/b12f7b40eab2f0bfdb630e2c9d8ca91c
.exe windows:4 windows x86 arch:x86

e8991ea26876294a9f794f7280e55d6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord5289
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord6055
ord1776
ord5290
ord3402
ord3721
ord800
ord795
ord1146
ord1168
ord860
ord540
ord567
ord2370
ord2302
ord2379
ord755
ord470
ord6334
ord926
ord922
ord941
ord858
ord537
ord2818
ord3663
ord823
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord2055
ord4673

msvcrt

__set_app_type
_except_handler3
_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
strstr
sprintf
free
_CxxThrowException
__CxxFrameHandler
realloc
_stricmp
_itoa

kernel32

GetProcAddress
HeapAlloc
GetProcessHeap
VirtualProtect
VirtualFree
HeapFree
FreeLibrary
IsProcessorFeaturePresent
GetSystemInfo
GlobalMemoryStatus
CloseHandle
WriteFile
CreateFileA
Sleep
OutputDebugStringA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA

user32

GetClientRect
GetSystemMetrics
SendMessageA
IsIconic
SystemParametersInfoA
EnableWindow
LoadIconA
DrawIcon

Exports

Exports

SPACE

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b150f58ff4cae2b5cd4ededcb2937125
.js
some-samples-master/b157a8e6f2f9e6157a4c4bbceb5ab49b
.html
some-samples-master/b187a76f073e38225eb97f7ff39c8eb8
.js
some-samples-master/b1d96e7184958e0eabbca07d0c1148f7
.js
some-samples-master/b1e64dbe4a7c748366262996760b79e0
.html .js polyglot
some-samples-master/b1f8948368daa5a75316d20ee8a94a08
.js
some-samples-master/b2170386aeaf6ed7d71a6a03b6a065ae
.html
some-samples-master/b2a8191f5ea6f9c650142d21f5294301
.elf linux sparc
some-samples-master/b2c03024ad43a1829c7c3384866de8e6
.exe windows:5 windows x86 arch:x86

3ec9e7f408b13c012e68ad7e6599cc56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprAdminBufferFree
MprAdminConnectionEnum
MprInfoBlockAdd

kernel32

GetModuleFileNameA
lstrcmpiA
GetDateFormatA
GetModuleHandleW
GetProcAddress
CreateMailslotA
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyA
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogA
ClearEventLogW
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrA
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopW
wsprintfA
PostMessageA
GetDlgItemTextW
IsDialogMessageA
DispatchMessageW
GetMessageA
LoadMenuA
LoadStringW
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateW
InsertMenuW
GetPropA

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/b31801015b7cfc03c383f62877130b3b
.js
some-samples-master/b33737c4325e2401774b15ef5aa8c3c0
.html .js polyglot
some-samples-master/b346a13d4f7763031f58a5723e329789
.html .js polyglot
some-samples-master/b384980221b00ade4a1377035e3a00cd
.html .js polyglot
some-samples-master/b39296b8c11191762da4bac95d5ca56a
.html
some-samples-master/b3aa7897f91d154448ca43c228ae7a8e
.exe windows:4 windows x86 arch:x86

f8ade3601e4dde73363912d4497ab95f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

44:36:73:f6:2c:8d:81:95:2b:12:36:8e:02:d3:c6:b7
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

05-11-2015 08:59

Not After

05-02-2017 08:59

Subject

CN=浙江齐聚科技有限公司,O=浙江齐聚科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

86:71:d0:5c:cf:5e:d0:6a:43:c7:56:30:a3:4b:3d:24:4c:74:f2:9f
Signer

Actual PE Digest

86:71:d0:5c:cf:5e:d0:6a:43:c7:56:30:a3:4b:3d:24:4c:74:f2:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\myprojects\OnlineSetup\GirlsShow_Select\pingguo_release\SetupTool.pdb

Imports

kernel32

UnlockFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileTime
SetErrorMode
HeapAlloc
RtlUnwind
HeapFree
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
LockFile
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetTimeZoneInformation
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
FlushFileBuffers
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
SetLastError
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
InterlockedDecrement
OutputDebugStringA
FatalExit
DebugBreak
SystemTimeToFileTime
SetFileTime
WaitForMultipleObjects
MoveFileA
ReadFile
GetFileSize
SetFilePointer
SetEndOfFile
OpenProcess
TerminateProcess
Sleep
FindNextFileA
RemoveDirectoryA
Module32First
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateDirectoryA
RaiseException
lstrlenA
lstrcmpiA
CompareStringA
CompareStringW
GetVersion
CreateProcessA
WaitForSingleObject
GetTickCount
CreateMutexA
GetLastError
GetEnvironmentVariableA
DeleteFileA
FreeResource
MultiByteToWideChar
WriteFile
GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
FindFirstFileA
FindClose
GetLocalTime
GetModuleFileNameA
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
ExitProcess
SetUnhandledExceptionFilter
FreeLibrary
LoadLibraryA
GetProcAddress
CloseHandle

user32

SetCapture
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
GetCursorPos
WindowFromPoint
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
CharNextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
UpdateWindow
SendMessageA
GetClientRect
GetParent
EnableWindow
SetLayeredWindowAttributes
CopyRect
GetWindowRect
InvalidateRect
PostMessageA
GetSysColor
ShowWindow
MoveWindow
GetSystemMetrics
ShowCursor
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
IsRectEmpty
SetRect
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
BeginPaint
RegisterClipboardFormatA
GetWindowTextA
IsIconic
SetTimer
KillTimer
PtInRect
DrawIcon
EnableMenuItem
GetSystemMenu
ScreenToClient
LoadIconA
CharUpperA
UnregisterClassA
SetCursor
LoadCursorA
GetDC
ReleaseDC
MessageBoxA
DestroyWindow
CreateWindowExA
RegisterClassExA
UpdateLayeredWindow
GetWindowDC
EqualRect
IsWindowVisible
DefWindowProcA
GetWindowLongA
SetWindowLongA
EndPaint
ReleaseCapture

gdi32

CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateBitmap
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateDIBSection
SelectObject
GetDeviceCaps
DeleteDC
DeleteObject
GetTextExtentPoint32A
SetBkMode
CreateFontA
SetPixel
GetPixel
Rectangle
BitBlt
DPtoLP
GetMapMode
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHFileOperationA
ShellExecuteA
ShellExecuteExA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFileExistsA
PathRemoveBackslashA
PathAddBackslashA
PathQuoteSpacesA
PathCanonicalizeA
PathFindFileNameA
PathRemoveFileSpecA
PathFindExtensionA
UrlUnescapeA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromProgID
CoInitialize
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleDraw
OleCreate
OleSetContainedObject
OleRun
CoCreateInstance
CoInitializeEx
CoGetClassObject
CLSIDFromString
CreateILockBytesOnHGlobal

oleaut32

SysAllocStringLen
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayRedim
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
VariantInit
SafeArrayGetVartype
SafeArrayCopy
VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysStringLen
VariantCopy
SystemTimeToVariantTime
OleCreateFontIndirect
GetErrorInfo
SysFreeString

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetCookieExA

gdiplus

GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipAlloc
GdipFree
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdiplusShutdown

ws2_32

WSAStartup

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 860KB - Virtual size: 857KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/b3bd715a25229ca507c845fed65c887f
.js
some-samples-master/b3e33b77092144b2ed2d76bdcff91efe
.html .js polyglot
some-samples-master/b402dc89fc4b98a6e73aa30703edaef0
.js
some-samples-master/b440f29087494645a3170a84dc13f81d
.js
some-samples-master/b45191e9cb211dd3d03c70e8f6d3a496
.exe windows:4 windows x86 arch:x86

5d8aca64af25d9a7f1023d71c32eecae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsDirectoryEmptyW

gdi32

EndPage
SelectObject
CreateFontIndirectW
CreateDCW
SetMapMode
LPtoDP
GetTextExtentPoint32W
EndDoc
StartPage
GetDeviceCaps
DeleteObject
AbortDoc
SetAbortProc
StartDocW
SetBkMode
GetTextFaceW
EnumFontsW
SetWindowExtEx
SetViewportExtEx
GetTextMetricsW
GetTextFaceA
TextOutW
DeleteDC

shell32

SHBrowseForFolderA

mpr

WNetGetProviderNameA

avifil32

AVIClearClipboard

msi

ord30

crypt32

CryptSIPAddProvider

ole32

PropVariantClear
CoFreeLibrary

user32

GetMenuStringW
CloseClipboard
CountClipboardFormats
GetDlgItemInt

rpcrt4

NdrOleFree

kernel32

ConvertDefaultLocale
WTSGetActiveConsoleSessionId
DeleteAtom
GetFullPathNameW
GetCurrentProcess
GetFileAttributesW
GetSystemDirectoryA
GetFileInformationByHandle
GetProcessHeap
GetDateFormatW
SetEnvironmentVariableW
FreeLibraryAndExitThread
InterlockedExchange
LoadLibraryW
CreateThread
GetLocalTime
HeapFree
GlobalLock
GetTimeFormatW
HeapAlloc
GetUserDefaultUILanguage

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hfr.erhe
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/b4546795f6f481bc46d807d2b5b9d3ec
.html
some-samples-master/b4a15cf3876eaa1ca94670061f8920cc
.html
some-samples-master/b4ac30839d64879ff5284f39ae1136f6
.js
some-samples-master/b4b66720ef56acf1d03c14fe12c0ed81
.js
some-samples-master/b4c3eb66967be33e3b6e8afd9dc95bd2
.exe windows:5 windows x86 arch:x86

027ea80e8125c6dda271246922d4c3b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb

Imports

kernel32

GetLastError
SetLastError
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GetTickCount
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
HeapSize
GetConsoleCP
GetConsoleMode
SetFilePointerEx
DecodePointer

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b4f74b1d1871d8156a5d2771e5165170
.html
some-samples-master/b503c1d5c9c158cf42eadfb76c6bd639
.html .js polyglot
some-samples-master/b51d3248e5b1d08b7878774be910cb3e
.html .js polyglot
some-samples-master/b560121eee6712b446c952d6b6a765b1
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

krawtmgh
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ukmllocm
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/b56924378d9330cbb3b605a67f2c1931
.js
some-samples-master/b5780f4cbc13cc5e07c866ba5bdbf916
.html
some-samples-master/b57e182e57e48c5326bbb94a1d6e0988
.html .js polyglot
some-samples-master/b5a62d33f0164c51bb6371722db82c5d
.js
some-samples-master/b5ae8270d6867ef46cf5dfc2353bb6cc
.js
some-samples-master/b5b63b7518f122f81bb415dabd9552de
.exe windows:5 windows x86 arch:x86

bb764f9f45e58eb1047498fd99b0d82d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CascadeWindows

shell32

ShellExecuteA

oleaut32

VarUI4FromUI2

advapi32

SystemFunction036

Sections

.text
Size: 67KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/b5fe85ab2eb59c9ebef44d30f194a20c
.js
some-samples-master/b608024b40f4f8d80a80e58b799beef9
.html .js polyglot
some-samples-master/b6447b623ee1d3ff695b3e90d07e9fc1
.html .js polyglot
some-samples-master/b648e6cdfe1c2ee8bb778543de3cc1a0
.elf linux sparc
some-samples-master/b657c52f882f8716ece5bc19d86c36ff
.html .js polyglot
some-samples-master/b676c146b3ffd6ccb4d30e498cdfebee
.js
some-samples-master/b6803f40786bcf77af3951f5802a7f8d
.js
some-samples-master/b686bb15b89079b4121b987695b06a9d
.html .js polyglot
some-samples-master/b68a2edc45c91ea05f31de3ccca6f716
.html
some-samples-master/b6ba9945788255efb7996eab84b282f9
.elf linux mipsbe
some-samples-master/b6c12d88eeb910784d75a5e4df954001
.exe windows:5 windows x86 arch:x86

63e5ceb1f07221fa9448d107ccf4ab5f

Code Sign

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ed:72:df:71:20:8f:78:36:d0:ab:00:9f:ca:97:e0:1f
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

22-12-2014 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO SHA-256 Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:d2:82:a2:d9:a2:c1:58:50:5b:17:8d:59:51:8b:7b
Certificate

Issuer

CN=COMODO SHA-256 Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

10-12-2015 00:00

Not After

01-12-2018 23:59

Subject

CN=Simon Tatham,O=Simon Tatham,L=Cambridge,ST=Cambridgeshire,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

01
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

30-05-2000 10:48

Not After

30-05-2020 10:48

Subject

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ed:72:df:71:20:8f:78:36:d0:ab:00:9f:ca:97:e0:1f
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

22-12-2014 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO SHA-256 Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:d2:82:a2:d9:a2:c1:58:50:5b:17:8d:59:51:8b:7b
Certificate

Issuer

CN=COMODO SHA-256 Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

10-12-2015 00:00

Not After

01-12-2018 23:59

Subject

CN=Simon Tatham,O=Simon Tatham,L=Cambridge,ST=Cambridgeshire,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

89:c9:f9:8e:74:7f:34:f3:96:24:31:8f:ab:7e:45:24:a5:02:40:90:67:27:64:09:f8:e3:26:38:11:78:20:c5
Signer

Actual PE Digest

89:c9:f9:8e:74:7f:34:f3:96:24:31:8f:ab:7e:45:24:a5:02:40:90:67:27:64:09:f8:e3:26:38:11:78:20:c5

Digest Algorithm

sha256

PE Digest Matches

true

1c:e1:a5:26:f3:c4:66:ee:98:d8:49:a4:e2:79:d3:cb:9a:9e:31:3d
Signer

Actual PE Digest

1c:e1:a5:26:f3:c4:66:ee:98:d8:49:a4:e2:79:d3:cb:9a:9e:31:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontA
CreateFontIndirectA
CreatePalette
CreatePen
CreateSolidBrush
DeleteDC
DeleteObject
ExcludeClipRect
ExtTextOutA
ExtTextOutW
GetBkMode
GetCharABCWidthsFloatA
GetCharWidth32A
GetCharWidth32W
GetCharWidthA
GetCharWidthW
GetCharacterPlacementW
GetDeviceCaps
GetObjectA
GetPixel
GetStockObject
GetTextExtentExPointA
GetTextExtentPoint32A
GetTextMetricsA
IntersectClipRect
LineTo
MoveToEx
Polyline
RealizePalette
Rectangle
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetMapMode
SetPaletteEntries
SetPixel
SetTextAlign
SetTextColor
TextOutA
TranslateCharsetInfo
UnrealizeObject
UpdateColors

user32

AppendMenuA
BeginPaint
CheckDlgButton
CheckMenuItem
CheckRadioButton
CloseClipboard
CreateCaret
CreateDialogParamA
CreateMenu
CreatePopupMenu
CreateWindowExA
CreateWindowExW
DefDlgProcA
DefWindowProcA
DefWindowProcW
DeleteMenu
DestroyCaret
DestroyWindow
DialogBoxParamA
DispatchMessageA
DispatchMessageW
DrawEdge
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
EndPaint
FindWindowA
FlashWindow
GetCapture
GetCaretBlinkTime
GetClientRect
GetClipboardData
GetClipboardOwner
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDlgItemTextA
GetDoubleClickTime
GetForegroundWindow
GetKeyboardLayout
GetKeyboardState
GetMessageA
GetMessageTime
GetParent
GetQueueStatus
GetScrollInfo
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
HideCaret
InsertMenuA
InvalidateRect
IsDialogMessageA
IsDlgButtonChecked
IsIconic
IsWindow
IsZoomed
KillTimer
LoadCursorA
LoadIconA
MapDialogRect
MessageBeep
MessageBoxA
MessageBoxIndirectA
MoveWindow
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClassW
RegisterClipboardFormatA
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
ScreenToClient
SendDlgItemMessageA
SendMessageA
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongA
SetClipboardData
SetCursor
SetDlgItemTextA
SetFocus
SetForegroundWindow
SetKeyboardState
SetScrollInfo
SetTimer
SetWindowLongA
SetWindowPlacement
SetWindowPos
SetWindowTextA
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoA
ToAsciiEx
TrackPopupMenu
TranslateMessage
UpdateWindow
WinHelpA

comdlg32

ChooseColorA
ChooseFontA
GetOpenFileNameA
GetSaveFileNameA

shell32

ShellExecuteA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

imm32

ImmGetCompositionStringW
ImmGetContext
ImmReleaseContext
ImmSetCompositionFontA
ImmSetCompositionWindow

advapi32

AllocateAndInitializeSid
CopySid
EqualSid
GetLengthSid
GetUserNameA
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

kernel32

Beep
ClearCommBreak
CloseHandle
CompareStringW
ConnectNamedPipe
CreateEventA
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateNamedPipeA
CreatePipe
CreateProcessA
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileA
FindFirstFileExA
FindNextFileA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommState
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessTimes
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatus
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LocalAlloc
LocalFree
MapViewOfFile
MulDiv
MultiByteToWideChar
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
RtlUnwind
SetCommBreak
SetCommState
SetCommTimeouts
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFilePointerEx
SetHandleInformation
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeA
WideCharToMultiByte
WriteConsoleW
WriteFile

Sections

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 14KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 543KB - Virtual size: 542KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b6c7692fe5befae8dd8070107c694961
.html .js polyglot
some-samples-master/b6eda4ef6674a8758e492eaab3e1130e
.js
some-samples-master/b7178787ef24cea16d97b2aba26ade8e
.html .js polyglot
some-samples-master/b71e0affb6c412c2525c3b34cb6a29d3
.html .js polyglot
some-samples-master/b72aa30a71b52af6541c504eef73c3b7
some-samples-master/b7b05775b81143efc5478fb61c4fbf2b
.html .js polyglot
some-samples-master/b7bfbb39ed1c4bfe324e6ca63f2bbc92
.js
some-samples-master/b7c934fd0592179680bca6fdc41a9eee
.html .js polyglot
some-samples-master/b7c9f82ad20115bd6fde4f3e72be9ea0
.html .js polyglot
some-samples-master/b7d598174f269019592dfadf98741f54
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b7db6aecfa5ce6d39066754c33e447a3
.js
some-samples-master/b7f05ebd44042521156058ad6f502ea8
.exe windows:4 windows x86 arch:x86

35059f76136037bf037dd09ce65df28a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
ord588
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
ord697
_adj_fdiv_m64
__vbaFreeObjList
_adj_fprem1
ord629
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord667
__vbaAryDestruct
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarTstLt
_CIsin
ord632
__vbaChkstk
ord526
EVENT_SINK_AddRef
ord528
__vbaStrCmp
__vbaAryConstruct2
__vbaVarTstEq
DllFunctionCall
ord672
__vbaLbound
_adj_fpatan
ord676
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord606
_adj_fprem
_adj_fdivr_m64
ord609
__vbaFPException
__vbaUbound
__vbaDateVar
_CIlog
ord646
ord648
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarAdd
__vbaVarDup
_CIatan
__vbaStrMove
ord618
ord542
ord543
_allmul
ord544
_CItan
ord547
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 416KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/b7f2a459ea4313f0957f25456f5fc50f
.js
some-samples-master/b80d71944935226e19182aeea9cb905a
.js
some-samples-master/b84fe0bf50e67811457267fbc57f440d
.html
some-samples-master/b8850231706dafd51d16cf5b8a5e83f3
.html .js polyglot
some-samples-master/b88aa53cb682bfd7a52ee089301eb8d0
.js
some-samples-master/b88f4f911fb1e01bf693c23f8f67f861
.exe windows:4 windows x86 arch:x86

0fa9a08282241fecf69984aea760ef64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
GetProcessHeap
FreeLibrary
HeapAlloc
CloseHandle
WriteFile
Sleep
CreateFileA
ReadFile
GetFileSize
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

msvcr80

exit
_acmdln
_ismbblead
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc
memset
memcpy
_initterm
_stricmp

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/b8994216d9d5883df399e3c19e40e12e
some-samples-master/b8b81e89b5bebe4358ea960e14ae63bc
.js
some-samples-master/b8bcc3d6564d7c4385696a02d90b1c6c
.exe windows:5 windows x86 arch:x86

62bbb23871e0c983ed1d262dc3c2d74a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_strcmpi
NtQueryInformationProcess
RtlTryEnterCriticalSection
NtAllocateVirtualMemory
RtlInitUnicodeString
NtOpenFile
NtCreateSection
NtMapViewOfSection
RtlAdjustPrivilege
NtQuerySystemInformation
NtDuplicateObject
NtQueryObject
NtReadVirtualMemory
NtWriteVirtualMemory
NtProtectVirtualMemory
sscanf
NtFreeVirtualMemory
_chkstk
_snprintf
_vsnprintf
strncmp
_strlwr
memset
memcpy
NtUnmapViewOfSection
NtClose
NtQueryInformationFile
NtTerminateThread
strstr

kernel32

CreateProcessA
CreateToolhelp32Snapshot
Process32First
lstrcmpiA
Process32Next
ExitProcess
VirtualQueryEx
VirtualAllocEx
GetTempFileNameA
IsBadWritePtr
SetLastError
LoadResource
SizeofResource
GetExitCodeThread
ExitThread
ResumeThread
Sleep
FlushInstructionCache
VirtualProtectEx
WriteProcessMemory
CreateMutexA
GetCurrentProcessId
OpenProcess
InitializeCriticalSection
GetModuleFileNameA
CreateFileA
CloseHandle
CreateThread
HeapAlloc
GetProcessHeap
HeapFree
HeapValidate
FindClose
FindNextFileA
DeleteFileA
RemoveDirectoryA
MoveFileExA
FindFirstFileA
QueryDosDeviceA
GetLogicalDriveStringsA
WriteFile
SetFilePointer
GetFileSize
SetFileAttributesW
GetFileAttributesW
ReadFile
WideCharToMultiByte
MultiByteToWideChar
HeapReAlloc
IsBadReadPtr
OutputDebugStringA
GetCurrentThreadId
GetLastError
GetProcAddress
LoadLibraryA
LeaveCriticalSection
EnterCriticalSection
GetEnvironmentVariableA
SetEnvironmentVariableA
SuspendThread
SetThreadPriority
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
CreateFileMappingA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 281KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b8bf2d99d00586a9ca87e4c10de7d2e2
.exe windows:4 windows x86 arch:x86

bc8ef338418e3fd7333d49ebe2f1b411

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4077
ord1776
ord4407
ord5237
ord2382
ord5163
ord6374
ord4353
ord5283
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2445
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord401
ord825
ord674
ord5254
ord1886
ord4251
ord4946
ord3254
ord2441
ord1695
ord5006
ord5656
ord4470
ord5103
ord3350
ord975
ord5476
ord4154
ord2385
ord5285
ord2446
ord736
ord807
ord739
ord450
ord439
ord554
ord442
ord747
ord5495
ord2104
ord4460
ord2494
ord2627
ord2626
ord4163
ord6625
ord6064
ord5252
ord1859
ord4246
ord6000
ord2117
ord4457
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord815
ord459
ord561
ord743
ord800
ord537
ord1205
ord1199
ord1247
ord4129
ord5683
ord5265
ord4376
ord4853
ord4998
ord4710
ord6055
ord6052
ord4078
ord1775
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord5098
ord4620
ord1894
ord4254
ord2486
ord4015
ord4957
ord4861
ord4826
ord3187
ord4950
ord2437
ord2171
ord5020
ord4517
ord4640
ord4916
ord5002
ord4494
ord4491
ord5021
ord3106
ord4605
ord5000
ord4416
ord5090
ord5501
ord4628
ord4657
ord5752
ord4155
ord2991
ord3417
ord5025
ord3514
ord6344
ord5627
ord1003
ord3449
ord3787
ord3250
ord4697
ord3060
ord3066
ord6336
ord2510
ord2542
ord5244
ord5742
ord1747
ord5577
ord3172
ord5654
ord4423
ord4956
ord4860
ord2402
ord4387
ord3454
ord3198
ord6081
ord6175
ord3261
ord4623
ord4430
ord748
ord1206
ord2623
ord456
ord1223
ord4825
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord1895
ord4958
ord3407
ord4990
ord4927
ord4932
ord4937
ord4717
ord4688
ord4857
ord5018
ord5108
ord4912
ord4646
ord4980
ord4522
ord4993
ord4537
ord5075
ord4038
ord3281
ord3353
ord4626
ord457
ord749
ord4653
ord6194
ord1576
ord4152
ord2878
ord2879
ord3403
ord5472
ord976
ord5012
ord3351
ord4303
ord4467
ord5104
ord5100
ord3059
ord2390
ord2723
ord2101
ord5101
ord4245
ord1858
ord2514
ord823
ord1168

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_except_handler3
__p__pgmptr
sprintf
_access
strstr
__CxxFrameHandler
_setmbcp
_mkdir
_controlfp

kernel32

CloseHandle
CreateFileA
FreeLibrary
GetTickCount
GetFileAttributesA
ExpandEnvironmentStringsA
GetLastError
GetProcAddress
LoadLibraryA
lstrcpyA
GetCommandLineA
Sleep
lstrcmpiA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
WriteFile

user32

wsprintfA
EnableWindow

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b91fa02056a379ed42ee3fa7dac8d7f0
.html .js polyglot
some-samples-master/b92f8f94aebcaad1a2c6f1c0bbb53974
.exe windows:5 windows x86 arch:x86

6f970253d5318d95fedfd78e328788a5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\win\sheet\experiment\than\Guess\By\weatherFound.pdb

Imports

kernel32

ResetEvent
LoadLibraryA
LockResource
GetModuleFileNameA
WriteProfileStringA
GetModuleHandleA
VirtualProtect
GetVersionExA
FileTimeToLocalFileTime
GetVersion
GetCurrentProcessId
GetSystemTime
DeleteFileA
VirtualAlloc
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
WideCharToMultiByte
GetProcAddress
InterlockedExchange
CreateDirectoryA
CreateSemaphoreA
Sleep
CreateEventA
OpenProcess
GetDateFormatA
GetWindowsDirectoryA
VirtualFree
QueryPerformanceCounter
FindResourceA
CreateFileA
ExitProcess
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
WriteFile
GetStdHandle
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
HeapFree
GetTickCount
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc

user32

GetTopWindow
SetCursor
GetDlgItemInt
InsertMenuItemA
SetDlgItemInt

ole32

CoUninitialize
OleInitialize
OleUninitialize
CoInitialize
OleSetContainedObject
CoCreateInstance

gdi32

SetBkColor
CreateBitmap
GetCharWidthA
GetClipBox
SetTextColor

comctl32

ImageList_Add
ord17
ImageList_Destroy
ImageList_SetOverlayImage
DestroyPropertySheetPage
ord6
PropertySheetA
CreateToolbarEx

comdlg32

GetSaveFileNameA
ChooseColorA
GetOpenFileNameA
CommDlgExtendedError
ChooseFontA

Sections

.text
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/b9e38afedc8580e4cefdc1a55d278982
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zwt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/b9f15715a273c6dc891e4a904ab20729
.html .js polyglot
some-samples-master/ba2756ce2f1e01f3a753d7a0b28e8ca5
.html
some-samples-master/ba439e7a183c5836c5966d23ad1b8b9e
some-samples-master/ba61f2157ddd1effa6a39470fdbcdbef
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.khe
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/baa6c1569b33d0d1a1614fc4765238ac
.html
some-samples-master/baad9718c89f3e2ad1255051e1f9adb0
.html .js polyglot
some-samples-master/bab1c043a2fba947f682b6a012a9f362
.exe windows:5 windows x86 arch:x86

0df236ee9ccc08f05c0a48064bf83abc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprAdminBufferFree
MprAdminConnectionEnum
MprInfoBlockAdd

kernel32

GetModuleFileNameW
lstrcmpiA
GetDateFormatA
GetModuleHandleW
GetProcAddress
CreateMailslotA
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyW
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogW
ClearEventLogA
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrA
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopW
wsprintfA
PostMessageA
GetDlgItemTextW
IsDialogMessageA
DispatchMessageW
GetMessageA
LoadMenuA
LoadStringW
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateW
InsertMenuW
GetPropA

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/bab79ace8c30f6ce54e1f7eb1002a52a
.html
some-samples-master/bab95f9cba8b13b5e1e75fd5868c0514
some-samples-master/bac2139a8642ac742944a56536e3c23e
.exe windows:4 windows x86 arch:x86

ab29ebf54327f17ecf2024b4e8546fe8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc80

ord2413
ord2396
ord2398
ord2400
ord2394
ord2410
ord2390
ord934
ord930
ord932
ord928
ord923
ord5233
ord5235
ord5960
ord1600
ord4722
ord3403
ord4185
ord6275
ord5073
ord4244
ord1617
ord1620
ord762
ord3519
ord448
ord4261
ord4481
ord2942
ord2846
ord3911
ord5810
ord5394
ord2057
ord4509
ord1525
ord939
ord4862
ord4358
ord4333
ord4918
ord4511
ord1365
ord4176
ord4331
ord4537
ord4603
ord4895
ord4816
ord5015
ord4915
ord5494
ord2366
ord2511
ord2299
ord1407
ord4323
ord2879
ord5336
ord6298
ord1472
ord681
ord4223
ord1031
ord6231
ord4217
ord4169
ord1447
ord4334
ord5678
ord1964
ord701
ord757
ord354
ord3182
ord4262
ord5175
ord4282
ord5203
ord1908
ord5152
ord1401
ord3946
ord5912
ord6724
ord1551
ord2408
ord1671
ord2020
ord4580
ord4890
ord4735
ord4212
ord5182
ord605
ord3641
ord3683
ord4467
ord4469
ord4473
ord490
ord566
ord3333
ord2838
ord5566
ord5213
ord5230
ord4568
ord3948
ord2248
ord5226
ord5224
ord2931
ord1920
ord3832
ord5382
ord6219
ord5102
ord1010
ord3806
ord5583
ord2018
ord2063
ord4326
ord6276
ord3801
ord6278
ord4014
ord4038
ord1054
ord1122
ord1126
ord1207
ord2392
ord2415
ord2403
ord2385
ord2387
ord2405
ord2178
ord2172
ord1522
ord6279
ord3802
ord6277
ord3345
ord4967
ord1362
ord1656
ord1655
ord1599
ord5200
ord2537
ord2731
ord2835
ord4307
ord2714
ord2862
ord2540
ord2646
ord2533
ord3718
ord3719
ord3709
ord2644
ord3949
ord4486
ord1670
ord764
ord1084

msvcr80

_invoke_watson
_crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_except_handler4_common
_decode_pointer
_onexit
_lock
__dllonexit
_encode_pointer
_unlock
__CxxFrameHandler3
memcpy
_stricmp
_setmbcp
free
_CxxThrowException
realloc
memset
_controlfp_s

kernel32

GetProcAddress
GetProcessHeap
Sleep
WinExec
InterlockedExchange
GetLastError
InterlockedCompareExchange
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
LocalAlloc
FreeLibrary
RaiseException
LoadLibraryA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/bad66574ca4bcf00deef52205bcf1fec
.js
some-samples-master/bb0d5bee0bb4ea6c16e8cdd6a37926fc
some-samples-master/bb206a8fcdea713b63199fa179163c85
.html .js polyglot
some-samples-master/bb3f0281d060cedeecaff59ccb20bba8
.html
some-samples-master/bb8e7b24085ec90cb0d009f1e4171639
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/bb9b23ba771cc37d8114933b09b568f9
.elf linux x86
some-samples-master/bbca9b30b33a8a0d2af2d231f5d236e3
.exe windows:5 windows x86 arch:x86

0ebb3c09b06b1666d307952e824c8697

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wextract.pdb

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
lstrlenA
GetModuleFileNameA
GetSystemDirectoryA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
FreeResource
GetProcAddress
LoadResource
SizeofResource
FindResourceA
lstrcatA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
LockResource

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 921KB - Virtual size: 921KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/bbe17810f1a213e7e97fe209125bfdcc
.exe windows:5 windows x86 arch:x86

3761264be1c53c591ab8b2afd8b13867

Code Sign

1b:e7:15
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

01-01-2014 07:00

Not After

30-05-2031 07:00

Subject

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03-05-2011 07:00

Not After

03-05-2031 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

62:a6:9e:72:e3:8a:fe:48
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

08-12-2015 18:56

Not After

08-12-2016 18:56

Subject

CN=Super Click Interactive,O=Super Click Interactive,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ea:65:f5:eb:ab:13:2b:d4:6b:c1:f0:60:cf:01:9c:d9:6d:be:18:e6
Signer

Actual PE Digest

ea:65:f5:eb:ab:13:2b:d4:6b:c1:f0:60:cf:01:9c:d9:6d:be:18:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError

gdi32

CreateBitmap
AbortPath
PolyPolygon
FlattenPath
DeleteObject
EnumObjects
SelectObject
CreateFontIndirectA
CreateFontA
SelectClipPath

user32

DispatchMessageA
TranslateMessage
PostMessageA
RegisterClassA
GetWindowLongA
DrawTextW
EndPaint
ShowWindow
DrawTextA
GetDC
SendMessageA
SendMessageW
GetMessageA
CreateWindowExA
GetGuiResources
InvertRect
BeginPaint

kernel32

RtlUnwind
GetSystemTimeAsFileTime
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
FormatMessageA
LocalFree
TerminateThread
GetLogicalProcessorInformation
RegisterWaitForSingleObject
CreateTimerQueue
GetMailslotInfo
SuspendThread
DeleteTimerQueue
GetLastError
MultiByteToWideChar
lstrcmpiA
GetFileAttributesA
GetProcAddress
WaitForSingleObject
ReleaseMutex
CloseHandle
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateMutexA
GetVersionExA
GetCurrentProcess
GetVersion
lstrcpynA
ExitProcess
GetModuleFileNameA
FreeLibrary
DeleteFileA
SetEnvironmentVariableA
DuplicateHandle
GetCurrentProcessId
GetEnvironmentVariableA
GetExitCodeProcess
TerminateProcess
ResumeThread
CreateProcessA
GetCommandLineA
LoadLibraryA
FlushFileBuffers
WriteFile
SetCurrentDirectoryA
CreateDirectoryA
GetTempPathA
GetModuleHandleA
ReadConsoleA
WriteConsoleA
GetStdHandle
GetCurrentDirectoryA
GetFullPathNameA
SetErrorMode
QueueUserWorkItem
HeapSize

msvcrt

realloc
rand
_pgmptr
srand
__argc
__argv
memmove
??0exception@@QAE@XZ
?what@exception@@UBEPBDXZ
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_CxxThrowException
_callnewh
_ismbblead
__getmainargs
_cexit
_exit
_XcptFilter
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_unlock
__dllonexit
_lock
_onexit
?terminate@@YAXXZ
_controlfp
memset
__CxxFrameHandler
atoi
_snprintf
_time64
memcpy
free
malloc

ole32

CoInitializeEx
OleInitialize
CoCreateInstance
CoTaskMemFree
CLSIDFromProgID

shell32

SHGetPathFromIDListA
SHGetDiskFreeSpaceExA
ShellExecuteExA
SHFileOperationA
SHBrowseForFolderA
SHGetInstanceExplorer

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/bbe66dcf224dc72fcdf5f977e7a9aa85
.exe windows:5 windows x86 arch:x86

4964e8ad7ce82bc0a70eeeabac23a088

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
SetFilePointerEx
HeapReAlloc
GetConsoleMode
GetConsoleCP
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetModuleFileNameA
GetProcessHeap
GetCPInfo
GetOEMCP
IsValidCodePage
LoadLibraryExW
GetModuleFileNameW
WriteFile
GetModuleHandleW
TlsFree
TlsGetValue
GetWindowsDirectoryA
GetStringTypeW
OutputDebugStringW
CloseHandle
SetStdHandle
WriteConsoleW
GlobalReAlloc
LocalFree
FileTimeToLocalFileTime
GetCurrentDirectoryA
EnumDateFormatsA
LocalAlloc
GetLocalTime
GetProcAddress
SetLastError
GetLastError
SetCurrentDirectoryA
GlobalUnlock
MultiByteToWideChar
FileTimeToSystemTime
SizeofResource
LoadLibraryW
GlobalAlloc
GetDateFormatA
QueryPerformanceCounter
GetTimeFormatA
GlobalLock
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
CreateFileW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentThreadId
GetACP
GetStartupInfoW
GetFileType
GetStdHandle
HeapSize
HeapFree
DeleteCriticalSection
IsDebuggerPresent
RtlUnwind
RaiseException
GetCommandLineA
WideCharToMultiByte
GetModuleHandleExW
ExitProcess
DecodePointer
HeapAlloc
GetLogicalDriveStringsW
TlsSetValue
LoadResource
EncodePointer
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent

user32

CheckMenuItem
ModifyMenuA
LoadCursorA
UpdateWindow
GetMenuItemCount
AppendMenuA
IsDlgButtonChecked
DefWindowProcA
RegisterClassA
SetWindowRgn
LookupIconIdFromDirectory
TranslateAcceleratorA
SetDlgItemTextA
EndPaint
GetWindowLongA
GetWindowRect
SetActiveWindow
PostQuitMessage
FillRect
GetMenuItemID
CopyImage
LoadBitmapA
GetClientRect
CreateMenu
SendMessageA
BeginPaint
GetIconInfo
GetDC
GetForegroundWindow
OffsetRect
GetCursorInfo
GetWindowTextA
SetRect
SetWindowLongA
UnionRect
InvalidateRect
EndDialog

gdi32

CreateEllipticRgn
BitBlt
Arc
SetTextColor
CreateHatchBrush
DeleteDC
Polygon
CreateDIBSection
GetDeviceCaps
CreateFontIndirectA
GetDIBits
SetBkColor
DeleteObject
SelectObject
CreateCompatibleDC
DPtoLP
CombineRgn
Rectangle
Ellipse
ExtCreateRegion
SetPolyFillMode
CreateRectRgn
Polyline
CreatePen
RoundRect
GetObjectA
GetStockObject

comdlg32

ChooseColorA
PrintDlgA

advapi32

LookupAccountNameA

shell32

SHGetDesktopFolder

ole32

CoCreateInstance
CoInitialize
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoRegisterClassObject
CoUninitialize

oleaut32

SystemTimeToVariantTime
GetActiveObject

wininet

FtpSetCurrentDirectoryA

winmm

PlaySoundA
waveInAddBuffer

shlwapi

StrToIntExA
PathUnquoteSpacesA
PathIsRootW
PathIsPrefixA
PathIsRelativeA

comctl32

ord413

activeds

ord9

rpcrt4

RpcBindingFree
RpcBindingFromStringBindingA
RpcStringBindingComposeA

uxtheme

OpenThemeData

ntdsapi

DsGetRdnW

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 65KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/bbebdf7ebc05bc51f17cac713f89c59b
.exe windows:4 windows x86 arch:x86

888f7c3cb1911069f97ed9c2bd4061db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetPriorityClass
GetCurrentProcess
ResumeThread
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
DebugBreak
lstrcmpiA
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
GetFileAttributesA
GetDriveTypeA
ReadFile
GetFileSize
CallNamedPipeA
GetUserDefaultLangID
lstrlenW
FileTimeToSystemTime
SetFilePointer
GetTempPathA
GetTempFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetLastError
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
SetFileAttributesA
GetModuleHandleA
SetLastError
GetWindowsDirectoryA
GetShortPathNameA
CreateFileA
WriteFile
CloseHandle
MoveFileA
lstrcpyA
GetTickCount
CopyFileA
DeleteFileA
GetModuleFileNameA
lstrcpynA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FreeLibrary
lstrlenA
HeapAlloc
lstrcatA

user32

CharNextA
GetKeyboardType
PeekMessageA
MsgWaitForMultipleObjects
SetCursor
SetWindowLongA
SetTimer
EndDialog
GetSystemMetrics
BeginDeferWindowPos
GetWindowTextA
SetWindowTextA
DeferWindowPos
EndDeferWindowPos
LoadStringA
GetClientRect
ScreenToClient
PostMessageA
GetDC
ReleaseDC
ShowWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendMessageA
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
wvsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetMessageA
RedrawWindow
KillTimer
InvalidateRect
UpdateWindow
GetDlgItemTextA
LoadCursorA
TranslateMessage
DispatchMessageA
wsprintfA
LoadImageA

gdi32

UpdateColors
SetTextColor
SetBkMode
GetDeviceCaps
SelectPalette
CreateHalftonePalette
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
DeleteObject
RealizePalette
BitBlt
DeleteDC
SelectObject

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
StrRChrA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
VariantClear

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/bc22012ac99462a2ce1ee9298979d8bd
some-samples-master/bc49e08e648345392a333e6addd3a64e
.html .js polyglot
some-samples-master/bc749c1768a01ad3765c8dae6e2db486
.js
some-samples-master/bc83935b19c9d6d69684fad8307fd4cb
.js
some-samples-master/bc9e53cde57de77585715250802cf030
.html .js polyglot
some-samples-master/bc9e7f1455d504060d4c51d4aeb6ec0e
.html .js polyglot
some-samples-master/bca065a36604a9dd6465d8ec0f4f56d2
some-samples-master/bca6b5961501a06924152765fcc34927
.exe windows:4 windows x86 arch:x86

b26ded8d75a1426bad0cd16f4c340e25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord595
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord100

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/bcb0c46befe9d85ffab60bfc13f34fb7
.html .js polyglot
some-samples-master/bcd74a3d98b02c29085ab040be6c6166
.exe windows:4 windows x86 arch:x86

bc5ce990cf54f8d435a68eb97512f73e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetFileSecurityA
SetFileSecurityW

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateDirectoryW
CreateFileA
CreateFileW
DeleteFileA
DeleteFileW
DosDateTimeToFileTime
ExitProcess
ExpandEnvironmentStringsA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FindResourceA
FreeLibrary
GetCPInfo
GetCommandLineA
GetCurrentDirectoryA
GetCurrentProcess
GetDateFormatA
GetFileAttributesA
GetFileAttributesW
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetNumberFormatA
GetProcAddress
GetProcessHeap
GetStdHandle
GetTempPathA
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
IsDBCSLeadByte
LoadLibraryA
LocalFileTimeToFileTime
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetFileAttributesA
SetFileAttributesW
SetFilePointer
SetFileTime
SetLastError
Sleep
SystemTimeToFileTime
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcmpiA
lstrlenA

comctl32

ord17

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA

gdi32

DeleteObject

shell32

SHBrowseForFolderA
SHChangeNotify
SHFileOperationA
SHGetFileInfoA
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA

user32

CharToOemA
CharToOemBuffA
CharUpperA
CopyRect
CreateWindowExA
DefWindowProcA
DestroyIcon
DestroyWindow
DialogBoxParamA
DispatchMessageA
EnableWindow
EndDialog
FindWindowExA
GetClassNameA
GetClientRect
GetDlgItem
GetDlgItemTextA
GetMessageA
GetParent
GetSysColor
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
IsWindow
IsWindowVisible
LoadBitmapA
LoadCursorA
LoadIconA
LoadStringA
MapWindowPoints
MessageBoxA
OemToCharA
OemToCharBuffA
PeekMessageA
PostMessageA
RegisterClassExA
SendDlgItemMessageA
SendMessageA
SetDlgItemTextA
SetFocus
SetMenu
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
TranslateMessage
UpdateWindow
WaitForInputIdle
wsprintfA
wvsprintfA

ole32

CLSIDFromString
CoCreateInstance
CreateStreamOnHGlobal
OleInitialize
OleUninitialize

Sections

.text
Size: 78KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/bcde13b2e235cd11fa5083c3b392af76
.js
some-samples-master/bcf331353af841ae374ccec042936da5
.html
some-samples-master/bd0cc2cf2e099248592c5ba5489025e0
.html
some-samples-master/bd1fa52d22f13ab380593097b1197571
.html .js polyglot
some-samples-master/bd238873740440b8a9cc2c3bc40d1e3e
.html
some-samples-master/bd510e7ac9dbd614e25805146d44a0ca
.js
some-samples-master/bd514d7c0102ef91bfccfeebdaa2109d
some-samples-master/bdd29585ed4848109471b3c32d44e6c9
.html
some-samples-master/bddf105aa22b89f18bedae2db360c43b
.js
some-samples-master/bde29dee841faf6a084a57bcc7bf4513
.exe windows:4 windows x86 arch:x86

f8ade3601e4dde73363912d4497ab95f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

44:36:73:f6:2c:8d:81:95:2b:12:36:8e:02:d3:c6:b7
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Not Before

05-11-2015 08:59

Not After

05-02-2017 08:59

Subject

CN=浙江齐聚科技有限公司,O=浙江齐聚科技有限公司,L=金华市,ST=浙江省,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:bb:b3:40:fa:b9:c1:79:28:93:8c:93:da:10:86:79
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Class 3 Code Signing CA,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ea:e8:9a:b5:79:fc:78:32:dd:52:7a:6a:73:23:03:8d:33:11:68:12
Signer

Actual PE Digest

ea:e8:9a:b5:79:fc:78:32:dd:52:7a:6a:73:23:03:8d:33:11:68:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\myprojects\OnlineSetup\GirlsShow_Select\kele_release\SetupTool.pdb

Imports

kernel32

UnlockFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileTime
SetErrorMode
HeapAlloc
RtlUnwind
HeapFree
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
HeapReAlloc
HeapSize
SetStdHandle
GetFileType
LockFile
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
GetTimeZoneInformation
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetEnvironmentVariableA
FlushFileBuffers
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GlobalFlags
LocalAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
WritePrivateProfileStringA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
GlobalAlloc
FormatMessageA
LocalFree
MulDiv
SetLastError
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
lstrcpynA
GetModuleHandleA
GlobalLock
GlobalUnlock
GlobalFree
InterlockedDecrement
OutputDebugStringA
FatalExit
DebugBreak
SystemTimeToFileTime
SetFileTime
WaitForMultipleObjects
MoveFileA
ReadFile
GetFileSize
SetFilePointer
SetEndOfFile
OpenProcess
TerminateProcess
Sleep
FindNextFileA
RemoveDirectoryA
Module32First
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateDirectoryA
RaiseException
lstrlenA
lstrcmpiA
CompareStringA
CompareStringW
GetVersion
CreateProcessA
WaitForSingleObject
GetTickCount
CreateMutexA
GetLastError
GetEnvironmentVariableA
DeleteFileA
FreeResource
MultiByteToWideChar
WriteFile
GetLogicalDrives
GetDriveTypeA
GetDiskFreeSpaceExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
LoadResource
LockResource
SizeofResource
FindResourceA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetVersionExA
FindFirstFileA
FindClose
GetLocalTime
GetModuleFileNameA
CreateFileA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
ExitProcess
SetUnhandledExceptionFilter
FreeLibrary
LoadLibraryA
GetProcAddress
CloseHandle

user32

SetCapture
GetSysColorBrush
DestroyMenu
SetWindowContextHelpId
MapDialogRect
GetMessageA
TranslateMessage
ValidateRect
PostQuitMessage
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
wsprintfA
GetCursorPos
WindowFromPoint
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetFocus
SetFocus
IsChild
GetWindowTextLengthA
CharNextA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
GetKeyState
SetForegroundWindow
UpdateWindow
SendMessageA
GetClientRect
GetParent
EnableWindow
SetLayeredWindowAttributes
CopyRect
GetWindowRect
InvalidateRect
PostMessageA
GetSysColor
ShowWindow
MoveWindow
GetSystemMetrics
ShowCursor
GetMenu
GetSubMenu
GetMenuItemID
GetMenuItemCount
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowPos
OffsetRect
IntersectRect
IsRectEmpty
SetRect
CopyAcceleratorTableA
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetDesktopWindow
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
IsWindow
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
BeginPaint
RegisterClipboardFormatA
GetWindowTextA
IsIconic
SetTimer
KillTimer
PtInRect
DrawIcon
EnableMenuItem
GetSystemMenu
ScreenToClient
LoadIconA
CharUpperA
UnregisterClassA
SetCursor
LoadCursorA
GetDC
ReleaseDC
MessageBoxA
DestroyWindow
CreateWindowExA
RegisterClassExA
UpdateLayeredWindow
GetWindowDC
EqualRect
IsWindowVisible
DefWindowProcA
GetWindowLongA
SetWindowLongA
EndPaint
ReleaseCapture

gdi32

CreateRectRgnIndirect
GetBkColor
GetTextColor
GetRgnBox
GetStockObject
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
CreateBitmap
GetWindowExtEx
GetViewportExtEx
SetMapMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateDIBSection
SelectObject
GetDeviceCaps
DeleteDC
DeleteObject
GetTextExtentPoint32A
SetBkMode
CreateFontA
SetPixel
GetPixel
Rectangle
BitBlt
DPtoLP
GetMapMode
CreateCompatibleDC
GetObjectA
CreateCompatibleBitmap

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHFileOperationA
ShellExecuteA
ShellExecuteExA
SHGetDesktopFolder
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

_TrackMouseEvent
ord17

shlwapi

PathFileExistsA
PathRemoveBackslashA
PathAddBackslashA
PathQuoteSpacesA
PathCanonicalizeA
PathFindFileNameA
PathRemoveFileSpecA
PathFindExtensionA
UrlUnescapeA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CLSIDFromProgID
CoInitialize
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoTaskMemAlloc
CoTaskMemFree
OleDraw
OleCreate
OleSetContainedObject
OleRun
CoCreateInstance
CoInitializeEx
CoGetClassObject
CLSIDFromString
CreateILockBytesOnHGlobal

oleaut32

SysAllocStringLen
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayRedim
SafeArrayCreate
SafeArrayUnlock
SafeArrayLock
VariantInit
SafeArrayGetVartype
SafeArrayCopy
VariantClear
SysAllocString
SysAllocStringByteLen
SysStringByteLen
VariantChangeType
SysStringLen
VariantCopy
SystemTimeToVariantTime
OleCreateFontIndirect
GetErrorInfo
SysFreeString

wininet

HttpOpenRequestA
InternetConnectA
HttpSendRequestA
InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
HttpQueryInfoA
HttpAddRequestHeadersA
InternetQueryDataAvailable
InternetSetOptionExA
InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetCookieExA

gdiplus

GdiplusStartup
GdipGetImageHeight
GdipGetImageWidth
GdipCloneImage
GdipDisposeImage
GdipLoadImageFromStreamICM
GdipLoadImageFromStream
GdipAlloc
GdipFree
GdipDrawImageRectRectI
GdipDrawImageRectI
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetImageAttributesColorKeys
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdiplusShutdown

ws2_32

WSAStartup

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 860KB - Virtual size: 857KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/bdf37d2c936476c4be65cda459e979c3
.js
some-samples-master/be19d7394ae5e33ccf08c412177437ce
.html .js polyglot
some-samples-master/be2b75ff89be1d394948680d63bb2d86
.html
some-samples-master/be35d38454a543198a565893da383dd3
.html .js polyglot
some-samples-master/be6304fb14cbecbc5dca7d743c05df9f
.js
some-samples-master/be63dcb074361039ebe932d800858a50
.exe windows:5 windows x86 arch:x86

01d3e95f04abdaafab59f55da046f829

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\桌面\20170730改版企业版2.9源码\serverdata\Release\NewTest.pdb

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
lstrcpyA
CloseHandle
ReadFile
GetFileSize
CreateFileA
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapCreate
HeapDestroy
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/be993ec8adf0ff174334c6cdd19b8e40
.exe windows:5 windows x86 arch:x86

09832add1b0397fd3c3e3c6b5de98f86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
LoadLibraryW
AddAtomA
TerminateThread
GetTickCount
RaiseException
WriteConsoleW
DecodePointer
CreateFileA
GetSystemTimes
GetModuleFileNameW
GetProcessAffinityMask
GetProcAddress
GetProcessWorkingSetSize
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
GetProcessHeap
GetStringTypeW
SetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
GetCurrentProcess
TerminateProcess
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetFileType
CloseHandle
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
CreateFileW

user32

LoadImageA

advapi32

InitiateSystemShutdownW
GetSecurityDescriptorControl
OpenEventLogA
GetUserNameW
LookupPrivilegeNameA

shell32

ord180
ShellExecuteA
ShellAboutA

msimg32

AlphaBlend
TransparentBlt

ws2_32

WSAAsyncGetHostByAddr
WSAAsyncGetServByName
WSAAsyncGetHostByName
WSAAsyncGetProtoByName
WSAAsyncGetProtoByNumber

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/bed0a90f18f00dcef537173001ac59c5
.html .js polyglot
some-samples-master/bee341b0d5936c938e4a662bd5424fe3
.js
some-samples-master/bf04cea33bcd9615710024e2366c36f2
.html .js polyglot
some-samples-master/bf0e8da96ca96faecc0ff3f7d99a24ff
some-samples-master/bf1488c0296cb65b637f8926a69b0e3b
.js
some-samples-master/bf1fd48aae230c0a45323f7bfeb88176
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/bf40e415b6989fb7f575c1852da8ed2e
.html .js polyglot
some-samples-master/bf5f73497f6801cf7aad78483434765e
.html
some-samples-master/bf662962039af058efa8ac346d4b5bf5
.js
some-samples-master/bf663e2f1f4a9a11421f578628f7ee8d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 240KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/bf7dd892e2a47837d27cbe7765cb9748
.html .js polyglot
some-samples-master/bfca49a8f92026551ffd3cc853504e62
.html .js polyglot
some-samples-master/c030f8e26f4a2eccef7823aca485b989
.html .js polyglot
some-samples-master/c0488e0904db9979daa84db94ceeba88
.js
some-samples-master/c0a8c607fbeb0ce7068e62a14f9ae396
.js
some-samples-master/c0bb2650224c36c53dce301b71d78b9f
.html
some-samples-master/c0da979c2c7c8e15b925bd9c662c3506
.exe windows:5 windows x86 arch:x86

a1f61269f60b1088f1956b9e1cd31fd1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
RegisterClassExW
BeginPaint
EndPaint
PostQuitMessage
LoadStringW
DialogBoxParamW
DefWindowProcW
DestroyWindow
EndDialog
wsprintfW
CreateWindowExW
LoadIconW
SendMessageW
MessageBoxW
GetScrollPos
RegisterClassW
LockWindowUpdate
SetMenuItemInfoW
OpenClipboard
GetClassNameW
SetDlgItemTextW
MapWindowPoints
ModifyMenuW
SetMenu
PtInRect
MessageBeep
GetCursorPos
EndDeferWindowPos
GetDesktopWindow
EnableMenuItem
SetScrollRange
ShowCaret
GetActiveWindow
FrameRect
RedrawWindow
GetScrollRange

kernel32

HeapAlloc
HeapFree
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetOEMCP
GetACP
VirtualAlloc
WideCharToMultiByte
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
MapViewOfFile
lstrlenA
lstrcmpA
GetLastError
CreateFileW
lstrcatW
GetSystemInfo
GetCurrentDirectoryW
GetCommandLineW
GetVersionExW
GetModuleHandleW
SetFilePointer
GetProcAddress
LoadLibraryA
FlushFileBuffers
CloseHandle
SetStdHandle
GetCPInfo
ExitProcess
GetVersion
GetModuleHandleA
GetCommandLineA

gdi32

DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
StretchBlt
DeleteObject

shell32

CommandLineToArgvW

Sections

.text
Size: 373KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c11066f3c432f766c168fe94c3476ae9
.html .js polyglot
some-samples-master/c11a6892006cbf48478bce7e8158b316
.html
some-samples-master/c1296a87f74460f040439d7f013278a4
.js
some-samples-master/c1736b814389cb6602329186c8181b35
.exe windows:4 windows x86 arch:x86

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetCurrentDirectoryA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c1a25e62ad4e999841e2f4e325aceccd
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ZxcAS
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yvs
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/c1ed645e76739a2d4559f6f499a009dc
.exe windows:4 windows x86 arch:x86

a250cb9130479ac86c0182066a244012

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3254
ord2441
ord1695
ord5006
ord5656
ord4470
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5476
ord3403
ord2879
ord2878
ord4154
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5285
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord736
ord807
ord739
ord450
ord439
ord554
ord442
ord825
ord747
ord5495
ord2104
ord4460
ord2494
ord2627
ord2626
ord4163
ord6625
ord6064
ord5252
ord4614
ord4613
ord1942
ord4272
ord4589
ord4899
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord4078
ord5240
ord5290
ord4441
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5259
ord2535
ord4723
ord4448
ord1842
ord4242
ord5472
ord4151
ord5282
ord796
ord794
ord674
ord529
ord527
ord366
ord6000
ord2117
ord4457
ord2252
ord1133
ord3481
ord3797
ord4284
ord1895
ord4958
ord3407
ord4990
ord4927
ord4932
ord4937
ord4717
ord4688
ord4946
ord5018
ord5108
ord4912
ord4646
ord4980
ord4522
ord4993
ord4537
ord5075
ord4038
ord3281
ord3353
ord4626
ord4424
ord457
ord749
ord4653
ord6194
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord459
ord561
ord743
ord1134
ord1199
ord1205
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5241
ord5280
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1894
ord4254
ord2486
ord4015
ord4957
ord4861
ord4826
ord3187
ord4950
ord2437
ord2171
ord5020
ord4517
ord4640
ord4916
ord5002
ord4494
ord4491
ord5021
ord3106
ord4605
ord5000
ord4416
ord5090
ord5501
ord4628
ord4657
ord5752
ord4155
ord2991
ord3417
ord5025
ord3514
ord6344
ord5627
ord1003
ord3449
ord3787
ord3250
ord4697
ord3060
ord3066
ord6336
ord2510
ord2542
ord5244
ord5742
ord1747
ord5577
ord3172
ord5654
ord4423
ord4956
ord4860
ord2402
ord4387
ord3454
ord3198
ord6081
ord6175
ord3261
ord4623
ord4430
ord748
ord1206
ord2623
ord456
ord1223
ord4825
ord1849
ord4244
ord2583
ord4403
ord5253
ord3998
ord1576
ord4251
ord1886
ord823
ord4676
ord4671
ord4857
ord4450
ord1168

msvcrt

exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
free
realloc
_CxxThrowException
__CxxFrameHandler
_setmbcp
_stricmp
_XcptFilter

kernel32

GetProcAddress
Sleep
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
LoadLibraryA

user32

EnableWindow
SendMessageA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c1fc4f4d554c733bb80490750c9fb5c3
.exe windows:5 windows x86 arch:x86

7b0f76a1b5f3aa91ec1a1a05a9c46243

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

authz

AuthzAddSidsToContext
AuthzFreeContext
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeAuditEvent

clusapi

CloseClusterNode
ClusterEnum
CloseClusterGroup

kernel32

SetLastError
GetFileAttributesW
LoadLibraryA
GetModuleFileNameW
GetModuleHandleW
GetLogicalDriveStringsW
GetProcAddress
CreateMailslotW
GetCommandLineA
CreateFileA
MoveFileExA
UnmapViewOfFile
GetOEMCP
WaitForSingleObject
CreateJobObjectA

user32

LoadCursorW
PeekMessageA
LoadIconW
CharToOemA
LoadStringW
GetClassLongA
LoadMenuW
IsDialogMessageA
LoadBitmapA
InsertMenuA
GetPropW

rsaenh

CPDecrypt
CPGenKey
CPEncrypt

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c2424c669bab967c332793bba3a7fd5a
.html .js polyglot
some-samples-master/c25707ceb038df938c576d98a1ef6324
.html .js polyglot
some-samples-master/c29986f0da4fb7c86b44bf91cd84497e
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/c2abcb34021321dfd3a846e3a43716e8
.html .js polyglot
some-samples-master/c2b259e63389c00afbfe76ed3763cbcd
.html .js polyglot
some-samples-master/c2f068ed0a961f6c8920894d27af6549
.html .js polyglot
some-samples-master/c2fcfb112bb4824fc542d7ab8dfdb627
.exe windows:4 windows x86 arch:x86

f84ea321f948824a85fae154c7a20624

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f.MbP.pdb

Imports

imm32

ImmDisableTextFrameService

advapi32

LookupAccountNameW

kernel32

GetCommandLineA
GetSystemTimeAsFileTime
GetVolumeInformationW
GetPrivateProfileIntW
GetCurrentProcess
GetModuleHandleA
GetModuleFileNameA
lstrcmpA
GetBinaryTypeA
FreeConsole
GetConsoleDisplayMode

winspool.drv

DeletePrintProcessorA

msvcrt

memset

shell32

SHGetFileInfoA

lz32

LZStart

ole32

CoInitializeEx

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/c302d44b4b2b3566df8eedae85ffe6d5
.rtf
some-samples-master/c31850b89cf2506a7ffe183416bb8c89
.html .js polyglot
some-samples-master/c31ab6ab7c08da68c608a098e7af3753
.html .js polyglot
some-samples-master/c357e90d114d35860978bac1bfca0dd6
.html .js polyglot
some-samples-master/c3a61bf26327aabef6cb2b5b80af74fb
.html .js polyglot
some-samples-master/c3aacaf2e02b678432b510a64ee613b3
.js
some-samples-master/c3d10a9c2dbe063d6c8b0259fd7fde67
.exe windows:6 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 280KB - Virtual size: 264KB

Size: 284KB - Virtual size: 4B

��
Size: - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA

Size: - Virtual size:

Size: - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA

Size: - Virtual size:
some-samples-master/c3eb651f8a7974e01464c5f5e71a26fa
.js
some-samples-master/c3f12ad7589cf44df07708130667a0bb
.html
some-samples-master/c41c53cd94416de14169bac3b01b329a
some-samples-master/c4453cc3005d9ecaf00dd67b94e578d2
.html .js polyglot
some-samples-master/c456be5858f2455191cdc703d62eada4
.html .js polyglot
some-samples-master/c476e5fc01cd15671421e82db48a0f87
.vbs
some-samples-master/c4dc5ca8a563409fbcfc8d680df39e48
.js
some-samples-master/c4e0a5bba00000a045c6937e16065f24
.exe windows:4 windows x86 arch:x86

74a50d08d1b6b9bb254ff93ebe12fbcd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord6376
ord3749
ord5065
ord1727
ord2445
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord401
ord674
ord5254
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord561
ord815
ord617
ord6215
ord5301
ord5214
ord296
ord986
ord411
ord4159
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord5241
ord2385
ord5280
ord4441
ord5261
ord2446
ord4425
ord3597
ord324
ord641
ord4234
ord800
ord2515
ord355
ord537
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord2055
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord338
ord4823
ord1979
ord665
ord5186
ord3499
ord354
ord5651
ord3127
ord3616
ord6329
ord2652
ord1669
ord858
ord860
ord540
ord4614
ord4613
ord1920
ord4262
ord4589
ord4899
ord5076
ord4341
ord4349
ord4889
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4963
ord4960
ord4108
ord5240
ord5290
ord3748
ord1725
ord4432
ord517
ord784
ord5260
ord5677
ord3495
ord6131
ord6216
ord4723
ord2535
ord4224
ord1859
ord4246
ord3869
ord2127
ord2391
ord5102
ord5105
ord4468
ord3350
ord975
ord2880
ord4153
ord2383
ord5284
ord4437
ord4428
ord796
ord554
ord529
ord402
ord807
ord2494
ord2627
ord2626
ord6000
ord2117
ord4163
ord6625
ord4457
ord5255
ord2648
ord4436
ord4837
ord3798
ord1665
ord2649
ord5283
ord4353
ord6374
ord5163
ord2382
ord5237
ord4407
ord1776
ord4077
ord6055
ord4152
ord2878
ord2879
ord3403
ord5472
ord976
ord5012
ord3351
ord4303
ord4467
ord5104
ord5100
ord3059
ord2390
ord2723
ord2101
ord5101
ord4245
ord1858
ord2801
ord350
ord6157
ord2393
ord1200
ord3663
ord6571
ord1871
ord825
ord5740
ord823

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
fabs
ceil
exp
__CxxFrameHandler
memset
_CxxThrowException
_controlfp
realloc
strcmp
sqrt
_ftol
abs
strcpy
strlen
sprintf
fopen
fclose
exit
free

kernel32

Sleep
ExpandEnvironmentStringsA
FreeLibrary
GetModuleHandleA
GetStartupInfoA
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualAlloc
GetProcessHeap
HeapAlloc
UnmapViewOfFile
GlobalFree
GlobalUnlock
OutputDebugStringA
CloseHandle

user32

MessageBoxA
UpdateWindow
EnableWindow

gdi32

DeleteObject
CreatePalette
StretchDIBits
SelectPalette

Exports

Exports

Loader

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c506b1c30c602514d9e51e06a6df9c36
.html
some-samples-master/c50f098872cff26ee5aed262273d4ebf
.exe windows:4 windows x86 arch:x86

0fa9a08282241fecf69984aea760ef64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
GetProcessHeap
FreeLibrary
HeapAlloc
CloseHandle
WriteFile
Sleep
CreateFileA
ReadFile
GetFileSize
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

msvcr80

exit
_acmdln
_ismbblead
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc
memset
memcpy
_initterm
_stricmp

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c52248f66e3be1f01bc92d19266015e1
.exe windows:4 windows x86 arch:x86

88468a2aad02cc7597aabe5e483f5202

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

HeapCreate
GetStringTypeW
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/c52b8eb3ee0ff127ce911e1156074c99
some-samples-master/c55b8512c8fe6cc36c07f8b1ad3e8b21
.js
some-samples-master/c56dcaeb75867b0ee12ab7eb3059517a
.html
some-samples-master/c5781277bcc6cfce4fcd2cf0ccc725cd
.html
some-samples-master/c57f6053a26adde30b97c7f23e27e67b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ZxcAS
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zwt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/c58ecf06f090d6800a84b03ffd7c1419
.js
some-samples-master/c5945442473bc185d720e32b13104706
.js
some-samples-master/c5bff9ea2a60295b7aa204a51bbbf1b9
.js
some-samples-master/c5c850108435f1cde1e5630ab67a7371
.html .js polyglot
some-samples-master/c5c9571700c68c9d29f58a07db6b37ee
.exe windows:5 windows x86 arch:x86

bcae796dc66c686eb78583403b5e8eaf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
RtlUnwind
FlushFileBuffers
HeapReAlloc
LoadLibraryW
MultiByteToWideChar
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
SetFilePointer
GetSystemTimeAsFileTime
SetStdHandle
GetTickCount
QueryPerformanceCounter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateEventA
WideCharToMultiByte
FreeEnvironmentStringsW
Sleep
DeleteCriticalSection
GetFileType
InitializeCriticalSectionAndSpinCount
WriteConsoleW
LCMapStringW
GetStringTypeW
CloseHandle
GetVolumeInformationW
FindFirstVolumeW
GetModuleHandleA
GetModuleFileNameA
WaitForMultipleObjects
FindFirstVolumeMountPointW
GlobalFree
FindVolumeMountPointClose
GetLastError
CreateFileW
GetCurrentProcessId
HeapCreate
SetHandleCount
GetModuleFileNameW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleW
GetProcAddress
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualQuery
DecodePointer
EncodePointer
IsProcessorFeaturePresent
RaiseException
GetStartupInfoW
HeapSetInformation
GetCommandLineA
LeaveCriticalSection
EnterCriticalSection
HeapFree
GlobalAlloc
HeapAlloc
SetErrorMode
GetDriveTypeW
GetEnvironmentStringsW
GetLocaleInfoA

user32

SetWindowTextA
DrawMenuBar
EnumDesktopsA
SetLayeredWindowAttributes
GetCursorPos
SetWindowPos
LoadImageA
GetLayeredWindowAttributes
DialogBoxParamA
IsWindow
EnumDisplayDevicesA
UpdateWindow
GetDesktopWindow
DefWindowProcA
GetDlgItem
ReleaseDC
CreateWindowExA
GetWindowLongA
CreateAcceleratorTableA
InvalidateRect
EndPaint
DestroyWindow
EnumDisplaySettingsExA
SetProcessWindowStation
ScreenToClient
GetWindowRect
OpenDesktopA
PostQuitMessage
DrawTextA
CopyImage
DrawIcon
GetClientRect
GetWindowTextLengthA
SendMessageA
SetRectEmpty
BeginPaint
GetIconInfo
GetDC
InflateRect
GetForegroundWindow
OffsetRect
GetCursorInfo
OpenWindowStationA
GetKeyboardLayout
SetWindowLongA

gdi32

PatBlt
PlayMetaFile
SetMetaFileBitsEx
DeleteEnhMetaFile
CopyMetaFileA
GetEnhMetaFileA
SetTextColor
DeleteDC
GetDeviceCaps
GetWinMetaFileBits
DeleteObject
SelectObject
CreateCompatibleDC
DPtoLP
SetMapMode
Rectangle
DeleteMetaFile
CreatePen
GetObjectA
GetStockObject
BitBlt

winspool.drv

ConnectToPrinterDlg

ole32

CoInitialize
CoInitializeEx
CoCreateInstance

ws2_32

WSAStartup

msvfw32

MCIWndCreateA

msacm32

acmStreamUnprepareHeader
acmStreamClose
acmStreamPrepareHeader
acmStreamOpen

winscard

SCardConnectA
g_rgSCardT1Pci
g_rgSCardT0Pci
SCardTransmit
SCardListReadersA
SCardEstablishContext

comctl32

ImageList_Create
InitCommonControlsEx

secur32

FreeContextBuffer
AcquireCredentialsHandleW
InitializeSecurityContextW
QuerySecurityPackageInfoW
AcceptSecurityContext

opengl32

glMatrixMode
glViewport
glLoadIdentity

urlmon

FaultInIEFeature

Sections

.text
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/c5f2ef4c3ee499a09218695fb1564079
.js
some-samples-master/c60f8bfe5037ad591b3875412209094e
.js
some-samples-master/c65a270e0db70b21591f4ff8638ef251
.png
some-samples-master/c67c5fca7e5394f9866911d6f8e39953
.html .js polyglot
some-samples-master/c680923c129a8b57173981141f665db6
.html
some-samples-master/c682c38355db9ea4d7c3f2be6c300219
.html
some-samples-master/c6912256887ef6721226b9a83e56f4e0
.js
some-samples-master/c691c80f5961942e0282d6bbca8538ba
.html .js polyglot
some-samples-master/c6a95e1277da35ee78452b9d2b4d20bc
.js
some-samples-master/c6c6c6c8938a209b6ac7d4633598897a
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/c6dc26563c7388cd667e9e325b09c756
.html .js polyglot
some-samples-master/c6fbb63afed332685bcdc96318e93cc5
.html .js polyglot
some-samples-master/c713d54659f4b572e2919d726354695f
.html .js polyglot
some-samples-master/c7298fb5c03f0314621b057e979bd93b
.html
some-samples-master/c74b908321bd1510cdb82481c8b12994
.html .js polyglot
some-samples-master/c7535eb514d24abe1810d75959369ce7
.js
some-samples-master/c7611c0f146573a4451ddb8abf71cbca
.js
some-samples-master/c77f9b8f3ae8487316627c3dc47bc6bd
.exe windows:4 windows x86 arch:x86

4f6883c43647a7c0cb3e4b6dd1a096b2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

wsprintfA

advapi32

OpenServiceA

shell32

ShellExecuteA

ws2_32

htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable

msvcrt

exit

Sections

.MPRESS1
Size: 13KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/c7963e0f20081867a108893fba878680
.exe windows:4 windows x86 arch:x86

ac15dedfa9a3fba981c0def8c45fcd35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord823
ord2135
ord818
ord1949
ord4034
ord5265
ord4376
ord4853
ord4998
ord2514
ord6052
ord1775
ord5280
ord2124
ord4425
ord3597
ord324
ord641
ord2362
ord4234
ord6334
ord537
ord4710
ord2818
ord3619
ord3626
ord3663
ord2414
ord2370
ord2299
ord3092
ord1641
ord2860
ord4224
ord1200
ord2645
ord922
ord924
ord5277
ord1601
ord2302
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord796
ord2621
ord1134
ord2725
ord1146
ord1168
ord2820
ord3811
ord529
ord2301
ord2366
ord2289
ord5655
ord6067
ord6000
ord2117
ord4160
ord2863
ord2379
ord755
ord470
ord6453
ord6069
ord2688
ord2642
ord4220
ord2584
ord3654
ord2438
ord6270
ord1644
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord540
ord858
ord5856
ord2614
ord860
ord939
ord535
ord800
ord926
ord825
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
__CxxFrameHandler
_CxxThrowException
realloc
free
??1type_info@@UAE@XZ
_setmbcp
_stricmp
wcslen
__dllonexit
_onexit
_exit
_controlfp

kernel32

InterlockedDecrement
FormatMessageA
lstrlenA
LocalAlloc
WritePrivateProfileStringA
GetPrivateProfileIntA
GetProcAddress
LoadLibraryA
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualFree
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA
ExitProcess
GetLastError
MultiByteToWideChar
WideCharToMultiByte
LocalFree

user32

DrawIcon
GetSystemMetrics
IsIconic
TranslateAcceleratorA
CreatePopupMenu
GetWindowRect
EnableWindow
SendMessageA
GetSystemMenu
AppendMenuA
GetClientRect
LoadAcceleratorsA
LoadIconA
wsprintfA

gdi32

CreateFontIndirectA
GetObjectA

ole32

CoInitialize
CoCreateInstance
OleRun
CoUninitialize

oleaut32

VariantInit
VariantChangeType
VariantCopy
SysFreeString
SysAllocString
VariantClear
GetErrorInfo

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c79dfcd9b989f48ae7900d41a2164618
.exe windows:5 windows x86 arch:x86

470282e4fe2ebbf8acb122584604aac8

Code Sign

1a:92:2c:e1:85:bb:1d:fd:3d:65:dc:b2:98:8b:21:87
Certificate

Issuer

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Not Before

04-11-2015 09:06

Not After

04-11-2016 09:06

Subject

CN=Shanghai Yishen Network Technology Co.\, Ltd.,O=Shanghai Yishen Network Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

25:1f:5d:98:81:82:17:2e:3c:41:9e:01:4f:b0:40:4c
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2024 01:00

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

37:a6:0e:92:5f:23:f8:0c:fd:cd:97:65:92:98:c3:54
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-11-2014 00:58

Not After

08-11-2029 00:58

Subject

CN=WoSign Class 3 Code Signing CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

19:c2:85:30:e9:3b:36
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 22:46

Not After

31-12-2019 23:59

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01
Certificate

Issuer

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Not Before

17-09-2006 19:46

Not After

17-09-2036 19:46

Subject

CN=StartCom Certification Authority,OU=Secure Digital Certificate Signing,O=StartCom Ltd.,C=IL

Key Usages

KeyUsageDigitalSignature
KeyUsageKeyEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
SetWindowPos
IsWindowEnabled
SetClassLongA
GetSystemMenu
EnableMenuItem
EndDialog
GetSystemMetrics
CreatePopupMenu
AppendMenuA
GetWindowRect
SetDlgItemTextA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
LoadBitmapA
IsWindowVisible
CallWindowProcA
GetMessagePos
ScreenToClient
CheckDlgButton
LoadCursorA
SetCursor
GetWindowLongA
GetSysColor
CharNextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
TrackPopupMenu
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint

kernel32

RemoveDirectoryA
GetSystemDirectoryA
lstrcatA
GetTempFileNameA
CreateFileA
CreateProcessA
CreateDirectoryA
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceA
lstrcpynA
SetErrorMode
GetVersion
lstrlenA
GetCommandLineA
GetTempPathA
GetWindowsDirectoryA
ExitProcess
CopyFileA
GetCurrentProcess
GetModuleFileNameA
GetFileSize
GetTickCount
Sleep
SetFileAttributesA
GetFileAttributesA
SetCurrentDirectoryA
MoveFileA
GetFullPathNameA
GetShortPathNameA
SearchPathA
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiA
MulDiv
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
SetFilePointer
ReadFile
WriteFile
GetPrivateProfileStringA
WritePrivateProfileStringA
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GlobalFree
GetExitCodeProcess
WaitForSingleObject
GlobalAlloc
ExpandEnvironmentStringsA
lstrcmpA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA

advapi32

RegDeleteKeyA
RegCloseKey
RegEnumKeyA
RegOpenKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
SetFileSecurityA

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectA
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

ntdll

_allshl
_aulldiv
_allmul
_alldiv
_allrem
_allshr

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 776KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c82cdbd0e928c9e51850eaaf0103a168
.html .js polyglot
some-samples-master/c86b9c09258f31e1bca843e9c74a9049
.exe windows:5 windows x86 arch:x86

a06e8867d9d02187fa0ebe3fab1685b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

authz

AuthzAddSidsToContext
AuthzFreeContext
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeAuditEvent

clbcatq

ComPlusMigrate
SetSetupSave
DowngradeAPL

kernel32

SetLastError
GetFileAttributesW
LoadLibraryA
GetModuleFileNameW
GetModuleHandleW
GetLogicalDriveStringsW
GetProcAddress
CreateMailslotW
GetCommandLineA
CreateFileA
MoveFileExA
UnmapViewOfFile
GetOEMCP
WaitForSingleObject
CreateJobObjectA

user32

LoadCursorW
PeekMessageA
LoadIconW
CharToOemA
LoadStringW
GetClassLongA
LoadMenuW
IsDialogMessageA
LoadBitmapA
InsertMenuA
GetPropW

rsaenh

CPDecrypt
CPGenKey
CPEncrypt

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c88efe442e53e9bf48d858978f68cba5
.exe windows:5 windows x86 arch:x86

de14de2ce12f1ecd56b121ac89b5c3a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFlags
LocalFree
LocalCompact
GetTickCount
GetLastError
LocalAlloc
GetProcAddress
LoadLibraryW
GetCPInfo
VirtualAllocEx
AddAtomW
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
HeapReAlloc
HeapAlloc
HeapSize
GetStringTypeW
MultiByteToWideChar
ExitThread
lstrlenA
GetSystemTimeAdjustment
FindAtomA
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EncodePointer
IsProcessorFeaturePresent
HeapFree
SetUnhandledExceptionFilter
GetModuleHandleW
ExitProcess
DecodePointer
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
GetLocaleInfoW
Sleep
RtlUnwind
LCMapStringW
IsValidLocale

user32

GetDC
GetMessageExtraInfo
GetMonitorInfoA
WindowFromDC
IsWindowVisible
ShowWindow
UpdateWindow

gdi32

GetMapMode
StretchBlt
GetGraphicsMode

Sections

.text
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/c8be3a7e91cfa426531935853823e4ba
.exe windows:4 windows x86 arch:x86

423f1cd27245f479d4d05b04abc7274e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegReplaceKeyW
RegCreateKeyExA
LogonUserW
RegSaveKeyW
OpenEventLogA
RegOpenKeyA
RegEnumKeyA
RegUnLoadKeyW
OpenServiceA
RegDeleteValueA

cmpbk32

PhoneBookEnumNumbers
PhoneBookFreeFilter
PhoneBookLoad
PhoneBookCopyFilter
PhoneBookEnumCountries

dsprop

CrackName
CheckADsError

untfs

Format
FormatEx
Recover

shlwapi

UrlUnescapeW
UrlHashA
UrlCombineW
PathCombineA
UrlGetLocationA
UrlIsA
UrlIsNoHistoryW
UrlCompareA
UrlCanonicalizeW
UrlGetPartW
PathCompactPathW
PathCommonPrefixW

crypt32

CertCompareCertificate
CertRemoveStoreFromCollection
CertOpenStore
CertSaveStore
CertAlgIdToOID
CertGetNameStringA
CertDeleteCRLFromStore
CertFindChainInStore
CertFindCRLInStore
CertNameToStrA
CertDuplicateCRLContext
CryptEnumOIDInfo

clusapi

ClusterEnum
CloseClusterNode
CloseCluster
CloseClusterGroup

kernel32

FindNextFileA
GetModuleHandleA
FindClose
WriteConsoleA
lstrcmpi
GetProcAddress
CreateProcessW
GetFileAttributesA
FindFirstFileW
CreateJobObjectA
GetConsoleTitleW
lstrcpy
CreateDirectoryA
OpenProcess
OpenThread
GetLogicalDriveStringsA
lstrcmpiA
WaitForSingleObject
DeleteFileA
GetCommandLineA
GetEnvironmentVariableW
GetPriorityClass
GetTempFileNameA
LoadLibraryA
CreateFileMappingW
FileTimeToSystemTime

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lock
Size: 523KB - Virtual size: 523KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c8c246c326471e3825d3ca9663c0e56c
.elf linux x64
some-samples-master/c8c45e2e8b99d4b6ec84fc6e0373b260
.exe windows:4 windows x86 arch:x86

49ad570c90933e2182217844467a762a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clbcatq

DowngradeAPL
SetSetupSave

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range

user32

wsprintfA
LoadBitmapW
IsDialogMessageA
DispatchMessageW
PostMessageW
CharToOemA
LoadIconA
IsCharLowerW
DialogBoxParamA
MessageBoxA
GetClassLongA
DrawStateA
PeekMessageW
InsertMenuW

cryptdll

MD5Update
MD5Final

kernel32

GetCommandLineW
InterlockedDecrement
CreateNamedPipeA
GetEnvironmentVariableW
WaitForSingleObject
GetLocalTime
CreateThread
GetModuleFileNameW
FindClose
FindResourceExA
OpenProcess
GlobalAddAtomA
GetConsoleTitleA
GetPriorityClass
FindNextFileW
CreateFileMappingW
FindFirstFileW
FormatMessageA
CloseHandle
GetLogicalDriveStringsA
GetProcAddress
GetPrivateProfileStringA
CreateDirectoryA
CreateSemaphoreW
LoadLibraryA
SetEnvironmentVariableW
GetModuleHandleA

shlwapi

UrlGetPartW
PathCompactPathW
UrlCreateFromPathW
UrlCombineA
UrlEscapeW
UrlCompareW
UrlUnescapeW
PathIsRootW
UrlHashA
UrlIsNoHistoryW
UrlGetLocationA
PathCommonPrefixW
UrlIsW
PathCombineA

rsaenh

CPDecrypt
CPDeriveKey

shell32

Shell_NotifyIconA
DllUnregisterServer
DragQueryFileA
DllGetVersion
SHBrowseForFolderW
SHGetFolderPathA
StrChrA
ExtractIconW
SHEmptyRecycleBinA
SHCreateDirectoryExA

Sections

.text
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 538KB - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dec
Size: 2KB - Virtual size: 256KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c912ac6b43952a6e1225cab82cc14e3a
.html .js polyglot
some-samples-master/c92ccef85a1a118ad8caf09d88b2408c
.js
some-samples-master/c942df87fcc0047d243f158b69e9d28b
.html .js polyglot
some-samples-master/c945f3f35661e160b7d219fa2af0cd7f
.js
some-samples-master/c95a2a5094caf2b4593708c62c6b6c48
.html
some-samples-master/c97a51579408490bef8fe843f7171f00
.exe windows:4 windows x86 arch:x86

8f67b921dee3a616b0e0452ef53421f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
RaiseException
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapSize
GetACP
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
GetCurrentProcess
GetOEMCP
GetCPInfo
GetProcessVersion
GetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
WritePrivateProfileStringA
GlobalFlags
lstrlenA
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
SetLastError
InterlockedDecrement
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GlobalUnlock
GlobalFree
HeapAlloc
LockResource
FindResourceA
LoadResource
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
WriteFile
CloseHandle
FreeLibrary
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
VirtualAlloc
HeapFree
GetProcessHeap
HeapReAlloc
SetUnhandledExceptionFilter

user32

CopyRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
IsDialogMessageA
SetWindowTextA
ShowWindow
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetClassNameA
PtInRect
GetSysColorBrush
LoadStringA
DestroyMenu
GetTopWindow
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
LoadIconA
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
SetWindowLongA

gdi32

GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectObject
DeleteObject
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
RestoreDC
SaveDC
DeleteDC
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

comctl32

ord17

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 180KB - Virtual size: 189KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/c9913028fd061c3e9604763abf122d28
.html .js polyglot
some-samples-master/c9d8b2fdfb071f9c4f0b2f8222033794
.js
some-samples-master/c9dc36146bd454810db8637e971a9800
.dll windows:6 windows x86 arch:x86

564e08c1be5514e0770a9c15012ba995

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
InitializeCriticalSectionEx
DeleteCriticalSection
Sleep
GetCurrentProcess
VirtualProtect
FreeLibraryAndExitThread
GetModuleHandleA
GetProcAddress
LoadResource
SizeofResource
FindResourceA
IsBadCodePtr
SetConsoleTextAttribute
RaiseException
CreateThread
CreateDirectoryA
GetTickCount64
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
TerminateProcess
K32GetModuleInformation
GetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
WideCharToMultiByte
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
LeaveCriticalSection
EnterCriticalSection
OutputDebugStringW
IsDebuggerPresent
InitializeSListHead

user32

GetAsyncKeyState
ScreenToClient
SetWindowLongA
FindWindowA
GetCursorPos
CallWindowProcA
GetFocus
GetForegroundWindow

gdi32

CreateFontA
AddFontMemResourceEx

shell32

SHGetFolderPathA

msvcp140

?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
??Bid@locale@std@@QAEIXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?seekp@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@V?$fpos@U_Mbstatet@@@2@@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
_Xtime_get_ticks
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?_BADOFF@std@@3_JB
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?is@?$ctype@D@std@@QBE_NFD@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??Bios_base@std@@QBE_NXZ
??7ios_base@std@@QBE_NXZ
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?id@?$ctype@D@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ

vcruntime140

__std_exception_destroy
__vcrt_InitializeCriticalSectionEx
__std_type_info_destroy_list
__vcrt_LoadLibraryExW
__vcrt_GetModuleFileNameW
_except_handler4_common
memchr
memcmp
memcpy
memmove
memset
__std_exception_copy
_CxxThrowException
strstr
__CxxFrameHandler3
_purecall

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_cexit
_register_onexit_function
_initterm
_initterm_e
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
terminate
_errno
_invalid_parameter_noinfo
_invalid_parameter_noinfo_noreturn
_crt_atexit

api-ms-win-crt-string-l1-1-0

wcslen
isdigit
strcpy
_strdup
strcmp
strlen

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-stdio-l1-1-0

fgetpos
fgetc
fflush
fclose
_get_stream_buffer_pointers
fputc
fsetpos
_fseeki64
fwrite
setvbuf
__stdio_common_vsprintf_s
__stdio_common_vsprintf
ungetc

api-ms-win-crt-math-l1-1-0

fabs
pow
exp
sin
fmaxf
atan2
sqrt
copysign
hypot
floor
atan
acos
_except1
cos

api-ms-win-crt-utility-l1-1-0

rand

api-ms-win-crt-convert-l1-1-0

mbstowcs_s

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-time-l1-1-0

_time64
clock

Sections

.text
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 861KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/c9e70e22d04d61734699ab6c29f0a1fa
.js
some-samples-master/ca028e0d00fcc70a074f57e051d97e88
.js
some-samples-master/ca1d43704efc432084374c690dc4f9a7
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/ca23a1121957717dbfc464de88d43521
.html .js polyglot
some-samples-master/ca4e60bc2a8c8fb8fae00c29426f6092
.js
some-samples-master/ca5474a2d1e31fe65db1abd73e15e4c5
.js
some-samples-master/ca89d207ced5fb0cdb87ff148f607447
.exe windows:4 windows x86 arch:x86

afb4499cc3d71ae164287edf0970a208

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3254
ord2441
ord1695
ord5006
ord5656
ord4470
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4303
ord3350
ord5012
ord975
ord5476
ord3403
ord2879
ord2878
ord4154
ord6055
ord4077
ord1776
ord4407
ord5237
ord2385
ord5163
ord6374
ord4353
ord5285
ord2649
ord1665
ord3798
ord4837
ord4436
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4427
ord736
ord807
ord739
ord450
ord439
ord554
ord442
ord825
ord747
ord5495
ord2104
ord4460
ord2494
ord2627
ord2626
ord4163
ord6625
ord6064
ord5252
ord4614
ord4613
ord1942
ord4272
ord4589
ord4899
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord4078
ord5240
ord5290
ord4441
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5259
ord2535
ord4723
ord4448
ord1842
ord4242
ord5472
ord4151
ord5282
ord796
ord794
ord674
ord529
ord527
ord366
ord6000
ord2117
ord4457
ord2252
ord1133
ord3481
ord3797
ord4284
ord1895
ord4958
ord3407
ord4990
ord4927
ord4932
ord4937
ord4717
ord4688
ord4946
ord5018
ord5108
ord4912
ord4646
ord4980
ord4522
ord4993
ord4537
ord5075
ord4038
ord3281
ord3353
ord4626
ord4424
ord457
ord749
ord4653
ord6194
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord459
ord561
ord743
ord1134
ord1199
ord1205
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord1775
ord5241
ord5280
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord1894
ord4254
ord2486
ord4015
ord4957
ord4861
ord4826
ord3187
ord4950
ord2437
ord2171
ord5020
ord4517
ord4640
ord4916
ord5002
ord4494
ord4491
ord5021
ord3106
ord4605
ord5000
ord4416
ord5090
ord5501
ord4628
ord4657
ord5752
ord4155
ord2991
ord3417
ord5025
ord3514
ord6344
ord5627
ord1003
ord3449
ord3787
ord3250
ord4697
ord3060
ord3066
ord6336
ord2510
ord2542
ord5244
ord5742
ord1747
ord5577
ord3172
ord5654
ord4423
ord4956
ord4860
ord2402
ord4387
ord3454
ord3198
ord6081
ord6175
ord3261
ord4623
ord4430
ord748
ord1206
ord2623
ord456
ord1223
ord4825
ord1849
ord4244
ord2583
ord4403
ord5253
ord3998
ord1576
ord4251
ord1886
ord823
ord4676
ord4671
ord4857
ord4450
ord1168

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
??1type_info@@UAE@XZ
free
realloc
memset
_CxxThrowException
memcpy
__CxxFrameHandler
_setmbcp
_stricmp
_onexit

kernel32

GetProcAddress
Sleep
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
LoadLibraryA

user32

EnableWindow
SendMessageA

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/cab289000506a12a7e35a7dfbf0221e8
.js
some-samples-master/cae8a8524eeb0e7de1fb3704bd14b7ba
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/cb10e48c6a73dbd10d3d12ffad65ea69
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uro
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/cb218fbeb5eab0be743f11225e07b689
.js
some-samples-master/cb83b854fbe4a6cd0406ae7a639de42a
.js
some-samples-master/cba87dafb959a4a20692d2cd4ea0c820
.exe windows:5 windows x86 arch:x86

40676de1c3d3128b665da7512c2b46cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostMessageA
DispatchMessageW
MessageBoxA
LoadStringW
GetPropA
GetClassLongA
IsCharUpperW
DrawStateW
IsDialogMessageW
LoadMenuW
CreateDesktopW
LoadIconA
LoadCursorA

kernel32

WaitForSingleObject
GetCurrentProcessId
GetModuleHandleW
GetFileAttributesW
FindNextFileA
GetTempPathW
GetModuleFileNameW
IsBadReadPtr
GetExpandedNameW
GetCurrentThread
LoadLibraryA
GetProfileSectionA
GetProcAddress
GetStringTypeA
WaitNamedPipeA
LeaveCriticalSection
GetConsoleAliasA
SearchPathW
GetLogicalDriveStringsA

odbctrac

TraceSQLCancel
TraceSQLError

cfgmgr32

CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range
CMP_Init_Detection

modemui

drvSetDefaultCommConfigA
CountryRunOnce

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/cbde4cd2ea60ef92fa85279c635fae35
.exe windows:4 windows x86 arch:x86

4bab00f7bb98050d0523b3b864784eff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5883
ord4284
ord2453
ord2097
ord384
ord6625
ord4413
ord2864
ord2862
ord2753
ord816
ord323
ord562
ord289
ord4299
ord640
ord5786
ord3571
ord3626
ord3663
ord2414
ord1641
ord1146
ord3706
ord1640
ord5785
ord4615
ord4612
ord4610
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord4424
ord3738
ord815
ord561
ord6199
ord617
ord5301
ord5214
ord296
ord986
ord520
ord4159
ord6117
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord860
ord5241
ord5280
ord4441
ord5261
ord4425
ord3597
ord324
ord641
ord4234
ord2725
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord4614
ord4613
ord1945
ord4273
ord4589
ord4899
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2535
ord755
ord470
ord1168
ord5882
ord5885
ord6146
ord686
ord540
ord2919
ord5572
ord5683
ord4129
ord858
ord800
ord924
ord356
ord2770
ord1980
ord6334
ord1200
ord668
ord5252
ord4457
ord2117
ord6000
ord2626
ord2627
ord2494
ord6067
ord6215
ord807
ord366
ord529
ord554
ord674
ord796
ord4427
ord4627
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4436
ord4837
ord3798
ord1665
ord2649
ord5282
ord4353
ord6374
ord5163
ord2385
ord5237
ord4407
ord1776
ord4077
ord6055
ord4151
ord2878
ord2879
ord3403
ord5472
ord975
ord5012
ord3350
ord4303
ord4467
ord5103
ord5100
ord3059
ord2390
ord2723
ord4242
ord1842
ord823
ord1775
ord825

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
strncpy
strrchr
time
srand
rand
_beginthreadex
_access
sprintf
strcpy
strstr
_except_handler3
free
realloc
exit
malloc
_CxxThrowException
memcmp
memset
__CxxFrameHandler
memmove
_ftol
_controlfp

kernel32

CreateProcessA
GetFileAttributesA
ReadFile
GetWindowsDirectoryA
GetFileSize
CreateFileA
SetFilePointer
WriteFile
CancelIo
InterlockedExchange
SetEvent
lstrlenA
ResetEvent
WaitForSingleObject
CloseHandle
CreateEventA
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
VirtualFree
DeleteCriticalSection
Sleep
InitializeCriticalSection
GetProcAddress
LoadLibraryA
TerminateThread
lstrcatA
GetLastError
GetCurrentProcess
GetModuleFileNameA
HeapAlloc
GetProcessHeap
IsBadReadPtr
VirtualProtect
HeapFree
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
ExitProcess
DeleteFileA
DuplicateHandle
OpenProcess
CreateDirectoryA
GetLocalTime
OpenEventA
GetModuleHandleA
WinExec
ExpandEnvironmentStringsA
GetCurrentThreadId
CopyFileA
Process32First
FreeLibrary
lstrcpyA
LocalFree
LocalAlloc
RaiseException
GetStartupInfoA

gdi32

DeleteDC
DeleteObject
StretchBlt
BitBlt
GetDeviceCaps
CreateCompatibleDC
CreateRectRgnIndirect
GetObjectA
CreateCompatibleBitmap
SelectObject

advapi32

CreateServiceA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
OpenServiceA
StartServiceA
CloseServiceHandle
StartServiceCtrlDispatcherA
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegSetValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA

shell32

ShellExecuteA
SHAppBarMessage

iphlpapi

GetInterfaceInfo
AddIPAddress

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/cbe3652dea8dd5f64615823845a8f0d9
.js
some-samples-master/cbf64f4e2ba638df3e597ed903860ad3
.js
some-samples-master/cc246ca3627b3fa69832d7e1d3a4b764
.js
some-samples-master/cc310457027601b0ee0bb577dabfd8aa
.js
some-samples-master/cc90b5109f617b7e43db56d36b47ab1f
.html .js polyglot
some-samples-master/cc98dfd5c59aeaa4ca73570d51c41247
.html .js polyglot
some-samples-master/cca20c5dee7d3106cdada5d1b86b9841
.html .js polyglot
some-samples-master/cca425d0962a33dc78d6c160f0c716d7
.html .js polyglot
some-samples-master/cca5b441ac2605889c65e0b6554a7771
.html .js polyglot
some-samples-master/ccebf159cdbdb5f9e85513352fafe7ef
.html
some-samples-master/cd130192e1c682fd7ead6c22a94246ef
.html
some-samples-master/cd148119dbcbc3ea6cc51106d7e59bdf
.js
some-samples-master/cd5432c3d50ef99de61d475e97ac76e9
.js
some-samples-master/cd8bedd3f8fa242ff073d973c664f909
.js
some-samples-master/cda79841ec675ae4c15edbcea20fe9ab
.js
some-samples-master/cdacadda6a7ecfb449310a3f92bbd6de
.exe windows:5 windows x86 arch:x86

0ebb3c09b06b1666d307952e824c8697

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

60:8a:ad:6f:0d:ed:59:8a:b9:8c:bf:81:18:7c:91:bb
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-09-2012 00:00

Not After

15-09-2013 23:59

Subject

CN=Adobe Systems Incorporated,OU=Production CS+OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:b1:05:2c:f1:d6:32:7f:e5:d6:b2:21:e1:23:7d:62:6d:74:6f:be
Signer

Actual PE Digest

2f:b1:05:2c:f1:d6:32:7f:e5:d6:b2:21:e1:23:7d:62:6d:74:6f:be

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wextract.pdb

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
lstrlenA
GetModuleFileNameA
GetSystemDirectoryA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
lstrcpyA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
FreeResource
GetProcAddress
LoadResource
SizeofResource
FindResourceA
lstrcatA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
LockResource

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/cdda8e557cbee2bc95a0e6916a085e91
.html .js polyglot
some-samples-master/cdeef8e11f84f5bbfe2ebcb7a20571d2
.html
some-samples-master/cdf4f36260549df807f21ed17dbeb630
.exe windows:4 windows x86 arch:x86

2e4e70556ef762103a5f4a3094ab65c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
HeapAlloc
GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
VirtualFree
FreeLibrary
WriteFile
GetStringTypeA
LCMapStringW
RtlUnwind
RaiseException
HeapReAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
SetUnhandledExceptionFilter
IsBadWritePtr
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
GetStringTypeW

user32

wsprintfA

Exports

Exports

Update

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/cdf943ec24fb888006ca5a50653e7c2f
.js
some-samples-master/ce0a28a558b07ad3d9fa7b1225e5aa09
.exe windows:4 windows x86 arch:x86

836181d3de2374ca11b190699fed9d3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseEventLog
ClearEventLogA
OpenEventLogA
RegCloseKey
RegSetValueExA
RegCreateKeyA
DeleteService
OpenServiceA
OpenSCManagerA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegOpenKeyA
GetUserNameA
CreateProcessAsUserA
SetTokenInformation
DuplicateTokenEx
OpenProcessToken
SetServiceStatus
RegisterServiceCtrlHandlerA
StartServiceCtrlDispatcherA
CloseServiceHandle
StartServiceA
UnlockServiceDatabase
ChangeServiceConfig2A
LockServiceDatabase
CreateServiceA

msvcrt

_controlfp
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
_beginthreadex
strncmp
sprintf
rand
atol
printf
atoi
free
realloc
strchr
strncat
_except_handler3
exit
_iob
strrchr
malloc
??2@YAPAXI@Z
strstr
_CxxThrowException
_ftol
__CxxFrameHandler
ceil
memmove
??3@YAXPAX@Z
_strcmpi
_strnicmp
_strupr
__set_app_type

mfc42

ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord641
ord2514
ord2621
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord3830
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord1146
ord1168
ord800
ord4160
ord540
ord2863
ord2379
ord755
ord470
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord2648

kernel32

GetCurrentThreadId
lstrcmpiA
DefineDosDeviceA
CopyFileA
SetFileAttributesA
CreateDirectoryA
GetCurrentProcess
ExitProcess
CreateMutexA
OpenEventA
GetVersionExA
GetSystemInfo
GetLocalTime
GetModuleHandleA
GlobalMemoryStatusEx
OutputDebugStringA
DeleteFileA
GetSystemDirectoryA
GetTempPathA
MoveFileA
MoveFileExA
GetModuleFileNameA
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateThread
lstrcpyA
GetTickCount
lstrcatA
GetStartupInfoA
CreateProcessA
GetLastError
SetFilePointer
WriteFile
LocalSize
LocalFree
GetWindowsDirectoryA
GetFileAttributesA
CreateFileA
GetFileSize
ReadFile
lstrlenA
LocalReAlloc
LocalAlloc
FreeLibrary
IsBadReadPtr
VirtualFree
VirtualProtect
HeapReAlloc
HeapAlloc
ResetEvent
CancelIo
InterlockedExchange
SetEvent
WaitForSingleObject
CloseHandle
CreateEventA
VirtualAlloc
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryA
GetProcAddress
RaiseException

user32

GetClientRect
GetSystemMetrics
IsIconic
CloseDesktop
SetThreadDesktop
DrawIcon
GetUserObjectInformationA
GetThreadDesktop
OpenDesktopA
GetSystemMenu
EnableWindow
AppendMenuA
OpenInputDesktop
LoadIconA
GetWindowTextA
SendMessageA
EnumWindows
wsprintfA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

ws2_32

select
recv
send
closesocket
setsockopt
WSAIoctl
connect
htons
gethostbyname
socket
gethostname
getsockname
WSAStartup
WSACleanup

iphlpapi

GetIfTable

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ce63de48f8e73d825da0e6ce5f8d185c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nvtsrzw
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wtq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/ce669484916b528187752890f5c80c0f
.html
some-samples-master/ce759a2dbafd3ffb200c75cbf840a50f
.exe windows:4 windows x86 arch:x86

f674a6a73ef72a98d3df172819387a30

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5104

msvcrt

__getmainargs

kernel32

GetProcAddress
LoadLibraryA
VirtualProtect
GetModuleFileNameA
ExitProcess

user32

EnableWindow
MessageBoxA

Sections

.text
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 348KB - Virtual size: 345KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/cea5278394bce8713dc1f282619c0c44
.exe windows:5 windows x86 arch:x86

4a3e896b295785cf8d7280a6d79ca0e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
FindFirstFileW
GetCurrentThread
FileTimeToSystemTime
SetThreadPriority
FindClose
FindNextFileW
GetWindowsDirectoryW
GetCommandLineW
CreateDirectoryW
LoadLibraryW
lstrcmpiA
WTSGetActiveConsoleSessionId
MoveFileExW
SetFilePointer
SetEndOfFile
WriteFile
ExpandEnvironmentStringsW
GetPrivateProfileStringW
FlushFileBuffers
GetPrivateProfileIntW
GetUserDefaultUILanguage
CreateMutexW
SetErrorMode
GetComputerNameW
TerminateThread
WriteProcessMemory
CreateThread
SetHandleInformation
GetExitCodeProcess
ReadFile
GetExitCodeThread
CreatePipe
GetEnvironmentVariableW
FileTimeToDosDateTime
GetTempFileNameW
VirtualFree
GetTickCount
SystemTimeToFileTime
SetFilePointerEx
GetLogicalDriveStringsW
HeapFree
GetProcessHeap
SetFileTime
VirtualQueryEx
Thread32First
WideCharToMultiByte
ReadProcessMemory
HeapDestroy
HeapCreate
lstrcpynW
Thread32Next
GetTimeZoneInformation
MultiByteToWideChar
lstrlenW
GetTempPathW
GetFileSizeEx
OpenMutexW
VirtualProtectEx
VirtualAllocEx
RemoveDirectoryW
QueryDosDeviceW
GetFileTime
ReleaseMutex
FileTimeToLocalFileTime
GetVolumeNameForVolumeMountPointW
GetFileInformationByHandle
GetSystemTime
InterlockedExchange
GetLocalTime
ResetEvent
SetLastError
GetLastError
CreateEventA
SetFileAttributesW
GetLogicalDrives
GetDriveTypeW
lstrcmpiW
LoadLibraryA
FreeLibrary
GetFileAttributesW
GlobalUnlock
GlobalLock
GetCurrentProcessId
HeapReAlloc
OpenEventW
SetEvent
LocalFree
GetVersionExW
GetNativeSystemInfo
WaitForMultipleObjects
CreateEventW
Sleep
ResumeThread
DeleteFileW
DuplicateHandle
CreateToolhelp32Snapshot
VirtualProtect
Process32NextW
CreateFileMappingA
Process32FirstW
GetProcAddress
CreateFileW
TerminateProcess
CopyFileW
OpenProcess
CreateRemoteThread
IsBadReadPtr
GetModuleHandleW
GetCurrentProcess
CreateProcessW
WaitForSingleObject
UnmapViewOfFile
MapViewOfFile
GetFileSize
CloseHandle
GetFileAttributesExW
GetProcessId
EnterCriticalSection
VirtualAlloc
LeaveCriticalSection
VirtualFreeEx
InitializeCriticalSection
SetThreadContext
GetThreadContext
ExitProcess
ExitThread
GetModuleFileNameW
HeapAlloc

user32

CharUpperW
CharLowerA
GetDC
CharLowerW
MsgWaitForMultipleObjects
LoadImageW
ToUnicode
PeekMessageW
DispatchMessageW
GetForegroundWindow
CharLowerBuffA
GetKeyboardState
TranslateMessage
GetMessageW
GetCursorPos
GetIconInfo
DrawIcon
MessageBoxA
CharToOemW
ExitWindowsEx
GetClipboardData

advapi32

InitiateSystemShutdownExW
CryptCreateHash
AllocateAndInitializeSid
LookupPrivilegeValueW
SetNamedSecurityInfoW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CryptReleaseContext
RegCreateKeyExW
GetTokenInformation
GetSidSubAuthorityCount
OpenThreadToken
CryptAcquireContextW
GetSidSubAuthority
OpenProcessToken
CryptGetHashParam
IsWellKnownSid
RegCloseKey
RegEnumValueW
RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyW
EqualSid
RegQueryValueExW
RegQueryValueExA
ConvertSidToStringSidW
GetLengthSid
CreateProcessAsUserW
CreateProcessAsUserA
SetSecurityInfo
FreeSid
RegOpenKeyExW
GetSecurityDescriptorSacl
CheckTokenMembership
SetSecurityDescriptorSacl
CryptDestroyHash
AdjustTokenPrivileges
RegSetValueExW
GetSecurityDescriptorDacl
CryptHashData
RegEnumKeyExW
RegEnumKeyW
ConvertStringSecurityDescriptorToSecurityDescriptorW

shlwapi

PathUnquoteSpacesW
PathRemoveBackslashW
PathQuoteSpacesW
PathRenameExtensionW
StrCmpNIA
UrlUnescapeA
wvnsprintfW
PathIsDirectoryW
PathAddBackslashW
SHDeleteValueW
PathSkipRootW
SHDeleteKeyW
PathCombineW
PathAddExtensionW
PathMatchSpecW
wvnsprintfA
StrStrIA
StrStrIW
StrCmpNIW
PathRemoveFileSpecW
PathFindFileNameW
PathIsURLW

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW

secur32

GetUserNameExW

ole32

StringFromGUID2
CoInitializeEx
CoInitialize
CoGetObject
CLSIDFromString
CoUninitialize
CoSetProxyBlanket
CoCreateInstance
CoInitializeSecurity

gdi32

GetDeviceCaps

ws2_32

WSAGetOverlappedResult
WSARecv
WSAEventSelect
WSAEnumNetworkEvents
WSAConnect
WSAGetLastError
inet_addr
gethostbyname
getpeername
recvfrom
WSAIoctl
connect
WSAAddressToStringW
WSAStartup
getaddrinfo
WSASocketA
shutdown
setsockopt
sendto
recv
bind
socket
freeaddrinfo
WSASetLastError
send
listen
WSAWaitForMultipleEvents
getsockname
accept
WSACloseEvent
WSAResetEvent
closesocket
select
WSACreateEvent
WSASend

crypt32

PFXImportCertStore
CertDeleteCertificateFromStore
CryptUnprotectData
CertCloseStore
CertEnumCertificatesInStore
CertDuplicateCertificateContext
PFXExportCertStoreEx
CertOpenSystemStoreW

wininet

HttpQueryInfoA
InternetSetStatusCallbackA
InternetOpenA
InternetSetOptionA
InternetCrackUrlW
InternetCrackUrlA
InternetQueryOptionW
InternetConnectA
InternetQueryOptionA
InternetCloseHandle
HttpEndRequestW
HttpSendRequestA
HttpAddRequestHeadersA
HttpEndRequestA
InternetSetFilePointer
InternetGetCookieA
HttpOpenRequestW
HttpOpenRequestA
HttpAddRequestHeadersW
InternetSetStatusCallbackW
GetUrlCacheEntryInfoW
HttpSendRequestW
InternetReadFile
InternetReadFileExA
InternetQueryDataAvailable
HttpSendRequestExW
HttpSendRequestExA

oleaut32

SysAllocString
VariantClear
VariantInit
SysFreeString

netapi32

NetApiBufferFree
NetUserEnum
NetUserGetInfo

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

ntdll

NtQueryKey

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/cec5e83a54552fee86231ac1afdb3369
.zip
some-samples-master/ceec01f1321c4abd3a319adba71b8ce1
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/cefb05f0ede127802d891c0198efae76
some-samples-master/cefed00df3da22467d8a8d3e1f4d6bd9
.js
some-samples-master/cf16fca9623362b7e3fa644389e50664
.elf linux ppc
some-samples-master/cf1cff5e8db58b36b8a9c9f3dd189d14
.js
some-samples-master/cf224ae8ca294fcab87cfff024707722
.html
some-samples-master/cf36c081e492947b8f2d2b6022dad222
.exe windows:4 windows x86 arch:x86

d524f1ae55f37f3df54f67a58d24d838

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

57:f4:35:71:3a:b3:a2:c8:3f:51:4a:ed:de:1d:3d:e0
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

01-04-2016 00:00

Not After

01-04-2018 23:59

Subject

CN=Tiangua (Shanghai) Information Technology Co.\, Ltd.,OU=Administration Department,O=Tiangua (Shanghai) Information Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:09:3b:78:60:96:da:37:bb:a4:51:94:46:c8:96:78
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

57:f4:35:71:3a:b3:a2:c8:3f:51:4a:ed:de:1d:3d:e0
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

01-04-2016 00:00

Not After

01-04-2018 23:59

Subject

CN=Tiangua (Shanghai) Information Technology Co.\, Ltd.,OU=Administration Department,O=Tiangua (Shanghai) Information Technology Co.\, Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10-12-2013 00:00

Not After

09-12-2023 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

12-01-2016 00:00

Not After

11-04-2027 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

50:85:b2:af:d2:93:d5:af:0e:6e:d0:58:cf:b1:ef:f1:38:7f:6e:a4:31:eb:a3:f7:e0:66:b1:e9:91:34:bd:fa
Signer

Actual PE Digest

50:85:b2:af:d2:93:d5:af:0e:6e:d0:58:cf:b1:ef:f1:38:7f:6e:a4:31:eb:a3:f7:e0:66:b1:e9:91:34:bd:fa

Digest Algorithm

sha256

PE Digest Matches

true

7a:8b:cd:05:8c:78:72:16:10:f0:f4:4f:a5:1f:5d:84:75:2c:dc:e2
Signer

Actual PE Digest

7a:8b:cd:05:8c:78:72:16:10:f0:f4:4f:a5:1f:5d:84:75:2c:dc:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalAlloc
CloseHandle
SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
GlobalUnlock
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
SetErrorMode
lstrcpyA
lstrcpynA
lstrcatA
LoadLibraryA
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetDiskFreeSpaceA
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
GetSystemDirectoryA
GetVersion
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MulDiv
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GlobalSize
ExitProcess

user32

SetClassLongA
IsWindowEnabled
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetSystemMenu
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
RegisterClassA
DialogBoxParamA
CharNextA
ExitWindowsEx
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
EnableMenuItem
GetWindowRect
ScreenToClient
SetWindowPos
EndDialog
AppendMenuA
GetClassInfoA
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfA
FindWindowExA
IsWindow
GetDlgItem
SetWindowLongA
GetClientRect
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
SendMessageTimeoutA

gdi32

SetBkMode
SetBkColor
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetTextColor
CreateFontIndirectA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegEnumKeyA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumValueA
RegCloseKey

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CLSIDFromString
OleInitialize
OleUninitialize
CoTaskMemFree
StringFromGUID2
CoCreateInstance

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/cf3c11163f16ea2ce4e0fdc884c31722
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 736KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 566KB - Virtual size: 568KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/cf8653a6dbf85aa040cbaed7cf1a3ed1
.html
some-samples-master/cfded8a417076735991b2794cd5c06de
.js
some-samples-master/d00416030648bd71dc9fbc683a825738
.html
some-samples-master/d016fb749d9eccaaf0e1fe37518c6211
.html
some-samples-master/d072cd602211a6b4a1eda968df36cdc1
.html
some-samples-master/d1106eca191bc809c887408fc3c9dff4
.html .js polyglot
some-samples-master/d139e43966c2e729e0107beae0baed35
.html
some-samples-master/d13b06de9c292645ad49db2191a84f1b
.html .js polyglot
some-samples-master/d14bc9efe80aeb7d172cbb590f80eba7
.exe windows:4 windows x86 arch:x86

b2843997cc6f0d26753c1e029a6c5e56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comsvcs

CoEnterServiceDomain
CoLoadServices
RecycleSurrogate

user32

CreateWindowExA
IsDialogMessageA
DispatchMessageW
GetClassLongA
wsprintfA
CharToOemA
LoadIconA
DialogBoxParamA
MessageBoxW
GetDlgItemTextW
PostMessageA

kernel32

LoadLibraryA
GetCommandLineA
EncodePointer
FindResourceExW
FormatMessageA
DeleteFileW
SetPriorityClass
OpenFileMappingW
OpenEventW
SetEnvironmentVariableA
OpenSemaphoreW
CreateJobObjectW
GetModuleHandleA
GetFileAttributesA
GetTempFileNameW
WaitForSingleObject
WriteConsoleW
CreateSemaphoreA
lstrcmpiA
CreateProcessA
CreateDirectoryW
GetProcAddress

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.opc
Size: 522KB - Virtual size: 522KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/d1549f77b6a5fec34df3d8a5c4c08d2e
.elf linux arm
some-samples-master/d1695c690caf5bb065b21eb5d11d7e40
some-samples-master/d172a64bc554fe6cfc1b34e6bb4eed34
.elf linux sparc
some-samples-master/d18b9a1f2079e4cf2229334c7414d5c1
.html .js polyglot
some-samples-master/d18cce73806b8ee548f006209d95996e
.html
some-samples-master/d19d5fd8abceddd07506a18829f9dd0c
.elf linux mipsel
some-samples-master/d21ecc08d442e227087064634912bed3
.exe windows:4 windows x86 arch:x86

fea289f72e393151a0c95108f5473d98

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

l*x3c/|SHi92XCHgH8.9nwc*QhFhjUy

Imports

shell32

SHBrowseForFolderA

shlwapi

PathIsDirectoryEmptyW

kernel32

FreeLibraryAndExitThread
ReleaseMutex
PostQueuedCompletionStatus
RemoveDirectoryW
SetEnvironmentVariableW
WTSGetActiveConsoleSessionId

ole32

CoFreeLibrary
PropVariantClear
OleLoadFromStream

mprapi

MprAdminTransportGetInfo

rpcrt4

NdrOleFree

gdi32

FillRgn
PtVisible

user32

GetMenuStringW
GetDialogBaseUnits
SubtractRect
GetDlgItemInt

advapi32

QueryServiceConfigA
CheckTokenMembership

crypt32

CryptSIPAddProvider

wintrust

CryptCATAdminReleaseCatalogContext

Sections

.text
Size: 4KB - Virtual size: 656B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Yc|LjXl
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jA
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

o7F8m2
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

B
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iklbSk
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/d21f11d0b06e1c3d9505df16b70d6fd1
.html .js polyglot
some-samples-master/d21f48ba215faa68388323950b2edcc2
.exe windows:4 windows x86 arch:x86

d3137d8196eb945f8d7a79d6c88241a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
ExitProcess
FindAtomA
GetAtomNameA
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
free
malloc
memcpy
memset
signal
strcpy
strlen
wcscpy

user32

BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
CloseClipboard
CreateAcceleratorTableW
CreateDialogIndirectParamW
CreateDialogParamW
CreateIconIndirect
CreateMenu
CreateWindowExW
DefFrameProcW
DefMDIChildProcW
DefWindowProcW
DeferWindowPos
DestroyIcon
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndPaint
EnumClipboardFormats
EnumDisplaySettingsW
EnumWindows
FillRect
GetActiveWindow
GetAsyncKeyState
GetCapture
GetClassInfoW
GetClientRect
GetClipboardData
GetClipboardFormatNameW
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetMenuItemInfoW
GetMenuStringW
GetMessagePos
GetMessageW
GetScrollInfo
GetSubMenu
GetSysColor
GetSystemMenu
GetSystemMetrics
GetUpdateRect
GetWindow
GetWindowDC
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
HideCaret
InsertMenuItemW
InsertMenuW
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapWindowPoints
MessageBeep
MessageBoxW
MoveWindow
OffsetRect
OpenClipboard
PeekMessageW
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
ReleaseCapture
RemoveMenu
ScreenToClient
SendMessageW
SetCursor
SetCursorPos
SetMenu
SetMenuItemInfoW
SetParent
SetWindowLongW
SetWindowPos
SetWindowTextW
SetWindowsHookExW
ShowCursor
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterHotKey
VkKeyScanW
WaitForInputIdle
WindowFromPoint

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 62KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/d23176869e24a7453b5ef9927ee08cc3
.js
some-samples-master/d23396675f0151f6bedab15716e1432c
.html .js polyglot
some-samples-master/d236705b092a3b4a793259655408248b
.html
some-samples-master/d2927cfcd90cfe99b31dab842f4c1613
.html
some-samples-master/d2c10533d276a040e300148f40dd8728
.html
some-samples-master/d2e390da7b8ec0938f58bb287446f4f3
.js
some-samples-master/d2f78620bdf6bfba184c106f5a11b2d6
.js
some-samples-master/d335904e0fc1209cced63553bebb5203
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 515KB - Virtual size: 515KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/d33e5c9e30adf4e6683e03c0dede325f
.html .js polyglot
some-samples-master/d34895fd2a2b17676c9af2dcf218de44
.html .js polyglot
some-samples-master/d39a21237aa12924317349601549b1e8
.js
some-samples-master/d3ad3045763fb4a19468d9cec3503e8a
.js
some-samples-master/d3c5839bd39aecc9eab63d0fe88b4878
.html .js polyglot
some-samples-master/d40c91e2f94a124f98102c8c143bb563
.elf linux x86
some-samples-master/d40da1f72e74cc5c70d4acfdb1bfcf8e
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/d41c11007f31a899f63615264baa854e
.js
some-samples-master/d41d2529169d46f958301571a1e465ba
.js
some-samples-master/d42d72973702750033976d58e8f4c0b2
.js
some-samples-master/d43aafc1951cc496fdd5be251cd46055
.html
some-samples-master/d4f0ec1aaad947b0af4dae825c62eefd
.html .js polyglot
some-samples-master/d4f9b2d14a8081e453305109b4583c7d
some-samples-master/d51a275d1eeca59849ba6fc7fb65dab7
.exe windows:4 windows x86 arch:x86

d8f5f326d59bd53d34818d2c72e3b0d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
WinExec
GetTickCount
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
SetFilePointer
WriteFile
CreateFileA
SetPriorityClass
LoadResource
FindResourceA
EnumResourceNamesA
WaitForSingleObject
GetLastError
GetWindowsDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
TerminateProcess
ExitThread
GetStartupInfoA
GetCurrentProcess
GetCurrentThread
SetThreadPriority
Sleep
CreateThread
LoadLibraryA
LockResource
GetProcAddress
GetModuleHandleA
CreateProcessA

user32

GetDesktopWindow
wsprintfA

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA
ShellExecuteA

ws2_32

closesocket
WSAStartup
inet_ntoa
select
recv
setsockopt
WSAIoctl
socket
connect
htonl
send
WSACleanup
__WSAFDIsSet
inet_addr
sendto
htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

netapi32

NetUserAdd
NetLocalGroupAddMembers

msvcrt

sprintf
strcmp
??2@YAPAXI@Z
_onexit
__dllonexit
_controlfp
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
strncmp
strcat
wcscpy
realloc
malloc
strlen
atoi
strncpy
strcspn
memset
strstr
strcpy
exit
memcpy
localtime
time
free

Sections

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/d53298c67d13fb3dc1b893d6eedca3c6
.html .js polyglot
some-samples-master/d54ad91040d21c63c0006582b8f7c65d
.html .js polyglot
some-samples-master/d559b3cd61edf5ccdb477d75d1ea09f8
.html .js polyglot
some-samples-master/d5917b9bd531451af910b1464e79fd0f
.js
some-samples-master/d5aff57f860a4fd20f4984c6f101fecf
.js
some-samples-master/d5dd6485c449a5595cb1bf8aee934d4c
.exe windows:4 windows x86 arch:x86

d9ebf34ca4224d1d0d30f8cb3e335bef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
SysFreeString
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RevertToSelf
RegQueryValueExA
RegOpenKeyExA
RegFlushKey
RegCloseKey
OpenThreadToken
ImpersonateLoggedOnUser

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
CreateWindowExA
WindowFromPoint
WaitMessage
UpdateWindow
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoA
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExA
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetWindowLongA
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRect
SetPropA
SetParent
SetMenuItemInfoA
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongA
SetCapture
SetActiveWindow
SendMessageW
SendMessageA
ScrollWindow
ScreenToClient
RemovePropA
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
RegisterClipboardFormatA
RegisterClassA
RedrawWindow
PtInRect
PostQuitMessage
PostMessageA
PeekMessageW
PeekMessageA
OffsetRect
OemToCharA
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxA
MapWindowPoints
MapVirtualKeyA
LoadStringA
LoadKeyboardLayoutA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageW
IsDialogMessageA
IsChild
InvalidateRect
IntersectRect
InsertMenuItemA
InsertMenuA
InflateRect
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowLongA
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropA
GetParent
GetWindow
GetMessagePos
GetMenuStringA
GetMenuState
GetMenuItemInfoA
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameA
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextA
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClipboardData
GetClientRect
GetClassLongA
GetClassInfoA
GetCapture
GetActiveWindow
FrameRect
FindWindowExA
FindWindowA
FillRect
EqualRect
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextA
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawEdge
DispatchMessageW
DispatchMessageA
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcA
DefMDIChildProcA
DefFrameProcA
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CharNextW
CallWindowProcA
CallNextHookEx
BeginPaint
CharNextA
CharLowerBuffA
CharLowerA
CharUpperBuffA
CharToOemA
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryA
RemoveDirectoryA
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentDirectoryA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringA
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
lstrcpyA
WritePrivateProfileStringA
WriteFile
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQuery
VirtualFree
VirtualAllocEx
VirtualAlloc
TryEnterCriticalSection
TerminateProcess
SuspendThread
Sleep
SizeofResource
SetThreadLocale
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResumeThread
ResetEvent
RemoveDirectoryA
ReadFile
RaiseException
MultiByteToWideChar
MulDiv
LockResource
LoadResource
LoadLibraryA
LeaveCriticalSection
InitializeCriticalSection
GlobalFindAtomA
GlobalDeleteAtom
GlobalAddAtomA
GetVersionExA
GetVersion
GetTimeZoneInformation
GetTickCount
GetThreadLocale
GetTempPathA
GetTempFileNameA
GetSystemDirectoryA
GetStdHandle
GetProcAddress
GetPrivateProfileStringA
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileSize
GetFileAttributesExA
GetFileAttributesA
GetExitCodeThread
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
FreeLibrary
FormatMessageA
FindResourceA
FindNextFileA
FindFirstFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateFileA
CreateEventA
CreateDirectoryA
CompareStringA
CloseHandle
Sleep
GetProcAddress
GetModuleHandleA

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetWinMetaFileBits
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetEnhMetaFileBits
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RestoreDC
Rectangle
RectVisible
RealizePalette
Polyline
PlayEnhMetaFile
PatBlt
MoveToEx
MaskBlt
LineTo
IntersectClipRect
GetWindowOrgEx
GetWinMetaFileBits
GetTextMetricsA
GetTextExtentPoint32A
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectA
GetEnhMetaFilePaletteEntries
GetEnhMetaFileHeader
GetEnhMetaFileBits
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
ExtTextOutA
ExcludeClipRect
DeleteObject
DeleteEnhMetaFile
DeleteDC
CreateSolidBrush
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectA
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
CopyEnhMetaFileA
BitBlt

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

ole32

CoUninitialize
CoInitialize
CoCreateGuid

comctl32

_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create

crypt32

CryptUnprotectMemory
CryptProtectMemory

Sections

.text
Size: 807KB - Virtual size: 806KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/d5e0bfc38fd53f36ac5e79d935397468
.js
some-samples-master/d5e42cd4f1fe533b63a14cd63a2baa6f
.exe windows:5 windows x86 arch:x86

23ee14b7b8bad73645664a22cfd7f754

Code Sign

54:7c:fd:c5:d7:0f:d7:c9:44:a9:ba:11:e8:8c:cb:1c
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06-11-2015 00:00

Not After

05-11-2016 23:59

Subject

CN=PC Utilities Software Limited,OU=IT Department,O=PC Utilities Software Limited,POSTALCODE=W1H 1DP,STREET=78 York Street,L=London,ST=England,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19-01-2010 00:00

Not After

18-01-2038 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:1b:80:ce:9a:43:f1:e3:46:7d:57:b3:f5:91:68:6a:5f:ab:8a:b6
Signer

Actual PE Digest

dd:1b:80:ce:9a:43:f1:e3:46:7d:57:b3:f5:91:68:6a:5f:ab:8a:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\CPPwrapper_VS2010\Release_RS\optimizerpro_silent.pdb

Imports

kernel32

GetExitCodeProcess
GetModuleFileNameW
SizeofResource
LockResource
CloseHandle
WaitForSingleObject
CreateProcessW
LoadResource
GetTempPathW
FindResourceA
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
IsProcessorFeaturePresent
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
LoadLibraryW
GetProcessHeap

advapi32

RegCloseKey
RegFlushKey
RegCreateKeyExW
RegSetValueExW

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/d641d03278ed1558ed007a422248f672
.html .js polyglot
some-samples-master/d65d885edd80179b57bd8918877abb63
.html .js polyglot
some-samples-master/d6c49e52d7bbe1193cacf22eb9fda64e
.elf linux ppc
some-samples-master/d6c4ca1164323b956f0e3607af4e7997
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 544KB - Virtual size: 543KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/d6d32fcfaf0eccd97569ad1c5348b940
some-samples-master/d6deabd6f5c2abbe667cc4949389053c
.html
some-samples-master/d6e891d3305722d04ee78d77449d1c7d
.html .js polyglot
some-samples-master/d708957fc9e6b95e6b9a61d066f249cd
.js
some-samples-master/d70f6658dba1caad05023ce40a1d8672
.js
some-samples-master/d73eccd2ef8f86ae8703a71126cec96e
.js
some-samples-master/d75e63ed78c0cd94701a3baef8639dcb
some-samples-master/d7c67bd8a5b196805cfa2184747ebc12
some-samples-master/d7ce6de74741ec8cd22bd5bc68e63a26
.html .js polyglot
some-samples-master/d7da155bfdcb5f9845897c22898c5df5
.js
some-samples-master/d8370e8b5aab1149efc1424cfdcd28f5
.exe windows:4 windows x86 arch:x86

6805231ec0fe3b475654b6c458955f91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
__vbaStrVarMove
ord588
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
ord698
__vbaFreeObjList
ord516
_adj_fprem1
ord518
__vbaSetSystemError
__vbaHresultCheckObj
_adj_fdiv_m32
ord667
__vbaAryDestruct
__vbaOnError
__vbaObjSet
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord521
__vbaVarTstLt
_CIsin
__vbaChkstk
ord526
EVENT_SINK_AddRef
ord528
__vbaStrCmp
__vbaVarTstEq
DllFunctionCall
ord672
__vbaLbound
_adj_fpatan
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
_adj_fprem
_adj_fdivr_m64
ord609
__vbaFPException
__vbaDateVar
_CIlog
ord646
ord648
__vbaNew2
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaFreeStrList
_adj_fdivr_m32
_adj_fdiv_r
ord685
ord100
__vbaVarAdd
__vbaVarDup
ord617
_CIatan
__vbaStrMove
ord619
ord543
_allmul
_CItan
ord547
__vbaFPInt
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 420KB - Virtual size: 417KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/d868ac1976ee2c73fe29f46cdbb3f259
.html .js polyglot
some-samples-master/d8afe0f4acafeae5cc82df64eef13c87
.html
some-samples-master/d8ca71f7822250cd95e06bf8f29402a1
.js
some-samples-master/d94ca95a8d1861c60d39ceeb37a00f14
.js
some-samples-master/d996bc46368ac150b0a3889840616ec8
.html .js polyglot
some-samples-master/d9a8031a798c8a47cecbc651b299f4c3
.js
some-samples-master/d9ad1370df4f7e487beb12195545cedc
some-samples-master/d9e05284b48678a955a8e819d6608b8d
.js
some-samples-master/da2fbd655a73b75a276dd898129a45b0
.html .js polyglot
some-samples-master/da44b83707303399cbc8e41c5acbac25
.js
some-samples-master/dadc22d15720e1e4448d0fb882ed1d47
.html .js polyglot
some-samples-master/daec0856a585570cd24c46f22101ba4c
.js
some-samples-master/daf7d9ff71dcd95717b372e1e82a0d8b
.html .js polyglot
some-samples-master/db1af04f9efd88abeacfad240b429ca7
.html
some-samples-master/db269f2a050c6978ac1cb490c6c454c3
.html .js polyglot
some-samples-master/db662db42c459bae82e61a1124bb5acf
.html .js polyglot
some-samples-master/db8d6b7f564a12031e53b40be620a0f7
.html .js polyglot
some-samples-master/dba4392409bcdab39f54f7805aae4e50
.js
some-samples-master/dba5944ca8ec2ce11e9102624eb17a97
.js
some-samples-master/dbc902b4a5d2e9f8f14921e1a5a1fbfe
.js
some-samples-master/dc1206501c6ac212a6551173ccb01adb
.js
some-samples-master/dc45e9b83bc083ec834af1ab4f8a4d62
.html
some-samples-master/dc6feb0461b16e1289356763db0f521d
.html
some-samples-master/dc6ffa1729ac0979b4d35e5220c02bda
.html .js polyglot
some-samples-master/dca6264d41ed671cc2775f8ed78a318b
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/dcd8d8b1414e0468de7f91fc4ef54bf5
.js
some-samples-master/dcf2adeb9db35d00eaf4486c5e9f4920
.js
some-samples-master/dd25af87eb0eefa814b408319e7d65b0
.js
some-samples-master/dd35978174faf5f379086ea20b88160b
.js
some-samples-master/dd3678f180a30f77ccd401bb51c1386b
.html
some-samples-master/dd38434c300dfdd7842e618b30380edc
.html .js polyglot
some-samples-master/dd4d46b9612efc391469bba8553358b6
.exe windows:5 windows x86 arch:x86

4639f5d4787f9d3a0cc3d592d2dcb799

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostMessageW
DispatchMessageA
MessageBoxW
LoadStringW
GetPropW
GetClassLongA
IsCharUpperW
DrawStateA
IsDialogMessageW
LoadMenuW
CreateWindowExA
LoadIconW
LoadCursorA

kernel32

WaitForSingleObject
GetCurrentProcessId
GetModuleHandleW
GetFileAttributesW
FindNextFileA
GetTempPathA
GetModuleFileNameW
IsBadStringPtrW
GetExpandedNameA
GetCurrentThreadId
LoadLibraryA
GetProfileSectionW
GetProcAddress
GetStringTypeA
WaitNamedPipeW
LeaveCriticalSection
GetConsoleAliasA
SearchPathA
GetLogicalDriveStringsW

rsaenh

CPDecrypt
CPEncrypt

cfgmgr32

CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range
CMP_Init_Detection

resutils

ClusWorkerStart
ResUtilDupString

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/dd69536d5d6bea26f4424b63753d2a49
.js
some-samples-master/dd72e6365ae9749b83fda8384821b652
.js
some-samples-master/dd73bcacbe137d6c5fcba6978b33cc0d
.html .js polyglot
some-samples-master/dd770e70c171392ff64d471480c051f2
.html .js polyglot
some-samples-master/dd81d6b27076ae3fd1e591aa40e2ebeb
.html .js polyglot
some-samples-master/dda447b0f98ccf4f1861f05d48ceb7a5
.html
some-samples-master/ddaa506da3c0d95c91dc0e72e0e7f56f
.js
some-samples-master/ddbcac3eeafd7b58ac80f17be0263eb9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/ddbd0ced0ffdbe743de7d4c13824fe38
.html
some-samples-master/ddd243e88dd0d09b93613781cc6a15e2
some-samples-master/ddd756dc9571b4c82950fd0fcc85efac
.html .js polyglot
some-samples-master/dde72ae232dc63298465861482d7bb93
.html .js polyglot
some-samples-master/ddf32f088e09502d74b4611ea1aed296
.html .js polyglot
some-samples-master/ddf47abbabb81324524a67cd54712c1f
.exe windows:4 windows x86 arch:x86

832369e0b9a74e8d7a83f515ce972151

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord825
ord815
ord6215
ord617
ord5301
ord5214
ord296
ord986
ord520
ord823
ord4159
ord6117
ord1134
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1842
ord4242
ord2723
ord2390
ord3059
ord5100
ord5103
ord4467
ord4079
ord3350
ord5012
ord975
ord5472
ord3403
ord2879
ord2878
ord4151
ord6055
ord4077
ord1776
ord5237
ord5282
ord2649
ord1665
ord4436
ord4427
ord366
ord674
ord5252
ord1825
ord4238
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord4953
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord338
ord652
ord4823
ord1945
ord4273
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4723
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord5240
ord5290
ord3748
ord1726
ord4432
ord560
ord813
ord5260
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4303
ord4612

msvcrt

__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
realloc
free
_CxxThrowException
malloc
printf
__CxxFrameHandler

kernel32

Sleep
WriteFile
GetProcAddress
LoadLibraryA
ReadFile
GetFileSize
HeapAlloc
GetProcessHeap
VirtualAlloc
IsBadReadPtr
HeapFree
VirtualFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA
CloseHandle

user32

EnableWindow
UpdateWindow

Exports

Exports

stricmp

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/de13dacfd43d4a25d4c1e7eb28ab2b06
.js
some-samples-master/de424bf9c8109483cfa723c96f67b321
.html .js polyglot
some-samples-master/de75e96cb731b813ac2fa4960b188d92
.exe windows:5 windows x86 arch:x86

1a3ba13d10350f5e967083e63e146a2f

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

7f:44:37:97:b5:49:80:e5:5b:1c:b2:c5:66:21:d3:ed
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-07-2017 00:00

Not After

03-07-2018 23:59

Subject

CN=NAMOS\, LLC,OU=IT,O=NAMOS\, LLC,POSTALCODE=394036,STREET=prospekt Revolyutsii\, d. 23 ofis 5,L=Voronezh,ST=RU,C=RU,2.5.4.18=#1306333934303336

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19-01-2010 00:00

Not After

18-01-2038 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4a:83:65:7d:2f:ee:e3:a7:ae:2d:d3:b1:5c:d3:c1:67:89:18:b1:a4
Signer

Actual PE Digest

4a:83:65:7d:2f:ee:e3:a7:ae:2d:d3:b1:5c:d3:c1:67:89:18:b1:a4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventW
Sleep
GetLastError
LockResource
GlobalAlloc
GlobalFree
CloseHandle
GlobalLock
GlobalUnlock
WriteConsoleW
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
FindResourceA
SizeofResource
LoadResource
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetStringTypeW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
RaiseException
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleExW
GetStdHandle
WriteFile
GetACP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
CreateFileW

user32

CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
OpenClipboard

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 22.9MB - Virtual size: 22.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/de8a03cda24007751d76f6db55b8a14b
.exe windows:5 windows x86 arch:x86

f348ecda9aa5f02d9b17ef53645528ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetThreadTimes
OutputDebugStringW
LCMapStringW
GetModuleHandleA
SetLastError
GetProcAddress
GetLastError
ExitThread
GetCPInfo
lstrlenA
GetStringTypeW
ExitProcess
EncodePointer
DecodePointer
GetCommandLineA
RaiseException
RtlUnwind
IsProcessorFeaturePresent
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
HeapFree
HeapAlloc
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
GetModuleFileNameW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
CreateFileW

user32

LoadMenuIndirectA
LoadMenuA
LockWindowUpdate
LoadIconW
MapVirtualKeyA
GetRegisteredRawInputDevices
MapVirtualKeyExW
GetMenuState
LoadCursorFromFileW
GetAltTabInfoW
LoadStringW
LoadAcceleratorsA
LoadBitmapW
LoadImageA
LoadCursorA
GetDialogBaseUnits

gdi32

StretchDIBits
StretchBlt

advapi32

ControlService
ChangeServiceConfigW
CloseServiceHandle
OpenServiceA
ClearEventLogW

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 857KB - Virtual size: 856KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/de8c652a7315c8e319d9e2e60a2f49ef
.html .js polyglot
some-samples-master/deab47a8a532a1ed7b8557e0208db7ab
.html .js polyglot
some-samples-master/dec78ab18e8efbc1fa61766ef2be4a2a
.html .js polyglot
some-samples-master/ded118cfa09bd5aed452d26076d9428c
.js
some-samples-master/dedcd8d879afc6414617270da800dc2c
.js
some-samples-master/dee19f0deb7cc3cb6fa9ea0422ef38fc
.html
some-samples-master/dee8a0ec5a8136f7a61828e05e0d0903
.js
some-samples-master/deed3a3ac601dfc6d01bddbe1e35a59e
.exe windows:5 windows x86 arch:x86

34777d7aef5134fd431006c35a3398b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
DuplicateHandle
OpenEventA
CreateFileMappingA
LoadLibraryA
GetModuleHandleA
CreateFileA
DeleteFileA
FindFirstFileA
CompareStringA
CompareStringW
SetThreadLocale
WaitForSingleObject
GetFileSize
ReadFile
GetTickCount
OpenEventW
OpenSemaphoreW
GetFileType
CreateFileW
DecodePointer
EncodePointer
WriteConsoleW
SetFilePointerEx
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetConsoleCtrlHandler
GetProcessHeap
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcess
GetModuleFileNameW
GetProcAddress
GetCommandLineW
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
TerminateProcess
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetCurrentThread
OutputDebugStringA
OutputDebugStringW
WaitForSingleObjectEx
CreateThread
FindClose
FindFirstFileExA
FindFirstFileExW
FindNextFileA
FindNextFileW
IsValidCodePage
GetOEMCP
GetCPInfo
RaiseException

user32

GetAltTabInfoA
FindWindowExW
DeleteMenu
GetMenu
GetClipboardData
SetWindowPos
CloseWindow
GetAltTabInfoW
GetWindow
GetWindowTextLengthW
GetWindowTextW
GetWindowTextA
IsZoomed
OpenIcon
DefWindowProcA
ShowWindow

gdi32

CreateSolidBrush
GetPixelFormat

oleaut32

SafeArrayCreate

Sections

.text
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/def03c7e2ff7606986d35e6c35deb944
.exe windows:4 windows x86 arch:x86

da2c25e045f4fbf2ca264bbb89e6fa2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord459
ord561
ord825
ord743
ord5500
ord617
ord5301
ord6354
ord6352
ord5214
ord296
ord2036
ord986
ord520
ord823
ord4159
ord6117
ord2621
ord1134
ord1205
ord1199
ord1247
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord2486
ord4003
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord2725
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord1206
ord2623
ord338
ord1223
ord4823
ord1849
ord4244
ord2583
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord4403
ord5240
ord5290
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5253
ord3998
ord4723
ord1942
ord4272
ord5259
ord1859
ord4246
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord4163
ord2120
ord4457
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4953
ord4612
ord1168

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
_setmbcp

kernel32

GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
GetProcessHeap
VirtualFree
FreeLibrary
VirtualAlloc
IsBadReadPtr
ExitProcess
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
EnableWindow

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/def65e6d8862ee7871d933ca2a208a1a
some-samples-master/df108edef95fe747b8a4441aec74b6f0
.html .js polyglot
some-samples-master/df74a29eee4ebd61ba58282feef496b1
.html .js polyglot
some-samples-master/df7ca9188dee1680adfb287a8b4acf66
some-samples-master/e01b70da0666b57a9e47e62e8dc8cad6
.html .js polyglot
some-samples-master/e0286862ed8a329498ab0559ef1ea355
.js
some-samples-master/e03800f5a072b9b6a50d70d7e0d47f18
.js
some-samples-master/e03ed1aec9bd71a39ed26a42107c936b
.html .js polyglot
some-samples-master/e04d08d131d52894096d617ad9ba0334
.html
some-samples-master/e0520311b63f09caca32c0365e45c908
some-samples-master/e0638234fb697f2c4ff961fee8f702f6
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Intel\YaddekFizabab\Birrrrrrawarini\Birrrrrrawarini\obj\Release\YaMochnorMalSExXxXx.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/e06e5d9b492e060f6e1b12bdc715d20b
.html .js polyglot
some-samples-master/e07ccb9e0a8a8af1e8d6aa459bef8321
.html
some-samples-master/e0c9b706b33501c4eacfb11ea3ecc299
.exe windows:5 windows x86 arch:x86

abfb62dfc24fbc2fb2bdbbdd26faa0fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Documents and Settings\Administrator\桌面\20170823源码集合\20170730改版企业版2.9源码\serverdata\Release\NewTest.pdb

Imports

kernel32

Sleep
GetProcessHeap
GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
VirtualProtect
IsBadReadPtr
ReadFile
GetFileSize
lstrcpyA
CloseHandle
CreateFileA
FreeLibrary
WriteFile
DeleteFileA
GetFileAttributesA
GetLastError
GetCommandLineA
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
HeapCreate
HeapDestroy
VirtualFree
HeapFree
VirtualAlloc
GetModuleHandleW
ExitProcess
GetStdHandle
GetModuleFileNameA
RaiseException
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
RtlUnwind
SetConsoleCtrlHandler
InterlockedExchange
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetLocaleInfoW
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
CompareStringA
CompareStringW
SetEnvironmentVariableA

Exports

Exports

Kessmia

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e0db1d3d47e312ef62e5b0c74dceafe5
.exe windows:4 windows x86 arch:x86

98ce7b6533cbd67993e36dafb4e95946

Code Sign

04:7a:55
Certificate

Issuer

CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL

Not Before

03-03-2009 12:58

Not After

03-03-2024 12:58

Subject

CN=Certum Time-Stamping Authority,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

04:7a:53
Certificate

Issuer

CN=Certum CA,O=Unizeto Sp. z o.o.,C=PL

Not Before

03-03-2009 12:53

Not After

03-03-2024 12:53

Subject

CN=Certum Level III CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07:11:d3
Certificate

Issuer

CN=Certum Level III CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31-08-2010 14:56

Not After

01-09-2011 14:56

Subject

CN=Jernej Simoncic - Open Source Developer,OU=-,O=Open Source Developer,C=SI,1.2.840.113549.1.9.1=#0c0d6a65726e656a40656e612e7369

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

14:dd:2d:82:2b:b8:08:b2:32:8e:5d:2f:59:95:2c:89:f2:94:cf:97
Signer

Actual PE Digest

14:dd:2d:82:2b:b8:08:b2:32:8e:5d:2f:59:95:2c:89:f2:94:cf:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreatePipe
CreateProcessA
CreateThread
DeleteCriticalSection
DisconnectNamedPipe
DuplicateHandle
EnterCriticalSection
ExitProcess
ExitThread
FreeConsole
FreeLibrary
GetCurrentProcess
GetLastError
GetModuleHandleA
GetProcAddress
GetStdHandle
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
PeekNamedPipe
ReadFile
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TerminateThread
TlsGetValue
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WriteFile

msvcrt

_close
_dup
_itoa
_kbhit
_open
_read
_strcmpi
_strnicmp
_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_isatty
_onexit
_setjmp
_setmode
_sleep
_winmajor
abort
atexit
atoi
calloc
exit
fflush
fprintf
fputc
free
fwrite
getenv
gets
longjmp
malloc
memcmp
memcpy
memset
rand
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strlen
strncmp
strncpy
time
vfprintf

wsock32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getservbyname
getservbyport
getsockname
htons
inet_addr
inet_ntoa
listen
ntohs
recv
recvfrom
select
send
setsockopt
shutdown
socket

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 412B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/e0ddd8bf8e3b97ad25855721dc75daae
.exe windows:4 windows x86 arch:x86

fbbce7c2573190fd915a6974ae051f80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord2514
ord641
ord825
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord4465
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord4710
ord755
ord470
ord1168
ord823
ord2379
ord1146
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord5163
ord4673

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
strlen
malloc
free
__CxxFrameHandler
memcpy
memset
realloc
_stricmp
_controlfp

kernel32

GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
CloseHandle
WriteFile
CreateFileA
ReadFile
GetFileSize
GetModuleHandleA
GetStartupInfoA
LocalAlloc
InterlockedExchange
RaiseException
GetLastError
HeapAlloc

user32

LoadIconA
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetSystemMetrics
EnableWindow

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/e0e214814e4e4904e9d6e4155ded5bb9
.js
some-samples-master/e10a1937be37106c7d7ce427ed364eaf
.html .js polyglot
some-samples-master/e121aff3bfd19530775a62759d80f5ab
.exe windows:5 windows x86 arch:x86

48aa5c8931746a9655524f67b25a47ef

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

a3:3b:e1:82:9a:af:8b:89:42:1a:05:0d:ae:f3:92:64
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

28-02-2017 00:00

Not After

28-02-2020 23:59

Subject

CN=Uniblue Systems Limited,O=Uniblue Systems Limited,POSTALCODE=BKR9037,STREET=Dun Karm Street\, Birkirkara Bypass+STREET=Orange Point\, Floors 2/3,L=Birkirkara,ST=Malta,C=MT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a3:3b:e1:82:9a:af:8b:89:42:1a:05:0d:ae:f3:92:64
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

28-02-2017 00:00

Not After

28-02-2020 23:59

Subject

CN=Uniblue Systems Limited,O=Uniblue Systems Limited,POSTALCODE=BKR9037,STREET=Dun Karm Street\, Birkirkara Bypass+STREET=Orange Point\, Floors 2/3,L=Birkirkara,ST=Malta,C=MT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4e:b0:87:8f:cc:24:35:36:b2:d8:c9:f7:bf:39:55:77
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-256 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

74:be:2d:a3:c9:f9:ad:6b:32:4f:69:dd:17:da:65:68:29:96:ca:85:ff:93:77:09:e8:fa:54:6e:d4:c5:67:d0
Signer

Actual PE Digest

74:be:2d:a3:c9:f9:ad:6b:32:4f:69:dd:17:da:65:68:29:96:ca:85:ff:93:77:09:e8:fa:54:6e:d4:c5:67:d0

Digest Algorithm

sha256

PE Digest Matches

true

7b:f0:b6:88:dd:37:e5:51:2c:b5:eb:e2:61:1f:4b:df:df:a0:3e:e8
Signer

Actual PE Digest

7b:f0:b6:88:dd:37:e5:51:2c:b5:eb:e2:61:1f:4b:df:df:a0:3e:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
TranslateMessage
SetWindowLongW
PeekMessageW
MsgWaitForMultipleObjects
MessageBoxW
LoadStringW
GetSystemMetrics
ExitWindowsEx
DispatchMessageW
DestroyWindow
CharUpperBuffW
CallWindowProcW

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
SizeofResource
SignalObjectAndWait
SetLastError
SetFilePointer
SetEvent
SetErrorMode
SetEndOfFile
ResetEvent
RemoveDirectoryW
ReadFile
MultiByteToWideChar
LockResource
LoadResource
LoadLibraryW
GetWindowsDirectoryW
GetVersionExW
GetUserDefaultLangID
GetThreadLocale
GetSystemInfo
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeProcess
GetEnvironmentVariableW
GetDiskFreeSpaceW
GetCurrentProcess
GetCommandLineW
GetCPInfo
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
EnumCalendarInfoW
DeleteFileW
CreateProcessW
CreateFileW
CreateEventW
CreateDirectoryW
CloseHandle
Sleep

comctl32

InitCommonControls

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 21KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e13704dc84492cf81b084fcfaea122a5
.html
some-samples-master/e159f177c0019987f980c3d9115067c9
.html .js polyglot
some-samples-master/e178ae2e3d52d4832d71d4361532c2ec
.html .js polyglot
some-samples-master/e1a3849d9ee13b432bd23dbbac1be083
.html
some-samples-master/e1a4fb58f602d233ac0e334f35afd48d
.html
some-samples-master/e1ab36f3a28ad7affd5cbc5ff60b6696
.html .js polyglot
some-samples-master/e1c015b74e3b801c0ba620b28eae0920
.js
some-samples-master/e1d6fb6aa5de54f5b102139fc5755a37
.html .js polyglot
some-samples-master/e202942333bdc24c4fdb333f6025ab4e
.html .js polyglot
some-samples-master/e2255d4a0dd00448c1431d80189bff2f
.js
some-samples-master/e227808fc3cb0a2708a173ff23109280
.html .js polyglot
some-samples-master/e2853c01eba9b7670049fc0acc91ee43
.html .js polyglot
some-samples-master/e2a39cd5e27053e9afb8759be7d19da3
some-samples-master/e2e6511b453f10407e3af8fabe910f5a
.js
some-samples-master/e2ef1a9d9cc9374675a9e8b75128dc22
.js
some-samples-master/e2fc08abb71747347489813891ece28c
some-samples-master/e317fefe8ff4604044210ac28868df2f
.html
some-samples-master/e35430a825ad7b3026fbe661d83de8a9
some-samples-master/e35c9d795e7fb1db54465ef46d70efe6
.exe windows:4 windows x86 arch:x86

044dec470241ad7fdd7093da513665ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACloseCertType
CAEnumNextCA

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range

user32

wsprintfA
LoadBitmapA
IsDialogMessageA
DispatchMessageW
PostMessageA
CharToOemA
LoadIconA
IsCharLowerW
DialogBoxParamA
MessageBoxA
GetClassLongA
DrawStateW
PeekMessageW
InsertMenuW

comsvcs

CoEnterServiceDomain
CoLoadServices

kernel32

GetCommandLineW
InterlockedIncrement
CreateNamedPipeW
GetEnvironmentVariableW
WaitForSingleObject
GetLocalTime
CreateThread
GetComputerNameExA
CloseHandle
FindResourceExW
OpenThread
GlobalAddAtomW
GetConsoleTitleW
SetPriorityClass
FindNextFileA
CreateFileMappingW
FindFirstFileA
FormatMessageW
TlsGetValue
GetLogicalDriveStringsW
GetProcAddress
GetPrivateProfileStringA
CreateDirectoryW
CreateSemaphoreA
LoadLibraryA
SetEnvironmentVariableA
GetModuleHandleA

shlwapi

UrlGetPartA
PathCompactPathW
UrlCreateFromPathA
UrlCombineA
UrlEscapeW
UrlCompareW
UrlUnescapeW
PathIsRootW
UrlHashW
UrlIsNoHistoryA
UrlGetLocationW
PathCommonPrefixW
UrlIsW
PathCombineW

resutils

ClusWorkerStart
ClusWorkerTerminate

shell32

SHFree
DllCanUnloadNow
DragQueryFileA
DllGetVersion
SHBrowseForFolderW
SHGetFolderPathA
StrChrA
ExtractIconA
SHEmptyRecycleBinW
SHCreateDirectoryExW

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 540KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dec
Size: 512B - Virtual size: 256KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e37648c920bb6dbe81f898223d3c3410
.js
some-samples-master/e3a6275f5c2372acf53b29edf22e6a2c
.js
some-samples-master/e3c815c35e309a31931793e171a005af
.html .js polyglot
some-samples-master/e44a3a7ba38619890f2e57df1473243d
.html .js polyglot
some-samples-master/e46c51e8bfc36e889f36c0cde45f6aff
some-samples-master/e479e54f3bebdb83d35f3423d1a5ac3f
.html .js polyglot
some-samples-master/e49bce75070a7a3c63a7cebb699342b3
.exe windows:4 windows x86 arch:x86

fa395b73b0739b24f52b11e35c64cbc9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateProcessA
DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WriteProcessMemory

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
calloc
fflush
fprintf
free
fwrite
malloc
memcpy
memset
printf
puts
signal
sprintf
strtol
vfprintf

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 104B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/e4bf2a30dbd845dd020ff7d73f6e3a07
.exe windows:5 windows x86 arch:x86

cf40bfea6e1cefaed181156644c452a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CAEnumFirstCA
CAEnumNextCA
CACloseCertType
CACloseCA

modemui

drvGetDefaultCommConfigA
InvokeControlPanel

authz

AuthzFreeResourceManager
AuthzInitializeContextFromSid
AuthzAddSidsToContext
AuthzFreeContext

shell32

DragQueryFileA
DragFinish
ShellAboutA
SHGetDataFromIDListA
SHGetFileInfoA
FindExecutableA
SHFileOperationA
DragQueryPoint
SHGetMalloc
DragAcceptFiles
ExtractIconA
DllUnregisterServer
DuplicateIcon

kernel32

WaitNamedPipeA
LoadLibraryExA
SystemTimeToFileTime
GetProfileSectionA
Heap32First
OpenSemaphoreW
GetModuleHandleA
WaitForSingleObject
GetCurrentProcess
GetConsoleAliasW
CreateJobObjectA
GetCommandLineA
GetCurrentThread
CreateFileA
GetProcAddress
GetLogicalDriveStringsW
ReadConsoleA
GetStringTypeA
GetOEMCP
SearchPathA

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 554KB - Virtual size: 554KB

IMAGE_SCN_MEM_READ
some-samples-master/e51d220f7c36714e7b156e2b36ec80fe
.exe windows:4 windows x86 arch:x86

d8f5f326d59bd53d34818d2c72e3b0d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
WinExec
GetTickCount
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
SetFilePointer
WriteFile
CreateFileA
SetPriorityClass
LoadResource
FindResourceA
EnumResourceNamesA
WaitForSingleObject
GetLastError
GetWindowsDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
TerminateProcess
ExitThread
GetStartupInfoA
GetCurrentProcess
GetCurrentThread
SetThreadPriority
Sleep
CreateThread
LoadLibraryA
LockResource
GetProcAddress
GetModuleHandleA
CreateProcessA

user32

GetDesktopWindow
wsprintfA

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA
ShellExecuteA

ws2_32

closesocket
WSAStartup
inet_ntoa
select
recv
setsockopt
WSAIoctl
socket
connect
htonl
send
WSACleanup
__WSAFDIsSet
inet_addr
sendto
htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

netapi32

NetUserAdd
NetLocalGroupAddMembers

msvcrt

sprintf
strcmp
??2@YAPAXI@Z
_onexit
__dllonexit
_controlfp
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
strncmp
strcat
wcscpy
realloc
malloc
strlen
atoi
strncpy
strcspn
memset
strstr
strcpy
exit
memcpy
localtime
time
free

Sections

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e51f61bb721e597c4405d2a805cf20de
.js
some-samples-master/e5297cd3c8e1d2436ceec5a1202aadb9
.exe windows:4 windows x86 arch:x86

0fa9a08282241fecf69984aea760ef64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
GetProcessHeap
FreeLibrary
HeapAlloc
CloseHandle
WriteFile
Sleep
CreateFileA
ReadFile
GetFileSize
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

msvcr80

exit
_acmdln
_ismbblead
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc
memset
memcpy
_initterm
_stricmp

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e54ad8dadb4dadcdf6c0e3a13a077192
.elf linux x64
some-samples-master/e5511f2e961a0d1d382d37741daedc42
.exe windows:5 windows x86 arch:x86

3a6cee2d0a998e9967e3cb11d35f3cd6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

certcli

CACloseCA
CAEnumFirstCA
CACloseCertType

user32

GetMessageW
RegisterClassExA
GetWindow
PostMessageA
FindWindowExW
LoadCursorA
GetActiveWindow
IsDialogMessageA
IsCharUpperA
SetFocus
MessageBoxA
OemToCharW
GetClassNameA

kernel32

GetStartupInfoA
GetCurrentDirectoryW
GetThreadContext
lstrlenA
ReleaseMutex
GetCommandLineW
GetWindowsDirectoryA
CreateProcessA
lstrcmpiA
GetProcAddress
CreateHardLinkW
WaitForSingleObjectEx
DecodePointer
SetEnvironmentVariableA
GetModuleHandleA
OpenMutexW
AddAtomW

Sections

.text
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e5552fd7aec3f66bf72abfee200a0187
.exe windows:4 windows x86 arch:x86

16e53cf5b94f28d7194b8522fe6b3321

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
GetModuleHandleA
Sleep
LCMapStringA
GetStringTypeW
GetStringTypeA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
RaiseException
MultiByteToWideChar
LCMapStringW

user32

MessageBoxW
MessageBoxA

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e57178caac4e29f4a2eea270ffbe832d
.html .js polyglot
some-samples-master/e5851d46b6a3857a5a194a5600db7095
.html .js polyglot
some-samples-master/e5ea2c907432eda61d245ca8eebca160
.exe windows:4 windows x86 arch:x86

6168d6f9bfee2dd8b93c5a657324fa07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
_beginthreadex
_access
sprintf
strstr
_except_handler3
free
realloc
malloc
??2@YAPAXI@Z
__CxxFrameHandler
_ftol
memmove
??3@YAXPAX@Z

kernel32

GetStartupInfoA
GetModuleHandleA
Process32First
Process32Next
lstrcmpiA
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
Sleep
EnterCriticalSection
VirtualAlloc
CreateEventA
CloseHandle
WaitForSingleObject
ResetEvent
lstrcpyA
SetEvent
InterlockedExchange
CancelIo
WriteFile
SetFilePointer
CreateFileA
GetFileSize
ReadFile
GetWindowsDirectoryA
GetFileAttributesA
CreateProcessA
lstrlenA
TerminateThread
lstrcatA
GetTickCount
GetLastError
GetCurrentProcess
HeapAlloc
GetProcessHeap
VirtualProtect
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
CopyFileA
GetModuleFileNameA
DeleteFileA
DuplicateHandle
OpenProcess
CreateDirectoryA
GetLocalTime
OpenEventA
WinExec
ExpandEnvironmentStringsA
GetCurrentThreadId
ExitProcess

user32

OpenInputDesktop
GetThreadDesktop
GetUserObjectInformationA
SetThreadDesktop
OpenDesktopA
GetInputState
GetMessageA
ExitWindowsEx
wsprintfA
CloseDesktop

advapi32

SetTokenInformation
CreateProcessAsUserA
RegOpenKeyA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
DuplicateTokenEx
StartServiceCtrlDispatcherA
CloseServiceHandle
StartServiceA
OpenServiceA
UnlockServiceDatabase
ChangeServiceConfig2A
LockServiceDatabase
CreateServiceA
OpenSCManagerA

shell32

ShellExecuteA

ws2_32

WSACleanup
setsockopt
connect
htons
gethostbyname
socket
closesocket
ntohs
recv
select
send
gethostname
getsockname
WSAStartup
WSAIoctl

wininet

InternetCloseHandle

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/e633b27b0e306cfd9be94edaed149825
.js
some-samples-master/e65c6e43adfabc369215434e5b20a14c
.html
some-samples-master/e67d157a41bdafc13270edbce3e1c2a5
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 436KB - Virtual size: 436KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e68ea0ef40ea5f871bdb416af047468f
.js
some-samples-master/e6d5c45e93ee568a27bc0ae5902030f5
.html .js polyglot
some-samples-master/e6e7e02fe193fe2f15d625d38854a589
.html .js polyglot
some-samples-master/e75a801f7fd6d1fd4521e1ac87e6657b
some-samples-master/e76746853eb1a4e83cc928a0cb52bbce
.exe windows:5 windows x86 arch:x86

e3d69a2ce27a43e2328ba050d27dee4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

azroles

AzCloseHandle
AzGetProperty
AzGroupCreate
AzGroupDelete
AzFreeMemory

clusapi

CloseClusterNode
ClusterEnum
CloseClusterGroup

kernel32

SetLastError
GetFileAttributesA
LoadLibraryA
GetModuleFileNameW
GetModuleHandleW
GetLogicalDriveStringsW
GetProcAddress
CreateMailslotA
GetCommandLineA
CreateFileA
MoveFileExA
UnmapViewOfFile
GetOEMCP
WaitForSingleObject
CreateJobObjectA

user32

LoadCursorW
PeekMessageA
LoadIconW
CharToOemA
LoadStringA
GetClassLongW
LoadMenuA
IsDialogMessageA
LoadBitmapA
InsertMenuA
GetPropA

rsaenh

CPDecrypt
CPGenKey
CPEncrypt

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e77d9ddee1156125e2d53f282a81a920
.js
some-samples-master/e7804336dd5f414be98cab0a7c698f72
.html .js polyglot
some-samples-master/e78725586aa151526ad48cb61caed3fe
.html .js polyglot
some-samples-master/e79b78bf06b97e4988e9ab407a120f96
.html .js polyglot
some-samples-master/e7b0b022d70e0f3ef4ddffd85f1b5a38
.html .js polyglot
some-samples-master/e7bfb9316e89ce5212b1b2507dd8830a
.html
some-samples-master/e81ad74cb8e8bf6c8e36bb4d313fd972
.html .js polyglot
some-samples-master/e83590b8a52a80721e507381ae045815
.html
some-samples-master/e84e643478e29a8419b71223284b7bce
.js
some-samples-master/e8883f153ca47c48be2c6b3c69c99753
.html
some-samples-master/e898fef1e2d98865029fd2d08f03f44b
some-samples-master/e8b0bb8731717a45830b60d7de0f759c
some-samples-master/e8c94edc96d9a7ed1a23f546bb8d8b76
.exe windows:5 windows x86 arch:x86

a06e8867d9d02187fa0ebe3fab1685b7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

authz

AuthzAddSidsToContext
AuthzFreeContext
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeAuditEvent

clbcatq

ComPlusMigrate
SetSetupSave
DowngradeAPL

kernel32

SetLastError
GetFileAttributesW
LoadLibraryA
GetModuleFileNameW
GetModuleHandleW
GetLogicalDriveStringsW
GetProcAddress
CreateMailslotW
GetCommandLineA
CreateFileA
MoveFileExA
UnmapViewOfFile
GetOEMCP
WaitForSingleObject
CreateJobObjectA

user32

LoadCursorW
PeekMessageA
LoadIconW
CharToOemA
LoadStringW
GetClassLongA
LoadMenuW
IsDialogMessageA
LoadBitmapA
InsertMenuA
GetPropW

rsaenh

CPDecrypt
CPGenKey
CPEncrypt

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e8d000c33bd39ba91e93684ebac43338
.js
some-samples-master/e8dcd9656c674dddc995fbcfee7a21ce
.exe windows:4 windows x86 arch:x86

19ecde865049ed464e870d4dcad89c85

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__dllonexit
_controlfp
_except_handler3
__set_app_type
memcpy
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
malloc
_XcptFilter
_exit
exit
_ftol
??3@YAXPAX@Z
__CxxFrameHandler
atoi
??2@YAPAXI@Z
strlen
strcmp
strncpy
sprintf
strcpy
strcat
strncat
memset
_onexit
free

kernel32

GetModuleHandleA
GetCurrentThreadId
InterlockedExchange
WaitForSingleObject
WriteFile
CreateFileA
GetCurrentThread
SetThreadPriority
GetTickCount
lstrcpyA
lstrcpynA
TerminateProcess
Sleep
ReadFile
CreateProcessA
GetSystemDirectoryA
GetStartupInfoA
CloseHandle
CreatePipe
FreeLibrary
GetProcAddress
LoadLibraryA
FindClose
FindNextFileA
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
DeleteFileA
CopyFileA
MoveFileA
GetCurrentProcess
WinExec
Process32Next
GetPriorityClass
OpenProcess
Module32First
Process32First
CreateToolhelp32Snapshot
GetFileSize

user32

GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetProcessWindowStation
IsWindow
SendMessageA
CloseWindow
CreateWindowExA
ExitWindowsEx
CloseDesktop
CloseWindowStation
GetSystemMetrics
SetCursorPos
mouse_event
GetDesktopWindow
wsprintfA

gdi32

CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDIBits
DeleteDC
CreateDIBitmap
DeleteObject

advapi32

LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges

shell32

ShellExecuteA
SHGetFileInfoA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

ws2_32

send
recv
gethostbyname
inet_addr
shutdown
closesocket
connect
socket
htons
WSACleanup
WSAStartup
WSAIoctl
setsockopt

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/e8dd64c28995b7dea36715c70c256085
.exe windows:4 windows x86 arch:x86

09453e0fe5e87b913d1eaedfd579e9df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord823
ord825

msvcrt

_onexit
__dllonexit
_controlfp
__CxxFrameHandler
_CxxThrowException
wcslen
memmove
_ftol
malloc
_except_handler3
realloc
free
strstr
rand
exit
atoi
sprintf
strncmp
_beginthreadex
calloc
??1type_info@@UAE@XZ
_exit
_XcptFilter
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln

kernel32

lstrcmpiA
Process32Next
LocalFree
WideCharToMultiByte
CopyFileA
GetStartupInfoA
CreateToolhelp32Snapshot
GetProcAddress
LoadLibraryA
CreateEventA
WaitForSingleObject
ResetEvent
SetEvent
InterlockedExchange
CancelIo
Sleep
CloseHandle
WriteFile
SetFilePointer
CreateFileA
GetFileSize
ReadFile
GetWindowsDirectoryA
VirtualAlloc
GetFileAttributesA
CreateProcessA
lstrlenA
lstrcpyA
TerminateThread
lstrcatA
GetTickCount
DeleteFileA
GetLastError
GetCurrentProcess
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetDiskFreeSpaceExA
GetDriveTypeA
GlobalMemoryStatusEx
GetSystemInfo
GetVersionExA
FindClose
FindFirstFileA
GetModuleFileNameA
InterlockedDecrement
MultiByteToWideChar
OpenEventA
CreateMutexA
ExitProcess
CreateThread
MoveFileExA
MoveFileA
GetCurrentThreadId
Process32First

user32

ShowWindow
GetInputState
FindWindowA
LoadCursorA
SendMessageA
PostThreadMessageA
GetWindow
GetMessageA
RegisterClassA
wsprintfA
SendInput
GetDlgCtrlID
LoadIconA
CloseDesktop
SetThreadDesktop
GetUserObjectInformationA
GetThreadDesktop
OpenInputDesktop
OpenDesktopA
PostMessageA
FindWindowExA

gdi32

GetStockObject

advapi32

StartServiceCtrlDispatcherA
LookupPrivilegeValueA
CloseEventLog
ClearEventLogA
OpenEventLogA
OpenSCManagerA
CreateServiceA
LockServiceDatabase
ChangeServiceConfig2A
UnlockServiceDatabase
OpenServiceA
StartServiceA
CloseServiceHandle
RegOpenKeyExA
OpenProcessToken
RegCreateKeyExA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyA
RegQueryValueExA
RegCloseKey
AdjustTokenPrivileges

shell32

ShellExecuteA
SHGetSpecialFolderPathA

ws2_32

select
recv
WSAStartup
setsockopt
connect
getsockname
gethostname
send
closesocket
socket
gethostbyname
htons
WSACleanup

iphlpapi

GetIfTable

ole32

OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysFreeString
SysAllocString
GetErrorInfo
VariantClear

urlmon

URLDownloadToFileA

wininet

InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/e8e1c00a586bf69bb7bd967ebbfb162e
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/e8e265b2149efe9bd9b22e38a49ba743
.js
some-samples-master/e8f31b683deee2baa759297b09a3e080
.js
some-samples-master/e901414ee2ea114328ac33dac9e39005
.js
some-samples-master/e91ce1fa878920c3e46c26f57cfe9315
.html .js polyglot
some-samples-master/e97571cfd3f71318041ec53973643192
.js
some-samples-master/e9b330ef8ef48014e9da9303bd55d6a9
.js
some-samples-master/e9da72d8ac0ce4aeca62a54396c4bc72
.dll windows:4 windows x86 arch:x86

2e5708ae5fed0403e8117c645fb23e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceA
CreateProcessA

msvcrt

free
_initterm
malloc
_adjust_fdiv
sprintf

Exports

Exports

PlayGame

Sections

.text
Size: 4KB - Virtual size: 652B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/e9ee6a2d73bb09393df9f62940a318d3
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/ea27302ac6763137908f9fa673a02741
.js
some-samples-master/ea83b0c7aa59d61a0cb303202197dc2a
.html .js polyglot
some-samples-master/eab58be633f14973c4fb785da2f72330
.exe windows:4 windows x86 arch:x86

e68e3fd734eb39e10f5abfa1c5acd3a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f.MbP.pdb

Imports

ole32

CoInitializeEx

winspool.drv

DeletePrintProcessorA

msvcrt

memset

advapi32

LookupAccountNameW

shell32

SHGetFileInfoA

kernel32

GetBinaryTypeA
GetConsoleDisplayMode
GetVolumeInformationW
lstrcmpA
GetModuleFileNameA
GetSystemTimeAsFileTime
GetCommandLineA
GetPrivateProfileIntW
FreeConsole
GetCurrentProcess
GetModuleHandleA

imm32

ImmDisableTextFrameService

lz32

LZStart

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CODE
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 362B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/eb04c44209226861fd1b171503f4ee2c
.js
some-samples-master/eb18a7d302bbc8c0b3ed2cd1612e8d59
.exe windows:4 windows x86 arch:x86

fbbce7c2573190fd915a6974ae051f80

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord2514
ord641
ord825
ord5265
ord4376
ord4853
ord4998
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord4465
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord4234
ord4710
ord755
ord470
ord1168
ord823
ord2379
ord1146
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord5163
ord4673

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
strlen
malloc
free
__CxxFrameHandler
memcpy
memset
realloc
_stricmp
_controlfp

kernel32

GetProcessHeap
VirtualAlloc
Sleep
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
CloseHandle
WriteFile
CreateFileA
ReadFile
GetFileSize
GetModuleHandleA
GetStartupInfoA
LocalAlloc
InterlockedExchange
RaiseException
GetLastError
HeapAlloc

user32

LoadIconA
GetClientRect
IsIconic
SendMessageA
DrawIcon
GetSystemMetrics
EnableWindow

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/eb1f2f41d8162eb62c20a20eea4c9adc
.html
some-samples-master/eb3e131b337941e07dcdd51b1e04124d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 104B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 512B - Virtual size: 185B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/eb5646782711800c9e2e6d4f30bb7544
.js
some-samples-master/eb5a2cb8b2f86152184e0ffedc333231
.dll windows:6 windows x64 arch:x64

8d7ab87d281d4473670c54151ce8da27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\Desktop\TinyNuke-master\TinyNuke-master\Bin\x64.pdb

Imports

kernel32

GetProcAddress
LoadLibraryA
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
CloseHandle
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
Sleep
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualProtect
GetModuleHandleW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
EnterCriticalSection
LeaveCriticalSection
lstrlenA
OpenMutexA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/eb6a460053bf5bcec371951f3774690e
.js
some-samples-master/eb6ee085fb89027279ab53e1c6bc91e0
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

facj

Sections

UPX0
Size: - Virtual size: 212KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/eb99b9a2eeb8ffd864ba0ef407282e4d
.html .js polyglot
some-samples-master/eba4382effd4275ca83810cf0d46f82f
.elf linux arm
some-samples-master/eba7a21116e0e8de53f605aab3a4344b
.exe windows:5 windows x86 arch:x86

1e2fb5e909e2aca2f3407719f0f86ec7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleW
WriteConsoleW
HeapSize
GetTickCount
GetProcAddress
LoadLibraryW
GetCPInfo
SetStdHandle
lstrlenW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
GetCurrentProcess
TerminateProcess
RtlUnwind
RaiseException
GetLastError
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
GetACP
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
SetFilePointerEx
GetProcessHeap
FindClose
FindFirstFileExW
CreateFileW

user32

GetDialogBaseUnits
GetNextDlgGroupItem
GetDlgCtrlID
GetRegisteredRawInputDevices
SendDlgItemMessageA
GetNextDlgTabItem

gdi32

StretchBlt
StretchDIBits
GetEnhMetaFileHeader
SetPolyFillMode
SetStretchBltMode
SetPixel

shell32

FindExecutableA
DragQueryFileW
ShellAboutA
ShellExecuteA

msimg32

GradientFill

winhttp

WinHttpCloseHandle
WinHttpConnect

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 441KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ebca1b2900b95ed509363b249a4b3587
.html .js polyglot
some-samples-master/ebcfd7f3076a7f5418e073564a1da742
.html .js polyglot
some-samples-master/ec091d840d8e6e179804cf5a2ea81e58
.exe windows:5 windows x86 arch:x86

e7e07b93fdc69b81173827f60d465a09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSaveKeyW
RegRestoreKeyA
RegEnumKeyA
RegCreateKeyExA
RegReplaceKeyA
ReadEventLogW
RegUnLoadKeyA
LogonUserA
CryptSignHashA
ClearEventLogA
OpenEventLogW
RegOpenKeyA
RegDeleteValueW

shell32

SHGetFileInfoA
DragFinish
SHGetMalloc
ExtractIconW
ShellMessageBoxW
FindExecutableA
StrStrA
SHChangeNotify
DragQueryFileW
ShellAboutW
SHGetFolderPathA

shlwapi

UrlIsW
UrlCompareW
PathIsURLW
PathCommonPrefixW
UrlIsOpaqueW
UrlHashW
UrlIsNoHistoryW
PathCompactPathW
UrlGetPartW
PathCombineW
UrlGetLocationW
UrlEscapeW
UrlUnescapeA
PathStripPathA

untfs

Recover
Extend

cryptdll

CDLocateRng
MD5Init
MD5Update

kernel32

DeleteFileA
LoadLibraryA
GetProcAddress
GetCurrentProcess
GetCommandLineA
WaitForSingleObject
CreateWaitableTimerA
OpenEventW
WaitNamedPipeW
InterlockedIncrement
GetTickCount
OpenMutexA
FindNextFileA
MoveFileExW
LoadLibraryExW

Sections

.text
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 566KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/ec72ccebbd7953089e044498ff8863ad
.html .js polyglot
some-samples-master/ec77dabe231d738654fc4469856c85f3
.html .js polyglot
some-samples-master/ec89e2905b72b47ba414c9a731cec541
.html
some-samples-master/ec9f8c0ecf36756cdde2fc896e658882
.html
some-samples-master/eca76979b83142f1a9531a0c7ab01779
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 204KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/ecca82687499930bb77c4f81ad9621d5
.js
some-samples-master/eccb44e2a6cb4ece00f17f2a56d918f4
.exe windows:4 windows x86 arch:x86

a4708e94f865f4bd2880ce7eb3501f03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_stricmp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle
InternetReadFile

kernel32

CreateFileA
WriteFile
CloseHandle
FreeLibrary
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
VirtualAlloc
GetProcessHeap
HeapAlloc
GetFileSize
SetFilePointer
Sleep
GetModuleHandleA
GetStartupInfoA
ReadFile

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ed077a76c6a51876c50acfba71801cc1
.exe windows:4 windows x86 arch:x86

d03887e1584d95578808a1991a1f87b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord324
ord825
ord641
ord4234
ord4853
ord800
ord860
ord540
ord2362
ord2370
ord638
ord635
ord2721
ord2818
ord1200
ord535
ord5181
ord317
ord6334
ord693
ord3610
ord2411
ord2023
ord4218
ord2578
ord6055
ord1776
ord4398
ord4837
ord3402
ord4424
ord3582
ord616
ord656
ord567
ord2302
ord775
ord1978
ord3171
ord5192
ord503
ord3874
ord2582
ord4402
ord3370
ord3640
ord6907
ord3998
ord3996
ord1994
ord4224
ord858
ord926
ord3301
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2621
ord1134
ord1146
ord1168
ord2379
ord755
ord470
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4710
ord4998
ord4376
ord5290
ord5265
ord1576

msvcrt

__p__fmode
__set_app_type
_except_handler3
_controlfp
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
free
realloc
_CxxThrowException
atoi
_mbscmp
__CxxFrameHandler
_setmbcp
_stricmp
__p__commode

kernel32

ExitProcess
GetProcAddress
LoadLibraryA
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualFree
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleHandleA
GetStartupInfoA

user32

DrawIcon
GetClientRect
GetSystemMetrics
IsIconic
SendMessageA
EnableWindow
LoadIconA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ed33459d8be191c521e0a1e8dfa9c313
.js
some-samples-master/ed5a2f78d11dbbe1b9dae221c01da508
some-samples-master/ed64809b8d2ae44b98266a8e7009b767
.exe windows:4 windows x86 arch:x86

610627a139d4efd3d50d293f0c98477d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
DeviceIoControl
GetVersionExA
GetCurrentProcess
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
GetModuleHandleA
GetModuleFileNameA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
CloseHandle

ws2_32

socket
htons
connect
WSAStartup

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/ed6fd26b82ec1af6534cff764aa25ab1
.html .js polyglot
some-samples-master/ed7bfef5f9af510d81aabb1807fe7393
.exe windows:5 windows x86 arch:x86

f4fc79262e5883b90ce8b8c6138d9e3d

Code Sign

16:88:f0:39:25:5e:63:8e:69:14:39:07:e6:33:0b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

31-12-2015 00:00

Not After

09-07-2019 18:40

Subject

CN=COMODO SHA-1 Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

eb:37:ee:3b:52:70:b3:0f:13:f8:60:2b:43:b7:75:27
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

04-08-2017 00:00

Not After

05-05-2018 23:59

Subject

CN=OOO\, Infokomtrans,OU=-,O=OOO\, Infokomtrans,POSTALCODE=350089,STREET=Rozhdestvenskaya Naberezhnaya\, 51\, 90,L=Krasnodar,ST=RU,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

eb:95:2b:1e:18:a5:19:32:1d:15:fc:e6:cb:ab:fe:3a:0c:c4:95:52
Signer

Actual PE Digest

eb:95:2b:1e:18:a5:19:32:1d:15:fc:e6:cb:ab:fe:3a:0c:c4:95:52

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyW
PathAppendW

wininet

DeleteUrlCacheEntryW

urlmon

URLDownloadToFileW

advapi32

ConvertSidToStringSidW
RegDeleteValueW
RegCreateKeyW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegCreateKeyExW
CryptGetHashParam
CryptAcquireContextW
CryptReleaseContext
LookupAccountNameW
CryptCreateHash
CryptDestroyHash
CryptHashData
GetUserNameW
AllocateAndInitializeSid
FreeSid
CheckTokenMembership

kernel32

SetEnvironmentVariableA
lstrlenA
GetOEMCP
GetCurrentThreadId
GetCurrentProcessId
SetEndOfFile
GetFileAttributesW
GetComputerNameW
GetSystemDirectoryW
GetLastError
LocalFree
GetVolumeInformationW
InterlockedDecrement
WideCharToMultiByte
MultiByteToWideChar
GetTempFileNameW
WriteFile
ReadFile
CreateFileW
GetTempPathW
GetFileSizeEx
CloseHandle
DeleteFileW
VerSetConditionMask
InitializeCriticalSectionAndSpinCount
RaiseException
VerifyVersionInfoW
DecodePointer
DeleteCriticalSection
CreateDirectoryW
GetModuleFileNameW
MoveFileW
MoveFileExW
WriteConsoleW
SetStdHandle
ReadConsoleW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
QueryPerformanceCounter
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetACP
IsValidCodePage
GetStdHandle
GetProcessHeap
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetStringTypeW
EncodePointer
EnterCriticalSection
LeaveCriticalSection
HeapFree
HeapAlloc
HeapReAlloc
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineW
RtlUnwind
GetCPInfo
FreeLibrary
GetProcAddress
LoadLibraryExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize

user32

CharLowerW

shell32

ShellExecuteExW
ShellExecuteW
SHGetFolderPathW

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString

Sections

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/edbd4b3b454b10fc2d3a7a84cc34a7ea
.js
some-samples-master/edcd4467945d8e1f784e359b58b280e8
.js
some-samples-master/edcdb858b17a6059934a5fe8e3236cee
.js
some-samples-master/edd04cce338fc0cc4eb7e028bfa1e2cb
.js
some-samples-master/ede54427b4b3ee33852a4a421b182685
.js
some-samples-master/ee0efafc69a13cd57d714ffdc603d8fc
.exe windows:4 windows x86 arch:x86

da2c25e045f4fbf2ca264bbb89e6fa2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord4079
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord815
ord459
ord561
ord825
ord743
ord5500
ord617
ord5301
ord6354
ord6352
ord5214
ord296
ord2036
ord986
ord520
ord823
ord4159
ord6117
ord2621
ord1134
ord1205
ord1199
ord1247
ord5265
ord4376
ord4853
ord4998
ord4710
ord2514
ord6052
ord4078
ord1775
ord4407
ord5241
ord2385
ord5163
ord6374
ord4353
ord5280
ord3798
ord4837
ord4441
ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord2124
ord5277
ord4627
ord4425
ord3597
ord324
ord641
ord4234
ord1825
ord4238
ord2486
ord4003
ord4696
ord3058
ord3065
ord6336
ord2510
ord2542
ord5243
ord5740
ord1746
ord5577
ord3172
ord5653
ord4420
ord2725
ord4858
ord2399
ord4387
ord3454
ord3198
ord6080
ord6175
ord4623
ord4426
ord652
ord1206
ord2623
ord338
ord1223
ord4823
ord1849
ord4244
ord2583
ord4589
ord4588
ord4899
ord4370
ord4892
ord5076
ord4341
ord4349
ord4890
ord4531
ord4545
ord4543
ord4526
ord4529
ord4524
ord4964
ord4961
ord4108
ord6055
ord1776
ord4403
ord5240
ord5290
ord3748
ord1726
ord4432
ord303
ord813
ord800
ord5253
ord3998
ord4723
ord1942
ord4272
ord5259
ord1859
ord4246
ord2494
ord2627
ord2626
ord5871
ord6000
ord2117
ord4163
ord2120
ord4457
ord1576
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4610
ord4953
ord4612
ord1168

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
_setmbcp

kernel32

GetProcAddress
LoadLibraryA
HeapAlloc
HeapReAlloc
GetProcessHeap
VirtualFree
FreeLibrary
VirtualAlloc
IsBadReadPtr
ExitProcess
GetModuleHandleA
GetStartupInfoA

user32

UpdateWindow
EnableWindow

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ee1573ae0b38ed84b7a9ed49a77f763f
.js
some-samples-master/ee17e846133b7ca51a05472336b92373
.js
some-samples-master/ee35899f081318fee53b98634674390f
some-samples-master/ee8bbd4ec4f19684f279054448a27601
.exe windows:5 windows x86 arch:x86

52e2397a123f2db108d5ef91487bd92e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

nddeapi

NDdeShareAddA
NDdeShareDelA
NDdeShareGetInfoA

kernel32

GetModuleFileNameA
lstrcmpiA
GetDateFormatA
GetModuleHandleW
GetProcAddress
CreateMailslotA
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyA
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogA
ClearEventLogW
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrA
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopA
wsprintfA
PostMessageA
GetDlgItemTextW
IsDialogMessageA
DispatchMessageW
GetMessageA
LoadMenuA
LoadStringW
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateA
InsertMenuW
GetPropW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/ee912597e347ffbf3c4e293c42a4528b
some-samples-master/ee96be71623770331eff1dc40896dce1
.html
some-samples-master/ee97c245200157ac931649e7aabcd4fb
.html .js polyglot
some-samples-master/eead5263632a75654427864d1dcfa48c
.html .js polyglot
some-samples-master/eebf3d63bc995b3dda4988670751bfb8
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/eec8a9f1e71d8d66b4de0daab316e75f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/eeef57214bef6968c534dffd81fb7cc5
.html
some-samples-master/ef070da80b0f1d24f319e93c6cd65a26
.html
some-samples-master/ef181820387e982000a54a346ba2022e
.js
some-samples-master/ef220c989473365a48b6e45b9871495c
.html .js polyglot
some-samples-master/ef3263bd36c60cc9969676b2dbcc7c37
.html .js polyglot
some-samples-master/ef7d1863f4980ab0c8bda142fee67f92
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07-06-2005 08:09

Not After

30-05-2020 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

10:70:9d:4f:f5:54:08:d7:30:60:01:d8:ea:91:75:bb
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

24-08-2011 00:00

Not After

30-05-2020 10:48

Subject

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

84:1d:09:9d:16:b7:38:f3:41:72:fe:ef:e1:d2:57:4f
Certificate

Issuer

CN=COMODO Code Signing CA 2,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

20-09-2011 00:00

Not After

19-09-2014 23:59

Subject

CN=Somoto Ltd.,O=Somoto Ltd.,POSTALCODE=61580,STREET=PO Box 58096,L=Tel Aviv,ST=--,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ab:ef:2e:b2:2c:67:c6:42:9c:59:0e:e1:3b:33:c0:02:14:31:75:50
Signer

Actual PE Digest

ab:ef:2e:b2:2c:67:c6:42:9c:59:0e:e1:3b:33:c0:02:14:31:75:50

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/ef847188568e63d01eb20d1fb9e3bee2
.dll windows:6 windows x86 arch:x86

1b0ce8458d64c2c047deb248ec1dc54a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Administrator\Desktop\TinyNuke-master\TinyNuke-master\Bin\x86.pdb

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
VirtualQuery
CloseHandle
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
Sleep
InterlockedExchange
InterlockedCompareExchange
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
OpenThread
SuspendThread
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualProtect
GetModuleHandleW
CreateToolhelp32Snapshot
Thread32First
Thread32Next
EnterCriticalSection
LeaveCriticalSection
lstrlenA
GetProcessHeap
IsWow64Process
OpenMutexA
CreateFileA
GetFileSize
ReadFile
lstrcatA

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/ef999396ff80bd6d36550e2eba54eae4
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.nkh
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/efb6db2ef17230e9d7b4c1edcc9db79c
.html
some-samples-master/efbd15fcf87832bc96eb4dbb1c595646
.html .js polyglot
some-samples-master/efc021deddb254b92d9710a6033fa35e
.html .js polyglot
some-samples-master/efdb6033dccf27fe103b8fc13bc4f2d7
.exe windows:5 windows x86 arch:x86

81b22482e6654561d85aa4fe1626ec78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostMessageA
DispatchMessageW
MessageBoxA
LoadStringW
GetPropW
GetClassLongA
IsCharUpperW
DrawStateA
IsDialogMessageW
LoadMenuW
CreateDesktopW
LoadIconA
LoadCursorA

kernel32

WaitForSingleObject
GetCurrentProcessId
GetModuleHandleW
GetFileAttributesW
FindNextFileA
GetTempPathA
GetModuleFileNameW
IsBadWritePtr
GetExpandedNameA
GetCurrentThreadId
LoadLibraryA
GetProfileSectionW
GetProcAddress
GetStringTypeA
WaitNamedPipeW
LeaveCriticalSection
GetConsoleAliasA
SearchPathA
GetLogicalDriveStringsW

odbctrac

TraceSQLCancel
TraceSQLError

cfgmgr32

CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range
CMP_Init_Detection

msimg32

AlphaBlend
GradientFill

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/efe5c02d6f858304b3c2b5bea4494a2f
.html .js polyglot
some-samples-master/f01179d8cc408632451c3b0ee4f566b0
.js
some-samples-master/f0586879d9a3ec0ce2e1ee66c8fd1929
.exe windows:5 windows x86 arch:x86

6724092decc5cea709f7f76c25d36546

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DispatchMessageW
GetMessageW
BeginPaint
DrawTextW
EndPaint
PostQuitMessage
LoadStringW
LoadCursorW
EnableWindow
DefWindowProcW
DestroyWindow
SendMessageW
wsprintfW
CreateWindowExW
ShowWindow
UpdateWindow
MessageBoxA
SetTimer
RegisterClassExW
TranslateMessage
MessageBeep

kernel32

GetCommandLineA
GetCommandLineW
GetModuleHandleW
lstrlenW
GetCurrentDirectoryW
lstrcatW
CreateFileW
ExitProcess
GetLastError
lstrcmpA
lstrlenA
GetStartupInfoA
GetModuleHandleA

gdi32

TextOutW
DeleteDC

shell32

CommandLineToArgvW

Sections

.text
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f05ee02eb7a0bcc2108ae4e056a3cbad
some-samples-master/f0b9f50c6a247ac5ca9cc95135b83dcf
.exe windows:5 windows x86 arch:x86

e24946fd3b548d18411ea3dc85666a69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyW
OpenEventLogW
ClearEventLogA
LogonUserW
InitializeAcl
CryptSignHashW
RegOpenKeyA
ControlService
RegReplaceKeyA
RegSaveKeyA
RegCreateKeyExA
RegUnLoadKeyA

authz

AuthzAddSidsToContext
AuthzInitializeContextFromSid

shlwapi

UrlIsNoHistoryW
PathIsRootW
UrlGetLocationW
UrlCombineW
PathCommonPrefixA
UrlIsOpaqueW
PathCompactPathW
PathAppendA
PathCombineA
UrlCompareW
PathIsURLW
UrlIsA
UrlHashW
UrlGetPartW

wtsapi32

WTSFreeMemory
WTSSetSessionInformationW
WTSVirtualChannelRead
WTSWaitSystemEvent
WTSRegisterSessionNotification
WTSQueryUserToken
WTSVirtualChannelPurgeInput
WTSQuerySessionInformationA
WTSSetUserConfigW
WTSEnumerateSessionsW
WTSEnumerateServersA

kernel32

WaitForSingleObject
CreateJobObjectW
GetProcAddress
GetStringTypeW
OpenJobObjectW
InitializeCriticalSection
GetCommandLineW
MoveFileA
GetModuleHandleA
GetTempPathA
ReadConsoleA
GetProfileSectionA
GetSystemDirectoryA
CreateMailslotA
CreateFileW
GetLogicalDriveStringsA
GetModuleFileNameW
UnmapViewOfFile
GetDateFormatA
GetVersion
LoadLibraryExA
GetExpandedNameA
lstrcmpiA
DeleteFileW
SearchPathW
GetTickCount
GetFileAttributesW
MoveFileExA
GetConsoleAliasA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_MEM_READ
some-samples-master/f0bac82e3c7156cc80116a7f19180661
.js
some-samples-master/f0bd6726da89272f109a18794623d82f
.html .js polyglot
some-samples-master/f0ebb02a5937d7ab0a70f5ed8c47a639
.exe windows:4 windows x86 arch:x86

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetCurrentDirectoryA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f10bfe74b97bf785207038774a4064dc
.vbs
some-samples-master/f113f023527e4e5ff1770d32f1c4a3e2
.html
some-samples-master/f18fd057e1401dec2eb3731f952f157d
.js
some-samples-master/f1fc9561c3d53c231243842b3f84318c
some-samples-master/f2270ac5eaaae44a8cff828823f0726b
some-samples-master/f231ea2ef5967a229eaeeeb620a369de
.exe windows:4 windows x86 arch:x86

d8f5f326d59bd53d34818d2c72e3b0d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
WinExec
GetTickCount
CloseHandle
ReleaseMutex
OpenMutexA
lstrlenA
lstrcpynA
SetFilePointer
WriteFile
CreateFileA
SetPriorityClass
LoadResource
FindResourceA
EnumResourceNamesA
WaitForSingleObject
GetLastError
GetWindowsDirectoryA
GlobalMemoryStatusEx
GetSystemInfo
lstrcpyA
GetSystemDefaultUILanguage
TerminateProcess
ExitThread
GetStartupInfoA
GetCurrentProcess
GetCurrentThread
SetThreadPriority
Sleep
CreateThread
LoadLibraryA
LockResource
GetProcAddress
GetModuleHandleA
CreateProcessA

user32

GetDesktopWindow
wsprintfA

advapi32

RegOpenKeyExA
StartServiceCtrlDispatcherA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeleteService
RegQueryValueExA

shell32

SHChangeNotify
ShellExecuteExA
ShellExecuteA

ws2_32

closesocket
WSAStartup
inet_ntoa
select
recv
setsockopt
WSAIoctl
socket
connect
htonl
send
WSACleanup
__WSAFDIsSet
inet_addr
sendto
htons

shlwapi

SHDeleteKeyA

iphlpapi

GetIfTable
GetAdaptersInfo

netapi32

NetUserAdd
NetLocalGroupAddMembers

msvcrt

sprintf
strcmp
??2@YAPAXI@Z
_onexit
__dllonexit
_controlfp
??3@YAXPAX@Z
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_except_handler3
strncmp
strcat
wcscpy
realloc
malloc
strlen
atoi
strncpy
strcspn
memset
strstr
strcpy
exit
memcpy
localtime
time
free

Sections

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f25daddb1834dbbcb2296a49a3616c57
.html .js polyglot
some-samples-master/f29cb366dc3af09d5a45ac248b1e9cb4
.exe windows:1 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0e:13:b3:a7:9a:a6:0b:7e:a9:34:16:3f:52:37:60:6b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

08-08-2013 00:00

Not After

24-07-2015 23:59

Subject

CN=Lavasoft Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Lavasoft Limited,L=sliema,ST=Malta,C=MT

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

bc:15:e3:b9:e4:0a:d0:b7:df:b4:a1:97:6c:41:3e:93:1c:6b:aa:5f
Signer

Actual PE Digest

bc:15:e3:b9:e4:0a:d0:b7:df:b4:a1:97:6c:41:3e:93:1c:6b:aa:5f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f2a0bac7fe686702eaac346c76132412
.js
some-samples-master/f3008f3f0ad12964fb45a2f472e083dd
.js
some-samples-master/f344fd5de76240617d34c5c019e6c3f8
.exe windows:4 windows x86 arch:x86

57e98d9a5a72c8d7ad8fb7a6a58b3daf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
CreateFileA
GetFileSize
GetModuleFileNameA
ReadFile
GetCurrentProcess
CopyFileA
Sleep
GetTickCount
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
lstrlenA
GetVersion
SetErrorMode
lstrcpynA
ExitProcess
SetCurrentDirectoryA
GlobalLock
CreateThread
GetLastError
CreateDirectoryA
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
WriteFile
lstrcpyA
MoveFileExA
lstrcatA
GetSystemDirectoryA
GetProcAddress
GetExitCodeProcess
WaitForSingleObject
CompareFileTime
SetFileAttributesA
GetFileAttributesA
GetShortPathNameA
MoveFileA
GetFullPathNameA
SetFileTime
SearchPathA
CloseHandle
lstrcmpiA
GlobalUnlock
GetDiskFreeSpaceA
lstrcmpA
FindFirstFileA
FindNextFileA
DeleteFileA
SetFilePointer
GetPrivateProfileStringA
FindClose
MultiByteToWideChar
FreeLibrary
MulDiv
WritePrivateProfileStringA
LoadLibraryExA
GetModuleHandleA
GlobalAlloc
GlobalFree
ExpandEnvironmentStringsA

user32

ScreenToClient
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
PostQuitMessage
GetWindowRect
EnableMenuItem
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
ReleaseDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndDialog
RegisterClassA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
ExitWindowsEx
GetDC
CreateDialogParamA
SetTimer
GetDlgItem
SetWindowLongA
SetForegroundWindow
LoadImageA
IsWindow
SendMessageTimeoutA
FindWindowExA
OpenClipboard
TrackPopupMenu
AppendMenuA
EndPaint
DestroyWindow
wsprintfA
ShowWindow
SetWindowTextA

gdi32

SelectObject
SetBkMode
CreateFontIndirectA
SetTextColor
DeleteObject
GetDeviceCaps
CreateBrushIndirect
SetBkColor

shell32

SHGetSpecialFolderLocation
ShellExecuteExA
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
SHFileOperationA

advapi32

AdjustTokenPrivileges
RegCreateKeyExA
RegOpenKeyExA
SetFileSecurityA
OpenProcessToken
LookupPrivilegeValueA
RegEnumValueA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegEnumKeyA

comctl32

ImageList_Create
ImageList_AddMasked
ImageList_Destroy
ord17

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f34fccde1db79a9233444989b9711a82
.js
some-samples-master/f3ae6f3c0880beda98d817023a733f21
.html .js polyglot
some-samples-master/f3bd03496cd7da9c8424583302bc6eb3
.js
some-samples-master/f3c14bca37b316604004ca1de2a9e85a
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

6a:0c:39:d0:25:25:22:a9:c4:48:35:28:58:ac:aa:cb
Certificate

Issuer

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Not Before

02-07-2014 00:00

Not After

02-07-2015 23:59

Subject

CN=Somoto Ltd.,O=Somoto Ltd.,L=Tel Aviv,ST=Israel,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=Thawte Code Signing CA - G2,O=Thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

34:4e:d5:57:20:d5:ed:ec:49:f4:2f:ce:37:db:2b:6d
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

17-11-2006 00:00

Not After

16-07-2036 23:59

Subject

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

10:c1:93:4a:ee:b9:b6:a7:ef:28:27:03:1e:19:cf:fb:02:d2:72:d9
Signer

Actual PE Digest

10:c1:93:4a:ee:b9:b6:a7:ef:28:27:03:1e:19:cf:fb:02:d2:72:d9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f3e7dcf2f4ec14f38ce6426a7f45679f
.js
some-samples-master/f4195347444e5a15d54205c00a64baaf
.exe windows:5 windows x86 arch:x86

23ee14b7b8bad73645664a22cfd7f754

Code Sign

54:7c:fd:c5:d7:0f:d7:c9:44:a9:ba:11:e8:8c:cb:1c
Certificate

Issuer

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

06-11-2015 00:00

Not After

05-11-2016 23:59

Subject

CN=PC Utilities Software Limited,OU=IT Department,O=PC Utilities Software Limited,POSTALCODE=W1H 1DP,STREET=78 York Street,L=London,ST=England,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09-05-2013 00:00

Not After

08-05-2028 23:59

Subject

CN=COMODO RSA Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:aa:f9:ca:db:63:6f:e0:1f:f7:4e:d8:5b:03:86:9d
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

19-01-2010 00:00

Not After

18-01-2038 23:59

Subject

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dd:1b:80:ce:9a:43:f1:e3:46:7d:57:b3:f5:91:68:6a:5f:ab:8a:b6
Signer

Actual PE Digest

dd:1b:80:ce:9a:43:f1:e3:46:7d:57:b3:f5:91:68:6a:5f:ab:8a:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

O:\CPPwrapper_VS2010\Release_RS\optimizerpro_silent.pdb

Imports

kernel32

GetExitCodeProcess
GetModuleFileNameW
SizeofResource
LockResource
CloseHandle
WaitForSingleObject
CreateProcessW
LoadResource
GetTempPathW
FindResourceA
SetEndOfFile
CreateFileW
WriteConsoleW
SetStdHandle
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
GetCommandLineW
HeapSetInformation
GetStartupInfoW
RaiseException
RtlUnwind
HeapAlloc
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
IsProcessorFeaturePresent
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
ReadFile
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocaleInfoW
HeapSize
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
LoadLibraryW
GetProcessHeap

advapi32

RegCloseKey
RegFlushKey
RegCreateKeyExW
RegSetValueExW

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/f41dbc94bda2639b17966e1ac024e5c9
.exe windows:4 windows x86 arch:x86

2a50cf0009203573b4125be051bc7ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixelFormat
GetCharABCWidthsFloatA

user32

IsCharUpperW
SetScrollInfo
GetUpdateRgn
SendNotifyMessageW

crypt32

CryptDecodeObjectEx
CryptUnregisterOIDInfo
CertFindCTLInStore

kernel32

lstrcmpA
GetBinaryTypeA
GetModuleFileNameA
GetProcAddress
GetNamedPipeInfo
GetModuleHandleA
FlushConsoleInputBuffer
RemoveVectoredExceptionHandler
GetCurrentProcess
GetCurrentProcessId
GetEnvironmentStrings
LoadLibraryA

rpcrt4

RpcServerRegisterAuthInfoW
NdrPointerBufferSize

msvcrt

qsort

shell32

SHGetFolderPathA

oleaut32

VarBstrFromI4

netapi32

NetShareSetInfo

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/f421f9350693781919de47167e4c348e
.js
some-samples-master/f422f481f1ab89b287fd0dd637214e71
.js
some-samples-master/f436f159d962cd5fb9b290a82b9f5165
.js
some-samples-master/f43ccc58612cff57be09c582ed92bb12
.js
some-samples-master/f48ac89a5f61c972d30a712b13431edc
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13-04-2011 10:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:40:5c:1f:0e:d2:58:88:2b:e5:4d:86:86:ba:11:ea:45
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

23-08-2013 00:00

Not After

23-09-2024 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G1,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

10:07:b0:cd:1f:0d:90:5b:aa:c1:0b:09:6d:03:64:96
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

15-08-2014 00:00

Not After

14-09-2015 23:59

Subject

CN=Alipay.com Co.\,Ltd,OU=Operations Department,O=Alipay.com Co.\,Ltd,L=HANGZHOU,ST=ZHEJIANG,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

68:ad:8c:70:97:5e:b7:b3:df:5b:7b:57:f8:83:ab:4b:9c:c5:bd:5a
Signer

Actual PE Digest

68:ad:8c:70:97:5e:b7:b3:df:5b:7b:57:f8:83:ab:4b:9c:c5:bd:5a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 976KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jvxtpcfl
Size: 780KB - Virtual size: 780KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jtefdxzt
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/f4ab0544441754191936b949b7d27cf8
.html .js polyglot
some-samples-master/f4b637ff380aa9e99da9c94506e21288
some-samples-master/f51152b76d7f504a9526b737adc3fb15
.html .js polyglot
some-samples-master/f53e355fc0055a72e54937190868bbce
.html .js polyglot
some-samples-master/f568256dca5a101c1295ab350524e7d3
.html
some-samples-master/f572aeaf0c71b394d177f7161fadc3b6
.exe windows:4 windows x86 arch:x86

f5a59bdc6ca2470dcd77a89286f04a07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord3831
ord3825
ord3079
ord4080
ord4627
ord4425
ord3597
ord800
ord807
ord641
ord860
ord540
ord554
ord324
ord825
ord2370
ord4234
ord1200
ord1168
ord823
ord5884
ord5655
ord4163
ord6625
ord4710
ord6334
ord858
ord2379
ord4099
ord1911
ord3316
ord3314
ord5242
ord6121
ord1774
ord2490
ord5010
ord5658
ord2395
ord6322
ord2609
ord1006
ord1787
ord6123
ord4291
ord1994
ord5192
ord775
ord503
ord537
ord5708
ord1261
ord924
ord926
ord6640
ord2366
ord2818
ord2820
ord3811
ord5697
ord5699
ord4033
ord2582
ord4402
ord3370
ord3640
ord2411
ord2023
ord4218
ord2578
ord6055
ord1776
ord4398
ord5290
ord3402
ord4424
ord3830
ord4853
ord616
ord693
ord567
ord2299
ord2302
ord3996
ord3874
ord6907
ord3998
ord2915
ord4224
ord4673
ord3663
ord3571
ord3619
ord3573
ord3626
ord755
ord5787
ord6172
ord2414
ord1146
ord5789
ord1641
ord5875
ord470
ord2864
ord4284
ord3797
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord815
ord317
ord561
ord635
ord2621
ord1134
ord2725
ord4160
ord2863
ord941
ord4129
ord5683
ord686
ord3337
ord5575
ord839
ord433
ord1656
ord2141
ord434
ord939
ord2393
ord384
ord2862
ord2096
ord3301
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord5280
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1775
ord4078
ord6052
ord2514
ord4998
ord4376
ord3582
ord5265
ord1576

msvcrt

_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__CxxFrameHandler
_gcvt
_CxxThrowException
exit
_ftol
_mbscmp
_setmbcp
_stricmp
realloc
free
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
_controlfp

kernel32

GetTickCount
GetProcessHeap
VirtualAlloc
IsBadReadPtr
HeapFree
FreeLibrary
GetStartupInfoA
ExitProcess
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
GetCurrentDirectoryA
GetProcAddress
LoadLibraryA
VirtualFree
GetLastError
MultiByteToWideChar
lstrlenA
LocalFree
HeapAlloc

user32

CallNextHookEx
LoadBitmapA
GetClientRect
SetWindowRgn
GetWindowLongA
GetWindowRgn
InvalidateRect
UpdateWindow
SetCapture
GetClassNameA
GetSystemMetrics
IsIconic
ReleaseCapture
CallWindowProcA
SetWindowLongA
SetFocus
GetDlgCtrlID
GetParent
GetWindowRect
SendMessageA
EnableWindow
SetWindowsHookExA
DrawIcon
GetSystemMenu
AppendMenuA
LoadIconA
UnhookWindowsHookEx

gdi32

CreatePatternBrush
CreateSolidBrush
RoundRect
CreateRectRgn
PtInRegion
DeleteObject
CreateFontA

comctl32

ImageList_ReplaceIcon

ole32

CoUninitialize

oleaut32

SysAllocString
VariantClear

Sections

.text
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f5849368e2f46752694a0ea61c230e14
.js
some-samples-master/f5de3fd248004cecbe23054f31b0f3ad
.exe windows:4 windows x86 arch:x86

888f7c3cb1911069f97ed9c2bd4061db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceNamesA
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetPriorityClass
GetCurrentProcess
ResumeThread
CreateEventA
SetEvent
GetExitCodeThread
GetStartupInfoA
ExitProcess
GetCommandLineA
InitializeCriticalSection
DeleteCriticalSection
DebugBreak
lstrcmpiA
GetProcessHeap
HeapReAlloc
HeapFree
CreateThread
LeaveCriticalSection
EnterCriticalSection
GetVersionExA
WaitForMultipleObjects
GetFileAttributesA
GetDriveTypeA
ReadFile
GetFileSize
CallNamedPipeA
GetUserDefaultLangID
lstrlenW
FileTimeToSystemTime
SetFilePointer
GetTempPathA
GetTempFileNameA
FindResourceA
SizeofResource
LoadResource
LockResource
GetLastError
GetCurrentThreadId
GetCurrentProcessId
OutputDebugStringA
SetFileAttributesA
GetModuleHandleA
SetLastError
GetWindowsDirectoryA
GetShortPathNameA
CreateFileA
WriteFile
CloseHandle
MoveFileA
lstrcpyA
GetTickCount
CopyFileA
DeleteFileA
GetModuleFileNameA
lstrcpynA
LoadLibraryA
GetProcAddress
WideCharToMultiByte
FreeLibrary
lstrlenA
HeapAlloc
lstrcatA

user32

CharNextA
GetKeyboardType
PeekMessageA
MsgWaitForMultipleObjects
SetCursor
SetWindowLongA
SetTimer
EndDialog
GetSystemMetrics
BeginDeferWindowPos
GetWindowTextA
SetWindowTextA
DeferWindowPos
EndDeferWindowPos
LoadStringA
GetClientRect
ScreenToClient
PostMessageA
GetDC
ReleaseDC
ShowWindow
GetDlgItem
EnableWindow
SetForegroundWindow
SendMessageA
SendDlgItemMessageA
GetWindowRect
MapWindowPoints
SetWindowPos
wvsprintfA
MessageBoxA
PostQuitMessage
DefWindowProcA
RegisterClassExA
CreateWindowExA
GetMessageA
RedrawWindow
KillTimer
InvalidateRect
UpdateWindow
GetDlgItemTextA
LoadCursorA
TranslateMessage
DispatchMessageA
wsprintfA
LoadImageA

gdi32

UpdateColors
SetTextColor
SetBkMode
GetDeviceCaps
SelectPalette
CreateHalftonePalette
GetStockObject
CreateFontIndirectA
GetTextExtentPoint32A
CreateCompatibleDC
GetObjectA
DeleteObject
RealizePalette
BitBlt
DeleteDC
SelectObject

advapi32

RegQueryValueExA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
CloseServiceHandle
RegEnumKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegDeleteValueA
RegCreateKeyExA
RegSetValueExA
RegFlushKey
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteA
SHGetMalloc
SHGetSpecialFolderLocation
SHGetPathFromIDListA
StrRChrA

ole32

CoUninitialize
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantInit
SysAllocString
VariantClear

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f5eb53b4920c97595bcea81b5cf3c0e5
.exe windows:4 windows x86 arch:x86

3f81653fe2698b7cb1e6a8ca5c1f3c82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
DeleteFileA
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetStringTypeExA
GetThreadLocale
GetShortPathNameA
GetFileAttributesA
GetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetFileTime
SetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
HeapReAlloc
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
CreateThread
ExitThread
RaiseException
HeapSize
GetACP
GetTimeZoneInformation
GetSystemTime
SetEndOfFile
IsBadWritePtr
FatalAppExitA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadCodePtr
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
SetConsoleCtrlHandler
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetLocaleInfoW
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
SetErrorMode
GetOEMCP
GetCPInfo
SizeofResource
GetProcessVersion
GetLastError
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GetCurrentDirectoryA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
GlobalFlags
lstrlenA
lstrcpynA
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
MulDiv
SetLastError
InterlockedDecrement
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
lstrcpyA
GetModuleHandleA
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
CreateEventA
SuspendThread
SetThreadPriority
ResumeThread
SetEvent
WaitForSingleObject
GetModuleFileNameA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
lstrcmpiA
GetCurrentThread
GetCurrentThreadId
GetFileSize
ReadFile
Sleep
CreateFileA
WriteFile
CloseHandle
FreeLibrary
HeapFree
IsBadReadPtr
LoadLibraryA
GetProcAddress
VirtualFree
VirtualProtect
VirtualAlloc
GetProcessHeap
GetLocalTime
HeapAlloc

user32

ScrollWindow
EndDeferWindowPos
CopyRect
BeginDeferWindowPos
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
SendDlgItemMessageA
UpdateWindow
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
MoveWindow
ShowWindow
ClientToScreen
GetDC
ReleaseDC
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
SetCapture
ReleaseCapture
WaitMessage
GetDesktopWindow
GetWindowThreadProcessId
WindowFromPoint
GetClassNameA
PtInRect
InsertMenuA
DeleteMenu
GetMenuStringA
CharToOemA
OemToCharA
GetSysColorBrush
LoadStringA
GetDialogBaseUnits
DestroyMenu
SetRectEmpty
LoadAcceleratorsA
TranslateAcceleratorA
LoadMenuA
SetMenu
ReuseDDElParam
UnpackDDElParam
InvalidateRect
BringWindowToTop
CharUpperA
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
GetTopWindow
IsChild
GetCapture
WinHelpA
wsprintfA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
TrackPopupMenu
SetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
EndDialog
SetActiveWindow
IsWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
SetCursor
ShowOwnedPopups
PostQuitMessage
PostMessageA
EnableWindow
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
SendMessageA
LoadIconA
OffsetRect

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetCurrentPositionEx
ArcTo
SetArcDirection
GetObjectA
PolyDraw
PolylineTo
SetColorAdjustment
SetStretchBltMode
DeleteObject
SetPolyFillMode
CreateRectRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
GetDeviceCaps
GetViewportExtEx
GetWindowExtEx
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CreatePatternBrush
CreateDIBPatternBrushPt
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetTextExtentPoint32A
GetTextMetricsA
CreateFontIndirectA
PolyBezierTo
SetROP2
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
SetBkMode
SelectPalette
GetStockObject
SelectObject
RestoreDC
SaveDC
StartDocA
GetClipRgn
CreateBitmap
DeleteDC

comdlg32

GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegOpenKeyA

shell32

SHGetFileInfoA
DragQueryFileA
DragFinish
DragAcceptFiles

comctl32

ord17

imagehlp

MakeSureDirectoryPathExists

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 200KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/f62e0d79f8f442903fd5f4f5e9bc47ee
.exe windows:5 windows x86 arch:x86

0f5a34db9f244a5b90c7dc3980446f0d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

authz

AuthzAddSidsToContext
AuthzFreeContext
AuthzInitializeContextFromSid
AuthzFreeResourceManager
AuthzFreeAuditEvent

clusapi

CloseClusterNode
ClusterEnum
CloseClusterGroup

kernel32

SetLastError
GetFileAttributesA
LoadLibraryA
GetModuleFileNameW
GetModuleHandleW
GetLogicalDriveStringsW
GetProcAddress
CreateMailslotW
GetCommandLineA
CreateFileA
MoveFileExA
UnmapViewOfFile
GetOEMCP
WaitForSingleObject
CreateJobObjectA

user32

LoadCursorW
PeekMessageA
LoadIconW
CharToOemA
LoadStringA
GetClassLongA
LoadMenuA
IsDialogMessageA
LoadBitmapA
InsertMenuA
GetPropW

rsaenh

CPDecrypt
CPGenKey
CPEncrypt

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f62f911042f2165c5ff465f74a7ca202
.exe windows:4 windows x86 arch:x86

0fa9a08282241fecf69984aea760ef64

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
GetProcessHeap
FreeLibrary
HeapAlloc
CloseHandle
WriteFile
Sleep
CreateFileA
ReadFile
GetFileSize
GetCurrentProcess
TerminateProcess
GetStartupInfoA
InterlockedCompareExchange
InterlockedExchange
SetUnhandledExceptionFilter
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

msvcr80

exit
_acmdln
_ismbblead
_initterm_e
_configthreadlocale
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_encode_pointer
__set_app_type
_crt_debugger_hook
_unlock
__dllonexit
_lock
_onexit
_decode_pointer
_except_handler4_common
_invoke_watson
_controlfp_s
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
??2@YAPAXI@Z
??3@YAXPAX@Z
malloc
free
realloc
memset
memcpy
_initterm
_stricmp

imagehlp

MakeSureDirectoryPathExists

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f671d23d45ca06e64d8e4c801254a19c
.exe windows:4 windows x86 arch:x86

30f204ada17cbce549a5035709c52fee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord2648
ord2055
ord6376
ord3749
ord5065
ord1727
ord5261
ord2446
ord5277
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3402
ord3830
ord3831
ord3825
ord3079
ord4080
ord4627
ord4424
ord567
ord2135
ord818
ord1949
ord4034
ord5265
ord4376
ord4998
ord2514
ord6052
ord1775
ord5280
ord2124
ord4425
ord3597
ord641
ord860
ord324
ord2370
ord4234
ord4853
ord858
ord4224
ord6334
ord2642
ord3092
ord4710
ord926
ord537
ord922
ord924
ord2818
ord2302
ord5575
ord2820
ord4441
ord539
ord801
ord541
ord5861
ord6143
ord3398
ord3733
ord686
ord384
ord810
ord4000
ord2862
ord1168
ord2096
ord6008
ord3303
ord3287
ord4673
ord4274
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord4622
ord3738
ord561
ord815
ord2621
ord1134
ord1146
ord4160
ord2863
ord2379
ord755
ord470
ord5981
ord939
ord2411
ord2023
ord4218
ord2578
ord4398
ord3582
ord616
ord3317
ord4837
ord3798
ord5290
ord4353
ord6374
ord5163
ord2385
ord5241
ord4407
ord1776
ord4078
ord6055
ord823
ord1200
ord825
ord540
ord535
ord800
ord4033
ord3811
ord433
ord1576

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
exit
rand
_CxxThrowException
__CxxFrameHandler
atol
_setmbcp
wcslen
_mbscmp
atoi

kernel32

MultiByteToWideChar
lstrlenA
InterlockedIncrement
GetProcAddress
LoadLibraryA
VirtualAlloc
GetLastError
GetTickCount
GetModuleHandleA
GetStartupInfoA
FreeLibrary
LocalFree
WideCharToMultiByte
InterlockedDecrement

user32

AppendMenuA
SendMessageA
EnableWindow
GetSystemMetrics
GetSystemMenu
DrawIcon
GetClientRect
LoadIconA
IsIconic

comctl32

ImageList_ReplaceIcon

ole32

CLSIDFromProgID
CoUninitialize
CoCreateInstance
OleRun
CoInitialize
CLSIDFromString

oleaut32

SysStringByteLen
VariantChangeType
SysAllocString
VariantInit
SysFreeString
GetErrorInfo
SysAllocStringByteLen
VariantClear

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f68df0f4226b461fb29eea3265fe9a49
.html .js polyglot
some-samples-master/f708fd562a710454707d4f0a42ab9d7d
.js
some-samples-master/f74b68ba935565519f5ab87d017340d7
some-samples-master/f79da94ef23d2aca97c26bb0bf41950b
.js
some-samples-master/f7f64858ca5d19786035ef0d12b7f167
.html .js polyglot
some-samples-master/f8017ae861b580e044eca2fd9afbb1ce
.html .js polyglot
some-samples-master/f8259a5c0c322bd6c1bdeaf69a5a8b6a
.js
some-samples-master/f892845770d015c4eccc5b4602077277
.js
some-samples-master/f89d736ad35226fa4d40a1c31bf6e7b1
.js
some-samples-master/f89d83aed98e0f42a8ebb0e83f9f8515
.exe windows:4 windows x86 arch:x86

b8acf97a4531ab76abcf18a8ad76b5ae

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09
Certificate

Issuer

CN=TrustAsia Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

01-01-2015 07:41

Not After

30-12-2017 07:41

Subject

CN=亚洲诚信代码签名测试证书,O=亚数信息科技（上海）有限公司,L=上海市,ST=上海市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05
Certificate

Issuer

CN=TrustAsia Root CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

19-05-2010 10:43

Not After

19-05-2020 10:43

Subject

CN=TrustAsia Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

07
Certificate

Issuer

CN=TrustAsia SHA2 Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

01-03-2015 08:04

Not After

30-03-2018 08:04

Subject

CN=亚洲诚信代码签名测试证书SHA2,O=亚数信息科技（上海）有限公司,L=上海市,ST=上海市,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

06
Certificate

Issuer

CN=TrustAsia Root CA,O=TrustAsia Technologies\, Inc.,C=CN

Not Before

01-01-2015 07:48

Not After

30-12-2025 07:48

Subject

CN=TrustAsia SHA2 Code Signing CA,O=TrustAsia Technologies\, Inc.,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02-01-2017 00:00

Not After

01-04-2028 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

c4:0b:c1:a6:11:5d:4f:22:31:5a:60:b3:9b:80:59:a9:86:9f:f6:ac:0a:55:73:b0:f1:b8:14:13:bb:2f:0b:1b
Signer

Actual PE Digest

c4:0b:c1:a6:11:5d:4f:22:31:5a:60:b3:9b:80:59:a9:86:9f:f6:ac:0a:55:73:b0:f1:b8:14:13:bb:2f:0b:1b

Digest Algorithm

sha256

PE Digest Matches

false

22:c1:55:63:e6:11:0c:b4:90:ae:44:b3:96:41:3d:5f:d4:c6:d1:a2
Signer

Actual PE Digest

22:c1:55:63:e6:11:0c:b4:90:ae:44:b3:96:41:3d:5f:d4:c6:d1:a2

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

__WSAFDIsSet
recv
WSAIoctl
WSASocketA
select
WSACleanup
setsockopt
htonl
sendto
WSAStartup
send
inet_addr
gethostbyname
socket
htons
connect
closesocket
WSAGetLastError

shlwapi

SHDeleteKeyA

netapi32

NetLocalGroupAddMembers
NetUserAdd

kernel32

ExitThread
OutputDebugStringA
lstrcpyA
MultiByteToWideChar
CreateThread
CloseHandle
GetProcAddress
LoadLibraryA
SetThreadPriority
GetCurrentThread
GetCurrentProcess
SetPriorityClass
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ExitProcess
ReleaseMutex
OpenMutexA
lstrlenA
WinExec
GetTempPathA
TerminateProcess
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateFileA
WaitForSingleObject
GetLastError
CopyFileA
GetSystemInfo
GetSystemDefaultUILanguage
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
HeapReAlloc
RtlUnwind
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetVersionExA
GetStartupInfoA
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
GetTickCount
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
InterlockedExchange
FlushFileBuffers
HeapSize
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetThreadLocale
lstrcatA
GetProcessHeap
HeapAlloc
HeapFree
RaiseException

user32

wsprintfA

advapi32

StartServiceCtrlDispatcherA
CreateServiceA
StartServiceA
RegOpenKeyA
RegisterServiceCtrlHandlerA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
SetServiceStatus
OpenServiceA
CloseServiceHandle
DeleteService
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

ShellExecuteExA
SHChangeNotify

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/f8d610d5bf7cb876e715f9b8a18e9dca
.js
some-samples-master/f91a5ddeb2d61f4481f773f01979ad91
.js
some-samples-master/f92cbc9d31e2e82152472f6755f4234c
.js
some-samples-master/f944d4821592668e9c3f6c61bf54ea43
.html .js polyglot
some-samples-master/f95994d236b6d0ce063cd5bca18e3251
.js
some-samples-master/f9616cbb55a046f67ad5408e10f40807
.js
some-samples-master/f9723fb95cab69665ac38a5bbc2ce756
.js
some-samples-master/f977ecc132fe33085c8e25194c139168
.html .js polyglot
some-samples-master/f9c2d8dc6d0fc4e5cc64d141bee41c41
.exe windows:5 windows x86 arch:x86

2ea90afad4cedf09cf14e6cd723ab9b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleOutputCharacterW
GetTickCount
TerminateThread
GetLastError
GetProcAddress
GetModuleHandleA
CompareStringW
CompareStringA
GlobalMemoryStatus
FlushFileBuffers
CloseHandle
CreateFileA
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
FillConsoleOutputCharacterA
GetStartupInfoW
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
HeapSize
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetEnvironmentVariableA

user32

GetNextDlgTabItem
SendDlgItemMessageA
LoadBitmapA
LoadAcceleratorsW
LoadIconW
GetRegisteredRawInputDevices
GetRawInputBuffer
CallMsgFilterW
LoadCursorFromFileW
GetRawInputDeviceInfoA
LoadCursorA
GetDialogBaseUnits

advapi32

ChangeServiceConfigA

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 519KB - Virtual size: 518KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/f9e16df3b6f5e6391c8a56d898c5d141
.js
some-samples-master/f9e818d0fb21fed0e55fd84685a66edf
.js
some-samples-master/fa12130246f56599504541ca96568207
.exe windows:5 windows x86 arch:x86

60ea29cec2f56efe066563ce5a973bec

Code Sign

4f:c1:9e:47:a7:e2:8c:71:af:0a:68:30:08:8a:83:08
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

05-12-2016 00:00

Not After

05-12-2017 23:59

Subject

CN=Super PC Tools Limited,OU=IT Division,O=Super PC Tools Limited,L=London,ST=United Kingdom,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

ba:ec:e8:4a:52:d2:6a:6b:2b:37:a7:2c:c7:45:55:2b:8e:d5:4a:00
Signer

Actual PE Digest

ba:ec:e8:4a:52:d2:6a:6b:2b:37:a7:2c:c7:45:55:2b:8e:d5:4a:00

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegUnLoadKeyW
RegSetValueExW
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegLoadKeyW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegConnectRegistryW
RegCloseKey

user32

LoadStringW
MessageBoxA
CharNextW
MessageBoxW
LoadStringW
GetSystemMetrics
CharUpperBuffW
CharNextW

kernel32

lstrcmpiA
LoadLibraryA
LocalFree
LocalAlloc
GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
IsValidLocale
GetSystemDefaultUILanguage
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetUserDefaultUILanguage
GetLocaleInfoW
GetLastError
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
WriteFile
WideCharToMultiByte
WaitForSingleObject
VirtualQueryEx
VirtualQuery
VirtualFree
SizeofResource
SignalObjectAndWait
SetFilePointer
SetEvent
SetEndOfFile
ResetEvent
ReadFile
MultiByteToWideChar
LockResource
LoadResource
LeaveCriticalSection
InitializeCriticalSection
GetVersionExW
GetThreadLocale
GetTempPathW
GetStdHandle
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileAttributesW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentProcess
GetCPInfo
FreeResource
InterlockedExchange
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FindResourceW
FindFirstFileW
FindClose
EnumCalendarInfoW
EnterCriticalSection
DeleteFileW
DeleteCriticalSection
CreateProcessW
CreateFileW
CreateEventW
CompareStringW
CloseHandle
Sleep

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/fa695c4ca170ac5c2f0c383a568d6483
.html .js polyglot
some-samples-master/faa260b435ff688b92bd96ce5b15273a
.html .js polyglot
some-samples-master/fab7d5a19bf8439c9921a5174ef2a7f7
.js
some-samples-master/faca0ef83546b437317dcf135eaf3229
.html .js polyglot
some-samples-master/fb11a7f1316becf6e0a633328975ee8b
.html
some-samples-master/fb4d68373097718e7452674c1d165d44
.js
some-samples-master/fb6e723f760506c116f36dbb3db807fa
.html .js polyglot
some-samples-master/fba0598a318af70d0e93225e1690f195
.html
some-samples-master/fbd25ad8bc91e322d85f12e5e807f77a
.html .js polyglot
some-samples-master/fbf607c3953e4cf6fc359a99cc88c077
.html .js polyglot
some-samples-master/fbfbffce9014ece7aac7a2ea7c6d0d77
.exe windows:5 windows x86 arch:x86

eb97e4fc5518ac300a92a11673825e0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

WSACleanup
socket
inet_ntoa
setsockopt
ntohs
recvfrom
ioctlsocket
htons
WSAStartup
__WSAFDIsSet
select
accept
listen
bind
closesocket
WSAGetLastError
recv
sendto
send
inet_addr
gethostbyname
gethostname
connect

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

winmm

timeGetTime
waveOutSetVolume
mciSendStringW

comctl32

ImageList_ReplaceIcon
ImageList_Destroy
ImageList_Remove
ImageList_SetDragCursorImage
ImageList_BeginDrag
ImageList_DragEnter
ImageList_DragLeave
ImageList_EndDrag
ImageList_DragMove
InitCommonControlsEx
ImageList_Create

mpr

WNetUseConnectionW
WNetCancelConnection2W
WNetGetConnectionW
WNetAddConnection2W

wininet

InternetQueryDataAvailable
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetCrackUrlW
HttpQueryInfoW
InternetQueryOptionW
HttpOpenRequestW
HttpSendRequestW
FtpOpenFileW
FtpGetFileSize
InternetOpenUrlW
InternetReadFile
InternetConnectW

psapi

GetProcessMemoryInfo

iphlpapi

IcmpCreateFile
IcmpCloseHandle
IcmpSendEcho

userenv

DestroyEnvironmentBlock
UnloadUserProfile
CreateEnvironmentBlock
LoadUserProfileW

uxtheme

IsThemeActive

kernel32

DuplicateHandle
CreateThread
WaitForSingleObject
HeapAlloc
GetProcessHeap
HeapFree
Sleep
GetCurrentThreadId
MultiByteToWideChar
MulDiv
GetVersionExW
IsWow64Process
GetSystemInfo
FreeLibrary
LoadLibraryA
GetProcAddress
SetErrorMode
GetModuleFileNameW
WideCharToMultiByte
lstrcpyW
lstrlenW
GetModuleHandleW
QueryPerformanceCounter
VirtualFreeEx
OpenProcess
VirtualAllocEx
WriteProcessMemory
ReadProcessMemory
CreateFileW
SetFilePointerEx
SetEndOfFile
ReadFile
WriteFile
FlushFileBuffers
TerminateProcess
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SetFileTime
GetFileAttributesW
FindFirstFileW
SetCurrentDirectoryW
GetLongPathNameW
GetShortPathNameW
DeleteFileW
FindNextFileW
CopyFileExW
MoveFileW
CreateDirectoryW
RemoveDirectoryW
SetSystemPowerState
QueryPerformanceFrequency
FindResourceW
LoadResource
LockResource
SizeofResource
EnumResourceNamesW
OutputDebugStringW
GetTempPathW
GetTempFileNameW
DeviceIoControl
GetLocalTime
CompareStringW
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
CreatePipe
InterlockedExchange
TerminateThread
LoadLibraryExW
FindResourceExW
CopyFileW
VirtualFree
FormatMessageW
GetExitCodeProcess
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
WritePrivateProfileSectionW
GetPrivateProfileSectionNamesW
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetDriveTypeW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetVolumeInformationW
SetVolumeLabelW
CreateHardLinkW
SetFileAttributesW
CreateEventW
SetEvent
GetEnvironmentVariableW
SetEnvironmentVariableW
GlobalLock
GlobalUnlock
GlobalAlloc
GetFileSize
GlobalFree
GlobalMemoryStatusEx
Beep
GetSystemDirectoryW
HeapReAlloc
HeapSize
GetComputerNameW
GetWindowsDirectoryW
GetCurrentProcessId
GetProcessIoCounters
CreateProcessW
GetProcessId
SetPriorityClass
LoadLibraryW
VirtualAlloc
IsDebuggerPresent
GetCurrentDirectoryW
lstrcmpiW
DecodePointer
GetLastError
RaiseException
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCurrentThread
CloseHandle
GetFullPathNameW
EncodePointer
ExitProcess
GetModuleHandleExW
ExitThread
GetSystemTimeAsFileTime
ResumeThread
GetCommandLineW
IsProcessorFeaturePresent
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStringTypeW
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
RtlUnwind
ReadConsoleW
GetTimeZoneInformation
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteConsoleW
FindClose
SetEnvironmentVariableA

user32

AdjustWindowRectEx
CopyImage
SetWindowPos
GetCursorInfo
RegisterHotKey
ClientToScreen
GetKeyboardLayoutNameW
IsCharAlphaW
IsCharAlphaNumericW
IsCharLowerW
IsCharUpperW
GetMenuStringW
GetSubMenu
GetCaretPos
IsZoomed
MonitorFromPoint
GetMonitorInfoW
SetWindowLongW
SetLayeredWindowAttributes
FlashWindow
GetClassLongW
TranslateAcceleratorW
IsDialogMessageW
GetSysColor
InflateRect
DrawFocusRect
DrawTextW
FrameRect
DrawFrameControl
FillRect
PtInRect
DestroyAcceleratorTable
CreateAcceleratorTableW
SetCursor
GetWindowDC
GetSystemMetrics
GetActiveWindow
CharNextW
wsprintfW
RedrawWindow
DrawMenuBar
DestroyMenu
SetMenu
GetWindowTextLengthW
CreateMenu
IsDlgButtonChecked
DefDlgProcW
CallWindowProcW
ReleaseCapture
SetCapture
CreateIconFromResourceEx
mouse_event
ExitWindowsEx
SetActiveWindow
FindWindowExW
EnumThreadWindows
SetMenuDefaultItem
InsertMenuItemW
IsMenu
TrackPopupMenuEx
GetCursorPos
DeleteMenu
SetRect
GetMenuItemID
GetMenuItemCount
SetMenuItemInfoW
GetMenuItemInfoW
SetForegroundWindow
IsIconic
FindWindowW
MonitorFromRect
keybd_event
SendInput
GetAsyncKeyState
SetKeyboardState
GetKeyboardState
GetKeyState
VkKeyScanW
LoadStringW
DialogBoxParamW
MessageBeep
EndDialog
SendDlgItemMessageW
GetDlgItem
SetWindowTextW
CopyRect
ReleaseDC
GetDC
EndPaint
BeginPaint
GetClientRect
GetMenu
DestroyWindow
EnumWindows
GetDesktopWindow
IsWindow
IsWindowEnabled
IsWindowVisible
EnableWindow
InvalidateRect
GetWindowLongW
GetWindowThreadProcessId
AttachThreadInput
GetFocus
GetWindowTextW
ScreenToClient
SendMessageTimeoutW
EnumChildWindows
CharUpperBuffW
GetParent
GetDlgCtrlID
SendMessageW
MapVirtualKeyW
PostMessageW
GetWindowRect
SetUserObjectSecurity
CloseDesktop
CloseWindowStation
OpenDesktopW
SetProcessWindowStation
GetProcessWindowStation
OpenWindowStationW
GetUserObjectSecurity
MessageBoxW
DefWindowProcW
SetClipboardData
EmptyClipboard
CountClipboardFormats
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
OpenClipboard
BlockInput
GetMessageW
LockWindowUpdate
DispatchMessageW
TranslateMessage
PeekMessageW
UnregisterHotKey
CheckMenuRadioItem
CharLowerBuffW
MoveWindow
SetFocus
PostQuitMessage
KillTimer
CreatePopupMenu
RegisterWindowMessageW
SetTimer
ShowWindow
CreateWindowExW
RegisterClassExW
LoadIconW
LoadCursorW
GetSysColorBrush
GetForegroundWindow
MessageBoxA
DestroyIcon
SystemParametersInfoW
LoadImageW
GetClassNameW

gdi32

StrokePath
DeleteObject
GetTextExtentPoint32W
ExtCreatePen
GetDeviceCaps
EndPath
SetPixel
CloseFigure
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchBlt
GetDIBits
LineTo
AngleArc
MoveToEx
Ellipse
DeleteDC
GetPixel
CreateDCW
GetStockObject
GetTextFaceW
CreateFontW
SetTextColor
PolyDraw
BeginPath
Rectangle
SetViewportOrgEx
GetObjectW
SetBkMode
RoundRect
SetBkColor
CreatePen
CreateSolidBrush
StrokeAndFillPath

comdlg32

GetOpenFileNameW
GetSaveFileNameW

advapi32

GetAce
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegConnectRegistryW
InitializeSecurityDescriptor
InitializeAcl
AdjustTokenPrivileges
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
DuplicateTokenEx
CreateProcessAsUserW
CreateProcessWithLogonW
GetLengthSid
CopySid
LogonUserW
AllocateAndInitializeSid
CheckTokenMembership
RegCreateKeyExW
FreeSid
GetTokenInformation
GetSecurityDescriptorDacl
GetAclInformation
AddAce
SetSecurityDescriptorDacl
GetUserNameW
InitiateSystemShutdownExW

shell32

DragQueryPoint
ShellExecuteExW
DragQueryFileW
SHEmptyRecycleBinW
SHGetPathFromIDListW
SHBrowseForFolderW
SHCreateShellItem
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetFolderPathW
SHFileOperationW
ExtractIconExW
Shell_NotifyIconW
ShellExecuteW
DragFinish

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
ProgIDFromCLSID
CLSIDFromProgID
OleSetMenuDescriptor
MkParseDisplayName
OleSetContainedObject
CoCreateInstance
IIDFromString
StringFromGUID2
CreateStreamOnHGlobal
OleInitialize
OleUninitialize
CoInitialize
CoUninitialize
GetRunningObjectTable
CoGetInstanceFromFile
CoGetObject
CoSetProxyBlanket
CoCreateInstanceEx
CoInitializeSecurity

oleaut32

LoadTypeLibEx
VariantCopyInd
SysReAllocString
SysFreeString
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayAllocData
SafeArrayAllocDescriptorEx
SafeArrayCreateVector
RegisterTypeLi
CreateStdDispatch
DispCallFunc
VariantChangeType
SysStringLen
VariantTimeToSystemTime
VarR8FromDec
SafeArrayGetVartype
VariantCopy
VariantClear
OleLoadPicture
QueryPathOfRegTypeLi
RegisterTypeLibForUser
UnRegisterTypeLibForUser
UnRegisterTypeLi
CreateDispTypeInfo
SysAllocString
VariantInit

Sections

.text
Size: 567KB - Virtual size: 567KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/fc0ac4792cfdf44b45c12da3610e0fb5
some-samples-master/fc100cb6b9ae59b149d2a8774c2383ed
.html
some-samples-master/fc15091677801652a81ef5a59d0e87ea
.html
some-samples-master/fc2f4a1746fb1d8418c6bd867b1973bd
.exe windows:4 windows x86 arch:x86

2077b7c05f8c89dd446b98e06e4595ed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

534623***)(.pdb

Imports

comdlg32

GetFileTitleA

msi

ord114

ole32

PropVariantClear
OleLoadFromStream

user32

EmptyClipboard
GetMenuStringW

kernel32

FreeConsole
GetThreadLocale
GetComputerNameA
SetEnvironmentVariableW
RemoveDirectoryW
GetProcessHeap
GetFileInformationByHandle
InterlockedExchange
HeapAlloc
CreateEventW
SetFileApisToANSI
SetFileApisToOEM
GetCommandLineA
FindAtomW
CreateFileMappingW

imm32

ImmDestroyContext

ws2_32

inet_addr

esent

JetBeginExternalBackup

urlmon

SetSoftwareUpdateAdvertisementState

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

32^^text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.werheer
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
some-samples-master/fc516f21b576457f3fe340118a7ca633
.js
some-samples-master/fc692b343d79be670d9f36d11dfe8c08
.html .js polyglot
some-samples-master/fc6cbb89fa7817d8b50b7a3bcd450d64
.elf linux x86
some-samples-master/fc83bb42a48c6ff6183367e6713462d9
.js
some-samples-master/fcb1309272451c9fa198bed9532adb5a
.html .js polyglot
some-samples-master/fcb663f9ad007185e72043b4aabe1f98
.html
some-samples-master/fccfa3194759b67a5b674733d030093d
.html
some-samples-master/fcead0cc8cb9d2f9c9ce3f68d89b8ff5
.html .js polyglot
some-samples-master/fcfaea4a013703b52d82c4fcb0aecd41
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/fd02ded8cd68b3349130541e14936a43
.html .js polyglot
some-samples-master/fd15d370abbd8e982e6e5663d1e0d99e
.js
some-samples-master/fd2ae022ac1345db116e631919a51f8e
some-samples-master/fd365e280b5d5125d7045fd10f877e58
.exe windows:5 windows x86 arch:x86

ed36d6b5bc2364ec85cc07421435bb85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

nddeapi

NDdeShareAddA
NDdeShareDelA
NDdeShareGetInfoA

kernel32

GetModuleFileNameA
lstrcmpiA
GetDateFormatA
GetModuleHandleW
GetProcAddress
CreateMailslotW
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyA
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogA
ClearEventLogW
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrW
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopA
wsprintfA
PostMessageA
GetDlgItemTextW
IsDialogMessageA
DispatchMessageW
GetMessageA
LoadMenuA
LoadStringA
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateA
InsertMenuW
GetPropW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ
some-samples-master/fd47f76a4e50ded37b2022a2cbc260ae
.js
some-samples-master/fd74fa0b01c14db5eed1fc78d7cf8da5
.html
some-samples-master/fd7f4b5c48d0ced6cccc6c2305152ac4
.html .js polyglot
some-samples-master/fd841306e7da7104250dde560bbc9539
.html .js polyglot
some-samples-master/fdbcc27417a705f78f340db3101bd95d
.exe windows:4 windows x86 arch:x86

05eef6ce4bd1e8c0c350ead83629da4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strncmp
strncpy
memcpy
fread
longjmp
_setjmp3
fclose
strlen
frexp
modf
floor
_CIpow
atof
malloc
free

kernel32

GetModuleHandleA
HeapCreate
VirtualProtect
HeapDestroy
ExitProcess
OpenProcess
GetLastError
HeapAlloc
HeapFree
LoadLibraryA
GetProcAddress
FreeLibrary
HeapReAlloc
lstrlenA

Sections

.code
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.popdata
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
some-samples-master/fdc1b2c95b5f49a837d3cbedee8566f9
.html .js polyglot
some-samples-master/fe05d037e3333d5a9d9bc73804aaa5a2
.html .js polyglot
some-samples-master/fe2f0589b458e945968f429a452cd84f
.js
some-samples-master/fe445b771f2229c47546aebb03bb5713
.js
some-samples-master/feb80d38379fd3fa90f420d084a227e5
.html
some-samples-master/fefbbe55170668d3894ad9144f06b0dc
.js
some-samples-master/ff811e35d24be3931bb87ef7025201fe
.zip
some-samples-master/ff959802586964b7b2770ac516ff627a
.html
some-samples-master/ffac5401486a70ae6949cc6ea6ad228a
.js
some-samples-master/ffdee03cb4c4c23b2db269b47e4669d5
.exe windows:4 windows x86 arch:x86

be679e504e8f29b5272c3163c36b070d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

_CIcos
_adj_fptan
__vbaVarMove
__vbaFreeVar
_adj_fdiv_m64
_adj_fprem1
__vbaResume
__vbaHresultCheckObj
_adj_fdiv_m32
__vbaAryDestruct
__vbaExitProc
__vbaI4Abs
__vbaOnError
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
ord598
ord523
_CIsin
__vbaChkstk
EVENT_SINK_AddRef
__vbaGenerateBoundsError
DllFunctionCall
_adj_fpatan
__vbaRedim
ord678
EVENT_SINK_Release
_CIsqrt
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord712
_adj_fprem
_adj_fdivr_m64
__vbaFPException
_CIlog
ord539
__vbaErrorOverflow
__vbaNew2
ord570
ord648
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
__vbaDerefAry1
_adj_fdivr_m32
_adj_fdiv_r
ord100
_CIatan
__vbaStrMove
_allmul
_CItan
_CIexp
__vbaFreeObj
__vbaFreeStr

Sections

.text
Size: 460KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
some-samples-master/midnight.pm/mirai.arm
.elf linux arm
some-samples-master/midnight.pm/mirai.arm7
.elf linux arm
some-samples-master/midnight.pm/mirai.m68k
.elf linux
some-samples-master/midnight.pm/mirai.mips
.elf linux mipsbe
some-samples-master/midnight.pm/mirai.mpsl
.elf linux mipsel
some-samples-master/midnight.pm/mirai.ppc
.elf linux ppc
some-samples-master/midnight.pm/mirai.sh4
.elf linux sh
some-samples-master/midnight.pm/mirai.spc
.elf linux sparc
some-samples-master/midnight.pm/mirai.x86
.elf linux x86
some-samples-master/mirai.x86_b79a5e78ca19beda30547c90b99a38eb
.elf linux x86
some-samples-master/mirai.x86_ce6606aff683266dc8a5846e9bb1dbf1
.elf linux x86
some-samples-master/pein.x86_61fed4e9796a55de137265a70527d9e4
.elf linux x86
some-samples-master/q
some-samples-master/x86_6f56f163be0c7e54a87ccf45ec8e02f2
.elf linux x86

Sharing

General

Malware Config

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Extracted

Signatures

Files

Headers

File Characteristics

Sections

UPX0 Size: - Virtual size: 940KB

UPX1 Size: 589KB - Virtual size: 592KB

.rsrc Size: 4KB - Virtual size: 4KB

Headers

File Characteristics

Sections

.text Size: 484KB - Virtual size: 480KB

.rdata Size: 888KB - Virtual size: 884KB

.data Size: 72KB - Virtual size: 133KB

.rsrc Size: 12KB - Virtual size: 8KB

bdf0bfb5a047e04bc36fa07c99211d26

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 111KB - Virtual size: 300KB

.rsrc Size: 10KB - Virtual size: 12KB

Headers

File Characteristics

Sections

CODE Size: 479KB - Virtual size: 478KB

DATA Size: 45KB - Virtual size: 45KB

BSS Size: - Virtual size: 4KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 38KB - Virtual size: 37KB

.rsrc Size: 140KB - Virtual size: 140KB

Headers

File Characteristics

Sections

CODE Size: 542KB - Virtual size: 542KB

DATA Size: 507KB - Virtual size: 506KB

BSS Size: - Virtual size: 3KB

.idata Size: 8KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 40KB - Virtual size: 39KB

.rsrc Size: 28KB - Virtual size: 28KB

36ad125d833d401ebd011e5cfb5c0ce2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

shlwapi

UPX0
Size: - Virtual size: 940KB

UPX1
Size: 589KB - Virtual size: 592KB

.rsrc
Size: 4KB - Virtual size: 4KB

.text
Size: 484KB - Virtual size: 480KB

.rdata
Size: 888KB - Virtual size: 884KB

.data
Size: 72KB - Virtual size: 133KB

.rsrc
Size: 12KB - Virtual size: 8KB

.text
Size: 111KB - Virtual size: 300KB

.rsrc
Size: 10KB - Virtual size: 12KB

CODE
Size: 479KB - Virtual size: 478KB

DATA
Size: 45KB - Virtual size: 45KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 38KB - Virtual size: 37KB

.rsrc
Size: 140KB - Virtual size: 140KB

CODE
Size: 542KB - Virtual size: 542KB

DATA
Size: 507KB - Virtual size: 506KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 8KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 40KB - Virtual size: 39KB

.rsrc
Size: 28KB - Virtual size: 28KB

.data
Size: 29KB - Virtual size: 28KB

.rsrc
Size: 24KB - Virtual size: 28KB

UPX0
Size: - Virtual size: 36KB

UPX1
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 4KB

.data
Size: 32KB - Virtual size: 32KB

.rsrc
Size: 9KB - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 652B

.rdata
Size: 4KB - Virtual size: 472B

.data
Size: 4KB - Virtual size: 340B

.rsrc
Size: 5.0MB - Virtual size: 5.0MB

.reloc
Size: 4KB - Virtual size: 684B

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

11:21:d6:99:a7:64:97:3e:f1:f8:42:7e:e9:19:cc:53:41:14
Certificate

bb:9e:63:75:ea:e2:a1:ea:88:88:5e:c1:75:8c:21:64
Certificate

2e:7c:87:cc:0e:93:4a:52:fe:94:fd:1c:b7:cd:34:af
Certificate

78:ca:78:7a:36:b2:19:ef:92:e7:d6:21:02:c0:20:03:d5:86:df:fe
Signer

.text
Size: 61KB - Virtual size: 60KB

.itext
Size: 4KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 3KB

.bss
Size: - Virtual size: 21KB

.idata
Size: 4KB - Virtual size: 3KB

.tls
Size: - Virtual size: 8B

.rdata
Size: 512B - Virtual size: 24B

.rsrc
Size: 44KB - Virtual size: 44KB