filename | sosw.exe | |
---|---|---|
size | 1703361 (0x19fdc1) | |
md5 | 94fcd73b97ddf5923f6c967e5e1d0a53 | |
type | PE32 executable (console) Intel 80386 (stripped to external PDB), for MS Windows | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0x80 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
name | va | vsize | raw size | flags | |
---|---|---|---|---|---|
.text | 0x1000 | 0x1213a8 | 0x121400 | R-X CODE IDATA | |
.data | 0x123000 | 0xc958 | 0xca00 | RW- IDATA | |
.rdata | 0x130000 | 0x38320 | 0x38400 | R-- IDATA | |
.bss | 0x169000 | 0x2990 | 0 | RW- UDATA | |
.idata | 0x16c000 | 0x19e8 | 0x1a00 | RW- IDATA |
Data Directory
type | va | size | |
---|---|---|---|
EXPORT | 0 | 0 | |
IMPORT | 0x16c000 | 0x19e8 | |
RESOURCE | 0 | 0 | |
EXCEPTION | 0 | 0 | |
SECURITY | 0 | 0 | |
BASERELOC | 0 | 0 | |
DEBUG | 0 | 0 | |
ARCHITECTURE | 0 | 0 | |
GLOBALPTR | 0 | 0 | |
TLS | 0 | 0 | |
LOAD_CONFIG | 0 | 0 | |
Bound_IAT | 0 | 0 | |
IAT | 0 | 0 | |
Delay_IAT | 0 | 0 | |
CLR_Header | 0 | 0 |
module_name | hint | ord | function_name |
---|---|---|---|
GDI32.dll | 9 | Arc | |
GDI32.dll | 22 | CombineRgn | |
GDI32.dll | 48 | CreateFontIndirectW | |
GDI32.dll | 58 | CreatePen | |
GDI32.dll | 62 | CreateRectRgn | |
GDI32.dll | 67 | CreateSolidBrush | |
GDI32.dll | 73 | DeleteObject | |
GDI32.dll | 79 | Ellipse | |
GDI32.dll | 103 | ExtTextOutW | |
GDI32.dll | 108 | FloodFill | |
GDI32.dll | 199 | GetStockObject | |
GDI32.dll | 218 | GetTextMetricsW | |
GDI32.dll | 226 | InvertRgn | |
GDI32.dll | 229 | LineTo | |
GDI32.dll | 232 | MoveToEx | |
GDI32.dll | 261 | Rectangle | |
GDI32.dll | 279 | SelectObject | |
GDI32.dll | 285 | SetBkColor | |
GDI32.dll | 319 | SetTextAlign | |
GDI32.dll | 320 | SetTextCharacterExtra | |
GDI32.dll | 321 | SetTextColor | |
KERNEL32.dll | 1 | AddAtomA | |
KERNEL32.dll | 9 | AllocConsole | |
KERNEL32.dll | 18 | Beep | |
KERNEL32.dll | 38 | CloseHandle | |
KERNEL32.dll | 63 | CreateDirectoryW | |
KERNEL32.dll | 71 | CreateFileW | |
KERNEL32.dll | 84 | CreatePipe | |
KERNEL32.dll | 89 | CreateSemaphoreW | |
KERNEL32.dll | 107 | DeleteCriticalSection | |
KERNEL32.dll | 110 | DeleteFileW | |
KERNEL32.dll | 126 | EnterCriticalSection | |
KERNEL32.dll | 156 | ExitProcess | |
KERNEL32.dll | 168 | FileTimeToLocalFileTime | |
KERNEL32.dll | 169 | FileTimeToSystemTime | |
KERNEL32.dll | 176 | FindAtomA | |
KERNEL32.dll | 178 | FindClose | |
KERNEL32.dll | 185 | FindFirstFileW | |
KERNEL32.dll | 192 | FindNextFileW | |
KERNEL32.dll | 204 | FlushFileBuffers | |
KERNEL32.dll | 211 | FreeConsole | |
KERNEL32.dll | 221 | GetAtomNameA | |
KERNEL32.dll | 237 | GetCommandLineA | |
KERNEL32.dll | 255 | GetConsoleCP | |
KERNEL32.dll | 270 | GetConsoleMode | |
KERNEL32.dll | 273 | GetConsoleScreenBufferInfo | |
KERNEL32.dll | 275 | GetConsoleTitleW | |
KERNEL32.dll | 282 | GetCurrentDirectoryW | |
KERNEL32.dll | 283 | GetCurrentProcess | |
KERNEL32.dll | 284 | GetCurrentProcessId | |
KERNEL32.dll | 304 | GetEnvironmentVariableW | |
KERNEL32.dll | 311 | GetFileAttributesW | |
KERNEL32.dll | 315 | GetFileTime | |
KERNEL32.dll | 316 | GetFileType | |
KERNEL32.dll | 324 | GetLargestConsoleWindowSize | |
KERNEL32.dll | 325 | GetLastError | |
KERNEL32.dll | 326 | GetLocalTime | |
KERNEL32.dll | 331 | GetLogicalDrives | |
KERNEL32.dll | 336 | GetModuleFileNameW | |
KERNEL32.dll | 337 | GetModuleHandleA | |
KERNEL32.dll | 340 | GetModuleHandleW | |
KERNEL32.dll | 349 | GetNumberOfConsoleInputEvents | |
KERNEL32.dll | 350 | GetNumberOfConsoleMouseButtons | |
KERNEL32.dll | 364 | GetProcAddress | |
KERNEL32.dll | 367 | GetProcessHeap | |
KERNEL32.dll | 373 | GetProcessTimes | |
KERNEL32.dll | 386 | GetStartupInfoA | |
KERNEL32.dll | 388 | GetStdHandle | |
KERNEL32.dll | 398 | GetSystemInfo | |
KERNEL32.dll | 401 | GetSystemTime | |
KERNEL32.dll | 413 | GetTempFileNameW | |
KERNEL32.dll | 415 | GetTempPathW | |
KERNEL32.dll | 423 | GetTickCount | |
KERNEL32.dll | 426 | GetTimeZoneInformation | |
KERNEL32.dll | 434 | GetVersionExW | |
KERNEL32.dll | 436 | GetVolumeInformationW | |
KERNEL32.dll | 448 | GlobalAlloc | |
KERNEL32.dll | 459 | GlobalLock | |
KERNEL32.dll | 460 | GlobalMemoryStatus | |
KERNEL32.dll | 464 | GlobalSize | |
KERNEL32.dll | 467 | GlobalUnlock | |
KERNEL32.dll | 473 | HeapAlloc | |
KERNEL32.dll | 479 | HeapFree | |
KERNEL32.dll | 492 | InitializeCriticalSection | |
KERNEL32.dll | 497 | InterlockedExchange | |
KERNEL32.dll | 507 | IsBadReadPtr | |
KERNEL32.dll | 510 | IsBadWritePtr | |
KERNEL32.dll | 512 | IsDBCSLeadByteEx | |
KERNEL32.dll | 523 | LeaveCriticalSection | |
KERNEL32.dll | 532 | LocalFileTimeToFileTime | |
KERNEL32.dll | 541 | LockFile | |
KERNEL32.dll | 542 | LockFileEx | |
KERNEL32.dll | 556 | MoveFileW | |
KERNEL32.dll | 560 | MultiByteToWideChar | |
KERNEL32.dll | 582 | PeekNamedPipe | |
KERNEL32.dll | 608 | ReadConsoleInputW | |
KERNEL32.dll | 613 | ReadConsoleOutputW | |
KERNEL32.dll | 616 | ReadFile | |
KERNEL32.dll | 632 | RemoveDirectoryW | |
KERNEL32.dll | 662 | SetConsoleCP | |
KERNEL32.dll | 664 | SetConsoleCtrlHandler | |
KERNEL32.dll | 666 | SetConsoleCursorInfo | |
KERNEL32.dll | 667 | SetConsoleCursorPosition | |
KERNEL32.dll | 677 | SetConsoleMode | |
KERNEL32.dll | 680 | SetConsoleOutputCP | |
KERNEL32.dll | 682 | SetConsoleScreenBufferSize | |
KERNEL32.dll | 685 | SetConsoleTitleW | |
KERNEL32.dll | 686 | SetConsoleWindowInfo | |
KERNEL32.dll | 689 | SetCurrentDirectoryW | |
KERNEL32.dll | 694 | SetEndOfFile | |
KERNEL32.dll | 696 | SetEnvironmentVariableW | |
KERNEL32.dll | 697 | SetErrorMode | |
KERNEL32.dll | 702 | SetFileAttributesW | |
KERNEL32.dll | 703 | SetFilePointer | |
KERNEL32.dll | 707 | SetFileTime | |
KERNEL32.dll | 739 | SetUnhandledExceptionFilter | |
KERNEL32.dll | 751 | Sleep | |
KERNEL32.dll | 756 | SystemTimeToFileTime | |
KERNEL32.dll | 774 | UnlockFile | |
KERNEL32.dll | 775 | UnlockFileEx | |
KERNEL32.dll | 790 | VirtualAlloc | |
KERNEL32.dll | 794 | VirtualFree | |
KERNEL32.dll | 801 | VirtualQuery | |
KERNEL32.dll | 814 | WideCharToMultiByte | |
KERNEL32.dll | 825 | WriteConsoleOutputW | |
KERNEL32.dll | 827 | WriteFile | |
msvcrt.dll | 55 | __getmainargs | |
msvcrt.dll | 61 | __lc_codepage | |
msvcrt.dll | 65 | __mb_cur_max | |
msvcrt.dll | 77 | __p__environ | |
msvcrt.dll | 79 | __p__fmode | |
msvcrt.dll | 99 | __set_app_type | |
msvcrt.dll | 137 | _assert | |
msvcrt.dll | 147 | _cexit | |
msvcrt.dll | 182 | _errno | |
msvcrt.dll | 266 | _iob | |
msvcrt.dll | 383 | _onexit | |
msvcrt.dll | 426 | _setmode | |
msvcrt.dll | 583 | abort | |
msvcrt.dll | 590 | atexit | |
msvcrt.dll | 592 | atoi | |
msvcrt.dll | 596 | ceil | |
msvcrt.dll | 604 | exit | |
msvcrt.dll | 605 | exp | |
msvcrt.dll | 607 | fclose | |
msvcrt.dll | 617 | fmod | |
msvcrt.dll | 618 | fopen | |
msvcrt.dll | 619 | fprintf | |
msvcrt.dll | 620 | fputc | |
msvcrt.dll | 621 | fputs | |
msvcrt.dll | 625 | free | |
msvcrt.dll | 633 | fwrite | |
msvcrt.dll | 637 | getenv | |
msvcrt.dll | 671 | localeconv | |
msvcrt.dll | 673 | log | |
msvcrt.dll | 676 | malloc | |
msvcrt.dll | 680 | memchr | |
msvcrt.dll | 681 | memcmp | |
msvcrt.dll | 683 | memmove | |
msvcrt.dll | 684 | memset | |
msvcrt.dll | 686 | modf | |
msvcrt.dll | 688 | pow | |
msvcrt.dll | 697 | rand | |
msvcrt.dll | 706 | signal | |
msvcrt.dll | 710 | sqrt | |
msvcrt.dll | 711 | srand | |
msvcrt.dll | 714 | strchr | |
msvcrt.dll | 715 | strcmp | |
msvcrt.dll | 721 | strlen | |
msvcrt.dll | 723 | strncmp | |
msvcrt.dll | 726 | strrchr | |
msvcrt.dll | 761 | wcslen | |
USER32.dll | 7 | AppendMenuW | |
USER32.dll | 11 | BeginPaint | |
USER32.dll | 61 | CloseClipboard | |
USER32.dll | 73 | CreateCaret | |
USER32.dll | 90 | CreateWindowExW | |
USER32.dll | 134 | DefWindowProcW | |
USER32.dll | 139 | DestroyCaret | |
USER32.dll | 141 | DestroyIcon | |
USER32.dll | 143 | DestroyWindow | |
USER32.dll | 149 | DispatchMessageW | |
USER32.dll | 176 | EmptyClipboard | |
USER32.dll | 177 | EnableMenuItem | |
USER32.dll | 183 | EndPaint | |
USER32.dll | 208 | FillRect | |
USER32.dll | 215 | FrameRect | |
USER32.dll | 224 | GetCaretBlinkTime | |
USER32.dll | 235 | GetClientRect | |
USER32.dll | 237 | GetClipboardData | |
USER32.dll | 247 | GetDC | |
USER32.dll | 249 | GetDesktopWindow | |
USER32.dll | 267 | GetKeyState | |
USER32.dll | 272 | GetKeyboardState | |
USER32.dll | 289 | GetMenuState | |
USER32.dll | 324 | GetSystemMenu | |
USER32.dll | 325 | GetSystemMetrics | |
USER32.dll | 331 | GetUpdateRect | |
USER32.dll | 341 | GetWindowLongW | |
USER32.dll | 346 | GetWindowRect | |
USER32.dll | 356 | HideCaret | |
USER32.dll | 368 | InvalidateRect | |
USER32.dll | 380 | IsClipboardFormatAvailable | |
USER32.dll | 395 | IsZoomed | |
USER32.dll | 405 | LoadCursorW | |
USER32.dll | 407 | LoadIconW | |
USER32.dll | 409 | LoadImageW | |
USER32.dll | 438 | ModifyMenuW | |
USER32.dll | 452 | OpenClipboard | |
USER32.dll | 462 | PeekMessageW | |
USER32.dll | 475 | RedrawWindow | |
USER32.dll | 479 | RegisterClassW | |
USER32.dll | 490 | ReleaseDC | |
USER32.dll | 511 | SendNotifyMessageW | |
USER32.dll | 514 | SetCaretBlinkTime | |
USER32.dll | 515 | SetCaretPos | |
USER32.dll | 519 | SetClipboardData | |
USER32.dll | 531 | SetKeyboardState | |
USER32.dll | 548 | SetRect | |
USER32.dll | 566 | SetWindowLongW | |
USER32.dll | 568 | SetWindowPos | |
USER32.dll | 571 | SetWindowTextW | |
USER32.dll | 577 | ShowCaret | |
USER32.dll | 581 | ShowWindow | |
USER32.dll | 588 | SystemParametersInfoW | |
USER32.dll | 604 | TranslateMessage | |
USER32.dll | 612 | UnregisterClassW | |
USER32.dll | 617 | UpdateWindow |
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
everything is OK