Malaysia Honeynet Project // Malware Database (Beta)

my-honeynet.org / list stats search
Hash 278be7fa295e231de82f9d7f15dd9cd4
First seen 2006-10-28T04:34:46
Last seen 2006-12-17T20:00:57
Filetype MS-DOS executable PE for MS Windows (GUI) Intel 80386 32-bit
Mimetype application/x-dosexec
Size 136192
Hits 3
Clamav Trojan.Dropper.Delf-202 FOUND No Virus Found
F-Prot is a security risk named W32/Sdbot.NRM No Virus Found
Antivir WORM/Rbot.aeu.79 No Virus Found
AVG Trojan.Dropper.Delf-202 FOUND No Virus Found
Objdump 
binaries/278be7fa295e231de82f9d7f15dd9cd4:     file format efi-app-ia32
binaries/278be7fa295e231de82f9d7f15dd9cd4
architecture: i386, flags 0x0000010b:
HAS_RELOC, EXEC_P, HAS_DEBUG, D_PAGED
start address 0x00000000100039d9

Characteristics 0x818e
	executable
	line numbers stripped
	symbols stripped
	little endian
	32 bit words
	big endian

Time/Date		Sat Jun 20 06:22:17 1992

ImageBase		0000000010000000
SectionAlignment	0000000000001000
FileAlignment		0000000000000200
MajorOSystemVersion	4
MinorOSystemVersion	0
MajorImageVersion	0
MinorImageVersion	0
MajorSubsystemVersion	4
MinorSubsystemVersion	0
Win32Version		00000000
SizeOfImage		00027000
SizeOfHeaders		00000400
CheckSum		0002b0d8
Subsystem		00000002	(Windows GUI)
DllCharacteristics	00000000
SizeOfStackReserve	0000000000100000
SizeOfStackCommit	0000000000004000
SizeOfHeapReserve	0000000000100000
SizeOfHeapCommit	0000000000001000
LoaderFlags		00000000
NumberOfRvaAndSizes	00000010

The Data Directory
Entry 0 0000000000000000 00000000 Export Directory [.edata (or where ever we found it)]
Entry 1 0000000000006000 0000046e Import Directory [parts of .idata]
Entry 2 000000000000a000 0001c934 Resource Directory [.rsrc]
Entry 3 0000000000000000 00000000 Exception Directory [.pdata]
Entry 4 0000000000000000 00000000 Security Directory
Entry 5 0000000000009000 0000032c Base Relocation Directory [.reloc]
Entry 6 0000000000000000 00000000 Debug Directory
Entry 7 0000000000000000 00000000 Description Directory
Entry 8 0000000000000000 00000000 Special Directory
Entry 9 0000000000008000 00000018 Thread Storage Directory [.tls]
Entry a 0000000000000000 00000000 Load Configuration Directory
Entry b 0000000000000000 00000000 Bound Import Directory
Entry c 0000000000000000 00000000 Import Address Table Directory
Entry d 0000000000000000 00000000 Delay Import Directory
Entry e 0000000000000000 00000000 CLR Runtime Header
Entry f 0000000000000000 00000000 Reserved

There is an import table in .idata at 0x10006000

The Import Tables (interpreted .idata section contents)
 vma:            Hint    Time      Forward  DLL       First
                 Table   Stamp     Chain    Name      Thunk
 00006000	00000000 00000000 00000000 00006138 00006078

	DLL Name: kernel32.dll

 00006014	00000000 00000000 00000000 000062a4 000060c8

	DLL Name: user32.dll

 00006028	00000000 00000000 00000000 000062dc 000060d8

	DLL Name: advapi32.dll

 0000603c	00000000 00000000 00000000 0000631c 000060e8

	DLL Name: kernel32.dll

 00006050	00000000 00000000 00000000 00006368 000060fc

	DLL Name: kernel32.dll

 00006064	00000000 00000000 00000000 00000000 00000000


PE File Base Relocations (interpreted .reloc section contents)

Virtual Address: 00001000 Chunk size 288 (0x120) Number of fixups 140
	reloc    0 offset    2 [1002] HIGHLOW
	reloc    1 offset    a [100a] HIGHLOW
	reloc    2 offset   12 [1012] HIGHLOW
	reloc    3 offset   1a [101a] HIGHLOW
	reloc    4 offset   22 [1022] HIGHLOW
	reloc    5 offset   2a [102a] HIGHLOW
	reloc    6 offset   32 [1032] HIGHLOW
	reloc    7 offset   3a [103a] HIGHLOW
	reloc    8 offset   42 [1042] HIGHLOW
	reloc    9 offset   4a [104a] HIGHLOW
	reloc   10 offset   52 [1052] HIGHLOW
	reloc   11 offset   5a [105a] HIGHLOW
	reloc   12 offset   62 [1062] HIGHLOW
	reloc   13 offset   6a [106a] HIGHLOW
	reloc   14 offset   72 [1072] HIGHLOW
	reloc   15 offset   7a [107a] HIGHLOW
	reloc   16 offset   a6 [10a6] HIGHLOW
	reloc   17 offset   ae [10ae] HIGHLOW
	reloc   18 offset   b6 [10b6] HIGHLOW
	reloc   19 offset   be [10be] HIGHLOW
	reloc   20 offset   c6 [10c6] HIGHLOW
	reloc   21 offset   ce [10ce] HIGHLOW
	reloc   22 offset   d6 [10d6] HIGHLOW
	reloc   23 offset   de [10de] HIGHLOW
	reloc   24 offset   e7 [10e7] HIGHLOW
	reloc   25 offset  108 [1108] HIGHLOW
	reloc   26 offset  110 [1110] HIGHLOW
	reloc   27 offset  178 [1178] HIGHLOW
	reloc   28 offset  17f [117f] HIGHLOW
	reloc   29 offset  2c7 [12c7] HIGHLOW
	reloc   30 offset  33e [133e] HIGHLOW
	reloc   31 offset  38d [138d] HIGHLOW
	reloc   32 offset  3d3 [13d3] HIGHLOW
	reloc   33 offset  3e6 [13e6] HIGHLOW
	reloc   34 offset  45c [145c] HIGHLOW
	reloc   35 offset  4a0 [14a0] HIGHLOW
	reloc   36 offset  4e1 [14e1] HIGHLOW
	reloc   37 offset  515 [1515] HIGHLOW
	reloc   38 offset  521 [1521] HIGHLOW
	reloc   39 offset  53c [153c] HIGHLOW
	reloc   40 offset  5cf [15cf] HIGHLOW
	reloc   41 offset  71e [171e] HIGHLOW
	reloc   42 offset  75a [175a] HIGHLOW
	reloc   43 offset  777 [1777] HIGHLOW
	reloc   44 offset  782 [1782] HIGHLOW
	reloc   45 offset  78d [178d] HIGHLOW
	reloc   46 offset  795 [1795] HIGHLOW
	reloc   47 offset  79f [179f] HIGHLOW
	reloc   48 offset  7a9 [17a9] HIGHLOW
	reloc   49 offset  7b3 [17b3] HIGHLOW
	reloc   50 offset  7c9 [17c9] HIGHLOW
	reloc   51 offset  7cf [17cf] HIGHLOW
	reloc   52 offset  7dd [17dd] HIGHLOW
	reloc   53 offset  7f0 [17f0] HIGHLOW
	reloc   54 offset  7fa [17fa] HIGHLOW
	reloc   55 offset  800 [1800] HIGHLOW
	reloc   56 offset  80e [180e] HIGHLOW
	reloc   57 offset  814 [1814] HIGHLOW
	reloc   58 offset  81c [181c] HIGHLOW
	reloc   59 offset  82e [182e] HIGHLOW
	reloc   60 offset  83a [183a] HIGHLOW
	reloc   61 offset  849 [1849] HIGHLOW
	reloc   62 offset  855 [1855] HIGHLOW
	reloc   63 offset  85d [185d] HIGHLOW
	reloc   64 offset  868 [1868] HIGHLOW
	reloc   65 offset  86e [186e] HIGHLOW
	reloc   66 offset  87b [187b] HIGHLOW
	reloc   67 offset  881 [1881] HIGHLOW
	reloc   68 offset  89b [189b] HIGHLOW
	reloc   69 offset  8a2 [18a2] HIGHLOW
	reloc   70 offset  8ac [18ac] HIGHLOW
	reloc   71 offset  8b6 [18b6] HIGHLOW
	reloc   72 offset  8c0 [18c0] HIGHLOW
	reloc   73 offset  8cc [18cc] HIGHLOW
	reloc   74 offset  8d7 [18d7] HIGHLOW
	reloc   75 offset  8e8 [18e8] HIGHLOW
	reloc   76 offset  8ee [18ee] HIGHLOW
	reloc   77 offset  8f6 [18f6] HIGHLOW
	reloc   78 offset  900 [1900] HIGHLOW
	reloc   79 offset  917 [1917] HIGHLOW
	reloc   80 offset  922 [1922] HIGHLOW
	reloc   81 offset  943 [1943] HIGHLOW
	reloc   82 offset  95b [195b] HIGHLOW
	reloc   83 offset  97a [197a] HIGHLOW
	reloc   84 offset  992 [1992] HIGHLOW
	reloc   85 offset  99a [199a] HIGHLOW
	reloc   86 offset  9da [19da] HIGHLOW
	reloc   87 offset  9f0 [19f0] HIGHLOW
	reloc   88 offset  a3f [1a3f] HIGHLOW
	reloc   89 offset  a5f [1a5f] HIGHLOW
	reloc   90 offset  a7d [1a7d] HIGHLOW
	reloc   91 offset  ba7 [1ba7] HIGHLOW
	reloc   92 offset  bb4 [1bb4] HIGHLOW
	reloc   93 offset  be7 [1be7] HIGHLOW
	reloc   94 offset  bed [1bed] HIGHLOW
	reloc   95 offset  c06 [1c06] HIGHLOW
	reloc   96 offset  c0f [1c0f] HIGHLOW
	reloc   97 offset  c18 [1c18] HIGHLOW
	reloc   98 offset  c23 [1c23] HIGHLOW
	reloc   99 offset  c2c [1c2c] HIGHLOW
	reloc  100 offset  c33 [1c33] HIGHLOW
	reloc  101 offset  c42 [1c42] HIGHLOW
	reloc  102 offset  c49 [1c49] HIGHLOW
	reloc  103 offset  c6b [1c6b] HIGHLOW
	reloc  104 offset  cc4 [1cc4] HIGHLOW
	reloc  105 offset  ccc [1ccc] HIGHLOW
	reloc  106 offset  d51 [1d51] HIGHLOW
	reloc  107 offset  d6f [1d6f] HIGHLOW
	reloc  108 offset  d74 [1d74] HIGHLOW
	reloc  109 offset  d7a [1d7a] HIGHLOW
	reloc  110 offset  de6 [1de6] HIGHLOW
	reloc  111 offset  dec [1dec] HIGHLOW
	reloc  112 offset  dfc [1dfc] HIGHLOW
	reloc  113 offset  e05 [1e05] HIGHLOW
	reloc  114 offset  e4a [1e4a] HIGHLOW
	reloc  115 offset  e53 [1e53] HIGHLOW
	reloc  116 offset  e69 [1e69] HIGHLOW
	reloc  117 offset  e8f [1e8f] HIGHLOW
	reloc  118 offset  e9b [1e9b] HIGHLOW
	reloc  119 offset  ea3 [1ea3] HIGHLOW
	reloc  120 offset  ed6 [1ed6] HIGHLOW
	reloc  121 offset  f00 [1f00] HIGHLOW
	reloc  122 offset  f1a [1f1a] HIGHLOW
	reloc  123 offset  f44 [1f44] HIGHLOW
	reloc  124 offset  f4d [1f4d] HIGHLOW
	reloc  125 offset  f5d [1f5d] HIGHLOW
	reloc  126 offset  f65 [1f65] HIGHLOW
	reloc  127 offset  f6b [1f6b] HIGHLOW
	reloc  128 offset  f74 [1f74] HIGHLOW
	reloc  129 offset  f7b [1f7b] HIGHLOW
	reloc  130 offset  f80 [1f80] HIGHLOW
	reloc  131 offset  f86 [1f86] HIGHLOW
	reloc  132 offset  f99 [1f99] HIGHLOW
	reloc  133 offset  fa2 [1fa2] HIGHLOW
	reloc  134 offset  fc0 [1fc0] HIGHLOW
	reloc  135 offset  fc6 [1fc6] HIGHLOW
	reloc  136 offset  fce [1fce] HIGHLOW
	reloc  137 offset  ff8 [1ff8] HIGHLOW
	reloc  138 offset  ffe [1ffe] HIGHLOW
	reloc  139 offset    0 [1000] ABSOLUTE

Virtual Address: 00002000 Chunk size 272 (0x110) Number of fixups 132
	reloc    0 offset   10 [2010] HIGHLOW
	reloc    1 offset   28 [2028] HIGHLOW
	reloc    2 offset   34 [2034] HIGHLOW
	reloc    3 offset   3c [203c] HIGHLOW
	reloc    4 offset   53 [2053] HIGHLOW
	reloc    5 offset   62 [2062] HIGHLOW
	reloc    6 offset   72 [2072] HIGHLOW
	reloc    7 offset   92 [2092] HIGHLOW
	reloc    8 offset   aa [20aa] HIGHLOW
	reloc    9 offset   ce [20ce] HIGHLOW
	reloc   10 offset   d6 [20d6] HIGHLOW
	reloc   11 offset   dc [20dc] HIGHLOW
	reloc   12 offset   e2 [20e2] HIGHLOW
	reloc   13 offset  114 [2114] HIGHLOW
	reloc   14 offset  138 [2138] HIGHLOW
	reloc   15 offset  156 [2156] HIGHLOW
	reloc   16 offset  166 [2166] HIGHLOW
	reloc   17 offset  16c [216c] HIGHLOW
	reloc   18 offset  174 [2174] HIGHLOW
	reloc   19 offset  1ce [21ce] HIGHLOW
	reloc   20 offset  1d9 [21d9] HIGHLOW
	reloc   21 offset  1e2 [21e2] HIGHLOW
	reloc   22 offset  1e8 [21e8] HIGHLOW
	reloc   23 offset  1f8 [21f8] HIGHLOW
	reloc   24 offset  201 [2201] HIGHLOW
	reloc   25 offset  252 [2252] HIGHLOW
	reloc   26 offset  259 [2259] HIGHLOW
	reloc   27 offset  269 [2269] HIGHLOW
	reloc   28 offset  273 [2273] HIGHLOW
	reloc   29 offset  279 [2279] HIGHLOW
	reloc   30 offset  281 [2281] HIGHLOW
	reloc   31 offset  287 [2287] HIGHLOW
	reloc   32 offset  28d [228d] HIGHLOW
	reloc   33 offset  294 [2294] HIGHLOW
	reloc   34 offset  29e [229e] HIGHLOW
	reloc   35 offset  345 [2345] HIGHLOW
	reloc   36 offset  36d [236d] HIGHLOW
	reloc   37 offset  38b [238b] HIGHLOW
	reloc   38 offset  397 [2397] HIGHLOW
	reloc   39 offset  39f [239f] HIGHLOW
	reloc   40 offset  3f9 [23f9] HIGHLOW
	reloc   41 offset  3ff [23ff] HIGHLOW
	reloc   42 offset  407 [2407] HIGHLOW
	reloc   43 offset  42b [242b] HIGHLOW
	reloc   44 offset  44b [244b] HIGHLOW
	reloc   45 offset  473 [2473] HIGHLOW
	reloc   46 offset  48c [248c] HIGHLOW
	reloc   47 offset  4a5 [24a5] HIGHLOW
	reloc   48 offset  4b6 [24b6] HIGHLOW
	reloc   49 offset  4cb [24cb] HIGHLOW
	reloc   50 offset  4d8 [24d8] HIGHLOW
	reloc   51 offset  4f8 [24f8] HIGHLOW
	reloc   52 offset  6f5 [26f5] HIGHLOW
	reloc   53 offset  72e [272e] HIGHLOW
	reloc   54 offset  76d [276d] HIGHLOW
	reloc   55 offset  77d [277d] HIGHLOW
	reloc   56 offset  793 [2793] HIGHLOW
	reloc   57 offset  7b1 [27b1] HIGHLOW
	reloc   58 offset  7c7 [27c7] HIGHLOW
	reloc   59 offset  7de [27de] HIGHLOW
	reloc   60 offset  7f3 [27f3] HIGHLOW
	reloc   61 offset  82d [282d] HIGHLOW
	reloc   62 offset  842 [2842] HIGHLOW
	reloc   63 offset  856 [2856] HIGHLOW
	reloc   64 offset  85e [285e] HIGHLOW
	reloc   65 offset  874 [2874] HIGHLOW
	reloc   66 offset  88c [288c] HIGHLOW
	reloc   67 offset  89a [289a] HIGHLOW
	reloc   68 offset  8ce [28ce] HIGHLOW
	reloc   69 offset  8ea [28ea] HIGHLOW
	reloc   70 offset  8f6 [28f6] HIGHLOW
	reloc   71 offset  90a [290a] HIGHLOW
	reloc   72 offset  914 [2914] HIGHLOW
	reloc   73 offset  927 [2927] HIGHLOW
	reloc   74 offset  957 [2957] HIGHLOW
	reloc   75 offset  984 [2984] HIGHLOW
	reloc   76 offset  98d [298d] HIGHLOW
	reloc   77 offset  9bf [29bf] HIGHLOW
	reloc   78 offset  9c8 [29c8] HIGHLOW
	reloc   79 offset  9fd [29fd] HIGHLOW
	reloc   80 offset  a04 [2a04] HIGHLOW
	reloc   81 offset  a26 [2a26] HIGHLOW
	reloc   82 offset  a73 [2a73] HIGHLOW
	reloc   83 offset  a9b [2a9b] HIGHLOW
	reloc   84 offset  be3 [2be3] HIGHLOW
	reloc   85 offset  c0b [2c0b] HIGHLOW
	reloc   86 offset  c12 [2c12] HIGHLOW
	reloc   87 offset  c2a [2c2a] HIGHLOW
	reloc   88 offset  c4c [2c4c] HIGHLOW
	reloc   89 offset  c80 [2c80] HIGHLOW
	reloc   90 offset  c88 [2c88] HIGHLOW
	reloc   91 offset  c93 [2c93] HIGHLOW
	reloc   92 offset  cbf [2cbf] HIGHLOW
	reloc   93 offset  cd4 [2cd4] HIGHLOW
	reloc   94 offset  d1f [2d1f] HIGHLOW
	reloc   95 offset  d32 [2d32] HIGHLOW
	reloc   96 offset  d46 [2d46] HIGHLOW
	reloc   97 offset  d7a [2d7a] HIGHLOW
	reloc   98 offset  d7e [2d7e] HIGHLOW
	reloc   99 offset  d84 [2d84] HIGHLOW
	reloc  100 offset  d88 [2d88] HIGHLOW
	reloc  101 offset  d8d [2d8d] HIGHLOW
	reloc  102 offset  d94 [2d94] HIGHLOW
	reloc  103 offset  d9a [2d9a] HIGHLOW
	reloc  104 offset  da2 [2da2] HIGHLOW
	reloc  105 offset  dad [2dad] HIGHLOW
	reloc  106 offset  dbc [2dbc] HIGHLOW
	reloc  107 offset  dc4 [2dc4] HIGHLOW
	reloc  108 offset  df0 [2df0] HIGHLOW
	reloc  109 offset  dfb [2dfb] HIGHLOW
	reloc  110 offset  e18 [2e18] HIGHLOW
	reloc  111 offset  e22 [2e22] HIGHLOW
	reloc  112 offset  e47 [2e47] HIGHLOW
	reloc  113 offset  e51 [2e51] HIGHLOW
	reloc  114 offset  e5b [2e5b] HIGHLOW
	reloc  115 offset  e63 [2e63] HIGHLOW
	reloc  116 offset  e69 [2e69] HIGHLOW
	reloc  117 offset  e77 [2e77] HIGHLOW
	reloc  118 offset  e92 [2e92] HIGHLOW
	reloc  119 offset  ea7 [2ea7] HIGHLOW
	reloc  120 offset  eb1 [2eb1] HIGHLOW
	reloc  121 offset  eb6 [2eb6] HIGHLOW
	reloc  122 offset  ed5 [2ed5] HIGHLOW
	reloc  123 offset  eda [2eda] HIGHLOW
	reloc  124 offset  edf [2edf] HIGHLOW
	reloc  125 offset  f01 [2f01] HIGHLOW
	reloc  126 offset  f15 [2f15] HIGHLOW
	reloc  127 offset  f7a [2f7a] HIGHLOW
	reloc  128 offset  f83 [2f83] HIGHLOW
	reloc  129 offset  fa9 [2fa9] HIGHLOW
	reloc  130 offset  fb6 [2fb6] HIGHLOW
	reloc  131 offset    0 [2000] ABSOLUTE

Virtual Address: 00003000 Chunk size 216 (0xd8) Number of fixups 104
	reloc    0 offset   47 [3047] HIGHLOW
	reloc    1 offset   d1 [30d1] HIGHLOW
	reloc    2 offset   da [30da] HIGHLOW
	reloc    3 offset   e5 [30e5] HIGHLOW
	reloc    4 offset   ea [30ea] HIGHLOW
	reloc    5 offset  105 [3105] HIGHLOW
	reloc    6 offset  116 [3116] HIGHLOW
	reloc    7 offset  156 [3156] HIGHLOW
	reloc    8 offset  15d [315d] HIGHLOW
	reloc    9 offset  16f [316f] HIGHLOW
	reloc   10 offset  18d [318d] HIGHLOW
	reloc   11 offset  196 [3196] HIGHLOW
	reloc   12 offset  1a2 [31a2] HIGHLOW
	reloc   13 offset  1a9 [31a9] HIGHLOW
	reloc   14 offset  1e4 [31e4] HIGHLOW
	reloc   15 offset  1f3 [31f3] HIGHLOW
	reloc   16 offset  1ff [31ff] HIGHLOW
	reloc   17 offset  206 [3206] HIGHLOW
	reloc   18 offset  210 [3210] HIGHLOW
	reloc   19 offset  21a [321a] HIGHLOW
	reloc   20 offset  231 [3231] HIGHLOW
	reloc   21 offset  242 [3242] HIGHLOW
	reloc   22 offset  24b [324b] HIGHLOW
	reloc   23 offset  252 [3252] HIGHLOW
	reloc   24 offset  259 [3259] HIGHLOW
	reloc   25 offset  25d [325d] HIGHLOW
	reloc   26 offset  277 [3277] HIGHLOW
	reloc   27 offset  280 [3280] HIGHLOW
	reloc   28 offset  289 [3289] HIGHLOW
	reloc   29 offset  29a [329a] HIGHLOW
	reloc   30 offset  2a4 [32a4] HIGHLOW
	reloc   31 offset  2ae [32ae] HIGHLOW
	reloc   32 offset  2b6 [32b6] HIGHLOW
	reloc   33 offset  2be [32be] HIGHLOW
	reloc   34 offset  2c6 [32c6] HIGHLOW
	reloc   35 offset  2ce [32ce] HIGHLOW
	reloc   36 offset  2f6 [32f6] HIGHLOW
	reloc   37 offset  320 [3320] HIGHLOW
	reloc   38 offset  32e [332e] HIGHLOW
	reloc   39 offset  333 [3333] HIGHLOW
	reloc   40 offset  34c [334c] HIGHLOW
	reloc   41 offset  35c [335c] HIGHLOW
	reloc   42 offset  36d [336d] HIGHLOW
	reloc   43 offset  37e [337e] HIGHLOW
	reloc   44 offset  38a [338a] HIGHLOW
	reloc   45 offset  38f [338f] HIGHLOW
	reloc   46 offset  394 [3394] HIGHLOW
	reloc   47 offset  39b [339b] HIGHLOW
	reloc   48 offset  3a2 [33a2] HIGHLOW
	reloc   49 offset  3ac [33ac] HIGHLOW
	reloc   50 offset  3c3 [33c3] HIGHLOW
	reloc   51 offset  3cf [33cf] HIGHLOW
	reloc   52 offset  3dc [33dc] HIGHLOW
	reloc   53 offset  3ee [33ee] HIGHLOW
	reloc   54 offset  3fb [33fb] HIGHLOW
	reloc   55 offset  407 [3407] HIGHLOW
	reloc   56 offset  414 [3414] HIGHLOW
	reloc   57 offset  426 [3426] HIGHLOW
	reloc   58 offset  42e [342e] HIGHLOW
	reloc   59 offset  436 [3436] HIGHLOW
	reloc   60 offset  43e [343e] HIGHLOW
	reloc   61 offset  446 [3446] HIGHLOW
	reloc   62 offset  44e [344e] HIGHLOW
	reloc   63 offset  456 [3456] HIGHLOW
	reloc   64 offset  45e [345e] HIGHLOW
	reloc   65 offset  466 [3466] HIGHLOW
	reloc   66 offset  46e [346e] HIGHLOW
	reloc   67 offset  476 [3476] HIGHLOW
	reloc   68 offset  47e [347e] HIGHLOW
	reloc   69 offset  486 [3486] HIGHLOW
	reloc   70 offset  48e [348e] HIGHLOW
	reloc   71 offset  496 [3496] HIGHLOW
	reloc   72 offset  4b3 [34b3] HIGHLOW
	reloc   73 offset  4bf [34bf] HIGHLOW
	reloc   74 offset  4cc [34cc] HIGHLOW
	reloc   75 offset  4de [34de] HIGHLOW
	reloc   76 offset  5b7 [35b7] HIGHLOW
	reloc   77 offset  5e7 [35e7] HIGHLOW
	reloc   78 offset  7fc [37fc] HIGHLOW
	reloc   79 offset  81b [381b] HIGHLOW
	reloc   80 offset  84d [384d] HIGHLOW
	reloc   81 offset  85a [385a] HIGHLOW
	reloc   82 offset  85f [385f] HIGHLOW
	reloc   83 offset  871 [3871] HIGHLOW
	reloc   84 offset  883 [3883] HIGHLOW
	reloc   85 offset  8c6 [38c6] HIGHLOW
	reloc   86 offset  8e6 [38e6] HIGHLOW
	reloc   87 offset  913 [3913] HIGHLOW
	reloc   88 offset  926 [3926] HIGHLOW
	reloc   89 offset  938 [3938] HIGHLOW
	reloc   90 offset  93c [393c] HIGHLOW
	reloc   91 offset  940 [3940] HIGHLOW
	reloc   92 offset  944 [3944] HIGHLOW
	reloc   93 offset  948 [3948] HIGHLOW
	reloc   94 offset  94c [394c] HIGHLOW
	reloc   95 offset  950 [3950] HIGHLOW
	reloc   96 offset  954 [3954] HIGHLOW
	reloc   97 offset  958 [3958] HIGHLOW
	reloc   98 offset  960 [3960] HIGHLOW
	reloc   99 offset  96d [396d] HIGHLOW
	reloc  100 offset  995 [3995] HIGHLOW
	reloc  101 offset  99c [399c] HIGHLOW
	reloc  102 offset  9ae [39ae] HIGHLOW
	reloc  103 offset  9b3 [39b3] HIGHLOW

Virtual Address: 00004000 Chunk size 16 (0x10) Number of fixups 4
	reloc    0 offset   24 [4024] HIGHLOW
	reloc    1 offset   28 [4028] HIGHLOW
	reloc    2 offset   2c [402c] HIGHLOW
	reloc    3 offset    0 [4000] ABSOLUTE

Virtual Address: 00008000 Chunk size 20 (0x14) Number of fixups 6
	reloc    0 offset    0 [8000] HIGHLOW
	reloc    1 offset    4 [8004] HIGHLOW
	reloc    2 offset    8 [8008] HIGHLOW
	reloc    3 offset    c [800c] HIGHLOW
	reloc    4 offset    0 [8000] ABSOLUTE
	reloc    5 offset    0 [8000] ABSOLUTE

Sections:
Idx Name          Size      VMA               LMA               File off  Algn
  0 CODE          000029d8  0000000010001000  0000000010001000  00000400  2**2
                  CONTENTS, ALLOC, LOAD, CODE
  1 DATA          0000009c  0000000010004000  0000000010004000  00002e00  2**2
                  CONTENTS, ALLOC, LOAD, CODE, DATA
  2 BSS           00000000  0000000010005000  0000000010005000  00003000  2**2
                  CONTENTS
  3 .idata        0000046e  0000000010006000  0000000010006000  00003000  2**2
                  CONTENTS, ALLOC, LOAD, DATA
  4 .tls          00000000  0000000010007000  0000000010007000  00003600  2**2
                  CONTENTS
  5 .rdata        00000018  0000000010008000  0000000010008000  00003600  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA, SHARED
  6 .reloc        0000032c  0000000010009000  0000000010009000  00003800  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA, SHARED
  7 .rsrc         0001c934  000000001000a000  000000001000a000  00003c00  2**2
                  CONTENTS, ALLOC, LOAD, READONLY, DATA, SHARED
SYMBOL TABLE:
no symbols
© 2007 Malaysia Honeynet Project. Data captured using nepenthes. Frontend coded by spoonfork.